admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-06-02T16:00:27.384459+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-06-02 16:00:30 +00:00
parent 3252574724
commit 34b8e85ce6
31 changed files with 2062 additions and 131 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

80
CVE-2022/CVE-2022-393xx/CVE-2022-39335.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-39335", "id": "CVE-2022-39335",
"sourceIdentifier": "security-advisories@github.com", "sourceIdentifier": "security-advisories@github.com",
"published": "2023-05-26T14:15:09.600", "published": "2023-05-26T14:15:09.600",
"lastModified": "2023-05-26T15:56:52.630", "lastModified": "2023-06-02T15:29:22.687",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.6,
"impactScore": 3.4
},
{ {
"source": "security-advisories@github.com", "source": "security-advisories@github.com",
"type": "Secondary", "type": "Secondary",
@ -35,6 +55,16 @@
] ]
}, },
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
},
{ {
"source": "security-advisories@github.com", "source": "security-advisories@github.com",
"type": "Secondary", "type": "Secondary",
@ -46,18 +76,46 @@
] ]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://github.com/matrix-org/synapse/issues/13288", "nodes": [
"source": "security-advisories@github.com"
},
{ {
"url": "https://github.com/matrix-org/synapse/pull/13823", "operator": "OR",
"source": "security-advisories@github.com" "negate": false,
}, "cpeMatch": [
{ {
"url": "https://github.com/matrix-org/synapse/security/advisories/GHSA-45cj-f97f-ggwv", "vulnerable": true,
"source": "security-advisories@github.com" "criteria": "cpe:2.3:a:matrix:synapse:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.69.0",
"matchCriteriaId": "C52C39A8-CA23-4EFF-ACCC-25C9FD8A83AA"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/matrix-org/synapse/issues/13288",
"source": "security-advisories@github.com",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://github.com/matrix-org/synapse/pull/13823",
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/matrix-org/synapse/security/advisories/GHSA-45cj-f97f-ggwv",
"source": "security-advisories@github.com",
"tags": [
"Mitigation",
"Vendor Advisory"
]
} }
] ]
} }

75
CVE-2022/CVE-2022-393xx/CVE-2022-39374.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-39374", "id": "CVE-2022-39374",
"sourceIdentifier": "security-advisories@github.com", "sourceIdentifier": "security-advisories@github.com",
"published": "2023-05-26T14:15:10.257", "published": "2023-05-26T14:15:10.257",
"lastModified": "2023-05-26T15:56:52.630", "lastModified": "2023-06-02T14:41:04.300",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -11,6 +11,28 @@
} }
], ],
"metrics": { "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
],
"cvssMetricV30": [ "cvssMetricV30": [
{ {
"source": "security-advisories@github.com", "source": "security-advisories@github.com",
@ -35,6 +57,16 @@
] ]
}, },
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
},
{ {
"source": "security-advisories@github.com", "source": "security-advisories@github.com",
"type": "Secondary", "type": "Secondary",
@ -46,14 +78,41 @@
] ]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://github.com/matrix-org/synapse/pull/13723", "nodes": [
"source": "security-advisories@github.com"
},
{ {
"url": "https://github.com/matrix-org/synapse/security/advisories/GHSA-p9qp-c452-f9r7", "operator": "OR",
"source": "security-advisories@github.com" "negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:matrix:synapse:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.62.0",
"versionEndExcluding": "1.68.0",
"matchCriteriaId": "0E4819D4-BB7E-4494-B77D-FC6BD5848FE6"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/matrix-org/synapse/pull/13723",
"source": "security-advisories@github.com",
"tags": [
"Issue Tracking",
"Patch"
]
},
{
"url": "https://github.com/matrix-org/synapse/security/advisories/GHSA-p9qp-c452-f9r7",
"source": "security-advisories@github.com",
"tags": [
"Mitigation",
"Vendor Advisory"
]
} }
] ]
} }

124
CVE-2023/CVE-2023-208xx/CVE-2023-20877.json
View File

@ -2,19 +2,131 @@
"id": "CVE-2023-20877", "id": "CVE-2023-20877",
"sourceIdentifier": "security@vmware.com", "sourceIdentifier": "security@vmware.com",
"published": "2023-05-12T21:15:09.043", "published": "2023-05-12T21:15:09.043",
"lastModified": "2023-05-15T12:54:45.023", "lastModified": "2023-06-02T14:45:40.740",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "VMware Aria Operations contains a privilege escalation vulnerability. An authenticated malicious user with ReadOnly privileges can perform code execution leading to privilege escalation." "value": "VMware Aria Operations contains a privilege escalation vulnerability. An authenticated malicious user with ReadOnly privileges can perform code execution leading to privilege escalation."
} }
], ],
"metrics": {}, "metrics": {
"references": [ "cvssMetricV31": [
{ {
"url": "https://www.vmware.com/security/advisories/VMSA-2023-0009.html", "source": "nvd@nist.gov",
"source": "security@vmware.com" "type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.0",
"versionEndIncluding": "4.5",
"matchCriteriaId": "4BF004A8-90A0-4804-97DA-C2C2005A54AA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vrealize_operations:8.6.0:-:*:*:*:*:*:*",
"matchCriteriaId": "C2EC4ADE-5538-4D36-B8E3-054F3741287D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vrealize_operations:8.6.0:hotfix1:*:*:*:*:*:*",
"matchCriteriaId": "2774F1D5-F310-493D-933A-0620972B1C14"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vrealize_operations:8.6.0:hotfix2:*:*:*:*:*:*",
"matchCriteriaId": "6C147941-9563-45DE-86FB-7842410F2842"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vrealize_operations:8.6.0:hotfix4:*:*:*:*:*:*",
"matchCriteriaId": "2D94B6D3-035A-467D-8BAB-E6D1798C4540"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vrealize_operations:8.6.0:hotfix5:*:*:*:*:*:*",
"matchCriteriaId": "5455A916-25B6-4D67-94E7-AA2E9E266C50"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vrealize_operations:8.6.0:hotfix6:*:*:*:*:*:*",
"matchCriteriaId": "63DEF44F-4563-4CC9-9725-B0515C766621"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vrealize_operations:8.6.0:hotfix8:*:*:*:*:*:*",
"matchCriteriaId": "481DFF79-E580-4148-9739-A04322DB9082"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vrealize_operations:8.6.0:hotfix9:*:*:*:*:*:*",
"matchCriteriaId": "02B76ED1-AF32-4C2E-B563-0BDAAFCCCB7F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vrealize_operations:8.10.0:-:*:*:*:*:*:*",
"matchCriteriaId": "0C75768C-AAA3-476F-A08E-F166D98670DF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vrealize_operations:8.10.0:hotfix1:*:*:*:*:*:*",
"matchCriteriaId": "C827142B-2311-4B19-B5A6-5E80D5D600CC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vrealize_operations:8.10.0:hotfix2:*:*:*:*:*:*",
"matchCriteriaId": "35B4677F-8DD9-476B-9A9E-F7ED31758BC2"
}
]
}
]
}
],
"references": [
{
"url": "https://www.vmware.com/security/advisories/VMSA-2023-0009.html",
"source": "security@vmware.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

