admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-06 18:52:58 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-08-09T10:00:31.779394+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-08-09 10:00:35 +00:00
parent 90e998c72f
commit 3045f69666
19 changed files with 719 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
CVE-2018/CVE-2018-112xx/CVE-2018-11206.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2018-11206",
"sourceIdentifier": "cve@mitre.org",
"published": "2018-05-16T15:29:00.447",
"lastModified": "2019-03-21T15:16:43.457",
"vulnStatus": "Analyzed",
"lastModified": "2023-08-09T09:15:12.113",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -107,6 +107,10 @@
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00009.html",
"source": "cve@mitre.org"
}
]
}

8
CVE-2018/CVE-2018-172xx/CVE-2018-17233.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2018-17233",
"sourceIdentifier": "cve@mitre.org",
"published": "2018-09-20T06:29:00.400",
"lastModified": "2018-11-21T18:50:17.340",
"vulnStatus": "Analyzed",
"lastModified": "2023-08-09T09:15:12.920",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -101,6 +101,10 @@
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00009.html",
"source": "cve@mitre.org"
}
]
}

8
CVE-2018/CVE-2018-172xx/CVE-2018-17234.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2018-17234",
"sourceIdentifier": "cve@mitre.org",
"published": "2018-09-20T06:29:00.540",
"lastModified": "2019-10-03T00:03:26.223",
"vulnStatus": "Analyzed",
"lastModified": "2023-08-09T09:15:13.037",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -101,6 +101,10 @@
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00009.html",
"source": "cve@mitre.org"
}
]
}

8
CVE-2018/CVE-2018-172xx/CVE-2018-17237.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2018-17237",
"sourceIdentifier": "cve@mitre.org",
"published": "2018-09-20T06:29:00.900",
"lastModified": "2018-11-21T18:50:23.170",
"vulnStatus": "Analyzed",
"lastModified": "2023-08-09T09:15:13.130",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -101,6 +101,10 @@
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00009.html",
"source": "cve@mitre.org"
}
]
}

8
CVE-2018/CVE-2018-174xx/CVE-2018-17434.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2018-17434",
"sourceIdentifier": "cve@mitre.org",
"published": "2018-09-24T14:29:00.683",
"lastModified": "2018-11-28T21:20:42.623",
"vulnStatus": "Analyzed",
"lastModified": "2023-08-09T09:15:13.223",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -101,6 +101,10 @@
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00009.html",
"source": "cve@mitre.org"
}
]
}

8
CVE-2018/CVE-2018-174xx/CVE-2018-17437.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2018-17437",
"sourceIdentifier": "cve@mitre.org",
"published": "2018-09-24T14:29:01.043",
"lastModified": "2019-10-03T00:03:26.223",
"vulnStatus": "Analyzed",
"lastModified": "2023-08-09T09:15:13.330",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -101,6 +101,10 @@
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00009.html",
"source": "cve@mitre.org"
}
]
}

55
CVE-2023/CVE-2023-223xx/CVE-2023-22378.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-22378",
"sourceIdentifier": "prodsec@nozominetworks.com",
"published": "2023-08-09T09:15:13.507",
"lastModified": "2023-08-09T09:15:13.507",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A blind SQL Injection vulnerability in Nozomi Networks Guardian and CMC, due to improper input validation in the sorting parameter, allows an authenticated attacker to execute arbitrary SQL queries on the DBMS used by the web application.\n\nAuthenticated users can extract arbitrary information from the DBMS in an uncontrolled way.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 4.2
}
]
},
"weaknesses": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://security.nozominetworks.com/NN-2023:2-01",
"source": "prodsec@nozominetworks.com"
}
]
}

