admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-21 17:41:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-01-18T19:00:24.565357+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-01-18 19:00:28 +00:00
parent a83a66a0e4
commit 3051043523
47 changed files with 4764 additions and 212 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
CVE-2022/CVE-2022-343xx/CVE-2022-34328.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-34328", "id": "CVE-2022-34328",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2022-06-23T17:15:18.703", "published": "2022-06-23T17:15:18.703",
"lastModified": "2022-06-29T22:13:31.537", "lastModified": "2024-01-18T18:04:53.087",
"vulnStatus": "Analyzed", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
@ -84,8 +84,8 @@
"cpeMatch": [ "cpeMatch": [
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:a:pmb_project:pmb:7.3.10:*:*:*:*:*:*:*", "criteria": "cpe:2.3:a:sigb:pmb:7.3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "4E981975-6C97-4667-BDE0-AD97761BED46" "matchCriteriaId": "BDD81A48-F3BF-4BD6-98B4-F62D59AFDFD8"
} }
] ]
} }

1807
CVE-2023/CVE-2023-205xx/CVE-2023-20573.json
View File

File diff suppressed because it is too large Load Diff

6
CVE-2023/CVE-2023-247xx/CVE-2023-24733.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-24733", "id": "CVE-2023-24733",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-03-06T21:15:11.080", "published": "2023-03-06T21:15:11.080",
"lastModified": "2023-03-13T15:29:43.207", "lastModified": "2024-01-18T18:04:53.087",
"vulnStatus": "Analyzed", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
@ -55,8 +55,8 @@
"cpeMatch": [ "cpeMatch": [
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:a:pmb_project:pmb:7.4.6:*:*:*:*:*:*:*", "criteria": "cpe:2.3:a:sigb:pmb:7.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "C3CA885B-CCA0-455E-BC00-031E6D99C6FA" "matchCriteriaId": "7F6BCC12-4630-4A28-BF91-35DB0393B131"
} }
] ]
} }

6
CVE-2023/CVE-2023-247xx/CVE-2023-24734.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-24734", "id": "CVE-2023-24734",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-03-06T21:15:11.130", "published": "2023-03-06T21:15:11.130",
"lastModified": "2023-03-13T15:30:54.503", "lastModified": "2024-01-18T18:04:53.087",
"vulnStatus": "Analyzed", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
@ -55,8 +55,8 @@
"cpeMatch": [ "cpeMatch": [
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:a:pmb_project:pmb:7.4.6:*:*:*:*:*:*:*", "criteria": "cpe:2.3:a:sigb:pmb:7.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "C3CA885B-CCA0-455E-BC00-031E6D99C6FA" "matchCriteriaId": "7F6BCC12-4630-4A28-BF91-35DB0393B131"
} }
] ]
} }

6
CVE-2023/CVE-2023-247xx/CVE-2023-24735.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-24735", "id": "CVE-2023-24735",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-03-06T21:15:11.183", "published": "2023-03-06T21:15:11.183",
"lastModified": "2023-03-13T15:31:30.227", "lastModified": "2024-01-18T18:04:53.087",
"vulnStatus": "Analyzed", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
@ -55,8 +55,8 @@
"cpeMatch": [ "cpeMatch": [
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:a:pmb_project:pmb:7.4.6:*:*:*:*:*:*:*", "criteria": "cpe:2.3:a:sigb:pmb:7.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "C3CA885B-CCA0-455E-BC00-031E6D99C6FA" "matchCriteriaId": "7F6BCC12-4630-4A28-BF91-35DB0393B131"
} }
] ]
} }

6
CVE-2023/CVE-2023-247xx/CVE-2023-24736.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-24736", "id": "CVE-2023-24736",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-03-06T21:15:11.237", "published": "2023-03-06T21:15:11.237",
"lastModified": "2023-03-13T15:31:39.343", "lastModified": "2024-01-18T18:04:53.087",
"vulnStatus": "Analyzed", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
@ -55,8 +55,8 @@
"cpeMatch": [ "cpeMatch": [
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:a:pmb_project:pmb:7.4.6:*:*:*:*:*:*:*", "criteria": "cpe:2.3:a:sigb:pmb:7.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "C3CA885B-CCA0-455E-BC00-031E6D99C6FA" "matchCriteriaId": "7F6BCC12-4630-4A28-BF91-35DB0393B131"
} }
] ]
} }

6
CVE-2023/CVE-2023-247xx/CVE-2023-24737.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-24737", "id": "CVE-2023-24737",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-03-06T21:15:11.290", "published": "2023-03-06T21:15:11.290",
"lastModified": "2023-03-13T15:31:51.257", "lastModified": "2024-01-18T18:04:53.087",
"vulnStatus": "Analyzed", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
@ -55,8 +55,8 @@
"cpeMatch": [ "cpeMatch": [
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:a:pmb_project:pmb:7.4.6:*:*:*:*:*:*:*", "criteria": "cpe:2.3:a:sigb:pmb:7.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "C3CA885B-CCA0-455E-BC00-031E6D99C6FA" "matchCriteriaId": "7F6BCC12-4630-4A28-BF91-35DB0393B131"
} }
] ]
} }

55
CVE-2023/CVE-2023-289xx/CVE-2023-28900.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-28900",
"sourceIdentifier": "cve@asrg.io",
"published": "2024-01-18T17:15:13.737",
"lastModified": "2024-01-18T17:15:13.737",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Skoda Automotive cloud contains a Broken Access Control vulnerability, allowing to obtain nicknames and other user identifiers of Skoda Connect service users by specifying an arbitrary vehicle VIN number."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@asrg.io",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "cve@asrg.io",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"references": [
{
"url": "https://asrg.io/security-advisories/cve-2023-28900",
"source": "cve@asrg.io"
}
]
}

55
CVE-2023/CVE-2023-289xx/CVE-2023-28901.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-28901",
"sourceIdentifier": "cve@asrg.io",
"published": "2024-01-18T17:15:14.003",
"lastModified": "2024-01-18T17:15:14.003",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Skoda Automotive cloud contains a Broken Access Control vulnerability, allowing remote attackers to obtain recent trip data, vehicle mileage, fuel consumption, average and maximum speed, and other information of Skoda Connect service users by specifying an arbitrary vehicle VIN number."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@asrg.io",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "cve@asrg.io",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"references": [
{
"url": "https://asrg.io/security-advisories/cve-2023-28901/",
"source": "cve@asrg.io"
}
]
}

62
CVE-2023/CVE-2023-310xx/CVE-2023-31001.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-31001", "id": "CVE-2023-31001",
"sourceIdentifier": "psirt@us.ibm.com", "sourceIdentifier": "psirt@us.ibm.com",
"published": "2024-01-11T03:15:09.413", "published": "2024-01-11T03:15:09.413",
"lastModified": "2024-01-11T13:57:26.160", "lastModified": "2024-01-18T17:06:28.277",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -16,6 +16,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{ {
"source": "psirt@us.ibm.com", "source": "psirt@us.ibm.com",
"type": "Secondary", "type": "Secondary",
@ -50,14 +70,48 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:security_verify_access:*:*:*:*:*:*:*:*",
"versionStartIncluding": "10.0.0.0",
"versionEndExcluding": "10.0.0.7",
"matchCriteriaId": "8D82D2F9-DC94-4E53-B39F-FC4F70FF7FC6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:security_verify_access_docker:*:*:*:*:*:*:*:*",
"versionStartIncluding": "10.0.0.0",
"versionEndExcluding": "10.0.0.7",
"matchCriteriaId": "983FC857-A6E9-40CB-9FC9-A0298685DA96"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/254653", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/254653",
"source": "psirt@us.ibm.com" "source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
]
}, },
{ {
"url": "https://www.ibm.com/support/pages/node/7106586", "url": "https://www.ibm.com/support/pages/node/7106586",
"source": "psirt@us.ibm.com" "source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
]
} }
] ]
} }

71
CVE-2023/CVE-2023-310xx/CVE-2023-31003.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-31003", "id": "CVE-2023-31003",
"sourceIdentifier": "psirt@us.ibm.com", "sourceIdentifier": "psirt@us.ibm.com",
"published": "2024-01-11T03:15:09.617", "published": "2024-01-11T03:15:09.617",
"lastModified": "2024-01-11T13:57:26.160", "lastModified": "2024-01-18T17:06:42.260",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -16,6 +16,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{ {
"source": "psirt@us.ibm.com", "source": "psirt@us.ibm.com",
"type": "Secondary", "type": "Secondary",
@ -39,6 +59,16 @@
] ]
}, },
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-59"
}
]
},
{ {
"source": "psirt@us.ibm.com", "source": "psirt@us.ibm.com",
"type": "Secondary", "type": "Secondary",
@ -50,14 +80,47 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:security_verify_access:*:*:*:*:*:*:*:*",
"versionStartIncluding": "10.0.0.0",
"versionEndExcluding": "10.0.0.7",
"matchCriteriaId": "8D82D2F9-DC94-4E53-B39F-FC4F70FF7FC6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:security_verify_access_docker:*:*:*:*:*:*:*:*",
"versionStartIncluding": "10.0.0.0",
"versionEndExcluding": "10.0.0.7",
"matchCriteriaId": "983FC857-A6E9-40CB-9FC9-A0298685DA96"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/254658", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/254658",
"source": "psirt@us.ibm.com" "source": "psirt@us.ibm.com",
"tags": [
"VDB Entry"
]
}, },
{ {
"url": "https://www.ibm.com/support/pages/node/7106586", "url": "https://www.ibm.com/support/pages/node/7106586",
"source": "psirt@us.ibm.com" "source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
]
} }
] ]
} }

55
CVE-2023/CVE-2023-312xx/CVE-2023-31274.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-31274",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2024-01-18T18:15:08.253",
"lastModified": "2024-01-18T18:15:08.253",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\nAVEVA PI Server versions 2023 and 2018 SP3 P05 and prior contain a vulnerability that could allow an unauthenticated user to cause the PI Message Subsystem of a PI Server to consume available memory resulting in throttled processing of new PI Data Archive events and a partial denial-of-service condition.\n\n\n\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-772"
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-018-01",
"source": "ics-cert@hq.dhs.gov"
}
]
}

55
CVE-2023/CVE-2023-343xx/CVE-2023-34348.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-34348",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2024-01-18T18:15:08.457",
"lastModified": "2024-01-18T18:15:08.457",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\nAVEVA PI Server versions 2023 and 2018 SP3 P05 and prior contain a vulnerability that could allow an unauthenticated user to remotely crash the PI Message Subsystem of a PI Server, resulting in a denial-of-service condition.\n\n\n\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-703"
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-018-01",
"source": "ics-cert@hq.dhs.gov"
}
]
}

