admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-07 19:16:29 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-01-24T21:00:24.254523+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-01-24 21:00:27 +00:00
parent c7a469b9ea
commit 321c4a8c97
42 changed files with 2618 additions and 183 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
CVE-2021/CVE-2021-421xx/CVE-2021-42145.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2021-42145",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-24T19:15:08.420",
"lastModified": "2024-01-24T19:43:42.640",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An assertion failure discovered in in check_certificate_request() in Contiki-NG tinyDTLS through master branch 53a0d97 allows attackers to cause a denial of service."
}
],
"metrics": {},
"references": [
{
"url": "https://seclists.org/fulldisclosure/2024/Jan/18",
"source": "cve@mitre.org"
}
]
}

20
CVE-2021/CVE-2021-421xx/CVE-2021-42146.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2021-42146",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-24T19:15:08.483",
"lastModified": "2024-01-24T19:43:42.640",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Contiki-NG tinyDTLS through master branch 53a0d97. DTLS servers allow remote attackers to reuse the same epoch number within two times the TCP maximum segment lifetime, which is prohibited in RFC6347. This vulnerability allows remote attackers to obtain sensitive application (data of connected clients)."
}
],
"metrics": {},
"references": [
{
"url": "https://seclists.org/fulldisclosure/2024/Jan/19",
"source": "cve@mitre.org"
}
]
}

20
CVE-2021/CVE-2021-421xx/CVE-2021-42147.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2021-42147",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-24T19:15:08.530",
"lastModified": "2024-01-24T19:43:42.640",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Buffer over-read vulnerability in the dtls_sha256_update function in Contiki-NG tinyDTLS through master branch 53a0d97 allows remote attackers to cause a denial of service via crafted data packet."
}
],
"metrics": {},
"references": [
{
"url": "https://seclists.org/fulldisclosure/2024/Jan/20",
"source": "cve@mitre.org"
}
]
}

20
CVE-2021/CVE-2021-435xx/CVE-2021-43584.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2021-43584",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-24T20:15:53.610",
"lastModified": "2024-01-24T20:15:53.610",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "DOM-based Cross Site Scripting (XSS vulnerability in 'Tail Event Logs' functionality in Nagios Nagios Cross-Platform Agent (NCPA) before 2.4.0 allows attackers to run arbitrary code via the name element when filtering for a log."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/NagiosEnterprises/ncpa/issues/830",
"source": "cve@mitre.org"
}
]
}

59
CVE-2021/CVE-2021-44xx/CVE-2021-4433.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-4433",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-18T01:15:43.460",
"lastModified": "2024-01-18T13:42:01.673",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-24T20:35:23.303",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -75,18 +95,47 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:karjasoft:sami_http_server:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7C87901E-FC7C-41AC-A3EE-E7B928C4F5D5"
}
]
}
]
}
],
"references": [
{
"url": "https://packetstormsecurity.com/files/163138/Sami-HTTP-Server-2.0-Denial-Of-Service.html",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?ctiid.250836",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.250836",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

51
CVE-2022/CVE-2022-364xx/CVE-2022-36418.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2022-36418",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-01-17T16:15:45.817",
"lastModified": "2024-01-17T17:35:08.140",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-24T19:02:05.587",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in Vagary Digital HREFLANG Tags Lite.This issue affects HREFLANG Tags Lite: from n/a through 2.0.0.\n\n"
},
{
"lang": "es",
"value": "Vulnerabilidad de autorizaci\u00f3n faltante en Vagary Digital HREFLANG Tags Lite. Este problema afecta a HREFLANG Tags Lite: desde n/a hasta 2.0.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dcgws:hreflang_tags_lite:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.0.0",
"matchCriteriaId": "224644C7-867B-4331-B5D7-759620A3DADC"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/hreflang-tags-by-dcgws/wordpress-hreflang-tags-lite-plugin-2-0-0-unauthenticated-plugin-data-reset-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

51
CVE-2022/CVE-2022-402xx/CVE-2022-40203.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2022-40203",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-01-17T16:15:46.230",
"lastModified": "2024-01-17T17:35:08.140",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-24T19:13:14.117",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in AlgolPlus Advanced Dynamic Pricing for WooCommerce.This issue affects Advanced Dynamic Pricing for WooCommerce: from n/a through 4.1.5.\n\n"
},
{
"lang": "es",
"value": "Vulnerabilidad de falta de autorizaci\u00f3n en AlgolPlus Advanced Dynamic Pricing para WooCommerce. Este problema afecta a Advanced Dynamic Pricing para WooCommerce: desde n/a hasta 4.1.5."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:algolplus:advanced_dynamic_pricing_for_woocommerce:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "4.1.6",
"matchCriteriaId": "BA7DA4BA-09FD-4756-9B60-750E1245E0B7"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/advanced-dynamic-pricing-for-woocommerce/wordpress-advanced-dynamic-pricing-for-woocommerce-plugin-4-1-5-broken-access-control?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

51
CVE-2022/CVE-2022-417xx/CVE-2022-41790.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2022-41790",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-01-17T18:15:45.207",
"lastModified": "2024-01-17T19:22:17.977",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-24T20:21:31.797",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in CodePeople WP Time Slots Booking Form.This issue affects WP Time Slots Booking Form: from n/a through 1.1.76.\n\n"
},
{
"lang": "es",
"value": "Vulnerabilidad de autorizaci\u00f3n faltante en CodePeople WP Time Slots Booking Form. Este problema afecta a WP Time Slots Booking Form: desde n/a hasta 1.1.76."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:codepeople:wp_time_slots_booking_form:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.1.76",
"matchCriteriaId": "0C4F35BB-F877-48F3-8EAA-661A259C1BDA"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wp-time-slots-booking-form/wordpress-wp-time-slots-booking-form-plugin-1-1-76-missing-authorization-leading-to-feedback-submission-vulnerability",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

51
CVE-2023/CVE-2023-238xx/CVE-2023-23896.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-23896",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-01-17T17:15:10.913",
"lastModified": "2024-01-17T17:35:02.713",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-24T19:40:40.603",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in MyThemeShop URL Shortener by MyThemeShop.This issue affects URL Shortener by MyThemeShop: from n/a through 1.0.17.\n\n"
},
{
"lang": "es",
"value": "Vulnerabilidad de autorizaci\u00f3n faltante en MyThemeShop URL Shortener de MyThemeShop. Este problema afecta a URL Shortener de MyThemeShop: desde n/a hasta 1.0.17."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mythemeshop:url_shortener:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.0.17",
"matchCriteriaId": "0B13384D-613F-4B1F-8F26-0A5D3870274D"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/mts-url-shortener/wordpress-url-shortener-by-mythemeshop-plugin-1-0-16-broken-access-control-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

66
CVE-2023/CVE-2023-252xx/CVE-2023-25295.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-25295",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-17T03:15:07.743",
"lastModified": "2024-01-24T15:15:08.397",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2024-01-24T19:52:57.447",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,11 +14,69 @@
"value": "Una vulnerabilidad de cross site scripting (XSS) en GRN Software Group eVEWA3 Community versi\u00f3n 31 a 53 permite a los atacantes obtener privilegios aumentados a trav\u00e9s de una solicitud manipulada para el panel de inicio de sesi\u00f3n."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gruen:evewa3:*:*:*:*:*:*:*:*",
"versionStartIncluding": "31",
"versionEndIncluding": "53",
"matchCriteriaId": "85FFCAD4-1F6F-478F-A7E9-C8BD5B325B72"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.munz4u.de/posts/2023/03/cve-2023-25295-ato-via-rxss-in-evewa3-community/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

