admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-21 17:41:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-10-31T21:00:19.852945+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-10-31 21:00:23 +00:00
parent a644fa28c1
commit 3094bf028b
14 changed files with 881 additions and 114 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

48
CVE-2020/CVE-2020-158xx/CVE-2020-15862.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2020-15862",
"sourceIdentifier": "cve@mitre.org",
"published": "2020-08-20T01:17:13.897",
"lastModified": "2020-09-04T14:58:57.350",
"lastModified": "2023-10-31T19:30:58.390",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -85,8 +85,8 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:a:net-snmp:net-snmp:*:*:*:*:*:*:*:*",
"versionEndIncluding": "5.7.3",
"matchCriteriaId": "8BD5C233-45FA-4501-8EA4-C28EC33E7460"
"versionEndExcluding": "5.8.1",
"matchCriteriaId": "D7A37B05-F4A5-4AA9-BF65-2830B156D7EE"
}
]
}
@ -100,8 +100,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "8D305F7A-D159-4716-AB26-5E38BB5CD991"
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*",
"matchCriteriaId": "CB66DB75-2B16-4EBF-9B93-CE49D8086E41"
},
{
"vulnerable": true,
@ -110,13 +110,13 @@
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B"
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D"
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "B3293E55-5506-4587-A318-D1734F781C09"
},
{
"vulnerable": true,
@ -126,6 +126,36 @@
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5C2089EE-5D7F-47EC-8EA5-0F69790564C4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A3C19813-E823-456A-B1CE-EC0684CE1953"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:smi-s_provider:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4BB0FDCF-3750-44C6-AC5C-0CC2AAD14093"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A6E9EF0C-AFA8-4F7B-9FDC-1E0F7C26E737"
}
]
}
]
}
],
"references": [

28
CVE-2023/CVE-2023-221xx/CVE-2023-22102.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-22102",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2023-10-17T22:15:15.100",
"lastModified": "2023-10-27T15:15:12.167",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-10-31T19:20:48.380",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -59,9 +59,24 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:a:oracle:mysql_connector\\/j:*:*:*:*:*:*:*:*",
"versionEndIncluding": "8.1.0",
"matchCriteriaId": "1C8D087A-01CE-42A3-9A33-3E424C2D0258"
"matchCriteriaId": "00875B90-479F-4991-B4A2-F59D701F5018"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1BE6C1F-2565-4E97-92AA-16563E5660A5"
}
]
}
@ -71,7 +86,10 @@
"references": [
{
"url": "https://security.netapp.com/advisory/ntap-20231027-0007/",
"source": "secalert_us@oracle.com"
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.oracle.com/security-alerts/cpuoct2023.html",

73
CVE-2023/CVE-2023-379xx/CVE-2023-37909.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-37909",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-10-25T18:17:28.407",
"lastModified": "2023-10-25T20:32:16.527",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-31T19:06:12.430",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -50,18 +80,51 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:xwiki:xwiki:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.1",
"versionEndExcluding": "14.10.8",
"matchCriteriaId": "C5D7E15A-1088-449C-83AE-FEA74D09D24F"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/xwiki/xwiki-platform/commit/9e8f080094333dec63a8583229a3799208d773be",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-v2rr-xw95-wcjx",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://jira.xwiki.org/browse/XWIKI-20746",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Vendor Advisory"
]
}
]
}

78
CVE-2023/CVE-2023-379xx/CVE-2023-37910.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-37910",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-10-25T18:17:28.477",
"lastModified": "2023-10-25T20:32:16.527",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-31T19:17:29.223",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -50,18 +80,56 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:xwiki:xwiki:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0",
"versionEndExcluding": "14.4.8",
"matchCriteriaId": "AD2B185D-F8A6-49EB-B485-744F234B8730"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:xwiki:xwiki:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.5",
"versionEndExcluding": "14.10.4",
"matchCriteriaId": "90CB686A-3833-4F03-A312-38825481A17C"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/xwiki/xwiki-platform/commit/d7720219d60d7201c696c3196c9d4a86d0881325",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-rwwx-6572-mp29",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://jira.xwiki.org/browse/XWIKI-20334",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
]
}
]
}