124
CVE-2023/CVE-2023-208xx/CVE-2023-20878.json
View File

@ -2,19 +2,131 @@
"id": "CVE-2023-20878", "id": "CVE-2023-20878",
"sourceIdentifier": "security@vmware.com", "sourceIdentifier": "security@vmware.com",
"published": "2023-05-12T21:15:09.093", "published": "2023-05-12T21:15:09.093",
"lastModified": "2023-05-15T12:54:45.023", "lastModified": "2023-06-02T14:44:42.060",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "VMware Aria Operations contains a deserialization vulnerability. A malicious actor with administrative privileges can execute arbitrary commands and disrupt the system." "value": "VMware Aria Operations contains a deserialization vulnerability. A malicious actor with administrative privileges can execute arbitrary commands and disrupt the system."
} }
], ],
"metrics": {}, "metrics": {
"references": [ "cvssMetricV31": [
{ {
"url": "https://www.vmware.com/security/advisories/VMSA-2023-0009.html", "source": "nvd@nist.gov",
"source": "security@vmware.com" "type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-502"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.0",
"versionEndIncluding": "4.5",
"matchCriteriaId": "4BF004A8-90A0-4804-97DA-C2C2005A54AA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vrealize_operations:8.6.0:-:*:*:*:*:*:*",
"matchCriteriaId": "C2EC4ADE-5538-4D36-B8E3-054F3741287D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vrealize_operations:8.6.0:hotfix1:*:*:*:*:*:*",
"matchCriteriaId": "2774F1D5-F310-493D-933A-0620972B1C14"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vrealize_operations:8.6.0:hotfix2:*:*:*:*:*:*",
"matchCriteriaId": "6C147941-9563-45DE-86FB-7842410F2842"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vrealize_operations:8.6.0:hotfix4:*:*:*:*:*:*",
"matchCriteriaId": "2D94B6D3-035A-467D-8BAB-E6D1798C4540"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vrealize_operations:8.6.0:hotfix5:*:*:*:*:*:*",
"matchCriteriaId": "5455A916-25B6-4D67-94E7-AA2E9E266C50"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vrealize_operations:8.6.0:hotfix6:*:*:*:*:*:*",
"matchCriteriaId": "63DEF44F-4563-4CC9-9725-B0515C766621"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vrealize_operations:8.6.0:hotfix8:*:*:*:*:*:*",
"matchCriteriaId": "481DFF79-E580-4148-9739-A04322DB9082"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vrealize_operations:8.6.0:hotfix9:*:*:*:*:*:*",
"matchCriteriaId": "02B76ED1-AF32-4C2E-B563-0BDAAFCCCB7F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vrealize_operations:8.10.0:-:*:*:*:*:*:*",
"matchCriteriaId": "0C75768C-AAA3-476F-A08E-F166D98670DF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vrealize_operations:8.10.0:hotfix1:*:*:*:*:*:*",
"matchCriteriaId": "C827142B-2311-4B19-B5A6-5E80D5D600CC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vrealize_operations:8.10.0:hotfix2:*:*:*:*:*:*",
"matchCriteriaId": "35B4677F-8DD9-476B-9A9E-F7ED31758BC2"
}
]
}
]
}
],
"references": [
{
"url": "https://www.vmware.com/security/advisories/VMSA-2023-0009.html",
"source": "security@vmware.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

124
CVE-2023/CVE-2023-208xx/CVE-2023-20879.json
View File

@ -2,19 +2,131 @@
"id": "CVE-2023-20879", "id": "CVE-2023-20879",
"sourceIdentifier": "security@vmware.com", "sourceIdentifier": "security@vmware.com",
"published": "2023-05-12T21:15:09.133", "published": "2023-05-12T21:15:09.133",
"lastModified": "2023-05-15T12:54:45.023", "lastModified": "2023-06-02T14:45:32.940",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "VMware Aria Operations contains a Local privilege escalation vulnerability. A malicious actor with administrative privileges in the Aria Operations application can gain root access to the underlying operating system." "value": "VMware Aria Operations contains a Local privilege escalation vulnerability. A malicious actor with administrative privileges in the Aria Operations application can gain root access to the underlying operating system."
} }
], ],
"metrics": {}, "metrics": {
"references": [ "cvssMetricV31": [
{ {
"url": "https://www.vmware.com/security/advisories/VMSA-2023-0009.html", "source": "nvd@nist.gov",
"source": "security@vmware.com" "type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.0",
"versionEndIncluding": "4.5",
"matchCriteriaId": "4BF004A8-90A0-4804-97DA-C2C2005A54AA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vrealize_operations:8.6.0:-:*:*:*:*:*:*",
"matchCriteriaId": "C2EC4ADE-5538-4D36-B8E3-054F3741287D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vrealize_operations:8.6.0:hotfix1:*:*:*:*:*:*",
"matchCriteriaId": "2774F1D5-F310-493D-933A-0620972B1C14"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vrealize_operations:8.6.0:hotfix2:*:*:*:*:*:*",
"matchCriteriaId": "6C147941-9563-45DE-86FB-7842410F2842"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vrealize_operations:8.6.0:hotfix4:*:*:*:*:*:*",
"matchCriteriaId": "2D94B6D3-035A-467D-8BAB-E6D1798C4540"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vrealize_operations:8.6.0:hotfix5:*:*:*:*:*:*",
"matchCriteriaId": "5455A916-25B6-4D67-94E7-AA2E9E266C50"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vrealize_operations:8.6.0:hotfix6:*:*:*:*:*:*",
"matchCriteriaId": "63DEF44F-4563-4CC9-9725-B0515C766621"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vrealize_operations:8.6.0:hotfix8:*:*:*:*:*:*",
"matchCriteriaId": "481DFF79-E580-4148-9739-A04322DB9082"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vrealize_operations:8.6.0:hotfix9:*:*:*:*:*:*",
"matchCriteriaId": "02B76ED1-AF32-4C2E-B563-0BDAAFCCCB7F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vrealize_operations:8.10.0:-:*:*:*:*:*:*",
"matchCriteriaId": "0C75768C-AAA3-476F-A08E-F166D98670DF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vrealize_operations:8.10.0:hotfix1:*:*:*:*:*:*",
"matchCriteriaId": "C827142B-2311-4B19-B5A6-5E80D5D600CC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vmware:vrealize_operations:8.10.0:hotfix2:*:*:*:*:*:*",
"matchCriteriaId": "35B4677F-8DD9-476B-9A9E-F7ED31758BC2"
}
]
}
]
}
],
"references": [
{
"url": "https://www.vmware.com/security/advisories/VMSA-2023-0009.html",
"source": "security@vmware.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

196
CVE-2023/CVE-2023-245xx/CVE-2023-24597.json
View File

@ -2,23 +2,203 @@
"id": "CVE-2023-24597", "id": "CVE-2023-24597",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-05-29T02:15:09.233", "published": "2023-05-29T02:15:09.233",
"lastModified": "2023-05-30T12:52:56.613", "lastModified": "2023-06-02T15:29:31.447",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "OX App Suite before frontend 7.10.6-rev24 allows the loading (without user consent) of an e-mail message's remote resources during printing." "value": "OX App Suite before frontend 7.10.6-rev24 allows the loading (without user consent) of an e-mail message's remote resources during printing."
} }
], ],
"metrics": {}, "metrics": {
"references": [ "cvssMetricV31": [
{ {
"url": "http://seclists.org/fulldisclosure/2023/May/3", "source": "nvd@nist.gov",
"source": "cve@mitre.org" "type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
}, },
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{ {
"url": "https://open-xchange.com", "source": "nvd@nist.gov",
"source": "cve@mitre.org" "type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.10.6",
"matchCriteriaId": "5BBF1862-B6FF-4F32-A3C1-59D28BA25F81"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:-:*:*:*:*:*:*",
"matchCriteriaId": "3A4EAD2E-C3C3-4C79-8C42-375FFE638486"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev01:*:*:*:*:*:*",
"matchCriteriaId": "39198733-D227-4935-9A60-1026040D262F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev02:*:*:*:*:*:*",
"matchCriteriaId": "3C86EE81-8CD4-4131-969A-BDA24B9B48E8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev03:*:*:*:*:*:*",
"matchCriteriaId": "F9E9C869-7DA9-4EFA-B613-82BA127F6CE5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev04:*:*:*:*:*:*",
"matchCriteriaId": "F8FAA329-5893-412B-8349-4DA3023CC76E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev05:*:*:*:*:*:*",
"matchCriteriaId": "BB6A57A4-B18D-498D-9A8C-406797A6255C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev06:*:*:*:*:*:*",
"matchCriteriaId": "7F0977F0-90B4-48B4-BED6-C218B5CA5E03"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev07:*:*:*:*:*:*",
"matchCriteriaId": "4D55DE67-8F93-48F3-BE54-D3A065479281"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev08:*:*:*:*:*:*",
"matchCriteriaId": "D27980B4-B71B-4DA8-B130-F0B5929F8E65"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev09:*:*:*:*:*:*",
"matchCriteriaId": "DD1709BC-7DEB-4508-B3C3-B20F5FD001A3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev10:*:*:*:*:*:*",
"matchCriteriaId": "08A6BDD5-259E-4DC3-A548-00CD0D459749"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev11:*:*:*:*:*:*",
"matchCriteriaId": "B8166FF4-77D8-4A12-92E5-615B3DA2E602"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev12:*:*:*:*:*:*",
"matchCriteriaId": "999F057B-7918-461A-B60C-3BE72E92CDC9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev13:*:*:*:*:*:*",
"matchCriteriaId": "88FD1550-3715-493E-B674-9ECF3DD7A813"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev14:*:*:*:*:*:*",
"matchCriteriaId": "F31A4949-397F-4D1B-8AEA-AC7B335722F8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev15:*:*:*:*:*:*",
"matchCriteriaId": "D33A91D4-CE21-486D-9469-B09060B8C637"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev16:*:*:*:*:*:*",
"matchCriteriaId": "5E3E5CD2-7631-4DBE-AB4D-669E82BCCAD4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev17:*:*:*:*:*:*",
"matchCriteriaId": "2BEE0AF0-3D22-4DE7-9E71-A4469D9CA2EB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev18:*:*:*:*:*:*",
"matchCriteriaId": "AAFB199C-1D66-442D-AD7E-414DD339E1D3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev19:*:*:*:*:*:*",
"matchCriteriaId": "26322561-2491-4DC7-B974-0B92B61A5BDA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev20:*:*:*:*:*:*",
"matchCriteriaId": "A6BA6C2B-F2D5-4FF7-B316-C8E99C2B464B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev21:*:*:*:*:*:*",
"matchCriteriaId": "733E4A65-821B-4187-AA3A-1ACD3E882C07"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev22:*:*:*:*:*:*",
"matchCriteriaId": "6B0A0043-33E8-4440-92AC-DDD70EA39535"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev23:*:*:*:*:*:*",
"matchCriteriaId": "303205CC-8BDE-47EE-A675-9BA19983139A"
}
]
}
]
}
],
"references": [
{
"url": "http://seclists.org/fulldisclosure/2023/May/3",
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://open-xchange.com",
"source": "cve@mitre.org",
"tags": [
"Product"
]
} }
] ]
} }

