admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-07 11:07:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-10-13T12:00:25.434288+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-10-13 12:00:29 +00:00
parent 11060905c8
commit 336d4cead3
6 changed files with 256 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
CVE-2023/CVE-2023-35xx/CVE-2023-3589.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-3589",
"sourceIdentifier": "3DS.Information-Security@3ds.com",
"published": "2023-10-09T09:15:10.507",
"lastModified": "2023-10-11T19:05:51.297",
"vulnStatus": "Analyzed",
"lastModified": "2023-10-13T10:15:10.090",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
"lang": "en",
"value": "A Cross-Site Request Forgery (CSRF) vulnerability affecting Teamwork Cloud from No Magic Release 2021x through No Magic Release 2022x allows an attacker to send a specifically crafted query to the server."
"value": "A Cross-Site Request Forgery (CSRF) vulnerability affecting Teamwork Cloud from No Magic Release 2021x through No Magic Release 2022x could allow with some very specific conditions an attacker to send a specifically crafted query to the server."
},
{
"lang": "es",
@ -41,19 +41,19 @@
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseScore": 6.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"exploitabilityScore": 1.6,
"impactScore": 5.2
}
]

63
CVE-2023/CVE-2023-380xx/CVE-2023-38000.json Normal file
View File

@ -0,0 +1,63 @@
{
"id": "CVE-2023-38000",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-10-13T10:15:09.823",
"lastModified": "2023-10-13T10:15:09.823",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Auth. Stored (contributor+) Cross-Site Scripting (XSS) vulnerability in WordPress core\u00a06.3 through 6.3.1, from 6.2 through 6.2.2, from 6.1 through 6.1.3, from 6.0 through 6.0.5, from 5.9 through 5.9.7 and Gutenberg plugin <= 16.8.0 versions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/articles/wordpress-core-6-3-2-security-update-technical-advisory?_s_id=cve",
"source": "audit@patchstack.com"
},
{
"url": "https://patchstack.com/database/vulnerability/gutenberg/wordpress-gutenberg-plugin-16-8-0-contributor-stored-xss-in-navigation-links-block-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
},
{
"url": "https://patchstack.com/database/vulnerability/wordpress/wordpress-core-6-3-2-contributor-stored-xss-in-navigation-links-block-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

59
CVE-2023/CVE-2023-55xx/CVE-2023-5571.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-5571",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-10-13T10:15:10.457",
"lastModified": "2023-10-13T10:15:10.457",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Improper Input Validation in GitHub repository vriteio/vrite prior to 0.3.0."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"references": [
{
"url": "https://github.com/vriteio/vrite/commit/1877683b932bb33fb20d688e476284b70bb9fe23",
"source": "security@huntr.dev"
},
{
"url": "https://huntr.dev/bounties/926ca25f-dd4a-40cf-8e6b-9d7b5938e95a",
"source": "security@huntr.dev"
}
]
}

59
CVE-2023/CVE-2023-55xx/CVE-2023-5572.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-5572",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-10-13T10:15:10.573",
"lastModified": "2023-10-13T10:15:10.573",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Server-Side Request Forgery (SSRF) in GitHub repository vriteio/vrite prior to 0.3.0."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 10.0,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-918"
}
]
}
],
"references": [
{
"url": "https://github.com/vriteio/vrite/commit/1877683b932bb33fb20d688e476284b70bb9fe23",
"source": "security@huntr.dev"
},
{
"url": "https://huntr.dev/bounties/db649f1b-8578-4ef0-8df3-d320ab33f1be",
"source": "security@huntr.dev"
}
]
}

59
CVE-2023/CVE-2023-55xx/CVE-2023-5573.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-5573",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-10-13T10:15:10.640",
"lastModified": "2023-10-13T10:15:10.640",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Allocation of Resources Without Limits or Throttling in GitHub repository vriteio/vrite prior to 0.3.0."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 4.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 3.4
}
]
},
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-770"
}
]
}
],
"references": [
{
"url": "https://github.com/vriteio/vrite/commit/1877683b932bb33fb20d688e476284b70bb9fe23",
"source": "security@huntr.dev"
},
{
"url": "https://huntr.dev/bounties/46a2bb2c-712a-4008-a147-b862e3af7d72",
"source": "security@huntr.dev"
}
]
}

23
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-10-13T08:00:26.015634+00:00
2023-10-13T12:00:25.434288+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-10-13T07:15:41.577000+00:00
2023-10-13T10:15:10.640000+00:00
```
### Last Data Feed Release
@ -29,29 +29,24 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
227733
227737
```
### CVEs added in the last Commit
Recently added CVEs: `9`
Recently added CVEs: `4`
* [CVE-2023-26366](CVE-2023/CVE-2023-263xx/CVE-2023-26366.json) (`2023-10-13T07:15:38.933`)
* [CVE-2023-26367](CVE-2023/CVE-2023-263xx/CVE-2023-26367.json) (`2023-10-13T07:15:39.767`)
* [CVE-2023-38218](CVE-2023/CVE-2023-382xx/CVE-2023-38218.json) (`2023-10-13T07:15:40.047`)
* [CVE-2023-38219](CVE-2023/CVE-2023-382xx/CVE-2023-38219.json) (`2023-10-13T07:15:40.327`)
* [CVE-2023-38220](CVE-2023/CVE-2023-382xx/CVE-2023-38220.json) (`2023-10-13T07:15:40.557`)
* [CVE-2023-38221](CVE-2023/CVE-2023-382xx/CVE-2023-38221.json) (`2023-10-13T07:15:40.777`)
* [CVE-2023-38249](CVE-2023/CVE-2023-382xx/CVE-2023-38249.json) (`2023-10-13T07:15:41.037`)
* [CVE-2023-38250](CVE-2023/CVE-2023-382xx/CVE-2023-38250.json) (`2023-10-13T07:15:41.420`)
* [CVE-2023-38251](CVE-2023/CVE-2023-382xx/CVE-2023-38251.json) (`2023-10-13T07:15:41.577`)
* [CVE-2023-38000](CVE-2023/CVE-2023-380xx/CVE-2023-38000.json) (`2023-10-13T10:15:09.823`)
* [CVE-2023-5571](CVE-2023/CVE-2023-55xx/CVE-2023-5571.json) (`2023-10-13T10:15:10.457`)
* [CVE-2023-5572](CVE-2023/CVE-2023-55xx/CVE-2023-5572.json) (`2023-10-13T10:15:10.573`)
* [CVE-2023-5573](CVE-2023/CVE-2023-55xx/CVE-2023-5573.json) (`2023-10-13T10:15:10.640`)
### CVEs modified in the last Commit
Recently modified CVEs: `1`
* [CVE-2023-5554](CVE-2023/CVE-2023-55xx/CVE-2023-5554.json) (`2023-10-13T06:15:51.553`)
* [CVE-2023-3589](CVE-2023/CVE-2023-35xx/CVE-2023-3589.json) (`2023-10-13T10:15:10.090`)
## Download and Usage