admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-09-29T14:00:24.671501+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-09-29 14:00:28 +00:00
parent e89378aa01
commit 303b7ade28
47 changed files with 1025 additions and 135 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
CVE-2021/CVE-2021-32xx/CVE-2021-3246.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-3246",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-07-20T15:15:11.053",
"lastModified": "2021-09-21T16:31:19.560",
"vulnStatus": "Analyzed",
"lastModified": "2023-09-29T13:15:09.670",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -166,6 +166,10 @@
"Third Party Advisory"
]
},
{
"url": "https://security.gentoo.org/glsa/202309-11",
"source": "cve@mitre.org"
},
{
"url": "https://www.debian.org/security/2021/dsa-4947",
"source": "cve@mitre.org",

8
CVE-2021/CVE-2021-41xx/CVE-2021-4156.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-4156",
"sourceIdentifier": "secalert@redhat.com",
"published": "2022-03-23T20:15:10.097",
"lastModified": "2023-01-05T19:42:55.817",
"vulnStatus": "Analyzed",
"lastModified": "2023-09-29T13:15:09.833",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -164,6 +164,10 @@
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://security.gentoo.org/glsa/202309-11",
"source": "secalert@redhat.com"
}
]
}

16
CVE-2022/CVE-2022-200xx/CVE-2022-20001.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-20001",
"sourceIdentifier": "security-advisories@github.com",
"published": "2022-03-14T19:15:11.997",
"lastModified": "2023-07-24T13:47:22.763",
"vulnStatus": "Analyzed",
"lastModified": "2023-09-29T13:15:09.950",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -85,22 +85,22 @@
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-427"
"value": "CWE-74"
}
]
},
{
"source": "security-advisories@github.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-74"
"value": "CWE-427"
}
]
}
@ -199,6 +199,10 @@
"Third Party Advisory"
]
},
{
"url": "https://security.gentoo.org/glsa/202309-10",
"source": "security-advisories@github.com"
},
{
"url": "https://www.debian.org/security/2022/dsa-5234",
"source": "security-advisories@github.com",

10
CVE-2023/CVE-2023-09xx/CVE-2023-0989.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-0989",
"sourceIdentifier": "cve@gitlab.com",
"published": "2023-09-29T07:15:12.520",
"lastModified": "2023-09-29T07:15:12.520",
"vulnStatus": "Received",
"lastModified": "2023-09-29T13:15:10.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An information disclosure issue in GitLab CE/EE affecting all versions prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1 allows an attacker to extract non-protected CI/CD variables by tricking a user to visit a fork with a malicious CI/CD configuration."
"value": "An information disclosure issue in GitLab CE/EE affecting all versions starting from 13.11 prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1 allows an attacker to extract non-protected CI/CD variables by tricking a user to visit a fork with a malicious CI/CD configuration."
},
{
"lang": "es",
"value": "Un problema de divulgaci\u00f3n de informaci\u00f3n en GitLab CE/EE que afecta a todas las versiones anteriores a 16.2.8, 16.3 anterior a 16.3.5 y 16.4 anterior a 16.4.1 permite a un atacante extraer variables CI/CD no protegidas enga\u00f1ando a un usuario para que visite un fork con una configuraci\u00f3n CI/CD maliciosa."
}
],
"metrics": {

8
CVE-2023/CVE-2023-22xx/CVE-2023-2233.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-2233",
"sourceIdentifier": "cve@gitlab.com",
"published": "2023-09-29T07:15:12.927",
"lastModified": "2023-09-29T07:15:12.927",
"vulnStatus": "Received",
"lastModified": "2023-09-29T12:45:33.353",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An improper authorization issue has been discovered in GitLab CE/EE affecting all versions starting from 11.8 before 16.2.8, all versions starting from 16.3 before 16.3.5 and all versions starting from 16.4 before 16.4.1. It allows a project reporter to leak the owner's Sentry instance projects."
},
{
"lang": "es",
"value": "Se descubri\u00f3 un problema de autorizaci\u00f3n incorrecta en GitLab CE/EE que afecta a todas las versiones desde 11.8 anteriores a 16.2.8, todas las versiones desde 16.3 anteriores a 16.3.5 y todas las versiones desde 16.4 anteriores a 16.4.1. Permite que un reportero de proyecto filtre los proyectos de instancia Sentry del propietario."
}
],
"metrics": {

14
CVE-2023/CVE-2023-260xx/CVE-2023-26048.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-26048",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-04-18T21:15:08.977",
"lastModified": "2023-05-26T20:15:37.117",
"lastModified": "2023-09-29T12:15:12.453",
"vulnStatus": "Modified",
"descriptions": [
{
@ -56,22 +56,22 @@
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-770"
"value": "CWE-400"
}
]
},
{
"source": "security-advisories@github.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-400"
"value": "CWE-770"
}
]
}
@ -147,6 +147,10 @@
{
"url": "https://security.netapp.com/advisory/ntap-20230526-0001/",
"source": "security-advisories@github.com"
},
{
"url": "https://www.debian.org/security/2023/dsa-5507",
"source": "security-advisories@github.com"
}
]
}

14
CVE-2023/CVE-2023-260xx/CVE-2023-26049.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-26049",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-04-18T21:15:09.043",
"lastModified": "2023-05-26T20:15:38.627",
"lastModified": "2023-09-29T12:15:12.647",
"vulnStatus": "Modified",
"descriptions": [
{
@ -56,22 +56,22 @@
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
"value": "CWE-200"
}
]
},
{
"source": "security-advisories@github.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
"value": "NVD-CWE-noinfo"
}
]
}
@ -150,6 +150,10 @@
"url": "https://security.netapp.com/advisory/ntap-20230526-0001/",
"source": "security-advisories@github.com"
},
{
"url": "https://www.debian.org/security/2023/dsa-5507",
"source": "security-advisories@github.com"
},
{
"url": "https://www.rfc-editor.org/rfc/rfc2965",
"source": "security-advisories@github.com",

8
CVE-2023/CVE-2023-261xx/CVE-2023-26146.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-26146",
"sourceIdentifier": "report@snyk.io",
"published": "2023-09-29T05:15:46.540",
"lastModified": "2023-09-29T05:15:46.540",
"vulnStatus": "Received",
"lastModified": "2023-09-29T12:45:33.353",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "All versions of the package ithewei/libhv are vulnerable to Cross-site Scripting (XSS) such that when a file with a name containing a malicious payload is served by the application, the filename is displayed without proper sanitization when it is rendered."
},
{
"lang": "es",
"value": "Todas las versiones del paquete ithewei/libhv son vulnerables a Cross-Site Scripting (XSS), de modo que cuando la aplicaci\u00f3n entrega un archivo con un nombre que contiene un payload malicioso, el nombre del archivo se muestra sin la sanitizaci\u00f3n adecuada cuando se procesa."
}
],
"metrics": {

