admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-09-17 18:45:49 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-07-25T20:00:29.768653+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-07-25 20:00:33 +00:00
parent 9ad865c552
commit 379254fc70
81 changed files with 11997 additions and 304 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

94
CVE-2022/CVE-2022-248xx/CVE-2022-24834.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-24834",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-07-13T15:15:08.817",
"lastModified": "2023-07-19T06:15:09.627",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-25T18:56:46.823",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -50,18 +70,82 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redis:redis:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.6.0",
"versionEndExcluding": "6.0.20",
"matchCriteriaId": "7EDA4B28-D31F-47E6-96C5-52D7DEA90A93"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redis:redis:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2.0",
"versionEndExcluding": "6.2.13",
"matchCriteriaId": "736E2D4B-3CA2-4E14-9971-422998AA570E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redis:redis:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.0.0",
"versionEndExcluding": "7.0.12",
"matchCriteriaId": "661F8BF5-5B21-47DB-9571-59408CDF5048"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
"matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/redis/redis/security/advisories/GHSA-p8x2-9v9q-c838",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MIF5MAGYARYUMRFK7PQI7HYXMK2HZE5T/",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TDNNH2ONMVNBQ6LUIAOAGDNFPKXNST5K/",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
}
]
}

10
CVE-2022/CVE-2022-417xx/CVE-2022-41717.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-41717",
"sourceIdentifier": "security@golang.org",
"published": "2022-12-08T20:15:10.330",
"lastModified": "2023-07-04T03:15:09.137",
"lastModified": "2023-07-25T19:15:10.913",
"vulnStatus": "Modified",
"descriptions": [
{
@ -111,6 +111,14 @@
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NQGNAXK3YBPMUP3J4TECIRDHFGW37522/",
"source": "security@golang.org"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PUM4DIVOLJCBK5ZDP4LJOL24GXT3YSIR/",
"source": "security@golang.org"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QBKBAZBIOXZV5QCFHZNSVXULR32XJCYD/",
"source": "security@golang.org"

68
CVE-2022/CVE-2022-420xx/CVE-2022-42045.json
View File

@ -2,19 +2,79 @@
"id": "CVE-2022-42045",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-13T19:15:09.057",
"lastModified": "2023-07-14T12:47:32.250",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-25T18:54:52.357",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Certain Zemana products are vulnerable to Arbitrary code injection. This affects Watchdog Anti-Malware 4.1.422 and Zemana AntiMalware 3.2.28."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:watchdog:anti-virus:4.1.422:*:*:*:*:*:*:*",
"matchCriteriaId": "12BC69E4-5670-4036-8BF2-40A4BB821C09"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zemana:antimalware:3.2.28:*:*:*:*:*:*:*",
"matchCriteriaId": "0618A6BC-4C8A-4DE7-AC45-B53B440E9E4C"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/ReCryptLLC/CVE-2022-42045/tree/main",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

94
CVE-2023/CVE-2023-209xx/CVE-2023-20918.json
View File

@ -2,31 +2,111 @@
"id": "CVE-2023-20918",
"sourceIdentifier": "security@android.com",
"published": "2023-07-13T00:15:23.317",
"lastModified": "2023-07-13T08:32:09.673",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-25T18:02:46.967",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In getPendingIntentLaunchFlags of ActivityOptions.java, there is a possible elevation of privilege due to a confused deputy with no additional execution privileges needed. User interaction is not needed for exploitation.\n\n"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C64C1583-CDE0-4C1F-BDE6-05643C1BDD72"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469"
}
]
}
]
}
],
"references": [
{
"url": "https://android.googlesource.com/platform/frameworks/base/+/16c604aa7c253ce5cf075368a258c0b21386160d",
"source": "security@android.com"
"source": "security@android.com",
"tags": [
"Patch"
]
},
{
"url": "https://android.googlesource.com/platform/frameworks/base/+/51051de4eb40bb502db448084a83fd6cbfb7d3cf",
"source": "security@android.com"
"source": "security@android.com",
"tags": [
"Patch"
]
},
{
"url": "https://android.googlesource.com/platform/frameworks/base/+/8418e3a017428683d173c0c82b0eb02d5b923a4e",
"source": "security@android.com"
"source": "security@android.com",
"tags": [
"Patch"
]
},
{
"url": "https://source.android.com/security/bulletin/2023-07-01",
"source": "security@android.com"
"source": "security@android.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

