admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-19 17:31:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-05-25T18:00:29.704440+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-05-25 18:00:33 +00:00
parent bd97535838
commit 312da31cb7
61 changed files with 3843 additions and 284 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
CVE-2019/CVE-2019-172xx/CVE-2019-17201.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2019-17201",
"sourceIdentifier": "cve@mitre.org",
"published": "2020-01-23T15:15:13.303",
"lastModified": "2023-01-12T16:14:38.113",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-25T17:15:11.100",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -122,6 +122,10 @@
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.adminbyrequest.com/en/releasenotes",
"source": "cve@mitre.org"
}
]
}

8
CVE-2019/CVE-2019-172xx/CVE-2019-17202.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2019-17202",
"sourceIdentifier": "cve@mitre.org",
"published": "2020-01-23T15:15:13.380",
"lastModified": "2023-01-12T16:15:11.397",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-25T17:15:11.630",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -122,6 +122,10 @@
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.adminbyrequest.com/en/releasenotes",
"source": "cve@mitre.org"
}
]
}

51
CVE-2022/CVE-2022-471xx/CVE-2022-47157.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-47157",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-18T11:15:09.150",
"lastModified": "2023-05-18T12:53:07.890",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-25T16:31:39.370",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://patchstack.com/database/vulnerability/wp-custom-fields-search/wordpress-wp-custom-fields-search-plugin-1-2-34-cross-site-scripting-xss?_s_id=cve",
"source": "audit@patchstack.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:webhammer:wp_custom_fields_search:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.2.35",
"matchCriteriaId": "B9AE98A3-F118-45D3-9E0B-8F3005EF8E43"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wp-custom-fields-search/wordpress-wp-custom-fields-search-plugin-1-2-34-cross-site-scripting-xss?_s_id=cve",
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

76
CVE-2022/CVE-2022-48xx/CVE-2022-4870.json
View File

@ -2,19 +2,83 @@
"id": "CVE-2022-4870",
"sourceIdentifier": "security@octopus.com",
"published": "2023-05-18T00:15:09.103",
"lastModified": "2023-05-18T12:53:07.890",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-25T17:41:06.867",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In affected versions of Octopus Deploy it is possible to discover network details via error message"
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://advisories.octopus.com/post/2023/sa2023-09/",
"source": "security@octopus.com"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-209"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:octopus:octopus_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.0.0",
"versionEndExcluding": "2023.1.9879",
"matchCriteriaId": "23E47E0F-1730-4367-99E0-BF3A5064C4A6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:octopus:octopus_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2023.2.2028",
"versionEndExcluding": "2023.2.8159",
"matchCriteriaId": "F795BAEA-60E1-4361-8866-C84BA64F2915"
}
]
}
]
}
],
"references": [
{
"url": "https://advisories.octopus.com/post/2023/sa2023-09/",
"source": "security@octopus.com",
"tags": [
"Vendor Advisory"
]
}
]
}

97
CVE-2023/CVE-2023-18xx/CVE-2023-1859.json
View File

@ -2,16 +2,49 @@
"id": "CVE-2023-1859",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-05-17T23:15:09.100",
"lastModified": "2023-05-18T12:53:07.890",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-25T17:13:43.227",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A use-after-free flaw was found in xen_9pfs_front_removet in net/9p/trans_xen.c in Xen transport for 9pfs in the Linux Kernel. This flaw could allow a local attacker to crash the system due to a race problem, possibly leading to a kernel information leak."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.0,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
},
{
"source": "secalert@redhat.com",
"type": "Secondary",
@ -23,10 +56,62 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://lore.kernel.org/all/20230313090002.3308025-1-zyytlz.wz@163.com/",
"source": "secalert@redhat.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndIncluding": "6.2",
"matchCriteriaId": "D899AD4C-DFAB-4E25-AA25-53ED1A91A9CD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.3:rc1:*:*:*:*:*:*",
"matchCriteriaId": "B8E3B0E8-FA27-4305-87BB-AF6C25B160CB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.3:rc2:*:*:*:*:*:*",
"matchCriteriaId": "A47F0FC3-CE52-4BA1-BA51-22F783938431"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.3:rc3:*:*:*:*:*:*",
"matchCriteriaId": "3583026A-27EC-4A4C-850A-83F2AF970673"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.3:rc4:*:*:*:*:*:*",
"matchCriteriaId": "DC271202-7570-4505-89A4-D602D47BFD00"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.3:rc5:*:*:*:*:*:*",
"matchCriteriaId": "D413BB6D-4F74-4C7D-9163-47786619EF53"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.3:rc6:*:*:*:*:*:*",
"matchCriteriaId": "F4D613FB-9976-4989-8C4A-567773373CEA"
}
]
}
]
}
],
"references": [
{
"url": "https://lore.kernel.org/all/20230313090002.3308025-1-zyytlz.wz@163.com/",
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Patch"
]
}
]
}

77
CVE-2023/CVE-2023-19xx/CVE-2023-1972.json
View File

@ -2,16 +2,49 @@
"id": "CVE-2023-1972",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-05-17T22:15:10.827",
"lastModified": "2023-05-18T12:53:07.890",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-25T17:26:20.903",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A potential heap based buffer overflow was found in _bfd_elf_slurp_version_tables() in bfd/elf.c. This may lead to loss of availability."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "secalert@redhat.com",
"type": "Secondary",
@ -23,14 +56,40 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2185646",
"source": "secalert@redhat.com"
},
"nodes": [
{
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=30285",
"source": "secalert@redhat.com"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gnu:binutils:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2.40",
"matchCriteriaId": "BD7FA623-F666-4B70-8138-BAB2C5C9D6D2"
}
]
}
]
}
],
"references": [
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2185646",
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=30285",
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
]
}
]
}

67
CVE-2023/CVE-2023-21xx/CVE-2023-2124.json
View File

@ -2,16 +2,49 @@
"id": "CVE-2023-2124",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-05-15T22:15:12.150",
"lastModified": "2023-05-16T10:46:36.147",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-25T17:34:31.447",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds memory access flaw was found in the Linux kernel\u2019s XFS file system in how a user restores an XFS image after failure (with a dirty log journal). This flaw allows a local user to crash or potentially escalate their privileges on the system."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "secalert@redhat.com",
"type": "Secondary",
@ -23,10 +56,32 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/fs/xfs/xfs_buf_item_recover.c?h=v6.4-rc1&id=22ed903eee23a5b174e240f1cdfa9acf393a5210",
"source": "secalert@redhat.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndIncluding": "6.3",
"matchCriteriaId": "DB688D87-8482-4514-9659-6AF409C43C3D"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/fs/xfs/xfs_buf_item_recover.c?h=v6.4-rc1&id=22ed903eee23a5b174e240f1cdfa9acf393a5210",
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Vendor Advisory"
]
}
]
}

61
CVE-2023/CVE-2023-21xx/CVE-2023-2195.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2195",
"sourceIdentifier": "disclosure@synopsys.com",
"published": "2023-05-16T19:15:08.997",
"lastModified": "2023-05-16T20:04:03.627",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-25T16:10:19.093",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW"
},
"exploitabilityScore": 2.1,
"impactScore": 1.4
},
{
"source": "disclosure@synopsys.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
},
{
"source": "disclosure@synopsys.com",
"type": "Secondary",
@ -46,10 +76,31 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://www.jenkins.io/security/advisory/2023-05-16/#SECURITY-3118",
"source": "disclosure@synopsys.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:jenkins:code_dx:*:*:*:*:*:jenkins:*:*",
"versionEndIncluding": "3.1.0",
"matchCriteriaId": "814BAE77-3324-4908-89D4-9A3A63B690FE"
}
]
}
]
}
],
"references": [
{
"url": "https://www.jenkins.io/security/advisory/2023-05-16/#SECURITY-3118",
"source": "disclosure@synopsys.com",
"tags": [
"Vendor Advisory"
]
}
]
}

61
CVE-2023/CVE-2023-21xx/CVE-2023-2196.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2196",
"sourceIdentifier": "disclosure@synopsys.com",
"published": "2023-05-16T18:15:16.620",
"lastModified": "2023-05-16T20:04:03.627",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-25T16:15:53.403",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "disclosure@synopsys.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
},
{
"source": "disclosure@synopsys.com",
"type": "Secondary",
@ -46,10 +76,31 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://www.jenkins.io/security/advisory/2023-05-16/#SECURITY-3145",
"source": "disclosure@synopsys.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:jenkins:code_dx:*:*:*:*:*:jenkins:*:*",
"versionEndIncluding": "3.1.0",
"matchCriteriaId": "814BAE77-3324-4908-89D4-9A3A63B690FE"
}
]
}
]
}
],
"references": [
{
"url": "https://www.jenkins.io/security/advisory/2023-05-16/#SECURITY-3145",
"source": "disclosure@synopsys.com",
"tags": [
"Vendor Advisory"
]
}
]
}