98
CVE-2023/CVE-2023-379xx/CVE-2023-37911.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-37911",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-10-25T18:17:28.543",
"lastModified": "2023-10-25T20:32:16.527",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-31T19:27:21.837",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-668"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -50,30 +80,82 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:xwiki:xwiki:*:*:*:*:*:*:*:*",
"versionStartExcluding": "9.4",
"versionEndIncluding": "14.10.8",
"matchCriteriaId": "844721AD-EC25-43A4-A9DB-8F49C1E5A26E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:xwiki:xwiki:9.4:rc1:*:*:*:*:*:*",
"matchCriteriaId": "97C0D882-3716-4E76-9E45-35AAD3F36C28"
}
]
}
]
}
],
"references": [
{
"url": "https://extensions.xwiki.org/xwiki/bin/view/Extension/Index%20Application#HPermanentlydeleteallpages",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Product"
]
},
{
"url": "https://github.com/xwiki/xwiki-platform/commit/f471f2a392aeeb9e51d59fdfe1d76fccf532523f",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-gh64-qxh5-4m33",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://jira.xwiki.org/browse/XWIKI-20684",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://jira.xwiki.org/browse/XWIKI-20685",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://jira.xwiki.org/browse/XWIKI-20817",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Vendor Advisory"
]
}
]
}

23
CVE-2023/CVE-2023-395xx/CVE-2023-39533.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-39533",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-08-08T19:15:10.657",
"lastModified": "2023-08-15T20:15:09.267",
"lastModified": "2023-10-31T19:08:26.883",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -73,19 +73,6 @@
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.19.12",
"matchCriteriaId": "6A0D798F-972E-4789-9E60-F04864ACC5A0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.20.0",
"versionEndExcluding": "1.20.7",
"matchCriteriaId": "98D9EFA9-C8A8-4C27-A1F2-DE9798D725FC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:libp2p:go-libp2p:*:*:*:*:*:go:*:*",
@ -103,12 +90,6 @@
"vulnerable": true,
"criteria": "cpe:2.3:a:libp2p:go-libp2p:0.29.0:*:*:*:*:go:*:*",
"matchCriteriaId": "E7425EF5-C9F9-4834-B742-7F1117C974C1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:quic_project:quic:*:*:*:*:*:go:*:*",
"versionEndExcluding": "0.37.2",
"matchCriteriaId": "5F3B416A-77F2-4E71-B5C0-BE288E3E7046"
}
]
}
@ -120,6 +101,7 @@
"url": "https://github.com/golang/go/commit/2350afd2e8ab054390e284c95d5b089c142db017",
"source": "security-advisories@github.com",
"tags": [
"Not Applicable",
"Patch"
]
},
@ -128,6 +110,7 @@
"source": "security-advisories@github.com",
"tags": [
"Issue Tracking",
"Not Applicable",
"Vendor Advisory"
]
},

73
CVE-2023/CVE-2023-396xx/CVE-2023-39619.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-39619",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-25T18:17:29.083",
"lastModified": "2023-10-25T20:32:16.527",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-31T19:18:44.510",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,19 +14,80 @@
"value": "ReDos en NPMJS Node Email Check v.1.0.4 permite a un atacante provocar una Denegaci\u00f3n de Servicio (DoS) a trav\u00e9s de una cadena manipulada en el componente scpSyntax."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-1333"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:teomantuncer:node_email_check:1.0.4:*:*:*:*:node.js:*:*",
"matchCriteriaId": "7F329F58-88C7-4695-B9CA-EB5B070BB60B"
}
]
}
]
}
],
"references": [
{
"url": "https://gist.github.com/6en6ar/712a4c1eab0324f15e09232c77ea08f8",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
},
{
"url": "https://github.com/teomantuncer/node-email-check/blob/main/main.js,",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
},
{
"url": "https://www.npmjs.com/package/node-email-check",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
}
]
}

75
CVE-2023/CVE-2023-413xx/CVE-2023-41339.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-41339",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-10-25T18:17:30.840",
"lastModified": "2023-10-25T20:32:16.527",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-31T19:53:57.670",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-918"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -50,18 +80,53 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:osgeo:geoserver:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.22.5",
"matchCriteriaId": "0BB82E9C-10E3-41B9-AA40-80D45DC3989F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:osgeo:geoserver:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.23.0",
"versionEndExcluding": "2.23.2",
"matchCriteriaId": "765C2F28-6A4F-42C4-AA52-D984D0F2F0A6"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/geoserver/geoserver/releases/tag/2.22.5",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/geoserver/geoserver/releases/tag/2.23.2",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/geoserver/geoserver/security/advisories/GHSA-cqpc-x2c6-2gmf",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Mitigation",
"Vendor Advisory"
]
}
]
}