261
CVE-2023/CVE-2023-245xx/CVE-2023-24598.json
View File

@ -2,23 +2,268 @@
"id": "CVE-2023-24598", "id": "CVE-2023-24598",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-05-29T03:15:09.483", "published": "2023-05-29T03:15:09.483",
"lastModified": "2023-05-30T12:52:56.613", "lastModified": "2023-06-02T15:24:06.493",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "OX App Suite before backend 7.10.6-rev37 has an information leak in the handling of distribution lists, e.g., partial disclosure of the private contacts of another user." "value": "OX App Suite before backend 7.10.6-rev37 has an information leak in the handling of distribution lists, e.g., partial disclosure of the private contacts of another user."
} }
], ],
"metrics": {}, "metrics": {
"references": [ "cvssMetricV31": [
{ {
"url": "http://seclists.org/fulldisclosure/2023/May/3", "source": "nvd@nist.gov",
"source": "cve@mitre.org" "type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
}, },
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{ {
"url": "https://open-xchange.com", "source": "nvd@nist.gov",
"source": "cve@mitre.org" "type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.10.6",
"matchCriteriaId": "5BBF1862-B6FF-4F32-A3C1-59D28BA25F81"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:-:*:*:*:*:*:*",
"matchCriteriaId": "3A4EAD2E-C3C3-4C79-8C42-375FFE638486"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev01:*:*:*:*:*:*",
"matchCriteriaId": "39198733-D227-4935-9A60-1026040D262F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev02:*:*:*:*:*:*",
"matchCriteriaId": "3C86EE81-8CD4-4131-969A-BDA24B9B48E8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev03:*:*:*:*:*:*",
"matchCriteriaId": "F9E9C869-7DA9-4EFA-B613-82BA127F6CE5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev04:*:*:*:*:*:*",
"matchCriteriaId": "F8FAA329-5893-412B-8349-4DA3023CC76E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev05:*:*:*:*:*:*",
"matchCriteriaId": "BB6A57A4-B18D-498D-9A8C-406797A6255C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev06:*:*:*:*:*:*",
"matchCriteriaId": "7F0977F0-90B4-48B4-BED6-C218B5CA5E03"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev07:*:*:*:*:*:*",
"matchCriteriaId": "4D55DE67-8F93-48F3-BE54-D3A065479281"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev08:*:*:*:*:*:*",
"matchCriteriaId": "D27980B4-B71B-4DA8-B130-F0B5929F8E65"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev09:*:*:*:*:*:*",
"matchCriteriaId": "DD1709BC-7DEB-4508-B3C3-B20F5FD001A3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev10:*:*:*:*:*:*",
"matchCriteriaId": "08A6BDD5-259E-4DC3-A548-00CD0D459749"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev11:*:*:*:*:*:*",
"matchCriteriaId": "B8166FF4-77D8-4A12-92E5-615B3DA2E602"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev12:*:*:*:*:*:*",
"matchCriteriaId": "999F057B-7918-461A-B60C-3BE72E92CDC9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev13:*:*:*:*:*:*",
"matchCriteriaId": "88FD1550-3715-493E-B674-9ECF3DD7A813"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev14:*:*:*:*:*:*",
"matchCriteriaId": "F31A4949-397F-4D1B-8AEA-AC7B335722F8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev15:*:*:*:*:*:*",
"matchCriteriaId": "D33A91D4-CE21-486D-9469-B09060B8C637"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev16:*:*:*:*:*:*",
"matchCriteriaId": "5E3E5CD2-7631-4DBE-AB4D-669E82BCCAD4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev17:*:*:*:*:*:*",
"matchCriteriaId": "2BEE0AF0-3D22-4DE7-9E71-A4469D9CA2EB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev18:*:*:*:*:*:*",
"matchCriteriaId": "AAFB199C-1D66-442D-AD7E-414DD339E1D3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev19:*:*:*:*:*:*",
"matchCriteriaId": "26322561-2491-4DC7-B974-0B92B61A5BDA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev20:*:*:*:*:*:*",
"matchCriteriaId": "A6BA6C2B-F2D5-4FF7-B316-C8E99C2B464B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev21:*:*:*:*:*:*",
"matchCriteriaId": "733E4A65-821B-4187-AA3A-1ACD3E882C07"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev22:*:*:*:*:*:*",
"matchCriteriaId": "6B0A0043-33E8-4440-92AC-DDD70EA39535"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev23:*:*:*:*:*:*",
"matchCriteriaId": "303205CC-8BDE-47EE-A675-9BA19983139A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev24:*:*:*:*:*:*",
"matchCriteriaId": "8C088014-47D6-4632-9FB5-2C7B1085B762"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev25:*:*:*:*:*:*",
"matchCriteriaId": "42CF6057-EB40-4208-9F1E-83213E97987C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev26:*:*:*:*:*:*",
"matchCriteriaId": "966BC23E-B8CE-4F98-B3A6-4B620E8808BE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev27:*:*:*:*:*:*",
"matchCriteriaId": "7409CE19-ACC1-4AF4-8C8A-AE2CDBB63D3D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev28:*:*:*:*:*:*",
"matchCriteriaId": "17D71CDE-3111-459B-8520-F62E0D5D2972"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev29:*:*:*:*:*:*",
"matchCriteriaId": "6D808ED6-F819-4014-BD24-4537D52DDFB0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev30:*:*:*:*:*:*",
"matchCriteriaId": "B3792A91-10E9-42D9-B852-37D369D8364E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev31:*:*:*:*:*:*",
"matchCriteriaId": "6F0BFEEF-8B19-4F71-B7F1-2CC94969616F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev32:*:*:*:*:*:*",
"matchCriteriaId": "52003F06-9351-49B6-A3C5-A2B6FC0B9F4D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev33:*:*:*:*:*:*",
"matchCriteriaId": "C8786112-32AE-4BA5-8D66-D4E2429D3228"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev34:*:*:*:*:*:*",
"matchCriteriaId": "3A67F528-0248-4E24-A5AB-2995ED7D2600"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev35:*:*:*:*:*:*",
"matchCriteriaId": "AE090C73-E093-4BD9-BEFE-634179500A78"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev36:*:*:*:*:*:*",
"matchCriteriaId": "0A7CF0F7-5DF5-4749-A777-0F9EDCD14EA6"
}
]
}
]
}
],
"references": [
{
"url": "http://seclists.org/fulldisclosure/2023/May/3",
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://open-xchange.com",
"source": "cve@mitre.org",
"tags": [
"Product"
]
} }
] ]
} }

