From 36a84e5fe05e4dd4c98f5b8be969c92f371d0064 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Tue, 18 Jul 2023 04:00:45 +0000 Subject: [PATCH] Auto-Update: 2023-07-18T04:00:41.593036+00:00 --- CVE-2020/CVE-2020-366xx/CVE-2020-36695.json | 55 +++++++++++++++ CVE-2021/CVE-2021-430xx/CVE-2021-43072.json | 43 ++++++++++++ CVE-2022/CVE-2022-41xx/CVE-2022-4146.json | 55 +++++++++++++++ CVE-2023/CVE-2023-319xx/CVE-2023-31998.json | 43 ++++++++++++ CVE-2023/CVE-2023-341xx/CVE-2023-34139.json | 4 +- CVE-2023/CVE-2023-341xx/CVE-2023-34142.json | 55 +++++++++++++++ CVE-2023/CVE-2023-341xx/CVE-2023-34143.json | 55 +++++++++++++++ CVE-2023/CVE-2023-34xx/CVE-2023-3403.json | 63 +++++++++++++++++ CVE-2023/CVE-2023-34xx/CVE-2023-3459.json | 63 +++++++++++++++++ CVE-2023/CVE-2023-37xx/CVE-2023-3708.json | 75 +++++++++++++++++++++ CVE-2023/CVE-2023-37xx/CVE-2023-3709.json | 59 ++++++++++++++++ CVE-2023/CVE-2023-37xx/CVE-2023-3713.json | 63 +++++++++++++++++ CVE-2023/CVE-2023-37xx/CVE-2023-3714.json | 67 ++++++++++++++++++ CVE-2023/CVE-2023-384xx/CVE-2023-38434.json | 20 ++++++ README.md | 31 +++++---- 15 files changed, 737 insertions(+), 14 deletions(-) create mode 100644 CVE-2020/CVE-2020-366xx/CVE-2020-36695.json create mode 100644 CVE-2021/CVE-2021-430xx/CVE-2021-43072.json create mode 100644 CVE-2022/CVE-2022-41xx/CVE-2022-4146.json create mode 100644 CVE-2023/CVE-2023-319xx/CVE-2023-31998.json create mode 100644 CVE-2023/CVE-2023-341xx/CVE-2023-34142.json create mode 100644 CVE-2023/CVE-2023-341xx/CVE-2023-34143.json create mode 100644 CVE-2023/CVE-2023-34xx/CVE-2023-3403.json create mode 100644 CVE-2023/CVE-2023-34xx/CVE-2023-3459.json create mode 100644 CVE-2023/CVE-2023-37xx/CVE-2023-3708.json create mode 100644 CVE-2023/CVE-2023-37xx/CVE-2023-3709.json create mode 100644 CVE-2023/CVE-2023-37xx/CVE-2023-3713.json create mode 100644 CVE-2023/CVE-2023-37xx/CVE-2023-3714.json create mode 100644 CVE-2023/CVE-2023-384xx/CVE-2023-38434.json diff --git a/CVE-2020/CVE-2020-366xx/CVE-2020-36695.json b/CVE-2020/CVE-2020-366xx/CVE-2020-36695.json new file mode 100644 index 00000000000..d2b4c1525f7 --- /dev/null +++ b/CVE-2020/CVE-2020-366xx/CVE-2020-36695.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2020-36695", + "sourceIdentifier": "hirt@hitachi.co.jp", + "published": "2023-07-18T03:15:52.963", + "lastModified": "2023-07-18T03:15:52.963", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Incorrect Default Permissions vulnerability in Hitachi Device Manager on Linux (Device Manager Server component), Hitachi Tiered Storage Manager on Linux, Hitachi Replication Manager on Linux, Hitachi Tuning Manager on Linux (Hitachi Tuning Manager server, Hitachi Tuning Manager - Agent for RAID, Hitachi Tuning Manager - Agent for NAS \n\ncomponents), Hitachi Compute Systems Manager on Linux allows File Manipulation.This issue affects Hitachi Device Manager: before 8.8.5-02; Hitachi Tiered Storage Manager: before 8.8.5-02; Hitachi Replication Manager: before 8.8.5-02; Hitachi Tuning Manager: before 8.8.5-02; Hitachi Compute Systems Manager: before 8.8.3-08.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "hirt@hitachi.co.jp", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "HIGH", + "baseScore": 6.6, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 4.7 + } + ] + }, + "weaknesses": [ + { + "source": "hirt@hitachi.co.jp", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-276" + } + ] + } + ], + "references": [ + { + "url": "https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2023-124/index.html", + "source": "hirt@hitachi.co.jp" + } + ] +} \ No newline at end of file diff --git a/CVE-2021/CVE-2021-430xx/CVE-2021-43072.json b/CVE-2021/CVE-2021-430xx/CVE-2021-43072.json new file mode 100644 index 00000000000..c6154a4a6c2 --- /dev/null +++ b/CVE-2021/CVE-2021-430xx/CVE-2021-43072.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2021-43072", + "sourceIdentifier": "psirt@fortinet.com", + "published": "2023-07-18T03:15:54.947", + "lastModified": "2023-07-18T03:15:54.947", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A buffer copy without checking size of input ('classic buffer overflow') in Fortinet FortiAnalyzer version 7.0.2 and below, version 6.4.7 and below, version 6.2.9 and below, version 6.0.11 and below, version 5.6.11 and below, FortiManager version 7.0.2 and below, version 6.4.7 and below, version 6.2.9 and below, version 6.0.11 and below, version 5.6.11 and below, FortiOS version 7.0.0 through 7.0.4, 6.4.0 through 6.4.8, 6.2.0 through 6.2.10, 6.0.x and FortiProxy version 7.0.0 through 7.0.3, 2.0.0 through 2.0.8, 1.2.x, 1.1.x and 1.0.x allows attacker to execute unauthorized code or commands via crafted CLI `execute restore image` and `execute certificate remote` operations with the tFTP protocol." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@fortinet.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 6.7, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.8, + "impactScore": 5.9 + } + ] + }, + "references": [ + { + "url": "https://fortiguard.com/advisory/FG-IR-21-206", + "source": "psirt@fortinet.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-41xx/CVE-2022-4146.json b/CVE-2022/CVE-2022-41xx/CVE-2022-4146.json new file mode 100644 index 00000000000..0522ac0b5d4 --- /dev/null +++ b/CVE-2022/CVE-2022-41xx/CVE-2022-4146.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2022-4146", + "sourceIdentifier": "hirt@hitachi.co.jp", + "published": "2023-07-18T03:15:55.067", + "lastModified": "2023-07-18T03:15:55.067", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Expression Language Injection vulnerability in Hitachi Replication Manager on Windows, Linux, Solaris allows Code Injection.This issue affects Hitachi Replication Manager: before 8.8.5-02.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "hirt@hitachi.co.jp", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.3, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.4 + } + ] + }, + "weaknesses": [ + { + "source": "hirt@hitachi.co.jp", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-917" + } + ] + } + ], + "references": [ + { + "url": "https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2023-123/index.html", + "source": "hirt@hitachi.co.jp" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-319xx/CVE-2023-31998.json b/CVE-2023/CVE-2023-319xx/CVE-2023-31998.json new file mode 100644 index 00000000000..d57f0477907 --- /dev/null +++ b/CVE-2023/CVE-2023-319xx/CVE-2023-31998.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2023-31998", + "sourceIdentifier": "support@hackerone.com", + "published": "2023-07-18T03:15:55.163", + "lastModified": "2023-07-18T03:15:55.163", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A heap overflow vulnerability found in EdgeRouters and Aircubes allows a malicious actor to interrupt UPnP service to said devices." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "support@hackerone.com", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.9, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.2, + "impactScore": 3.6 + } + ] + }, + "references": [ + { + "url": "https://community.ui.com/releases/Security-Advisory-Bulletin-033-033/17f7c7c0-830b-4625-a2ee-e90e514e7b0f", + "source": "support@hackerone.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-341xx/CVE-2023-34139.json b/CVE-2023/CVE-2023-341xx/CVE-2023-34139.json index 518de0fe492..ee134adcca8 100644 --- a/CVE-2023/CVE-2023-341xx/CVE-2023-34139.json +++ b/CVE-2023/CVE-2023-341xx/CVE-2023-34139.json @@ -2,12 +2,12 @@ "id": "CVE-2023-34139", "sourceIdentifier": "security@zyxel.com.tw", "published": "2023-07-17T18:15:09.607", - "lastModified": "2023-07-17T18:58:33.633", + "lastModified": "2023-07-18T03:15:55.260", "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", - "value": "A command injection vulnerability in the Free Time WiFi hotspot feature of in the Zyxel USG FLEX series firmware versions 4.50 through 5.36 Patch 2 and VPN series firmware versions 4.20 through 5.36 Patch 2,\u00a0could allow an unauthenticated, LAN-based attacker to execute some OS commands on an affected device." + "value": "A command injection vulnerability in the Free Time WiFi hotspot feature of the Zyxel USG FLEX series firmware versions 4.50 through 5.36 Patch 2 and VPN series firmware versions 4.20 through 5.36 Patch 2,\u00a0could allow an unauthenticated, LAN-based attacker to execute some OS commands on an affected device." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-341xx/CVE-2023-34142.json b/CVE-2023/CVE-2023-341xx/CVE-2023-34142.json new file mode 100644 index 00000000000..4345661b951 --- /dev/null +++ b/CVE-2023/CVE-2023-341xx/CVE-2023-34142.