10
CVE-2023/CVE-2023-256xx/CVE-2023-25613.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-25613",
"sourceIdentifier": "security@apache.org",
"published": "2023-02-20T16:15:10.677",
"lastModified": "2023-11-07T04:09:04.543",
"vulnStatus": "Modified",
"lastModified": "2024-01-24T19:38:51.813",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -36,7 +36,7 @@
},
"weaknesses": [
{
"source": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"source": "security@apache.org",
"type": "Primary",
"description": [
{
@ -55,9 +55,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:kerby:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:a:apache:identity_backend:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.0.3",
"matchCriteriaId": "76868DAF-F84E-425E-AC08-801BFC6FE97E"
"matchCriteriaId": "AD5ACB29-624B-4CA2-BC17-7B1130B0BBE1"
}
]
}

6
CVE-2023/CVE-2023-438xx/CVE-2023-43898.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-43898",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-03T21:15:10.440",
"lastModified": "2023-11-09T20:54:18.747",
"lastModified": "2024-01-24T20:26:27.720",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -59,8 +59,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nothings:stb:2.28:*:*:*:*:*:*:*",
"matchCriteriaId": "C8487896-B935-422E-AFC5-0A6634B929D0"
"criteria": "cpe:2.3:a:nothings:stb_image.h:2.28:*:*:*:*:*:*:*",
"matchCriteriaId": "76840B8F-81FC-4BC6-A92C-EBB978741DAB"
}
]
}

145
CVE-2023/CVE-2023-483xx/CVE-2023-48353.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-48353",
"sourceIdentifier": "security@unisoc.com",
"published": "2024-01-18T03:15:57.960",
"lastModified": "2024-01-18T13:41:52.450",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-24T20:08:44.573",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,11 +14,148 @@
"value": "En vsp driver, existe un posible use after free debido a un error l\u00f3gico. Esto podr\u00eda provocar una denegaci\u00f3n de servicio local con privilegios de ejecuci\u00f3n del Sistema necesarios."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FDE05D06-C798-4217-8858-8C5DC2C94751"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AC867249-B767-4802-868D-6D0E356C8294"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "25BBD3C5-E87C-4730-970C-19DF855AC3A2"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE00DFDE-97DD-4D33-B580-73FEF677C71B"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F20E00D8-2F00-4FA3-9455-37DC89908D96"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*",
"matchCriteriaId": "905E39DD-7948-40A4-B042-EBB9A9591347"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CDC980D6-B797-4AE1-B553-35395AE80D07"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*",
"matchCriteriaId": "98408A48-561A-49D1-967F-834311742B7F"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*",
"matchCriteriaId": "756E5850-CDC7-46C2-BAFC-1E2A359A2709"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39002ECE-636A-4FEB-9A0B-8127E8AAC844"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t760:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3D965CCA-C963-49E4-ACF0-2A9F458AF470"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t770:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FFEF06A-E3E0-486F-89CC-D52FF3F26F0B"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t820:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49601008-D3FF-47CC-B961-6FDDFC7A0596"
}
]
}
]
}
],
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545",
"source": "security@unisoc.com"
"source": "security@unisoc.com",
"tags": [
"Vendor Advisory"
]
}
]
}

145
CVE-2023/CVE-2023-483xx/CVE-2023-48354.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-48354",
"sourceIdentifier": "security@unisoc.com",
"published": "2024-01-18T03:15:58.013",
"lastModified": "2024-01-18T13:41:52.450",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-24T20:41:27.640",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,11 +14,148 @@
"value": "En telephone service existe una posible validaci\u00f3n de entrada incorrecta. Esto podr\u00eda conducir a la divulgaci\u00f3n de informaci\u00f3n local sin necesidad de privilegios de ejecuci\u00f3n adicionales."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FDE05D06-C798-4217-8858-8C5DC2C94751"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AC867249-B767-4802-868D-6D0E356C8294"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "25BBD3C5-E87C-4730-970C-19DF855AC3A2"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE00DFDE-97DD-4D33-B580-73FEF677C71B"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F20E00D8-2F00-4FA3-9455-37DC89908D96"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*",
"matchCriteriaId": "905E39DD-7948-40A4-B042-EBB9A9591347"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CDC980D6-B797-4AE1-B553-35395AE80D07"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*",
"matchCriteriaId": "98408A48-561A-49D1-967F-834311742B7F"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*",
"matchCriteriaId": "756E5850-CDC7-46C2-BAFC-1E2A359A2709"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39002ECE-636A-4FEB-9A0B-8127E8AAC844"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t760:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3D965CCA-C963-49E4-ACF0-2A9F458AF470"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t770:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FFEF06A-E3E0-486F-89CC-D52FF3F26F0B"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t820:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49601008-D3FF-47CC-B961-6FDDFC7A0596"
}
]
}
]
}
],
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545",
"source": "security@unisoc.com"
"source": "security@unisoc.com",
"tags": [
"Vendor Advisory"
]
}
]
}

145
CVE-2023/CVE-2023-483xx/CVE-2023-48355.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-48355",
"sourceIdentifier": "security@unisoc.com",
"published": "2024-01-18T03:15:58.063",
"lastModified": "2024-01-18T13:41:52.450",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-24T20:43:49.710",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,11 +14,148 @@
"value": "En jpg driver, existe una posible escritura fuera de los l\u00edmites debido a una verificaci\u00f3n de l\u00edmites faltantes. Esto podr\u00eda provocar una denegaci\u00f3n de servicio local con privilegios de ejecuci\u00f3n del sistema necesarios."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FDE05D06-C798-4217-8858-8C5DC2C94751"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AC867249-B767-4802-868D-6D0E356C8294"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "25BBD3C5-E87C-4730-970C-19DF855AC3A2"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE00DFDE-97DD-4D33-B580-73FEF677C71B"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F20E00D8-2F00-4FA3-9455-37DC89908D96"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*",
"matchCriteriaId": "905E39DD-7948-40A4-B042-EBB9A9591347"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CDC980D6-B797-4AE1-B553-35395AE80D07"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*",
"matchCriteriaId": "98408A48-561A-49D1-967F-834311742B7F"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*",
"matchCriteriaId": "756E5850-CDC7-46C2-BAFC-1E2A359A2709"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39002ECE-636A-4FEB-9A0B-8127E8AAC844"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t760:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3D965CCA-C963-49E4-ACF0-2A9F458AF470"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t770:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FFEF06A-E3E0-486F-89CC-D52FF3F26F0B"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t820:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49601008-D3FF-47CC-B961-6FDDFC7A0596"
}
]
}
]
}
],
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545",
"source": "security@unisoc.com"
"source": "security@unisoc.com",
"tags": [
"Vendor Advisory"
]
}
]
}

