diff --git a/CVE-2023/CVE-2023-374xx/CVE-2023-37464.json b/CVE-2023/CVE-2023-374xx/CVE-2023-37464.json index db29e374f96..e108226fa67 100644 --- a/CVE-2023/CVE-2023-374xx/CVE-2023-37464.json +++ b/CVE-2023/CVE-2023-374xx/CVE-2023-37464.json @@ -2,7 +2,7 @@ "id": "CVE-2023-37464", "sourceIdentifier": "security-advisories@github.com", "published": "2023-07-14T21:15:08.903", - "lastModified": "2023-08-09T20:15:10.570", + "lastModified": "2023-09-10T03:15:07.667", "vulnStatus": "Modified", "descriptions": [ { @@ -119,6 +119,14 @@ "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00002.html", "source": "security-advisories@github.com" }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DFWAPMYYVBO2U65HPYDTBEKNSXG4TP5C/", + "source": "security-advisories@github.com" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PTZHOVGY7AHGNMEY245HK4Q36AMA53AL/", + "source": "security-advisories@github.com" + }, { "url": "https://www.debian.org/security/2023/dsa-5472", "source": "security-advisories@github.com" diff --git a/CVE-2023/CVE-2023-393xx/CVE-2023-39350.json b/CVE-2023/CVE-2023-393xx/CVE-2023-39350.json index 2919b68beea..682c67299f0 100644 --- a/CVE-2023/CVE-2023-393xx/CVE-2023-39350.json +++ b/CVE-2023/CVE-2023-393xx/CVE-2023-39350.json @@ -2,8 +2,8 @@ "id": "CVE-2023-39350", "sourceIdentifier": "security-advisories@github.com", "published": "2023-08-31T20:15:08.170", - "lastModified": "2023-09-06T19:39:44.343", - "vulnStatus": "Analyzed", + "lastModified": "2023-09-10T03:15:08.253", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -109,6 +109,10 @@ "Exploit", "Vendor Advisory" ] + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OH2ATH2BKDNKCJAU4WPPXK4SHLE3UJUV/", + "source": "security-advisories@github.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-393xx/CVE-2023-39351.json b/CVE-2023/CVE-2023-393xx/CVE-2023-39351.json index 0d0bd5d0650..2092fba4a80 100644 --- a/CVE-2023/CVE-2023-393xx/CVE-2023-39351.json +++ b/CVE-2023/CVE-2023-393xx/CVE-2023-39351.json @@ -2,8 +2,8 @@ "id": "CVE-2023-39351", "sourceIdentifier": "security-advisories@github.com", "published": "2023-08-31T20:15:08.280", - "lastModified": "2023-09-06T19:49:14.563", - "vulnStatus": "Analyzed", + "lastModified": "2023-09-10T03:15:08.383", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -102,6 +102,10 @@ "Exploit", "Vendor Advisory" ] + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OH2ATH2BKDNKCJAU4WPPXK4SHLE3UJUV/", + "source": "security-advisories@github.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-393xx/CVE-2023-39352.json b/CVE-2023/CVE-2023-393xx/CVE-2023-39352.json index 75f28eea6f6..c2716b15eea 100644 --- a/CVE-2023/CVE-2023-393xx/CVE-2023-39352.json +++ b/CVE-2023/CVE-2023-393xx/CVE-2023-39352.json @@ -2,8 +2,8 @@ "id": "CVE-2023-39352", "sourceIdentifier": "security-advisories@github.com", "published": "2023-08-31T21:15:07.873", - "lastModified": "2023-09-07T16:10:53.947", - "vulnStatus": "Analyzed", + "lastModified": "2023-09-10T03:15:08.503", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -109,6 +109,10 @@ "Exploit", "Vendor Advisory" ] + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OH2ATH2BKDNKCJAU4WPPXK4SHLE3UJUV/", + "source": "security-advisories@github.