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-34142", + "sourceIdentifier": "hirt@hitachi.co.jp", + "published": "2023-07-18T03:15:55.427", + "lastModified": "2023-07-18T03:15:55.427", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Cleartext Transmission of Sensitive Information vulnerability in Hitachi Device Manager on Windows, Linux (Device Manager Server, Device Manager Agent, Host Data Collector components) allows Interception.This issue affects Hitachi Device Manager: before 8.8.5-02.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "hirt@hitachi.co.jp", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.0, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 2.2, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "hirt@hitachi.co.jp", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-319" + } + ] + } + ], + "references": [ + { + "url": "https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2023-125/index.html", + "source": "hirt@hitachi.co.jp" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-341xx/CVE-2023-34143.json b/CVE-2023/CVE-2023-341xx/CVE-2023-34143.json new file mode 100644 index 00000000000..80f5b912952 --- /dev/null +++ b/CVE-2023/CVE-2023-341xx/CVE-2023-34143.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-34143", + "sourceIdentifier": "hirt@hitachi.co.jp", + "published": "2023-07-18T03:15:55.510", + "lastModified": "2023-07-18T03:15:55.510", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Validation of Certificate with Host Mismatch vulnerability in Hitachi Device Manager on Windows, Linux (Device Manager Server, Device Manager Agent, Host Data Collector components) allows Man in the Middle Attack.This issue affects Hitachi Device Manager: before 8.8.5-02.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "hirt@hitachi.co.jp", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 5.6, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.2, + "impactScore": 3.4 + } + ] + }, + "weaknesses": [ + { + "source": "hirt@hitachi.co.jp", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-297" + } + ] + } + ], + "references": [ + { + "url": "https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2023-125/index.html", + "source": "hirt@hitachi.co.jp" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-34xx/CVE-2023-3403.json b/CVE-2023/CVE-2023-34xx/CVE-2023-3403.json new file mode 100644 index 00000000000..37033b01945 --- /dev/null +++ b/CVE-2023/CVE-2023-34xx/CVE-2023-3403.json @@ -0,0 +1,63 @@ +{ + "id": "CVE-2023-3403", + "sourceIdentifier": "security@wordfence.com", + "published": "2023-07-18T03:15:55.673", + "lastModified": "2023-07-18T03:15:55.673", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The ProfileGrid plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'pm_upload_csv' function in versions up to, and including, 5.5.1. This makes it possible for authenticated attackers, with subscriber-level permissions or above to import new users and update existing users." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/profilegrid-user-profiles-groups-and-communities/tags/5.4.8/admin/class-profile-magic-admin.php#L1027", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/2938904/profilegrid-user-profiles-groups-and-communities#file0", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b335fc19-2998-4711-8813-6cb68d7447bd?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-34xx/CVE-2023-3459.json b/CVE-2023/CVE-2023-34xx/CVE-2023-3459.json new file mode 100644 index 00000000000..76d206b1e59 --- /dev/null +++ b/CVE-2023/CVE-2023-34xx/CVE-2023-3459.json @@ -0,0 +1,63 @@ +{ + "id": "CVE-2023-3459", + "sourceIdentifier": "security@wordfence.com", + "published": "2023-07-18T03:15:55.793", + "lastModified": "2023-07-18T03:15:55.793", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Export and Import Users and Customers plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'hf_update_customer' function called via an AJAX action in versions up to, and including, 2.4.1. This makes it possible for authenticated attackers, with shop manager-level permissions to change user passwords and potentially take over administrator accounts." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-863" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/users-customers-import-export-for-wp-woocommerce/tags/2.4.1/admin/modules/user/import/import.php#L446", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/2938705/users-customers-import-export-for-wp-woocommerce#file201", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/47337214-9cc3-4b12-bb71-9acbab3649b7?