55
CVE-2023/CVE-2023-228xx/CVE-2023-22843.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-22843",
"sourceIdentifier": "prodsec@nozominetworks.com",
"published": "2023-08-09T09:15:13.667",
"lastModified": "2023-08-09T09:15:13.667",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An authenticated attacker with administrative access to the appliance can inject malicious JavaScript code inside the definition of a Threat Intelligence rule, that will later be executed by another legitimate user viewing the details of such a rule.\nAn attacker may be able to perform unauthorized actions on behalf of legitimate users. JavaScript injection was possible in the content for Yara rules, while limited HTML injection has been proven for packet and STYX rules.\nThe injected code will be executed in the context of the authenticated victim's session."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "LOW",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.9,
"impactScore": 5.5
}
]
},
"weaknesses": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://security.nozominetworks.com/NN-2023:4-01",
"source": "prodsec@nozominetworks.com"
}
]
}

55
CVE-2023/CVE-2023-235xx/CVE-2023-23574.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-23574",
"sourceIdentifier": "prodsec@nozominetworks.com",
"published": "2023-08-09T09:15:13.767",
"lastModified": "2023-08-09T09:15:13.767",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A blind SQL Injection vulnerability in Nozomi Networks Guardian and CMC, due to improper input validation in the alerts_count component, allows an authenticated attacker to execute arbitrary SQL queries on the DBMS used by the web application.\n\nAuthenticated users can extract arbitrary information from the DBMS in an uncontrolled way.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 4.2
}
]
},
"weaknesses": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://security.nozominetworks.com/NN-2023:3-01",
"source": "prodsec@nozominetworks.com"
}
]
}

55
CVE-2023/CVE-2023-244xx/CVE-2023-24471.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-24471",
"sourceIdentifier": "prodsec@nozominetworks.com",
"published": "2023-08-09T09:15:13.860",
"lastModified": "2023-08-09T09:15:13.860",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An access control vulnerability was found, due to the restrictions that are applied on actual assertions not being enforced in their debug functionality.\n\nAn authenticated user with reduced visibility can obtain unauthorized information via the debug functionality, obtaining data that would normally be not accessible in the Query and Assertions functions.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
}
],
"references": [
{
"url": "https://security.nozominetworks.com/NN-2023:5-01",
"source": "prodsec@nozominetworks.com"
}
]
}

55
CVE-2023/CVE-2023-244xx/CVE-2023-24477.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-24477",
"sourceIdentifier": "prodsec@nozominetworks.com",
"published": "2023-08-09T08:15:09.280",
"lastModified": "2023-08-09T08:15:09.280",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In certain conditions, depending on timing and the usage of the Chrome web browser, Guardian/CMC versions before 22.6.2 do not always completely invalidate the user session upon logout. Thus an authenticated local attacker may gain acces to the original user's session.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.6,
"impactScore": 3.4
}
]
},
"weaknesses": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-384"
}
]
}
],
"references": [
{
"url": "https://security.nozominetworks.com/NN-2023:8-01",
"source": "prodsec@nozominetworks.com"
}
]
}

55
CVE-2023/CVE-2023-36xx/CVE-2023-3632.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-3632",
"sourceIdentifier": "cve@usom.gov.tr",
"published": "2023-08-09T09:15:14.297",
"lastModified": "2023-08-09T09:15:14.297",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Use of Hard-coded Cryptographic Key vulnerability in Sifir Bes Education and Informatics Kunduz - Homework Helper App allows Authentication Abuse, Authentication Bypass.This issue affects Kunduz - Homework Helper App: before 6.2.3.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@usom.gov.tr",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.0,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 2.2,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "cve@usom.gov.tr",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-321"
}
]
}
],
"references": [
{
"url": "https://www.usom.gov.tr/bildirim/tr-23-0446",
"source": "cve@usom.gov.tr"
}
]
}

55
CVE-2023/CVE-2023-382xx/CVE-2023-38207.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-38207",
"sourceIdentifier": "psirt@adobe.com",
"published": "2023-08-09T08:15:09.443",
"lastModified": "2023-08-09T08:15:09.443",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Adobe Commerce versions 2.4.6-p1 (and earlier), 2.4.5-p3 (and earlier) and 2.4.4-p4 (and earlier) are affected by a XML Injection (aka Blind XPath Injection) vulnerability that could lead in minor arbitrary file system read. Exploitation of this issue does not require user interaction."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-91"
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/magento/apsb23-42.html",
"source": "psirt@adobe.com"
}
]
}