261
CVE-2023/CVE-2023-246xx/CVE-2023-24605.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-24605", "id": "CVE-2023-24605",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-05-29T03:15:09.890", "published": "2023-05-29T03:15:09.890",
"lastModified": "2023-05-30T12:52:56.613", "lastModified": "2023-06-02T15:14:02.283",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -14,15 +14,260 @@
"value": "OX App Suite antes de la versi\u00f3n 7.10.6-rev37 no impone la verificaci\u00f3n en dos pasos para todos los servicios finales, como por ejemplo: leer desde un dispositivo, leer datos de contacto y el cambio de nombre de s\u00edmbolos. " "value": "OX App Suite antes de la versi\u00f3n 7.10.6-rev37 no impone la verificaci\u00f3n en dos pasos para todos los servicios finales, como por ejemplo: leer desde un dispositivo, leer datos de contacto y el cambio de nombre de s\u00edmbolos. "
} }
], ],
"metrics": {}, "metrics": {
"references": [ "cvssMetricV31": [
{ {
"url": "http://seclists.org/fulldisclosure/2023/May/3", "source": "nvd@nist.gov",
"source": "cve@mitre.org" "type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.2,
"baseSeverity": "MEDIUM"
}, },
"exploitabilityScore": 1.6,
"impactScore": 2.5
}
]
},
"weaknesses": [
{ {
"url": "https://open-xchange.com", "source": "nvd@nist.gov",
"source": "cve@mitre.org" "type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.10.6",
"matchCriteriaId": "5BBF1862-B6FF-4F32-A3C1-59D28BA25F81"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:-:*:*:*:*:*:*",
"matchCriteriaId": "3A4EAD2E-C3C3-4C79-8C42-375FFE638486"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev01:*:*:*:*:*:*",
"matchCriteriaId": "39198733-D227-4935-9A60-1026040D262F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev02:*:*:*:*:*:*",
"matchCriteriaId": "3C86EE81-8CD4-4131-969A-BDA24B9B48E8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev03:*:*:*:*:*:*",
"matchCriteriaId": "F9E9C869-7DA9-4EFA-B613-82BA127F6CE5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev04:*:*:*:*:*:*",
"matchCriteriaId": "F8FAA329-5893-412B-8349-4DA3023CC76E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev05:*:*:*:*:*:*",
"matchCriteriaId": "BB6A57A4-B18D-498D-9A8C-406797A6255C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev06:*:*:*:*:*:*",
"matchCriteriaId": "7F0977F0-90B4-48B4-BED6-C218B5CA5E03"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev07:*:*:*:*:*:*",
"matchCriteriaId": "4D55DE67-8F93-48F3-BE54-D3A065479281"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev08:*:*:*:*:*:*",
"matchCriteriaId": "D27980B4-B71B-4DA8-B130-F0B5929F8E65"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev09:*:*:*:*:*:*",
"matchCriteriaId": "DD1709BC-7DEB-4508-B3C3-B20F5FD001A3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev10:*:*:*:*:*:*",
"matchCriteriaId": "08A6BDD5-259E-4DC3-A548-00CD0D459749"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev11:*:*:*:*:*:*",
"matchCriteriaId": "B8166FF4-77D8-4A12-92E5-615B3DA2E602"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev12:*:*:*:*:*:*",
"matchCriteriaId": "999F057B-7918-461A-B60C-3BE72E92CDC9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev13:*:*:*:*:*:*",
"matchCriteriaId": "88FD1550-3715-493E-B674-9ECF3DD7A813"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev14:*:*:*:*:*:*",
"matchCriteriaId": "F31A4949-397F-4D1B-8AEA-AC7B335722F8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev15:*:*:*:*:*:*",
"matchCriteriaId": "D33A91D4-CE21-486D-9469-B09060B8C637"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev16:*:*:*:*:*:*",
"matchCriteriaId": "5E3E5CD2-7631-4DBE-AB4D-669E82BCCAD4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev17:*:*:*:*:*:*",
"matchCriteriaId": "2BEE0AF0-3D22-4DE7-9E71-A4469D9CA2EB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev18:*:*:*:*:*:*",
"matchCriteriaId": "AAFB199C-1D66-442D-AD7E-414DD339E1D3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev19:*:*:*:*:*:*",
"matchCriteriaId": "26322561-2491-4DC7-B974-0B92B61A5BDA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev20:*:*:*:*:*:*",
"matchCriteriaId": "A6BA6C2B-F2D5-4FF7-B316-C8E99C2B464B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev21:*:*:*:*:*:*",
"matchCriteriaId": "733E4A65-821B-4187-AA3A-1ACD3E882C07"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev22:*:*:*:*:*:*",
"matchCriteriaId": "6B0A0043-33E8-4440-92AC-DDD70EA39535"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev23:*:*:*:*:*:*",
"matchCriteriaId": "303205CC-8BDE-47EE-A675-9BA19983139A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev24:*:*:*:*:*:*",
"matchCriteriaId": "8C088014-47D6-4632-9FB5-2C7B1085B762"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev25:*:*:*:*:*:*",
"matchCriteriaId": "42CF6057-EB40-4208-9F1E-83213E97987C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev26:*:*:*:*:*:*",
"matchCriteriaId": "966BC23E-B8CE-4F98-B3A6-4B620E8808BE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev27:*:*:*:*:*:*",
"matchCriteriaId": "7409CE19-ACC1-4AF4-8C8A-AE2CDBB63D3D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev28:*:*:*:*:*:*",
"matchCriteriaId": "17D71CDE-3111-459B-8520-F62E0D5D2972"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev29:*:*:*:*:*:*",
"matchCriteriaId": "6D808ED6-F819-4014-BD24-4537D52DDFB0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev30:*:*:*:*:*:*",
"matchCriteriaId": "B3792A91-10E9-42D9-B852-37D369D8364E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev31:*:*:*:*:*:*",
"matchCriteriaId": "6F0BFEEF-8B19-4F71-B7F1-2CC94969616F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev32:*:*:*:*:*:*",
"matchCriteriaId": "52003F06-9351-49B6-A3C5-A2B6FC0B9F4D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev33:*:*:*:*:*:*",
"matchCriteriaId": "C8786112-32AE-4BA5-8D66-D4E2429D3228"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev34:*:*:*:*:*:*",
"matchCriteriaId": "3A67F528-0248-4E24-A5AB-2995ED7D2600"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev35:*:*:*:*:*:*",
"matchCriteriaId": "AE090C73-E093-4BD9-BEFE-634179500A78"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open-xchange:ox_app_suite:7.10.6:rev36:*:*:*:*:*:*",
"matchCriteriaId": "0A7CF0F7-5DF5-4749-A777-0F9EDCD14EA6"
}
]
}
]
}
],
"references": [
{
"url": "http://seclists.org/fulldisclosure/2023/May/3",
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://open-xchange.com",
"source": "cve@mitre.org",
"tags": [
"Product"
]
} }
] ]
} }

6
CVE-2023/CVE-2023-269xx/CVE-2023-26930.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-26930", "id": "CVE-2023-26930",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-04-26T19:15:08.783", "published": "2023-04-26T19:15:08.783",
"lastModified": "2023-05-03T16:49:07.453", "lastModified": "2023-06-02T14:15:09.370",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Buffer Overflow vulnerability found in XPDF v.4.04 allows an attacker to cause a Denial of Service via the PDFDoc malloc in the pdftotext.cc function." "value": "** DISPUTED ** Buffer Overflow vulnerability found in XPDF v.4.04 allows an attacker to cause a Denial of Service via the PDFDoc malloc in the pdftotext.cc function. NOTE: Vendor states \u201cit's an expected abort on out-of-memory error.\u201d"
} }
], ],
"metrics": { "metrics": {