8
CVE-2023/CVE-2023-261xx/CVE-2023-26147.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-26147",
"sourceIdentifier": "report@snyk.io",
"published": "2023-09-29T05:15:46.630",
"lastModified": "2023-09-29T05:15:46.630",
"vulnStatus": "Received",
"lastModified": "2023-09-29T12:45:33.353",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "All versions of the package ithewei/libhv are vulnerable to HTTP Response Splitting when untrusted user input is used to build headers values. An attacker can add the \\r\\n (carriage return line feeds) characters to end the HTTP response headers and inject malicious content, like for example additional headers or new response body, leading to a potential XSS vulnerability."
},
{
"lang": "es",
"value": "Todas las versiones del paquete ithewei/libhv son vulnerables a la divisi\u00f3n de respuesta HTTP cuando se utilizan entradas de usuarios que no son de confianza para construir los valores de las cabeceras. Un atacante puede agregar los caracteres \\r\\n (avances de l\u00ednea de retorno de carro) al final de las cabeceras de respuesta HTTP e inyectar contenido malicioso, como por ejemplo cabeceras adicionales o un nuevo cuerpo de respuesta, lo que genera una posible vulnerabilidad XSS."
}
],
"metrics": {

8
CVE-2023/CVE-2023-261xx/CVE-2023-26148.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-26148",
"sourceIdentifier": "report@snyk.io",
"published": "2023-09-29T05:15:46.693",
"lastModified": "2023-09-29T05:15:46.693",
"vulnStatus": "Received",
"lastModified": "2023-09-29T12:45:33.353",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "All versions of the package ithewei/libhv are vulnerable to CRLF Injection when untrusted user input is used to set request headers. An attacker can add the \\r\\n (carriage return line feeds) characters and inject additional headers in the request sent."
},
{
"lang": "es",
"value": "Todas las versiones del paquete ithewei/libhv son vulnerables a la inyecci\u00f3n CRLF cuando se utilizan entradas de usuario no fiables para establecer las cabeceras de las peticiones. Un atacante puede agregar los caracteres \\r\\n (avance de l\u00ednea de retorno de carro) e inyectar cabeceras adicionales en la solicitud enviada."
}
],
"metrics": {

8
CVE-2023/CVE-2023-305xx/CVE-2023-30591.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-30591",
"sourceIdentifier": "info@starlabs.sg",
"published": "2023-09-29T06:15:09.870",
"lastModified": "2023-09-29T06:15:09.870",
"vulnStatus": "Received",
"lastModified": "2023-09-29T12:45:33.353",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Denial-of-service in NodeBB <= v2.8.10 allows unauthenticated attackers to trigger a crash, when invoking `eventName.startsWith()` or `eventName.toString()`, while processing Socket.IO messages via crafted Socket.IO messages containing array or object type for the event name respectively."
},
{
"lang": "es",
"value": "La denegaci\u00f3n de servicio en NodeBB en versiones &lt;=2.8.10 permite a atacantes no autenticados provocar un fallo al invocar `eventName.startsWith()` o `eventName.toString()`, mientras procesan mensajes Socket.IO a trav\u00e9s de mensajes Socket.IO manipulados que contienen una matriz o un tipo de objeto para el nombre del evento, respectivamente."
}
],
"metrics": {

8
CVE-2023/CVE-2023-31xx/CVE-2023-3115.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-3115",
"sourceIdentifier": "cve@gitlab.com",
"published": "2023-09-29T07:15:13.100",
"lastModified": "2023-09-29T07:15:13.100",
"vulnStatus": "Received",
"lastModified": "2023-09-29T12:45:33.353",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An issue has been discovered in GitLab EE affecting all versions affecting all versions from 11.11 prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1. Single Sign On restrictions were not correctly enforced for indirect project members accessing public members-only project repositories."
},
{
"lang": "es",
"value": "Se descubri\u00f3 un problema en GitLab EE que afecta a todas las versiones desde 11.11 anteriores a 16.2.8, 16.3 anteriores a 16.3.5 y 16.4 anteriores a 16.4.1. Las restricciones de Inicio de Sesi\u00f3n \u00danico no se aplicaron correctamente para los miembros indirectos del proyecto que acceden a repositorios de proyectos p\u00fablicos exclusivos para miembros."
}
],
"metrics": {

8
CVE-2023/CVE-2023-324xx/CVE-2023-32477.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-32477",
"sourceIdentifier": "security_alert@emc.com",
"published": "2023-09-29T08:15:09.437",
"lastModified": "2023-09-29T08:15:09.437",
"vulnStatus": "Received",
"lastModified": "2023-09-29T12:45:25.177",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "\nDell Common Event Enabler 8.9.8.2 for Windows and prior, contain an improper access control vulnerability. A local low-privileged malicious user may potentially exploit this vulnerability to gain elevated privileges.\n\n"
},
{
"lang": "es",
"value": "Dell Common Event Enabler 8.9.8.2 para Windows y versiones anteriores contiene una vulnerabilidad de control de acceso inadecuado. Un usuario malintencionado local con pocos privilegios podr\u00eda explotar esta vulnerabilidad para obtener privilegios elevados."
}
],
"metrics": {

8
CVE-2023/CVE-2023-34xx/CVE-2023-3413.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-3413",
"sourceIdentifier": "cve@gitlab.com",
"published": "2023-09-29T09:15:10.180",
"lastModified": "2023-09-29T09:15:10.180",
"vulnStatus": "Received",
"lastModified": "2023-09-29T12:45:25.177",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An issue has been discovered in GitLab affecting all versions starting from 16.2 before 16.2.8, all versions starting from 16.3 before 16.3.5, all versions starting from 16.4 before 16.4.1. It was possible to read the source code of a project through a fork created before changing visibility to only project members."
},
{
"lang": "es",
"value": "Se ha descubierto un problema en GitLab que afecta a todas las versiones desde 16.2 anteriores a 16.2.8, todas las versiones desde 16.3 anteriores a 16.3.5, todas las versiones desde 16.4 anteriores a 16.4.1. Era posible leer el c\u00f3digo fuente de un proyecto a trav\u00e9s de un fork creado antes de cambiar la visibilidad solo a los miembros del proyecto."
}
],
"metrics": {