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-393xx/CVE-2023-39353.json b/CVE-2023/CVE-2023-393xx/CVE-2023-39353.json index 38640643809..2bbb0d1bafd 100644 --- a/CVE-2023/CVE-2023-393xx/CVE-2023-39353.json +++ b/CVE-2023/CVE-2023-393xx/CVE-2023-39353.json @@ -2,8 +2,8 @@ "id": "CVE-2023-39353", "sourceIdentifier": "security-advisories@github.com", "published": "2023-08-31T21:15:08.213", - "lastModified": "2023-09-06T20:47:06.693", - "vulnStatus": "Analyzed", + "lastModified": "2023-09-10T03:15:08.603", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -109,6 +109,10 @@ "Exploit", "Vendor Advisory" ] + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OH2ATH2BKDNKCJAU4WPPXK4SHLE3UJUV/", + "source": "security-advisories@github.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-393xx/CVE-2023-39354.json b/CVE-2023/CVE-2023-393xx/CVE-2023-39354.json index 7efc89cdd9e..11997a759f3 100644 --- a/CVE-2023/CVE-2023-393xx/CVE-2023-39354.json +++ b/CVE-2023/CVE-2023-393xx/CVE-2023-39354.json @@ -2,8 +2,8 @@ "id": "CVE-2023-39354", "sourceIdentifier": "security-advisories@github.com", "published": "2023-08-31T20:15:08.367", - "lastModified": "2023-09-06T20:06:45.500", - "vulnStatus": "Analyzed", + "lastModified": "2023-09-10T03:15:08.707", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -109,6 +109,10 @@ "Exploit", "Vendor Advisory" ] + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OH2ATH2BKDNKCJAU4WPPXK4SHLE3UJUV/", + "source": "security-advisories@github.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-393xx/CVE-2023-39356.json b/CVE-2023/CVE-2023-393xx/CVE-2023-39356.json index 628f3ba511f..6bc47214cec 100644 --- a/CVE-2023/CVE-2023-393xx/CVE-2023-39356.json +++ b/CVE-2023/CVE-2023-393xx/CVE-2023-39356.json @@ -2,8 +2,8 @@ "id": "CVE-2023-39356", "sourceIdentifier": "security-advisories@github.com", "published": "2023-08-31T21:15:08.390", - "lastModified": "2023-09-07T16:09:59.797", - "vulnStatus": "Analyzed", + "lastModified": "2023-09-10T03:15:08.803", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -123,6 +123,10 @@ "Exploit", "Vendor Advisory" ] + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OH2ATH2BKDNKCJAU4WPPXK4SHLE3UJUV/", + "source": "security-advisories@github.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-401xx/CVE-2023-40181.json b/CVE-2023/CVE-2023-401xx/CVE-2023-40181.json index 85239e4034c..6327fb37ba7 100644 --- a/CVE-2023/CVE-2023-401xx/CVE-2023-40181.json +++ b/CVE-2023/CVE-2023-401xx/CVE-2023-40181.json @@ -2,8 +2,8 @@ "id": "CVE-2023-40181", "sourceIdentifier": "security-advisories@github.com", "published": "2023-08-31T22:15:07.860", - "lastModified": "2023-09-07T15:55:50.960", - "vulnStatus": "Analyzed", + "lastModified": "2023-09-10T03:15:08.910", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -120,6 +120,10 @@ "Exploit", "Vendor Advisory" ] + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OH2ATH2BKDNKCJAU4WPPXK4SHLE3UJUV/", + "source": "security-advisories@github.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-401xx/CVE-2023-40184.json b/CVE-2023/CVE-2023-401xx/CVE-2023-40184.json index 8f442f4a6b7..e4c36cdef12 100644 --- a/CVE-2023/CVE-2023-401xx/CVE-2023-40184.json +++ b/CVE-2023/CVE-2023-401xx/CVE-2023-40184.json @@ -2,8 +2,8 @@ "id": "CVE-2023-40184", "sourceIdentifier": "security-advisories@github.com", "published": "2023-08-30T18:15:09.690", - "lastModified": "2023-09-05T14:02:17.320", - "vulnStatus": "Analyzed", + "lastModified": "2023-09-10T03:15:09.023", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -105,6 +105,14 @@ "tags": [ "Vendor Advisory" ] + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SOT237TIHTHPX5YNIWLVNINOEYC7WMG2/", + "source": "security-advisories@github.com" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5IXMQODV3OIJ7DRQBUQV7PUKNT7SH36/", + "source": "security-advisories@github.