281
CVE-2023/CVE-2023-223xx/CVE-2023-22348.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-22348",
"sourceIdentifier": "security@checkmk.com",
"published": "2023-05-17T16:15:09.110",
"lastModified": "2023-05-17T17:00:54.967",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-25T17:35:38.100",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "security@checkmk.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
},
{
"source": "security@checkmk.com",
"type": "Secondary",
@ -46,10 +76,251 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://checkmk.com/werk/13982",
"source": "security@checkmk.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.1.0",
"matchCriteriaId": "F8909212-9DCE-4B14-A240-5CDA98CFDC6E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:-:*:*:*:*:*:*",
"matchCriteriaId": "BC0AC5A2-3724-4942-ABE2-CA9F3B9B4BDA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b1:*:*:*:*:*:*",
"matchCriteriaId": "E3AAC1AD-C2F5-4171-BD92-95A8BA09E79A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b2:*:*:*:*:*:*",
"matchCriteriaId": "8CB8C4BB-4AE6-4EA2-8F38-780B627721ED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b3:*:*:*:*:*:*",
"matchCriteriaId": "D0F14106-2A3D-4FC7-A0C7-6EDA75D1A8F7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b4:*:*:*:*:*:*",
"matchCriteriaId": "F8C2DA36-8419-4846-BFA0-A729BE7D72C5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b5:*:*:*:*:*:*",
"matchCriteriaId": "8AA4FA3D-7A59-4597-9D79-B6B020D86BD1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b6:*:*:*:*:*:*",
"matchCriteriaId": "79F0CF88-FF11-4741-AFF6-9F88F57C2140"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b7:*:*:*:*:*:*",
"matchCriteriaId": "8E93629E-C0CB-4636-B343-1C0646D8228E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b8:*:*:*:*:*:*",
"matchCriteriaId": "58102464-E66F-49CD-8952-3F3F9A6A45CC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b9:*:*:*:*:*:*",
"matchCriteriaId": "9C98E509-8466-4F95-ABE7-7ECC91640E04"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p1:*:*:*:*:*:*",
"matchCriteriaId": "A7B89F71-ABD2-4B2D-AE6B-C0F243E89443"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p10:*:*:*:*:*:*",
"matchCriteriaId": "002EF417-C702-42E2-9C8F-C9593B43AB03"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p11:*:*:*:*:*:*",
"matchCriteriaId": "B8E358A9-0430-4EF1-8557-7F1C088FFF48"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p12:*:*:*:*:*:*",
"matchCriteriaId": "4B0AF395-FDC7-4321-9E00-C935641C138B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p13:*:*:*:*:*:*",
"matchCriteriaId": "59B9CCED-806F-47EF-B5B6-441AADCB4B81"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p14:*:*:*:*:*:*",
"matchCriteriaId": "FAED2CD5-A2CE-438C-8ED7-338D9D61FBD9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p15:*:*:*:*:*:*",
"matchCriteriaId": "F08A96EF-FD2E-4D45-884B-349869649C3D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p16:*:*:*:*:*:*",
"matchCriteriaId": "E80D718E-66B6-4FC6-911D-C264F2C891C9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p17:*:*:*:*:*:*",
"matchCriteriaId": "174BF76A-00C5-4ECD-937D-FE66851D3979"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p18:*:*:*:*:*:*",
"matchCriteriaId": "F43DBAE4-FEF9-431E-AE82-31C7944CA830"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p19:*:*:*:*:*:*",
"matchCriteriaId": "7AF612FF-7441-41C4-96C2-36A15E45FF93"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p2:*:*:*:*:*:*",
"matchCriteriaId": "960DF373-EDE6-4318-B6E9-07573ED5907A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p20:*:*:*:*:*:*",
"matchCriteriaId": "5FFBF793-48E0-48DB-9C12-1C4A5805009E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p21:*:*:*:*:*:*",
"matchCriteriaId": "B6A2F0DB-CA73-4F14-8099-7A29BADC1F4E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p22:*:*:*:*:*:*",
"matchCriteriaId": "5D23ECB8-9C2C-4BA5-ADD6-248FD2CFF37A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p23:*:*:*:*:*:*",
"matchCriteriaId": "9958D126-EF50-4ED7-85A3-6E5120EFB931"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p24:*:*:*:*:*:*",
"matchCriteriaId": "5D9B3F5F-158A-4C43-A894-1A55D1D758FC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p25:*:*:*:*:*:*",
"matchCriteriaId": "17729C6D-3DD1-4082-B3AF-B53770304F7B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p26:*:*:*:*:*:*",
"matchCriteriaId": "2E34014C-90A0-4ABB-A15F-73E83F312246"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p27:*:*:*:*:*:*",
"matchCriteriaId": "C0DCB95E-CC14-40BF-A7E4-1CD9075E2785"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p3:*:*:*:*:*:*",
"matchCriteriaId": "3144AABF-74CB-44EE-A618-8529A8ACFCF6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p4:*:*:*:*:*:*",
"matchCriteriaId": "88AC7AB0-40DF-44D1-83EA-FDD4D5346BBD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p5:*:*:*:*:*:*",
"matchCriteriaId": "4285A4A3-3DED-456D-93D4-1B9FDB42C1EB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p6:*:*:*:*:*:*",
"matchCriteriaId": "098FD286-B6CB-4428-9A62-A5F24B4D9E92"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p7:*:*:*:*:*:*",
"matchCriteriaId": "8400088B-E56E-4D0B-86D5-76D884C8031A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p8:*:*:*:*:*:*",
"matchCriteriaId": "29554684-FEFF-42B2-B62E-6523782F537C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p9:*:*:*:*:*:*",
"matchCriteriaId": "91AE66E4-AE6B-4F25-9312-6418FC3E221F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:b1:*:*:*:*:*:*",
"matchCriteriaId": "A954DDB4-ACF5-4D74-B735-0BB14762457C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:b2:*:*:*:*:*:*",
"matchCriteriaId": "F4E9D8E0-ECFF-4987-8189-F6A5917D39B6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:b3:*:*:*:*:*:*",
"matchCriteriaId": "7CDF16A7-E9BC-488B-A0DF-91B7F79C2D7A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:b4:*:*:*:*:*:*",
"matchCriteriaId": "EF3C4AB5-966A-46CD-8774-7BD4115FC80B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:b5:*:*:*:*:*:*",
"matchCriteriaId": "580C70A7-387E-4650-9DBA-D7AA0BFDB1BE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:b6:*:*:*:*:*:*",
"matchCriteriaId": "343C5CD6-48ED-4693-BC2A-549A43F02931"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:b7:*:*:*:*:*:*",
"matchCriteriaId": "18F1E6EC-5866-4338-9772-92EB01E0A184"
}
]
}
]
}
],
"references": [
{
"url": "https://checkmk.com/werk/13982",
"source": "security@checkmk.com",
"tags": [
"Vendor Advisory"
]
}
]
}

145
CVE-2023/CVE-2023-22xx/CVE-2023-2203.json
View File

@ -2,16 +2,49 @@
"id": "CVE-2023-2203",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-05-17T22:15:10.943",
"lastModified": "2023-05-18T12:53:07.890",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-25T17:25:51.033",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in the WebKitGTK package. An improper input validation issue may lead to a use-after-free vulnerability. This flaw allows attackers with network access to pass specially crafted web content files, causing a denial of service or arbitrary code execution. This CVE exists because of a CVE-2023-28205 security regression for the WebKitGTK package in Red Hat Enterprise Linux 8.8 and Red Hat Enterprise Linux 9.2."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
},
{
"source": "secalert@redhat.com",
"type": "Secondary",
@ -23,22 +56,102 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://access.redhat.com/errata/RHSA-2023:2653",
"source": "secalert@redhat.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:webkitgtk:webkit2gtk3:2.38.5-1.el8:*:*:*:*:*:*:*",
"matchCriteriaId": "6BB73A61-D849-4CF2-964C-14D81547E142"
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:3108",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-2203",
"source": "secalert@redhat.com"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2188543",
"source": "secalert@redhat.com"
"vulnerable": true,
"criteria": "cpe:2.3:a:webkitgtk:webkit2gtk3:2.38.5-1.el9:*:*:*:*:*:*:*",
"matchCriteriaId": "A43FB56A-1885-47D6-9126-A8531FCB44C6"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "62C31522-0A17-4025-B269-855C7F4B45C2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3C74F6FA-FA6C-4648-9079-91446E45EE47"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD25A35-9C2B-4382-8720-4E39F928170B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F32CA554-F9D7-425B-8F1C-89678507F28C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "F1CA946D-1665-4874-9D41-C7D963DD1F56"
}
]
}
]
}
],
"references": [
{
"url": "https://access.redhat.com/errata/RHSA-2023:2653",
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:3108",
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-2203",
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2188543",
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
]
}
]
}

144
CVE-2023/CVE-2023-22xx/CVE-2023-2295.json
View File

@ -2,16 +2,49 @@
"id": "CVE-2023-2295",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-05-17T23:15:09.250",
"lastModified": "2023-05-18T12:53:07.890",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-25T17:35:57.487",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in the libreswan library. This security issue occurs when an IKEv1 Aggressive Mode packet is received with only unacceptable crypto algorithms, and the response packet is not sent with a zero responder SPI. When a subsequent packet is received where the sender reuses the libreswan responder SPI as its own initiator SPI, the pluto daemon state machine crashes. No remote code execution is possible. This CVE exists because of a CVE-2023-30570 security regression for libreswan package in Red Hat Enterprise Linux 8.8 and Red Hat Enterprise Linux 9.2."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "secalert@redhat.com",
"type": "Secondary",
@ -23,22 +56,101 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://access.redhat.com/errata/RHSA-2023:3107",
"source": "secalert@redhat.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:libreswan:libreswan:4.9-1.el8:*:*:*:*:*:*:*",
"matchCriteriaId": "1DBF5B0F-6997-40E6-A692-D08DDA0A20A6"
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:3148",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-2295",
"source": "secalert@redhat.com"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2189777",
"source": "secalert@redhat.com"
"vulnerable": true,
"criteria": "cpe:2.3:a:libreswan:libreswan:4.9-1.el9:*:*:*:*:*:*:*",
"matchCriteriaId": "ECE181EC-23BC-448C-92EB-5660D6A1F59E"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "62C31522-0A17-4025-B269-855C7F4B45C2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3C74F6FA-FA6C-4648-9079-91446E45EE47"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD25A35-9C2B-4382-8720-4E39F928170B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F32CA554-F9D7-425B-8F1C-89678507F28C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "F1CA946D-1665-4874-9D41-C7D963DD1F56"
}
]
}
]
}
],
"references": [
{
"url": "https://access.redhat.com/errata/RHSA-2023:3107",
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:3148",
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-2295",
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2189777",
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking"
]
}
]
}