145
CVE-2023/CVE-2023-483xx/CVE-2023-48356.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-48356",
"sourceIdentifier": "security@unisoc.com",
"published": "2024-01-18T03:15:58.107",
"lastModified": "2024-01-18T13:41:52.450",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-24T20:44:22.100",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,11 +14,148 @@
"value": "En jpg driver, existe una posible escritura fuera de los l\u00edmites debido a una verificaci\u00f3n de l\u00edmites faltantes. Esto podr\u00eda provocar una denegaci\u00f3n de servicio local con privilegios de ejecuci\u00f3n del sistema necesarios."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FDE05D06-C798-4217-8858-8C5DC2C94751"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AC867249-B767-4802-868D-6D0E356C8294"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "25BBD3C5-E87C-4730-970C-19DF855AC3A2"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE00DFDE-97DD-4D33-B580-73FEF677C71B"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F20E00D8-2F00-4FA3-9455-37DC89908D96"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*",
"matchCriteriaId": "905E39DD-7948-40A4-B042-EBB9A9591347"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CDC980D6-B797-4AE1-B553-35395AE80D07"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*",
"matchCriteriaId": "98408A48-561A-49D1-967F-834311742B7F"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*",
"matchCriteriaId": "756E5850-CDC7-46C2-BAFC-1E2A359A2709"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39002ECE-636A-4FEB-9A0B-8127E8AAC844"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t760:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3D965CCA-C963-49E4-ACF0-2A9F458AF470"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t770:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FFEF06A-E3E0-486F-89CC-D52FF3F26F0B"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t820:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49601008-D3FF-47CC-B961-6FDDFC7A0596"
}
]
}
]
}
],
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545",
"source": "security@unisoc.com"
"source": "security@unisoc.com",
"tags": [
"Vendor Advisory"
]
}
]
}

145
CVE-2023/CVE-2023-483xx/CVE-2023-48357.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-48357",
"sourceIdentifier": "security@unisoc.com",
"published": "2024-01-18T03:15:58.150",
"lastModified": "2024-01-18T13:41:52.450",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-24T20:44:35.727",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,11 +14,148 @@
"value": "En vsp driver, existe una posible escritura fuera de los l\u00edmites debido a una verificaci\u00f3n de l\u00edmites faltante. Esto podr\u00eda provocar una denegaci\u00f3n de servicio local con privilegios de ejecuci\u00f3n del sistema necesarios."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FDE05D06-C798-4217-8858-8C5DC2C94751"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AC867249-B767-4802-868D-6D0E356C8294"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "25BBD3C5-E87C-4730-970C-19DF855AC3A2"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE00DFDE-97DD-4D33-B580-73FEF677C71B"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F20E00D8-2F00-4FA3-9455-37DC89908D96"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*",
"matchCriteriaId": "905E39DD-7948-40A4-B042-EBB9A9591347"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CDC980D6-B797-4AE1-B553-35395AE80D07"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*",
"matchCriteriaId": "98408A48-561A-49D1-967F-834311742B7F"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*",
"matchCriteriaId": "756E5850-CDC7-46C2-BAFC-1E2A359A2709"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39002ECE-636A-4FEB-9A0B-8127E8AAC844"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t760:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3D965CCA-C963-49E4-ACF0-2A9F458AF470"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t770:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FFEF06A-E3E0-486F-89CC-D52FF3F26F0B"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t820:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49601008-D3FF-47CC-B961-6FDDFC7A0596"
}
]
}
]
}
],
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545",
"source": "security@unisoc.com"
"source": "security@unisoc.com",
"tags": [
"Vendor Advisory"
]
}
]
}

145
CVE-2023/CVE-2023-483xx/CVE-2023-48358.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-48358",
"sourceIdentifier": "security@unisoc.com",
"published": "2024-01-18T03:15:58.193",
"lastModified": "2024-01-18T13:41:52.450",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-24T20:39:57.700",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,11 +14,148 @@
"value": "En drm driver, existe una posible escritura fuera de los l\u00edmites debido a una comprobaci\u00f3n de l\u00edmites faltante. Esto podr\u00eda provocar una denegaci\u00f3n de servicio local con privilegios de ejecuci\u00f3n del sistema necesarios."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FDE05D06-C798-4217-8858-8C5DC2C94751"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AC867249-B767-4802-868D-6D0E356C8294"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "25BBD3C5-E87C-4730-970C-19DF855AC3A2"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE00DFDE-97DD-4D33-B580-73FEF677C71B"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F20E00D8-2F00-4FA3-9455-37DC89908D96"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*",
"matchCriteriaId": "905E39DD-7948-40A4-B042-EBB9A9591347"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CDC980D6-B797-4AE1-B553-35395AE80D07"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*",
"matchCriteriaId": "98408A48-561A-49D1-967F-834311742B7F"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*",
"matchCriteriaId": "756E5850-CDC7-46C2-BAFC-1E2A359A2709"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39002ECE-636A-4FEB-9A0B-8127E8AAC844"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t760:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3D965CCA-C963-49E4-ACF0-2A9F458AF470"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t770:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FFEF06A-E3E0-486F-89CC-D52FF3F26F0B"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t820:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49601008-D3FF-47CC-B961-6FDDFC7A0596"
}
]
}
]
}
],
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545",
"source": "security@unisoc.com"
"source": "security@unisoc.com",
"tags": [
"Vendor Advisory"
]
}
]
}

145
CVE-2023/CVE-2023-483xx/CVE-2023-48359.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-48359",
"sourceIdentifier": "security@unisoc.com",
"published": "2024-01-18T03:15:58.237",
"lastModified": "2024-01-18T13:41:52.450",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-24T20:35:30.263",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,11 +14,148 @@
"value": "En autotest driver, existe una posible escritura fuera de los l\u00edmites debido a una validaci\u00f3n de entrada incorrecta. Esto podr\u00eda provocar una denegaci\u00f3n de servicio local con privilegios de ejecuci\u00f3n del sistema necesarios."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FDE05D06-C798-4217-8858-8C5DC2C94751"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AC867249-B767-4802-868D-6D0E356C8294"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "25BBD3C5-E87C-4730-970C-19DF855AC3A2"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE00DFDE-97DD-4D33-B580-73FEF677C71B"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F20E00D8-2F00-4FA3-9455-37DC89908D96"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*",
"matchCriteriaId": "905E39DD-7948-40A4-B042-EBB9A9591347"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CDC980D6-B797-4AE1-B553-35395AE80D07"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*",
"matchCriteriaId": "98408A48-561A-49D1-967F-834311742B7F"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*",
"matchCriteriaId": "756E5850-CDC7-46C2-BAFC-1E2A359A2709"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39002ECE-636A-4FEB-9A0B-8127E8AAC844"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t760:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3D965CCA-C963-49E4-ACF0-2A9F458AF470"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t770:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FFEF06A-E3E0-486F-89CC-D52FF3F26F0B"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t820:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49601008-D3FF-47CC-B961-6FDDFC7A0596"
}
]
}
]
}
],
"references": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545",
"source": "security@unisoc.com"
"source": "security@unisoc.com",
"tags": [
"Vendor Advisory"
]
}
]
}

69
CVE-2023/CVE-2023-488xx/CVE-2023-48858.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-48858",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-17T20:15:50.573",
"lastModified": "2024-01-18T13:42:11.613",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-24T20:16:53.197",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,15 +14,74 @@
"value": "Una vulnerabilidad de Cross-site scripting (XSS) en el c\u00f3digo PHP de la p\u00e1gina de inicio de sesi\u00f3n en Armex ABO.CMS 5.9 permite a atacantes remotos inyectar scripts web o HTML de su elecci\u00f3n a trav\u00e9s de la parte de URL login.php?."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:abocms:abo.cms:5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "910D9E93-A238-4A8E-A838-875B5062EDF5"
}
]
}
]
}
],
"references": [
{
"url": "https://abocms.ru/about/versions/version59/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/Shumerez/CVE-2023-48858",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

