From 36a658da1e7827e6c6e01df7216618368310c25d Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Sat, 27 May 2023 02:00:34 +0000 Subject: [PATCH] Auto-Update: 2023-05-27T02:00:30.631682+00:00 --- CVE-2022/CVE-2022-466xx/CVE-2022-46680.json | 169 +++++++++++++++++++- CVE-2023/CVE-2023-237xx/CVE-2023-23759.json | 68 +++++++- CVE-2023/CVE-2023-238xx/CVE-2023-23830.json | 6 +- CVE-2023/CVE-2023-270xx/CVE-2023-27066.json | 70 +++++++- CVE-2023/CVE-2023-270xx/CVE-2023-27067.json | 70 +++++++- CVE-2023/CVE-2023-27xx/CVE-2023-2790.json | 73 ++++++++- CVE-2023/CVE-2023-283xx/CVE-2023-28386.json | 132 ++++++++++++++- CVE-2023/CVE-2023-284xx/CVE-2023-28467.json | 71 +++++++- CVE-2023/CVE-2023-287xx/CVE-2023-28709.json | 89 ++++++++++- CVE-2023/CVE-2023-310xx/CVE-2023-31058.json | 53 +++++- CVE-2023/CVE-2023-314xx/CVE-2023-31453.json | 54 ++++++- CVE-2023/CVE-2023-314xx/CVE-2023-31454.json | 66 +++++++- CVE-2023/CVE-2023-323xx/CVE-2023-32325.json | 59 +++++++ README.md | 47 +++--- 14 files changed, 945 insertions(+), 82 deletions(-) create mode 100644 CVE-2023/CVE-2023-323xx/CVE-2023-32325.json diff --git a/CVE-2022/CVE-2022-466xx/CVE-2022-46680.json b/CVE-2022/CVE-2022-466xx/CVE-2022-46680.json index 8c89ff79743..305551e0cc5 100644 --- a/CVE-2022/CVE-2022-466xx/CVE-2022-46680.json +++ b/CVE-2022/CVE-2022-466xx/CVE-2022-46680.json @@ -2,8 +2,8 @@ "id": "CVE-2022-46680", "sourceIdentifier": "cybersecurity@se.com", "published": "2023-05-22T14:15:09.433", - "lastModified": "2023-05-22T16:15:51.187", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-27T00:54:48.257", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "cybersecurity@se.com", "type": "Secondary", @@ -46,10 +66,153 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:schneider-electric:powerlogic_ion9000_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.0.0", + "matchCriteriaId": "50C920E5-0F21-4DBB-9D0E-424F8C1A9B85" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:schneider-electric:powerlogic_ion9000:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6718EAAA-074D-4807-AC2D-DD0A06D397FB" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:schneider-electric:powerlogic_ion7400_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.0.0", + "matchCriteriaId": "E43DFCA4-7ED0-4E61-872A-ECD08659A52B" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:schneider-electric:powerlogic_ion7400:-:*:*:*:*:*:*:*", + "matchCriteriaId": "C8F28EAA-FC60-4CE0-BD39-DFD3EB88E195" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:schneider-electric:powerlogic_pm8000_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.0.0", + "matchCriteriaId": "4A560510-3A07-4EBB-8E2D-E473EE9B59C9" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:schneider-electric:powerlogic_pm8000:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B16A7BEC-1BED-4A61-A6C9-BF7DB13B998C" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:schneider-electric:powerlogic_ion8650_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "7EFB1251-11AE-4A77-AB68-26D6B58C8F33" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:schneider-electric:powerlogic_ion8650:-:*:*:*:*:*:*:*", + "matchCriteriaId": "FBC3A306-D4F4-4C2A-9D60-DD8F0826AEEC" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:schneider-electric:powerlogic_ion8800_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D1F09F7B-3FFE-4F3A-B79B-3C6B3B718501" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:schneider-electric:powerlogic_ion8800:-:*:*:*:*:*:*:*", + "matchCriteriaId": "46E8E79E-6DA7-4094-9622-3B91D5913493" + } + ] + } + ] + } + ], "references": [ { "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-129-03&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-129-03.pdf", - "source": "cybersecurity@se.com" + "source": "cybersecurity@se.