6
CVE-2023/CVE-2023-292xx/CVE-2023-29218.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-29218", "id": "CVE-2023-29218",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-04-03T21:15:07.237", "published": "2023-04-03T21:15:07.237",
"lastModified": "2023-04-11T18:12:22.487", "lastModified": "2023-06-02T15:15:09.120",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "The Twitter Recommendation Algorithm through ec83d01 allows attackers to cause a denial of service (reduction of reputation score) by arranging for multiple Twitter accounts to coordinate negative signals regarding a target account, such as unfollowing, muting, blocking, and reporting, as exploited in the wild in March and April 2023." "value": "** DISPUTED ** The Twitter Recommendation Algorithm through ec83d01 allows attackers to cause a denial of service (reduction of reputation score) by arranging for multiple Twitter accounts to coordinate negative signals regarding a target account, such as unfollowing, muting, blocking, and reporting, as exploited in the wild in March and April 2023. NOTE: Vendor states that allowing users to unfollow, mute, block, and report tweets and accounts and the impact of these negative engagements on Twitter\u2019s ranking algorithm is a conscious design decision, rather than a security vulnerability."
} }
], ],
"metrics": { "metrics": {

89
CVE-2023/CVE-2023-29xx/CVE-2023-2939.json
View File

@ -2,23 +2,96 @@
"id": "CVE-2023-2939", "id": "CVE-2023-2939",
"sourceIdentifier": "chrome-cve-admin@google.com", "sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-05-30T22:15:10.477", "published": "2023-05-30T22:15:10.477",
"lastModified": "2023-05-31T13:02:26.480", "lastModified": "2023-06-02T14:59:57.137",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Insufficient data validation in Installer in Google Chrome on Windows prior to 114.0.5735.90 allowed a local attacker to perform privilege escalation via crafted symbolic link. (Chromium security severity: Medium)" "value": "Insufficient data validation in Installer in Google Chrome on Windows prior to 114.0.5735.90 allowed a local attacker to perform privilege escalation via crafted symbolic link. (Chromium security severity: Medium)"
} }
], ],
"metrics": {}, "metrics": {
"references": [ "cvssMetricV31": [
{ {
"url": "https://chromereleases.googleblog.com/2023/05/stable-channel-update-for-desktop_30.html", "source": "nvd@nist.gov",
"source": "chrome-cve-admin@google.com" "type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
}, },
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{ {
"url": "https://crbug.com/1427431", "source": "nvd@nist.gov",
"source": "chrome-cve-admin@google.com" "type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-59"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding": "114.0.5735.90",
"matchCriteriaId": "0228D6A1-F19F-4796-A4C2-690B66612ED4"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://chromereleases.googleblog.com/2023/05/stable-channel-update-for-desktop_30.html",
"source": "chrome-cve-admin@google.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://crbug.com/1427431",
"source": "chrome-cve-admin@google.com",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
} }
] ]
} }

76
CVE-2023/CVE-2023-29xx/CVE-2023-2940.json
View File

@ -2,23 +2,83 @@
"id": "CVE-2023-2940", "id": "CVE-2023-2940",
"sourceIdentifier": "chrome-cve-admin@google.com", "sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-05-30T22:15:10.527", "published": "2023-05-30T22:15:10.527",
"lastModified": "2023-05-31T13:02:26.480", "lastModified": "2023-06-02T15:01:18.223",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Inappropriate implementation in Downloads in Google Chrome prior to 114.0.5735.90 allowed an attacker who convinced a user to install a malicious extension to bypass file access restrictions via a crafted HTML page. (Chromium security severity: Medium)" "value": "Inappropriate implementation in Downloads in Google Chrome prior to 114.0.5735.90 allowed an attacker who convinced a user to install a malicious extension to bypass file access restrictions via a crafted HTML page. (Chromium security severity: Medium)"
} }
], ],
"metrics": {}, "metrics": {
"references": [ "cvssMetricV31": [
{ {
"url": "https://chromereleases.googleblog.com/2023/05/stable-channel-update-for-desktop_30.html", "source": "nvd@nist.gov",
"source": "chrome-cve-admin@google.com" "type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
}, },
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{ {
"url": "https://crbug.com/1426807", "source": "nvd@nist.gov",
"source": "chrome-cve-admin@google.com" "type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding": "114.0.5735.90",
"matchCriteriaId": "0228D6A1-F19F-4796-A4C2-690B66612ED4"
}
]
}
]
}
],
"references": [
{
"url": "https://chromereleases.googleblog.com/2023/05/stable-channel-update-for-desktop_30.html",
"source": "chrome-cve-admin@google.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://crbug.com/1426807",
"source": "chrome-cve-admin@google.com",
"tags": [
"Permissions Required"
]
} }
] ]
} }

24
CVE-2023/CVE-2023-301xx/CVE-2023-30149.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-30149",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-02T15:15:09.197",
"lastModified": "2023-06-02T15:15:09.197",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in the City Autocomplete (cityautocomplete) module from ebewe.net for PrestaShop, prior to version 1.8.12 (for PrestaShop version 1.5/1.6) or prior to 2.0.3 (for PrestaShop version 1.7), allows remote attackers to execute arbitrary SQL commands via the type, input_name. or q parameter in the autocompletion.php front controller."
}
],
"metrics": {},
"references": [
{
"url": "https://addons.prestashop.com/fr/inscription-processus-de-commande/6097-city-autocomplete.html",
"source": "cve@mitre.org"
},
{
"url": "https://friends-of-presta.github.io/security-advisories/module/2023/06/01/cityautocomplete.html",
"source": "cve@mitre.org"
}
]
}

4
CVE-2023/CVE-2023-30xx/CVE-2023-3031.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3031", "id": "CVE-2023-3031",
"sourceIdentifier": "vulnerability@ncsc.ch", "sourceIdentifier": "vulnerability@ncsc.ch",
"published": "2023-06-02T13:15:10.007", "published": "2023-06-02T13:15:10.007",
"lastModified": "2023-06-02T13:15:10.007", "lastModified": "2023-06-02T14:32:29.847",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

4
CVE-2023/CVE-2023-30xx/CVE-2023-3032.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3032", "id": "CVE-2023-3032",
"sourceIdentifier": "vulnerability@ncsc.ch", "sourceIdentifier": "vulnerability@ncsc.ch",
"published": "2023-06-02T13:15:10.073", "published": "2023-06-02T13:15:10.073",
"lastModified": "2023-06-02T13:15:10.073", "lastModified": "2023-06-02T14:32:29.847",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

4
CVE-2023/CVE-2023-30xx/CVE-2023-3033.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3033", "id": "CVE-2023-3033",
"sourceIdentifier": "vulnerability@ncsc.ch", "sourceIdentifier": "vulnerability@ncsc.ch",
"published": "2023-06-02T13:15:10.133", "published": "2023-06-02T13:15:10.133",
"lastModified": "2023-06-02T13:15:10.133", "lastModified": "2023-06-02T14:32:29.847",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

4
CVE-2023/CVE-2023-30xx/CVE-2023-3057.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3057", "id": "CVE-2023-3057",
"sourceIdentifier": "cna@vuldb.com", "sourceIdentifier": "cna@vuldb.com",
"published": "2023-06-02T13:15:10.193", "published": "2023-06-02T13:15:10.193",
"lastModified": "2023-06-02T13:15:10.193", "lastModified": "2023-06-02T14:32:29.847",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

4
CVE-2023/CVE-2023-30xx/CVE-2023-3058.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3058", "id": "CVE-2023-3058",
"sourceIdentifier": "cna@vuldb.com", "sourceIdentifier": "cna@vuldb.com",
"published": "2023-06-02T13:15:10.257", "published": "2023-06-02T13:15:10.257",
"lastModified": "2023-06-02T13:15:10.257", "lastModified": "2023-06-02T14:32:29.847",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