51
CVE-2023/CVE-2023-236xx/CVE-2023-23667.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-23667",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-18T11:15:09.223",
"lastModified": "2023-05-18T12:53:07.890",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-25T16:30:02.287",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://patchstack.com/database/vulnerability/brands-for-woocommerce/wordpress-brands-for-woocommerce-plugin-3-7-0-6-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:berocket:brands_for_woocommerce:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "3.7.0.6",
"matchCriteriaId": "03F63627-79EE-459B-AA6D-4BC9EA245A89"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/brands-for-woocommerce/wordpress-brands-for-woocommerce-plugin-3-7-0-6-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

51
CVE-2023/CVE-2023-239xx/CVE-2023-23999.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-23999",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-18T11:15:09.293",
"lastModified": "2023-05-18T12:53:07.890",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-25T16:29:32.517",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://patchstack.com/database/vulnerability/google-analytics-for-wordpress/wordpress-google-analytics-by-monsterinsights-plugin-8-14-0-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:monsterinsights:google_analytics_dashboard:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "8.14.1",
"matchCriteriaId": "F0547346-543B-486F-83E4-638FC5860CB6"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/google-analytics-for-wordpress/wordpress-google-analytics-by-monsterinsights-plugin-8-14-0-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

166
CVE-2023/CVE-2023-248xx/CVE-2023-24805.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-24805",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-05-17T18:15:09.177",
"lastModified": "2023-05-24T05:15:09.530",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-25T17:05:06.890",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -36,7 +56,7 @@
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
@ -44,32 +64,142 @@
"value": "CWE-78"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"references": [
"configurations": [
{
"url": "https://github.com/OpenPrinting/cups-filters/commit/8f274035756c04efeb77eb654e9d4c4447287d65",
"source": "security-advisories@github.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:linuxfoundation:cups-filters:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.0",
"matchCriteriaId": "4B3F579A-B8F0-4F15-A8DA-7D58BF94740A"
},
{
"url": "https://github.com/OpenPrinting/cups-filters/security/advisories/GHSA-gpxc-v2m8-fr3x",
"source": "security-advisories@github.com"
"vulnerable": true,
"criteria": "cpe:2.3:a:linuxfoundation:cups-filters:2.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "216CAAD0-DBE1-4732-9E7D-1E2F681DC3F5"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00021.html",
"source": "security-advisories@github.com"
"vulnerable": true,
"criteria": "cpe:2.3:a:linuxfoundation:cups-filters:2.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "528C776A-D684-4A2B-BD40-4798321169E4"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KL2SJMZQ5T5JIH3PMQ2CGCY5TUUE255Y/",
"source": "security-advisories@github.com"
"vulnerable": true,
"criteria": "cpe:2.3:a:linuxfoundation:cups-filters:2.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "04694E1A-63CE-41E8-A8CA-31368D058EDB"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YNCGL2ZTAS2GFF23QFT55UFWIDMI4ZJK/",
"source": "security-advisories@github.com"
},
{
"url": "https://www.debian.org/security/2023/dsa-5407",
"source": "security-advisories@github.com"
"vulnerable": true,
"criteria": "cpe:2.3:a:linuxfoundation:cups-filters:2.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "DADB252D-65B1-4591-B3F3-DBCEFD49CC52"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
"matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/OpenPrinting/cups-filters/commit/8f274035756c04efeb77eb654e9d4c4447287d65",
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/OpenPrinting/cups-filters/security/advisories/GHSA-gpxc-v2m8-fr3x",
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00021.html",
"source": "security-advisories@github.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KL2SJMZQ5T5JIH3PMQ2CGCY5TUUE255Y/",
"source": "security-advisories@github.com",
"tags": [
"Mailing List",
"Release Notes"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YNCGL2ZTAS2GFF23QFT55UFWIDMI4ZJK/",
"source": "security-advisories@github.com",
"tags": [
"Mailing List",
"Release Notes"
]
},
{
"url": "https://www.debian.org/security/2023/dsa-5407",
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
]
}
]
}

145
CVE-2023/CVE-2023-24xx/CVE-2023-2491.json
View File

@ -2,16 +2,49 @@
"id": "CVE-2023-2491",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-05-17T22:15:10.997",
"lastModified": "2023-05-18T12:53:07.890",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-25T17:25:35.470",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in the Emacs text editor. Processing a specially crafted org-mode code with the \"org-babel-execute:latex\" function in ob-latex.el can result in arbitrary command execution. This CVE exists because of a CVE-2023-28617 security regression for the emacs package in Red Hat Enterprise Linux 8.8 and Red Hat Enterprise Linux 9.2."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
},
{
"source": "secalert@redhat.com",
"type": "Secondary",
@ -23,22 +56,102 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://access.redhat.com/errata/RHSA-2023:2626",
"source": "secalert@redhat.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gnu:emacs:26.1-9.el8:*:*:*:*:*:*:*",
"matchCriteriaId": "0D22AA80-5195-415F-B400-E15FDA9DB01C"
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:3104",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-2491",
"source": "secalert@redhat.com"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2192873",
"source": "secalert@redhat.com"
"vulnerable": true,
"criteria": "cpe:2.3:a:gnu:emacs:27.2-8.el9:*:*:*:*:*:*:*",
"matchCriteriaId": "28CA40AF-31C9-43CA-B6F1-2B67222B9271"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "62C31522-0A17-4025-B269-855C7F4B45C2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3C74F6FA-FA6C-4648-9079-91446E45EE47"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD25A35-9C2B-4382-8720-4E39F928170B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F32CA554-F9D7-425B-8F1C-89678507F28C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "F1CA946D-1665-4874-9D41-C7D963DD1F56"
}
]
}
]
}
],
"references": [
{
"url": "https://access.redhat.com/errata/RHSA-2023:2626",
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:3104",
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-2491",
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2192873",
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
]
}
]
}

80
CVE-2023/CVE-2023-253xx/CVE-2023-25394.json
View File

@ -2,23 +2,87 @@
"id": "CVE-2023-25394",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-17T00:15:08.967",
"lastModified": "2023-05-17T12:46:46.567",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-25T17:57:14.570",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Videostream macOS app 0.5.0 and 0.4.3 has a Race Condition. The Updater privileged script attempts to update Videostream every 5 hours."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://danrevah.github.io/2023/05/03/CVE-2023-25394-VideoStream-LPE/",
"source": "cve@mitre.org"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"url": "https://getvideostream.com/",
"source": "cve@mitre.org"
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-367"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:getvideostream:videostream:0.4.3:*:*:*:*:macos:*:*",
"matchCriteriaId": "A7DF29F4-CA61-494F-83C2-B03507A7B080"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:getvideostream:videostream:0.5.0:*:*:*:*:macos:*:*",
"matchCriteriaId": "B80567DA-E95C-406A-A7FC-A021D03ED0D3"
}
]
}
]
}
],
"references": [
{
"url": "https://danrevah.github.io/2023/05/03/CVE-2023-25394-VideoStream-LPE/",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://getvideostream.com/",
"source": "cve@mitre.org",
"tags": [
"Product"
]
}
]
}

51
CVE-2023/CVE-2023-256xx/CVE-2023-25698.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-25698",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-18T11:15:09.357",
"lastModified": "2023-05-18T12:53:07.890",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-25T16:27:29.670",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://patchstack.com/database/vulnerability/mabel-shoppable-images-lite/wordpress-shoppable-images-plugin-1-2-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:studiowombat:shoppable_images:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.2.4",
"matchCriteriaId": "4CBEA8A8-4F13-47C2-8F3B-ABC026AF8E66"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/mabel-shoppable-images-lite/wordpress-shoppable-images-plugin-1-2-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

73
CVE-2023/CVE-2023-260xx/CVE-2023-26044.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-26044",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-05-17T18:15:09.247",
"lastModified": "2023-05-18T12:53:07.890",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-25T17:03:21.083",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -36,8 +56,18 @@
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -46,14 +76,39 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://github.com/reactphp/http/commit/9681f764b80c45ebfb5fe2ea7da5bd3babfcdcfd",
"source": "security-advisories@github.com"
},
"nodes": [
{
"url": "https://github.com/reactphp/http/security/advisories/GHSA-95x4-j7vc-h8mf",
"source": "security-advisories@github.com"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:reactphp:http:*:*:*:*:*:*:*:*",
"versionStartIncluding": "0.8.0",
"versionEndExcluding": "1.9.0",
"matchCriteriaId": "AC0B6E67-4AED-41D8-90CE-5D5179BAE135"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/reactphp/http/commit/9681f764b80c45ebfb5fe2ea7da5bd3babfcdcfd",
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/reactphp/http/security/advisories/GHSA-95x4-j7vc-h8mf",
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
}
]
}

