diff --git a/CVE-2018/CVE-2018-250xx/CVE-2018-25061.json b/CVE-2018/CVE-2018-250xx/CVE-2018-25061.json index c9d8c3847f2..28fcb19f159 100644 --- a/CVE-2018/CVE-2018-250xx/CVE-2018-25061.json +++ b/CVE-2018/CVE-2018-250xx/CVE-2018-25061.json @@ -2,8 +2,8 @@ "id": "CVE-2018-25061", "sourceIdentifier": "cna@vuldb.com", "published": "2022-12-31T20:15:08.817", - "lastModified": "2023-11-07T02:56:28.947", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2023-11-15T03:17:21.437", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -33,7 +33,7 @@ "impactScore": 3.6 }, { - "source": "1af790b2-7ee1-4545-860a-a788eba489b5", + "source": "cna@vuldb.com", "type": "Secondary", "cvssData": { "version": "3.1", @@ -55,7 +55,7 @@ ], "cvssMetricV2": [ { - "source": "1af790b2-7ee1-4545-860a-a788eba489b5", + "source": "cna@vuldb.com", "type": "Secondary", "cvssData": { "version": "2.0", @@ -81,8 +81,8 @@ }, "weaknesses": [ { - "source": "1af790b2-7ee1-4545-860a-a788eba489b5", - "type": "Primary", + "source": "cna@vuldb.com", + "type": "Secondary", "description": [ { "lang": "en", @@ -114,16 +114,14 @@ "url": "https://github.com/christian-bromann/rgb2hex/commit/9e0c38594432edfa64136fdf7bb651835e17c34f", "source": "cna@vuldb.com", "tags": [ - "Patch", - "Third Party Advisory" + "Patch" ] }, { "url": "https://github.com/christian-bromann/rgb2hex/releases/tag/v0.1.6", "source": "cna@vuldb.com", "tags": [ - "Release Notes", - "Third Party Advisory" + "Release Notes" ] }, { diff --git a/CVE-2018/CVE-2018-250xx/CVE-2018-25063.json b/CVE-2018/CVE-2018-250xx/CVE-2018-25063.json index 8f5357dcdc6..b75be4a07c4 100644 --- a/CVE-2018/CVE-2018-250xx/CVE-2018-25063.json +++ b/CVE-2018/CVE-2018-250xx/CVE-2018-25063.json @@ -2,8 +2,8 @@ "id": "CVE-2018-25063", "sourceIdentifier": "cna@vuldb.com", "published": "2023-01-01T09:15:09.780", - "lastModified": "2023-11-07T02:56:29.367", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2023-11-15T03:25:21.917", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -33,7 +33,7 @@ "impactScore": 2.7 }, { - "source": "1af790b2-7ee1-4545-860a-a788eba489b5", + "source": "cna@vuldb.com", "type": "Secondary", "cvssData": { "version": "3.1", @@ -55,7 +55,7 @@ ], "cvssMetricV2": [ { - "source": "1af790b2-7ee1-4545-860a-a788eba489b5", + "source": "cna@vuldb.com", "type": "Secondary", "cvssData": { "version": "2.0", @@ -81,8 +81,8 @@ }, "weaknesses": [ { - "source": "1af790b2-7ee1-4545-860a-a788eba489b5", - "type": "Primary", + "source": "cna@vuldb.com", + "type": "Secondary", "description": [ { "lang": "en", @@ -114,24 +114,21 @@ "url": "https://github.com/zenoss/ZenPacks.zenoss.Dashboard/commit/f462285a0a2d7e1a9255b0820240b94a43b00a44", "source": "cna@vuldb.com", "tags": [ - "Patch", - "Third Party Advisory" + "Patch" ] }, { "url": "https://github.com/zenoss/ZenPacks.zenoss.Dashboard/pull/130", "source": "cna@vuldb.com", "tags": [ - "Patch", - "Third Party Advisory" + "Patch" ] }, { "url": "https://github.com/zenoss/ZenPacks.zenoss.Dashboard/releases/tag/1.3.5", "source": "cna@vuldb.com", "tags": [ - "Release Notes", - "Third Party Advisory" + "Release Notes" ] }, { diff --git a/CVE-2021/CVE-2021-407xx/CVE-2021-40723.json b/CVE-2021/CVE-2021-407xx/CVE-2021-40723.json index a39e9c607a6..c031f4acebe 100644 --- a/CVE-2021/CVE-2021-407xx/CVE-2021-40723.json +++ b/CVE-2021/CVE-2021-407xx/CVE-2021-40723.json @@ -2,12 +2,16 @@ "id": "CVE-2021-40723", "sourceIdentifier": "psirt@adobe.com", "published": "2023-09-07T13:15:07.393", - "lastModified": "2023-09-12T11:55:36.473", + "lastModified": "2023-11-15T03:38:06.733", "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file." + }, + { + "lang": "es", + "value": "Las versiones 2020.013.20074 (y anteriores), 2020.001.30018 (y anteriores) y 2017.011.30188 (y anteriores) de Acrobat Reader DC est\u00e1n afectadas por una vulnerabilidad de lectura fuera de los l\u00edmites que podr\u00eda provocar la divulgaci\u00f3n de memoria confidencial. Un atacante podr\u00eda aprovechar esta vulnerabilidad para omitir mitigaciones como ASLR. La explotaci\u00f3n de este problema requiere la interacci\u00f3n del usuario en el sentido de que una v\u00edctima debe abrir un archivo malicioso." } ], "metrics": { @@ -57,40 +61,40 @@ { "vulnerable": true, "criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:classic:*:*:*", - "versionEndExcluding": "2020.001.30020", - "matchCriteriaId": "EE9E49CD-2265-4628-9E43-678ABDF5224F" + "versionEndExcluding": "20.001.30020", + "matchCriteriaId": "22B4033C-15BF-4A03-8E73-A23359EC85EA" }, { "vulnerable": true, "criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:classic:*:*:*", - "versionStartIncluding": "2020", - "versionEndExcluding": "2020.001.30020", - "matchCriteriaId": "E85C1624-1F47-4C62-A79E-4DCFEDC83A21" + "versionStartIncluding": "20.0", + "versionEndExcluding": "20.001.30020", + "matchCriteriaId": "01E7E69D-19CC-4E96-B861-46E9365E97CD" }, { "vulnerable": true, "criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*", - "versionEndExcluding": "2021.001.20135", - "matchCriteriaId": "A698CE4D-E900-4490-A707-F4A5576D0761" + "versionEndExcluding": "21.001.20135", + "matchCriteriaId": "B24ACA68-A029-45FA-9B56-AA1D31BC7486" }, { "vulnerable": true, "criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:classic:*:*:*", - "versionEndExcluding": "2017.011.30190", - "matchCriteriaId": "6AE4B0AC-4293-453B-9717-AB32F6E7B6E4" + "versionEndExcluding": "17.011.30190", + "matchCriteriaId": "9ADAFEDA-2810-4B7C-9475-3B2BE8F70812" }, { "vulnerable": true, "criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:classic:*:*:*", - "versionStartIncluding": "2020", - "versionEndExcluding": "2020.001.30020", - "matchCriteriaId": "401DDBF5-756F-4D4A-A488-166AF838520B" + "versionStartIncluding": "20.0", + "versionEndExcluding": "20.001.30020", + "matchCriteriaId": "1AEE9144-03DF-4BE9-92C2-605CDDD62C6F" }, { "vulnerable": true, "criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*", - "versionEndExcluding": "2021.001.20135", - "matchCriteriaId": "DBB43106-DEBF-4F46-ADAC-33E394295C67" + "versionEndExcluding": "21.001.20135", + "matchCriteriaId": "23FA6FFE-263D-447D-99B0-C3EE935EAABF" } ] }, diff --git a/CVE-2022/CVE-2022-231xx/CVE-2022-23105.json b/CVE-2022/CVE-2022-231xx/CVE-2022-23105.json index a9b160a367d..f053454f5ec 100644 --- a/CVE-2022/CVE-2022-231xx/CVE-2022-23105.json +++ b/CVE-2022/CVE-2022-231xx/CVE-2022-23105.json @@ -2,8 +2,8 @@ "id": "CVE-2022-23105", "sourceIdentifier": "jenkinsci-cert@googlegroups.com", "published": "2022-01-12T20:15:09.157", - "lastModified": "2023-10-25T18:16:54.963", - "vulnStatus": "Modified", + "lastModified": "2023-11-15T04:03:23.080", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", diff --git a/CVE-2022/CVE-2022-231xx/CVE-2022-23106.json b/CVE-2022/CVE-2022-231xx/CVE-2022-23106.json index 886e479ecea..ead136acecb 100644 --- a/CVE-2022/CVE-2022-231xx/CVE-2022-23106.json +++ b/CVE-2022/CVE-2022-231xx/CVE-2022-23106.json @@ -2,8 +2,8 @@ "id": "CVE-2022-23106", "sourceIdentifier": "jenkinsci-cert@googlegroups.com", "published": "2022-01-12T20:15:09.207", - "lastModified": "2023-10-25T18:16:55.023", - "vulnStatus": "Modified", + "lastModified": "2023-11-15T04:03:18.817", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", diff --git a/CVE-2022/CVE-2022-231xx/CVE-2022-23107.json b/CVE-2022/CVE-2022-231xx/CVE-2022-23107.json index dd0bf310851..4ae87e3bea5 100644 --- a/CVE-2022/CVE-2022-231xx/CVE-2022-23107.json +++ b/CVE-2022/CVE-2022-231xx/CVE-2022-23107.json @@ -2,8 +2,8 @@ "id": "CVE-2022-23107", "sourceIdentifier": "jenkinsci-cert@googlegroups.com", "published": "2022-01-12T20:15:09.257", - "lastModified": "2023-10-25T18:16:55.083", - "vulnStatus": "Modified", + "lastModified": "2023-11-15T04:03:15.320", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", diff --git a/CVE-2022/CVE-2022-231xx/CVE-2022-23108.json b/CVE-2022/CVE-2022-231xx/CVE-2022-23108.json index 9b561716f9b..c8d15e63cb2 100644 --- a/CVE-2022/CVE-2022-231xx/CVE-2022-23108.json +++ b/CVE-2022/CVE-2022-231xx/CVE-2022-23108.json @@ -2,8 +2,8 @@ "id": "CVE-2022-23108", "sourceIdentifier": "jenkinsci-cert@googlegroups.com", "published": "2022-01-12T20:15:09.303", - "lastModified": "2023-10-25T18:16:55.153", - "vulnStatus": "Modified", + "lastModified": "2023-11-15T04:03:02.120", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", diff --git a/CVE-2022/CVE-2022-231xx/CVE-2022-23109.json b/CVE-2022/CVE-2022-231xx/CVE-2022-23109.json index d10c70cc127..c1625427c22 100644 --- a/CVE-2022/CVE-2022-231xx/CVE-2022-23109.json +++ b/CVE-2022/CVE-2022-231xx/CVE-2022-23109.json @@ -2,8 +2,8 @@ "id": "CVE-2022-23109", "sourceIdentifier": "jenkinsci-cert@googlegroups.com", "published": "2022-01-12T20:15:09.347", - "lastModified": "2023-10-25T18:16:55.213", - "vulnStatus": "Modified", + "lastModified": "2023-11-15T03:39:49.603", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", diff --git a/CVE-2022/CVE-2022-231xx/CVE-2022-23110.json b/CVE-2022/CVE-2022-231xx/CVE-2022-23110.json index 3939d29eb4c..b714132184d 100644 --- a/CVE-2022/CVE-2022-231xx/CVE-2022-23110.json +++ b/CVE-2022/CVE-2022-231xx/CVE-2022-23110.json @@ -2,8 +2,8 @@ "id": "CVE-2022-23110", "sourceIdentifier": "jenkinsci-cert@googlegroups.com", "published": "2022-01-12T20:15:09.397", - "lastModified": "2023-10-25T18:16:55.267", - "vulnStatus": "Modified", + "lastModified": "2023-11-15T03:39:44.593", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", diff --git a/CVE-2022/CVE-2022-251xx/CVE-2022-25186.json b/CVE-2022/CVE-2022-251xx/CVE-2022-25186.json index 5c881d67304..418f6bb25fd 100644 --- a/CVE-2022/CVE-2022-251xx/CVE-2022-25186.json +++ b/CVE-2022/CVE-2022-251xx/CVE-2022-25186.json @@ -2,8 +2,8 @@ "id": "CVE-2022-25186", "sourceIdentifier": "jenkinsci-cert@googlegroups.com", "published": "2022-02-15T17:15:09.410", - "lastModified": "2023-10-25T18:16:56.640", - "vulnStatus": "Modified", + "lastModified": "2023-11-15T03:39:13.003", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -99,7 +99,6 @@ "source": "jenkinsci-cert@googlegroups.com", "tags": [ "Issue Tracking", - "Patch", "Vendor Advisory" ] } diff --git a/CVE-2022/CVE-2022-272xx/CVE-2022-27206.json b/CVE-2022/CVE-2022-272xx/CVE-2022-27206.json index 3a4e430f15c..4c8f884285c 100644 --- a/CVE-2022/CVE-2022-272xx/CVE-2022-27206.json +++ b/CVE-2022/CVE-2022-272xx/CVE-2022-27206.json @@ -2,8 +2,8 @@ "id": "CVE-2022-27206", "sourceIdentifier": "jenkinsci-cert@googlegroups.com", "published": "2022-03-15T17:15:11.340", - "lastModified": "2023-10-25T18:16:58.987", - "vulnStatus": "Modified", + "lastModified": "2023-11-15T04:03:30.343", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", diff --git a/CVE-2022/CVE-2022-272xx/CVE-2022-27207.json b/CVE-2022/CVE-2022-272xx/CVE-2022-27207.json index 4c517c05c8b..32ed504deaa 100644 --- a/CVE-2022/CVE-2022-272xx/CVE-2022-27207.json +++ b/CVE-2022/CVE-2022-272xx/CVE-2022-27207.json @@ -2,8 +2,8 @@ "id": "CVE-2022-27207", "sourceIdentifier": "jenkinsci-cert@googlegroups.com", "published": "2022-03-15T17:15:11.557", - "lastModified": "2023-10-25T18:16:59.053", - "vulnStatus": "Modified", + "lastModified": "2023-11-15T04:03:26.583", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-05xx/CVE-2023-0527.json b/CVE-2023/CVE-2023-05xx/CVE-2023-0527.json index 29d5949df2a..3eeddc8f9b4 100644 --- a/CVE-2023/CVE-2023-05xx/CVE-2023-0527.json +++ b/CVE-2023/CVE-2023-05xx/CVE-2023-0527.json @@ -2,8 +2,8 @@ "id": "CVE-2023-0527", "sourceIdentifier": "cna@vuldb.com", "published": "2023-01-27T11:15:12.240", - "lastModified": "2023-11-07T04:00:39.423", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2023-11-15T03:09:54.733", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -33,7 +33,7 @@ "impactScore": 2.7 }, { - "source": "1af790b2-7ee1-4545-860a-a788eba489b5", + "source": "cna@vuldb.com", "type": "Secondary", "cvssData": { "version": "3.1", @@ -55,7 +55,7 @@ ], "cvssMetricV2": [ { - "source": "1af790b2-7ee1-4545-860a-a788eba489b5", + "source": "cna@vuldb.com", "type": "Secondary", "cvssData": { "version": "2.0", @@ -81,8 +81,8 @@ }, "weaknesses": [ { - "source": "1af790b2-7ee1-4545-860a-a788eba489b5", - "type": "Primary", + "source": "cna@vuldb.com", + "type": "Secondary", "description": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-05xx/CVE-2023-0549.json b/CVE-2023/CVE-2023-05xx/CVE-2023-0549.json index 65eca5d8068..ef6a2d50ec6 100644 --- a/CVE-2023/CVE-2023-05xx/CVE-2023-0549.json +++ b/CVE-2023/CVE-2023-05xx/CVE-2023-0549.json @@ -2,8 +2,8 @@ "id": "CVE-2023-0549", "sourceIdentifier": "cna@vuldb.com", "published": "2023-01-27T19:15:10.457", - "lastModified": "2023-11-07T04:00:45.833", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2023-11-15T03:34:32.970", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -33,7 +33,7 @@ "impactScore": 2.7 }, { - "source": "1af790b2-7ee1-4545-860a-a788eba489b5", + "source": "cna@vuldb.com", "type": "Secondary", "cvssData": { "version": "3.1", @@ -55,7 +55,7 @@ ], "cvssMetricV2": [ { - "source": "1af790b2-7ee1-4545-860a-a788eba489b5", + "source": "cna@vuldb.com", "type": "Secondary", "cvssData": { "version": "2.0", @@ -81,8 +81,8 @@ }, "weaknesses": [ { - "source": "1af790b2-7ee1-4545-860a-a788eba489b5", - "type": "Primary", + "source": "cna@vuldb.com", + "type": "Secondary", "description": [ { "lang": "en", @@ -123,16 +123,14 @@ "url": "https://github.com/YAFNET/YAFNET/commit/2237a9d552e258a43570bb478a92a5505e7c8797", "source": "cna@vuldb.com", "tags": [ - "Patch", - "Third Party Advisory" + "Patch" ] }, { "url": "https://github.com/YAFNET/YAFNET/releases/tag/v3.1.11", "source": "cna@vuldb.com", "tags": [ - "Release Notes", - "Third Party Advisory" + "Release Notes" ] }, { diff --git a/CVE-2023/CVE-2023-06xx/CVE-2023-0650.json b/CVE-2023/CVE-2023-06xx/CVE-2023-0650.json index f80469359b5..f605b6f5492 100644 --- a/CVE-2023/CVE-2023-06xx/CVE-2023-0650.json +++ b/CVE-2023/CVE-2023-06xx/CVE-2023-0650.json @@ -2,8 +2,8 @@ "id": "CVE-2023-0650", "sourceIdentifier": "cna@vuldb.com", "published": "2023-02-02T15:17:42.503", - "lastModified": "2023-11-07T04:01:06.900", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2023-11-15T03:15:27.290", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -33,7 +33,7 @@ "impactScore": 2.7 }, { - "source": "1af790b2-7ee1-4545-860a-a788eba489b5", + "source": "cna@vuldb.com", "type": "Secondary", "cvssData": { "version": "3.1", @@ -55,7 +55,7 @@ ], "cvssMetricV2": [ { - "source": "1af790b2-7ee1-4545-860a-a788eba489b5", + "source": "cna@vuldb.com", "type": "Secondary", "cvssData": { "version": "2.0", @@ -81,8 +81,8 @@ }, "weaknesses": [ { - "source": "1af790b2-7ee1-4545-860a-a788eba489b5", - "type": "Primary", + "source": "cna@vuldb.com", + "type": "Secondary", "description": [ { "lang": "en", @@ -123,16 +123,14 @@ "url": "https://github.com/YAFNET/YAFNET/commit/a1442a2bacc3335461b44c250e81f8d99c60735f", "source": "cna@vuldb.com", "tags": [ - "Patch", - "Third Party Advisory" + "Patch" ] }, { "url": "https://github.com/YAFNET/YAFNET/releases/tag/v3.1.12", "source": "cna@vuldb.com", "tags": [ - "Release Notes", - "Third Party Advisory" + "Release Notes" ] }, { diff --git a/CVE-2023/CVE-2023-14xx/CVE-2023-1448.json b/CVE-2023/CVE-2023-14xx/CVE-2023-1448.json index c1712e03d28..8dd50446d9c 100644 --- a/CVE-2023/CVE-2023-14xx/CVE-2023-1448.json +++ b/CVE-2023/CVE-2023-14xx/CVE-2023-1448.json @@ -2,8 +2,8 @@ "id": "CVE-2023-1448", "sourceIdentifier": "cna@vuldb.com", "published": "2023-03-17T07:15:12.093", - "lastModified": "2023-11-07T04:03:39.667", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2023-11-15T03:29:19.863", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -33,7 +33,7 @@ "impactScore": 5.9 }, { - "source": "1af790b2-7ee1-4545-860a-a788eba489b5", + "source": "cna@vuldb.com", "type": "Secondary", "cvssData": { "version": "3.1", @@ -55,7 +55,7 @@ ], "cvssMetricV2": [ { - "source": "1af790b2-7ee1-4545-860a-a788eba489b5", + "source": "cna@vuldb.com", "type": "Secondary", "cvssData": { "version": "2.0", @@ -81,7 +81,7 @@ }, "weaknesses": [ { - "source": "1af790b2-7ee1-4545-860a-a788eba489b5", + "source": "cna@vuldb.com", "type": "Primary", "description": [ { diff --git a/CVE-2023/CVE-2023-14xx/CVE-2023-1449.json b/CVE-2023/CVE-2023-14xx/CVE-2023-1449.json index 4cbcc5ae934..adcb1f4ab0a 100644 --- a/CVE-2023/CVE-2023-14xx/CVE-2023-1449.json +++ b/CVE-2023/CVE-2023-14xx/CVE-2023-1449.json @@ -2,8 +2,8 @@ "id": "CVE-2023-1449", "sourceIdentifier": "cna@vuldb.com", "published": "2023-03-17T07:15:12.347", - "lastModified": "2023-11-07T04:03:40.157", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2023-11-15T03:31:13.100", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -33,7 +33,7 @@ "impactScore": 5.9 }, { - "source": "1af790b2-7ee1-4545-860a-a788eba489b5", + "source": "cna@vuldb.com", "type": "Secondary", "cvssData": { "version": "3.1", @@ -55,7 +55,7 @@ ], "cvssMetricV2": [ { - "source": "1af790b2-7ee1-4545-860a-a788eba489b5", + "source": "cna@vuldb.com", "type": "Secondary", "cvssData": { "version": "2.0", @@ -81,7 +81,7 @@ }, "weaknesses": [ { - "source": "1af790b2-7ee1-4545-860a-a788eba489b5", + "source": "cna@vuldb.com", "type": "Primary", "description": [ { diff --git a/CVE-2023/CVE-2023-14xx/CVE-2023-1452.json b/CVE-2023/CVE-2023-14xx/CVE-2023-1452.json index 8ad175b606e..213a9672c99 100644 --- a/CVE-2023/CVE-2023-14xx/CVE-2023-1452.json +++ b/CVE-2023/CVE-2023-14xx/CVE-2023-1452.json @@ -2,8 +2,8 @@ "id": "CVE-2023-1452", "sourceIdentifier": "cna@vuldb.com", "published": "2023-03-17T07:15:12.947", - "lastModified": "2023-11-07T04:03:41.377", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2023-11-15T03:13:12.457", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -33,7 +33,7 @@ "impactScore": 5.9 }, { - "source": "1af790b2-7ee1-4545-860a-a788eba489b5", + "source": "cna@vuldb.com", "type": "Secondary", "cvssData": { "version": "3.1", @@ -55,7 +55,7 @@ ], "cvssMetricV2": [ { - "source": "1af790b2-7ee1-4545-860a-a788eba489b5", + "source": "cna@vuldb.com", "type": "Secondary", "cvssData": { "version": "2.0", @@ -81,7 +81,7 @@ }, "weaknesses": [ { - "source": "1af790b2-7ee1-4545-860a-a788eba489b5", + "source": "cna@vuldb.com", "type": "Primary", "description": [ { diff --git a/CVE-2023/CVE-2023-220xx/CVE-2023-22053.json b/CVE-2023/CVE-2023-220xx/CVE-2023-22053.json index 165f996ba97..8c3c6351b84 100644 --- a/CVE-2023/CVE-2023-220xx/CVE-2023-22053.json +++ b/CVE-2023/CVE-2023-220xx/CVE-2023-22053.json @@ -2,12 +2,16 @@ "id": "CVE-2023-22053", "sourceIdentifier": "secalert_us@oracle.com", "published": "2023-07-18T21:15:14.913", - "lastModified": "2023-09-16T04:15:22.897", - "vulnStatus": "Modified", + "lastModified": "2023-11-15T03:00:54.377", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Vulnerability in the MySQL Server product of Oracle MySQL (component: Client programs). Supported versions that are affected are 5.7.42 and prior and 8.0.33 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server and unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.1 Base Score 5.9 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H)." + }, + { + "lang": "es", + "value": "Vulnerabilidad en el producto MySQL Server de Oracle MySQL (componente: Programas cliente). Las versiones afectadas son 5.7.42 y anteriores y 8.0.33 y anteriores. Una vulnerabilidad dif\u00edcil de explotar permite a un atacante con pocos privilegios y acceso a la red a trav\u00e9s de m\u00faltiples protocolos comprometer MySQL Server. Los ataques exitosos de esta vulnerabilidad pueden resultar en la capacidad no autorizada de causar un cuelgue o una ca\u00edda frecuentemente repetible (DOS completo) del Servidor MySQL y acceso de lectura no autorizado a un subconjunto de datos accesibles del