73
CVE-2023/CVE-2023-20xx/CVE-2023-2003.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2003",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2023-07-13T12:15:09.317",
"lastModified": "2023-07-17T11:15:09.393",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-25T19:01:17.603",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
},
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
@ -46,14 +76,49 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:unitronicsplc:vision1210_firmware:4.3:build_5:*:*:*:*:*:*",
"matchCriteriaId": "DC8B7EE5-B15D-45DE-BCF6-73D2D207029B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unitronicsplc:vision1210:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FE3119A-2567-4524-9083-82F49216700D"
}
]
}
]
}
],
"references": [
{
"url": "https://www.hackplayers.com/2023/07/vulnerabilidad-vision1210-unitronics.html",
"source": "cve-coordination@incibe.es"
"source": "cve-coordination@incibe.es",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso-sci/embedded-malicious-code-vulnerability-unitronics-vision1210",
"source": "cve-coordination@incibe.es"
"source": "cve-coordination@incibe.es",
"tags": [
"Third Party Advisory"
]
}
]
}

84
CVE-2023/CVE-2023-211xx/CVE-2023-21145.json
View File

@ -2,23 +2,97 @@
"id": "CVE-2023-21145",
"sourceIdentifier": "security@android.com",
"published": "2023-07-13T00:15:23.413",
"lastModified": "2023-07-13T08:32:09.673",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-25T18:01:22.643",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In updatePictureInPictureMode of ActivityRecord.java, there is a possible bypass of background launch restrictions due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.\n\n"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C64C1583-CDE0-4C1F-BDE6-05643C1BDD72"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469"
}
]
}
]
}
],
"references": [
{
"url": "https://android.googlesource.com/platform/frameworks/base/+/44aeef1b82ecf21187d4903c9e3666a118bdeaf3",
"source": "security@android.com"
"source": "security@android.com",
"tags": [
"Patch"
]
},
{
"url": "https://source.android.com/security/bulletin/2023-07-01",
"source": "security@android.com"
"source": "security@android.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

84
CVE-2023/CVE-2023-212xx/CVE-2023-21238.json
View File

@ -2,23 +2,97 @@
"id": "CVE-2023-21238",
"sourceIdentifier": "security@android.com",
"published": "2023-07-13T00:15:23.457",
"lastModified": "2023-07-13T08:32:09.673",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-25T18:01:59.637",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In visitUris of RemoteViews.java, there is a possible leak of images between users due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.\n\n"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C64C1583-CDE0-4C1F-BDE6-05643C1BDD72"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469"
}
]
}
]
}
],
"references": [
{
"url": "https://android.googlesource.com/platform/frameworks/base/+/91bfcbbd87886049778142618a655352b16cd911",
"source": "security@android.com"
"source": "security@android.com",
"tags": [
"Patch"
]
},
{
"url": "https://source.android.com/security/bulletin/2023-07-01",
"source": "security@android.com"
"source": "security@android.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

79
CVE-2023/CVE-2023-212xx/CVE-2023-21239.json
View File

@ -2,23 +2,92 @@
"id": "CVE-2023-21239",
"sourceIdentifier": "security@android.com",
"published": "2023-07-13T00:15:23.503",
"lastModified": "2023-07-13T08:32:09.673",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-25T18:02:14.360",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In visitUris of Notification.java, there is a possible way to leak image data across user boundaries due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.\n\n"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C64C1583-CDE0-4C1F-BDE6-05643C1BDD72"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469"
}
]
}
]
}
],
"references": [
{
"url": "https://android.googlesource.com/platform/frameworks/base/+/c451aa5710e1da19139eb3716e39a5d6f04de5c2",
"source": "security@android.com"
"source": "security@android.com",
"tags": [
"Patch"
]
},
{
"url": "https://source.android.com/security/bulletin/2023-07-01",
"source": "security@android.com"
"source": "security@android.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