104
CVE-2023/CVE-2023-509xx/CVE-2023-50950.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-50950",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2024-01-17T17:15:11.143",
"lastModified": "2024-01-17T17:35:02.713",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-24T19:42:29.450",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "IBM QRadar SIEM 7.5 could disclose sensitive email information in responses from offense rules. IBM X-Force ID: 275709."
},
{
"lang": "es",
"value": "IBM QRadar SIEM 7.5 podr\u00eda revelar informaci\u00f3n confidencial de correo electr\u00f3nico en respuestas a reglas de infracci\u00f3n. ID de IBM X-Force: 275709."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
@ -36,8 +60,18 @@
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -46,14 +80,74 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:-:*:*:*:*:*:*",
"matchCriteriaId": "DACA17CC-8B71-4E71-B075-BFFB65AD989C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_1:*:*:*:*:*:*",
"matchCriteriaId": "BA60FDE5-8C40-4C7A-97CF-BA2A64BF307D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_2:*:*:*:*:*:*",
"matchCriteriaId": "AB518E06-00BA-48F3-8AEC-6E1E97CAA2CC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_3:*:*:*:*:*:*",
"matchCriteriaId": "289027A2-178C-45DE-A86F-1207F23D13B1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_4:*:*:*:*:*:*",
"matchCriteriaId": "5047AECF-879B-427A-ACF7-ECB10965E1B0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_5:*:*:*:*:*:*",
"matchCriteriaId": "CD448AB8-E3CC-41A1-9D32-B1B35C68FA5C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_6:*:*:*:*:*:*",
"matchCriteriaId": "9F4014E8-42E2-4B76-B2DA-8B50929A4AB5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_7:*:*:*:*:*:*",
"matchCriteriaId": "BD0A459A-C74A-4E18-83B3-4C29D47D2C2B"
}
]
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/275709",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
]
},
{
"url": "https://www.ibm.com/support/pages/node/7108657",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

69
CVE-2023/CVE-2023-50xx/CVE-2023-5041.json
View File

@ -2,19 +2,80 @@
"id": "CVE-2023-5041",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-01-17T15:15:10.850",
"lastModified": "2024-01-17T17:35:08.140",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-24T19:20:29.410",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The Track The Click WordPress plugin before 0.3.12 does not properly sanitize query parameters to the stats REST endpoint before using them in a database query, allowing a logged in user with an author role or higher to perform time based blind SQLi attacks on the database."
},
{
"lang": "es",
"value": "El complemento Track The Click de WordPress anterior a 0.3.12 no sanitiza adecuadamente los par\u00e1metros de consulta en el endpoint REST de estad\u00edsticas antes de usarlos en una consulta de base de datos, lo que permite a un usuario registrado con un rol de autor o superior realizar ataques SQLi ciegos basados en el tiempo en la base de datos. ."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tracktheclick:track_the_click:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "0.3.12",
"matchCriteriaId": "8D6A6AAB-86F0-4FC3-B3AF-6F27BA4D0079"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://wpscan.com/vulnerability/45194442-6eea-4e07-85a5-4a1e2fde3523",
"source": "contact@wpscan.com"
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

43
CVE-2023/CVE-2023-514xx/CVE-2023-51463.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-51463",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-01-18T11:15:08.173",
"lastModified": "2024-01-18T13:41:52.450",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-24T20:57:48.340",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -39,6 +39,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "psirt@adobe.com",
"type": "Secondary",
@ -50,10 +60,37 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*",
"versionEndIncluding": "6.5.18",
"matchCriteriaId": "1184F916-16A4-4066-A7A5-6FAACE9F3679"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:experience_manager:-:*:*:*:cloud_service:*:*:*",
"matchCriteriaId": "B3E850FF-78BA-496F-9C3D-C119C64B34F9"
}
]
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html",
"source": "psirt@adobe.com"
"source": "psirt@adobe.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

33
CVE-2023/CVE-2023-514xx/CVE-2023-51464.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-51464",
"sourceIdentifier": "psirt@adobe.com",
"published": "2024-01-18T11:15:08.827",
"lastModified": "2024-01-18T13:41:52.450",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-24T20:58:01.897",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -50,10 +50,37 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:*",
"versionEndIncluding": "6.5.18",
"matchCriteriaId": "1184F916-16A4-4066-A7A5-6FAACE9F3679"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:experience_manager:-:*:*:*:cloud_service:*:*:*",
"matchCriteriaId": "B3E850FF-78BA-496F-9C3D-C119C64B34F9"
}
]
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html",
"source": "psirt@adobe.com"
"source": "psirt@adobe.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

114
CVE-2023/CVE-2023-65xx/CVE-2023-6549.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6549",
"sourceIdentifier": "secure@citrix.com",
"published": "2024-01-17T21:15:11.690",
"lastModified": "2024-01-19T02:00:01.863",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-24T20:48:33.600",
"vulnStatus": "Analyzed",
"cisaExploitAdd": "2024-01-17",
"cisaActionDue": "2024-02-07",
"cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
@ -20,6 +20,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "secure@citrix.com",
"type": "Secondary",
@ -43,6 +63,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-119"
}
]
},
{
"source": "secure@citrix.com",
"type": "Secondary",
@ -54,10 +84,88 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:citrix:netscaler_application_delivery_controller:*:*:*:*:fips:*:*:*",
"versionStartIncluding": "12.1",
"versionEndExcluding": "12.1-55.302",
"matchCriteriaId": "E5672003-8E6B-4316-B5C9-FE436080ADD1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:citrix:netscaler_application_delivery_controller:*:*:*:*:ndcpp:*:*:*",
"versionStartIncluding": "12.1",
"versionEndExcluding": "12.1-55.302",
"matchCriteriaId": "D1A11ABD-4F45-4BA9-B30B-F1D8A612CC15"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:citrix:netscaler_application_delivery_controller:*:*:*:*:-:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.0-92.21",
"matchCriteriaId": "FC0A5AAC-62DD-416A-A801-A7A95D5EF73C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:citrix:netscaler_application_delivery_controller:*:*:*:*:fips:*:*:*",
"versionStartIncluding": "13.1",
"versionEndExcluding": "13.1-37.176",
"matchCriteriaId": "8C8A6B95-8338-4EE7-A6EC-7D84AEDC4AF3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:citrix:netscaler_application_delivery_controller:*:*:*:*:-:*:*:*",
"versionStartIncluding": "13.1",
"versionEndExcluding": "13.1-51.15",
"matchCriteriaId": "3CF77D9D-FC89-493D-B97D-F9699D182F54"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:citrix:netscaler_application_delivery_controller:*:*:*:*:-:*:*:*",
"versionStartIncluding": "14.1",
"versionEndExcluding": "14.1-12.35",
"matchCriteriaId": "62CD82CF-9013-4E54-B175-19B804A351AA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:citrix:netscaler_gateway:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.0-92.21",
"matchCriteriaId": "68E1F810-ABCD-40A7-A8C1-4E8727799C7C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:citrix:netscaler_gateway:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.1",
"versionEndExcluding": "13.1-51.15",
"matchCriteriaId": "E870C309-D5CD-4181-9DEB-4833DE2EAEB7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:citrix:netscaler_gateway:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.1",
"versionEndExcluding": "14.1-12.35",
"matchCriteriaId": "2836707F-A36F-479E-BFDC-CF55AEFC37EE"
}
]
}
]
}
],
"references": [
{
"url": "https://support.citrix.com/article/CTX584986/netscaler-adc-and-netscaler-gateway-security-bulletin-for-cve20236548-and-cve20236549",
"source": "secure@citrix.com"
"source": "secure@citrix.com",
"tags": [
"Vendor Advisory"
]
}
]
}