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-237xx/CVE-2023-23759.json b/CVE-2023/CVE-2023-237xx/CVE-2023-23759.json index d843c73a7b4..6cf6391c59b 100644 --- a/CVE-2023/CVE-2023-237xx/CVE-2023-23759.json +++ b/CVE-2023/CVE-2023-237xx/CVE-2023-23759.json @@ -2,16 +2,49 @@ "id": "CVE-2023-23759", "sourceIdentifier": "cve-assign@fb.com", "published": "2023-05-18T22:15:09.597", - "lastModified": "2023-05-19T13:00:09.947", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-27T00:59:33.827", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "There is a vulnerability in the fizz library prior to v2023.01.30.00 where a CHECK failure can be triggered remotely. This behavior requires the client supported cipher advertisement changing between the original ClientHello and the second ClientHello, crashing the process (impact is limited to denial of service)." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-617" + } + ] + }, { "source": "cve-assign@fb.com", "type": "Secondary", @@ -23,14 +56,39 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:facebook:fizz:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.01.30.00", + "matchCriteriaId": "A867776B-F2FD-4862-9D5F-DFEC19C29DB5" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/facebookincubator/fizz/commit/8d3649841597bedfb6986c30431ebad0eb215265", - "source": "cve-assign@fb.com" + "source": "cve-assign@fb.com", + "tags": [ + "Patch" + ] }, { "url": "https://www.facebook.com/security/advisories/cve-2023-23759", - "source": "cve-assign@fb.com" + "source": "cve-assign@fb.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-238xx/CVE-2023-23830.json b/CVE-2023/CVE-2023-238xx/CVE-2023-23830.json index 518bb86af8e..2dac91f0811 100644 --- a/CVE-2023/CVE-2023-238xx/CVE-2023-23830.json +++ b/CVE-2023/CVE-2023-238xx/CVE-2023-23830.json @@ -2,7 +2,7 @@ "id": "CVE-2023-23830", "sourceIdentifier": "audit@patchstack.com", "published": "2023-05-03T16:15:09.717", - "lastModified": "2023-05-08T13:41:15.720", + "lastModified": "2023-05-27T01:51:18.730", "vulnStatus": "Analyzed", "descriptions": [ { @@ -75,9 +75,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:profilepress:profilepress:*:*:*:*:*:wordpress:*:*", + "criteria": "cpe:2.3:a:properfraction:profilepress:*:*:*:*:*:wordpress:*:*", "versionEndExcluding": "4.5.5", - "matchCriteriaId": "B2F5B21D-51F6-49A3-B52A-0B55EC4F87DB" + "matchCriteriaId": "14380D47-A6B3-4466-93DD-7802DF3B3881" } ] } diff --git a/CVE-2023/CVE-2023-270xx/CVE-2023-27066.json b/CVE-2023/CVE-2023-270xx/CVE-2023-27066.json index ab0958545f9..3681556fc80 100644 --- a/CVE-2023/CVE-2023-270xx/CVE-2023-27066.json +++ b/CVE-2023/CVE-2023-270xx/CVE-2023-27066.json @@ -2,23 +2,83 @@ "id": "CVE-2023-27066", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-22T17:15:09.347", - "lastModified": "2023-05-23T13:04:43.693", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-27T01:34:58.670", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Directory Traversal vulnerability in Site Core Experience Platform 10.2 and earlier allows authenticated remote attackers to download arbitrary files via Urlhandle." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:sitecore:experience_platform:*:*:*:*:*:*:*:*", + "versionEndIncluding": "10.2", + "matchCriteriaId": "6B81DCF5-B6B4-48CF-9081-A5F148936AAF" + } + ] + } + ] + } + ], "references": [ { "url": "https://blogs.night-wolf.io/0-day-vulnerabilities-at-sitecore-pagedesigner", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Vendor Advisory" + ] }, { "url": "https://dev.sitecore.net/Downloads/Sitecore%20Experience%20Platform/103/Sitecore%20Experience%20Platform%20103/Release%20Notes", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Release Notes" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-270xx/CVE-2023-27067.json b/CVE-2023/CVE-2023-270xx/CVE-2023-27067.json index 086228ad173..bdd847d4fc3 100644 --- a/CVE-2023/CVE-2023-270xx/CVE-2023-27067.json +++ b/CVE-2023/CVE-2023-270xx/CVE-2023-27067.json @@ -2,23 +2,83 @@ "id": "CVE-2023-27067", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-22T19:15:09.960", - "lastModified": "2023-05-23T13:04:43.693", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-27T01:43:42.960", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Directory Traversal vulnerability in Sitecore Experience Platform through 10.2 allows remote attackers to download arbitrary files via crafted command to download.aspx" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:sitecore:experience_platform:*:*:*:*:*:*:*:*", + "versionEndIncluding": "10.2", + "matchCriteriaId": "6B81DCF5-B6B4-48CF-9081-A5F148936AAF" + } + ] + } + ] + } + ], "references": [ { "url": "https://blogs.night-wolf.io/0-day-vulnerabilities-at-sitecore-pagedesigner", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Vendor Advisory" + ] }, { "url": "https://dev.sitecore.net/Downloads/Sitecore%20Experience%20Platform/103/Sitecore%20Experience%20Platform%20103/Release%20Notes", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Release Notes" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-27xx/CVE-2023-2790.json b/CVE-2023/CVE-2023-27xx/CVE-2023-2790.json index 5c99eb75cd7..73bf31bb8da 100644 --- a/CVE-2023/CVE-2023-27xx/CVE-2023-2790.json +++ b/CVE-2023/CVE-2023-27xx/CVE-2023-2790.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2790", "sourceIdentifier": "cna@vuldb.com", "published": "2023-05-18T13:15:09.603", - "lastModified": "2023-05-18T18:04:44.523", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-27T01:14:11.647", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ], "cvssMetricV30": [ { "source": "cna@vuldb.com", @@ -71,18 +93,59 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:totolink:n200re_firmware:9.3.5u.6255_b20211224:*:*:*:*:*:*:*", + "matchCriteriaId": "7E5F585D-F142-4DBF-B375-E4FBCD8807C5" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:totolink:n200re:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9FF7FF59-DB13-4FEA-A81C-124048BF1676" + } + ] + } + ] + } + ], "references": [ { "url": "https://drive.google.com/file/d/1RITXRvKele5aW42YFk0JeQHCq2B63lUj/view?usp=share_link", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.229374", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?id.229374", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-283xx/CVE-2023-28386.json b/CVE-2023/CVE-2023-283xx/CVE-2023-28386.json index 72d0dedd333..a8a259f0de7 100644 --- a/CVE-2023/CVE-2023-283xx/CVE-2023-28386.json +++ b/CVE-2023/CVE-2023-283xx/CVE-2023-28386.json @@ -2,8 +2,8 @@ "id": "CVE-2023-28386", "sourceIdentifier": "ics-cert@hq.dhs.gov", "published": "2023-05-22T20:15:10.250", - "lastModified": "2023-05-23T13:04:43.693", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-27T01:59:16.440", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "ics-cert@hq.dhs.gov", "type": "Secondary", @@ -36,7 +56,7 @@ }, "weaknesses": [ { - "source": "ics-cert@hq.dhs.gov", + "source": "nvd@nist.gov", "type": "Primary", "description": [ { @@ -44,16 +64,118 @@ "value": "CWE-345" } ] + }, + { + "source": "ics-cert@hq.dhs.gov", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-345" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:snapone:orvc:*:*:*:*:*:pro:*:*", + "versionEndExcluding": "7.3.0", + "matchCriteriaId": "415E3C3D-6B2F-4095-B7F1-E3F777E01172" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:control4:ca-1:-:*:*:*:*:*:*:*", + "matchCriteriaId": "910274AB-35AF-428C-84D7-36774DEB59D8" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:control4:ca-10:-:*:*:*:*:*:*:*", + "matchCriteriaId": "852189C9-7720-468D-BCE0-28DFC051AEDC" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:control4:ea-1:-:*:*:*:*:*:*:*", + "matchCriteriaId": "C61FA2AE-A962-4D60-BBCF-751FDB5215B9" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:control4:ea-3:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B6310809-0890-4113-837C-0074706B4E6B" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:control4:ea-5:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F7ADAAF7-9B0B-4002-8158-FC6B0EAB6055" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:snapone:an-110-rt-2l1w:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B5B50505-B496-4172-813E-CA174EE2D4DF" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:snapone:an-110-rt-2l1w-wifi:-:*:*:*:*:*:*:*", + "matchCriteriaId": "04744281-B935-4272-8582-85C6162881F8" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:snapone:an-310-rt-4l2w:-:*:*:*:*:*:*:*", + "matchCriteriaId": "CCD83E46-F84F-49F8-9601-ABC03292E0F6" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:snapone:ovrc-300-pro:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F5B44DFB-CC8D-4342-907B-D34F9EAB5CEB" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:snapone:pakedge_rk-1:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B2982D38-80BF-4041-9F59-D26C152D24D9" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:snapone:pakedge_rt-3100:-:*:*:*:*:*:*:*", + "matchCriteriaId": "061055F0-D742-4227-ADC2-1793979F9463" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:snapone:pakedge_wr-1:-:*:*:*:*:*:*:*", + "matchCriteriaId": "CF7BD251-BB2F-4C49-8B1E-8EB26580DFDB" + } + ] + } + ] } ], "references": [ { "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-136-01", - "source": "ics-cert@hq.dhs.gov" + "source": "ics-cert@hq.dhs.gov", + "tags": [ + "Third Party Advisory", + "US Government Resource" + ] }, { "url": "https://www.control4.com/docs/product/ovrc-software/release-notes/english/latest/ovrc-software-release-notes-rev-p.pdf", - "source": "ics-cert@hq.dhs.gov" + "source": "ics-cert@hq.dhs.gov", + "tags": [ + "Release Notes" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-284xx/CVE-2023-28467.json b/CVE-2023/CVE-2023-284xx/CVE-2023-28467.json index a3836e11dac..4e06c270db7 100644 --- a/CVE-2023/CVE-2023-284xx/CVE-2023-28467.json +++ b/CVE-2023/CVE-2023-284xx/CVE-2023-28467.json @@ -2,23 +2,84 @@ "id": "CVE-2023-28467", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-22T19:15:10.017", - "lastModified": "2023-05-23T13:04:43.693", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-27T01:49:32.293", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "In MyBB before 1.8.34, there is XSS in the User CP module via the user email field." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mybb:mybb:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.8.34", + "matchCriteriaId": "D7F6C2C7-3E6F-4861-B774-EAA1912EDA23" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/mybb/mybb/security/advisories/GHSA-3q8x-9fh2-v646", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Patch", + "Release Notes", + "Third Party Advisory" + ] }, { "url": "https://mybb.com", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Product" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-287xx/CVE-2023-28709.json b/CVE-2023/CVE-2023-287xx/CVE-2023-28709.json index 80cafd0be1d..352a6e38976 100644 --- a/CVE-2023/CVE-2023-287xx/CVE-2023-28709.json +++ b/CVE-2023/CVE-2023-287xx/CVE-2023-28709.json @@ -2,15 +2,38 @@ "id": "CVE-2023-28709", "sourceIdentifier": "security@apache.org", "published": "2023-05-22T11:15:09.423", - "lastModified": "2023-05-22T15:15:09.530", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-27T00:46:23.903", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "The fix for CVE-2023-24998 was incomplete for Apache Tomcat 11.0.0-M2 to 11.0.0-M4, 10.1.5 to 10.1.7, 9.0.71 to 9.0.73 and 8.5.85 to 8.5.87. If non-default HTTP connector settings were used such that the maxParameterCount\u00a0could be reached using query string parameters and a request was submitted that supplied exactly maxParameterCount parameters\u00a0in the query string, the limit for uploaded request parts could be\u00a0bypassed with the potential for a denial of service to occur.