64
CVE-2023/CVE-2023-501xx/CVE-2023-50120.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-50120", "id": "CVE-2023-50120",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-01-10T09:15:44.290", "published": "2024-01-10T09:15:44.290",
"lastModified": "2024-01-10T13:56:06.947", "lastModified": "2024-01-18T17:18:05.327",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -14,11 +14,67 @@
"value": "Se descubri\u00f3 que MP4Box GPAC versi\u00f3n 2.3-DEV-rev636-gfbd7e13aa-master contiene un bucle infinito en la funci\u00f3n av1_uvlc en media_tools/av_parsers.c. Esta vulnerabilidad permite a los atacantes provocar una denegaci\u00f3n de servicio (DoS) a trav\u00e9s de un archivo MP4 manipulado." "value": "Se descubri\u00f3 que MP4Box GPAC versi\u00f3n 2.3-DEV-rev636-gfbd7e13aa-master contiene un bucle infinito en la funci\u00f3n av1_uvlc en media_tools/av_parsers.c. Esta vulnerabilidad permite a los atacantes provocar una denegaci\u00f3n de servicio (DoS) a trav\u00e9s de un archivo MP4 manipulado."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-835"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gpac:gpac:2.3:dev:*:*:*:*:*:*",
"matchCriteriaId": "0099B624-674B-4F45-9270-DD638617A1D1"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/gpac/gpac/issues/2698", "url": "https://github.com/gpac/gpac/issues/2698",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking"
]
} }
] ]
} }

74
CVE-2023/CVE-2023-501xx/CVE-2023-50159.json
View File

@ -2,23 +2,87 @@
"id": "CVE-2023-50159", "id": "CVE-2023-50159",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-01-11T14:15:44.070", "published": "2024-01-11T14:15:44.070",
"lastModified": "2024-01-11T16:34:20.613", "lastModified": "2024-01-18T17:56:59.883",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "In ScaleFusion (Windows Desktop App) agent v10.5.2, Kiosk mode application restrictions can be bypassed allowing arbitrary code to be executed." "value": "In ScaleFusion (Windows Desktop App) agent v10.5.2, Kiosk mode application restrictions can be bypassed allowing arbitrary code to be executed."
},
{
"lang": "es",
"value": "En el agente ScaleFusion (aplicaci\u00f3n de escritorio de Windows) v10.5.2, las restricciones de la aplicaci\u00f3n en modo quiosco se pueden omitir permitiendo la ejecuci\u00f3n de c\u00f3digo arbitrario."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.0,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:scalefusion:scalefusion:10.5.2:*:*:*:*:windows:*:*",
"matchCriteriaId": "B6D78BD9-C7BC-4669-8C06-7CA51F0C46BB"
}
]
}
]
} }
], ],
"metrics": {},
"references": [ "references": [
{ {
"url": "https://medium.com/nestedif/vulnerability-disclosure-browser-mode-kiosk-bypass-scalefusion-832f5a18ebb6", "url": "https://medium.com/nestedif/vulnerability-disclosure-browser-mode-kiosk-bypass-scalefusion-832f5a18ebb6",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}, },
{ {
"url": "https://medium.com/nestedif/vulnerability-disclosure-kiosk-mode-bypass-scalefusion-4752dfa2dc59", "url": "https://medium.com/nestedif/vulnerability-disclosure-kiosk-mode-bypass-scalefusion-4752dfa2dc59",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

69
CVE-2023/CVE-2023-506xx/CVE-2023-50671.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-50671", "id": "CVE-2023-50671",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-01-11T17:15:08.557", "published": "2024-01-11T17:15:08.557",
"lastModified": "2024-01-12T13:47:31.250", "lastModified": "2024-01-18T18:54:54.863",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -14,15 +14,74 @@
"value": "En exiftags 1.01, nikon_prop1 en nikon.c tiene un desbordamiento de b\u00fafer en la regi\u00f3n Heap de la memoria (escritura de tama\u00f1o 28) porque snprintf puede escribir en una direcci\u00f3n inesperada." "value": "En exiftags 1.01, nikon_prop1 en nikon.c tiene un desbordamiento de b\u00fafer en la regi\u00f3n Heap de la memoria (escritura de tama\u00f1o 28) porque snprintf puede escribir en una direcci\u00f3n inesperada."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:aertherwide:exiftags:1.01:*:*:*:*:*:*:*",
"matchCriteriaId": "079E1C88-D076-45D8-AB81-D96FA3618C60"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://blog.yulun.ac.cn/posts/2023/fuzzing-exiftags/", "url": "https://blog.yulun.ac.cn/posts/2023/fuzzing-exiftags/",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}, },
{ {
"url": "https://johnst.org/sw/exiftags/", "url": "https://johnst.org/sw/exiftags/",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Product"
]
} }
] ]
} }

74
CVE-2023/CVE-2023-517xx/CVE-2023-51748.json
View File

@ -2,23 +2,87 @@
"id": "CVE-2023-51748", "id": "CVE-2023-51748",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-01-11T14:15:44.123", "published": "2024-01-11T14:15:44.123",
"lastModified": "2024-01-11T16:34:20.613", "lastModified": "2024-01-18T18:45:55.020",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "ScaleFusion 10.5.2 does not properly limit users to the Edge application because Ctrl-O and Ctrl-S can be used." "value": "ScaleFusion 10.5.2 does not properly limit users to the Edge application because Ctrl-O and Ctrl-S can be used."
},
{
"lang": "es",
"value": "ScaleFusion 10.5.2 no limita adecuadamente a los usuarios a la aplicaci\u00f3n Edge porque se pueden usar Ctrl-O y Ctrl-S."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.0,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:scalefusion:scalefusion:10.5.2:*:*:*:*:windows:*:*",
"matchCriteriaId": "B6D78BD9-C7BC-4669-8C06-7CA51F0C46BB"
}
]
}
]
} }
], ],
"metrics": {},
"references": [ "references": [
{ {
"url": "https://medium.com/nestedif/vulnerability-disclosure-browser-mode-kiosk-bypass-scalefusion-832f5a18ebb6", "url": "https://medium.com/nestedif/vulnerability-disclosure-browser-mode-kiosk-bypass-scalefusion-832f5a18ebb6",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}, },
{ {
"url": "https://medium.com/nestedif/vulnerability-disclosure-kiosk-mode-bypass-scalefusion-4752dfa2dc59", "url": "https://medium.com/nestedif/vulnerability-disclosure-kiosk-mode-bypass-scalefusion-4752dfa2dc59",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

74
CVE-2023/CVE-2023-517xx/CVE-2023-51749.json
View File

@ -2,23 +2,87 @@
"id": "CVE-2023-51749", "id": "CVE-2023-51749",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2024-01-11T14:15:44.167", "published": "2024-01-11T14:15:44.167",
"lastModified": "2024-01-11T16:34:20.613", "lastModified": "2024-01-18T18:54:46.507",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "ScaleFusion 10.5.2 does not properly limit users to the Edge application because a search can be made from a tooltip." "value": "ScaleFusion 10.5.2 does not properly limit users to the Edge application because a search can be made from a tooltip."
},
{
"lang": "es",
"value": "ScaleFusion 10.5.2 no limita adecuadamente a los usuarios a la aplicaci\u00f3n Edge porque se puede realizar una b\u00fasqueda desde una informaci\u00f3n sobre herramientas."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.0,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:scalefusion:scalefusion:10.5.2:*:*:*:*:windows:*:*",
"matchCriteriaId": "B6D78BD9-C7BC-4669-8C06-7CA51F0C46BB"
}
]
}
]
} }
], ],
"metrics": {},
"references": [ "references": [
{ {
"url": "https://medium.com/nestedif/vulnerability-disclosure-browser-mode-kiosk-bypass-scalefusion-832f5a18ebb6", "url": "https://medium.com/nestedif/vulnerability-disclosure-browser-mode-kiosk-bypass-scalefusion-832f5a18ebb6",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}, },
{ {
"url": "https://medium.com/nestedif/vulnerability-disclosure-kiosk-mode-bypass-scalefusion-4752dfa2dc59", "url": "https://medium.com/nestedif/vulnerability-disclosure-kiosk-mode-bypass-scalefusion-4752dfa2dc59",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

80
CVE-2023/CVE-2023-62xx/CVE-2023-6242.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-6242", "id": "CVE-2023-6242",
"sourceIdentifier": "security@wordfence.com", "sourceIdentifier": "security@wordfence.com",
"published": "2024-01-11T15:15:08.040", "published": "2024-01-11T15:15:08.040",
"lastModified": "2024-01-11T16:34:20.613", "lastModified": "2024-01-18T18:13:53.840",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "The EventON - WordPress Virtual Event Calendar Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.5.4 (for Pro) & 2.2.7 (for Free). This is due to missing or incorrect nonce validation on the evo_eventpost_update_meta function. This makes it possible for unauthenticated attackers to update arbitrary post metadata via a forged request granted they can trick a site administrator into performing an action such as clicking on a link." "value": "The EventON - WordPress Virtual Event Calendar Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.5.4 (for Pro) & 2.2.7 (for Free). This is due to missing or incorrect nonce validation on the evo_eventpost_update_meta function. This makes it possible for unauthenticated attackers to update arbitrary post metadata via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."
},
{
"lang": "es",
"value": "El complemento EventON - WordPress Virtual Event Calendar Plugin para WordPress es vulnerable a Cross-Site Request Forgery en todas las versiones hasta 4.5.4 (para Pro) y 2.2.7 (gratis), incluidas. Esto se debe a una validaci\u00f3n nonce faltante o incorrecta en la funci\u00f3n evo_eventpost_update_meta. Esto hace posible que atacantes no autenticados actualicen metadatos de publicaciones arbitrarias a trav\u00e9s de una solicitud falsificada, siempre que puedan enga\u00f1ar al administrador del sitio para que realice una acci\u00f3n como hacer clic en un enlace."
} }
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{ {
"source": "security@wordfence.com", "source": "security@wordfence.com",
"type": "Secondary", "type": "Secondary",
@ -34,18 +58,64 @@
} }
] ]
}, },
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:myeventon:eventon:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "4.5.5",
"matchCriteriaId": "E1574D07-2D5A-4157-80E0-113580C14106"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:myeventon:eventon-lite:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.2.8",
"matchCriteriaId": "85475E8F-96A3-4AB2-9B65-2AD335BDBD1A"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://docs.myeventon.com/documentations/eventon-changelog/", "url": "https://docs.myeventon.com/documentations/eventon-changelog/",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Release Notes"
]
}, },
{ {
"url": "https://plugins.trac.wordpress.org/changeset/3017578/eventon-lite/trunk/includes/admin/class-admin-ajax.php", "url": "https://plugins.trac.wordpress.org/changeset/3017578/eventon-lite/trunk/includes/admin/class-admin-ajax.php",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c8e9a333-a6b7-4b5e-93c1-b95566e5d6fb?source=cve", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c8e9a333-a6b7-4b5e-93c1-b95566e5d6fb?source=cve",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Patch",
"Third Party Advisory"
]
} }
] ]
} }