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-37xx/CVE-2023-3708.json b/CVE-2023/CVE-2023-37xx/CVE-2023-3708.json new file mode 100644 index 00000000000..e50b344692c --- /dev/null +++ b/CVE-2023/CVE-2023-37xx/CVE-2023-3708.json @@ -0,0 +1,75 @@ +{ + "id": "CVE-2023-3708", + "sourceIdentifier": "security@wordfence.com", + "published": "2023-07-18T03:15:55.897", + "lastModified": "2023-07-18T03:15:55.897", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Several themes for WordPress by DeoThemes are vulnerable to Reflected Cross-Site Scripting via breadcrumbs in various versions due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://deothemes.com/changelog/medikaid-changelog/", + "source": "security@wordfence.com" + }, + { + "url": "https://themes.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=196755%40nokke&new=196755%40nokke&sfp_email=&sfph_mail=", + "source": "security@wordfence.com" + }, + { + "url": "https://themes.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=196756%40arendelle&new=196756%40arendelle&sfp_email=&sfph_mail=", + "source": "security@wordfence.com" + }, + { + "url": "https://themes.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=196757%40amela&new=196757%40amela&sfp_email=&sfph_mail=", + "source": "security@wordfence.com" + }, + { + "url": "https://themes.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=196758%40everse&new=196758%40everse&sfp_email=&sfph_mail=", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1b8b0f14-f31a-45cd-bb98-0b717059aa80?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-37xx/CVE-2023-3709.json b/CVE-2023/CVE-2023-37xx/CVE-2023-3709.json new file mode 100644 index 00000000000..f4a789a4b5a --- /dev/null +++ b/CVE-2023/CVE-2023-37xx/CVE-2023-3709.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2023-3709", + "sourceIdentifier": "security@wordfence.com", + "published": "2023-07-18T03:15:56.010", + "lastModified": "2023-07-18T03:15:56.010", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Royal Elementor Addons plugin for WordPress is vulnerable to unauthenticated API key disclosure in versions up to, and including, 1.3.70 due to the plugin adding the API key to the source code of any page running the MailChimp block. This makes it possible for unauthenticated attackers to obtain a site's MailChimp API key. We recommend resetting any MailChimp API keys if running a vulnerable version of this plugin with the MailChimp block enabled as the API key may have been compromised." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-200" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2938619%40royal-elementor-addons&new=2936984%40royal-elementor-addons&sfp_email=&sfph_mail=", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/86c9bcf1-c69e-47ca-b74b-8ce6157f520b?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-37xx/CVE-2023-3713.json b/CVE-2023/CVE-2023-37xx/CVE-2023-3713.json new file mode 100644 index 00000000000..0ce5e9f4b57 --- /dev/null +++ b/CVE-2023/CVE-2023-37xx/CVE-2023-3713.json @@ -0,0 +1,63 @@ +{ + "id": "CVE-2023-3713", + "sourceIdentifier": "security@wordfence.com", + "published": "2023-07-18T03:15:56.110", + "lastModified": "2023-07-18T03:15:56.110", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The ProfileGrid plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'profile_magic_check_smtp_connection' function in versions up to, and including, 5.5.1. This makes it possible for authenticated attackers, with subscriber-level permissions or above to update the site options arbitrarily. This can be used by attackers to achieve privilege escalation." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/profilegrid-user-profiles-groups-and-communities/tags/5.4.8/admin/class-profile-magic-admin.php#L599", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/2938904/profilegrid-user-profiles-groups-and-communities#file0", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/473ba791-af99-4aae-99cb-ccf220e443e7?