67
CVE-2023/CVE-2023-413xx/CVE-2023-41377.json Normal file
View File

@ -0,0 +1,67 @@
{
"id": "CVE-2023-41377",
"sourceIdentifier": "psirt@tigera.io",
"published": "2023-10-31T20:15:09.727",
"lastModified": "2023-10-31T20:15:09.727",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In certain conditions for Calico Typha (v3.26.2, v3.25.1 and below), and Calico Enterprise Typha (v3.17.1, v3.16.3, v3.15.3 and below), a client TLS handshake can block the Calico Typha server indefinitely, resulting in denial of service. The TLS Handshake() call is performed inside the main server handle for loop without any timeout allowing an unclean TLS handshake to block the main loop indefinitely while other connections will be idle waiting for that handshake to finish.\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@tigera.io",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "psirt@tigera.io",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-400"
},
{
"lang": "en",
"value": "CWE-703"
}
]
}
],
"references": [
{
"url": "https://github.com/projectcalico/calico/pull/7908",
"source": "psirt@tigera.io"
},
{
"url": "https://github.com/projectcalico/calico/pull/7993",
"source": "psirt@tigera.io"
},
{
"url": "https://www.tigera.io/security-bulletins-tta-2023-001/",
"source": "psirt@tigera.io"
}
]
}

94
CVE-2023/CVE-2023-417xx/CVE-2023-41721.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-41721",
"sourceIdentifier": "support@hackerone.com",
"published": "2023-10-25T18:17:30.987",
"lastModified": "2023-10-25T20:32:16.527",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-31T20:02:00.777",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -15,6 +15,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
],
"cvssMetricV30": [
{
"source": "support@hackerone.com",
@ -38,10 +60,76 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ui:unifi_network_application:*:*:*:*:*:*:*:*",
"versionEndIncluding": "7.5.176",
"matchCriteriaId": "9E3DE617-CF3A-415A-A504-5735D8FF35E5"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:ui:unifi_dream_machine:-:*:*:*:*:*:*:*",
"matchCriteriaId": "33E04DDA-88A0-47C1-8AE2-2F59B1A08BAF"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:ui:unifi_dream_machine_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B493983E-8632-4492-9B0A-E8E11E0E0BB2"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:ui:unifi_dream_machine_special_edition:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DEF52155-86F1-458A-8B7E-355B67C5C819"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:ui:unifi_dream_router:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1FF6A5E-A223-4F57-9FFD-F2AE473B3627"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:ui:unifi_dream_wall:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9B6514E-2878-4AEE-BF1E-08B804C069FE"
}
]
}
]
}
],
"references": [
{
"url": "https://community.ui.com/releases/Security-Advisory-Bulletin-036-036/81367bc9-2a64-4435-95dc-bbe482457615",
"source": "support@hackerone.com"
"source": "support@hackerone.com",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
}
]
}

131
CVE-2023/CVE-2023-420xx/CVE-2023-42031.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-42031",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-10-25T18:17:31.107",
"lastModified": "2023-10-25T20:32:16.527",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-31T19:34:27.363",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6
},
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
},
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
@ -50,18 +80,109 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:txseries_for_multiplatforms:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "498DF94F-3427-4F7C-80CB-F9526C4D47AB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:txseries_for_multiplatforms:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B27A342F-6BF8-45E7-9711-7C329DE8FC9C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:txseries_for_multiplatforms:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EDF0F0BC-8964-4812-A5E6-0D1C1317E8D2"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E492C463-D76E-49B7-A4D4-3B499E422D89"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:cics_tx:10.1:*:*:*:advanced:*:*:*",
"matchCriteriaId": "73BBDE39-E8CF-416C-838D-046ADDA011F8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:cics_tx:11.1:*:*:*:advanced:*:*:*",
"matchCriteriaId": "A9D7FDA3-EE60-453B-8651-686B9D28071F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:cics_tx:11.1:*:*:*:standard:*:*:*",
"matchCriteriaId": "66EEC046-128D-4555-8C9A-3C02300145B5"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
}
]
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/266061",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
]
},
{
"url": "https://www.ibm.com/support/pages/node/7056429",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.ibm.com/support/pages/node/7056433",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
]
}
]
}