109
CVE-2023/CVE-2023-64xx/CVE-2023-6476.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6476", "id": "CVE-2023-6476",
"sourceIdentifier": "secalert@redhat.com", "sourceIdentifier": "secalert@redhat.com",
"published": "2024-01-09T22:15:43.610", "published": "2024-01-09T22:15:43.610",
"lastModified": "2024-01-17T21:15:11.600", "lastModified": "2024-01-18T18:16:25.947",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -16,6 +16,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{ {
"source": "secalert@redhat.com", "source": "secalert@redhat.com",
"type": "Secondary", "type": "Secondary",
@ -39,6 +59,16 @@
] ]
}, },
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-770"
}
]
},
{ {
"source": "secalert@redhat.com", "source": "secalert@redhat.com",
"type": "Secondary", "type": "Secondary",
@ -50,22 +80,89 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "2F87326E-0B56-4356-A889-73D026DB1D4B"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:openshift_container_platform:4.13:*:*:*:*:*:*:*",
"matchCriteriaId": "1FFF1D51-ABA8-4E54-B81C-A88C8A5E4842"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:openshift_container_platform:4.14:*:*:*:*:*:*:*",
"matchCriteriaId": "486B3F69-1551-4F8B-B25B-A5864248811B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://access.redhat.com/errata/RHSA-2024:0195", "url": "https://access.redhat.com/errata/RHSA-2024:0195",
"source": "secalert@redhat.com" "source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
}, },
{ {
"url": "https://access.redhat.com/errata/RHSA-2024:0207", "url": "https://access.redhat.com/errata/RHSA-2024:0207",
"source": "secalert@redhat.com" "source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
}, },
{ {
"url": "https://access.redhat.com/security/cve/CVE-2023-6476", "url": "https://access.redhat.com/security/cve/CVE-2023-6476",
"source": "secalert@redhat.com" "source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
}, },
{ {
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2253994", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2253994",
"source": "secalert@redhat.com" "source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
} }
] ]
} }

8
CVE-2023/CVE-2023-65xx/CVE-2023-6553.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6553", "id": "CVE-2023-6553",
"sourceIdentifier": "security@wordfence.com", "sourceIdentifier": "security@wordfence.com",
"published": "2023-12-15T11:15:47.837", "published": "2023-12-15T11:15:47.837",
"lastModified": "2023-12-21T19:24:54.533", "lastModified": "2024-01-18T17:15:14.300",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -89,6 +89,10 @@
} }
], ],
"references": [ "references": [
{
"url": "http://packetstormsecurity.com/files/176638/WordPress-Backup-Migration-1.3.7-Remote-Command-Execution.html",
"source": "security@wordfence.com"
},
{ {
"url": "https://plugins.trac.wordpress.org/browser/backup-backup/tags/1.3.7/includes/backup-heart.php#L118", "url": "https://plugins.trac.wordpress.org/browser/backup-backup/tags/1.3.7/includes/backup-heart.php#L118",
"source": "security@wordfence.com", "source": "security@wordfence.com",

76
CVE-2023/CVE-2023-65xx/CVE-2023-6554.json
View File

@ -2,16 +2,53 @@
"id": "CVE-2023-6554", "id": "CVE-2023-6554",
"sourceIdentifier": "cvd@cert.pl", "sourceIdentifier": "cvd@cert.pl",
"published": "2024-01-11T16:15:54.300", "published": "2024-01-11T16:15:54.300",
"lastModified": "2024-01-11T16:34:20.613", "lastModified": "2024-01-18T17:35:46.637",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "When access to the \"admin\" folder is not protected by some external authorization mechanisms e.g. Apache Basic Auth, it is possible for any user to download protected information like exam answers.\n\n\n\n" "value": "When access to the \"admin\" folder is not protected by some external authorization mechanisms e.g. Apache Basic Auth, it is possible for any user to download protected information like exam answers.\n\n\n\n"
},
{
"lang": "es",
"value": "Cuando el acceso a la carpeta \"admin\" no est\u00e1 protegido por algunos mecanismos de autorizaci\u00f3n externos, por ejemplo, Apache Basic Auth, cualquier usuario puede descargar informaci\u00f3n protegida, como las respuestas de los ex\u00e1menes."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
},
{ {
"source": "cvd@cert.pl", "source": "cvd@cert.pl",
"type": "Secondary", "type": "Secondary",
@ -23,18 +60,45 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tecnick:tcexam:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.1.0",
"matchCriteriaId": "64321385-1070-4132-822B-8711C20D749A"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://cert.pl/en/posts/2024/01/CVE-2023-6554/", "url": "https://cert.pl/en/posts/2024/01/CVE-2023-6554/",
"source": "cvd@cert.pl" "source": "cvd@cert.pl",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://cert.pl/posts/2024/01/CVE-2023-6554/", "url": "https://cert.pl/posts/2024/01/CVE-2023-6554/",
"source": "cvd@cert.pl" "source": "cvd@cert.pl",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://tcexam.org/", "url": "https://tcexam.org/",
"source": "cvd@cert.pl" "source": "cvd@cert.pl",
"tags": [
"Product"
]
} }
] ]
} }

74
CVE-2023/CVE-2023-66xx/CVE-2023-6637.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6637", "id": "CVE-2023-6637",
"sourceIdentifier": "security@wordfence.com", "sourceIdentifier": "security@wordfence.com",
"published": "2024-01-11T09:15:50.753", "published": "2024-01-11T09:15:50.753",
"lastModified": "2024-01-11T13:57:26.160", "lastModified": "2024-01-18T17:09:32.967",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -16,6 +16,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{ {
"source": "security@wordfence.com", "source": "security@wordfence.com",
"type": "Secondary", "type": "Secondary",
@ -38,22 +58,64 @@
} }
] ]
}, },
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:daan:complete_analytics_optimization_suite:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "4.7.15",
"matchCriteriaId": "C65FDD90-696B-431A-BA76-E6D94312B822"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://plugins.trac.wordpress.org/browser/host-analyticsjs-local/tags/4.7.12/includes/class-caos.php#L414", "url": "https://plugins.trac.wordpress.org/browser/host-analyticsjs-local/tags/4.7.12/includes/class-caos.php#L414",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://plugins.trac.wordpress.org/changeset/3008878/host-analyticsjs-local#file8", "url": "https://plugins.trac.wordpress.org/changeset/3008878/host-analyticsjs-local#file8",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://plugins.trac.wordpress.org/changeset/3009011/host-analyticsjs-local#file5", "url": "https://plugins.trac.wordpress.org/changeset/3009011/host-analyticsjs-local#file5",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5ec1fd03-f865-4f58-b63b-e70c0c7e701d?source=cve", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/5ec1fd03-f865-4f58-b63b-e70c0c7e701d?source=cve",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

64
CVE-2023/CVE-2023-66xx/CVE-2023-6638.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6638", "id": "CVE-2023-6638",
"sourceIdentifier": "security@wordfence.com", "sourceIdentifier": "security@wordfence.com",
"published": "2024-01-11T09:15:50.920", "published": "2024-01-11T09:15:50.920",
"lastModified": "2024-01-11T13:57:26.160", "lastModified": "2024-01-18T17:16:43.880",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -16,6 +16,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{ {
"source": "security@wordfence.com", "source": "security@wordfence.com",
"type": "Secondary", "type": "Secondary",
@ -38,14 +58,50 @@
} }
] ]
}, },
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gutengeek:gg_woo_feed:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.2.4",
"matchCriteriaId": "70E25181-D330-44E8-972B-B32E01FC7587"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://plugins.trac.wordpress.org/browser/gg-woo-feed/trunk/inc/Admin/Admin.php?rev=2933599#L199", "url": "https://plugins.trac.wordpress.org/browser/gg-woo-feed/trunk/inc/Admin/Admin.php?rev=2933599#L199",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Product"
]
}, },
{ {
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ce6b9b0a-e82e-459a-bddf-1c9354bcec00?source=cve", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ce6b9b0a-e82e-459a-bddf-1c9354bcec00?source=cve",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

64
CVE-2023/CVE-2023-67xx/CVE-2023-6751.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6751", "id": "CVE-2023-6751",
"sourceIdentifier": "security@wordfence.com", "sourceIdentifier": "security@wordfence.com",
"published": "2024-01-11T09:15:51.817", "published": "2024-01-11T09:15:51.817",
"lastModified": "2024-01-11T13:57:09.767", "lastModified": "2024-01-18T17:46:25.627",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -16,6 +16,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
},
{ {
"source": "security@wordfence.com", "source": "security@wordfence.com",
"type": "Secondary", "type": "Secondary",
@ -38,14 +58,50 @@
} }
] ]
}, },
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hostinger:hostinger:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.9.7",
"matchCriteriaId": "63F308AA-42EC-4821-8279-02CE5AC994FF"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3010008%40hostinger%2Ftrunk&old=3010004%40hostinger%2Ftrunk&sfp_email=&sfph_mail=", "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3010008%40hostinger%2Ftrunk&old=3010004%40hostinger%2Ftrunk&sfp_email=&sfph_mail=",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d89cf759-5e5f-43e2-90a9-a8e554653ee1?source=cve", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d89cf759-5e5f-43e2-90a9-a8e554653ee1?source=cve",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