Servidor MySQL. CVSS 3.1 Base Score 5.9 (Impactos de confidencialidad y disponibilidad). Vector CVSS: (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H)." } ], "metrics": { @@ -55,17 +59,77 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*", + "criteria": "cpe:2.3:a:oracle:mysql_server:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.0.0", "versionEndIncluding": "5.7.42", - "matchCriteriaId": "C5FC5A8D-D1AC-4F6F-AA01-F6244DC44785" + "matchCriteriaId": "1B1E9C6F-8DF3-4801-8590-F01B9857E1CB" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*", + "criteria": "cpe:2.3:a:oracle:mysql_server:*:*:*:*:*:*:*:*", "versionStartIncluding": "8.0.0", - "versionEndIncluding": "8.0.33", - "matchCriteriaId": "7508AB90-7F78-4319-B3F0-D18B874F9AB4" + "versionEndIncluding": "8.0.32", + "matchCriteriaId": "48EF4C61-9020-44C8-B8AF-5CF07A09CCD2" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*", + "matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*", + "matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*", + "matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*", + "matchCriteriaId": "3A756737-1CC4-42C2-A4DF-E1C893B4E2D5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*", + "matchCriteriaId": "B55E8D50-99B4-47EC-86F9-699B67D473CE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F1BE6C1F-2565-4E97-92AA-16563E5660A5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*", + "matchCriteriaId": "5735E553-9731-4AAC-BCFF-989377F817B3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*", + "matchCriteriaId": "BDFB1169-41A0-4A86-8E4F-FDA9730B1E94" } ] } @@ -75,15 +139,27 @@ "references": [ { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C63HAGVLQA6FJNDCHR7CNZZL6VSLILB2/", - "source": "secalert_us@oracle.com" + "source": "secalert_us@oracle.com", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JEHRBBYYTPA4DETOM5XAKGCP37NUTLOA/", - "source": "secalert_us@oracle.com" + "source": "secalert_us@oracle.com", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QYLDK6ODVC4LJSDULLX6Q2YHTFOWABCN/", - "source": "secalert_us@oracle.com" + "source": "secalert_us@oracle.com", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://security.netapp.com/advisory/ntap-20230725-0005/", diff --git a/CVE-2023/CVE-2023-220xx/CVE-2023-22054.json b/CVE-2023/CVE-2023-220xx/CVE-2023-22054.json index 261f56cb5f4..55c5882bb05 100644 --- a/CVE-2023/CVE-2023-220xx/CVE-2023-22054.json +++ b/CVE-2023/CVE-2023-220xx/CVE-2023-22054.json @@ -2,12 +2,16 @@ "id": "CVE-2023-22054", "sourceIdentifier": "secalert_us@oracle.com", "published": "2023-07-18T21:15:14.987", - "lastModified": "2023-09-16T04:15:22.997", - "vulnStatus": "Modified", + "lastModified": "2023-11-15T03:02:24.347", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.33 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)." + }, + { + "lang": "es", + "value": "Vulnerabilidad en el producto MySQL Server de Oracle MySQL (componente: Server: Optimizer). Las versiones afectadas son 8.0.33 y anteriores. Una vulnerabilidad f\u00e1cilmente explotable permite a un atacante con altos privilegios con acceso a la red a trav\u00e9s de m\u00faltiples protocolos comprometer MySQL Server. Los ataques exitosos de esta vulnerabilidad pueden resultar en la capacidad no autorizada de causar un cuelgue o una ca\u00edda frecuentemente repetible (DOS completo) de MySQL Server. CVSS 3.1 Base Score 4.9 (Impactos en la disponibilidad). Vector CVSS: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)." } ], "metrics": { @@ -55,10 +59,70 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*", + "criteria": "cpe:2.3:a:oracle:mysql_server:*:*:*:*:*:*:*:*", "versionStartIncluding": "8.0.0", "versionEndIncluding": "8.0.33", - "matchCriteriaId": "7508AB90-7F78-4319-B3F0-D18B874F9AB4" + "matchCriteriaId": "B45D7F6F-1D87-4081-9643-50B30EFC238D" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*", + "matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*", + "matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*", + "matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*", + "matchCriteriaId": "3A756737-1CC4-42C2-A4DF-E1C893B4E2D5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*", + "matchCriteriaId": "B55E8D50-99B4-47EC-86F9-699B67D473CE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F1BE6C1F-2565-4E97-92AA-16563E5660A5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*", + "matchCriteriaId": "5735E553-9731-4AAC-BCFF-989377F817B3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*", + "matchCriteriaId": "BDFB1169-41A0-4A86-8E4F-FDA9730B1E94" } ] } @@ -68,15 +132,27 @@ "references": [ { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C63HAGVLQA6FJNDCHR7CNZZL6VSLILB2/", - "source": "secalert_us@oracle.com" + "source": "secalert_us@oracle.com", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JEHRBBYYTPA4DETOM5XAKGCP37NUTLOA/", - "source": "secalert_us@oracle.com" + "source": "secalert_us@oracle.com", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QYLDK6ODVC4LJSDULLX6Q2YHTFOWABCN/", - "source": "secalert_us@oracle.com" + "source": "secalert_us@oracle.com", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://security.netapp.com/advisory/ntap-20230725-0005/", diff --git a/CVE-2023/CVE-2023-220xx/CVE-2023-22056.json b/CVE-2023/CVE-2023-220xx/CVE-2023-22056.json index 103a626c34e..f6be4fb75ab 100644 --- a/CVE-2023/CVE-2023-220xx/CVE-2023-22056.json +++ b/CVE-2023/CVE-2023-220xx/CVE-2023-22056.json @@ -2,12 +2,16 @@ "id": "CVE-2023-22056", "sourceIdentifier": "secalert_us@oracle.com", "published": "2023-07-18T21:15:15.130", - "lastModified": "2023-09-16T04:15:23.100", - "vulnStatus": "Modified", + "lastModified": "2023-11-15T03:04:12.430", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.33 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)." + }, + { + "lang": "es", + "value": "Vulnerabilidad en el producto MySQL Server de Oracle MySQL (componente: Server: Optimizer). Las versiones afectadas son 8.0.33 y anteriores. Una vulnerabilidad f\u00e1cilmente explotable permite a un atacante con altos privilegios con acceso a la red a trav\u00e9s de m\u00faltiples protocolos comprometer MySQL Server. Los ataques exitosos de esta vulnerabilidad pueden resultar en la capacidad no autorizada de causar un cuelgue o una ca\u00edda frecuentemente repetible (DOS completo) de MySQL Server. CVSS 3.1 Base Score 4.9 (Impactos en la disponibilidad). Vector CVSS: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)." } ], "metrics": { @@ -55,10 +59,70 