8
CVE-2023/CVE-2023-364xx/CVE-2023-36479.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36479",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-09-15T19:15:08.387",
"lastModified": "2023-09-20T15:59:11.650",
"vulnStatus": "Analyzed",
"lastModified": "2023-09-29T12:15:12.760",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -158,6 +158,10 @@
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://www.debian.org/security/2023/dsa-5507",
"source": "security-advisories@github.com"
}
]
}

8
CVE-2023/CVE-2023-39xx/CVE-2023-3906.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-3906",
"sourceIdentifier": "cve@gitlab.com",
"published": "2023-09-29T07:15:13.233",
"lastModified": "2023-09-29T07:15:13.233",
"vulnStatus": "Received",
"lastModified": "2023-09-29T12:45:33.353",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An input validation issue in the asset proxy in GitLab EE, affecting all versions from 12.3 prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1, allowed an authenticated attacker to craft image urls which bypass the asset proxy."
},
{
"lang": "es",
"value": "Un problema de validaci\u00f3n de entrada en el proxy de activos en GitLab EE, que afect\u00f3 a todas las versiones desde 12.3 anterior a 16.2.8, 16.3 anterior a 16.3.5 y 16.4 anterior a 16.4.1, permiti\u00f3 a un atacante autenticado crear URL de im\u00e1genes que omit\u00edan el activo apoderado."
}
],
"metrics": {

8
CVE-2023/CVE-2023-39xx/CVE-2023-3914.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-3914",
"sourceIdentifier": "cve@gitlab.com",
"published": "2023-09-29T07:15:13.380",
"lastModified": "2023-09-29T07:15:13.380",
"vulnStatus": "Received",
"lastModified": "2023-09-29T12:45:33.353",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A business logic error in GitLab EE affecting all versions prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1 allows access to internal projects. A service account is not deleted when a namespace is deleted, allowing access to internal projects."
},
{
"lang": "es",
"value": "Un error de l\u00f3gica de negocios en GitLab EE que afecta a todas las versiones anteriores a 16.2.8, 16.3 anterior a 16.3.5 y 16.4 anterior a 16.4.1 permite el acceso a proyectos internos. Una cuenta de servicio no se elimina cuando se elimina un espacio de nombres, lo que permite el acceso a proyectos internos."
}
],
"metrics": {

8
CVE-2023/CVE-2023-39xx/CVE-2023-3917.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-3917",
"sourceIdentifier": "cve@gitlab.com",
"published": "2023-09-29T07:15:13.557",
"lastModified": "2023-09-29T07:15:13.557",
"vulnStatus": "Received",
"lastModified": "2023-09-29T12:45:25.177",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Denial of Service in pipelines affecting all versions of Gitlab EE and CE prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1 allows attacker to cause pipelines to fail."
},
{
"lang": "es",
"value": "La Denegaci\u00f3n de Servicio en pipelines afectan a todas las versiones de Gitlab EE y CE anteriores a 16.2.8, 16.3 anterior a 16.3.5 y 16.4 anterior a 16.4.1 permite que un atacante provoque fallas en los pipelines."
}
],
"metrics": {

8
CVE-2023/CVE-2023-39xx/CVE-2023-3920.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-3920",
"sourceIdentifier": "cve@gitlab.com",
"published": "2023-09-29T07:15:13.777",
"lastModified": "2023-09-29T07:15:13.777",
"vulnStatus": "Received",
"lastModified": "2023-09-29T12:45:25.177",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An issue has been discovered in GitLab affecting all versions starting from 11.2 before 16.2.8, all versions starting from 16.3 before 16.3.5, all versions starting from 16.4 before 16.4.1. It was possible that a maintainer to create a fork relationship between existing projects contrary to the documentation."
},
{
"lang": "es",
"value": "Se ha descubierto un problema en GitLab que afecta a todas las versiones desde 11.2 anteriores a 16.2.8, todas las versiones desde 16.3 anteriores a 16.3.5, todas las versiones desde 16.4 anteriores a 16.4.1. Era posible que un maintainer creara una relaci\u00f3n de fork entre proyectos existentes en contraria a la documentaci\u00f3n."
}
],
"metrics": {

8
CVE-2023/CVE-2023-39xx/CVE-2023-3922.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-3922",
"sourceIdentifier": "cve@gitlab.com",
"published": "2023-09-29T08:15:09.537",
"lastModified": "2023-09-29T08:15:09.537",
"vulnStatus": "Received",
"lastModified": "2023-09-29T12:45:25.177",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An issue has been discovered in GitLab affecting all versions starting from 8.15 before 16.2.8, all versions starting from 16.3 before 16.3.5, all versions starting from 16.4 before 16.4.1. It was possible to hijack some links and buttons on the GitLab UI to a malicious page."
},
{
"lang": "es",
"value": "Se ha descubierto un problema en GitLab que afecta a todas las versiones desde 8.15 anteriores a 16.2.8, todas las versiones desde 16.3 anteriores a 16.3.5, todas las versiones desde 16.4 anteriores a 16.4.1. Fue posible secuestrar algunos enlaces y botones en la interfaz de usuario de GitLab a una p\u00e1gina maliciosa."
}
],
"metrics": {

8
CVE-2023/CVE-2023-39xx/CVE-2023-3979.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-3979",
"sourceIdentifier": "cve@gitlab.com",
"published": "2023-09-29T07:15:13.910",
"lastModified": "2023-09-29T07:15:13.910",
"vulnStatus": "Received",
"lastModified": "2023-09-29T12:45:25.177",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An issue has been discovered in GitLab affecting all versions starting from 10.6 before 16.2.8, all versions starting from 16.3 before 16.3.5, all versions starting from 16.4 before 16.4.1. It was possible that upstream members to collaborate with you on your branch get permission to write to the merge request\u2019s source branch. "
},
{
"lang": "es",
"value": "Se ha descubierto un problema en GitLab que afecta a todas las versiones desde 10.6 anteriores a 16.2.8, todas las versiones desde 16.3 anteriores a 16.3.5, todas las versiones desde 16.4 anteriores a 16.4.1. Era posible que los miembros upstream que colaboraran en su sucursal obtuvieran permisos para escribir en la sucursal fuente de la solicitud de fusi\u00f3n."
}
],
"metrics": {

16
CVE-2023/CVE-2023-401xx/CVE-2023-40167.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-40167",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-09-15T20:15:09.827",
"lastModified": "2023-09-20T20:20:55.403",
"vulnStatus": "Analyzed",
"lastModified": "2023-09-29T12:15:12.880",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -60,22 +60,22 @@
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
"value": "CWE-130"
}
]
},
{
"source": "security-advisories@github.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-130"
"value": "NVD-CWE-noinfo"
}
]
}
@ -151,6 +151,10 @@
"Vendor Advisory"
]
},
{
"url": "https://www.debian.org/security/2023/dsa-5507",
"source": "security-advisories@github.com"
},
{
"url": "https://www.rfc-editor.org/rfc/rfc9110#section-8.6",
"source": "security-advisories@github.com",

