admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-08 19:47:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-09-22T12:00:25.395624+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-09-22 12:00:29 +00:00
parent d05072293e
commit 362a412ac6
11 changed files with 73 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
CVE-2023/CVE-2023-437xx/CVE-2023-43760.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-43760",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-22T05:15:09.240",
"lastModified": "2023-09-22T05:15:09.240",
"vulnStatus": "Received",
"lastModified": "2023-09-22T10:59:53.233",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
"lang": "en",
"value": "Certain WithSecure products allow Denial of Service via a fuzzed PE32 file. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, Linux Security 64 12.0 , Linux Protection 12.0, and WithSecure Atlant (formerly F-Secure Atlant) 1.0.35-1."
},
{
"lang": "es",
"value": "Ciertos productos WithSecure permiten la Denegaci\u00f3n de Servicio a trav\u00e9s de un archivo PE32 difuso. Esto afecta a WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 y posteriores, WithSecure Client Security para Mac 15, WithSecure Elements Endpoint Protection para Mac 17 y posteriores, Linux Security 64 12.0, Linux Protection 12.0 y WithSecure Atlant (anteriormente F-Secure Atlant) 1.0.35-1."
}
],
"metrics": {},

8
CVE-2023/CVE-2023-437xx/CVE-2023-43761.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-43761",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-22T05:15:09.457",
"lastModified": "2023-09-22T05:15:09.457",
"vulnStatus": "Received",
"lastModified": "2023-09-22T10:59:53.233",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
"lang": "en",
"value": "Certain WithSecure products allow Denial of Service (infinite loop). This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, Linux Security 64 12.0 , Linux Protection 12.0, and WithSecure Atlant (formerly F-Secure Atlant) 1.0.35-1."
},
{
"lang": "es",
"value": "Ciertos productos WithSecure permiten la Denegaci\u00f3n de Servicio (bucle infinito). Esto afecta a WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 y posteriores, WithSecure Client Security para Mac 15, WithSecure Elements Endpoint Protection para Mac 17 y posteriores, Linux Security 64 12.0, Linux Protection 12.0 y WithSecure Atlant (anteriormente F-Secure Atlant) 1.0.35-1."
}
],
"metrics": {},

8
CVE-2023/CVE-2023-437xx/CVE-2023-43762.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-43762",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-22T05:15:09.530",
"lastModified": "2023-09-22T05:15:09.530",
"vulnStatus": "Received",
"lastModified": "2023-09-22T10:59:53.233",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
"lang": "en",
"value": "Certain WithSecure products allow Unauthenticated Remote Code Execution via the web server (backend), issue 1 of 2. This affects WithSecure Policy Manager 15 and Policy Manager Proxy 15."
},
{
"lang": "es",
"value": "Ciertos productos WithSecure permiten la Ejecuci\u00f3n Remota de C\u00f3digo No Autenticado a trav\u00e9s del servidor web (backend), n\u00famero 1 de 2. Esto afecta a WithSecure Policy Manager 15 y Policy Manager Proxy 15."
}
],
"metrics": {},

8
CVE-2023/CVE-2023-437xx/CVE-2023-43763.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-43763",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-22T05:15:09.630",
"lastModified": "2023-09-22T05:15:09.630",
"vulnStatus": "Received",
"lastModified": "2023-09-22T10:59:53.233",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
"lang": "en",
"value": "Certain WithSecure products allow XSS via an unvalidated parameter in the endpoint. This affects WithSecure Policy Manager 15 on Windows and Linux."
},
{
"lang": "es",
"value": "Ciertos productos WithSecure permiten XSS a trav\u00e9s de un par\u00e1metro no validado en endpoint. Esto afecta a WithSecure Policy Manager 15 en Windows y Linux."
}
],
"metrics": {},