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-37xx/CVE-2023-3714.json b/CVE-2023/CVE-2023-37xx/CVE-2023-3714.json new file mode 100644 index 00000000000..fffd4dfe1d1 --- /dev/null +++ b/CVE-2023/CVE-2023-37xx/CVE-2023-3714.json @@ -0,0 +1,67 @@ +{ + "id": "CVE-2023-3714", + "sourceIdentifier": "security@wordfence.com", + "published": "2023-07-18T03:15:56.207", + "lastModified": "2023-07-18T03:15:56.207", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The ProfileGrid plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'edit_group' handler in versions up to, and including, 5.5.2. This makes it possible for authenticated attackers, with group ownership, to update group options, including the 'associate_role' parameter, which defines the member's role. This issue was partially patched in version 5.5.2 preventing privilege escalation, however, it was fully patched in 5.5.3." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.6, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/profilegrid-user-profiles-groups-and-communities/tags/5.4.8/public/partials/profile-magic-group.php#L80", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/2938904/profilegrid-user-profiles-groups-and-communities#file4", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/2939344/profilegrid-user-profiles-groups-and-communities/trunk/public/partials/profile-magic-group.php", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a4766651-92a6-42c9-81bc-7ea25350f561?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-384xx/CVE-2023-38434.json b/CVE-2023/CVE-2023-384xx/CVE-2023-38434.json new file mode 100644 index 00000000000..5d7f7f9eda8 --- /dev/null +++ b/CVE-2023/CVE-2023-384xx/CVE-2023-38434.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-38434", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-07-18T03:15:55.610", + "lastModified": "2023-07-18T03:15:55.610", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "xHTTP 72f812d has a double free in close_connection in xhttp.c via a malformed HTTP request method." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/cozis/xHTTP/issues/1", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 7b381bfaaa3..4936ca886db 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-07-18T02:00:26.061449+00:00 +2023-07-18T04:00:41.593036+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-07-18T00:15:09.750000+00:00 +2023-07-18T03:15:56.207000+00:00 ``` ### Last Data Feed Release @@ -29,26 +29,33 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -220493 +220506 ``` ### CVEs added in the last Commit -Recently added CVEs: `7` +Recently added CVEs: `13` -* [CVE-2023-38426](CVE-2023/CVE-2023-384xx/CVE-2023-38426.json) (`2023-07-18T00:15:09.483`) -* [CVE-2023-38427](CVE-2023/CVE-2023-384xx/CVE-2023-38427.json) (`2023-07-18T00:15:09.530`) -* [CVE-2023-38428](CVE-2023/CVE-2023-384xx/CVE-2023-38428.json) (`2023-07-18T00:15:09.577`) -* [CVE-2023-38429](CVE-2023/CVE-2023-384xx/CVE-2023-38429.json) (`2023-07-18T00:15:09.620`) -* [CVE-2023-38430](CVE-2023/CVE-2023-384xx/CVE-2023-38430.json) (`2023-07-18T00:15:09.663`) -* [CVE-2023-38431](CVE-2023/CVE-2023-384xx/CVE-2023-38431.json) (`2023-07-18T00:15:09.707`) -* [CVE-2023-38432](CVE-2023/CVE-2023-384xx/CVE-2023-38432.json) (`2023-07-18T00:15:09.750`) +* [CVE-2020-36695](CVE-2020/CVE-2020-366xx/CVE-2020-36695.json) (`2023-07-18T03:15:52.963`) +* [CVE-2021-43072](CVE-2021/CVE-2021-430xx/CVE-2021-43072.json) (`2023-07-18T03:15:54.947`) +* [CVE-2022-4146](CVE-2022/CVE-2022-41xx/CVE-2022-4146.json) (`2023-07-18T03:15:55.067`) +* [CVE-2023-31998](CVE-2023/CVE-2023-319xx/CVE-2023-31998.json) (`2023-07-18T03:15:55.163`) +* [CVE-2023-34142](CVE-2023/CVE-2023-341xx/CVE-2023-34142.json) (`2023-07-18T03:15:55.427`) +* [CVE-2023-34143](CVE-2023/CVE-2023-341xx/CVE-2023-34143.json) (`2023-07-18T03:15:55.510`) +* [CVE-2023-38434](CVE-2023/CVE-2023-384xx/CVE-2023-38434.json) (`2023-07-18T03:15:55.610`) +* [CVE-2023-3403](CVE-2023/CVE-2023-34xx/CVE-2023-3403.json) (`2023-07-18T03:15:55.673`) +* [CVE-2023-3459](CVE-2023/CVE-2023-34xx/CVE-2023-3459.json) (`2023-07-18T03:15:55.793`) +* [CVE-2023-3708](CVE-2023/CVE-2023-37xx/CVE-2023-3708.json) (`2023-07-18T03:15:55.897`) +* [CVE-2023-3709](CVE-2023/CVE-2023-37xx/CVE-2023-3709.json) (`2023-07-18T03:15:56.010`) +* [CVE-2023-3713](CVE-2023/CVE-2023-37xx/CVE-2023-3713.json) (`2023-07-18T03:15:56.110`) +* [CVE-2023-3714](CVE-2023/CVE-2023-37xx/CVE-2023-3714.json) (`2023-07-18T03:15:56.207`) ### CVEs modified in the last Commit -Recently modified CVEs: `0` +Recently modified CVEs: `1` +* [CVE-2023-34139](CVE-2023/CVE-2023-341xx/CVE-2023-34139.json) (`2023-07-18T03:15:55.260`) ## Download and Usage