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*", + "criteria": "cpe:2.3:a:oracle:mysql_server:*:*:*:*:*:*:*:*", "versionStartIncluding": "8.0.0", "versionEndIncluding": "8.0.33", - "matchCriteriaId": "7508AB90-7F78-4319-B3F0-D18B874F9AB4" + "matchCriteriaId": "B45D7F6F-1D87-4081-9643-50B30EFC238D" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*", + "matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*", + "matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*", + "matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*", + "matchCriteriaId": "3A756737-1CC4-42C2-A4DF-E1C893B4E2D5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*", + "matchCriteriaId": "B55E8D50-99B4-47EC-86F9-699B67D473CE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F1BE6C1F-2565-4E97-92AA-16563E5660A5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*", + "matchCriteriaId": "5735E553-9731-4AAC-BCFF-989377F817B3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*", + "matchCriteriaId": "BDFB1169-41A0-4A86-8E4F-FDA9730B1E94" } ] } @@ -68,15 +132,27 @@ "references": [ { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C63HAGVLQA6FJNDCHR7CNZZL6VSLILB2/", - "source": "secalert_us@oracle.com" + "source": "secalert_us@oracle.com", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JEHRBBYYTPA4DETOM5XAKGCP37NUTLOA/", - "source": "secalert_us@oracle.com" + "source": "secalert_us@oracle.com", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QYLDK6ODVC4LJSDULLX6Q2YHTFOWABCN/", - "source": "secalert_us@oracle.com" + "source": "secalert_us@oracle.com", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://security.netapp.com/advisory/ntap-20230725-0005/", diff --git a/CVE-2023/CVE-2023-220xx/CVE-2023-22057.json b/CVE-2023/CVE-2023-220xx/CVE-2023-22057.json index aae2bfa0363..310c06a6e9b 100644 --- a/CVE-2023/CVE-2023-220xx/CVE-2023-22057.json +++ b/CVE-2023/CVE-2023-220xx/CVE-2023-22057.json @@ -2,12 +2,16 @@ "id": "CVE-2023-22057", "sourceIdentifier": "secalert_us@oracle.com", "published": "2023-07-18T21:15:15.207", - "lastModified": "2023-09-16T04:15:23.197", - "vulnStatus": "Modified", + "lastModified": "2023-11-15T03:07:02.290", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 8.0.33 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)." + }, + { + "lang": "es", + "value": "Vulnerabilidad en el producto MySQL Server de Oracle MySQL (componente: Server: Replication). Las versiones afectadas son 8.0.33 y anteriores. Una vulnerabilidad f\u00e1cilmente explotable permite a un atacante con altos privilegios con acceso a la red a trav\u00e9s de m\u00faltiples protocolos comprometer MySQL Server. Los ataques exitosos de esta vulnerabilidad pueden resultar en la capacidad no autorizada de causar un cuelgue o una ca\u00edda frecuentemente repetible (DOS completo) de MySQL Server. CVSS 3.1 Base Score 4.9 (Impactos en la disponibilidad). Vector CVSS: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)." } ], "metrics": { @@ -55,10 +59,70 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*", + "criteria": "cpe:2.3:a:oracle:mysql_server:*:*:*:*:*:*:*:*", "versionStartIncluding": "8.0.0", "versionEndIncluding": "8.0.33", - "matchCriteriaId": "7508AB90-7F78-4319-B3F0-D18B874F9AB4" + "matchCriteriaId": "B45D7F6F-1D87-4081-9643-50B30EFC238D" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*", + "matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*", + "matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*", + "matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*", + "matchCriteriaId": "3A756737-1CC4-42C2-A4DF-E1C893B4E2D5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*", + "matchCriteriaId": "B55E8D50-99B4-47EC-86F9-699B67D473CE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F1BE6C1F-2565-4E97-92AA-16563E5660A5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*", + "matchCriteriaId": "5735E553-9731-4AAC-BCFF-989377F817B3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*", + "matchCriteriaId": "BDFB1169-41A0-4A86-8E4F-FDA9730B1E94" } ] } @@ -68,15 +132,27 @@ "references": [ { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C63HAGVLQA6FJNDCHR7CNZZL6VSLILB2/", - "source": "secalert_us@oracle.com" + "source": "secalert_us@oracle.com", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JEHRBBYYTPA4DETOM5XAKGCP37NUTLOA/", - "source": "secalert_us@oracle.com" + "source": "secalert_us@oracle.com", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QYLDK6ODVC4LJSDULLX6Q2YHTFOWABCN/", - "source": "secalert_us@oracle.com" + "source": "secalert_us@oracle.com", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://security.netapp.com/advisory/ntap-20230725-0005/", diff --git a/CVE-2023/CVE-2023-220xx/CVE-2023-22058.json b/CVE-2023/CVE-2023-220xx/CVE-2023-22058.json index 60117c0603b..de0c9fb13d0 100644 --- a/CVE-2023/CVE-2023-220xx/CVE-2023-22058.json +++ b/CVE-2023/CVE-2023-220xx/CVE-2023-22058.json @@ -2,12 +2,16 @@ "id": "CVE-2023-22058", "sourceIdentifier": "secalert_us@oracle.com", "published": "2023-07-18T21:15:15.277", - "lastModified": "2023-09-16T04:15:23.307", - "vulnStatus": "Modified", + "lastModified": "2023-11-15T03:08:12.647", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.33 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H)." + }, + { + "lang": "es", + "value": "Vulnerabilidad en el producto MySQL Server de Oracle MySQL (componente: Server: DDL). Las versiones afectadas son 8.0.33 y anteriores. Una vulnerabilidad dif\u00edcil de explotar permite a un atacante con altos privilegios y acceso a la red a trav\u00e9s de m\u00faltiples protocolos comprometer MySQL Server. Los ataques exitosos de esta vulnerabilidad pueden resultar en la capacidad no autorizada de causar un cuelgue o una ca\u00edda frecuentemente repetible (DOS completo) de MySQL Server. Puntuaci\u00f3n base CVSS 3.1 4.4 (Impactos en la disponibilidad). Vector CVSS: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H)." } ], "metrics": { @@ -55,10 +59,70 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*", + "criteria": "cpe:2.3:a:oracle:mysql_server:*:*:*:*:*:*:*:*", "versionStartIncluding": "8.0.0", "versionEndIncluding": "8.0.33", - "matchCriteriaId": "7508AB90-7F78-4319-B3F0-D18B874F9AB4" + "matchCriteriaId": "B45D7F6F-1D87-4081-9643-50B30EFC238D" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*", + "matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*", + "matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*", + "matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*", + "matchCriteriaId": "3A756737-1CC4-42C2-A4DF-E1C893B4E2D5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*", + "matchCriteriaId": "B55E8D50-99B4-47EC-86F9-699B67D473CE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F1BE6C1F-2565-4E97-92AA-16563E5660A5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*", + "matchCriteriaId": "5735E553-9731-4AAC-BCFF-989377F817B3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*", + "matchCriteriaId": "BDFB1169-41A0-4A86-8E4F-FDA9730B1E94" } ] } @@ -68,15 +132,27 @@ "references": [ { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C63HAGVLQA6FJNDCHR7CNZZL6VSLILB2/", - "source": "secalert_us@oracle.com" + "source": "secalert_us@oracle.com", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JEHRBBYYTPA4DETOM5XAKGCP37NUTLOA/", - "source": "secalert_us@oracle.com" + "source": "secalert_us@oracle.com", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QYLDK6ODVC4LJSDULLX6Q2YHTFOWABCN/", - "source": "secalert_us@oracle.com" + "source": "secalert_us@oracle.com", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://security.netapp.com/advisory/ntap-20230725-0005/", diff --git a/CVE-2023/CVE-2023-294xx/CVE-2023-29462.json b/CVE-2023/CVE-2023-294xx/CVE-2023-29462.json index b20f5d73fd3..892f819f8ca 100644 --- a/CVE-2023/CVE-2023-294xx/CVE-2023-29462.json +++ b/CVE-2023/CVE-2023-294xx/CVE-2023-29462.json @@ -2,8 +2,8 @@ "id": "CVE-2023-29462", "sourceIdentifier": "PSIRT@rockwellautomation.com", "published": "2023-05-09T14:15:13.343", - "lastModified": "2023-10-23T18:15:09.830", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2023-11-15T03:11:42.963", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-349xx/CVE-2023-34969.json b/CVE-2023/CVE-2023-349xx/CVE-2023-34969.json index d3b5fc697f3..9fce1d75c90 100644 --- a/CVE-2023/CVE-2023-349xx/CVE-2023-34969.json +++ b/CVE-2023/CVE-2023-349xx/CVE-2023-34969.json @@ -2,8 +2,8 @@ "id": "CVE-2023-34969", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-08T03:15:08.970", - "lastModified": "2023-11-07T04:15:49.353", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2023-11-15T03:26:56.447", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -45,7 +45,7 @@ "description": [ { "lang": "en", - "value": "CWE-400" + "value": "NVD-CWE-noinfo" } ] } @@ -81,6 +81,36 @@ ] } ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*", + "matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", + "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73" + } + ] + } + ] } ], "references": [ @@ -97,11 +127,19 @@ }, { "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00033.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BZYCDRMD7B4XO4HF6C6YTLH4YUD7TANP/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-360xx/CVE-2023-36053.json b/CVE-2023/CVE-2023-360xx/CVE-2023-36053.json index 551e82f79b5..efce826ffec 100644 --- a/CVE-2023/CVE-2023-360xx/CVE-2023-36053.json +++ b/CVE-2023/CVE-2023-360xx/CVE-2023-36053.json @@ -2,8 +2,8 @@ "id": "CVE-2023-36053", "sourceIdentifier": "cve@mitre.org", "published": "2023-07-03T13:15:09.737", - "lastModified": "2023-11-07T04:16:07.047", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2023-11-15T03:18:42.683", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -88,6 +88,36 @@ "vulnerable": true, "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", + "matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*", + "matchCriteriaId": "46D69DCC-AE4D-4EA5-861C-D60951444C6C" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*", + "matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*", + "matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9" } ] } @@ -104,7 +134,10 @@ }, { "url": "https://groups.google.com/forum/#%21forum/django-announce", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Permissions Required" + ] }, { "url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00022.html", @@ -115,15 +148,26 @@ }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NRDGTUN4LTI6HG4TWR3JYLSFVXPZT42A/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XG5DYKPNDCEHJQ3TKPJQO7QGSR4FAYMS/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://www.debian.org/security/2023/dsa-5465", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://www.djangoproject.com/weblog/2023/jul/03/security-releases/", diff --git a/CVE-2023/CVE-2023-360xx/CVE-2023-36054.json b/CVE-2023/CVE-2023-360xx/CVE-2023-36054.json index 3f19f8ecb3c..17f459e1355 100644 --- a/CVE-2023/CVE-2023-360xx/CVE-2023-36054.json +++ b/CVE-2023/CVE-2023-360xx/CVE-2023-36054.json @@ -2,8 +2,8 @@ "id": "CVE-2023-36054", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-07T19:15:09.840", - "lastModified": "2023-10-22T23:15:07.923", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2023-11-15T03:23:27.470", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -72,6 +72,56 @@ ] } ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", + "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*", + "matchCriteriaId": "3A756737-1CC4-42C2-A4DF-E1C893B4E2D5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:netapp:clustered_data_ontap:9.0:-:*:*:*:*:*:*", + "matchCriteriaId": "52DE3DFE-350F-4E83-B425-1D7D47BEF6DA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:netapp:hci:-:*:*:*:*:*:*:*", + "matchCriteriaId": "8A6E548F-62E9-40CB-85DA-FDAA0F0096C6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:netapp:management_services_for_element_software:-:*:*:*:*:*:*:*", + "matchCriteriaId": "86B51137-28D9-41F2-AFA2-3CC22B4954D1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:netapp:ontap_tools:-:*:*:*:*:vmware_vsphere:*:*", + "matchCriteriaId": "CBCC384C-5DF0-41AB-B17B-6E9B6CAE8065" + } + ] + } + ] } ], "references": [ @@ -98,11 +148,18 @@ }, { "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00031.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://security.netapp.com/advisory/ntap-20230908-0004/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://web.mit.edu/kerberos/www/advisories/", diff --git a/CVE-2023/CVE-2023-368xx/CVE-2023-36806.json b/CVE-2023/CVE-2023-368xx/CVE-2023-36806.json index e29e6585261..41b5b9a1d9e 100644 --- a/CVE-2023/CVE-2023-368xx/CVE-2023-36806.json +++ b/CVE-2023/CVE-2023-368xx/CVE-2023-36806.json @@ -2,8 +2,8 @@ "id": "CVE-2023-36806", "sourceIdentifier": "security-advisories@github.com", "published": "2023-07-25T19:15:11.550", - "lastModified": "2023-10-21T01:15:07.817", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2023-11-15T03:21:03.450", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -56,7 +56,7 @@ }, "weaknesses": [ { - "source": "security-advisories@github.com", + "source": "nvd@nist.gov", "type": "Primary", "description": [ { @@ -64,6 +64,16 @@ "value": "CWE-79" } ] + }, + { + "source": "security-advisories@github.