4
CVE-2023/CVE-2023-30xx/CVE-2023-3059.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3059", "id": "CVE-2023-3059",
"sourceIdentifier": "cna@vuldb.com", "sourceIdentifier": "cna@vuldb.com",
"published": "2023-06-02T13:15:10.323", "published": "2023-06-02T13:15:10.323",
"lastModified": "2023-06-02T13:15:10.323", "lastModified": "2023-06-02T14:32:29.847",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

88
CVE-2023/CVE-2023-30xx/CVE-2023-3060.json Normal file
View File

@ -0,0 +1,88 @@
{
"id": "CVE-2023-3060",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-06-02T14:15:09.530",
"lastModified": "2023-06-02T14:32:29.847",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in code-projects Agro-School Management System 1.0 and classified as problematic. This vulnerability affects the function doAddQuestion of the file btn_functions.php. The manipulation of the argument Question leads to cross site scripting. The attack can be initiated remotely. VDB-230566 is the identifier assigned to this vulnerability."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW"
},
"exploitabilityScore": 2.1,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE",
"baseScore": 4.0
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/hotencode/CveHub/blob/main/agricultural%20school%20management%20system%20has%20cross-site%20script%20vulnerability.pdf",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.230566",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.230566",
"source": "cna@vuldb.com"
}
]
}

88
CVE-2023/CVE-2023-30xx/CVE-2023-3061.json Normal file
View File

@ -0,0 +1,88 @@
{
"id": "CVE-2023-3061",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-06-02T14:15:09.597",
"lastModified": "2023-06-02T14:32:29.847",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in code-projects Agro-School Management System 1.0 and classified as critical. This issue affects some unknown processing of the file btn_functions.php of the component Attachment Image Handler. The manipulation leads to unrestricted upload. The attack may be initiated remotely. The associated identifier of this vulnerability is VDB-230567."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"references": [
{
"url": "https://github.com/hotencode/CveHub/blob/main/Agro-School%20Management%20System%20has%20a%20file%20upload%20(RCE)%20vulnerability.pdf",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.230567",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.230567",
"source": "cna@vuldb.com"
}
]
}

88
CVE-2023/CVE-2023-30xx/CVE-2023-3062.json Normal file
View File

@ -0,0 +1,88 @@
{
"id": "CVE-2023-3062",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-06-02T14:15:09.663",
"lastModified": "2023-06-02T14:32:29.847",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in code-projects Agro-School Management System 1.0. It has been classified as critical. Affected is an unknown function of the file index.php. The manipulation of the argument password leads to sql injection. It is possible to launch the attack remotely. The identifier of this vulnerability is VDB-230568."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/hotencode/CveHub/blob/main/Agro-School%20Management%20System%20index.php%20has%20Sqlinjection.pdf",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.230568",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.230568",
"source": "cna@vuldb.com"
}
]
}

112
CVE-2023/CVE-2023-311xx/CVE-2023-31124.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-31124", "id": "CVE-2023-31124",
"sourceIdentifier": "security-advisories@github.com", "sourceIdentifier": "security-advisories@github.com",
"published": "2023-05-25T22:15:09.680", "published": "2023-05-25T22:15:09.680",
"lastModified": "2023-05-28T06:15:13.787", "lastModified": "2023-06-02T14:35:03.563",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
},
{ {
"source": "security-advisories@github.com", "source": "security-advisories@github.com",
"type": "Secondary", "type": "Secondary",
@ -35,6 +55,16 @@
] ]
}, },
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-330"
}
]
},
{ {
"source": "security-advisories@github.com", "source": "security-advisories@github.com",
"type": "Secondary", "type": "Secondary",
@ -46,22 +76,74 @@
] ]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://github.com/c-ares/c-ares/releases/tag/cares-1_19_1", "nodes": [
"source": "security-advisories@github.com"
},
{ {
"url": "https://github.com/c-ares/c-ares/security/advisories/GHSA-54xr-f67r-4pc4", "operator": "OR",
"source": "security-advisories@github.com" "negate": false,
}, "cpeMatch": [
{ {
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B5Z5XFNXTNPTCBBVXFDNZQVLLIE6VRBY/", "vulnerable": true,
"source": "security-advisories@github.com" "criteria": "cpe:2.3:a:c-ares_project:c-ares:*:*:*:*:*:*:*:*",
}, "versionEndExcluding": "1.19.1",
{ "matchCriteriaId": "48937B75-3746-49D9-B738-B19EF0EF8D9F"
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UBFWILTA33LOSV23P44FGTQQIDRJHIY7/", }
"source": "security-advisories@github.com" ]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
"matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/c-ares/c-ares/releases/tag/cares-1_19_1",
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://github.com/c-ares/c-ares/security/advisories/GHSA-54xr-f67r-4pc4",
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B5Z5XFNXTNPTCBBVXFDNZQVLLIE6VRBY/",
"source": "security-advisories@github.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UBFWILTA33LOSV23P44FGTQQIDRJHIY7/",
"source": "security-advisories@github.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
} }
] ]
} }

81
CVE-2023/CVE-2023-323xx/CVE-2023-32323.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32323", "id": "CVE-2023-32323",
"sourceIdentifier": "security-advisories@github.com", "sourceIdentifier": "security-advisories@github.com",
"published": "2023-05-26T14:15:10.827", "published": "2023-05-26T14:15:10.827",
"lastModified": "2023-05-26T15:56:52.630", "lastModified": "2023-06-02T14:33:47.707",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{ {
"source": "security-advisories@github.com", "source": "security-advisories@github.com",
"type": "Secondary", "type": "Secondary",
@ -35,6 +55,16 @@
] ]
}, },
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
},
{ {
"source": "security-advisories@github.com", "source": "security-advisories@github.com",
"type": "Secondary", "type": "Secondary",
@ -46,18 +76,47 @@
] ]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://github.com/matrix-org/synapse/issues/14492", "nodes": [
"source": "security-advisories@github.com"
},
{ {
"url": "https://github.com/matrix-org/synapse/pull/14642", "operator": "OR",
"source": "security-advisories@github.com" "negate": false,
}, "cpeMatch": [
{ {
"url": "https://github.com/matrix-org/synapse/security/advisories/GHSA-f3wc-3vxv-xmvr", "vulnerable": true,
"source": "security-advisories@github.com" "criteria": "cpe:2.3:a:matrix:synapse:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.74.0",
"matchCriteriaId": "D7B262AE-3361-41B7-8BF8-D893316A98C4"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/matrix-org/synapse/issues/14492",
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Issue Tracking"
]
},
{
"url": "https://github.com/matrix-org/synapse/pull/14642",
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/matrix-org/synapse/security/advisories/GHSA-f3wc-3vxv-xmvr",
"source": "security-advisories@github.com",
"tags": [
"Mitigation",
"Vendor Advisory"
]
} }
] ]
} }

68
CVE-2023/CVE-2023-333xx/CVE-2023-33394.json
View File

@ -2,19 +2,75 @@
"id": "CVE-2023-33394", "id": "CVE-2023-33394",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-05-26T15:15:14.217", "published": "2023-05-26T15:15:14.217",
"lastModified": "2023-05-26T15:56:52.630", "lastModified": "2023-06-02T15:53:51.300",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "skycaiji v2.5.4 is vulnerable to Cross Site Scripting (XSS). Attackers can achieve backend XSS by deploying malicious JSON data." "value": "skycaiji v2.5.4 is vulnerable to Cross Site Scripting (XSS). Attackers can achieve backend XSS by deploying malicious JSON data."
} }
], ],
"metrics": {}, "metrics": {
"references": [ "cvssMetricV31": [
{ {
"url": "https://wanheiqiyihu.top/2023/05/02/skycaiji-v2-5-4-has-a-backend-xss-vulnerability/", "source": "nvd@nist.gov",
"source": "cve@mitre.org" "type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:skycaiji:skycaiji:2.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9D9EEEC5-0204-41F6-981D-DECEA38E6597"
}
]
}
]
}
],
"references": [
{
"url": "https://wanheiqiyihu.top/2023/05/02/skycaiji-v2-5-4-has-a-backend-xss-vulnerability/",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