64
CVE-2023/CVE-2023-69xx/CVE-2023-6958.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6958",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-01-18T08:15:39.493",
"lastModified": "2024-01-18T13:41:52.450",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-24T20:47:14.900",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -38,14 +58,50 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bootstrapped:wp_recipe_maker:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "9.1.0",
"matchCriteriaId": "E22901F2-72D5-4E3D-BC82-E2AF4B0134FD"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3019769/wp-recipe-maker/trunk/includes/public/shortcodes/general/class-wprm-sc-text.php",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ec201702-8c8c-4049-b647-422d18001b7f?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

64
CVE-2023/CVE-2023-69xx/CVE-2023-6970.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6970",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-01-18T08:15:39.780",
"lastModified": "2024-01-18T13:41:52.450",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-24T20:48:25.003",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -38,14 +58,50 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bootstrapped:wp_recipe_maker:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "9.1.0",
"matchCriteriaId": "E22901F2-72D5-4E3D-BC82-E2AF4B0134FD"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3019769/wp-recipe-maker/trunk/templates/public/print.php",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/20842e95-4b91-4138-9e32-7c090724bf64?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

74
CVE-2024/CVE-2024-03xx/CVE-2024-0381.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-0381",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-01-18T08:15:40.000",
"lastModified": "2024-01-18T13:41:52.450",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-24T20:48:35.827",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -38,22 +58,64 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bootstrapped:wp_recipe_maker:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "9.1.0",
"matchCriteriaId": "E22901F2-72D5-4E3D-BC82-E2AF4B0134FD"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/3019769/wp-recipe-maker/trunk/includes/public/shortcodes/recipe/class-wprm-sc-counter.php",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3019769/wp-recipe-maker/trunk/includes/public/shortcodes/recipe/class-wprm-sc-date.php",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/3019769/wp-recipe-maker/trunk/includes/public/shortcodes/recipe/class-wprm-sc-name.php",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a7c949f0-fcd1-4984-95a2-b19fb72f04bb?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

56
CVE-2024/CVE-2024-05xx/CVE-2024-0557.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-0557",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-15T17:15:09.753",
"lastModified": "2024-01-16T13:56:05.467",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-24T20:15:27.893",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -75,18 +95,44 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dedebiz:dedebiz:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9DFDC21D-6CC8-4EA7-A41D-E9D7F1B667DA"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/JTZ-a/SRC/blob/master/DedeBIZ/DedeBIZ%20-%20StoredXSS/README.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
},
{
"url": "https://vuldb.com/?ctiid.250725",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.250725",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

50
CVE-2024/CVE-2024-06xx/CVE-2024-0642.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2024-0642",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2024-01-17T14:15:43.470",
"lastModified": "2024-01-17T17:35:08.140",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-24T19:29:41.893",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Inadequate access control in the C21 Live Encoder and Live Mosaic product, version 5.3. This vulnerability allows a remote attacker to access the application as an administrator user through the application endpoint, due to lack of proper credential management."
},
{
"lang": "es",
"value": "Control de acceso inadecuado en el producto C21 Live Encoder y Live Mosaic, versi\u00f3n 5.3. Esta vulnerabilidad permite que un atacante remoto acceda a la aplicaci\u00f3n como usuario administrador a trav\u00e9s del endpoint de la aplicaci\u00f3n, debido a la falta de una gesti\u00f3n de credenciales adecuada."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
@ -46,10 +70,30 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cires21:live_encoder:5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B2C78451-CFDE-49B0-994A-08E33D8B5A04"
}
]
}
]
}
],
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-cires21-products",
"source": "cve-coordination@incibe.es"
"source": "cve-coordination@incibe.es",
"tags": [
"Third Party Advisory"
]
}
]
}

50
CVE-2024/CVE-2024-06xx/CVE-2024-0643.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2024-0643",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2024-01-17T14:15:43.920",
"lastModified": "2024-01-17T17:35:08.140",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-24T19:27:40.553",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Unrestricted upload of dangerous file types in the C21 Live Encoder and Live Mosaic product, version 5.3. This vulnerability allows a remote attacker to upload different file extensions without any restrictions, resulting in a full system compromise."
},
{
"lang": "es",
"value": "Carga sin restricciones de tipos de archivos peligrosos en el producto C21 Live Encoder y Live Mosaic, versi\u00f3n 5.3. Esta vulnerabilidad permite a un atacante remoto cargar diferentes extensiones de archivos sin restricciones, lo que compromete todo el sistema."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
@ -46,10 +70,30 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cires21:live_encoder:5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B2C78451-CFDE-49B0-994A-08E33D8B5A04"
}
]
}
]
}
],
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-cires21-products",
"source": "cve-coordination@incibe.es"
"source": "cve-coordination@incibe.es",
"tags": [
"Third Party Advisory"
]
}
]
}

62
CVE-2024/CVE-2024-06xx/CVE-2024-0645.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2024-0645",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2024-01-17T14:15:44.113",
"lastModified": "2024-01-17T17:35:08.140",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-24T19:24:06.717",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow vulnerability in Explorer++ affecting version 1.3.5.531. A local attacker could execute arbitrary code via a long filename argument by monitoring Structured Exception Handler (SEH) records."
},
{
"lang": "es",
"value": "Vulnerabilidad de desbordamiento de b\u00fafer en Explorer++ que afecta a la versi\u00f3n 1.3.5.531. Un atacante local podr\u00eda ejecutar c\u00f3digo arbitrario a trav\u00e9s de un argumento filename largo al monitorear los registros de Structured Exception Handler (SEH)."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
@ -36,8 +60,18 @@
},
"weaknesses": [
{
"source": "cve-coordination@incibe.es",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
},
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -46,10 +80,30 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:explorerplusplus:explorer\\+\\+:1.3.5.531:*:*:*:*:*:*:*",
"matchCriteriaId": "7E0B5947-4F64-4746-B91A-0033F1FBDB65"
}
]
}
]
}
],
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/buffer-overflow-vulnerability-explorer",
"source": "cve-coordination@incibe.es"
"source": "cve-coordination@incibe.es",
"tags": [
"Third Party Advisory"
]
}
]
}

58
CVE-2024/CVE-2024-06xx/CVE-2024-0648.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-0648",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-17T23:15:08.197",
"lastModified": "2024-01-18T13:42:11.613",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-24T20:50:45.720",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -75,18 +95,46 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:yunyou_cms_project:yunyou_cms:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2.2.6",
"matchCriteriaId": "1087918C-B68F-4A92-B2DF-CBAC62584097"
}
]
}
]
}
],
"references": [
{
"url": "https://note.zhaoj.in/share/FO8AL78oAeTS",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Broken Link"
]
},
{
"url": "https://vuldb.com/?ctiid.251374",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.251374",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