69
CVE-2023/CVE-2023-69xx/CVE-2023-6934.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6934", "id": "CVE-2023-6934",
"sourceIdentifier": "security@wordfence.com", "sourceIdentifier": "security@wordfence.com",
"published": "2024-01-11T09:15:53.417", "published": "2024-01-11T09:15:53.417",
"lastModified": "2024-01-11T13:57:09.767", "lastModified": "2024-01-18T17:01:12.533",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -16,6 +16,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{ {
"source": "security@wordfence.com", "source": "security@wordfence.com",
"type": "Secondary", "type": "Secondary",
@ -38,18 +58,57 @@
} }
] ]
}, },
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:limitloginattempts:limit_login_attempts_reloaded:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.25.26",
"matchCriteriaId": "FD2EB5C0-4AFF-4A05-AE54-AB65BE769BF8"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://plugins.svn.wordpress.org/limit-login-attempts-reloaded/trunk/core/Shortcodes.php", "url": "https://plugins.svn.wordpress.org/limit-login-attempts-reloaded/trunk/core/Shortcodes.php",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Issue Tracking"
]
}, },
{ {
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3012447%40limit-login-attempts-reloaded%2Ftrunk&old=2995934%40limit-login-attempts-reloaded%2Ftrunk&sfp_email=&sfph_mail=#file2", "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3012447%40limit-login-attempts-reloaded%2Ftrunk&old=2995934%40limit-login-attempts-reloaded%2Ftrunk&sfp_email=&sfph_mail=#file2",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/906049c0-4710-47aa-bf44-cdf29032dc1f?source=cve", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/906049c0-4710-47aa-bf44-cdf29032dc1f?source=cve",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

79
CVE-2023/CVE-2023-69xx/CVE-2023-6979.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6979", "id": "CVE-2023-6979",
"sourceIdentifier": "security@wordfence.com", "sourceIdentifier": "security@wordfence.com",
"published": "2024-01-11T09:15:53.670", "published": "2024-01-11T09:15:53.670",
"lastModified": "2024-01-11T13:57:09.767", "lastModified": "2024-01-18T17:04:44.897",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -16,6 +16,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{ {
"source": "security@wordfence.com", "source": "security@wordfence.com",
"type": "Secondary", "type": "Secondary",
@ -38,26 +58,71 @@
} }
] ]
}, },
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cusrev:customer_reviews_for_woocommerce:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "5.38.9",
"matchCriteriaId": "2157BCF5-AA22-4AD3-BE5B-214FE6C4AE49"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://drive.proton.me/urls/K4R2HDQBS0#iuTPm3NqZEdz", "url": "https://drive.proton.me/urls/K4R2HDQBS0#iuTPm3NqZEdz",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Broken Link"
]
}, },
{ {
"url": "https://plugins.trac.wordpress.org/browser/customer-reviews-woocommerce/trunk/includes/import-export/class-cr-reviews-importer.php#L35", "url": "https://plugins.trac.wordpress.org/browser/customer-reviews-woocommerce/trunk/includes/import-export/class-cr-reviews-importer.php#L35",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Issue Tracking"
]
}, },
{ {
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3016708%40customer-reviews-woocommerce&new=3016708%40customer-reviews-woocommerce&sfp_email=&sfph_mail=", "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3016708%40customer-reviews-woocommerce&new=3016708%40customer-reviews-woocommerce&sfp_email=&sfph_mail=",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3018507%40customer-reviews-woocommerce&new=3018507%40customer-reviews-woocommerce&sfp_email=&sfph_mail=", "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3018507%40customer-reviews-woocommerce&new=3018507%40customer-reviews-woocommerce&sfp_email=&sfph_mail=",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4af801db-44a6-4cd3-bd1a-3125490c8c48?source=cve", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4af801db-44a6-4cd3-bd1a-3125490c8c48?source=cve",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

69
CVE-2023/CVE-2023-69xx/CVE-2023-6988.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6988", "id": "CVE-2023-6988",
"sourceIdentifier": "security@wordfence.com", "sourceIdentifier": "security@wordfence.com",
"published": "2024-01-11T09:15:53.910", "published": "2024-01-11T09:15:53.910",
"lastModified": "2024-01-11T13:57:09.767", "lastModified": "2024-01-18T17:13:30.383",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -16,6 +16,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{ {
"source": "security@wordfence.com", "source": "security@wordfence.com",
"type": "Secondary", "type": "Secondary",
@ -38,18 +58,57 @@
} }
] ]
}, },
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:extendthemes:colibri_page_builder:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.0.239",
"matchCriteriaId": "3327623A-C2E0-48CC-9389-7456E5B997F6"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://plugins.svn.wordpress.org/colibri-page-builder/trunk/extend-builder/shortcodes/render-js.php", "url": "https://plugins.svn.wordpress.org/colibri-page-builder/trunk/extend-builder/shortcodes/render-js.php",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Broken Link"
]
}, },
{ {
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3013337%40colibri-page-builder&new=3013337%40colibri-page-builder&sfp_email=&sfph_mail=", "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3013337%40colibri-page-builder&new=3013337%40colibri-page-builder&sfp_email=&sfph_mail=",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Issue Tracking"
]
}, },
{ {
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/300b24af-10a1-45b9-87ec-7c98dc94e76b?source=cve", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/300b24af-10a1-45b9-87ec-7c98dc94e76b?source=cve",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

64
CVE-2023/CVE-2023-69xx/CVE-2023-6990.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6990", "id": "CVE-2023-6990",
"sourceIdentifier": "security@wordfence.com", "sourceIdentifier": "security@wordfence.com",
"published": "2024-01-11T09:15:54.173", "published": "2024-01-11T09:15:54.173",
"lastModified": "2024-01-11T13:57:09.767", "lastModified": "2024-01-18T17:34:58.227",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -16,6 +16,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{ {
"source": "security@wordfence.com", "source": "security@wordfence.com",
"type": "Secondary", "type": "Secondary",
@ -38,14 +58,50 @@
} }
] ]
}, },
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:weavertheme:weaver_xtreme_theme_support:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "6.3.0",
"matchCriteriaId": "F59C021B-5840-41D4-ACF1-94B678A59246"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://themes.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=212828%40weaver-xtreme&new=212828%40weaver-xtreme&sfp_email=&sfph_mail=", "url": "https://themes.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=212828%40weaver-xtreme&new=212828%40weaver-xtreme&sfp_email=&sfph_mail=",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/bc7384d7-c2fd-4d63-9b80-bb5bde9a23d5?source=cve", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/bc7384d7-c2fd-4d63-9b80-bb5bde9a23d5?source=cve",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

69
CVE-2023/CVE-2023-70xx/CVE-2023-7071.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-7071", "id": "CVE-2023-7071",
"sourceIdentifier": "security@wordfence.com", "sourceIdentifier": "security@wordfence.com",
"published": "2024-01-11T09:15:55.540", "published": "2024-01-11T09:15:55.540",
"lastModified": "2024-01-11T13:57:09.767", "lastModified": "2024-01-18T17:36:11.930",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -16,6 +16,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{ {
"source": "security@wordfence.com", "source": "security@wordfence.com",
"type": "Secondary", "type": "Secondary",
@ -38,18 +58,57 @@
} }
] ]
}, },
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpdeveloper:essential_blocks:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "4.4.6",
"matchCriteriaId": "930A9E1A-0BBA-4D12-9783-C4CC15C65641"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://plugins.trac.wordpress.org/browser/essential-blocks/trunk/blocks/TableOfContents.php#L138", "url": "https://plugins.trac.wordpress.org/browser/essential-blocks/trunk/blocks/TableOfContents.php#L138",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Issue Tracking"
]
}, },
{ {
"url": "https://plugins.trac.wordpress.org/changeset/3018547/essential-blocks/tags/4.4.7/blocks/TableOfContents.php", "url": "https://plugins.trac.wordpress.org/changeset/3018547/essential-blocks/tags/4.4.7/blocks/TableOfContents.php",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f969cb24-734f-46e5-a74d-fddf8e61e096?source=cve", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f969cb24-734f-46e5-a74d-fddf8e61e096?source=cve",
"source": "security@wordfence.com" "source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

69
CVE-2023/CVE-2023-72xx/CVE-2023-7226.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-7226", "id": "CVE-2023-7226",
"sourceIdentifier": "cna@vuldb.com", "sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-11T21:15:12.030", "published": "2024-01-11T21:15:12.030",
"lastModified": "2024-01-12T13:47:31.250", "lastModified": "2024-01-18T18:56:22.977",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -16,6 +16,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{ {
"source": "cna@vuldb.com", "source": "cna@vuldb.com",
"type": "Secondary", "type": "Secondary",
@ -64,6 +84,16 @@
] ]
}, },
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
},
{ {
"source": "cna@vuldb.com", "source": "cna@vuldb.com",
"type": "Secondary", "type": "Secondary",
@ -75,18 +105,47 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:meiyou:big_whale:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FB11D59C-4742-4B29-96BA-476A63EADC66"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://gitee.com/meetyoucrop/big-whale/issues/I6N31K", "url": "https://gitee.com/meetyoucrop/big-whale/issues/I6N31K",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
]
}, },
{ {
"url": "https://vuldb.com/?ctiid.250232", "url": "https://vuldb.com/?ctiid.250232",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
}, },
{ {
"url": "https://vuldb.com/?id.250232", "url": "https://vuldb.com/?id.250232",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

58
CVE-2024/CVE-2024-02xx/CVE-2024-0227.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-0227", "id": "CVE-2024-0227",
"sourceIdentifier": "disclosure@synopsys.com", "sourceIdentifier": "disclosure@synopsys.com",
"published": "2024-01-11T20:15:44.003", "published": "2024-01-11T20:15:44.003",
"lastModified": "2024-01-12T13:47:31.250", "lastModified": "2024-01-18T18:32:10.307",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -16,6 +16,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9
},
{ {
"source": "disclosure@synopsys.com", "source": "disclosure@synopsys.com",
"type": "Secondary", "type": "Secondary",
@ -39,6 +59,16 @@
] ]
}, },
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-307"
}
]
},
{ {
"source": "disclosure@synopsys.com", "source": "disclosure@synopsys.com",
"type": "Secondary", "type": "Secondary",
@ -50,10 +80,32 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tinfoilsecurity:devise-two-factor:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.0.0",
"matchCriteriaId": "DF8EF295-A0A5-43B8-8439-5D2D24124D07"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/devise-two-factor/devise-two-factor/security/advisories/GHSA-chcr-x7hc-8fp8", "url": "https://github.com/devise-two-factor/devise-two-factor/security/advisories/GHSA-chcr-x7hc-8fp8",
"source": "disclosure@synopsys.com" "source": "disclosure@synopsys.com",
"tags": [
"Mitigation",
"Vendor Advisory"
]
} }
] ]
} }