28
CVE-2023/CVE-2023-334xx/CVE-2023-33476.json Normal file
View File

@ -0,0 +1,28 @@
{
"id": "CVE-2023-33476",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-02T14:15:09.437",
"lastModified": "2023-06-02T14:32:29.847",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "ReadyMedia (MiniDLNA) versions from 1.1.15 up to 1.3.2 is vulnerable to Buffer Overflow. The vulnerability is caused by incorrect validation logic when handling HTTP requests using chunked transport encoding. This results in other code later using attacker-controlled chunk values that exceed the length of the allocated buffer, resulting in out-of-bounds read/write."
}
],
"metrics": {},
"references": [
{
"url": "https://blog.coffinsec.com/0day/2023/05/31/minidlna-heap-overflow-rca.html",
"source": "cve@mitre.org"
},
{
"url": "https://sourceforge.net/p/minidlna/git/ci/9bd58553fae5aef3e6dd22f51642d2c851225aec/",
"source": "cve@mitre.org"
},
{
"url": "https://sourceforge.net/projects/minidlna/",
"source": "cve@mitre.org"
}
]
}

68
CVE-2023/CVE-2023-337xx/CVE-2023-33720.json
View File

@ -2,19 +2,75 @@
"id": "CVE-2023-33720", "id": "CVE-2023-33720",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-05-26T16:15:10.980", "published": "2023-05-26T16:15:10.980",
"lastModified": "2023-05-26T16:15:10.980", "lastModified": "2023-06-02T15:59:21.680",
"vulnStatus": "Received", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "mp4v2 v2.1.2 was discovered to contain a memory leak via the class MP4BytesProperty." "value": "mp4v2 v2.1.2 was discovered to contain a memory leak via the class MP4BytesProperty."
} }
], ],
"metrics": {}, "metrics": {
"references": [ "cvssMetricV31": [
{ {
"url": "https://github.com/enzo1982/mp4v2/issues/36", "source": "nvd@nist.gov",
"source": "cve@mitre.org" "type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mp4v2_project:mp4v2:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9E9EA982-3885-417B-AB0C-061415A7F261"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/enzo1982/mp4v2/issues/36",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking"
]
} }
] ]
} }

63
CVE-2023/CVE-2023-342xx/CVE-2023-34225.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34225", "id": "CVE-2023-34225",
"sourceIdentifier": "security@jetbrains.com", "sourceIdentifier": "security@jetbrains.com",
"published": "2023-05-31T14:15:10.697", "published": "2023-05-31T14:15:10.697",
"lastModified": "2023-05-31T14:22:04.583", "lastModified": "2023-06-02T14:36:37.770",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{ {
"source": "security@jetbrains.com", "source": "security@jetbrains.com",
"type": "Secondary", "type": "Secondary",
@ -36,7 +56,7 @@
}, },
"weaknesses": [ "weaknesses": [
{ {
"source": "security@jetbrains.com", "source": "nvd@nist.gov",
"type": "Primary", "type": "Primary",
"description": [ "description": [
{ {
@ -44,12 +64,43 @@
"value": "CWE-79" "value": "CWE-79"
} }
] ]
},
{
"source": "security@jetbrains.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://www.jetbrains.com/privacy-security/issues-fixed/", "nodes": [
"source": "security@jetbrains.com" {
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:jetbrains:teamcity:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2023.05",
"matchCriteriaId": "062C573B-23CC-4F05-BB1D-3FC107988E92"
}
]
}
]
}
],
"references": [
{
"url": "https://www.jetbrains.com/privacy-security/issues-fixed/",
"source": "security@jetbrains.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

51
CVE-2023/CVE-2023-342xx/CVE-2023-34226.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34226", "id": "CVE-2023-34226",
"sourceIdentifier": "security@jetbrains.com", "sourceIdentifier": "security@jetbrains.com",
"published": "2023-05-31T14:15:10.763", "published": "2023-05-31T14:15:10.763",
"lastModified": "2023-05-31T14:22:04.583", "lastModified": "2023-06-02T14:35:25.620",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{ {
"source": "security@jetbrains.com", "source": "security@jetbrains.com",
"type": "Secondary", "type": "Secondary",
@ -46,10 +66,31 @@
] ]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://www.jetbrains.com/privacy-security/issues-fixed/", "nodes": [
"source": "security@jetbrains.com" {
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:jetbrains:teamcity:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2023.05",
"matchCriteriaId": "062C573B-23CC-4F05-BB1D-3FC107988E92"
}
]
}
]
}
],
"references": [
{
"url": "https://www.jetbrains.com/privacy-security/issues-fixed/",
"source": "security@jetbrains.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

20
CVE-2023/CVE-2023-343xx/CVE-2023-34362.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-34362",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-02T14:15:09.487",
"lastModified": "2023-06-02T14:32:29.847",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In Progress MOVEit Transfer before 2021.0.6 (13.0.6), 2021.1.4 (13.1.4), 2022.0.4 (14.0.4), 2022.1.5 (14.1.5), and 2023.0.1 (15.0.1), a SQL injection vulnerability has been found in the MOVEit Transfer web application that could allow an unauthenticated attacker to gain access to MOVEit Transfer's database. Depending on the database engine being used (MySQL, Microsoft SQL Server, or Azure SQL), an attacker may be able to infer information about the structure and contents of the database, and execute SQL statements that alter or delete database elements. NOTE: this is exploited in the wild in May and June 2023; exploitation of unpatched systems can occur via HTTP or HTTPS."
}
],
"metrics": {},
"references": [
{
"url": "https://community.progress.com/s/article/MOVEit-Transfer-Critical-Vulnerability-31May2023",
"source": "cve@mitre.org"
}
]
}