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-401xx/CVE-2023-40186.json b/CVE-2023/CVE-2023-401xx/CVE-2023-40186.json index d2e89ecbe82..999289c070d 100644 --- a/CVE-2023/CVE-2023-401xx/CVE-2023-40186.json +++ b/CVE-2023/CVE-2023-401xx/CVE-2023-40186.json @@ -2,8 +2,8 @@ "id": "CVE-2023-40186", "sourceIdentifier": "security-advisories@github.com", "published": "2023-08-31T22:15:08.303", - "lastModified": "2023-09-07T15:48:23.590", - "vulnStatus": "Analyzed", + "lastModified": "2023-09-10T03:15:09.150", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -113,6 +113,10 @@ "Exploit", "Vendor Advisory" ] + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OH2ATH2BKDNKCJAU4WPPXK4SHLE3UJUV/", + "source": "security-advisories@github.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-401xx/CVE-2023-40188.json b/CVE-2023/CVE-2023-401xx/CVE-2023-40188.json index 45415a09275..174896c723e 100644 --- a/CVE-2023/CVE-2023-401xx/CVE-2023-40188.json +++ b/CVE-2023/CVE-2023-401xx/CVE-2023-40188.json @@ -2,8 +2,8 @@ "id": "CVE-2023-40188", "sourceIdentifier": "security-advisories@github.com", "published": "2023-08-31T22:15:08.523", - "lastModified": "2023-09-07T15:30:37.297", - "vulnStatus": "Analyzed", + "lastModified": "2023-09-10T03:15:09.243", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -109,6 +109,10 @@ "Exploit", "Vendor Advisory" ] + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OH2ATH2BKDNKCJAU4WPPXK4SHLE3UJUV/", + "source": "security-advisories@github.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-405xx/CVE-2023-40567.json b/CVE-2023/CVE-2023-405xx/CVE-2023-40567.json index 85d2a1e4c8a..dfc326adabe 100644 --- a/CVE-2023/CVE-2023-405xx/CVE-2023-40567.json +++ b/CVE-2023/CVE-2023-405xx/CVE-2023-40567.json @@ -2,8 +2,8 @@ "id": "CVE-2023-40567", "sourceIdentifier": "security-advisories@github.com", "published": "2023-08-31T22:15:08.613", - "lastModified": "2023-09-07T15:28:46.033", - "vulnStatus": "Analyzed", + "lastModified": "2023-09-10T03:15:09.340", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -116,6 +116,10 @@ "Exploit", "Vendor Advisory" ] + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OH2ATH2BKDNKCJAU4WPPXK4SHLE3UJUV/", + "source": "security-advisories@github.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-405xx/CVE-2023-40569.json b/CVE-2023/CVE-2023-405xx/CVE-2023-40569.json index 1041d91fc99..6cb27f55d07 100644 --- a/CVE-2023/CVE-2023-405xx/CVE-2023-40569.json +++ b/CVE-2023/CVE-2023-405xx/CVE-2023-40569.json @@ -2,8 +2,8 @@ "id": "CVE-2023-40569", "sourceIdentifier": "security-advisories@github.com", "published": "2023-08-31T22:15:08.707", - "lastModified": "2023-09-06T20:31:55.160", - "vulnStatus": "Analyzed", + "lastModified": "2023-09-10T03:15:09.457", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -109,6 +109,10 @@ "Exploit", "Vendor Advisory" ] + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OH2ATH2BKDNKCJAU4WPPXK4SHLE3UJUV/", + "source": "security-advisories@github.