75
CVE-2023/CVE-2023-413xx/CVE-2023-41332.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-41332",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-09-27T15:19:30.023",
"lastModified": "2023-09-27T15:41:42.647",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-29T13:56:15.203",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cilium is a networking, observability, and security solution with an eBPF-based dataplane. In Cilium clusters where Cilium's Layer 7 proxy has been disabled, creating workloads with `policy.cilium.io/proxy-visibility` annotations (in Cilium >= v1.13) or `io.cilium.proxy-visibility` annotations (in Cilium <= v1.12) causes the Cilium agent to segfault on the node to which the workload is assigned. Existing traffic on the affected node will continue to flow, but the Cilium agent on the node will not able to process changes to workloads running on the node. This will also prevent workloads from being able to start on the affected node. The denial of service will be limited to the node on which the workload is scheduled, however an attacker may be able to schedule workloads on the node of their choosing, which could lead to targeted attacks. This issue has been resolved in Cilium versions 1.14.2, 1.13.7, and 1.12.14. Users unable to upgrade can avoid this denial of service attack by enabling the Layer 7 proxy.\n\n"
},
{
"lang": "es",
"value": "Cilium es una soluci\u00f3n de redes, observabilidad y seguridad con un plano de datos basado en eBPF. En los cl\u00fasteres de Cilium donde el proxy de capa 7 de Cilium se ha deshabilitado, la creaci\u00f3n de cargas de trabajo con anotaciones `policy.cilium.io/proxy-visibility` (en Cilium versiones &gt;= 1.13) o anotaciones `io.cilium.proxy-visibility` (en Cilium versiones &lt;= 1.12) hace que el agente Cilium tenga un error de segmentaci\u00f3n en el nodo al que est\u00e1 asignada la carga de trabajo. El tr\u00e1fico existente en el nodo afectado seguir\u00e1 fluyendo, pero el agente Cilium en el nodo no podr\u00e1 procesar cambios en las cargas de trabajo que se ejecutan en el nodo. Esto tambi\u00e9n evitar\u00e1 que las cargas de trabajo puedan iniciarse en el nodo afectado. La denegaci\u00f3n de servicio se limitar\u00e1 al nodo en el que est\u00e1 programada la carga de trabajo; sin embargo, un atacante puede programar cargas de trabajo en el nodo de su elecci\u00f3n, lo que podr\u00eda dar lugar a ataques dirigidos. Este problema se resolvi\u00f3 en las versiones 1.14.2, 1.13.7 y 1.12.14 de Cilium. Los usuarios que no puedan actualizar pueden evitar este ataque de denegaci\u00f3n de servicio habilitando el proxy de capa 7."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 3.5,
"baseSeverity": "LOW"
},
"exploitabilityScore": 2.1,
"impactScore": 1.4
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,14 +70,57 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cilium:cilium:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.12.14",
"matchCriteriaId": "35ABDE15-4D2F-4F82-BA90-6529DBA75C4F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cilium:cilium:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.13.0",
"versionEndExcluding": "1.13.7",
"matchCriteriaId": "FAD54EC5-459F-43CF-8C36-BB84717CD640"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cilium:cilium:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.14.0",
"versionEndExcluding": "1.14.2",
"matchCriteriaId": "F8854A94-3A9D-4BCD-AC5C-2D8AEF70AA40"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/cilium/cilium/pull/27597",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Issue Tracking",
"Patch"
]
},
{
"url": "https://github.com/cilium/cilium/security/advisories/GHSA-24m5-r6hv-ccgp",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Mitigation",
"Patch",
"Third Party Advisory"
]
}
]
}

8
CVE-2023/CVE-2023-419xx/CVE-2023-41900.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-41900",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-09-15T21:15:11.600",
"lastModified": "2023-09-20T15:20:42.810",
"vulnStatus": "Analyzed",
"lastModified": "2023-09-29T12:15:12.980",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -126,6 +126,10 @@
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://www.debian.org/security/2023/dsa-5507",
"source": "security-advisories@github.com"
}
]
}

51
CVE-2023/CVE-2023-424xx/CVE-2023-42487.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-42487",
"sourceIdentifier": "cna@cyber.gov.il",
"published": "2023-09-27T15:19:32.890",
"lastModified": "2023-09-27T15:41:26.297",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-29T13:53:37.567",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Soundminer \u2013 CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"
},
{
"lang": "es",
"value": "Soundminer \u2013 CWE-22: Limitaci\u00f3n inadecuada de un nombre de ruta a un directorio restringido (\u201cPath Traversal\u201d)"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "cna@cyber.gov.il",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:soundminer:soundminer:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.01",
"matchCriteriaId": "B9C0FCD9-0B33-4D8D-B4B6-AA476FF434EA"
}
]
}
]
}
],
"references": [
{
"url": "https://www.gov.il/en/Departments/faq/cve_advisories",
"source": "cna@cyber.gov.il"
"source": "cna@cyber.gov.il",
"tags": [
"Third Party Advisory"
]
}
]
}

20
CVE-2023/CVE-2023-439xx/CVE-2023-43909.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-43909",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-29T13:15:10.193",
"lastModified": "2023-09-29T13:15:10.193",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Hospital Management System thru commit 4770d was discovered to contain a SQL injection vulnerability via the app_contact parameter in appsearch.php."
}
],
"metrics": {},
"references": [
{
"url": "https://www.notion.so/SQL-Injection-vulnerability-in-app_contact-parameter-on-appsearch-php-directory-2e3daa8975164ee18217c52c43ae1a22",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-439xx/CVE-2023-43944.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-43944",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-29T13:15:10.247",
"lastModified": "2023-09-29T13:15:10.247",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A Stored Cross Site Scripting (XSS) vulnerability was found in SourceCodester Task Management System 1.0. It allows attackers to execute arbitrary code via parameter field in index.php?page=project_list."
}
],
"metrics": {},
"references": [
{
"url": "https://purring-climb-52a.notion.site/Reflected-Cross-site-scripting-b6fd50b94b464313847bb52d4049154f?pvs=4",
"source": "cve@mitre.org"
}
]
}