70
CVE-2024/CVE-2024-202xx/CVE-2024-20272.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2024-20272",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2024-01-17T17:15:12.130",
"lastModified": "2024-01-17T17:35:02.713",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-24T20:33:26.197",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Unity Connection could allow an unauthenticated, remote attacker to upload arbitrary files to an affected system and execute commands on the underlying operating system. This vulnerability is due to a lack of authentication in a specific API and improper validation of user-supplied data. An attacker could exploit this vulnerability by uploading arbitrary files to an affected system. A successful exploit could allow the attacker to store malicious files on the system, execute arbitrary commands on the operating system, and elevate privileges to root."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web de Cisco Unity Connection podr\u00eda permitir que un atacante remoto no autenticado cargue archivos arbitrarios en un sistema afectado y ejecute comandos en el sistema operativo subyacente. Esta vulnerabilidad se debe a una falta de autenticaci\u00f3n en una API espec\u00edfica y a una validaci\u00f3n inadecuada de los datos proporcionados por el usuario. Un atacante podr\u00eda aprovechar esta vulnerabilidad cargando archivos arbitrarios en un sistema afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante almacenar archivos maliciosos en el sistema, ejecutar comandos arbitrarios en el sistema operativo y elevar privilegios a root."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
@ -34,10 +58,50 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:unity_connection:*:*:*:*:*:*:*:*",
"versionEndExcluding": "12.5.1.19017-4",
"matchCriteriaId": "05EE3F1E-0C35-4922-BB29-0E48323ED572"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:unity_connection:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0",
"versionEndExcluding": "14.0.1.14006-5",
"matchCriteriaId": "02BBF889-9F0F-420A-BA31-3DF0C41F6782"
}
]
}
]
}
],
"references": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cuc-unauth-afu-FROYsCsD",
"source": "ykramarz@cisco.com"
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
]
}
]
}

69
CVE-2024/CVE-2024-227xx/CVE-2024-22714.json
View File

@ -2,19 +2,80 @@
"id": "CVE-2024-22714",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-17T18:15:45.410",
"lastModified": "2024-01-17T19:22:17.977",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-24T20:28:11.080",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Stupid Simple CMS <=1.2.4 is vulnerable to Cross Site Scripting (XSS) in the editing section of the article content."
},
{
"lang": "es",
"value": "Stupid Simple CMS &lt;=1.2.4 es vulnerable a Cross Site Scripting (XSS) en la secci\u00f3n de edici\u00f3n del contenido del art\u00edculo."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:codelyfe:stupid_simple_cms:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.2.4",
"matchCriteriaId": "700DA84E-DA65-4B87-B847-E4C61E24F5D1"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/RumblingIsOccupied/cms/blob/main/2.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

69
CVE-2024/CVE-2024-227xx/CVE-2024-22715.json
View File

@ -2,19 +2,80 @@
"id": "CVE-2024-22715",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-17T18:15:45.457",
"lastModified": "2024-01-17T19:22:17.977",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-24T20:13:00.880",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Stupid Simple CMS <=1.2.4 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin-edit.php."
},
{
"lang": "es",
"value": "Se descubri\u00f3 que Stupid Simple CMS &lt;=1.2.4 conten\u00eda Cross-Site Request Forgery (CSRF) a trav\u00e9s del componente /admin-edit.php."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:codelyfe:stupid_simple_cms:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.2.4",
"matchCriteriaId": "700DA84E-DA65-4B87-B847-E4C61E24F5D1"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/RumblingIsOccupied/cms/blob/main/1.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

63
CVE-2024/CVE-2024-236xx/CVE-2024-23644.json Normal file
View File

@ -0,0 +1,63 @@
{
"id": "CVE-2024-23644",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-01-24T20:15:53.680",
"lastModified": "2024-01-24T20:15:53.680",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Trillium is a composable toolkit for building internet applications with async rust. In `trillium-http` prior to 0.3.12 and `trillium-client` prior to 0.5.4, insufficient validation of outbound header values may lead to request splitting or response splitting attacks in scenarios where attackers have sufficient control over headers. This only affects use cases where attackers have control of request headers, and can insert \"\\r\\n\" sequences. Specifically, if untrusted and unvalidated input is inserted into header names or values.\n\nOutbound `trillium_http::HeaderValue` and `trillium_http::HeaderName` can be constructed infallibly and were not checked for illegal bytes when sending requests from the client or responses from the server. Thus, if an attacker has sufficient control over header values (or names) in a request or response that they could inject `\\r\\n` sequences, they could get the client and server out of sync, and then pivot to gain control over other parts of requests or responses. (i.e. exfiltrating data from other requests, SSRF, etc.)\n\nIn `trillium-http` versions 0.3.12 and later, if a header name is invalid in server response headers, the specific header and any associated values are omitted from network transmission. Additionally, if a header value is invalid in server response headers, the individual header value is omitted from network transmission. Other headers values with the same header name will still be sent. In `trillium-client` versions 0.5.4 and later, if any header name or header value is invalid in the client request headers, awaiting the client Conn returns an `Error::MalformedHeader` prior to any network access. As a workaround, Trillium services and client applications should sanitize or validate untrusted input that is included in header values and header names. Carriage return, newline, and null characters are not allowed."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.6,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-113"
}
]
}
],
"references": [
{
"url": "https://github.com/trillium-rs/trillium/commit/16a42b3f8378a3fa4e61ece3e3e37e6a530df51d",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/trillium-rs/trillium/commit/8d468f85e27b8d0943d6f43ce9f8c7397141a999",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/trillium-rs/trillium/security/advisories/GHSA-9f9p-cp3c-72jf",
"source": "security-advisories@github.com"
}
]
}

71
CVE-2024/CVE-2024-236xx/CVE-2024-23646.json Normal file
View File

@ -0,0 +1,71 @@
{
"id": "CVE-2024-23646",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-01-24T20:15:53.877",
"lastModified": "2024-01-24T20:15:53.877",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Pimcore's Admin Classic Bundle provides a backend user interface for Pimcore. The application allows users to create zip files from available files on the site. In the 1.x branch prior to version 1.3.2, parameter `selectedIds` is susceptible to SQL Injection. Any backend user with very basic permissions can execute arbitrary SQL statements and thus alter any data or escalate their privileges to at least admin level. Version 1.3.2 contains a fix for this issue.\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/pimcore/admin-ui-classic-bundle/blob/1.x/src/Controller/Admin/Asset/AssetController.php#L2006",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/pimcore/admin-ui-classic-bundle/blob/1.x/src/Controller/Admin/Asset/AssetController.php#L2087",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/pimcore/admin-ui-classic-bundle/commit/363afef29496cc40a8b863c2ca2338979fcf50a8",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/pimcore/admin-ui-classic-bundle/releases/tag/v1.3.2",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/pimcore/admin-ui-classic-bundle/security/advisories/GHSA-cwx6-4wmf-c6xv",
"source": "security-advisories@github.com"
}
]
}