55
CVE-2023/CVE-2023-382xx/CVE-2023-38208.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-38208",
"sourceIdentifier": "psirt@adobe.com",
"published": "2023-08-09T08:15:09.563",
"lastModified": "2023-08-09T08:15:09.563",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Adobe Commerce versions 2.4.6-p1 (and earlier), 2.4.5-p3 (and earlier) and 2.4.4-p4 (and earlier) are affected by an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability that could lead to arbitrary code execution by an admin-privilege authenticated attacker. Exploitation of this issue does not require user interaction."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 2.3,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/magento/apsb23-42.html",
"source": "psirt@adobe.com"
}
]
}

55
CVE-2023/CVE-2023-382xx/CVE-2023-38209.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-38209",
"sourceIdentifier": "psirt@adobe.com",
"published": "2023-08-09T08:15:09.660",
"lastModified": "2023-08-09T08:15:09.660",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Adobe Commerce versions 2.4.6-p1 (and earlier), 2.4.5-p3 (and earlier) and 2.4.4-p4 (and earlier) are affected by an Incorrect Authorization vulnerability that could lead to a Security feature bypass. A low-privileged attacker could leverage this vulnerability to access other user's data. Exploitation of this issue does not require user interaction."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/magento/apsb23-42.html",
"source": "psirt@adobe.com"
}
]
}

55
CVE-2023/CVE-2023-382xx/CVE-2023-38211.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-38211",
"sourceIdentifier": "psirt@adobe.com",
"published": "2023-08-09T09:15:13.957",
"lastModified": "2023-08-09T09:15:13.957",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Adobe Dimension version 3.4.9 is affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/dimension/apsb23-44.html",
"source": "psirt@adobe.com"
}
]
}

55
CVE-2023/CVE-2023-382xx/CVE-2023-38212.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-38212",
"sourceIdentifier": "psirt@adobe.com",
"published": "2023-08-09T09:15:14.077",
"lastModified": "2023-08-09T09:15:14.077",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Adobe Dimension version 3.4.9 is affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-122"
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/dimension/apsb23-44.html",
"source": "psirt@adobe.com"
}
]
}

55
CVE-2023/CVE-2023-382xx/CVE-2023-38213.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-38213",
"sourceIdentifier": "psirt@adobe.com",
"published": "2023-08-09T09:15:14.183",
"lastModified": "2023-08-09T09:15:14.183",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Adobe Dimension version 3.4.9 is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/dimension/apsb23-44.html",
"source": "psirt@adobe.com"
}
]
}