8
CVE-2023/CVE-2023-444xx/CVE-2023-44464.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-44464",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-29T05:15:46.757",
"lastModified": "2023-09-29T05:15:46.757",
"vulnStatus": "Received",
"lastModified": "2023-09-29T12:45:33.353",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "pretix before 2023.7.2 allows Pillow to parse EPS files."
},
{
"lang": "es",
"value": "pretix antes de 2023.7.2 permite a Pillow analizar archivos EPS."
}
],
"metrics": {},

8
CVE-2023/CVE-2023-444xx/CVE-2023-44466.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-44466",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-29T06:15:11.007",
"lastModified": "2023-09-29T06:15:11.007",
"vulnStatus": "Received",
"lastModified": "2023-09-29T12:45:33.353",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in net/ceph/messenger_v2.c in the Linux kernel before 6.4.5. There is an integer signedness error, leading to a buffer overflow and remote code execution via HELLO or one of the AUTH frames. This occurs because of an untrusted length taken from a TCP packet in ceph_decode_32."
},
{
"lang": "es",
"value": "Se descubri\u00f3 un problema en net/ceph/messenger_v2.c en el kernel de Linux anterior a 6.4.5. Hay un error de firma de enteros, lo que provoca un desbordamiento del b\u00fafer y la ejecuci\u00f3n remota de c\u00f3digo a trav\u00e9s de HELLO o uno de los frames AUTH. Esto ocurre debido a una longitud no confiable tomada de un paquete TCP en ceph_decode_32."
}
],
"metrics": {},

8
CVE-2023/CVE-2023-444xx/CVE-2023-44469.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-44469",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-29T07:15:14.073",
"lastModified": "2023-09-29T07:15:14.073",
"vulnStatus": "Received",
"lastModified": "2023-09-29T12:45:25.177",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A Server-Side Request Forgery issue in the OpenID Connect Issuer in LemonLDAP::NG before 2.17.1 allows authenticated remote attackers to send GET requests to arbitrary URLs through the request_uri authorization parameter. This is similar to CVE-2020-10770."
},
{
"lang": "es",
"value": "Un problema de Server-Side Request Forgery (SSRF) en OpenID Connect Issuer en LemonLDAP::NG anterior a 2.17.1 permite a atacantes remotos autenticados enviar solicitudes GET a URL arbitrarias a trav\u00e9s del par\u00e1metro de autorizaci\u00f3n request_uri. Esto es similar a CVE-2020-10770."
}
],
"metrics": {},

8
CVE-2023/CVE-2023-45xx/CVE-2023-4532.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-4532",
"sourceIdentifier": "cve@gitlab.com",
"published": "2023-09-29T07:15:14.200",
"lastModified": "2023-09-29T07:15:14.200",
"vulnStatus": "Received",
"lastModified": "2023-09-29T12:45:25.177",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An issue has been discovered in GitLab affecting all versions starting from 16.2 before 16.2.8, all versions starting from 16.3 before 16.3.5, all versions starting from 16.4 before 16.4.1. Users were capable of linking CI/CD jobs of private projects which they are not a member of."
},
{
"lang": "es",
"value": "Se ha descubierto un problema en GitLab que afecta a todas las versiones desde 16.2 anteriores a 16.2.8, todas las versiones desde 16.3 anteriores a 16.3.5, todas las versiones desde 16.4 anteriores a 16.4.1. Los usuarios pudieron vincular trabajos de CI/CD de proyectos privados de los que no son miembros."
}
],
"metrics": {

8
CVE-2023/CVE-2023-51xx/CVE-2023-5159.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-5159",
"sourceIdentifier": "responsibledisclosure@mattermost.com",
"published": "2023-09-29T10:15:10.530",
"lastModified": "2023-09-29T10:15:10.530",
"vulnStatus": "Received",
"lastModified": "2023-09-29T12:45:25.177",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Mattermost fails to properly verify the permissions when managing/updating a bot allowing a\u00a0User Manager role with user edit permissions to manage/update bots.\n\n"
},
{
"lang": "es",
"value": "Mattermost no verifica adecuadamente los permisos al administrar/actualizar un bot, permitiendo una funci\u00f3n de administrador de usuarios con permisos de edici\u00f3n de usuario para administrar/actualizar bots."
}
],
"metrics": {

73
CVE-2023/CVE-2023-51xx/CVE-2023-5173.json
View File

@ -2,23 +2,86 @@
"id": "CVE-2023-5173",
"sourceIdentifier": "security@mozilla.org",
"published": "2023-09-27T15:19:42.340",
"lastModified": "2023-09-27T15:41:36.187",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-29T13:34:59.930",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In a non-standard configuration of Firefox, an integer overflow could have occurred based on network traffic (possibly under influence of a local unprivileged webpage), leading to an out-of-bounds write to privileged process memory. \n*This bug only affects Firefox if a non-standard preference allowing non-HTTPS Alternate Services (`network.http.altsvc.oe`) is enabled.* This vulnerability affects Firefox < 118."
},
{
"lang": "es",
"value": "En una configuraci\u00f3n no est\u00e1ndar de Firefox, podr\u00eda haberse producido un desbordamiento de enteros basado en el tr\u00e1fico de la red (posiblemente bajo la influencia de una p\u00e1gina web local sin privilegios), lo que habr\u00eda provocado una escritura fuera de l\u00edmites en la memoria del proceso privilegiado. *Este error solo afecta a Firefox si est\u00e1 habilitada una preferencia no est\u00e1ndar que permite servicios alternativos no HTTPS (`network.http.altsvc.oe`).* Esta vulnerabilidad afecta a Firefox versi\u00f3n &lt; 118."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-190"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
"versionEndExcluding": "118",
"matchCriteriaId": "2216A424-94E2-45E7-BB95-646BFC8182E1"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1823172",
"source": "security@mozilla.org"
"source": "security@mozilla.org",
"tags": [
"Permissions Required"
]
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-41/",
"source": "security@mozilla.org"
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
]
}
]
}

73
CVE-2023/CVE-2023-51xx/CVE-2023-5175.json
View File

@ -2,23 +2,86 @@
"id": "CVE-2023-5175",
"sourceIdentifier": "security@mozilla.org",
"published": "2023-09-27T15:19:42.630",
"lastModified": "2023-09-27T15:41:42.647",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-29T13:46:01.483",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "During process shutdown, it was possible that an `ImageBitmap` was created that would later be used after being freed from a different codepath, leading to a potentially exploitable crash. This vulnerability affects Firefox < 118."
},
{
"lang": "es",
"value": "Durante el cierre del proceso, era posible que se creara un \"ImageBitmap\" que luego se usar\u00eda despu\u00e9s de liberarse de una ruta de c\u00f3digo diferente, lo que provocar\u00eda un bloqueo potencialmente explotable. Esta vulnerabilidad afecta a Firefox &lt; 118."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
"versionEndExcluding": "118",
"matchCriteriaId": "2216A424-94E2-45E7-BB95-646BFC8182E1"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1849704",
"source": "security@mozilla.org"
"source": "security@mozilla.org",
"tags": [
"Broken Link"
]
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-41/",
"source": "security@mozilla.org"
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
]
}
]
}