45
CVE-2023/CVE-2023-219xx/CVE-2023-21950.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-21950",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2023-07-18T21:15:11.453",
"lastModified": "2023-07-25T15:15:11.017",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-07-25T19:25:20.693",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -34,14 +34,51 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.0.0",
"versionEndIncluding": "8.0.27",
"matchCriteriaId": "ED25BF02-509D-48F6-A955-9126DC1B6AA0"
}
]
}
]
}
],
"references": [
{
"url": "https://security.netapp.com/advisory/ntap-20230725-0005/",
"source": "secalert_us@oracle.com"
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.oracle.com/security-alerts/cpujul2023.html",
"source": "secalert_us@oracle.com"
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
]
}
]
}

45
CVE-2023/CVE-2023-220xx/CVE-2023-22005.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-22005",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2023-07-18T21:15:11.997",
"lastModified": "2023-07-25T15:15:11.203",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-07-25T19:24:46.737",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -34,14 +34,51 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.0.0",
"versionEndIncluding": "8.0.33",
"matchCriteriaId": "7508AB90-7F78-4319-B3F0-D18B874F9AB4"
}
]
}
]
}
],
"references": [
{
"url": "https://security.netapp.com/advisory/ntap-20230725-0005/",
"source": "secalert_us@oracle.com"
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.oracle.com/security-alerts/cpujul2023.html",
"source": "secalert_us@oracle.com"
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
]
}
]
}

52
CVE-2023/CVE-2023-220xx/CVE-2023-22007.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-22007",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2023-07-18T21:15:12.147",
"lastModified": "2023-07-25T15:15:11.477",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-07-25T19:24:25.677",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -34,14 +34,58 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.0.0",
"versionEndIncluding": "5.7.41",
"matchCriteriaId": "FE1F2132-B023-455E-ADCF-ED40F1B04A9D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.0.0",
"versionEndIncluding": "8.0.32",
"matchCriteriaId": "9B03E711-1254-4CBD-B2B5-F947248C2A53"
}
]
}
]
}
],
"references": [
{
"url": "https://security.netapp.com/advisory/ntap-20230725-0005/",
"source": "secalert_us@oracle.com"
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.oracle.com/security-alerts/cpujul2023.html",
"source": "secalert_us@oracle.com"
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
]
}
]
}

45
CVE-2023/CVE-2023-220xx/CVE-2023-22008.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-22008",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2023-07-18T21:15:12.213",
"lastModified": "2023-07-25T15:15:11.587",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-07-25T19:23:57.457",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -34,14 +34,51 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.0.0",
"versionEndIncluding": "8.0.33",
"matchCriteriaId": "7508AB90-7F78-4319-B3F0-D18B874F9AB4"
}
]
}
]
}
],
"references": [
{
"url": "https://security.netapp.com/advisory/ntap-20230725-0005/",
"source": "secalert_us@oracle.com"
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.oracle.com/security-alerts/cpujul2023.html",
"source": "secalert_us@oracle.com"
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
]
}
]
}

45
CVE-2023/CVE-2023-220xx/CVE-2023-22033.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-22033",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2023-07-18T21:15:13.373",
"lastModified": "2023-07-25T15:15:11.683",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-07-25T19:23:31.577",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -34,14 +34,51 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.0.0",
"versionEndIncluding": "8.0.33",
"matchCriteriaId": "7508AB90-7F78-4319-B3F0-D18B874F9AB4"
}
]
}
]
}
],
"references": [
{
"url": "https://security.netapp.com/advisory/ntap-20230725-0005/",
"source": "secalert_us@oracle.com"
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.oracle.com/security-alerts/cpujul2023.html",
"source": "secalert_us@oracle.com"
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
]
}
]
}