8
CVE-2023/CVE-2023-437xx/CVE-2023-43764.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-43764",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-22T05:15:09.720",
"lastModified": "2023-09-22T05:15:09.720",
"vulnStatus": "Received",
"lastModified": "2023-09-22T10:59:53.233",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
"lang": "en",
"value": "Certain WithSecure products allow Unauthenticated Remote Code Execution via the web server (backend), issue 2 of 2. This affects WithSecure Policy Manager 15 on Windows and Linux."
},
{
"lang": "es",
"value": "Ciertos productos WithSecure permiten la Ejecuci\u00f3n Remota de C\u00f3digo No Autenticado a trav\u00e9s del servidor web (backend), n\u00famero 2 de 2. Esto afecta a WithSecure Policy Manager 15 en Windows y Linux."
}
],
"metrics": {},

8
CVE-2023/CVE-2023-437xx/CVE-2023-43765.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-43765",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-22T05:15:09.793",
"lastModified": "2023-09-22T05:15:09.793",
"vulnStatus": "Received",
"lastModified": "2023-09-22T10:59:53.233",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
"lang": "en",
"value": "Certain WithSecure products allow Denial of Service in the aeelf component. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, Linux Security 64 12.0 , Linux Protection 12.0, and WithSecure Atlant (formerly F-Secure Atlant) 1.0.35-1."
},
{
"lang": "es",
"value": "Ciertos productos WithSecure permiten la Denegaci\u00f3n de Servicio en el componente aeelf. Esto afecta a WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 y posteriores, WithSecure Client Security para Mac 15, WithSecure Elements Endpoint Protection para Mac 17 y posteriores, Linux Security 64 12.0, Linux Protection 12.0 y WithSecure Atlant (anteriormente F-Secure Atlant) 1.0.35-1."
}
],
"metrics": {},

8
CVE-2023/CVE-2023-437xx/CVE-2023-43766.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-43766",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-22T05:15:09.867",
"lastModified": "2023-09-22T05:15:09.867",
"vulnStatus": "Received",
"lastModified": "2023-09-22T10:59:53.233",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
"lang": "en",
"value": "Certain WithSecure products allow Local privilege escalation via the lhz archive unpack handler. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, Linux Security 64 12.0 , Linux Protection 12.0, and WithSecure Atlant (formerly F-Secure Atlant) 1.0.35-1."
},
{
"lang": "es",
"value": "Ciertos productos WithSecure permiten la escalada de privilegios Locales a trav\u00e9s del controlador de descompresi\u00f3n de archivos lhz. Esto afecta a WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 y posteriores, WithSecure Client Security para Mac 15, WithSecure Elements Endpoint Protection para Mac 17 y posteriores, Linux Security 64 12.0, Linux Protection 12.0 y WithSecure Atlant (anteriormente F-Secure Atlant) 1.0.35-1."
}
],
"metrics": {},

8
CVE-2023/CVE-2023-437xx/CVE-2023-43767.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-43767",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-22T05:15:09.937",
"lastModified": "2023-09-22T05:15:09.937",
"vulnStatus": "Received",
"lastModified": "2023-09-22T10:59:53.233",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
"lang": "en",
"value": "Certain WithSecure products allow Denial of Service via the aepack archive unpack handler. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, Linux Security 64 12.0 , Linux Protection 12.0, and WithSecure Atlant (formerly F-Secure Atlant) 1.0.35-1."
},
{
"lang": "es",
"value": "Ciertos productos WithSecure permiten la Denegaci\u00f3n de Servicio a trav\u00e9s del controlador de descompresi\u00f3n del archivo aepack. Esto afecta a WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 y posteriores, WithSecure Client Security para Mac 15, WithSecure Elements Endpoint Protection para Mac 17 y posteriores, Linux Security 64 12.0, Linux Protection 12.0 y WithSecure Atlant (anteriormente F-Secure Atlant) 1.0.35-1."
}
],
"metrics": {},