59
CVE-2023/CVE-2023-51xx/CVE-2023-5192.json
View File

@ -2,15 +2,41 @@
"id": "CVE-2023-5192",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-09-27T15:19:42.997",
"lastModified": "2023-09-27T15:41:42.647",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-29T13:00:15.310",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Excessive Data Query Operations in a Large Data Table in GitHub repository pimcore/demo prior to 10.3.0."
},
{
"lang": "es",
"value": "Operaciones excesivas de consulta de datos en una tabla de datos grande en el repositorio de GitHub pimcore/demo antes de 10.3.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -46,14 +72,39 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pimcore:core:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.3.0",
"matchCriteriaId": "8624B3D6-EB8A-4EF0-BD0A-E9DD19EC833B"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/pimcore/demo/commit/a2a7ff3b565882aefb759804aac4a51afb458f1f",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Patch"
]
},
{
"url": "https://huntr.dev/bounties/65c954f2-79c3-4672-8846-a3035e7a1db7",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

8
CVE-2023/CVE-2023-51xx/CVE-2023-5193.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-5193",
"sourceIdentifier": "responsibledisclosure@mattermost.com",
"published": "2023-09-29T10:15:10.687",
"lastModified": "2023-09-29T10:15:10.687",
"vulnStatus": "Received",
"lastModified": "2023-09-29T12:45:25.177",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Mattermost fails to properly check permissions when retrieving a post allowing for\u00a0a System Role with the permission to manage channels to read the posts of a DM conversation.\n\n"
},
{
"lang": "es",
"value": "Mattermost no verifica correctamente los permisos al recuperar una publicaci\u00f3n, lo que permite un rol del sistema con permiso para administrar canales para leer las publicaciones de una conversaci\u00f3n de DM."
}
],
"metrics": {

8
CVE-2023/CVE-2023-51xx/CVE-2023-5194.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-5194",
"sourceIdentifier": "responsibledisclosure@mattermost.com",
"published": "2023-09-29T10:15:10.757",
"lastModified": "2023-09-29T10:15:10.757",
"vulnStatus": "Received",
"lastModified": "2023-09-29T12:45:25.177",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Mattermost fails to properly validate permissions when demoting and deactivating a user allowing for a\u00a0system/user manager to demote / deactivate another manager\n\n"
},
{
"lang": "es",
"value": "Mattermost no valida correctamente los permisos al degradar y desactivar a un usuario, lo que permite que un administrador de sistema/usuario degrade/desactive a otro administrador"
}
],
"metrics": {

8
CVE-2023/CVE-2023-51xx/CVE-2023-5195.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-5195",
"sourceIdentifier": "responsibledisclosure@mattermost.com",
"published": "2023-09-29T10:15:10.823",
"lastModified": "2023-09-29T10:15:10.823",
"vulnStatus": "Received",
"lastModified": "2023-09-29T12:45:25.177",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Mattermost fails to properly validate the permissions when soft deleting a team allowing a team member to soft delete other teams that they are not part of\n\n"
},
{
"lang": "es",
"value": "Mattermost no valida correctamente los permisos al eliminar temporalmente un equipo, lo que permite a un miembro del equipo eliminar temporalmente otros equipos de los que no forma parte."
}
],
"metrics": {

8
CVE-2023/CVE-2023-51xx/CVE-2023-5196.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-5196",
"sourceIdentifier": "responsibledisclosure@mattermost.com",
"published": "2023-09-29T10:15:10.890",
"lastModified": "2023-09-29T10:15:10.890",
"vulnStatus": "Received",
"lastModified": "2023-09-29T12:45:25.177",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Mattermost fails to enforce character limits in all possible notification props allowing an attacker to\u00a0send a really long value for a notification_prop resulting in the server consuming an abnormal quantity of computing resources and possibly becoming temporarily unavailable for its users. \n\n\n\n"
},
{
"lang": "es",
"value": "Mattermost no aplica l\u00edmites de caracteres en todos los posibles accesorios de notificaci\u00f3n, lo que permite a un atacante enviar un valor muy largo para un notification_prop, lo que hace que el servidor consuma una cantidad anormal de recursos inform\u00e1ticos y posiblemente deje de estar disponible temporalmente para sus usuarios."
}
],
"metrics": {

8
CVE-2023/CVE-2023-51xx/CVE-2023-5198.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-5198",
"sourceIdentifier": "cve@gitlab.com",
"published": "2023-09-29T08:15:09.610",
"lastModified": "2023-09-29T08:15:09.610",
"vulnStatus": "Received",
"lastModified": "2023-09-29T12:45:25.177",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An issue has been discovered in GitLab affecting all versions prior to 16.2.7, all versions starting from 16.3 before 16.3.5, and all versions starting from 16.4 before 16.4.1. It was possible for a removed project member to write to protected branches using deploy keys."
},
{
"lang": "es",
"value": "Se descubri\u00f3 un problema en GitLab que afecta a todas las versiones anteriores a 16.2.7, todas las versiones desde 16.3 anteriores a 16.3.5 y todas las versiones desde 16.4 anteriores a 16.4.1. Era posible que un miembro eliminado del proyecto escribiera en sucursales protegidas utilizando claves de implementaci\u00f3n."
}
],
"metrics": {

8
CVE-2023/CVE-2023-52xx/CVE-2023-5257.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-5257",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-09-29T11:15:41.977",
"lastModified": "2023-09-29T11:15:41.977",
"vulnStatus": "Received",
"lastModified": "2023-09-29T12:45:25.177",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in WhiteHSBG JNDIExploit 1.4 on Windows. It has been rated as problematic. Affected by this issue is the function handleFileRequest of the file src/main/java/com/feihong/ldap/HTTPServer.java. The manipulation leads to path traversal. The exploit has been disclosed to the public and may be used. VDB-240866 is the identifier assigned to this vulnerability."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una vulnerabilidad en WhiteHSBG JNDIExploit 1.4 en Windows. Ha sido calificado como problem\u00e1tico. La funci\u00f3n handleFileRequest del archivo src/main/java/com/feihong/ldap/HTTPServer.java es afectada por esta vulnerabilidad. La manipulaci\u00f3n conduce al path traversal. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. VDB-240866 es el identificador asignado a esta vulnerabilidad."
}
],
"metrics": {