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] } ], "configurations": [ @@ -130,7 +140,11 @@ }, { "url": "https://herolab.usd.de/security-advisories/usd-2023-0020/", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-466xx/CVE-2023-46613.json b/CVE-2023/CVE-2023-466xx/CVE-2023-46613.json index e491955a533..542a68e72a2 100644 --- a/CVE-2023/CVE-2023-466xx/CVE-2023-46613.json +++ b/CVE-2023/CVE-2023-466xx/CVE-2023-46613.json @@ -2,15 +2,42 @@ "id": "CVE-2023-46613", "sourceIdentifier": "audit@patchstack.com", "published": "2023-11-08T16:15:10.367", - "lastModified": "2023-11-08T17:25:02.317", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-15T03:37:23.457", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Jens Kuerschner Add to Calendar Button plugin <=\u00a01.5.1 versions." + }, + { + "lang": "es", + "value": "Vulnerabilidad de Cross-Site Scripting (XSS) Autenticada (con permisos de colaboradores o superiores) Almacenada en el complemento Jens Kuerschner Add to Calendar Button en versiones <= 1.5.1." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, "weaknesses": [ { "source": "audit@patchstack.com", @@ -23,10 +50,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:add-to-calendar-button:add_to_calendar_button:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "1.5.1", + "matchCriteriaId": "D4F958E6-BAD6-4A1D-A128-EB322ED0EEF4" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/add-to-calendar-button/wordpress-add-to-calendar-button-plugin-1-5-1-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-59xx/CVE-2023-5984.json b/CVE-2023/CVE-2023-59xx/CVE-2023-5984.json new file mode 100644 index 00000000000..68a90113de2 --- /dev/null +++ b/CVE-2023/CVE-2023-59xx/CVE-2023-5984.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-5984", + "sourceIdentifier": "cybersecurity@se.com", + "published": "2023-11-15T04:15:19.043", + "lastModified": "2023-11-15T04:15:19.043", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "\nA CWE-494 Download of Code Without Integrity Check vulnerability exists that could allow\nmodified firmware to be uploaded when an authorized admin user begins a firmware update\nprocedure.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cybersecurity@se.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "cybersecurity@se.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-494" + } + ] + } + ], + "references": [ + { + "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-318-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-318-01.pdf", + "source": "cybersecurity@se.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-59xx/CVE-2023-5985.json b/CVE-2023/CVE-2023-59xx/CVE-2023-5985.json new file mode 100644 index 00000000000..e01fe3e5c8d --- /dev/null +++ b/CVE-2023/CVE-2023-59xx/CVE-2023-5985.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-5985", + "sourceIdentifier": "cybersecurity@se.com", + "published": "2023-11-15T04:15:19.290", + "lastModified": "2023-11-15T04:15:19.290", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "\n\n\nA CWE-79 Improper Neutralization of Input During Web Page Generation vulnerability\nexists that could cause compromise of a user\u2019s browser when an attacker with admin privileges\nhas modified system values.\n\n\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cybersecurity@se.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "cybersecurity@se.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-318-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-318-01.pdf", + "source": "cybersecurity@se.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-59xx/CVE-2023-5986.json b/CVE-2023/CVE-2023-59xx/CVE-2023-5986.json new file mode 100644 index 00000000000..25f9932347e --- /dev/null +++ b/CVE-2023/CVE-2023-59xx/CVE-2023-5986.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-5986", + "sourceIdentifier": "cybersecurity@se.com", + "published": "2023-11-15T04:15:19.487", + "lastModified": "2023-11-15T04:15:19.487", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "\nA CWE-601 URL Redirection to Untrusted Site vulnerability exists that could cause an openredirect vulnerability leading to a cross site scripting attack. By providing a URL-encoded input\nattackers can cause the software\u2019s web application to redirect to the chosen domain after a\nsuccessful login is performed. \n\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cybersecurity@se.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 8.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 4.7 + } + ] + }, + "weaknesses": [ + { + "source": "cybersecurity@se.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-601" + } + ] + } + ], + "references": [ + { + "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-318-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-318-02.pdf", + "source": "cybersecurity@se.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-59xx/CVE-2023-5987.json b/CVE-2023/CVE-2023-59xx/CVE-2023-5987.json new file mode 100644 index 00000000000..b3e1263389d --- /dev/null +++ b/CVE-2023/CVE-2023-59xx/CVE-2023-5987.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-5987", + "sourceIdentifier": "cybersecurity@se.com", + "published": "2023-11-15T04:15:19.700", + "lastModified": "2023-11-15T04:15:19.700", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "\nA CWE-79 Improper Neutralization of Input During Web Page Generation (Cross-site Scripting)\nvulnerability that could cause a vulnerability leading to a cross site scripting condition where\nattackers can have a victim\u2019s browser run arbitrary JavaScript when they visit a page containing\nthe injected payload.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cybersecurity@se.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "cybersecurity@se.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-318-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-318-02.pdf", + "source": "cybersecurity@se.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-60xx/CVE-2023-6032.json b/CVE-2023/CVE-2023-60xx/CVE-2023-6032.json new file mode 100644 index 00000000000..018dd0188e8 --- /dev/null +++ b/CVE-2023/CVE-2023-60xx/CVE-2023-6032.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-6032", + "sourceIdentifier": "cybersecurity@se.com", + "published": "2023-11-15T04:15:19.890", + "lastModified": "2023-11-15T04:15:19.890", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "\nA CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')\nvulnerability exists that could cause a file system enumeration and file download when an\nattacker navigates to the Network Management Card via HTTPS.