45
CVE-2023/CVE-2023-220xx/CVE-2023-22038.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-22038",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2023-07-18T21:15:13.737",
"lastModified": "2023-07-25T15:15:11.877",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-07-25T19:28:07.100",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -34,14 +34,51 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.0.0",
"versionEndIncluding": "8.0.33",
"matchCriteriaId": "7508AB90-7F78-4319-B3F0-D18B874F9AB4"
}
]
}
]
}
],
"references": [
{
"url": "https://security.netapp.com/advisory/ntap-20230725-0005/",
"source": "secalert_us@oracle.com"
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.oracle.com/security-alerts/cpujul2023.html",
"source": "secalert_us@oracle.com"
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
]
}
]
}

45
CVE-2023/CVE-2023-220xx/CVE-2023-22046.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-22046",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2023-07-18T21:15:14.343",
"lastModified": "2023-07-25T15:15:12.340",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-07-25T19:27:45.300",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -34,14 +34,51 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.0.0",
"versionEndIncluding": "8.0.33",
"matchCriteriaId": "7508AB90-7F78-4319-B3F0-D18B874F9AB4"
}
]
}
]
}
],
"references": [
{
"url": "https://security.netapp.com/advisory/ntap-20230725-0005/",
"source": "secalert_us@oracle.com"
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.oracle.com/security-alerts/cpujul2023.html",
"source": "secalert_us@oracle.com"
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
]
}
]
}

45
CVE-2023/CVE-2023-220xx/CVE-2023-22048.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-22048",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2023-07-18T21:15:14.493",
"lastModified": "2023-07-25T15:15:12.470",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-07-25T19:26:57.163",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -34,14 +34,51 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.0.0",
"versionEndIncluding": "8.0.33",
"matchCriteriaId": "7508AB90-7F78-4319-B3F0-D18B874F9AB4"
}
]
}
]
}
],
"references": [
{
"url": "https://security.netapp.com/advisory/ntap-20230725-0005/",
"source": "secalert_us@oracle.com"
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.oracle.com/security-alerts/cpujul2023.html",
"source": "secalert_us@oracle.com"
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
]
}
]
}

52
CVE-2023/CVE-2023-220xx/CVE-2023-22053.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-22053",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2023-07-18T21:15:14.913",
"lastModified": "2023-07-25T15:15:12.657",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-07-25T19:26:36.587",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -34,14 +34,58 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.0.0",
"versionEndIncluding": "5.7.42",
"matchCriteriaId": "C5FC5A8D-D1AC-4F6F-AA01-F6244DC44785"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.0.0",
"versionEndIncluding": "8.0.33",
"matchCriteriaId": "7508AB90-7F78-4319-B3F0-D18B874F9AB4"
}
]
}
]
}
],
"references": [
{
"url": "https://security.netapp.com/advisory/ntap-20230725-0005/",
"source": "secalert_us@oracle.com"
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.oracle.com/security-alerts/cpujul2023.html",
"source": "secalert_us@oracle.com"
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
]
}
]
}

45
CVE-2023/CVE-2023-220xx/CVE-2023-22054.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-22054",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2023-07-18T21:15:14.987",
"lastModified": "2023-07-25T15:15:12.763",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-07-25T19:30:25.787",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -34,14 +34,51 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.0.0",
"versionEndIncluding": "8.0.33",
"matchCriteriaId": "7508AB90-7F78-4319-B3F0-D18B874F9AB4"
}
]
}
]
}
],
"references": [
{
"url": "https://security.netapp.com/advisory/ntap-20230725-0005/",
"source": "secalert_us@oracle.com"
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.oracle.com/security-alerts/cpujul2023.html",
"source": "secalert_us@oracle.com"
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
]
}
]
}