61
CVE-2023/CVE-2023-26xx/CVE-2023-2631.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2631",
"sourceIdentifier": "disclosure@synopsys.com",
"published": "2023-05-16T19:15:09.090",
"lastModified": "2023-05-16T20:04:03.627",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-25T16:11:45.930",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "disclosure@synopsys.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
},
{
"source": "disclosure@synopsys.com",
"type": "Secondary",
@ -46,10 +76,31 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://www.jenkins.io/security/advisory/2023-05-16/#SECURITY-3118",
"source": "disclosure@synopsys.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:jenkins:code_dx:*:*:*:*:*:jenkins:*:*",
"versionEndIncluding": "3.1.0",
"matchCriteriaId": "814BAE77-3324-4908-89D4-9A3A63B690FE"
}
]
}
]
}
],
"references": [
{
"url": "https://www.jenkins.io/security/advisory/2023-05-16/#SECURITY-3118",
"source": "disclosure@synopsys.com",
"tags": [
"Vendor Advisory"
]
}
]
}

61
CVE-2023/CVE-2023-26xx/CVE-2023-2632.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2632",
"sourceIdentifier": "disclosure@synopsys.com",
"published": "2023-05-16T18:15:17.303",
"lastModified": "2023-05-16T20:04:03.627",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-25T16:08:28.660",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "disclosure@synopsys.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-522"
}
]
},
{
"source": "disclosure@synopsys.com",
"type": "Secondary",
@ -46,10 +76,31 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://www.jenkins.io/security/advisory/2023-05-16/#SECURITY-3146",
"source": "disclosure@synopsys.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:jenkins:code_dx:*:*:*:*:*:jenkins:*:*",
"versionEndIncluding": "3.1.0",
"matchCriteriaId": "814BAE77-3324-4908-89D4-9A3A63B690FE"
}
]
}
]
}
],
"references": [
{
"url": "https://www.jenkins.io/security/advisory/2023-05-16/#SECURITY-3146",
"source": "disclosure@synopsys.com",
"tags": [
"Vendor Advisory"
]
}
]
}

61
CVE-2023/CVE-2023-26xx/CVE-2023-2633.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2633",
"sourceIdentifier": "disclosure@synopsys.com",
"published": "2023-05-16T18:15:17.453",
"lastModified": "2023-05-16T20:04:03.627",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-25T16:09:27.890",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "disclosure@synopsys.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-522"
}
]
},
{
"source": "disclosure@synopsys.com",
"type": "Secondary",
@ -46,10 +76,31 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://www.jenkins.io/security/advisory/2023-05-16/#SECURITY-3146",
"source": "disclosure@synopsys.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:jenkins:code_dx:*:*:*:*:*:jenkins:*:*",
"versionEndIncluding": "3.1.0",
"matchCriteriaId": "814BAE77-3324-4908-89D4-9A3A63B690FE"
}
]
}
]
}
],
"references": [
{
"url": "https://www.jenkins.io/security/advisory/2023-05-16/#SECURITY-3146",
"source": "disclosure@synopsys.com",
"tags": [
"Vendor Advisory"
]
}
]
}

51
CVE-2023/CVE-2023-274xx/CVE-2023-27423.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-27423",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-18T11:15:09.427",
"lastModified": "2023-05-18T12:53:07.890",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-25T16:26:13.730",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://patchstack.com/database/vulnerability/auto-prune-posts/wordpress-auto-prune-posts-plugin-1-8-0-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mijnpress:auto_prune_posts:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.0.0",
"matchCriteriaId": "252B884D-AA87-4593-A153-687EF1C67723"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/auto-prune-posts/wordpress-auto-prune-posts-plugin-1-8-0-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

51
CVE-2023/CVE-2023-274xx/CVE-2023-27430.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-27430",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-18T11:15:09.490",
"lastModified": "2023-05-18T12:53:07.890",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-25T16:24:02.267",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://patchstack.com/database/vulnerability/mass-delete-unused-tags/wordpress-mass-delete-unused-tags-plugin-2-0-0-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mijnpress:mass_delete_unused_tags:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "3.0.0",
"matchCriteriaId": "16752708-C44C-423C-BE92-D9F9685EF39F"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/mass-delete-unused-tags/wordpress-mass-delete-unused-tags-plugin-2-0-0-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

68
CVE-2023/CVE-2023-277xx/CVE-2023-27742.json
View File

@ -2,19 +2,75 @@
"id": "CVE-2023-27742",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-16T20:15:09.093",
"lastModified": "2023-05-17T12:46:50.773",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-25T16:03:19.983",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "IDURAR ERP/CRM v1 was discovered to contain a SQL injection vulnerability via the component /api/login."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://github.com/G37SYS73M/CVE-2023-27742",
"source": "cve@mitre.org"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:idurar_project:idurar:1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A6E415AB-4775-4054-BCFF-200F07D738F9"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/G37SYS73M/CVE-2023-27742",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

109
CVE-2023/CVE-2023-27xx/CVE-2023-2700.json
View File

@ -2,27 +2,114 @@
"id": "CVE-2023-2700",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-05-15T22:15:12.207",
"lastModified": "2023-05-16T10:46:36.147",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-25T17:14:48.953",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in libvirt. This security flaw ouccers due to repeatedly querying an SR-IOV PCI device's capabilities that exposes a memory leak caused by a failure to free the virPCIVirtualFunction array within the parent struct's g_autoptr cleanup."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://access.redhat.com/security/cve/CVE-2023-2700",
"source": "secalert@redhat.com"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2203653",
"source": "secalert@redhat.com"
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"url": "https://gitlab.com/libvirt/libvirt/-/commit/6425a311b8ad19d6f9c0b315bf1d722551ea3585#874a1e768ade6ceb4538931cbc06248e73223306",
"source": "secalert@redhat.com"
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-401"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:libvirt:4.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9277EFDB-F870-4168-8429-3C6962B5FB06"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D"
}
]
}
]
}
],
"references": [
{
"url": "https://access.redhat.com/security/cve/CVE-2023-2700",
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2203653",
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
},
{
"url": "https://gitlab.com/libvirt/libvirt/-/commit/6425a311b8ad19d6f9c0b315bf1d722551ea3585#874a1e768ade6ceb4538931cbc06248e73223306",
"source": "secalert@redhat.com",
"tags": [
"Patch"
]
}
]
}

79
CVE-2023/CVE-2023-27xx/CVE-2023-2708.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2708",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-05-16T03:15:09.063",
"lastModified": "2023-05-16T10:46:36.147",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-25T16:51:55.100",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -46,18 +76,45 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://plugins.trac.wordpress.org/browser/video-slider-with-thumbnails/tags/1.0.10/video-slider-with-thumbnails.php#L1103",
"source": "security@wordfence.com"
},
"nodes": [
{
"url": "https://plugins.trac.wordpress.org/browser/video-slider-with-thumbnails/tags/1.0.11/video-slider-with-thumbnails.php#L1105",
"source": "security@wordfence.com"
},
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8cfbad9f-61ba-4216-9078-c1e7e809899a?source=cve",
"source": "security@wordfence.com"
"vulnerable": true,
"criteria": "cpe:2.3:a:i13websolution:video_gallery:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.0.11",
"matchCriteriaId": "8611E6D2-366A-4A64-9B13-54F7F8D4AB26"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/video-slider-with-thumbnails/tags/1.0.10/video-slider-with-thumbnails.php#L1103",
"source": "security@wordfence.com",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/video-slider-with-thumbnails/tags/1.0.11/video-slider-with-thumbnails.php#L1105",
"source": "security@wordfence.com",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8cfbad9f-61ba-4216-9078-c1e7e809899a?source=cve",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

120
CVE-2023/CVE-2023-27xx/CVE-2023-2731.json
View File

@ -2,16 +2,49 @@
"id": "CVE-2023-2731",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-05-17T22:15:11.047",
"lastModified": "2023-05-18T12:53:07.890",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-25T17:17:07.247",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A NULL pointer dereference flaw was found in Libtiff's LZWDecode() function in the libtiff/tif_lzw.c file. This flaw allows a local attacker to craft specific input data that can cause the program to dereference a NULL pointer when decompressing a TIFF format file, resulting in a program crash or denial of service."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
},
{
"source": "secalert@redhat.com",
"type": "Secondary",
@ -23,22 +56,77 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://access.redhat.com/security/cve/CVE-2023-2731",
"source": "secalert@redhat.com"
},
"nodes": [
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2207635",
"source": "secalert@redhat.com"
},
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"url": "https://github.com/libsdl-org/libtiff/commit/9be22b639ea69e102d3847dca4c53ef025e9527b",
"source": "secalert@redhat.com"
},
{
"url": "https://gitlab.com/libtiff/libtiff/-/issues/548",
"source": "secalert@redhat.com"
"vulnerable": true,
"criteria": "cpe:2.3:a:libtiff:libtiff:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.5.0",
"matchCriteriaId": "A16AFDD6-3B2B-4DC9-876E-9D53B126201C"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D"
}
]
}
]
}
],
"references": [
{
"url": "https://access.redhat.com/security/cve/CVE-2023-2731",
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2207635",
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
]
},
{
"url": "https://github.com/libsdl-org/libtiff/commit/9be22b639ea69e102d3847dca4c53ef025e9527b",
"source": "secalert@redhat.com",
"tags": [
"Patch"
]
},
{
"url": "https://gitlab.com/libtiff/libtiff/-/issues/548",
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Third Party Advisory"
]
}
]
}