60
CVE-2024/CVE-2024-04xx/CVE-2024-0411.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-0411", "id": "CVE-2024-0411",
"sourceIdentifier": "cna@vuldb.com", "sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-11T17:15:08.617", "published": "2024-01-11T17:15:08.617",
"lastModified": "2024-01-12T13:47:31.250", "lastModified": "2024-01-18T18:46:08.967",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -16,6 +16,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{ {
"source": "cna@vuldb.com", "source": "cna@vuldb.com",
"type": "Secondary", "type": "Secondary",
@ -75,18 +95,48 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:csdeshang:dsmall:*:*:*:*:*:*:*:*",
"versionEndIncluding": "6.1.0",
"matchCriteriaId": "838F429A-CC3F-492C-8605-559E8BE2E507"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://note.zhaoj.in/share/9G6K6RBjS4M4", "url": "https://note.zhaoj.in/share/9G6K6RBjS4M4",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Broken Link"
]
}, },
{ {
"url": "https://vuldb.com/?ctiid.250431", "url": "https://vuldb.com/?ctiid.250431",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
}, },
{ {
"url": "https://vuldb.com/?id.250431", "url": "https://vuldb.com/?id.250431",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
} }
] ]
} }

63
CVE-2024/CVE-2024-04xx/CVE-2024-0419.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-0419", "id": "CVE-2024-0419",
"sourceIdentifier": "cna@vuldb.com", "sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-11T19:15:13.293", "published": "2024-01-11T19:15:13.293",
"lastModified": "2024-01-12T13:47:31.250", "lastModified": "2024-01-18T18:27:23.807",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -16,6 +16,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{ {
"source": "cna@vuldb.com", "source": "cna@vuldb.com",
"type": "Secondary", "type": "Secondary",
@ -75,22 +95,53 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:httpdx_project:httpdx:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.5.4",
"matchCriteriaId": "7800939E-B43E-4806-8B3D-C3C8244E1A06"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://cxsecurity.com/issue/WLB-2024010027", "url": "https://cxsecurity.com/issue/WLB-2024010027",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}, },
{ {
"url": "https://vuldb.com/?ctiid.250439", "url": "https://vuldb.com/?ctiid.250439",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://vuldb.com/?id.250439", "url": "https://vuldb.com/?id.250439",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://www.youtube.com/watch?v=6dAWGH0-6TY", "url": "https://www.youtube.com/watch?v=6dAWGH0-6TY",
"source": "cna@vuldb.com" "source": "cna@vuldb.com",
"tags": [
"Exploit"
]
} }
] ]
} }

52
CVE-2024/CVE-2024-04xx/CVE-2024-0429.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2024-0429", "id": "CVE-2024-0429",
"sourceIdentifier": "cve-coordination@incibe.es", "sourceIdentifier": "cve-coordination@incibe.es",
"published": "2024-01-11T16:15:54.683", "published": "2024-01-11T16:15:54.683",
"lastModified": "2024-01-11T16:34:20.613", "lastModified": "2024-01-18T17:26:20.573",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "A denial service vulnerability has been found on \u00a0Hex Workshop affecting version 6.7, an attacker could send a command line file arguments and control the Structured Exception Handler (SEH) records resulting in a service shutdown." "value": "A denial service vulnerability has been found on \u00a0Hex Workshop affecting version 6.7, an attacker could send a command line file arguments and control the Structured Exception Handler (SEH) records resulting in a service shutdown."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad de denegaci\u00f3n de servicio en Hex Workshop que afecta a la versi\u00f3n 6.7, un atacante podr\u00eda enviar argumentos de un archivo de l\u00ednea de comando y controlar los registros del Structured Exception Handler (SEH), lo que resultar\u00eda en el cierre del servicio."
} }
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{ {
"source": "cve-coordination@incibe.es", "source": "cve-coordination@incibe.es",
"type": "Secondary", "type": "Secondary",
@ -46,10 +70,32 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bpsoft:hex_workshop:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.7.0",
"versionEndIncluding": "6.7.3",
"matchCriteriaId": "6DF2435B-859F-477A-8565-37B606A7FD2A"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://https://www.incibe.es/en/incibe-cert/notices/aviso/buffer-overflow-vulnerability-hex-workshop", "url": "https://https://www.incibe.es/en/incibe-cert/notices/aviso/buffer-overflow-vulnerability-hex-workshop",
"source": "cve-coordination@incibe.es" "source": "cve-coordination@incibe.es",
"tags": [
"Broken Link"
]
} }
] ]
} }

15
CVE-2024/CVE-2024-06xx/CVE-2024-0694.json Normal file
View File

@ -0,0 +1,15 @@
{
"id": "CVE-2024-0694",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-01-18T18:15:08.647",
"lastModified": "2024-01-18T18:15:08.647",
"vulnStatus": "Rejected",
"descriptions": [
{
"lang": "en",
"value": "Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2023-6620. Reason: This candidate is a reservation duplicate of CVE-2023-6620. Notes: All CVE users should reference CVE-2023-6620 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage."
}
],
"metrics": {},
"references": []
}

397
CVE-2024/CVE-2024-216xx/CVE-2024-21612.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-21612", "id": "CVE-2024-21612",
"sourceIdentifier": "sirt@juniper.net", "sourceIdentifier": "sirt@juniper.net",
"published": "2024-01-12T01:15:49.457", "published": "2024-01-12T01:15:49.457",
"lastModified": "2024-01-12T13:47:31.250", "lastModified": "2024-01-18T18:59:32.627",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -16,6 +16,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{ {
"source": "sirt@juniper.net", "source": "sirt@juniper.net",
"type": "Secondary", "type": "Secondary",
@ -39,6 +59,16 @@
] ]
}, },
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
},
{ {
"source": "sirt@juniper.net", "source": "sirt@juniper.net",
"type": "Secondary", "type": "Secondary",
@ -50,14 +80,373 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:*:*:*:*:*:*:*:*",
"versionEndExcluding": "21.2",
"matchCriteriaId": "9C14B5A6-597A-4181-8C42-392A2E4605BF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:-:*:*:*:*:*:*",
"matchCriteriaId": "620B0CDD-5566-472E-B96A-31D2C12E3120"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "3EA3DC63-B290-4D15-BEF9-21DEF36CA2EA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "7E1E57AF-979B-4022-8AD6-B3558E06B718"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "144730FB-7622-4B3D-9C47-D1B7A7FB7EB0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r2:*:*:*:*:*:*",
"matchCriteriaId": "7BA246F0-154E-4F44-A97B-690D22FA73DD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "25D6C07C-F96E-4523-BB54-7FEABFE1D1ED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "2B70C784-534B-4FAA-A5ED-3709656E2B97"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r3:*:*:*:*:*:*",
"matchCriteriaId": "60448FFB-568E-4280-9261-ADD65244F31A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "2B770C52-7E3E-4B92-9138-85DEC56F3B22"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "E88AC378-461C-4EFA-A04B-5786FF21FE03"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "3B0AFB30-81DC-465C-9F63-D1B15EA4809A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r3-s4:*:*:*:*:*:*",
"matchCriteriaId": "2035F0AC-29E7-478A-A9D0-BAA3A88B3413"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r3-s5:*:*:*:*:*:*",
"matchCriteriaId": "C34ABD4B-B045-4046-9641-66E3B2082A25"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r3-s6:*:*:*:*:*:*",
"matchCriteriaId": "6D5DC04F-18DE-403B-BE93-2251F3332C1C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.3:-:*:*:*:*:*:*",
"matchCriteriaId": "4EC38173-44AB-43D5-8C27-CB43AD5E0B2E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.3:r1:*:*:*:*:*:*",
"matchCriteriaId": "5A4DD04A-DE52-46BE-8C34-8DB47F7500F0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.3:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "FEE0E145-8E1C-446E-90ED-237E3B9CAF47"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.3:r2:*:*:*:*:*:*",
"matchCriteriaId": "0F26369D-21B2-4C6A-98C1-492692A61283"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.3:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "24003819-1A6B-4BDF-B3DF-34751C137788"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.3:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "BF8D332E-9133-45B9-BB07-B33C790F737A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.3:r3:*:*:*:*:*:*",
"matchCriteriaId": "3E2A4377-D044-4E43-B6CC-B753D7F6ABD4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.3:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "8DAEC4F4-5748-4D36-A72B-4C62A0A30E38"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.3:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "C76DA7A5-9320-4E21-96A2-ACE70803A1CA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.3:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "703C73EB-2D63-4D4F-8129-239AE1E96B2B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.3:r3-s4:*:*:*:*:*:*",
"matchCriteriaId": "8F67CE3C-3A06-487C-90DE-D5B3B1EC08A2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:-:*:*:*:*:*:*",
"matchCriteriaId": "2E907193-075E-45BC-9257-9607DB790D71"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "8B73A41D-3FF5-4E53-83FF-74DF58E0D6C3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "CEDF46A8-FC3A-4779-B695-2CA11D045AEB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "39809219-9F87-4583-9DAD-9415DD320B36"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r2:*:*:*:*:*:*",
"matchCriteriaId": "DB299492-A919-4EBA-A62A-B3CF02FC0A95"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "74ED0939-D5F8-4334-9838-40F29DE3597F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "C6937069-8C19-4B01-8415-ED7E9EAE2CE2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r3:*:*:*:*:*:*",
"matchCriteriaId": "97DB6DD5-F5DD-4AE1-AF2F-8DB9E18FF882"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "21DF05B8-EF7E-422F-8831-06904160714C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "492FCE45-68A1-4378-85D4-C4034FE0D836"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "522114CC-1505-4205-B4B8-797DE1BD833B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r3-s4:*:*:*:*:*:*",
"matchCriteriaId": "C9D664AB-0FA7-49C7-B6E1-69C77652FBEF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.1:-:*:*:*:*:*:*",
"matchCriteriaId": "C16434C0-21A7-4CE5-92E1-7D60A35EF5D1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.1:r1:*:*:*:*:*:*",
"matchCriteriaId": "750FE748-82E7-4419-A061-2DEA26E35309"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.1:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "236E23E5-8B04-4081-9D97-7300DF284000"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.1:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "5FC96EA7-90A7-4838-B95D-60DBC88C7BC7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.1:r2:*:*:*:*:*:*",
"matchCriteriaId": "97541867-C52F-40BB-9AAE-7E87ED23D789"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.1:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "85CF6664-E35A-4E9B-95C0-CDC91F7F331A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.1:r3:*:*:*:*:*:*",
"matchCriteriaId": "E048A05D-882F-4B1C-BA32-3BBA3FEA31A3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.1:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "47E8D51D-1424-4B07-B036-E3E195F21AC2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.1:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "6F3C82ED-5728-406F-ACF6-D7411B0AB6C0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.1:r3-s3:*:*:*:*:*:*",
"matchCriteriaId": "1475A58F-1515-4492-B5A3-BE40C30E5B14"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:-:*:*:*:*:*:*",
"matchCriteriaId": "A3CA3365-F9AF-40DF-8700-30AD4BC58E27"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "D77A072D-350A-42F2-8324-7D3AC1711BF9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "83AE395C-A651-4568-88E3-3600544BF799"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r2:*:*:*:*:*:*",
"matchCriteriaId": "B3BE1FD4-DAD9-4357-A2E9-20E5826B0D5C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "81CC3480-4B65-4588-8D46-FA80A8F6D143"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "F7E76F5F-DB37-4B7F-9247-3CEB4EBD7696"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r3:*:*:*:*:*:*",
"matchCriteriaId": "C63DBEE5-B0C2-498F-A672-B6596C89B0A2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r3-s1:*:*:*:*:*:*",
"matchCriteriaId": "9370C46D-3AA1-4562-B67F-DF6EA10F209B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r3-s2:*:*:*:*:*:*",
"matchCriteriaId": "1FD8C240-A7FE-4FD5-ADCC-289C1BC461BF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:-:*:*:*:*:*:*",
"matchCriteriaId": "BE2EF84D-55A9-41DC-A324-69E1DC426D0B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:r1:*:*:*:*:*:*",
"matchCriteriaId": "433631CA-3AC4-4D66-9B46-AEA4209347F1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "6E4CD8AD-277A-4FC5-A102-3E151060C216"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "4BC09BAC-83E7-48CE-B571-ED49277B2987"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:r2:*:*:*:*:*:*",
"matchCriteriaId": "FA4481D2-F693-48A5-8DBC-E86430987A25"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "136CA584-2475-4A14-9771-F367180201D4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "4546776C-A657-42E3-9A36-47F9F59A88AD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:-:*:*:*:*:*:*",
"matchCriteriaId": "0A33C425-921F-4795-B834-608C8F1597E0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "93887799-F62C-4A4A-BCF5-004D0B4D4154"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "62C473D2-2612-4480-82D8-8A24D0687BBD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.4:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "7FB4C5CA-A709-4B13-A9E0-372098A72AD3"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://supportportal.juniper.net/JSA75753", "url": "https://supportportal.juniper.net/JSA75753",
"source": "sirt@juniper.net" "source": "sirt@juniper.net",
"tags": [
"Vendor Advisory"
]
}, },
{ {
"url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", "url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"source": "sirt@juniper.net" "source": "sirt@juniper.net",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