70
CVE-2023/CVE-2023-432xx/CVE-2023-43281.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-43281",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-25T18:17:31.707",
"lastModified": "2023-10-25T20:32:16.527",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-31T20:00:45.993",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,15 +14,75 @@
"value": "Vulnerabilidad de Double Free en Nothings Stb Image.h v.2.28 permite a un atacante remoto provocar una Denegaci\u00f3n de Servicio (DoS) a trav\u00e9s de un archivo manipulado en la funci\u00f3n stbi_load_gif_main."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-415"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nothings:stb_image.h:2.28:*:*:*:*:*:*:*",
"matchCriteriaId": "76840B8F-81FC-4BC6-A92C-EBB978741DAB"
}
]
}
]
}
],
"references": [
{
"url": "https://gist.github.com/peccc/d8761f6ac45ad55cbd194dd7e6fdfdac",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://github.com/peccc/double-stb",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

85
CVE-2023/CVE-2023-447xx/CVE-2023-44794.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-44794",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-25T18:17:32.863",
"lastModified": "2023-10-25T20:32:16.527",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-31T20:08:45.883",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,11 +14,88 @@
"value": "Un problema en Dromara SaToken versi\u00f3n 1.36.0 y anteriores permite a un atacante remoto escalar privilegios a trav\u00e9s de un payload manipulado a la URL."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dromara:sa-token:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.37.0",
"matchCriteriaId": "BCB07557-F15B-4319-B525-39764D2AB3A7"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:a:vmware:spring_boot:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.3.1",
"matchCriteriaId": "C59F2ABD-BAE0-408C-AED4-6D484134E7F6"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:a:vmware:spring_framework:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.3.0",
"matchCriteriaId": "821E9C4B-844C-4D73-AB99-0A6A8D00CC1E"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/dromara/Sa-Token/issues/515",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
]
}
]
}