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-405xx/CVE-2023-40589.json b/CVE-2023/CVE-2023-405xx/CVE-2023-40589.json index 8b8df8c767d..d35c2fa419c 100644 --- a/CVE-2023/CVE-2023-405xx/CVE-2023-40589.json +++ b/CVE-2023/CVE-2023-405xx/CVE-2023-40589.json @@ -2,8 +2,8 @@ "id": "CVE-2023-40589", "sourceIdentifier": "security-advisories@github.com", "published": "2023-08-31T19:15:11.360", - "lastModified": "2023-09-06T19:35:13.987", - "vulnStatus": "Analyzed", + "lastModified": "2023-09-10T03:15:09.637", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -110,6 +110,10 @@ "Exploit", "Vendor Advisory" ] + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OH2ATH2BKDNKCJAU4WPPXK4SHLE3UJUV/", + "source": "security-advisories@github.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-47xx/CVE-2023-4733.json b/CVE-2023/CVE-2023-47xx/CVE-2023-4733.json index 60baa869ae8..01c058a604f 100644 --- a/CVE-2023/CVE-2023-47xx/CVE-2023-4733.json +++ b/CVE-2023/CVE-2023-47xx/CVE-2023-4733.json @@ -2,8 +2,8 @@ "id": "CVE-2023-4733", "sourceIdentifier": "security@huntr.dev", "published": "2023-09-04T14:15:07.563", - "lastModified": "2023-09-08T14:06:13.627", - "vulnStatus": "Analyzed", + "lastModified": "2023-09-10T03:15:09.743", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -124,6 +124,10 @@ "tags": [ "Mailing List" ] + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PFE3LDFRZ7EGWA5AU7YHYL62ELBOFZWQ/", + "source": "security@huntr.dev" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-47xx/CVE-2023-4750.json b/CVE-2023/CVE-2023-47xx/CVE-2023-4750.json index fb356eebee1..aa893159c51 100644 --- a/CVE-2023/CVE-2023-47xx/CVE-2023-4750.json +++ b/CVE-2023/CVE-2023-47xx/CVE-2023-4750.json @@ -2,8 +2,8 @@ "id": "CVE-2023-4750", "sourceIdentifier": "security@huntr.dev", "published": "2023-09-04T14:15:08.263", - "lastModified": "2023-09-08T13:59:22.443", - "vulnStatus": "Analyzed", + "lastModified": "2023-09-10T03:15:09.883", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -124,6 +124,10 @@ "tags": [ "Mailing List" ] + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PFE3LDFRZ7EGWA5AU7YHYL62ELBOFZWQ/", + "source": "security@huntr.dev" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-47xx/CVE-2023-4752.json b/CVE-2023/CVE-2023-47xx/CVE-2023-4752.json index 41ce545e960..e58186a3d01 100644 --- a/CVE-2023/CVE-2023-47xx/CVE-2023-4752.json +++ b/CVE-2023/CVE-2023-47xx/CVE-2023-4752.json @@ -2,8 +2,8 @@ "id": "CVE-2023-4752", "sourceIdentifier": "security@huntr.dev", "published": "2023-09-04T14:15:08.450", - "lastModified": "2023-09-08T13:24:52.210", - "vulnStatus": "Analyzed", + "lastModified": "2023-09-10T03:15:16.390", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -124,6 +124,10 @@ "tags": [ "Mailing List" ] + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PFE3LDFRZ7EGWA5AU7YHYL62ELBOFZWQ/", + "source": "security@huntr.dev" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-48xx/CVE-2023-4870.json b/CVE-2023/CVE-2023-48xx/CVE-2023-4870.json new file mode 100644 index 00000000000..80750445023 --- /dev/null +++ b/CVE-2023/CVE-2023-48xx/CVE-2023-4870.json @@ -0,0 +1,88 @@ +{ + "id": "CVE-2023-4870", + "sourceIdentifier": "cna@vuldb.com", + "published": "2023-09-10T02:15:12.390", + "lastModified": "2023-09-10T02:15:12.390", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability classified as problematic has been found in SourceCodester Contact Manager App 1.0. This affects an unknown part of the file index.php of the component Contact Information Handler. The manipulation of the argument contactID with the input \"> leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-239355." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 3.5, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 2.1, + "impactScore": 1.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "NONE", + "integrityImpact": "PARTIAL", + "availabilityImpact": "NONE", + "baseScore": 4.0 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 2.9, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://skypoc.wordpress.com/2023/09/05/vuln1/", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.239355", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.239355", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-48xx/CVE-2023-4871.json b/CVE-2023/CVE-2023-48xx/CVE-2023-4871.json new file mode 100644 index 00000000000..beeb7ec2b00 --- /dev/null +++ b/CVE-2023/CVE-2023-48xx/CVE-2023-4871.json @@ -0,0 +1,88 @@ +{ + "id": "CVE-2023-4871", + "sourceIdentifier": "cna@vuldb.com", + "published": "2023-09-10T03:15:16.733", + "lastModified": "2023-09-10T03:15:16.733", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability classified as critical was found in SourceCodester Contact Manager App 1.0. This vulnerability affects unknown code of the file delete.php. The manipulation of the argument contact/contactName leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-239356." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL", + "baseScore": 6.5 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://skypoc.wordpress.com/2023/09/05/vuln1/", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.239356", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.239356", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-48xx/CVE-2023-4872.json b/CVE-2023/CVE-2023-48xx/CVE-2023-4872.json new file mode 100644 index 00000000000..402a65eec2c --- /dev/null +++ b/CVE-2023/CVE-2023-48xx/CVE-2023-4872.json @@ -0,0 +1,88 @@ +{ + "id": "CVE-2023-4872", + "sourceIdentifier": "cna@vuldb.com", + "published": "2023-09-10T03:15:17.990", + "lastModified": "2023-09-10T03:15:17.990", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability, which was classified as critical, has been found in SourceCodester Contact Manager App 1.0. This issue affects some unknown processing of the file add.php. The manipulation of the argument contact/contactName leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-239357 was assigned to this vulnerability." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL", + "baseScore": 6.5 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://skypoc.wordpress.com/2023/09/05/vuln1/", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.239357", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.239357", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-48xx/CVE-2023-4873.json b/CVE-2023/CVE-2023-48xx/CVE-2023-4873.json new file mode 100644 index 00000000000..fd5f3c0b669 --- /dev/null +++ b/CVE-2023/CVE-2023-48xx/CVE-2023-4873.json @@ -0,0 +1,88 @@ +{ + "id": "CVE-2023-4873", + "sourceIdentifier": "cna@vuldb.com", + "published": "2023-09-10T03:15:18.080", + "lastModified": "2023-09-10T03:15:18.080", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability, which was classified as critical, was found in Beijing Baichuo Smart S45F Multi-Service Secure Gateway Intelligent Management Platform up to 20230906. Affected is an unknown function of the file /importexport.php. The manipulation of the argument sql leads to os command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-239358 is the identifier assigned to this vulnerability." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL", + "baseScore": 6.5 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-78" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/cugerQDHJ/cve/blob/main/rce.md", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.239358", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.239358", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 508b4716316..3b2fb203dbc 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-09-10T02:00:25.261612+00:00 +2023-09-10T04:00:24.918910+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-09-10T01:15:08.587000+00:00 +2023-09-10T03:15:18.080000+00:00 ``` ### Last Data Feed Release @@ -29,25 +29,40 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -224561 +224565 ``` ### CVEs added in the last Commit -Recently added CVEs: `6` +Recently added CVEs: `4` -* [CVE-2023-4866](CVE-2023/CVE-2023-48xx/CVE-2023-4866.json) (`2023-09-10T00:15:07.330`) -* [CVE-2023-4867](CVE-2023/CVE-2023-48xx/CVE-2023-4867.json) (`2023-09-10T01:15:07.207`) -* [CVE-2023-4868](CVE-2023/CVE-2023-48xx/CVE-2023-4868.json) (`2023-09-10T01:15:07.910`) -* [CVE-2023-4869](CVE-2023/CVE-2023-48xx/CVE-2023-4869.json) (`2023-09-10T01:15:08.143`) -* [CVE-2023-4876](CVE-2023/CVE-2023-48xx/CVE-2023-4876.json) (`2023-09-10T01:15:08.393`) -* [CVE-2023-4877](CVE-2023/CVE-2023-48xx/CVE-2023-4877.json) (`2023-09-10T01:15:08.587`) +* [CVE-2023-4870](CVE-2023/CVE-2023-48xx/CVE-2023-4870.json) (`2023-09-10T02:15:12.390`) +* [CVE-2023-4871](CVE-2023/CVE-2023-48xx/CVE-2023-4871.json) (`2023-09-10T03:15:16.733`) +* [CVE-2023-4872](CVE-2023/CVE-2023-48xx/CVE-2023-4872.json) (`2023-09-10T03:15:17.990`) +* [CVE-2023-4873](CVE-2023/CVE-2023-48xx/CVE-2023-4873.json) (`2023-09-10T03:15:18.080`) ### CVEs modified in the last Commit -Recently modified CVEs: `0` +Recently modified CVEs: `17` +* [CVE-2023-37464](CVE-2023/CVE-2023-374xx/CVE-2023-37464.json) (`2023-09-10T03:15:07.667`) +* [CVE-2023-39350](CVE-2023/CVE-2023-393xx/CVE-2023-39350.json) (`2023-09-10T03:15:08.253`) +* [CVE-2023-39351](CVE-2023/CVE-2023-393xx/CVE-2023-39351.json) (`2023-09-10T03:15:08.383`) +* [CVE-2023-39352](CVE-2023/CVE-2023-393xx/CVE-2023-39352.json) (`2023-09-10T03:15:08.503`) +* [CVE-2023-39353](CVE-2023/CVE-2023-393xx/CVE-2023-39353.json) (`2023-09-10T03:15:08.603`) +* [CVE-2023-39354](CVE-2023/CVE-2023-393xx/CVE-2023-39354.json) (`2023-09-10T03:15:08.707`) +* [CVE-2023-39356](CVE-2023/CVE-2023-393xx/CVE-2023-39356.json) (`2023-09-10T03:15:08.803`) +* [CVE-2023-40181](CVE-2023/CVE-2023-401xx/CVE-2023-40181.json) (`2023-09-10T03:15:08.910`) +* [CVE-2023-40184](CVE-2023/CVE-2023-401xx/CVE-2023-40184.json) (`2023-09-10T03:15:09.023`) +* [CVE-2023-40186](CVE-2023/CVE-2023-401xx/CVE-2023-40186.json) (`2023-09-10T03:15:09.150`) +* [CVE-2023-40188](CVE-2023/CVE-2023-401xx/CVE-2023-40188.json) (`2023-09-10T03:15:09.243`) +* [CVE-2023-40567](CVE-2023/CVE-2023-405xx/CVE-2023-40567.json) (`2023-09-10T03:15:09.340`) +* [CVE-2023-40569](CVE-2023/CVE-2023-405xx/CVE-2023-40569.json) (`2023-09-10T03:15:09.457`) +* [CVE-2023-40589](CVE-2023/CVE-2023-405xx/CVE-2023-40589.json) (`2023-09-10T03:15:09.637`) +* [CVE-2023-4733](CVE-2023/CVE-2023-47xx/CVE-2023-4733.json) (`2023-09-10T03:15:09.743`) +* [CVE-2023-4750](CVE-2023/CVE-2023-47xx/CVE-2023-4750.json) (`2023-09-10T03:15:09.883`) +* [CVE-2023-4752](CVE-2023/CVE-2023-47xx/CVE-2023-4752.json) (`2023-09-10T03:15:16.390`) ## Download and Usage