92
CVE-2023/CVE-2023-52xx/CVE-2023-5258.json Normal file
View File

@ -0,0 +1,92 @@
{
"id": "CVE-2023-5258",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-09-29T12:15:13.093",
"lastModified": "2023-09-29T12:45:25.177",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical has been found in OpenRapid RapidCMS 1.3.1. This affects an unknown part of the file /resource/addgood.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-240867."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/OpenRapid/rapidcms/issues/9",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/yhy217/rapidcms-vul/issues/4",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.240867",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.240867",
"source": "cna@vuldb.com"
}
]
}

88
CVE-2023/CVE-2023-52xx/CVE-2023-5259.json Normal file
View File

@ -0,0 +1,88 @@
{
"id": "CVE-2023-5259",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-09-29T12:15:13.203",
"lastModified": "2023-09-29T12:45:25.177",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as problematic was found in ForU CMS. This vulnerability affects unknown code of the file /admin/cms_admin.php. The manipulation of the argument del leads to denial of service. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available. The identifier of this vulnerability is VDB-240868."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 2.7,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.2,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:M/C:N/I:N/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "MULTIPLE",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.3
},
"baseSeverity": "LOW",
"exploitabilityScore": 6.4,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-404"
}
]
}
],
"references": [
{
"url": "https://github.com/RCEraser/cve/blob/main/ForU-CMS.md",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.240868",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.240868",
"source": "cna@vuldb.com"
}
]
}

88
CVE-2023/CVE-2023-52xx/CVE-2023-5260.json Normal file
View File

@ -0,0 +1,88 @@
{
"id": "CVE-2023-5260",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-09-29T12:15:13.287",
"lastModified": "2023-09-29T12:45:25.177",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, has been found in SourceCodester Simple Membership System 1.0. This issue affects some unknown processing of the file group_validator.php. The manipulation of the argument club_id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-240869 was assigned to this vulnerability."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/E1even-321/Membership-System/blob/main/Simple-Membership-System%20group_validator.php%20has%20Sqlinjection.pdf",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.240869",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.240869",
"source": "cna@vuldb.com"
}
]
}

88
CVE-2023/CVE-2023-52xx/CVE-2023-5261.json Normal file
View File

@ -0,0 +1,88 @@
{
"id": "CVE-2023-5261",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-09-29T12:15:13.360",
"lastModified": "2023-09-29T12:45:25.177",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, was found in Tongda OA 2017. Affected is an unknown function of the file general/hr/manage/staff_title_evaluation/delete.php. The manipulation of the argument EVALUATION_ID leads to sql injection. The exploit has been disclosed to the public and may be used. Upgrading to version 11.10 is able to address this issue. It is recommended to upgrade the affected component. VDB-240870 is the identifier assigned to this vulnerability."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.1,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"accessVector": "ADJACENT_NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 5.2
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 5.1,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/csbsong/bug_report/blob/main/sql2.md",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.240870",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.240870",
"source": "cna@vuldb.com"
}
]
}

63
CVE-2023/CVE-2023-52xx/CVE-2023-5288.json Normal file
View File

@ -0,0 +1,63 @@
{
"id": "CVE-2023-5288",
"sourceIdentifier": "psirt@sick.de",
"published": "2023-09-29T12:15:13.437",
"lastModified": "2023-09-29T12:45:25.177",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "\nA remote unauthorized attacker may connect to the SIM1012, interact with the device and\nchange configuration settings. The adversary may also reset the SIM and in the worst case upload a\nnew firmware version to the device.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@sick.de",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@sick.de",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"references": [
{
"url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0008.json",
"source": "psirt@sick.de"
},
{
"url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0008.pdf",
"source": "psirt@sick.de"
},
{
"url": "https://sick.com/psirt",
"source": "psirt@sick.de"
}
]
}