76
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update ### Last Repository Update
```plain ```plain
2023-06-02T14:00:27.053961+00:00 2023-06-02T16:00:27.384459+00:00
``` ```
### Most recent CVE Modification Timestamp synchronized with NVD ### Most recent CVE Modification Timestamp synchronized with NVD
```plain ```plain
2023-06-02T13:49:02.543000+00:00 2023-06-02T15:59:21.680000+00:00
``` ```
### Last Data Feed Release ### Last Data Feed Release
@ -29,55 +29,49 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs ### Total Number of included CVEs
```plain ```plain
216696 216702
``` ```
### CVEs added in the last Commit ### CVEs added in the last Commit
Recently added CVEs: `11` Recently added CVEs: `6`
* [CVE-2022-24695](CVE-2022/CVE-2022-246xx/CVE-2022-24695.json) (`2023-06-02T12:15:09.243`) * [CVE-2023-33476](CVE-2023/CVE-2023-334xx/CVE-2023-33476.json) (`2023-06-02T14:15:09.437`)
* [CVE-2023-28469](CVE-2023/CVE-2023-284xx/CVE-2023-28469.json) (`2023-06-02T12:15:09.320`) * [CVE-2023-34362](CVE-2023/CVE-2023-343xx/CVE-2023-34362.json) (`2023-06-02T14:15:09.487`)
* [CVE-2023-33717](CVE-2023/CVE-2023-337xx/CVE-2023-33717.json) (`2023-06-02T12:15:09.367`) * [CVE-2023-3060](CVE-2023/CVE-2023-30xx/CVE-2023-3060.json) (`2023-06-02T14:15:09.530`)
* [CVE-2023-33731](CVE-2023/CVE-2023-337xx/CVE-2023-33731.json) (`2023-06-02T12:15:09.410`) * [CVE-2023-3061](CVE-2023/CVE-2023-30xx/CVE-2023-3061.json) (`2023-06-02T14:15:09.597`)
* [CVE-2023-3056](CVE-2023/CVE-2023-30xx/CVE-2023-3056.json) (`2023-06-02T12:15:09.470`) * [CVE-2023-3062](CVE-2023/CVE-2023-30xx/CVE-2023-3062.json) (`2023-06-02T14:15:09.663`)
* [CVE-2023-3031](CVE-2023/CVE-2023-30xx/CVE-2023-3031.json) (`2023-06-02T13:15:10.007`) * [CVE-2023-30149](CVE-2023/CVE-2023-301xx/CVE-2023-30149.json) (`2023-06-02T15:15:09.197`)
* [CVE-2023-3032](CVE-2023/CVE-2023-30xx/CVE-2023-3032.json) (`2023-06-02T13:15:10.073`)
* [CVE-2023-3033](CVE-2023/CVE-2023-30xx/CVE-2023-3033.json) (`2023-06-02T13:15:10.133`)
* [CVE-2023-3057](CVE-2023/CVE-2023-30xx/CVE-2023-3057.json) (`2023-06-02T13:15:10.193`)
* [CVE-2023-3058](CVE-2023/CVE-2023-30xx/CVE-2023-3058.json) (`2023-06-02T13:15:10.257`)
* [CVE-2023-3059](CVE-2023/CVE-2023-30xx/CVE-2023-3059.json) (`2023-06-02T13:15:10.323`)
### CVEs modified in the last Commit ### CVEs modified in the last Commit
Recently modified CVEs: `50` Recently modified CVEs: `24`
* [CVE-2023-2062](CVE-2023/CVE-2023-20xx/CVE-2023-2062.json) (`2023-06-02T12:48:55.690`) * [CVE-2022-39374](CVE-2022/CVE-2022-393xx/CVE-2022-39374.json) (`2023-06-02T14:41:04.300`)
* [CVE-2023-2063](CVE-2023/CVE-2023-20xx/CVE-2023-2063.json) (`2023-06-02T12:48:55.690`) * [CVE-2022-39335](CVE-2022/CVE-2022-393xx/CVE-2022-39335.json) (`2023-06-02T15:29:22.687`)
* [CVE-2023-1159](CVE-2023/CVE-2023-11xx/CVE-2023-1159.json) (`2023-06-02T12:48:55.690`) * [CVE-2023-26930](CVE-2023/CVE-2023-269xx/CVE-2023-26930.json) (`2023-06-02T14:15:09.370`)
* [CVE-2023-2835](CVE-2023/CVE-2023-28xx/CVE-2023-2835.json) (`2023-06-02T12:48:55.690`) * [CVE-2023-3031](CVE-2023/CVE-2023-30xx/CVE-2023-3031.json) (`2023-06-02T14:32:29.847`)
* [CVE-2023-3000](CVE-2023/CVE-2023-30xx/CVE-2023-3000.json) (`2023-06-02T12:48:55.690`) * [CVE-2023-3032](CVE-2023/CVE-2023-30xx/CVE-2023-3032.json) (`2023-06-02T14:32:29.847`)
* [CVE-2023-33643](CVE-2023/CVE-2023-336xx/CVE-2023-33643.json) (`2023-06-02T12:49:17.557`) * [CVE-2023-3033](CVE-2023/CVE-2023-30xx/CVE-2023-3033.json) (`2023-06-02T14:32:29.847`)
* [CVE-2023-33634](CVE-2023/CVE-2023-336xx/CVE-2023-33634.json) (`2023-06-02T12:49:44.023`) * [CVE-2023-3057](CVE-2023/CVE-2023-30xx/CVE-2023-3057.json) (`2023-06-02T14:32:29.847`)
* [CVE-2023-33635](CVE-2023/CVE-2023-336xx/CVE-2023-33635.json) (`2023-06-02T12:49:54.507`) * [CVE-2023-3058](CVE-2023/CVE-2023-30xx/CVE-2023-3058.json) (`2023-06-02T14:32:29.847`)
* [CVE-2023-33636](CVE-2023/CVE-2023-336xx/CVE-2023-33636.json) (`2023-06-02T12:50:06.253`) * [CVE-2023-3059](CVE-2023/CVE-2023-30xx/CVE-2023-3059.json) (`2023-06-02T14:32:29.847`)
* [CVE-2023-33637](CVE-2023/CVE-2023-336xx/CVE-2023-33637.json) (`2023-06-02T12:50:30.330`) * [CVE-2023-32323](CVE-2023/CVE-2023-323xx/CVE-2023-32323.json) (`2023-06-02T14:33:47.707`)
* [CVE-2023-33638](CVE-2023/CVE-2023-336xx/CVE-2023-33638.json) (`2023-06-02T12:50:41.240`) * [CVE-2023-31124](CVE-2023/CVE-2023-311xx/CVE-2023-31124.json) (`2023-06-02T14:35:03.563`)
* [CVE-2023-33639](CVE-2023/CVE-2023-336xx/CVE-2023-33639.json) (`2023-06-02T12:50:48.237`) * [CVE-2023-34226](CVE-2023/CVE-2023-342xx/CVE-2023-34226.json) (`2023-06-02T14:35:25.620`)
* [CVE-2023-33640](CVE-2023/CVE-2023-336xx/CVE-2023-33640.json) (`2023-06-02T12:51:10.167`) * [CVE-2023-34225](CVE-2023/CVE-2023-342xx/CVE-2023-34225.json) (`2023-06-02T14:36:37.770`)
* [CVE-2023-33641](CVE-2023/CVE-2023-336xx/CVE-2023-33641.json) (`2023-06-02T12:51:17.917`) * [CVE-2023-20878](CVE-2023/CVE-2023-208xx/CVE-2023-20878.json) (`2023-06-02T14:44:42.060`)
* [CVE-2023-33642](CVE-2023/CVE-2023-336xx/CVE-2023-33642.json) (`2023-06-02T12:51:31.197`) * [CVE-2023-20879](CVE-2023/CVE-2023-208xx/CVE-2023-20879.json) (`2023-06-02T14:45:32.940`)
* [CVE-2023-33627](CVE-2023/CVE-2023-336xx/CVE-2023-33627.json) (`2023-06-02T12:52:29.320`) * [CVE-2023-20877](CVE-2023/CVE-2023-208xx/CVE-2023-20877.json) (`2023-06-02T14:45:40.740`)
* [CVE-2023-33628](CVE-2023/CVE-2023-336xx/CVE-2023-33628.json) (`2023-06-02T12:52:36.063`) * [CVE-2023-2939](CVE-2023/CVE-2023-29xx/CVE-2023-2939.json) (`2023-06-02T14:59:57.137`)
* [CVE-2023-33629](CVE-2023/CVE-2023-336xx/CVE-2023-33629.json) (`2023-06-02T12:52:44.613`) * [CVE-2023-2940](CVE-2023/CVE-2023-29xx/CVE-2023-2940.json) (`2023-06-02T15:01:18.223`)
* [CVE-2023-33630](CVE-2023/CVE-2023-336xx/CVE-2023-33630.json) (`2023-06-02T12:52:58.467`) * [CVE-2023-24605](CVE-2023/CVE-2023-246xx/CVE-2023-24605.json) (`2023-06-02T15:14:02.283`)
* [CVE-2023-33631](CVE-2023/CVE-2023-336xx/CVE-2023-33631.json) (`2023-06-02T12:53:09.750`) * [CVE-2023-29218](CVE-2023/CVE-2023-292xx/CVE-2023-29218.json) (`2023-06-02T15:15:09.120`)
* [CVE-2023-33632](CVE-2023/CVE-2023-336xx/CVE-2023-33632.json) (`2023-06-02T12:53:22.180`) * [CVE-2023-24598](CVE-2023/CVE-2023-245xx/CVE-2023-24598.json) (`2023-06-02T15:24:06.493`)
* [CVE-2023-33633](CVE-2023/CVE-2023-336xx/CVE-2023-33633.json) (`2023-06-02T12:53:31.457`) * [CVE-2023-24597](CVE-2023/CVE-2023-245xx/CVE-2023-24597.json) (`2023-06-02T15:29:31.447`)
* [CVE-2023-32318](CVE-2023/CVE-2023-323xx/CVE-2023-32318.json) (`2023-06-02T12:57:32.097`) * [CVE-2023-33394](CVE-2023/CVE-2023-333xx/CVE-2023-33394.json) (`2023-06-02T15:53:51.300`)
* [CVE-2023-26931](CVE-2023/CVE-2023-269xx/CVE-2023-26931.json) (`2023-06-02T13:15:09.920`) * [CVE-2023-33720](CVE-2023/CVE-2023-337xx/CVE-2023-33720.json) (`2023-06-02T15:59:21.680`)
* [CVE-2023-33195](CVE-2023/CVE-2023-331xx/CVE-2023-33195.json) (`2023-06-02T13:49:02.543`)
## Download and Usage ## Download and Usage