74
CVE-2023/CVE-2023-27xx/CVE-2023-2765.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2765",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-05-17T17:15:17.363",
"lastModified": "2023-05-18T12:53:07.890",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-25T17:12:27.260",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,18 +93,48 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://github.com/eckert-lcc/cve/blob/main/Weaver%20oa.md",
"source": "cna@vuldb.com"
},
"nodes": [
{
"url": "https://vuldb.com/?ctiid.229270",
"source": "cna@vuldb.com"
},
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"url": "https://vuldb.com/?id.229270",
"source": "cna@vuldb.com"
"vulnerable": true,
"criteria": "cpe:2.3:a:weaver:weaver_office_automation:9.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D826258D-8008-41F8-A8A3-6BB52011F667"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/eckert-lcc/cve/blob/main/Weaver%20oa.md",
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
},
{
"url": "https://vuldb.com/?ctiid.229270",
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.229270",
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
}
]
}

75
CVE-2023/CVE-2023-27xx/CVE-2023-2766.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2766",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-05-17T17:15:17.443",
"lastModified": "2023-05-18T12:53:07.890",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-25T17:11:14.567",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,18 +93,49 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://github.com/8079048q/cve/blob/main/weaveroa.md",
"source": "cna@vuldb.com"
},
"nodes": [
{
"url": "https://vuldb.com/?ctiid.229271",
"source": "cna@vuldb.com"
},
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"url": "https://vuldb.com/?id.229271",
"source": "cna@vuldb.com"
"vulnerable": true,
"criteria": "cpe:2.3:a:weaver:weaver_office_automation:9.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D826258D-8008-41F8-A8A3-6BB52011F667"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/8079048q/cve/blob/main/weaveroa.md",
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.229271",
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.229271",
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
}
]
}

75
CVE-2023/CVE-2023-27xx/CVE-2023-2768.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2768",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-05-17T17:15:17.523",
"lastModified": "2023-05-18T12:53:07.890",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-25T17:05:59.857",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,18 +93,49 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://github.com/Upgradeextension/Sucms-v1.0/blob/main/README.md",
"source": "cna@vuldb.com"
},
"nodes": [
{
"url": "https://vuldb.com/?ctiid.229274",
"source": "cna@vuldb.com"
},
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"url": "https://vuldb.com/?id.229274",
"source": "cna@vuldb.com"
"vulnerable": true,
"criteria": "cpe:2.3:a:sucms_project:sucms:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "54E4EEF5-A773-4381-AAC6-ECA5936AB714"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/Upgradeextension/Sucms-v1.0/blob/main/README.md",
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.229274",
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.229274",
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
}
]
}

73
CVE-2023/CVE-2023-27xx/CVE-2023-2774.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2774",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-05-17T20:15:10.427",
"lastModified": "2023-05-18T12:53:07.890",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-25T17:34:40.707",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,18 +93,47 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://github.com/mrwwrrhh/Bus_Dispatch_and_Information_System/blob/main/Bus%20Dispatch%20and%20Information%20System%20in%20view_branch%20%20has%20Sql%20injection%20vulnerabilities.pdf",
"source": "cna@vuldb.com"
},
"nodes": [
{
"url": "https://vuldb.com/?ctiid.229280",
"source": "cna@vuldb.com"
},
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"url": "https://vuldb.com/?id.229280",
"source": "cna@vuldb.com"
"vulnerable": true,
"criteria": "cpe:2.3:a:bus_dispatch_and_information_system_project:bus_dispatch_and_information_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7617077D-5306-4794-B118-A6CB5E7ECB02"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/mrwwrrhh/Bus_Dispatch_and_Information_System/blob/main/Bus%20Dispatch%20and%20Information%20System%20in%20view_branch%20%20has%20Sql%20injection%20vulnerabilities.pdf",
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.229280",
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.229280",
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
}
]
}

72
CVE-2023/CVE-2023-27xx/CVE-2023-2775.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2775",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-05-17T20:15:10.513",
"lastModified": "2023-05-18T12:53:07.890",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-25T17:33:16.180",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,18 +93,46 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://github.com/mrwwrrhh/Bus_Dispatch_and_Information_System/blob/main/Bus%20Dispatch%20and%20Information%20System%20in%20login_info%20has%20Sql%20injection%20vulnerabilities.pdf",
"source": "cna@vuldb.com"
},
"nodes": [
{
"url": "https://vuldb.com/?ctiid.229281",
"source": "cna@vuldb.com"
},
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"url": "https://vuldb.com/?id.229281",
"source": "cna@vuldb.com"
"vulnerable": true,
"criteria": "cpe:2.3:a:bus_dispatch_and_information_system_project:bus_dispatch_and_information_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7617077D-5306-4794-B118-A6CB5E7ECB02"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/mrwwrrhh/Bus_Dispatch_and_Information_System/blob/main/Bus%20Dispatch%20and%20Information%20System%20in%20login_info%20has%20Sql%20injection%20vulnerabilities.pdf",
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.229281",
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.229281",
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

72
CVE-2023/CVE-2023-27xx/CVE-2023-2776.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2776",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-05-17T20:15:10.597",
"lastModified": "2023-05-18T12:53:07.890",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-25T17:27:28.387",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,18 +93,46 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://gitee.com/zyz0103/system-vul/blob/master/Simple%20Photo%20Gallery%20In%20PHP%20With%20Source%20Code%20has%20file%20upload%20vulnerability.pdf",
"source": "cna@vuldb.com"
},
"nodes": [
{
"url": "https://vuldb.com/?ctiid.229282",
"source": "cna@vuldb.com"
},
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"url": "https://vuldb.com/?id.229282",
"source": "cna@vuldb.com"
"vulnerable": true,
"criteria": "cpe:2.3:a:simple_photo_gallery_project:simple_photo_gallery:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D3E19BB3-E048-4698-8B8A-F40358FD5E83"
}
]
}
]
}
],
"references": [
{
"url": "https://gitee.com/zyz0103/system-vul/blob/master/Simple%20Photo%20Gallery%20In%20PHP%20With%20Source%20Code%20has%20file%20upload%20vulnerability.pdf",
"source": "cna@vuldb.com",
"tags": [
"Broken Link"
]
},
{
"url": "https://vuldb.com/?ctiid.229282",
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.229282",
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
}
]
}

64
CVE-2023/CVE-2023-27xx/CVE-2023-2780.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2780",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-05-17T21:15:09.470",
"lastModified": "2023-05-18T12:53:07.890",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-25T17:26:40.920",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -46,14 +68,40 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://github.com/mlflow/mlflow/commit/fae77a525dd908c56d6204a4cef1c1c75b4e9857",
"source": "security@huntr.dev"
},
"nodes": [
{
"url": "https://huntr.dev/bounties/b12b0073-0bb0-4bd1-8fc2-ec7f17fd7689",
"source": "security@huntr.dev"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lfprojects:mlflow:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.3.1",
"matchCriteriaId": "9D848560-15B3-4F3C-BB4D-A847948CE1EC"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/mlflow/mlflow/commit/fae77a525dd908c56d6204a4cef1c1c75b4e9857",
"source": "security@huntr.dev",
"tags": [
"Patch"
]
},
{
"url": "https://huntr.dev/bounties/b12b0073-0bb0-4bd1-8fc2-ec7f17fd7689",
"source": "security@huntr.dev",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
]
}
]
}

63
CVE-2023/CVE-2023-27xx/CVE-2023-2782.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2782",
"sourceIdentifier": "security@acronis.com",
"published": "2023-05-18T11:15:09.563",
"lastModified": "2023-05-18T12:53:07.890",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-25T16:23:06.573",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "security@acronis.com",
@ -35,6 +57,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
},
{
"source": "security@acronis.com",
"type": "Secondary",
@ -46,10 +78,31 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://security-advisory.acronis.com/advisories/SEC-3475",
"source": "security@acronis.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_infrastructure:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.3.1-38",
"matchCriteriaId": "EB1FE823-4833-4FC2-813C-E70A166958AC"
}
]
}
]
}
],
"references": [
{
"url": "https://security-advisory.acronis.com/advisories/SEC-3475",
"source": "security@acronis.com",
"tags": [
"Vendor Advisory"
]
}
]
}

74
CVE-2023/CVE-2023-298xx/CVE-2023-29837.json
View File

@ -2,23 +2,81 @@
"id": "CVE-2023-29837",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-17T20:15:10.280",
"lastModified": "2023-05-18T12:53:07.890",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-25T17:39:28.597",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cross Site Scripting vulnerability found in Exelysis Unified Communication Solution (EUCS) v.1.0 allows a remote attacker to gain privileges via the URL path of the eucsAdmin login web page."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://github.com/IthacaLabs/Exelysis",
"source": "cve@mitre.org"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"url": "https://github.com/IthacaLabs/Exelysis/blob/main/EUCS%20Admin%20Login%20XSS_CVE-2023-29836_CVE-2023-29837.txt",
"source": "cve@mitre.org"
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:exelysis:exelysis_unified_communications_solution:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DACD11BC-5F95-4E4B-9B91-78244C70F03C"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/IthacaLabs/Exelysis",
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://github.com/IthacaLabs/Exelysis/blob/main/EUCS%20Admin%20Login%20XSS_CVE-2023-29836_CVE-2023-29837.txt",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

74
CVE-2023/CVE-2023-298xx/CVE-2023-29857.json
View File

@ -2,23 +2,81 @@
"id": "CVE-2023-29857",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-18T02:15:10.907",
"lastModified": "2023-05-18T12:53:07.890",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-25T17:38:38.170",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue in Teslamate v1.27.1 allows attackers to obtain sensitive information via directly accessing the teslamate link."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "http://leegt.synology.me:4000/",
"source": "cve@mitre.org"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"url": "https://github.com/Langangago/Cve-number/blob/main/README.md",
"source": "cve@mitre.org"
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:teslamate_project:teslamate:1.27.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8BFF1DCC-D515-48F4-865E-2629BE0247D4"
}
]
}
]
}
],
"references": [
{
"url": "http://leegt.synology.me:4000/",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://github.com/Langangago/Cve-number/blob/main/README.md",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