161
CVE-2024/CVE-2024-216xx/CVE-2024-21614.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-21614", "id": "CVE-2024-21614",
"sourceIdentifier": "sirt@juniper.net", "sourceIdentifier": "sirt@juniper.net",
"published": "2024-01-12T01:15:49.837", "published": "2024-01-12T01:15:49.837",
"lastModified": "2024-01-12T13:47:31.250", "lastModified": "2024-01-18T18:56:50.410",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -16,6 +16,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{ {
"source": "sirt@juniper.net", "source": "sirt@juniper.net",
"type": "Secondary", "type": "Secondary",
@ -39,6 +59,16 @@
] ]
}, },
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-754"
}
]
},
{ {
"source": "sirt@juniper.net", "source": "sirt@juniper.net",
"type": "Secondary", "type": "Secondary",
@ -50,14 +80,137 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:-:*:*:*:*:*:*",
"matchCriteriaId": "06156CD6-09D3-4A05-9C5E-BC64A70640F9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "E949B21B-AD62-4022-9088-06313277479E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "8D862E6F-0D01-4B25-8340-888C30F75A2F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "2F28F73E-8563-41B9-A313-BBAAD5B57A67"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:r2:*:*:*:*:*:*",
"matchCriteriaId": "E37D4694-C80B-475E-AB5B-BB431F59C5E1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.2:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "5EC0D2D2-4922-4675-8A2C-57A08D7BE334"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.3:-:*:*:*:*:*:*",
"matchCriteriaId": "CEB98E3F-B0A9-488F-ACFC-56B9485E7C9E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.3:r1:*:*:*:*:*:*",
"matchCriteriaId": "19519212-51DD-4448-B115-8A20A40192CC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.3:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "5CC9909E-AE9F-414D-99B1-83AA04D5297B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:22.3:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "FDE9E767-4713-4EA2-8D00-1382975A4A15"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:-:*:*:*:*:*:*",
"matchCriteriaId": "A3CA3365-F9AF-40DF-8700-30AD4BC58E27"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "D77A072D-350A-42F2-8324-7D3AC1711BF9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "83AE395C-A651-4568-88E3-3600544BF799"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r2:*:*:*:*:*:*",
"matchCriteriaId": "B3BE1FD4-DAD9-4357-A2E9-20E5826B0D5C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.2:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "81CC3480-4B65-4588-8D46-FA80A8F6D143"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:-:*:*:*:*:*:*",
"matchCriteriaId": "BE2EF84D-55A9-41DC-A324-69E1DC426D0B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:r1:*:*:*:*:*:*",
"matchCriteriaId": "433631CA-3AC4-4D66-9B46-AEA4209347F1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "6E4CD8AD-277A-4FC5-A102-3E151060C216"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.3:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "4BC09BAC-83E7-48CE-B571-ED49277B2987"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://supportportal.juniper.net/JSA75755", "url": "https://supportportal.juniper.net/JSA75755",
"source": "sirt@juniper.net" "source": "sirt@juniper.net",
"tags": [
"Vendor Advisory"
]
}, },
{ {
"url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", "url": "https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"source": "sirt@juniper.net" "source": "sirt@juniper.net",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

180
CVE-2024/CVE-2024-217xx/CVE-2024-21773.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-21773", "id": "CVE-2024-21773",
"sourceIdentifier": "vultures@jpcert.or.jp", "sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2024-01-11T00:15:44.560", "published": "2024-01-11T00:15:44.560",
"lastModified": "2024-01-11T13:57:26.160", "lastModified": "2024-01-18T17:08:43.260",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -14,27 +14,191 @@
"value": "M\u00faltiples productos TP-LINK permiten que un atacante no autenticado adyacente a la red con acceso al producto ejecute comandos arbitrarios del sistema operativo. Los productos/versiones afectados son los siguientes: Versiones de firmware Archer AX3000 anteriores a \"Archer AX3000(JP)_V1_1.1.2 Build 20231115\", Versiones de firmware Archer AX5400 anteriores a \"Archer AX5400(JP)_V1_1.1.2 Build 20231115\", Versiones de firmware Deco X50 anteriores a \"Deco X50(JP)_V1_1.4.1 Build 20231122\" y versiones de firmware Deco XE200 anteriores a \"Deco XE200(JP)_V1_1.2.5 Build 20231120\"." "value": "M\u00faltiples productos TP-LINK permiten que un atacante no autenticado adyacente a la red con acceso al producto ejecute comandos arbitrarios del sistema operativo. Los productos/versiones afectados son los siguientes: Versiones de firmware Archer AX3000 anteriores a \"Archer AX3000(JP)_V1_1.1.2 Build 20231115\", Versiones de firmware Archer AX5400 anteriores a \"Archer AX5400(JP)_V1_1.1.2 Build 20231115\", Versiones de firmware Deco X50 anteriores a \"Deco X50(JP)_V1_1.4.1 Build 20231122\" y versiones de firmware Deco XE200 anteriores a \"Deco XE200(JP)_V1_1.2.5 Build 20231120\"."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tp-link:archer_ax3000_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.1.2",
"matchCriteriaId": "5E511835-B9F8-48F6-85D0-92BD9EF6B93C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tp-link:archer_ax3000:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "60E38020-7C23-4B8E-B04C-DCC67A386004"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tp-link:archer_ax5400_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.1.2",
"matchCriteriaId": "116BFAEE-8C19-4101-9754-CD55C951AA34"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tp-link:archer_ax5400:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "76D439C9-D0A9-40C5-A91A-3FE205A0139D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tp-link:deco_x50_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.4.1",
"matchCriteriaId": "49F92855-4C16-4785-BCB0-DF648574AE5B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tp-link:deco_x50:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B07192F7-E04C-43BA-9452-B970EF8796A7"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tp-link:deco_xe200_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.2.5",
"matchCriteriaId": "1E38052E-2386-4DE1-9E3C-E6C39B2720A8"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tp-link:deco_xe200:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "92D840AF-F273-4B48-B8A2-4081E3D484A6"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://jvn.jp/en/vu/JVNVU91401812/", "url": "https://jvn.jp/en/vu/JVNVU91401812/",
"source": "vultures@jpcert.or.jp" "source": "vultures@jpcert.or.jp",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://www.tp-link.com/jp/support/download/archer-ax3000/#Firmware", "url": "https://www.tp-link.com/jp/support/download/archer-ax3000/#Firmware",
"source": "vultures@jpcert.or.jp" "source": "vultures@jpcert.or.jp",
"tags": [
"Product"
]
}, },
{ {
"url": "https://www.tp-link.com/jp/support/download/archer-ax5400/#Firmware", "url": "https://www.tp-link.com/jp/support/download/archer-ax5400/#Firmware",
"source": "vultures@jpcert.or.jp" "source": "vultures@jpcert.or.jp",
"tags": [
"Product"
]
}, },
{ {
"url": "https://www.tp-link.com/jp/support/download/deco-x50/v1/#Firmware", "url": "https://www.tp-link.com/jp/support/download/deco-x50/v1/#Firmware",
"source": "vultures@jpcert.or.jp" "source": "vultures@jpcert.or.jp",
"tags": [
"Product"
]
}, },
{ {
"url": "https://www.tp-link.com/jp/support/download/deco-xe200/#Firmware", "url": "https://www.tp-link.com/jp/support/download/deco-xe200/#Firmware",
"source": "vultures@jpcert.or.jp" "source": "vultures@jpcert.or.jp",
"tags": [
"Product"
]
} }
] ]
} }