41
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-08-09T08:00:35.567761+00:00
2023-08-09T10:00:31.779394+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-08-09T07:15:11.323000+00:00
2023-08-09T09:15:14.297000+00:00
```
### Last Data Feed Release
@ -29,32 +29,37 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
222135
222147
```
### CVEs added in the last Commit
Recently added CVEs: `13`
Recently added CVEs: `12`
* [CVE-2022-47185](CVE-2022/CVE-2022-471xx/CVE-2022-47185.json) (`2023-08-09T07:15:09.930`)
* [CVE-2023-26310](CVE-2023/CVE-2023-263xx/CVE-2023-26310.json) (`2023-08-09T07:15:10.150`)
* [CVE-2023-33934](CVE-2023/CVE-2023-339xx/CVE-2023-33934.json) (`2023-08-09T07:15:10.297`)
* [CVE-2023-37855](CVE-2023/CVE-2023-378xx/CVE-2023-37855.json) (`2023-08-09T07:15:10.380`)
* [CVE-2023-37856](CVE-2023/CVE-2023-378xx/CVE-2023-37856.json) (`2023-08-09T07:15:10.493`)
* [CVE-2023-37857](CVE-2023/CVE-2023-378xx/CVE-2023-37857.json) (`2023-08-09T07:15:10.603`)
* [CVE-2023-37858](CVE-2023/CVE-2023-378xx/CVE-2023-37858.json) (`2023-08-09T07:15:10.710`)
* [CVE-2023-37859](CVE-2023/CVE-2023-378xx/CVE-2023-37859.json) (`2023-08-09T07:15:10.827`)
* [CVE-2023-37860](CVE-2023/CVE-2023-378xx/CVE-2023-37860.json) (`2023-08-09T07:15:10.933`)
* [CVE-2023-37861](CVE-2023/CVE-2023-378xx/CVE-2023-37861.json) (`2023-08-09T07:15:11.033`)
* [CVE-2023-37862](CVE-2023/CVE-2023-378xx/CVE-2023-37862.json) (`2023-08-09T07:15:11.133`)
* [CVE-2023-37863](CVE-2023/CVE-2023-378xx/CVE-2023-37863.json) (`2023-08-09T07:15:11.227`)
* [CVE-2023-37864](CVE-2023/CVE-2023-378xx/CVE-2023-37864.json) (`2023-08-09T07:15:11.323`)
* [CVE-2023-24477](CVE-2023/CVE-2023-244xx/CVE-2023-24477.json) (`2023-08-09T08:15:09.280`)
* [CVE-2023-38207](CVE-2023/CVE-2023-382xx/CVE-2023-38207.json) (`2023-08-09T08:15:09.443`)
* [CVE-2023-38208](CVE-2023/CVE-2023-382xx/CVE-2023-38208.json) (`2023-08-09T08:15:09.563`)
* [CVE-2023-38209](CVE-2023/CVE-2023-382xx/CVE-2023-38209.json) (`2023-08-09T08:15:09.660`)
* [CVE-2023-22378](CVE-2023/CVE-2023-223xx/CVE-2023-22378.json) (`2023-08-09T09:15:13.507`)
* [CVE-2023-22843](CVE-2023/CVE-2023-228xx/CVE-2023-22843.json) (`2023-08-09T09:15:13.667`)
* [CVE-2023-23574](CVE-2023/CVE-2023-235xx/CVE-2023-23574.json) (`2023-08-09T09:15:13.767`)
* [CVE-2023-24471](CVE-2023/CVE-2023-244xx/CVE-2023-24471.json) (`2023-08-09T09:15:13.860`)
* [CVE-2023-38211](CVE-2023/CVE-2023-382xx/CVE-2023-38211.json) (`2023-08-09T09:15:13.957`)
* [CVE-2023-38212](CVE-2023/CVE-2023-382xx/CVE-2023-38212.json) (`2023-08-09T09:15:14.077`)
* [CVE-2023-38213](CVE-2023/CVE-2023-382xx/CVE-2023-38213.json) (`2023-08-09T09:15:14.183`)
* [CVE-2023-3632](CVE-2023/CVE-2023-36xx/CVE-2023-3632.json) (`2023-08-09T09:15:14.297`)
### CVEs modified in the last Commit
Recently modified CVEs: `0`
Recently modified CVEs: `6`
* [CVE-2018-11206](CVE-2018/CVE-2018-112xx/CVE-2018-11206.json) (`2023-08-09T09:15:12.113`)
* [CVE-2018-17233](CVE-2018/CVE-2018-172xx/CVE-2018-17233.json) (`2023-08-09T09:15:12.920`)
* [CVE-2018-17234](CVE-2018/CVE-2018-172xx/CVE-2018-17234.json) (`2023-08-09T09:15:13.037`)
* [CVE-2018-17237](CVE-2018/CVE-2018-172xx/CVE-2018-17237.json) (`2023-08-09T09:15:13.130`)
* [CVE-2018-17434](CVE-2018/CVE-2018-174xx/CVE-2018-17434.json) (`2023-08-09T09:15:13.223`)
* [CVE-2018-17437](CVE-2018/CVE-2018-174xx/CVE-2018-17437.json) (`2023-08-09T09:15:13.330`)
## Download and Usage