8
CVE-2023/CVE-2023-47xx/CVE-2023-4716.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-4716",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-09-22T06:15:11.007",
"lastModified": "2023-09-22T06:15:11.007",
"vulnStatus": "Received",
"lastModified": "2023-09-22T10:55:29.813",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
"lang": "en",
"value": "The Media Library Assistant plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'mla_gallery' shortcode in versions up to, and including, 3.10 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
},
{
"lang": "es",
"value": "El complemento Media Library Assistant para WordPress es vulnerable a Stored Cross-Site Scripting a trav\u00e9s del c\u00f3digo corto 'mla_gallery' en versiones hasta la 3.10 inclusive debido a una sanitizaci\u00f3n de entrada insuficiente y a un escape de salida en los atributos proporcionados por el usuario. Esto hace posible que atacantes autenticados con permisos de nivel de colaborador y superiores inyecten scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada."
}
],
"metrics": {

8
CVE-2023/CVE-2023-47xx/CVE-2023-4774.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-4774",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-09-22T06:15:11.277",
"lastModified": "2023-09-22T06:15:11.277",
"vulnStatus": "Received",
"lastModified": "2023-09-22T10:55:22.703",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
"lang": "en",
"value": "The WP-Matomo Integration (WP-Piwik) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'wp-piwik' shortcode in versions up to, and including, 1.0.28 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
},
{
"lang": "es",
"value": "El complemento WP-Matomo Integration (WP-Piwik) para WordPress es vulnerable a Stored Cross-Site Scriptings a trav\u00e9s del c\u00f3digo corto 'wp-piwik' en versiones hasta la 1.0.28 inclusive debido a una sanitizaci\u00f3n de entrada insuficiente y a un escape de salida del usuario atributos proporcionados. Esto hace posible que atacantes autenticados con permisos de nivel de colaborador y superiores inyecten scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada."
}
],
"metrics": {

17
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-09-22T10:00:24.771298+00:00
2023-09-22T12:00:25.395624+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-09-22T09:15:09.497000+00:00
2023-09-22T10:59:53.233000+00:00
```
### Last Data Feed Release
@ -40,9 +40,18 @@ Recently added CVEs: `0`
### CVEs modified in the last Commit
Recently modified CVEs: `1`
Recently modified CVEs: `10`
* [CVE-2023-4863](CVE-2023/CVE-2023-48xx/CVE-2023-4863.json) (`2023-09-22T09:15:09.497`)
* [CVE-2023-4774](CVE-2023/CVE-2023-47xx/CVE-2023-4774.json) (`2023-09-22T10:55:22.703`)
* [CVE-2023-4716](CVE-2023/CVE-2023-47xx/CVE-2023-4716.json) (`2023-09-22T10:55:29.813`)
* [CVE-2023-43760](CVE-2023/CVE-2023-437xx/CVE-2023-43760.json) (`2023-09-22T10:59:53.233`)
* [CVE-2023-43761](CVE-2023/CVE-2023-437xx/CVE-2023-43761.json) (`2023-09-22T10:59:53.233`)
* [CVE-2023-43762](CVE-2023/CVE-2023-437xx/CVE-2023-43762.json) (`2023-09-22T10:59:53.233`)
* [CVE-2023-43763](CVE-2023/CVE-2023-437xx/CVE-2023-43763.json) (`2023-09-22T10:59:53.233`)
* [CVE-2023-43764](CVE-2023/CVE-2023-437xx/CVE-2023-43764.json) (`2023-09-22T10:59:53.233`)
* [CVE-2023-43765](CVE-2023/CVE-2023-437xx/CVE-2023-43765.json) (`2023-09-22T10:59:53.233`)
* [CVE-2023-43766](CVE-2023/CVE-2023-437xx/CVE-2023-43766.json) (`2023-09-22T10:59:53.233`)
* [CVE-2023-43767](CVE-2023/CVE-2023-437xx/CVE-2023-43767.json) (`2023-09-22T10:59:53.233`)
## Download and Usage