6
CVE-2024/CVE-2024-236xx/CVE-2024-23675.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-23675",
"sourceIdentifier": "prodsec@splunk.com",
"published": "2024-01-22T21:15:10.263",
"lastModified": "2024-01-23T13:44:14.167",
"lastModified": "2024-01-24T19:15:09.007",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -54,6 +54,10 @@
{
"url": "https://advisory.splunk.com/advisories/SVD-2024-0105",
"source": "prodsec@splunk.com"
},
{
"url": "https://research.splunk.com/application/8f0e8380-a835-4f2b-b749-9ce119364df0/",
"source": "prodsec@splunk.com"
}
]
}

6
CVE-2024/CVE-2024-236xx/CVE-2024-23676.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-23676",
"sourceIdentifier": "prodsec@splunk.com",
"published": "2024-01-22T21:15:10.530",
"lastModified": "2024-01-23T13:44:14.167",
"lastModified": "2024-01-24T19:15:09.097",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -54,6 +54,10 @@
{
"url": "https://advisory.splunk.com/advisories/SVD-2024-0106",
"source": "prodsec@splunk.com"
},
{
"url": "https://research.splunk.com/application/ee69374a-d27e-4136-adac-956a96ff60fd/",
"source": "prodsec@splunk.com"
}
]
}

6
CVE-2024/CVE-2024-236xx/CVE-2024-23678.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-23678",
"sourceIdentifier": "prodsec@splunk.com",
"published": "2024-01-22T21:15:10.920",
"lastModified": "2024-01-23T13:44:14.167",
"lastModified": "2024-01-24T19:15:09.180",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -54,6 +54,10 @@
{
"url": "https://advisory.splunk.com/advisories/SVD-2024-0108",
"source": "prodsec@splunk.com"
},
{
"url": "https://research.splunk.com/application/947d4d2e-1b64-41fc-b32a-736ddb88ce97/",
"source": "prodsec@splunk.com"
}
]
}