68
CVE-2023/CVE-2023-299xx/CVE-2023-29927.json
View File

@ -2,19 +2,75 @@
"id": "CVE-2023-29927",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-16T20:15:09.213",
"lastModified": "2023-05-17T12:46:50.773",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-25T16:05:07.423",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Versions of Sage 300 through 2022 implement role-based access controls that are only enforced client-side. Low-privileged Sage users, particularly those on a workstation setup in the \"Windows Peer-to-Peer Network\" or \"Client Server Network\" Sage 300 configurations, could recover the SQL connection strings being used by Sage 300 and interact directly with the underlying database(s) to create, update, and delete all company records, bypassing the program\u2019s role-based access controls."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://www.controlgap.com/blog/critical-vulnerability-disclosure-sage-300",
"source": "cve@mitre.org"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sage:sage_300:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2022",
"matchCriteriaId": "F8A63515-64F4-4132-B748-C4759CBA67FD"
}
]
}
]
}
],
"references": [
{
"url": "https://www.controlgap.com/blog/critical-vulnerability-disclosure-sage-300",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

87
CVE-2023/CVE-2023-299xx/CVE-2023-29961.json
View File

@ -2,23 +2,94 @@
"id": "CVE-2023-29961",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-16T01:15:09.067",
"lastModified": "2023-05-16T10:46:36.147",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-25T17:02:42.157",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "D-Link DIR-605L firmware version 1.17B01 BETA is vulnerable to stack overflow via /goform/formTcpipSetup,"
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://github.com/Archerber/bug_submit/blob/main/D-Link/dir605l.md",
"source": "cve@mitre.org"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"url": "https://www.dlink.com/en/security-bulletin/",
"source": "cve@mitre.org"
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dlink:dir-605l_firmware:1.17b01:*:*:*:*:*:*:*",
"matchCriteriaId": "E02E7612-ABAC-48FE-896E-292C404D2FCE"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dlink:dir-605l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD4E3AA2-EC1C-4219-8E13-B52D30A7FA06"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/Archerber/bug_submit/blob/main/D-Link/dir605l.md",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://www.dlink.com/en/security-bulletin/",
"source": "cve@mitre.org",
"tags": [
"Not Applicable"
]
}
]
}

68
CVE-2023/CVE-2023-299xx/CVE-2023-29985.json
View File

@ -2,19 +2,75 @@
"id": "CVE-2023-29985",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-18T01:15:09.117",
"lastModified": "2023-05-18T12:53:07.890",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-25T17:39:56.117",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Sourcecodester Student Study Center Desk Management System v1.0 admin\\reports\\index.php#date_from has a SQL Injection vulnerability."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://liaorj.github.io/2023/03/17/admin-reports-date-from-has-sql-injection-vulnerability/#more",
"source": "cve@mitre.org"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:student_study_center_desk_management_system_project:student_study_center_desk_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5A7F67EA-5AEE-4BE7-8EB3-F5C2FFDC5344"
}
]
}
]
}
],
"references": [
{
"url": "https://liaorj.github.io/2023/03/17/admin-reports-date-from-has-sql-injection-vulnerability/#more",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

69
CVE-2023/CVE-2023-301xx/CVE-2023-30124.json
View File

@ -2,19 +2,76 @@
"id": "CVE-2023-30124",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-18T01:15:09.163",
"lastModified": "2023-05-18T12:53:07.890",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-25T17:39:23.237",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "LavaLite v9.0.0 is vulnerable to Cross Site Scripting (XSS)."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://github.com/LavaLite/cms/issues/389#issue-1636041104",
"source": "cve@mitre.org"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lavalite:lavalite:9.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6150AF5B-17E6-4BFB-9980-F181A335022D"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/LavaLite/cms/issues/389#issue-1636041104",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
]
}
]
}

65
CVE-2023/CVE-2023-301xx/CVE-2023-30191.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30191",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-17T20:15:10.680",
"lastModified": "2023-05-18T12:53:07.890",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-25T17:09:37.037",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "cve@mitre.org",
"type": "Secondary",
@ -34,10 +54,45 @@
}
]
},
"references": [
"weaknesses": [
{
"url": "https://friends-of-presta.github.io/security-advisories/modules/2023/05/17/cdesigner-89.html",
"source": "cve@mitre.org"
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cdesigner_project:cdesigner:*:*:*:*:*:prestashop:*:*",
"versionEndIncluding": "3.2.2",
"matchCriteriaId": "04BC753A-97D4-4C01-A421-B5ABCB42CE5D"
}
]
}
]
}
],
"references": [
{
"url": "https://friends-of-presta.github.io/security-advisories/modules/2023/05/17/cdesigner-89.html",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
]
}
]
}

51
CVE-2023/CVE-2023-304xx/CVE-2023-30487.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30487",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-18T09:15:10.333",
"lastModified": "2023-05-18T12:53:07.890",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-25T16:17:34.267",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://patchstack.com/database/vulnerability/learnpress-import-export/wordpress-learnpress-export-import-plugin-4-0-2-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:thimpress:learnpress:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "4.0.2",
"matchCriteriaId": "5B7FEF2E-8B0A-4CDD-83C7-65226AADF503"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/learnpress-import-export/wordpress-learnpress-export-import-plugin-4-0-2-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

51
CVE-2023/CVE-2023-307xx/CVE-2023-30780.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30780",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-18T11:15:09.633",
"lastModified": "2023-05-18T12:53:07.890",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-25T16:22:23.820",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://patchstack.com/database/vulnerability/user-ip-and-location/wordpress-user-ip-and-location-plugin-2-2-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:theguidex:user_ip_and_location:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.2.1",
"matchCriteriaId": "D52630DF-3300-4613-A07F-775B43BB9667"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/user-ip-and-location/wordpress-user-ip-and-location-plugin-2-2-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

63
CVE-2023/CVE-2023-308xx/CVE-2023-30868.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30868",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-18T09:15:10.437",
"lastModified": "2023-05-18T12:53:07.890",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-25T16:17:51.900",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -36,7 +56,7 @@
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
@ -44,12 +64,43 @@
"value": "CWE-79"
}
]
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
"configurations": [
{
"url": "https://patchstack.com/database/vulnerability/cms-tree-page-view/wordpress-cms-tree-page-view-plugin-1-6-7-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cms_tree_page_view_project:cms_tree_page_view:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.6.7",
"matchCriteriaId": "3191FD6E-9258-4CCA-A0CE-5444F64B15DE"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/cms-tree-page-view/wordpress-cms-tree-page-view-plugin-1-6-7-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

60
CVE-2023/CVE-2023-311xx/CVE-2023-31131.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-31131",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-05-15T22:15:12.273",
"lastModified": "2023-05-16T10:46:36.147",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-25T17:06:11.477",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,14 +66,38 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://github.com/greenplum-db/gpdb/commit/1ec4affbba7c9745f64edbd80a6680ad29b09471",
"source": "security-advisories@github.com"
},
"nodes": [
{
"url": "https://github.com/greenplum-db/gpdb/security/advisories/GHSA-hgm9-2q42-c7f3",
"source": "security-advisories@github.com"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:greenplum_database:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.22.3",
"matchCriteriaId": "19687964-5180-47DC-9C0C-5482B2B44A3C"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/greenplum-db/gpdb/commit/1ec4affbba7c9745f64edbd80a6680ad29b09471",
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/greenplum-db/gpdb/security/advisories/GHSA-hgm9-2q42-c7f3",
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
}
]
}

70
CVE-2023/CVE-2023-311xx/CVE-2023-31135.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-31135",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-05-17T18:15:09.437",
"lastModified": "2023-05-18T12:53:07.890",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-25T17:01:53.880",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,18 +66,46 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://en.wikipedia.org/wiki/Cryptographic_nonce",
"source": "security-advisories@github.com"
},
"nodes": [
{
"url": "https://github.com/dgraph-io/dgraph/pull/8323",
"source": "security-advisories@github.com"
},
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"url": "https://github.com/dgraph-io/dgraph/security/advisories/GHSA-92wq-q9pq-gw47",
"source": "security-advisories@github.com"
"vulnerable": true,
"criteria": "cpe:2.3:a:dgraph:dgraph:*:*:*:*:*:go:*:*",
"versionEndExcluding": "23.0.0",
"matchCriteriaId": "662699FF-8150-4D0E-817D-431360751CCF"
}
]
}
]
}
],
"references": [
{
"url": "https://en.wikipedia.org/wiki/Cryptographic_nonce",
"source": "security-advisories@github.com",
"tags": [
"Technical Description"
]
},
{
"url": "https://github.com/dgraph-io/dgraph/pull/8323",
"source": "security-advisories@github.com",
"tags": [
"Issue Tracking",
"Patch"
]
},
{
"url": "https://github.com/dgraph-io/dgraph/security/advisories/GHSA-92wq-q9pq-gw47",
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
}
]
}