\n\n\n\n\n" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, "weaknesses": [ { "source": "security@apache.org", @@ -23,14 +46,70 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*", + "versionStartIncluding": "8.5.85", + "versionEndIncluding": "8.5.87", + "matchCriteriaId": "7280B285-9594-4E06-BDAF-AF7731FAEC5B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*", + "versionStartIncluding": "9.0.71", + "versionEndIncluding": "9.0.73", + "matchCriteriaId": "47B26F88-1764-45E5-A053-BF5B848074AA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*", + "versionStartIncluding": "10.1.5", + "versionEndIncluding": "10.1.7", + "matchCriteriaId": "CC9BAE63-AF35-4BB3-900C-C56653716362" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:apache:tomcat:11.0.0:milestone2:*:*:*:*:*:*", + "matchCriteriaId": "2AAD52CE-94F5-4F98-A027-9A7E68818CB6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:apache:tomcat:11.0.0:milestone3:*:*:*:*:*:*", + "matchCriteriaId": "F1F981F5-035A-4EDD-8A9F-481EE8BC7FF7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:apache:tomcat:11.0.0:milestone4:*:*:*:*:*:*", + "matchCriteriaId": "03A171AF-2EC8-4422-912C-547CDB58CAAA" + } + ] + } + ] + } + ], "references": [ { "url": "http://www.openwall.com/lists/oss-security/2023/05/22/1", - "source": "security@apache.org" + "source": "security@apache.org", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://lists.apache.org/thread/7wvxonzwb7k9hx9jt3q33cmy7j97jo3j", - "source": "security@apache.org" + "source": "security@apache.org", + "tags": [ + "Mailing List", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-310xx/CVE-2023-31058.json b/CVE-2023/CVE-2023-310xx/CVE-2023-31058.json index 6889ab88fb4..2853e40443b 100644 --- a/CVE-2023/CVE-2023-310xx/CVE-2023-31058.json +++ b/CVE-2023/CVE-2023-310xx/CVE-2023-31058.json @@ -2,15 +2,38 @@ "id": "CVE-2023-31058", "sourceIdentifier": "security@apache.org", "published": "2023-05-22T13:15:09.843", - "lastModified": "2023-05-22T16:15:09.837", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-27T00:48:58.773", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Deserialization of Untrusted Data Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.6.0. Attackers would bypass the\n'autoDeserialize' option filtering by adding\u00a0blanks. Users are advised to upgrade to Apache InLong's 1.7.0 or cherry-pick\u00a0\n\n https://github.com/apache/inlong/pull/7674 https://github.com/apache/inlong/pull/7674 to solve it.\n\n" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, "weaknesses": [ { "source": "security@apache.org", @@ -23,10 +46,32 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:apache:inlong:*:*:*:*:*:*:*:*", + "versionStartIncluding": "1.4.0", + "versionEndIncluding": "1.6.0", + "matchCriteriaId": "4A7AAC7B-2146-46D9-8FD9-DA2B5903BB6E" + } + ] + } + ] + } + ], "references": [ { "url": "https://lists.apache.org/thread/bkcgbn9l61croxfyspf7xd42qb189s3z", - "source": "security@apache.org" + "source": "security@apache.org", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-314xx/CVE-2023-31453.json b/CVE-2023/CVE-2023-314xx/CVE-2023-31453.json index 6715a8a11c2..2e0eea289b7 100644 --- a/CVE-2023/CVE-2023-314xx/CVE-2023-31453.json +++ b/CVE-2023/CVE-2023-314xx/CVE-2023-31453.json @@ -2,15 +2,38 @@ "id": "CVE-2023-31453", "sourceIdentifier": "security@apache.org", "published": "2023-05-22T14:15:09.643", - "lastModified": "2023-05-22T16:15:51.187", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-27T01:20:20.410", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Incorrect Permission Assignment for Critical Resource Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.2.0 through 1.6.0. The\u00a0attacker can delete others' subscriptions, even if they are not the owner\nof the deleted subscription.