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cybersecurity@se.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "cybersecurity@se.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + } + ], + "references": [ + { + "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-318-03&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-318-03.pdf", + "source": "cybersecurity@se.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index c1175242097..96d287c6399 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-11-15T03:00:18.661954+00:00 +2023-11-15T05:00:19.007766+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-11-15T02:59:01.443000+00:00 +2023-11-15T04:15:19.890000+00:00 ``` ### Last Data Feed Release @@ -29,48 +29,49 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -230822 +230827 ``` ### CVEs added in the last Commit -Recently added CVEs: `4` +Recently added CVEs: `5` -* [CVE-2023-43979](CVE-2023/CVE-2023-439xx/CVE-2023-43979.json) (`2023-11-15T01:15:07.760`) -* [CVE-2023-47308](CVE-2023/CVE-2023-473xx/CVE-2023-47308.json) (`2023-11-15T01:15:07.810`) -* [CVE-2023-47309](CVE-2023/CVE-2023-473xx/CVE-2023-47309.json) (`2023-11-15T01:15:07.860`) -* [CVE-2023-47678](CVE-2023/CVE-2023-476xx/CVE-2023-47678.json) (`2023-11-15T02:15:06.800`) +* [CVE-2023-5984](CVE-2023/CVE-2023-59xx/CVE-2023-5984.json) (`2023-11-15T04:15:19.043`) +* [CVE-2023-5985](CVE-2023/CVE-2023-59xx/CVE-2023-5985.json) (`2023-11-15T04:15:19.290`) +* [CVE-2023-5986](CVE-2023/CVE-2023-59xx/CVE-2023-5986.json) (`2023-11-15T04:15:19.487`) +* [CVE-2023-5987](CVE-2023/CVE-2023-59xx/CVE-2023-5987.json) (`2023-11-15T04:15:19.700`) +* [CVE-2023-6032](CVE-2023/CVE-2023-60xx/CVE-2023-6032.json) (`2023-11-15T04:15:19.890`) ### CVEs modified in the last Commit -Recently modified CVEs: `90` +Recently modified CVEs: `29` -* [CVE-2023-31100](CVE-2023/CVE-2023-311xx/CVE-2023-31100.json) (`2023-11-15T02:28:40.150`) -* [CVE-2023-35080](CVE-2023/CVE-2023-350xx/CVE-2023-35080.json) (`2023-11-15T02:28:40.150`) -* [CVE-2023-38043](CVE-2023/CVE-2023-380xx/CVE-2023-38043.json) (`2023-11-15T02:28:40.150`) -* [CVE-2023-38543](CVE-2023/CVE-2023-385xx/CVE-2023-38543.json) (`2023-11-15T02:28:40.150`) -* [CVE-2023-38544](CVE-2023/CVE-2023-385xx/CVE-2023-38544.json) (`2023-11-15T02:28:40.150`) -* [CVE-2023-39335](CVE-2023/CVE-2023-393xx/CVE-2023-39335.json) (`2023-11-15T02:28:40.150`) -* [CVE-2023-39337](CVE-2023/CVE-2023-393xx/CVE-2023-39337.json) (`2023-11-15T02:28:40.150`) -* [CVE-2023-41718](CVE-2023/CVE-2023-417xx/CVE-2023-41718.json) (`2023-11-15T02:28:40.150`) -* [CVE-2023-43582](CVE-2023/CVE-2023-435xx/CVE-2023-43582.json) (`2023-11-15T02:28:40.150`) -* [CVE-2023-43588](CVE-2023/CVE-2023-435xx/CVE-2023-43588.json) (`2023-11-15T02:28:40.150`) -* [CVE-2023-43590](CVE-2023/CVE-2023-435xx/CVE-2023-43590.json) (`2023-11-15T02:28:40.150`) -* [CVE-2023-43591](CVE-2023/CVE-2023-435xx/CVE-2023-43591.json) (`2023-11-15T02:28:40.150`) -* [CVE-2023-46121](CVE-2023/CVE-2023-461xx/CVE-2023-46121.json) (`2023-11-15T02:28:40.150`) -* [CVE-2023-5535](CVE-2023/CVE-2023-55xx/CVE-2023-5535.json) (`2023-11-15T02:31:02.843`) -* [CVE-2023-5441](CVE-2023/CVE-2023-54xx/CVE-2023-5441.json) (`2023-11-15T02:33:52.560`) -* [CVE-2023-2476](CVE-2023/CVE-2023-24xx/CVE-2023-2476.json) (`2023-11-15T02:38:36.243`) -* [CVE-2023-2667](CVE-2023/CVE-2023-26xx/CVE-2023-2667.json) (`2023-11-15T02:40:56.260`) -* [CVE-2023-2980](CVE-2023/CVE-2023-29xx/CVE-2023-2980.json) (`2023-11-15T02:44:13.553`) -* [CVE-2023-2981](CVE-2023/CVE-2023-29xx/CVE-2023-2981.json) (`2023-11-15T02:46:54.210`) -* [CVE-2023-34256](CVE-2023/CVE-2023-342xx/CVE-2023-34256.json) (`2023-11-15T02:51:56.783`) -* [CVE-2023-33225](CVE-2023/CVE-2023-332xx/CVE-2023-33225.json) (`2023-11-15T02:54:12.713`) -* [CVE-2023-21268](CVE-2023/CVE-2023-212xx/CVE-2023-21268.json) (`2023-11-15T02:55:56.537`) -* [CVE-2023-21946](CVE-2023/CVE-2023-219xx/CVE-2023-21946.json) (`2023-11-15T02:56:53.250`) -* [CVE-2023-21947](CVE-2023/CVE-2023-219xx/CVE-2023-21947.json) (`2023-11-15T02:58:21.247`) -* [CVE-2023-21953](CVE-2023/CVE-2023-219xx/CVE-2023-21953.json) (`2023-11-15T02:59:01.443`) +* [CVE-2022-23110](CVE-2022/CVE-2022-231xx/CVE-2022-23110.json) (`2023-11-15T03:39:44.593`) +* [CVE-2022-23109](CVE-2022/CVE-2022-231xx/CVE-2022-23109.json) (`2023-11-15T03:39:49.603`) +* [CVE-2022-23108](CVE-2022/CVE-2022-231xx/CVE-2022-23108.json) (`2023-11-15T04:03:02.120`) +* [CVE-2022-23107](CVE-2022/CVE-2022-231xx/CVE-2022-23107.json) (`2023-11-15T04:03:15.320`) +* [CVE-2022-23106](CVE-2022/CVE-2022-231xx/CVE-2022-23106.json) (`2023-11-15T04:03:18.817`) +* [CVE-2022-23105](CVE-2022/CVE-2022-231xx/CVE-2022-23105.json) (`2023-11-15T04:03:23.080`) +* [CVE-2022-27207](CVE-2022/CVE-2022-272xx/CVE-2022-27207.json) (`2023-11-15T04:03:26.583`) +* [CVE-2022-27206](CVE-2022/CVE-2022-272xx/CVE-2022-27206.json) (`2023-11-15T04:03:30.343`) +* [CVE-2023-22053](CVE-2023/CVE-2023-220xx/CVE-2023-22053.json) (`2023-11-15T03:00:54.377`) +* [CVE-2023-22054](CVE-2023/CVE-2023-220xx/CVE-2023-22054.json) (`2023-11-15T03:02:24.347`) +* [CVE-2023-22056](CVE-2023/CVE-2023-220xx/CVE-2023-22056.json) (`2023-11-15T03:04:12.430`) +* [CVE-2023-22057](CVE-2023/CVE-2023-220xx/CVE-2023-22057.json) (`2023-11-15T03:07:02.290`) +* [CVE-2023-22058](CVE-2023/CVE-2023-220xx/CVE-2023-22058.json) (`2023-11-15T03:08:12.647`) +* [CVE-2023-0527](CVE-2023/CVE-2023-05xx/CVE-2023-0527.json) (`2023-11-15T03:09:54.733`) +* [CVE-2023-29462](CVE-2023/CVE-2023-294xx/CVE-2023-29462.json) (`2023-11-15T03:11:42.963`) +* [CVE-2023-1452](CVE-2023/CVE-2023-14xx/CVE-2023-1452.json) (`2023-11-15T03:13:12.457`) +* [CVE-2023-0650](CVE-2023/CVE-2023-06xx/CVE-2023-0650.json) (`2023-11-15T03:15:27.290`) +* [CVE-2023-36053](CVE-2023/CVE-2023-360xx/CVE-2023-36053.json) (`2023-11-15T03:18:42.683`) +* [CVE-2023-36806](CVE-2023/CVE-2023-368xx/CVE-2023-36806.json) (`2023-11-15T03:21:03.450`) +* [CVE-2023-36054](CVE-2023/CVE-2023-360xx/CVE-2023-36054.json) (`2023-11-15T03:23:27.470`) +* [CVE-2023-34969](CVE-2023/CVE-2023-349xx/CVE-2023-34969.json) (`2023-11-15T03:26:56.447`) +* [CVE-2023-1448](CVE-2023/CVE-2023-14xx/CVE-2023-1448.json) (`2023-11-15T03:29:19.863`) +* [CVE-2023-1449](CVE-2023/CVE-2023-14xx/CVE-2023-1449.json) (`2023-11-15T03:31:13.100`) +* [CVE-2023-0549](CVE-2023/CVE-2023-05xx/CVE-2023-0549.json) (`2023-11-15T03:34:32.970`) +* [CVE-2023-46613](CVE-2023/CVE-2023-466xx/CVE-2023-46613.json) (`2023-11-15T03:37:23.457`) ## Download and Usage