68
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-09-29T12:00:24.726282+00:00
2023-09-29T14:00:24.671501+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-09-29T11:39:46.370000+00:00
2023-09-29T13:56:15.203000+00:00
```
### Last Data Feed Release
@ -29,45 +29,51 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
226585
226592
```
### CVEs added in the last Commit
Recently added CVEs: `6`
Recently added CVEs: `7`
* [CVE-2023-5159](CVE-2023/CVE-2023-51xx/CVE-2023-5159.json) (`2023-09-29T10:15:10.530`)
* [CVE-2023-5193](CVE-2023/CVE-2023-51xx/CVE-2023-5193.json) (`2023-09-29T10:15:10.687`)
* [CVE-2023-5194](CVE-2023/CVE-2023-51xx/CVE-2023-5194.json) (`2023-09-29T10:15:10.757`)
* [CVE-2023-5195](CVE-2023/CVE-2023-51xx/CVE-2023-5195.json) (`2023-09-29T10:15:10.823`)
* [CVE-2023-5196](CVE-2023/CVE-2023-51xx/CVE-2023-5196.json) (`2023-09-29T10:15:10.890`)
* [CVE-2023-5257](CVE-2023/CVE-2023-52xx/CVE-2023-5257.json) (`2023-09-29T11:15:41.977`)
* [CVE-2023-5258](CVE-2023/CVE-2023-52xx/CVE-2023-5258.json) (`2023-09-29T12:15:13.093`)
* [CVE-2023-5259](CVE-2023/CVE-2023-52xx/CVE-2023-5259.json) (`2023-09-29T12:15:13.203`)
* [CVE-2023-5260](CVE-2023/CVE-2023-52xx/CVE-2023-5260.json) (`2023-09-29T12:15:13.287`)
* [CVE-2023-5261](CVE-2023/CVE-2023-52xx/CVE-2023-5261.json) (`2023-09-29T12:15:13.360`)
* [CVE-2023-5288](CVE-2023/CVE-2023-52xx/CVE-2023-5288.json) (`2023-09-29T12:15:13.437`)
* [CVE-2023-43909](CVE-2023/CVE-2023-439xx/CVE-2023-43909.json) (`2023-09-29T13:15:10.193`)
* [CVE-2023-43944](CVE-2023/CVE-2023-439xx/CVE-2023-43944.json) (`2023-09-29T13:15:10.247`)
### CVEs modified in the last Commit
Recently modified CVEs: `20`
Recently modified CVEs: `39`
* [CVE-2018-1160](CVE-2018/CVE-2018-11xx/CVE-2018-1160.json) (`2023-09-29T11:15:02.217`)
* [CVE-2018-16877](CVE-2018/CVE-2018-168xx/CVE-2018-16877.json) (`2023-09-29T11:15:41.320`)
* [CVE-2018-16878](CVE-2018/CVE-2018-168xx/CVE-2018-16878.json) (`2023-09-29T11:15:41.497`)
* [CVE-2018-7998](CVE-2018/CVE-2018-79xx/CVE-2018-7998.json) (`2023-09-29T11:18:03.783`)
* [CVE-2019-3885](CVE-2019/CVE-2019-38xx/CVE-2019-3885.json) (`2023-09-29T11:15:41.687`)
* [CVE-2019-6976](CVE-2019/CVE-2019-69xx/CVE-2019-6976.json) (`2023-09-29T11:18:03.783`)
* [CVE-2019-17534](CVE-2019/CVE-2019-175xx/CVE-2019-17534.json) (`2023-09-29T11:18:03.783`)
* [CVE-2020-25654](CVE-2020/CVE-2020-256xx/CVE-2020-25654.json) (`2023-09-29T11:15:41.830`)
* [CVE-2020-20739](CVE-2020/CVE-2020-207xx/CVE-2020-20739.json) (`2023-09-29T11:18:03.783`)
* [CVE-2021-27847](CVE-2021/CVE-2021-278xx/CVE-2021-27847.json) (`2023-09-29T11:18:03.783`)
* [CVE-2021-32621](CVE-2021/CVE-2021-326xx/CVE-2021-32621.json) (`2023-09-29T11:39:46.370`)
* [CVE-2022-45188](CVE-2022/CVE-2022-451xx/CVE-2022-45188.json) (`2023-09-29T11:15:02.217`)
* [CVE-2022-0194](CVE-2022/CVE-2022-01xx/CVE-2022-0194.json) (`2023-09-29T11:15:02.217`)
* [CVE-2022-23121](CVE-2022/CVE-2022-231xx/CVE-2022-23121.json) (`2023-09-29T11:15:02.217`)
* [CVE-2022-23122](CVE-2022/CVE-2022-231xx/CVE-2022-23122.json) (`2023-09-29T11:15:02.217`)
* [CVE-2022-23123](CVE-2022/CVE-2022-231xx/CVE-2022-23123.json) (`2023-09-29T11:15:02.217`)
* [CVE-2022-23124](CVE-2022/CVE-2022-231xx/CVE-2022-23124.json) (`2023-09-29T11:15:02.217`)
* [CVE-2022-23125](CVE-2022/CVE-2022-231xx/CVE-2022-23125.json) (`2023-09-29T11:15:02.217`)
* [CVE-2022-43634](CVE-2022/CVE-2022-436xx/CVE-2022-43634.json) (`2023-09-29T11:15:02.217`)
* [CVE-2023-29206](CVE-2023/CVE-2023-292xx/CVE-2023-29206.json) (`2023-09-29T11:39:46.370`)
* [CVE-2023-3922](CVE-2023/CVE-2023-39xx/CVE-2023-3922.json) (`2023-09-29T12:45:25.177`)
* [CVE-2023-5198](CVE-2023/CVE-2023-51xx/CVE-2023-5198.json) (`2023-09-29T12:45:25.177`)
* [CVE-2023-3413](CVE-2023/CVE-2023-34xx/CVE-2023-3413.json) (`2023-09-29T12:45:25.177`)
* [CVE-2023-5159](CVE-2023/CVE-2023-51xx/CVE-2023-5159.json) (`2023-09-29T12:45:25.177`)
* [CVE-2023-5193](CVE-2023/CVE-2023-51xx/CVE-2023-5193.json) (`2023-09-29T12:45:25.177`)
* [CVE-2023-5194](CVE-2023/CVE-2023-51xx/CVE-2023-5194.json) (`2023-09-29T12:45:25.177`)
* [CVE-2023-5195](CVE-2023/CVE-2023-51xx/CVE-2023-5195.json) (`2023-09-29T12:45:25.177`)
* [CVE-2023-5196](CVE-2023/CVE-2023-51xx/CVE-2023-5196.json) (`2023-09-29T12:45:25.177`)
* [CVE-2023-5257](CVE-2023/CVE-2023-52xx/CVE-2023-5257.json) (`2023-09-29T12:45:25.177`)
* [CVE-2023-26146](CVE-2023/CVE-2023-261xx/CVE-2023-26146.json) (`2023-09-29T12:45:33.353`)
* [CVE-2023-26147](CVE-2023/CVE-2023-261xx/CVE-2023-26147.json) (`2023-09-29T12:45:33.353`)
* [CVE-2023-26148](CVE-2023/CVE-2023-261xx/CVE-2023-26148.json) (`2023-09-29T12:45:33.353`)
* [CVE-2023-44464](CVE-2023/CVE-2023-444xx/CVE-2023-44464.json) (`2023-09-29T12:45:33.353`)
* [CVE-2023-30591](CVE-2023/CVE-2023-305xx/CVE-2023-30591.json) (`2023-09-29T12:45:33.353`)
* [CVE-2023-44466](CVE-2023/CVE-2023-444xx/CVE-2023-44466.json) (`2023-09-29T12:45:33.353`)
* [CVE-2023-2233](CVE-2023/CVE-2023-22xx/CVE-2023-2233.json) (`2023-09-29T12:45:33.353`)
* [CVE-2023-3115](CVE-2023/CVE-2023-31xx/CVE-2023-3115.json) (`2023-09-29T12:45:33.353`)
* [CVE-2023-3906](CVE-2023/CVE-2023-39xx/CVE-2023-3906.json) (`2023-09-29T12:45:33.353`)
* [CVE-2023-3914](CVE-2023/CVE-2023-39xx/CVE-2023-3914.json) (`2023-09-29T12:45:33.353`)
* [CVE-2023-5192](CVE-2023/CVE-2023-51xx/CVE-2023-5192.json) (`2023-09-29T13:00:15.310`)
* [CVE-2023-0989](CVE-2023/CVE-2023-09xx/CVE-2023-0989.json) (`2023-09-29T13:15:10.103`)
* [CVE-2023-5173](CVE-2023/CVE-2023-51xx/CVE-2023-5173.json) (`2023-09-29T13:34:59.930`)
* [CVE-2023-5175](CVE-2023/CVE-2023-51xx/CVE-2023-5175.json) (`2023-09-29T13:46:01.483`)
* [CVE-2023-42487](CVE-2023/CVE-2023-424xx/CVE-2023-42487.json) (`2023-09-29T13:53:37.567`)
* [CVE-2023-41332](CVE-2023/CVE-2023-413xx/CVE-2023-41332.json) (`2023-09-29T13:56:15.203`)
## Download and Usage