51
CVE-2023/CVE-2023-312xx/CVE-2023-31233.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-31233",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-18T10:15:09.837",
"lastModified": "2023-05-18T12:53:07.890",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-25T16:32:35.533",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://patchstack.com/database/vulnerability/baidu-tongji-generator/wordpress-baidu-tongji-generator-plugin-1-0-2-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:baidu_tongji_generator_project:baidu_tongji_generator:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.0.2",
"matchCriteriaId": "440A7E49-89EB-4768-88F5-57666EB9A33B"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/baidu-tongji-generator/wordpress-baidu-tongji-generator-plugin-1-0-2-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

69
CVE-2023/CVE-2023-315xx/CVE-2023-31597.json
View File

@ -2,19 +2,76 @@
"id": "CVE-2023-31597",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-18T18:15:10.017",
"lastModified": "2023-05-18T20:16:21.423",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-25T17:46:37.813",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue in Zammad v5.4.0 allows attackers to bypass e-mail verification using an arbitrary address and manipulate the data of the generated user. Attackers are also able to gain unauthorized access to existing tickets."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://zammad.com/de/advisories/zaa-2023-03",
"source": "cve@mitre.org"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zammad:zammad:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.4.1",
"matchCriteriaId": "F63F238F-5458-4221-8429-6CA7ED911A2C"
}
]
}
]
}
],
"references": [
{
"url": "https://zammad.com/de/advisories/zaa-2023-03",
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

85
CVE-2023/CVE-2023-317xx/CVE-2023-31701.json
View File

@ -2,19 +2,92 @@
"id": "CVE-2023-31701",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-17T14:15:09.383",
"lastModified": "2023-05-17T17:00:54.967",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-25T17:34:40.853",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "TP-Link TL-WPA4530 KIT V2 (EU)_170406 and V2 (EU)_161115 is vulnerable to Command Injection via _httpRpmPlcDeviceRemove."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://github.com/FirmRec/IoT-Vulns/blob/main/tp-link/postPlcJson/report.md",
"source": "cve@mitre.org"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tp-link:tl-wpa4530_kit_firmware:161115:*:*:*:*:*:*:*",
"matchCriteriaId": "7F1B618D-E588-4763-B002-9CA550B36ACE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tp-link:tl-wpa4530_kit_firmware:170406:*:*:*:*:*:*:*",
"matchCriteriaId": "0871F990-15E8-41B6-825E-2303375CB611"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tp-link:tl-wpa4530_kit:v2:*:*:*:*:*:*:*",
"matchCriteriaId": "CF22247B-4AF4-4E69-80DC-F1C02EE697A3"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/FirmRec/IoT-Vulns/blob/main/tp-link/postPlcJson/report.md",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

69
CVE-2023/CVE-2023-317xx/CVE-2023-31722.json
View File

@ -2,19 +2,76 @@
"id": "CVE-2023-31722",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-17T14:15:09.423",
"lastModified": "2023-05-17T17:00:54.967",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-25T17:35:14.067",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "There exists a heap buffer overflow in nasm 2.16.02rc1 (GitHub commit: b952891)."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://bugzilla.nasm.us/show_bug.cgi?id=3392857#c1",
"source": "cve@mitre.org"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nasm:netwide_assembler:2.16.02:rc1:*:*:*:*:*:*",
"matchCriteriaId": "5204C5DA-744D-4D4C-915E-B2916AD62E1E"
}
]
}
]
}
],
"references": [
{
"url": "https://bugzilla.nasm.us/show_bug.cgi?id=3392857#c1",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
]
}
]
}

86
CVE-2023/CVE-2023-317xx/CVE-2023-31729.json
View File

@ -2,23 +2,93 @@
"id": "CVE-2023-31729",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-18T02:15:12.380",
"lastModified": "2023-05-18T12:53:07.890",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-25T17:37:47.043",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "TOTOLINK A3300R v17.0.0cu.557 is vulnerable to Command Injection."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "http://totolink.com",
"source": "cve@mitre.org"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"url": "https://github.com/D2y6p/CVE/blob/main/Totolink/CVE-2023-31729/CVE-2023-31729.md",
"source": "cve@mitre.org"
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:totolink:a3300r_firmware:17.0.0cu.557:*:*:*:*:*:*:*",
"matchCriteriaId": "0C69B7CF-BF5E-423E-ACA1-D46D6BF6D127"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:totolink:a3300r:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7F723A73-4B32-4F9E-B5DA-80134D4711C1"
}
]
}
]
}
],
"references": [
{
"url": "http://totolink.com",
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://github.com/D2y6p/CVE/blob/main/Totolink/CVE-2023-31729/CVE-2023-31729.md",
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
}
]
}

77
CVE-2023/CVE-2023-319xx/CVE-2023-31903.json
View File

@ -2,23 +2,84 @@
"id": "CVE-2023-31903",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-17T13:15:09.720",
"lastModified": "2023-05-17T17:00:54.967",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-25T17:33:42.757",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "GuppY CMS 6.00.10 is vulnerable to Unrestricted File Upload which allows remote attackers to execute arbitrary code by uploading a php file."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://github.com/blue0x1/GuppY-exploit-rce",
"source": "cve@mitre.org"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"url": "https://www.exploit-db.com/exploits/51052",
"source": "cve@mitre.org"
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:freeguppy:guppy:6.00.10:*:*:*:*:*:*:*",
"matchCriteriaId": "604416E0-0069-416C-AAE7-EF938FC66A45"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/blue0x1/GuppY-exploit-rce",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://www.exploit-db.com/exploits/51052",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
}
]
}

69
CVE-2023/CVE-2023-319xx/CVE-2023-31904.json
View File

@ -2,19 +2,76 @@
"id": "CVE-2023-31904",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-17T13:15:09.777",
"lastModified": "2023-05-17T17:00:54.967",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-25T17:34:19.993",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "savysoda Wifi HD Wireless Disk Drive 11 is vulnerable to Local File Inclusion."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://www.exploit-db.com/exploits/51015",
"source": "cve@mitre.org"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:savysoda:wifi_hd_wireless_disk_drive:11:*:*:*:*:iphone_os:*:*",
"matchCriteriaId": "88C77186-8801-45A6-B27B-A4E3211873E2"
}
]
}
]
}
],
"references": [
{
"url": "https://www.exploit-db.com/exploits/51015",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
}
]
}

60
CVE-2023/CVE-2023-323xx/CVE-2023-32308.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32308",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-05-15T21:15:09.530",
"lastModified": "2023-05-16T10:46:36.147",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-25T17:38:00.570",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,14 +66,38 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://github.com/anuko/timetracker/commit/8a7367d7f77ea697c090f5ca4e19669181cc7bcf",
"source": "security-advisories@github.com"
},
"nodes": [
{
"url": "https://github.com/anuko/timetracker/security/advisories/GHSA-9g2c-7c7g-p58r",
"source": "security-advisories@github.com"
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:anuko:time_tracker:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.22.11.5781",
"matchCriteriaId": "950665B0-1126-463B-99BB-4EB7A099B25B"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/anuko/timetracker/commit/8a7367d7f77ea697c090f5ca4e19669181cc7bcf",
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/anuko/timetracker/security/advisories/GHSA-9g2c-7c7g-p58r",
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
}
]
}

51
CVE-2023/CVE-2023-325xx/CVE-2023-32515.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32515",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-18T10:15:09.913",
"lastModified": "2023-05-18T12:53:07.890",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-25T16:32:21.273",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"references": [
"configurations": [
{
"url": "https://patchstack.com/database/vulnerability/custom-field-suite/wordpress-custom-field-suite-plugin-2-6-2-1-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:custom_field_suite_project:custom_field_suite:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.6.3",
"matchCriteriaId": "8FB2B754-75B8-48DC-8B4A-2781700EC1B3"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/custom-field-suite/wordpress-custom-field-suite-plugin-2-6-2-1-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

76
CVE-2023/CVE-2023-327xx/CVE-2023-32767.json
View File

@ -2,23 +2,83 @@
"id": "CVE-2023-32767",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-17T20:15:10.757",
"lastModified": "2023-05-18T12:53:07.890",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-25T17:27:17.517",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The web interface of Symcon IP-Symcon before 6.3 (i.e., before 2023-05-12) allows a remote attacker to read sensitive files via .. directory-traversal sequences in the URL."
}
],
"metrics": {},
"references": [
"metrics": {
"cvssMetricV31": [
{
"url": "https://community.symcon.de/t/ip-symcon-6-3-stable-changelog/40276/87",
"source": "cve@mitre.org"
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"url": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2023-014.txt",
"source": "cve@mitre.org"
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:symcon:ip_symcon:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.3",
"matchCriteriaId": "EC501EE0-C2F3-4C4E-A13B-6926F00BA13D"
}
]
}
]
}
],
"references": [
{
"url": "https://community.symcon.de/t/ip-symcon-6-3-stable-changelog/40276/87",
"source": "cve@mitre.org",
"tags": [
"Release Notes"
]
},
{
"url": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2023-014.txt",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

20
CVE-2023/CVE-2023-337xx/CVE-2023-33750.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-33750",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-25T17:15:12.110",
"lastModified": "2023-05-25T17:15:12.110",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A stored cross-site scripting (XSS) vulnerability in mipjz v5.0.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Description parameter at /index.php?s=/article/ApiAdminArticle/itemAdd."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/sansanyun/mipjz/issues/15",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-337xx/CVE-2023-33751.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-33751",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-25T17:15:12.263",
"lastModified": "2023-05-25T17:15:12.263",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A stored cross-site scripting (XSS) vulnerability in mipjz v5.0.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the name parameter at /app/tag/controller/ApiAdminTagCategory.php."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/sansanyun/mipjz/issues/14",
"source": "cve@mitre.org"
}
]
}