91
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-01-24T19:00:25.942114+00:00
2024-01-24T21:00:24.254523+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-01-24T18:54:46.323000+00:00
2024-01-24T20:58:01.897000+00:00
```
### Last Data Feed Release
@ -29,69 +29,50 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
236762
236768
```
### CVEs added in the last Commit
Recently added CVEs: `25`
Recently added CVEs: `6`
* [CVE-2021-42143](CVE-2021/CVE-2021-421xx/CVE-2021-42143.json) (`2024-01-24T18:15:08.080`)
* [CVE-2021-42144](CVE-2021/CVE-2021-421xx/CVE-2021-42144.json) (`2024-01-24T18:15:08.150`)
* [CVE-2023-51888](CVE-2023/CVE-2023-518xx/CVE-2023-51888.json) (`2024-01-24T18:15:08.240`)
* [CVE-2023-51889](CVE-2023/CVE-2023-518xx/CVE-2023-51889.json) (`2024-01-24T18:15:08.320`)
* [CVE-2023-51890](CVE-2023/CVE-2023-518xx/CVE-2023-51890.json) (`2024-01-24T18:15:08.380`)
* [CVE-2023-52038](CVE-2023/CVE-2023-520xx/CVE-2023-52038.json) (`2024-01-24T18:15:08.443`)
* [CVE-2023-52039](CVE-2023/CVE-2023-520xx/CVE-2023-52039.json) (`2024-01-24T18:15:08.500`)
* [CVE-2023-52040](CVE-2023/CVE-2023-520xx/CVE-2023-52040.json) (`2024-01-24T18:15:08.557`)
* [CVE-2023-51885](CVE-2023/CVE-2023-518xx/CVE-2023-51885.json) (`2024-01-24T17:15:08.257`)
* [CVE-2023-51886](CVE-2023/CVE-2023-518xx/CVE-2023-51886.json) (`2024-01-24T17:15:08.313`)
* [CVE-2023-51887](CVE-2023/CVE-2023-518xx/CVE-2023-51887.json) (`2024-01-24T17:15:08.360`)
* [CVE-2024-22720](CVE-2024/CVE-2024-227xx/CVE-2024-22720.json) (`2024-01-24T18:15:08.820`)
* [CVE-2024-23648](CVE-2024/CVE-2024-236xx/CVE-2024-23648.json) (`2024-01-24T18:15:08.877`)
* [CVE-2024-23649](CVE-2024/CVE-2024-236xx/CVE-2024-23649.json) (`2024-01-24T18:15:09.103`)
* [CVE-2024-23897](CVE-2024/CVE-2024-238xx/CVE-2024-23897.json) (`2024-01-24T18:15:09.370`)
* [CVE-2024-23898](CVE-2024/CVE-2024-238xx/CVE-2024-23898.json) (`2024-01-24T18:15:09.420`)
* [CVE-2024-23899](CVE-2024/CVE-2024-238xx/CVE-2024-23899.json) (`2024-01-24T18:15:09.467`)
* [CVE-2024-23900](CVE-2024/CVE-2024-239xx/CVE-2024-23900.json) (`2024-01-24T18:15:09.523`)
* [CVE-2024-23901](CVE-2024/CVE-2024-239xx/CVE-2024-23901.json) (`2024-01-24T18:15:09.563`)
* [CVE-2024-23902](CVE-2024/CVE-2024-239xx/CVE-2024-23902.json) (`2024-01-24T18:15:09.610`)
* [CVE-2024-23903](CVE-2024/CVE-2024-239xx/CVE-2024-23903.json) (`2024-01-24T18:15:09.653`)
* [CVE-2024-23904](CVE-2024/CVE-2024-239xx/CVE-2024-23904.json) (`2024-01-24T18:15:09.707`)
* [CVE-2024-23905](CVE-2024/CVE-2024-239xx/CVE-2024-23905.json) (`2024-01-24T18:15:09.750`)
* [CVE-2024-22229](CVE-2024/CVE-2024-222xx/CVE-2024-22229.json) (`2024-01-24T17:15:08.410`)
* [CVE-2024-23641](CVE-2024/CVE-2024-236xx/CVE-2024-23641.json) (`2024-01-24T17:15:08.600`)
* [CVE-2021-42145](CVE-2021/CVE-2021-421xx/CVE-2021-42145.json) (`2024-01-24T19:15:08.420`)
* [CVE-2021-42146](CVE-2021/CVE-2021-421xx/CVE-2021-42146.json) (`2024-01-24T19:15:08.483`)
* [CVE-2021-42147](CVE-2021/CVE-2021-421xx/CVE-2021-42147.json) (`2024-01-24T19:15:08.530`)
* [CVE-2021-43584](CVE-2021/CVE-2021-435xx/CVE-2021-43584.json) (`2024-01-24T20:15:53.610`)
* [CVE-2024-23644](CVE-2024/CVE-2024-236xx/CVE-2024-23644.json) (`2024-01-24T20:15:53.680`)
* [CVE-2024-23646](CVE-2024/CVE-2024-236xx/CVE-2024-23646.json) (`2024-01-24T20:15:53.877`)
### CVEs modified in the last Commit
Recently modified CVEs: `37`
Recently modified CVEs: `35`
* [CVE-2023-6148](CVE-2023/CVE-2023-61xx/CVE-2023-6148.json) (`2024-01-24T18:15:08.733`)
* [CVE-2023-23882](CVE-2023/CVE-2023-238xx/CVE-2023-23882.json) (`2024-01-24T18:16:34.363`)
* [CVE-2023-20271](CVE-2023/CVE-2023-202xx/CVE-2023-20271.json) (`2024-01-24T18:16:54.197`)
* [CVE-2023-36235](CVE-2023/CVE-2023-362xx/CVE-2023-36235.json) (`2024-01-24T18:17:24.737`)
* [CVE-2023-52288](CVE-2023/CVE-2023-522xx/CVE-2023-52288.json) (`2024-01-24T18:40:15.637`)
* [CVE-2023-20260](CVE-2023/CVE-2023-202xx/CVE-2023-20260.json) (`2024-01-24T18:41:03.997`)
* [CVE-2023-20258](CVE-2023/CVE-2023-202xx/CVE-2023-20258.json) (`2024-01-24T18:43:13.217`)
* [CVE-2023-20257](CVE-2023/CVE-2023-202xx/CVE-2023-20257.json) (`2024-01-24T18:43:42.877`)
* [CVE-2023-34379](CVE-2023/CVE-2023-343xx/CVE-2023-34379.json) (`2024-01-24T18:45:01.177`)
* [CVE-2023-6697](CVE-2023/CVE-2023-66xx/CVE-2023-6697.json) (`2024-01-24T18:45:34.830`)
* [CVE-2023-44281](CVE-2023/CVE-2023-442xx/CVE-2023-44281.json) (`2024-01-24T18:45:34.830`)
* [CVE-2023-52289](CVE-2023/CVE-2023-522xx/CVE-2023-52289.json) (`2024-01-24T18:48:24.283`)
* [CVE-2024-22407](CVE-2024/CVE-2024-224xx/CVE-2024-22407.json) (`2024-01-24T17:03:42.037`)
* [CVE-2024-22406](CVE-2024/CVE-2024-224xx/CVE-2024-22406.json) (`2024-01-24T17:04:06.093`)
* [CVE-2024-22916](CVE-2024/CVE-2024-229xx/CVE-2024-22916.json) (`2024-01-24T17:04:22.573`)
* [CVE-2024-0405](CVE-2024/CVE-2024-04xx/CVE-2024-0405.json) (`2024-01-24T17:23:09.773`)
* [CVE-2024-0647](CVE-2024/CVE-2024-06xx/CVE-2024-0647.json) (`2024-01-24T18:05:58.343`)
* [CVE-2024-22192](CVE-2024/CVE-2024-221xx/CVE-2024-22192.json) (`2024-01-24T18:13:38.807`)
* [CVE-2024-22191](CVE-2024/CVE-2024-221xx/CVE-2024-22191.json) (`2024-01-24T18:13:53.947`)
* [CVE-2024-21670](CVE-2024/CVE-2024-216xx/CVE-2024-21670.json) (`2024-01-24T18:14:10.497`)
* [CVE-2024-0650](CVE-2024/CVE-2024-06xx/CVE-2024-0650.json) (`2024-01-24T18:18:06.083`)
* [CVE-2024-22141](CVE-2024/CVE-2024-221xx/CVE-2024-22141.json) (`2024-01-24T18:45:34.830`)
* [CVE-2024-22651](CVE-2024/CVE-2024-226xx/CVE-2024-22651.json) (`2024-01-24T18:45:34.830`)
* [CVE-2024-22725](CVE-2024/CVE-2024-227xx/CVE-2024-22725.json) (`2024-01-24T18:45:34.830`)
* [CVE-2024-22411](CVE-2024/CVE-2024-224xx/CVE-2024-22411.json) (`2024-01-24T18:54:46.323`)
* [CVE-2023-48858](CVE-2023/CVE-2023-488xx/CVE-2023-48858.json) (`2024-01-24T20:16:53.197`)
* [CVE-2023-43898](CVE-2023/CVE-2023-438xx/CVE-2023-43898.json) (`2024-01-24T20:26:27.720`)
* [CVE-2023-48359](CVE-2023/CVE-2023-483xx/CVE-2023-48359.json) (`2024-01-24T20:35:30.263`)
* [CVE-2023-48358](CVE-2023/CVE-2023-483xx/CVE-2023-48358.json) (`2024-01-24T20:39:57.700`)
* [CVE-2023-48354](CVE-2023/CVE-2023-483xx/CVE-2023-48354.json) (`2024-01-24T20:41:27.640`)
* [CVE-2023-48355](CVE-2023/CVE-2023-483xx/CVE-2023-48355.json) (`2024-01-24T20:43:49.710`)
* [CVE-2023-48356](CVE-2023/CVE-2023-483xx/CVE-2023-48356.json) (`2024-01-24T20:44:22.100`)
* [CVE-2023-48357](CVE-2023/CVE-2023-483xx/CVE-2023-48357.json) (`2024-01-24T20:44:35.727`)
* [CVE-2023-6958](CVE-2023/CVE-2023-69xx/CVE-2023-6958.json) (`2024-01-24T20:47:14.900`)
* [CVE-2023-6970](CVE-2023/CVE-2023-69xx/CVE-2023-6970.json) (`2024-01-24T20:48:25.003`)
* [CVE-2023-6549](CVE-2023/CVE-2023-65xx/CVE-2023-6549.json) (`2024-01-24T20:48:33.600`)
* [CVE-2023-51463](CVE-2023/CVE-2023-514xx/CVE-2023-51463.json) (`2024-01-24T20:57:48.340`)
* [CVE-2023-51464](CVE-2023/CVE-2023-514xx/CVE-2023-51464.json) (`2024-01-24T20:58:01.897`)
* [CVE-2024-23675](CVE-2024/CVE-2024-236xx/CVE-2024-23675.json) (`2024-01-24T19:15:09.007`)
* [CVE-2024-23676](CVE-2024/CVE-2024-236xx/CVE-2024-23676.json) (`2024-01-24T19:15:09.097`)
* [CVE-2024-23678](CVE-2024/CVE-2024-236xx/CVE-2024-23678.json) (`2024-01-24T19:15:09.180`)
* [CVE-2024-0645](CVE-2024/CVE-2024-06xx/CVE-2024-0645.json) (`2024-01-24T19:24:06.717`)
* [CVE-2024-0643](CVE-2024/CVE-2024-06xx/CVE-2024-0643.json) (`2024-01-24T19:27:40.553`)
* [CVE-2024-0642](CVE-2024/CVE-2024-06xx/CVE-2024-0642.json) (`2024-01-24T19:29:41.893`)
* [CVE-2024-22715](CVE-2024/CVE-2024-227xx/CVE-2024-22715.json) (`2024-01-24T20:13:00.880`)
* [CVE-2024-0557](CVE-2024/CVE-2024-05xx/CVE-2024-0557.json) (`2024-01-24T20:15:27.893`)
* [CVE-2024-22714](CVE-2024/CVE-2024-227xx/CVE-2024-22714.json) (`2024-01-24T20:28:11.080`)
* [CVE-2024-20272](CVE-2024/CVE-2024-202xx/CVE-2024-20272.json) (`2024-01-24T20:33:26.197`)
* [CVE-2024-0381](CVE-2024/CVE-2024-03xx/CVE-2024-0381.json) (`2024-01-24T20:48:35.827`)
* [CVE-2024-0648](CVE-2024/CVE-2024-06xx/CVE-2024-0648.json) (`2024-01-24T20:50:45.720`)
## Download and Usage