\u00a0Users are advised to upgrade to Apache InLong's 1.7.0 or cherry-pick [1] to solve it.\n\n[1] \n\n https://github.com/apache/inlong/pull/7949 https://github.com/apache/inlong/pull/7949 \n\n\n\n\n\n\n\n" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, "weaknesses": [ { "source": "security@apache.org", @@ -23,10 +46,33 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:apache:inlong:*:*:*:*:*:*:*:*", + "versionStartIncluding": "1.2.0", + "versionEndIncluding": "1.6.0", + "matchCriteriaId": "F5885ADE-6494-4EB2-BCCA-27499935E80C" + } + ] + } + ] + } + ], "references": [ { "url": "https://lists.apache.org/thread/9nz8o2skgc5230w276h4w92j0zstnl06", - "source": "security@apache.org" + "source": "security@apache.org", + "tags": [ + "Mailing List", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-314xx/CVE-2023-31454.json b/CVE-2023/CVE-2023-314xx/CVE-2023-31454.json index 145ba0997bb..097ec849377 100644 --- a/CVE-2023/CVE-2023-314xx/CVE-2023-31454.json +++ b/CVE-2023/CVE-2023-314xx/CVE-2023-31454.json @@ -2,18 +2,41 @@ "id": "CVE-2023-31454", "sourceIdentifier": "security@apache.org", "published": "2023-05-22T14:15:09.697", - "lastModified": "2023-05-22T16:15:51.187", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-27T01:26:39.903", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Incorrect Permission Assignment for Critical Resource Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.2.0 through 1.6.0.\u00a0\n\nThe attacker can bind any cluster, even if he is not the cluster owner. Users are advised to upgrade to Apache InLong's 1.7.0 or cherry-pick [1] to solve it.[1]\n\n https://github.com/apache/inlong/pull/7947 https://github.com/apache/inlong/pull/7947 \n\n\n\n" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, "weaknesses": [ { - "source": "security@apache.org", + "source": "nvd@nist.gov", "type": "Primary", "description": [ { @@ -21,12 +44,45 @@ "value": "CWE-732" } ] + }, + { + "source": "security@apache.org", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-732" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:apache:inlong:*:*:*:*:*:*:*:*", + "versionStartIncluding": "1.2.0", + "versionEndIncluding": "1.6.0", + "matchCriteriaId": "F5885ADE-6494-4EB2-BCCA-27499935E80C" + } + ] + } + ] } ], "references": [ { "url": "https://lists.apache.org/thread/nqt1tr6pbq8q4b033d7sg5gltx5pmjgl", - "source": "security@apache.org" + "source": "security@apache.org", + "tags": [ + "Mailing List", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32325.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32325.json new file mode 100644 index 00000000000..0c2dc1b1b15 --- /dev/null +++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32325.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2023-32325", + "sourceIdentifier": "security-advisories@github.com", + "published": "2023-05-27T00:15:09.600", + "lastModified": "2023-05-27T00:15:09.600", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "PostHog-js is a library to interface with the PostHog analytics tool. Versions prior to 1.57.2 have the potential for cross-site scripting. Problem has been patched in 1.57.2. Users are advised to upgrade. Users unable to upgrade should ensure that their Content Security Policy is in place." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/PostHog/posthog-js/commit/67e07eb8bb271a3a6f4aa251382e4d25abb385a0", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/PostHog/posthog-js/security/advisories/GHSA-8775-5hwv-wr6v", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 2b1510fa71e..f3cfb396eea 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-05-26T23:55:24.823761+00:00 +2023-05-27T02:00:30.631682+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-05-26T23:36:53.053000+00:00 +2023-05-27T01:59:16.440000+00:00 ``` ### Last Data Feed Release @@ -23,47 +23,38 @@ Repository synchronizes with the NVD every 2 hours. Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/releases/latest) ```plain -2023-05-26T00:00:13.554083+00:00 +2023-05-27T00:00:13.547927+00:00 ``` ### Total Number of included CVEs ```plain -216140 +216141 ``` ### CVEs added in the last Commit -Recently added CVEs: `15` +Recently added CVEs: `1` -* [CVE-2023-21514](CVE-2023/CVE-2023-215xx/CVE-2023-21514.json) (`2023-05-26T22:15:14.377`) -* [CVE-2023-21515](CVE-2023/CVE-2023-215xx/CVE-2023-21515.json) (`2023-05-26T22:15:14.530`) -* [CVE-2023-21516](CVE-2023/CVE-2023-215xx/CVE-2023-21516.json) (`2023-05-26T22:15:14.610`) -* [CVE-2023-27311](CVE-2023/CVE-2023-273xx/CVE-2023-27311.json) (`2023-05-26T22:15:14.680`) -* [CVE-2023-2898](CVE-2023/CVE-2023-28xx/CVE-2023-2898.json) (`2023-05-26T22:15:14.727`) -* [CVE-2023-31128](CVE-2023/CVE-2023-311xx/CVE-2023-31128.json) (`2023-05-26T22:15:14.797`) -* [CVE-2023-32307](CVE-2023/CVE-2023-323xx/CVE-2023-32307.json) (`2023-05-26T23:15:10.127`) -* [CVE-2023-32311](CVE-2023/CVE-2023-323xx/CVE-2023-32311.json) (`2023-05-26T23:15:16.507`) -* [CVE-2023-32315](CVE-2023/CVE-2023-323xx/CVE-2023-32315.json) (`2023-05-26T23:15:16.643`) -* [CVE-2023-32316](CVE-2023/CVE-2023-323xx/CVE-2023-32316.json) (`2023-05-26T23:15:16.727`) -* [CVE-2023-32317](CVE-2023/CVE-2023-323xx/CVE-2023-32317.json) (`2023-05-26T23:15:16.950`) -* [CVE-2023-32319](CVE-2023/CVE-2023-323xx/CVE-2023-32319.json) (`2023-05-26T23:15:17.493`) -* [CVE-2023-32321](CVE-2023/CVE-2023-323xx/CVE-2023-32321.json) (`2023-05-26T23:15:18.010`) -* [CVE-2023-32676](CVE-2023/CVE-2023-326xx/CVE-2023-32676.json) (`2023-05-26T23:15:18.647`) -* [CVE-2023-33199](CVE-2023/CVE-2023-331xx/CVE-2023-33199.json) (`2023-05-26T23:15:18.960`) +* [CVE-2023-32325](CVE-2023/CVE-2023-323xx/CVE-2023-32325.json) (`2023-05-27T00:15:09.600`) ### CVEs modified in the last Commit -Recently modified CVEs: `7` +Recently modified CVEs: `12` -* [CVE-2022-0637](CVE-2022/CVE-2022-06xx/CVE-2022-0637.json) (`2023-05-26T22:15:10.577`) -* [CVE-2022-36326](CVE-2022/CVE-2022-363xx/CVE-2022-36326.json) (`2023-05-26T23:30:48.790`) -* [CVE-2023-24833](CVE-2023/CVE-2023-248xx/CVE-2023-24833.json) (`2023-05-26T23:27:05.690`) -* [CVE-2023-24832](CVE-2023/CVE-2023-248xx/CVE-2023-24832.json) (`2023-05-26T23:29:06.290`) -* [CVE-2023-23556](CVE-2023/CVE-2023-235xx/CVE-2023-23556.json) (`2023-05-26T23:32:28.163`) -* [CVE-2023-25447](CVE-2023/CVE-2023-254xx/CVE-2023-25447.json) (`2023-05-26T23:34:39.147`) -* [CVE-2023-25448](CVE-2023/CVE-2023-254xx/CVE-2023-25448.json) (`2023-05-26T23:36:53.053`) +* [CVE-2022-46680](CVE-2022/CVE-2022-466xx/CVE-2022-46680.json) (`2023-05-27T00:54:48.257`) +* [CVE-2023-28709](CVE-2023/CVE-2023-287xx/CVE-2023-28709.json) (`2023-05-27T00:46:23.903`) +* [CVE-2023-31058](CVE-2023/CVE-2023-310xx/CVE-2023-31058.json) (`2023-05-27T00:48:58.773`) +* [CVE-2023-23759](CVE-2023/CVE-2023-237xx/CVE-2023-23759.json) (`2023-05-27T00:59:33.827`) +* [CVE-2023-2790](CVE-2023/CVE-2023-27xx/CVE-2023-2790.json) (`2023-05-27T01:14:11.647`) +* [CVE-2023-31453](CVE-2023/CVE-2023-314xx/CVE-2023-31453.json) (`2023-05-27T01:20:20.410`) +* [CVE-2023-31454](CVE-2023/CVE-2023-314xx/CVE-2023-31454.json) (`2023-05-27T01:26:39.903`) +* [CVE-2023-27066](CVE-2023/CVE-2023-270xx/CVE-2023-27066.json) (`2023-05-27T01:34:58.670`) +* [CVE-2023-27067](CVE-2023/CVE-2023-270xx/CVE-2023-27067.json) (`2023-05-27T01:43:42.960`) +* [CVE-2023-28467](CVE-2023/CVE-2023-284xx/CVE-2023-28467.json) (`2023-05-27T01:49:32.293`) +* [CVE-2023-23830](CVE-2023/CVE-2023-238xx/CVE-2023-23830.json) (`2023-05-27T01:51:18.730`) +* [CVE-2023-28386](CVE-2023/CVE-2023-283xx/CVE-2023-28386.json) (`2023-05-27T01:59:16.440`) ## Download and Usage