147
CVE-2024/CVE-2024-218xx/CVE-2024-21821.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-21821", "id": "CVE-2024-21821",
"sourceIdentifier": "vultures@jpcert.or.jp", "sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2024-01-11T00:15:44.633", "published": "2024-01-11T00:15:44.633",
"lastModified": "2024-01-11T13:57:26.160", "lastModified": "2024-01-18T17:08:35.830",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -14,23 +14,156 @@
"value": "M\u00faltiples productos TP-LINK permiten que un atacante autenticado adyacente a la red ejecute comandos arbitrarios del sistema operativo. Los productos/versiones afectados son los siguientes: Versiones de firmware de Archer AX3000 anteriores a \"Archer AX3000(JP)_V1_1.1.2 Build 20231115\", versiones de firmware de Archer AX5400 anteriores a \"Archer AX5400(JP)_V1_1.1.2 Build 20231115\" y firmware de Archer AXE75 versiones anteriores a \"Archer AXE75(JP)_V1_231115\"." "value": "M\u00faltiples productos TP-LINK permiten que un atacante autenticado adyacente a la red ejecute comandos arbitrarios del sistema operativo. Los productos/versiones afectados son los siguientes: Versiones de firmware de Archer AX3000 anteriores a \"Archer AX3000(JP)_V1_1.1.2 Build 20231115\", versiones de firmware de Archer AX5400 anteriores a \"Archer AX5400(JP)_V1_1.1.2 Build 20231115\" y firmware de Archer AXE75 versiones anteriores a \"Archer AXE75(JP)_V1_231115\"."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.1,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tp-link:archer_ax3000_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.1.2",
"matchCriteriaId": "5E511835-B9F8-48F6-85D0-92BD9EF6B93C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tp-link:archer_ax3000:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "60E38020-7C23-4B8E-B04C-DCC67A386004"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tp-link:archer_ax5400_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.1.2",
"matchCriteriaId": "116BFAEE-8C19-4101-9754-CD55C951AA34"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tp-link:archer_ax5400:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "76D439C9-D0A9-40C5-A91A-3FE205A0139D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tp-link:archer_axe75_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.1.9",
"matchCriteriaId": "A08D2944-9064-46DC-91AC-9E6BC1BA274A"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tp-link:archer_axe75:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EB55E594-03BC-425B-8CED-A7DC00A2DCBD"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://jvn.jp/en/vu/JVNVU91401812/", "url": "https://jvn.jp/en/vu/JVNVU91401812/",
"source": "vultures@jpcert.or.jp" "source": "vultures@jpcert.or.jp",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://www.tp-link.com/jp/support/download/archer-ax3000/#Firmware", "url": "https://www.tp-link.com/jp/support/download/archer-ax3000/#Firmware",
"source": "vultures@jpcert.or.jp" "source": "vultures@jpcert.or.jp",
"tags": [
"Product"
]
}, },
{ {
"url": "https://www.tp-link.com/jp/support/download/archer-ax5400/#Firmware", "url": "https://www.tp-link.com/jp/support/download/archer-ax5400/#Firmware",
"source": "vultures@jpcert.or.jp" "source": "vultures@jpcert.or.jp",
"tags": [
"Product"
]
}, },
{ {
"url": "https://www.tp-link.com/jp/support/download/archer-axe75/#Firmware", "url": "https://www.tp-link.com/jp/support/download/archer-axe75/#Firmware",
"source": "vultures@jpcert.or.jp" "source": "vultures@jpcert.or.jp",
"tags": [
"Product"
]
} }
] ]
} }

213
CVE-2024/CVE-2024-218xx/CVE-2024-21833.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-21833", "id": "CVE-2024-21833",
"sourceIdentifier": "vultures@jpcert.or.jp", "sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2024-01-11T00:15:44.683", "published": "2024-01-11T00:15:44.683",
"lastModified": "2024-01-11T13:57:26.160", "lastModified": "2024-01-18T18:26:59.627",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -14,31 +14,226 @@
"value": "M\u00faltiples productos TP-LINK permiten que un atacante no autenticado adyacente a la red con acceso al producto ejecute comandos arbitrarios del sistema operativo. Los productos/versiones afectados son los siguientes: Versiones de firmware de Archer AX3000 anteriores a \"Archer AX3000(JP)_V1_1.1.2 Build 20231115\", Versiones de firmware de Archer AX5400 anteriores a \"Archer AX5400(JP)_V1_1.1.2 Build 20231115\", Versiones de firmware de Archer AXE75 anteriores a \"Archer AXE75(JP)_V1_231115\", versiones de firmware Deco X50 anteriores a \"Deco X50(JP)_V1_1.4.1 Build 20231122\" y versiones de firmware Deco XE200 anteriores a \"Deco XE200(JP)_V1_1.2.5 Build 20231120\"." "value": "M\u00faltiples productos TP-LINK permiten que un atacante no autenticado adyacente a la red con acceso al producto ejecute comandos arbitrarios del sistema operativo. Los productos/versiones afectados son los siguientes: Versiones de firmware de Archer AX3000 anteriores a \"Archer AX3000(JP)_V1_1.1.2 Build 20231115\", Versiones de firmware de Archer AX5400 anteriores a \"Archer AX5400(JP)_V1_1.1.2 Build 20231115\", Versiones de firmware de Archer AXE75 anteriores a \"Archer AXE75(JP)_V1_231115\", versiones de firmware Deco X50 anteriores a \"Deco X50(JP)_V1_1.4.1 Build 20231122\" y versiones de firmware Deco XE200 anteriores a \"Deco XE200(JP)_V1_1.2.5 Build 20231120\"."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tp-link:archer_ax3000_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.1.2",
"matchCriteriaId": "5E511835-B9F8-48F6-85D0-92BD9EF6B93C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tp-link:archer_ax3000:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "60E38020-7C23-4B8E-B04C-DCC67A386004"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tp-link:archer_ax5400_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.1.2",
"matchCriteriaId": "116BFAEE-8C19-4101-9754-CD55C951AA34"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tp-link:archer_ax5400:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "76D439C9-D0A9-40C5-A91A-3FE205A0139D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tp-link:deco_x50_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.4.1",
"matchCriteriaId": "49F92855-4C16-4785-BCB0-DF648574AE5B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tp-link:deco_x50:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B07192F7-E04C-43BA-9452-B970EF8796A7"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tp-link:deco_xe200_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.2.5",
"matchCriteriaId": "1E38052E-2386-4DE1-9E3C-E6C39B2720A8"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tp-link:deco_xe200:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "92D840AF-F273-4B48-B8A2-4081E3D484A6"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tp-link:archer_axe75_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.1.9",
"matchCriteriaId": "A08D2944-9064-46DC-91AC-9E6BC1BA274A"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tp-link:archer_axe75:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EB55E594-03BC-425B-8CED-A7DC00A2DCBD"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://jvn.jp/en/vu/JVNVU91401812/", "url": "https://jvn.jp/en/vu/JVNVU91401812/",
"source": "vultures@jpcert.or.jp" "source": "vultures@jpcert.or.jp",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://www.tp-link.com/jp/support/download/archer-ax3000/#Firmware", "url": "https://www.tp-link.com/jp/support/download/archer-ax3000/#Firmware",
"source": "vultures@jpcert.or.jp" "source": "vultures@jpcert.or.jp",
"tags": [
"Product"
]
}, },
{ {
"url": "https://www.tp-link.com/jp/support/download/archer-ax5400/#Firmware", "url": "https://www.tp-link.com/jp/support/download/archer-ax5400/#Firmware",
"source": "vultures@jpcert.or.jp" "source": "vultures@jpcert.or.jp",
"tags": [
"Product"
]
}, },
{ {
"url": "https://www.tp-link.com/jp/support/download/archer-axe75/#Firmware", "url": "https://www.tp-link.com/jp/support/download/archer-axe75/#Firmware",
"source": "vultures@jpcert.or.jp" "source": "vultures@jpcert.or.jp",
"tags": [
"Product"
]
}, },
{ {
"url": "https://www.tp-link.com/jp/support/download/deco-x50/v1/#Firmware", "url": "https://www.tp-link.com/jp/support/download/deco-x50/v1/#Firmware",
"source": "vultures@jpcert.or.jp" "source": "vultures@jpcert.or.jp",
"tags": [
"Product"
]
}, },
{ {
"url": "https://www.tp-link.com/jp/support/download/deco-xe200/#Firmware", "url": "https://www.tp-link.com/jp/support/download/deco-xe200/#Firmware",
"source": "vultures@jpcert.or.jp" "source": "vultures@jpcert.or.jp",
"tags": [
"Product"
]
} }
] ]
} }

20
CVE-2024/CVE-2024-226xx/CVE-2024-22601.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2024-22601",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-18T17:15:14.417",
"lastModified": "2024-01-18T17:15:14.417",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/score/scorerule_save"
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/ljw11e/cms/blob/main/5.md",
"source": "cve@mitre.org"
}
]
}

20
CVE-2024/CVE-2024-226xx/CVE-2024-22603.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2024-22603",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-18T17:15:14.480",
"lastModified": "2024-01-18T17:15:14.480",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/links/add_link"
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/ljw11e/cms/blob/main/4.md",
"source": "cve@mitre.org"
}
]
}

20
CVE-2024/CVE-2024-228xx/CVE-2024-22817.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2024-22817",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-18T17:15:14.530",
"lastModified": "2024-01-18T17:15:14.530",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/email/email_conf_updagte"
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/mafangqian/cms/blob/main/1.md",
"source": "cve@mitre.org"
}
]
}

20
CVE-2024/CVE-2024-228xx/CVE-2024-22818.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2024-22818",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-18T17:15:14.577",
"lastModified": "2024-01-18T17:15:14.577",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerbility via /system/site/filterKeyword_save"
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/mafangqian/cms/blob/main/3.md",
"source": "cve@mitre.org"
}
]
}

20
CVE-2024/CVE-2024-228xx/CVE-2024-22819.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2024-22819",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-18T17:15:14.623",
"lastModified": "2024-01-18T17:15:14.623",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/email/email_templets_update."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/mafangqian/cms/blob/main/2.md",
"source": "cve@mitre.org"
}
]
}