70
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-05-25T16:00:31.639914+00:00
2023-05-25T18:00:29.704440+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-05-25T15:59:04.283000+00:00
2023-05-25T17:57:14.570000+00:00
```
### Last Data Feed Release
@ -29,52 +29,46 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
216030
216032
```
### CVEs added in the last Commit
Recently added CVEs: `8`
Recently added CVEs: `2`
* [CVE-2023-0459](CVE-2023/CVE-2023-04xx/CVE-2023-0459.json) (`2023-05-25T14:15:09.603`)
* [CVE-2023-22504](CVE-2023/CVE-2023-225xx/CVE-2023-22504.json) (`2023-05-25T14:15:09.877`)
* [CVE-2023-2480](CVE-2023/CVE-2023-24xx/CVE-2023-2480.json) (`2023-05-25T14:15:10.120`)
* [CVE-2023-2798](CVE-2023/CVE-2023-27xx/CVE-2023-2798.json) (`2023-05-25T14:15:10.320`)
* [CVE-2023-2851](CVE-2023/CVE-2023-28xx/CVE-2023-2851.json) (`2023-05-25T14:15:10.557`)
* [CVE-2023-33355](CVE-2023/CVE-2023-333xx/CVE-2023-33355.json) (`2023-05-25T14:15:10.850`)
* [CVE-2023-33356](CVE-2023/CVE-2023-333xx/CVE-2023-33356.json) (`2023-05-25T14:15:11.030`)
* [CVE-2023-32694](CVE-2023/CVE-2023-326xx/CVE-2023-32694.json) (`2023-05-25T15:15:09.027`)
* [CVE-2023-33750](CVE-2023/CVE-2023-337xx/CVE-2023-33750.json) (`2023-05-25T17:15:12.110`)
* [CVE-2023-33751](CVE-2023/CVE-2023-337xx/CVE-2023-33751.json) (`2023-05-25T17:15:12.263`)
### CVEs modified in the last Commit
Recently modified CVEs: `38`
Recently modified CVEs: `58`
* [CVE-2023-32956](CVE-2023/CVE-2023-329xx/CVE-2023-32956.json) (`2023-05-25T15:09:54.967`)
* [CVE-2023-2161](CVE-2023/CVE-2023-21xx/CVE-2023-2161.json) (`2023-05-25T15:14:00.573`)
* [CVE-2023-32955](CVE-2023/CVE-2023-329xx/CVE-2023-32955.json) (`2023-05-25T15:19:39.333`)
* [CVE-2023-30501](CVE-2023/CVE-2023-305xx/CVE-2023-30501.json) (`2023-05-25T15:22:05.390`)
* [CVE-2023-2710](CVE-2023/CVE-2023-27xx/CVE-2023-2710.json) (`2023-05-25T15:25:43.933`)
* [CVE-2023-30502](CVE-2023/CVE-2023-305xx/CVE-2023-30502.json) (`2023-05-25T15:31:55.457`)
* [CVE-2023-30503](CVE-2023/CVE-2023-305xx/CVE-2023-30503.json) (`2023-05-25T15:32:10.817`)
* [CVE-2023-30504](CVE-2023/CVE-2023-305xx/CVE-2023-30504.json) (`2023-05-25T15:32:19.507`)
* [CVE-2023-30505](CVE-2023/CVE-2023-305xx/CVE-2023-30505.json) (`2023-05-25T15:32:44.243`)
* [CVE-2023-30506](CVE-2023/CVE-2023-305xx/CVE-2023-30506.json) (`2023-05-25T15:32:52.403`)
* [CVE-2023-31698](CVE-2023/CVE-2023-316xx/CVE-2023-31698.json) (`2023-05-25T15:41:38.163`)
* [CVE-2023-30507](CVE-2023/CVE-2023-305xx/CVE-2023-30507.json) (`2023-05-25T15:41:52.120`)
* [CVE-2023-30508](CVE-2023/CVE-2023-305xx/CVE-2023-30508.json) (`2023-05-25T15:42:02.047`)
* [CVE-2023-30509](CVE-2023/CVE-2023-305xx/CVE-2023-30509.json) (`2023-05-25T15:42:19.017`)
* [CVE-2023-30510](CVE-2023/CVE-2023-305xx/CVE-2023-30510.json) (`2023-05-25T15:42:58.103`)
* [CVE-2023-31699](CVE-2023/CVE-2023-316xx/CVE-2023-31699.json) (`2023-05-25T15:43:57.950`)
* [CVE-2023-31902](CVE-2023/CVE-2023-319xx/CVE-2023-31902.json) (`2023-05-25T15:46:52.150`)
* [CVE-2023-31702](CVE-2023/CVE-2023-317xx/CVE-2023-31702.json) (`2023-05-25T15:51:23.433`)
* [CVE-2023-31703](CVE-2023/CVE-2023-317xx/CVE-2023-31703.json) (`2023-05-25T15:52:01.867`)
* [CVE-2023-2773](CVE-2023/CVE-2023-27xx/CVE-2023-2773.json) (`2023-05-25T15:55:30.730`)
* [CVE-2023-2772](CVE-2023/CVE-2023-27xx/CVE-2023-2772.json) (`2023-05-25T15:56:37.780`)
* [CVE-2023-2771](CVE-2023/CVE-2023-27xx/CVE-2023-2771.json) (`2023-05-25T15:57:12.883`)
* [CVE-2023-2770](CVE-2023/CVE-2023-27xx/CVE-2023-2770.json) (`2023-05-25T15:58:23.257`)
* [CVE-2023-2888](CVE-2023/CVE-2023-28xx/CVE-2023-2888.json) (`2023-05-25T15:58:29.613`)
* [CVE-2023-2769](CVE-2023/CVE-2023-27xx/CVE-2023-2769.json) (`2023-05-25T15:59:04.283`)
* [CVE-2023-2700](CVE-2023/CVE-2023-27xx/CVE-2023-2700.json) (`2023-05-25T17:14:48.953`)
* [CVE-2023-2731](CVE-2023/CVE-2023-27xx/CVE-2023-2731.json) (`2023-05-25T17:17:07.247`)
* [CVE-2023-2491](CVE-2023/CVE-2023-24xx/CVE-2023-2491.json) (`2023-05-25T17:25:35.470`)
* [CVE-2023-2203](CVE-2023/CVE-2023-22xx/CVE-2023-2203.json) (`2023-05-25T17:25:51.033`)
* [CVE-2023-1972](CVE-2023/CVE-2023-19xx/CVE-2023-1972.json) (`2023-05-25T17:26:20.903`)
* [CVE-2023-2780](CVE-2023/CVE-2023-27xx/CVE-2023-2780.json) (`2023-05-25T17:26:40.920`)
* [CVE-2023-32767](CVE-2023/CVE-2023-327xx/CVE-2023-32767.json) (`2023-05-25T17:27:17.517`)
* [CVE-2023-2776](CVE-2023/CVE-2023-27xx/CVE-2023-2776.json) (`2023-05-25T17:27:28.387`)
* [CVE-2023-2775](CVE-2023/CVE-2023-27xx/CVE-2023-2775.json) (`2023-05-25T17:33:16.180`)
* [CVE-2023-31903](CVE-2023/CVE-2023-319xx/CVE-2023-31903.json) (`2023-05-25T17:33:42.757`)
* [CVE-2023-31904](CVE-2023/CVE-2023-319xx/CVE-2023-31904.json) (`2023-05-25T17:34:19.993`)
* [CVE-2023-2124](CVE-2023/CVE-2023-21xx/CVE-2023-2124.json) (`2023-05-25T17:34:31.447`)
* [CVE-2023-2774](CVE-2023/CVE-2023-27xx/CVE-2023-2774.json) (`2023-05-25T17:34:40.707`)
* [CVE-2023-31701](CVE-2023/CVE-2023-317xx/CVE-2023-31701.json) (`2023-05-25T17:34:40.853`)
* [CVE-2023-31722](CVE-2023/CVE-2023-317xx/CVE-2023-31722.json) (`2023-05-25T17:35:14.067`)
* [CVE-2023-22348](CVE-2023/CVE-2023-223xx/CVE-2023-22348.json) (`2023-05-25T17:35:38.100`)
* [CVE-2023-2295](CVE-2023/CVE-2023-22xx/CVE-2023-2295.json) (`2023-05-25T17:35:57.487`)
* [CVE-2023-31729](CVE-2023/CVE-2023-317xx/CVE-2023-31729.json) (`2023-05-25T17:37:47.043`)
* [CVE-2023-32308](CVE-2023/CVE-2023-323xx/CVE-2023-32308.json) (`2023-05-25T17:38:00.570`)
* [CVE-2023-29857](CVE-2023/CVE-2023-298xx/CVE-2023-29857.json) (`2023-05-25T17:38:38.170`)
* [CVE-2023-30124](CVE-2023/CVE-2023-301xx/CVE-2023-30124.json) (`2023-05-25T17:39:23.237`)
* [CVE-2023-29837](CVE-2023/CVE-2023-298xx/CVE-2023-29837.json) (`2023-05-25T17:39:28.597`)
* [CVE-2023-29985](CVE-2023/CVE-2023-299xx/CVE-2023-29985.json) (`2023-05-25T17:39:56.117`)
* [CVE-2023-31597](CVE-2023/CVE-2023-315xx/CVE-2023-31597.json) (`2023-05-25T17:46:37.813`)
* [CVE-2023-25394](CVE-2023/CVE-2023-253xx/CVE-2023-25394.json) (`2023-05-25T17:57:14.570`)
## Download and Usage