52
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-10-31T19:00:18.953290+00:00
2023-10-31T21:00:19.852945+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-10-31T18:55:02.927000+00:00
2023-10-31T20:15:09.727000+00:00
```
### Last Data Feed Release
@ -29,48 +29,32 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
229400
229401
```
### CVEs added in the last Commit
Recently added CVEs: `4`
Recently added CVEs: `1`
* [CVE-2023-43796](CVE-2023/CVE-2023-437xx/CVE-2023-43796.json) (`2023-10-31T17:15:23.270`)
* [CVE-2023-37831](CVE-2023/CVE-2023-378xx/CVE-2023-37831.json) (`2023-10-31T18:15:08.527`)
* [CVE-2023-37832](CVE-2023/CVE-2023-378xx/CVE-2023-37832.json) (`2023-10-31T18:15:08.567`)
* [CVE-2023-45955](CVE-2023/CVE-2023-459xx/CVE-2023-45955.json) (`2023-10-31T18:15:08.610`)
* [CVE-2023-41377](CVE-2023/CVE-2023-413xx/CVE-2023-41377.json) (`2023-10-31T20:15:09.727`)
### CVEs modified in the last Commit
Recently modified CVEs: `46`
Recently modified CVEs: `12`
* [CVE-2023-39325](CVE-2023/CVE-2023-393xx/CVE-2023-39325.json) (`2023-10-31T18:05:45.593`)
* [CVE-2023-45376](CVE-2023/CVE-2023-453xx/CVE-2023-45376.json) (`2023-10-31T18:06:10.480`)
* [CVE-2023-45194](CVE-2023/CVE-2023-451xx/CVE-2023-45194.json) (`2023-10-31T18:08:52.140`)
* [CVE-2023-3010](CVE-2023/CVE-2023-30xx/CVE-2023-3010.json) (`2023-10-31T18:09:32.993`)
* [CVE-2023-39930](CVE-2023/CVE-2023-399xx/CVE-2023-39930.json) (`2023-10-31T18:10:51.270`)
* [CVE-2023-39924](CVE-2023/CVE-2023-399xx/CVE-2023-39924.json) (`2023-10-31T18:11:01.040`)
* [CVE-2023-37605](CVE-2023/CVE-2023-376xx/CVE-2023-37605.json) (`2023-10-31T18:15:08.457`)
* [CVE-2023-46129](CVE-2023/CVE-2023-461xx/CVE-2023-46129.json) (`2023-10-31T18:15:08.653`)
* [CVE-2023-39734](CVE-2023/CVE-2023-397xx/CVE-2023-39734.json) (`2023-10-31T18:21:22.830`)
* [CVE-2023-5050](CVE-2023/CVE-2023-50xx/CVE-2023-5050.json) (`2023-10-31T18:22:30.750`)
* [CVE-2023-39733](CVE-2023/CVE-2023-397xx/CVE-2023-39733.json) (`2023-10-31T18:25:38.733`)
* [CVE-2023-3112](CVE-2023/CVE-2023-31xx/CVE-2023-3112.json) (`2023-10-31T18:33:10.290`)
* [CVE-2023-37908](CVE-2023/CVE-2023-379xx/CVE-2023-37908.json) (`2023-10-31T18:35:02.337`)
* [CVE-2023-43654](CVE-2023/CVE-2023-436xx/CVE-2023-43654.json) (`2023-10-31T18:35:18.223`)
* [CVE-2023-39732](CVE-2023/CVE-2023-397xx/CVE-2023-39732.json) (`2023-10-31T18:35:31.140`)
* [CVE-2023-39739](CVE-2023/CVE-2023-397xx/CVE-2023-39739.json) (`2023-10-31T18:45:58.823`)
* [CVE-2023-39740](CVE-2023/CVE-2023-397xx/CVE-2023-39740.json) (`2023-10-31T18:46:08.817`)
* [CVE-2023-39737](CVE-2023/CVE-2023-397xx/CVE-2023-39737.json) (`2023-10-31T18:46:19.250`)
* [CVE-2023-39736](CVE-2023/CVE-2023-397xx/CVE-2023-39736.json) (`2023-10-31T18:46:29.183`)
* [CVE-2023-39735](CVE-2023/CVE-2023-397xx/CVE-2023-39735.json) (`2023-10-31T18:47:10.027`)
* [CVE-2023-39231](CVE-2023/CVE-2023-392xx/CVE-2023-39231.json) (`2023-10-31T18:47:42.620`)
* [CVE-2023-37912](CVE-2023/CVE-2023-379xx/CVE-2023-37912.json) (`2023-10-31T18:48:07.620`)
* [CVE-2023-30633](CVE-2023/CVE-2023-306xx/CVE-2023-30633.json) (`2023-10-31T18:49:07.373`)
* [CVE-2023-45809](CVE-2023/CVE-2023-458xx/CVE-2023-45809.json) (`2023-10-31T18:51:51.687`)
* [CVE-2023-26300](CVE-2023/CVE-2023-263xx/CVE-2023-26300.json) (`2023-10-31T18:55:02.927`)
* [CVE-2020-15862](CVE-2020/CVE-2020-158xx/CVE-2020-15862.json) (`2023-10-31T19:30:58.390`)
* [CVE-2023-37909](CVE-2023/CVE-2023-379xx/CVE-2023-37909.json) (`2023-10-31T19:06:12.430`)
* [CVE-2023-39533](CVE-2023/CVE-2023-395xx/CVE-2023-39533.json) (`2023-10-31T19:08:26.883`)
* [CVE-2023-37910](CVE-2023/CVE-2023-379xx/CVE-2023-37910.json) (`2023-10-31T19:17:29.223`)
* [CVE-2023-39619](CVE-2023/CVE-2023-396xx/CVE-2023-39619.json) (`2023-10-31T19:18:44.510`)
* [CVE-2023-22102](CVE-2023/CVE-2023-221xx/CVE-2023-22102.json) (`2023-10-31T19:20:48.380`)
* [CVE-2023-37911](CVE-2023/CVE-2023-379xx/CVE-2023-37911.json) (`2023-10-31T19:27:21.837`)
* [CVE-2023-42031](CVE-2023/CVE-2023-420xx/CVE-2023-42031.json) (`2023-10-31T19:34:27.363`)
* [CVE-2023-41339](CVE-2023/CVE-2023-413xx/CVE-2023-41339.json) (`2023-10-31T19:53:57.670`)
* [CVE-2023-43281](CVE-2023/CVE-2023-432xx/CVE-2023-43281.json) (`2023-10-31T20:00:45.993`)
* [CVE-2023-41721](CVE-2023/CVE-2023-417xx/CVE-2023-41721.json) (`2023-10-31T20:02:00.777`)
* [CVE-2023-44794](CVE-2023/CVE-2023-447xx/CVE-2023-44794.json) (`2023-10-31T20:08:45.883`)
## Download and Usage