85
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update ### Last Repository Update
```plain ```plain
2024-01-18T17:00:24.680887+00:00 2024-01-18T19:00:24.565357+00:00
``` ```
### Most recent CVE Modification Timestamp synchronized with NVD ### Most recent CVE Modification Timestamp synchronized with NVD
```plain ```plain
2024-01-18T16:54:56.383000+00:00 2024-01-18T18:59:32.627000+00:00
``` ```
### Last Data Feed Release ### Last Data Feed Release
@ -29,59 +29,54 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs ### Total Number of included CVEs
```plain ```plain
236306 236316
``` ```
### CVEs added in the last Commit ### CVEs added in the last Commit
Recently added CVEs: `15` Recently added CVEs: `10`
* [CVE-2021-33630](CVE-2021/CVE-2021-336xx/CVE-2021-33630.json) (`2024-01-18T15:15:08.653`) * [CVE-2023-28900](CVE-2023/CVE-2023-289xx/CVE-2023-28900.json) (`2024-01-18T17:15:13.737`)
* [CVE-2021-33631](CVE-2021/CVE-2021-336xx/CVE-2021-33631.json) (`2024-01-18T15:15:08.860`) * [CVE-2023-28901](CVE-2023/CVE-2023-289xx/CVE-2023-28901.json) (`2024-01-18T17:15:14.003`)
* [CVE-2023-40051](CVE-2023/CVE-2023-400xx/CVE-2023-40051.json) (`2024-01-18T15:15:09.060`) * [CVE-2023-31274](CVE-2023/CVE-2023-312xx/CVE-2023-31274.json) (`2024-01-18T18:15:08.253`)
* [CVE-2023-40052](CVE-2023/CVE-2023-400xx/CVE-2023-40052.json) (`2024-01-18T15:15:09.247`) * [CVE-2023-34348](CVE-2023/CVE-2023-343xx/CVE-2023-34348.json) (`2024-01-18T18:15:08.457`)
* [CVE-2023-7153](CVE-2023/CVE-2023-71xx/CVE-2023-7153.json) (`2024-01-18T15:15:09.430`) * [CVE-2024-22601](CVE-2024/CVE-2024-226xx/CVE-2024-22601.json) (`2024-01-18T17:15:14.417`)
* [CVE-2024-22548](CVE-2024/CVE-2024-225xx/CVE-2024-22548.json) (`2024-01-18T15:15:09.623`) * [CVE-2024-22603](CVE-2024/CVE-2024-226xx/CVE-2024-22603.json) (`2024-01-18T17:15:14.480`)
* [CVE-2024-22549](CVE-2024/CVE-2024-225xx/CVE-2024-22549.json) (`2024-01-18T15:15:09.670`) * [CVE-2024-22817](CVE-2024/CVE-2024-228xx/CVE-2024-22817.json) (`2024-01-18T17:15:14.530`)
* [CVE-2024-22568](CVE-2024/CVE-2024-225xx/CVE-2024-22568.json) (`2024-01-18T15:15:09.717`) * [CVE-2024-22818](CVE-2024/CVE-2024-228xx/CVE-2024-22818.json) (`2024-01-18T17:15:14.577`)
* [CVE-2024-22591](CVE-2024/CVE-2024-225xx/CVE-2024-22591.json) (`2024-01-18T15:15:09.763`) * [CVE-2024-22819](CVE-2024/CVE-2024-228xx/CVE-2024-22819.json) (`2024-01-18T17:15:14.623`)
* [CVE-2024-22592](CVE-2024/CVE-2024-225xx/CVE-2024-22592.json) (`2024-01-18T15:15:09.813`) * [CVE-2024-0694](CVE-2024/CVE-2024-06xx/CVE-2024-0694.json) (`2024-01-18T18:15:08.647`)
* [CVE-2024-22593](CVE-2024/CVE-2024-225xx/CVE-2024-22593.json) (`2024-01-18T15:15:09.853`)
* [CVE-2024-0408](CVE-2024/CVE-2024-04xx/CVE-2024-0408.json) (`2024-01-18T16:15:08.380`)
* [CVE-2024-0409](CVE-2024/CVE-2024-04xx/CVE-2024-0409.json) (`2024-01-18T16:15:08.593`)
* [CVE-2024-0607](CVE-2024/CVE-2024-06xx/CVE-2024-0607.json) (`2024-01-18T16:15:08.690`)
* [CVE-2024-22699](CVE-2024/CVE-2024-226xx/CVE-2024-22699.json) (`2024-01-18T16:15:09.020`)
### CVEs modified in the last Commit ### CVEs modified in the last Commit
Recently modified CVEs: `35` Recently modified CVEs: `36`
* [CVE-2023-37932](CVE-2023/CVE-2023-379xx/CVE-2023-37932.json) (`2024-01-18T15:50:39.943`) * [CVE-2023-6554](CVE-2023/CVE-2023-65xx/CVE-2023-6554.json) (`2024-01-18T17:35:46.637`)
* [CVE-2023-5770](CVE-2023/CVE-2023-57xx/CVE-2023-5770.json) (`2024-01-18T15:54:37.647`) * [CVE-2023-7071](CVE-2023/CVE-2023-70xx/CVE-2023-7071.json) (`2024-01-18T17:36:11.930`)
* [CVE-2023-6938](CVE-2023/CVE-2023-69xx/CVE-2023-6938.json) (`2024-01-18T15:57:39.827`) * [CVE-2023-20573](CVE-2023/CVE-2023-205xx/CVE-2023-20573.json) (`2024-01-18T17:39:02.430`)
* [CVE-2023-5118](CVE-2023/CVE-2023-51xx/CVE-2023-5118.json) (`2024-01-18T16:01:37.653`) * [CVE-2023-6751](CVE-2023/CVE-2023-67xx/CVE-2023-6751.json) (`2024-01-18T17:46:25.627`)
* [CVE-2023-6782](CVE-2023/CVE-2023-67xx/CVE-2023-6782.json) (`2024-01-18T16:11:09.587`) * [CVE-2023-50159](CVE-2023/CVE-2023-501xx/CVE-2023-50159.json) (`2024-01-18T17:56:59.883`)
* [CVE-2023-6875](CVE-2023/CVE-2023-68xx/CVE-2023-6875.json) (`2024-01-18T16:11:25.827`) * [CVE-2023-24733](CVE-2023/CVE-2023-247xx/CVE-2023-24733.json) (`2024-01-18T18:04:53.087`)
* [CVE-2023-6244](CVE-2023/CVE-2023-62xx/CVE-2023-6244.json) (`2024-01-18T16:13:00.490`) * [CVE-2023-24734](CVE-2023/CVE-2023-247xx/CVE-2023-24734.json) (`2024-01-18T18:04:53.087`)
* [CVE-2023-6776](CVE-2023/CVE-2023-67xx/CVE-2023-6776.json) (`2024-01-18T16:24:38.070`) * [CVE-2023-24735](CVE-2023/CVE-2023-247xx/CVE-2023-24735.json) (`2024-01-18T18:04:53.087`)
* [CVE-2023-6781](CVE-2023/CVE-2023-67xx/CVE-2023-6781.json) (`2024-01-18T16:24:52.810`) * [CVE-2023-24736](CVE-2023/CVE-2023-247xx/CVE-2023-24736.json) (`2024-01-18T18:04:53.087`)
* [CVE-2023-6878](CVE-2023/CVE-2023-68xx/CVE-2023-6878.json) (`2024-01-18T16:34:53.617`) * [CVE-2023-24737](CVE-2023/CVE-2023-247xx/CVE-2023-24737.json) (`2024-01-18T18:04:53.087`)
* [CVE-2023-6924](CVE-2023/CVE-2023-69xx/CVE-2023-6924.json) (`2024-01-18T16:42:06.183`) * [CVE-2023-6242](CVE-2023/CVE-2023-62xx/CVE-2023-6242.json) (`2024-01-18T18:13:53.840`)
* [CVE-2023-6882](CVE-2023/CVE-2023-68xx/CVE-2023-6882.json) (`2024-01-18T16:43:49.213`) * [CVE-2023-6476](CVE-2023/CVE-2023-64xx/CVE-2023-6476.json) (`2024-01-18T18:16:25.947`)
* [CVE-2024-22942](CVE-2024/CVE-2024-229xx/CVE-2024-22942.json) (`2024-01-18T15:15:47.273`) * [CVE-2023-51748](CVE-2023/CVE-2023-517xx/CVE-2023-51748.json) (`2024-01-18T18:45:55.020`)
* [CVE-2024-23057](CVE-2024/CVE-2024-230xx/CVE-2024-23057.json) (`2024-01-18T15:16:24.097`) * [CVE-2023-51749](CVE-2023/CVE-2023-517xx/CVE-2023-51749.json) (`2024-01-18T18:54:46.507`)
* [CVE-2024-23058](CVE-2024/CVE-2024-230xx/CVE-2024-23058.json) (`2024-01-18T15:16:50.140`) * [CVE-2023-50671](CVE-2023/CVE-2023-506xx/CVE-2023-50671.json) (`2024-01-18T18:54:54.863`)
* [CVE-2024-23059](CVE-2024/CVE-2024-230xx/CVE-2024-23059.json) (`2024-01-18T15:17:14.453`) * [CVE-2023-7226](CVE-2023/CVE-2023-72xx/CVE-2023-7226.json) (`2024-01-18T18:56:22.977`)
* [CVE-2024-23060](CVE-2024/CVE-2024-230xx/CVE-2024-23060.json) (`2024-01-18T15:17:35.587`) * [CVE-2024-21821](CVE-2024/CVE-2024-218xx/CVE-2024-21821.json) (`2024-01-18T17:08:35.830`)
* [CVE-2024-23061](CVE-2024/CVE-2024-230xx/CVE-2024-23061.json) (`2024-01-18T15:18:14.357`) * [CVE-2024-21773](CVE-2024/CVE-2024-217xx/CVE-2024-21773.json) (`2024-01-18T17:08:43.260`)
* [CVE-2024-0461](CVE-2024/CVE-2024-04xx/CVE-2024-0461.json) (`2024-01-18T15:36:57.897`) * [CVE-2024-0429](CVE-2024/CVE-2024-04xx/CVE-2024-0429.json) (`2024-01-18T17:26:20.573`)
* [CVE-2024-0462](CVE-2024/CVE-2024-04xx/CVE-2024-0462.json) (`2024-01-18T15:37:50.997`) * [CVE-2024-21833](CVE-2024/CVE-2024-218xx/CVE-2024-21833.json) (`2024-01-18T18:26:59.627`)
* [CVE-2024-0463](CVE-2024/CVE-2024-04xx/CVE-2024-0463.json) (`2024-01-18T15:38:05.047`) * [CVE-2024-0419](CVE-2024/CVE-2024-04xx/CVE-2024-0419.json) (`2024-01-18T18:27:23.807`)
* [CVE-2024-0467](CVE-2024/CVE-2024-04xx/CVE-2024-0467.json) (`2024-01-18T15:38:31.063`) * [CVE-2024-0227](CVE-2024/CVE-2024-02xx/CVE-2024-0227.json) (`2024-01-18T18:32:10.307`)
* [CVE-2024-22317](CVE-2024/CVE-2024-223xx/CVE-2024-22317.json) (`2024-01-18T15:50:54.810`) * [CVE-2024-0411](CVE-2024/CVE-2024-04xx/CVE-2024-0411.json) (`2024-01-18T18:46:08.967`)
* [CVE-2024-22191](CVE-2024/CVE-2024-221xx/CVE-2024-22191.json) (`2024-01-18T16:15:08.920`) * [CVE-2024-21614](CVE-2024/CVE-2024-216xx/CVE-2024-21614.json) (`2024-01-18T18:56:50.410`)
* [CVE-2024-22199](CVE-2024/CVE-2024-221xx/CVE-2024-22199.json) (`2024-01-18T16:54:56.383`) * [CVE-2024-21612](CVE-2024/CVE-2024-216xx/CVE-2024-21612.json) (`2024-01-18T18:59:32.627`)
## Download and Usage ## Download and Usage