45
CVE-2023/CVE-2023-220xx/CVE-2023-22056.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-22056",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2023-07-18T21:15:15.130",
"lastModified": "2023-07-25T15:15:12.867",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-07-25T19:30:37.157",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -34,14 +34,51 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.0.0",
"versionEndIncluding": "8.0.33",
"matchCriteriaId": "7508AB90-7F78-4319-B3F0-D18B874F9AB4"
}
]
}
]
}
],
"references": [
{
"url": "https://security.netapp.com/advisory/ntap-20230725-0005/",
"source": "secalert_us@oracle.com"
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.oracle.com/security-alerts/cpujul2023.html",
"source": "secalert_us@oracle.com"
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
]
}
]
}

45
CVE-2023/CVE-2023-220xx/CVE-2023-22057.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-22057",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2023-07-18T21:15:15.207",
"lastModified": "2023-07-25T15:15:12.963",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-07-25T19:30:48.877",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -34,14 +34,51 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.0.0",
"versionEndIncluding": "8.0.33",
"matchCriteriaId": "7508AB90-7F78-4319-B3F0-D18B874F9AB4"
}
]
}
]
}
],
"references": [
{
"url": "https://security.netapp.com/advisory/ntap-20230725-0005/",
"source": "secalert_us@oracle.com"
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.oracle.com/security-alerts/cpujul2023.html",
"source": "secalert_us@oracle.com"
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
]
}
]
}

45
CVE-2023/CVE-2023-220xx/CVE-2023-22058.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-22058",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2023-07-18T21:15:15.277",
"lastModified": "2023-07-25T15:15:13.063",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-07-25T19:33:36.430",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -34,14 +34,51 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.0.0",
"versionEndIncluding": "8.0.33",
"matchCriteriaId": "7508AB90-7F78-4319-B3F0-D18B874F9AB4"
}
]
}
]
}
],
"references": [
{
"url": "https://security.netapp.com/advisory/ntap-20230725-0005/",
"source": "secalert_us@oracle.com"
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.oracle.com/security-alerts/cpujul2023.html",
"source": "secalert_us@oracle.com"
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
]
}
]
}

98
CVE-2023/CVE-2023-257xx/CVE-2023-25770.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-25770",
"sourceIdentifier": "psirt@honeywell.com",
"published": "2023-07-13T11:15:09.183",
"lastModified": "2023-07-13T12:51:14.383",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-25T18:59:24.170",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "psirt@honeywell.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-502"
}
]
},
{
"source": "psirt@honeywell.com",
"type": "Secondary",
@ -46,10 +76,72 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:honeywell:c300_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "501.1",
"versionEndIncluding": "501.6hf8",
"matchCriteriaId": "C8B1523A-A717-4BE3-97B1-5634188EAAF9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:honeywell:c300_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "510.1",
"versionEndIncluding": "510.2hf12",
"matchCriteriaId": "F01D307E-1DD4-4B16-A1EF-81503E5C7CF1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:honeywell:c300_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "511.1",
"versionEndIncluding": "511.5tcu3",
"matchCriteriaId": "1AAAF640-4704-4BEA-AB36-911B08227497"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:honeywell:c300_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "520.1",
"versionEndIncluding": "520.1tcu4",
"matchCriteriaId": "254FC5F7-6F70-4E38-95B8-E0042AB3321F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:honeywell:c300_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "520.2",
"versionEndIncluding": "520.2tcu2",
"matchCriteriaId": "F075CA91-AFC8-4463-9D02-BE45F98E4840"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:honeywell:c300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CEA14D67-E320-490E-92E6-CC135EBBA245"
}
]
}
]
}
],
"references": [
{
"url": "https://process.honeywell.com",
"source": "psirt@honeywell.com"
"source": "psirt@honeywell.com",
"tags": [
"Product"
]
}
]
}

193
CVE-2023/CVE-2023-259xx/CVE-2023-25948.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-25948",
"sourceIdentifier": "psirt@honeywell.com",
"published": "2023-07-13T12:15:09.187",
"lastModified": "2023-07-13T12:51:14.383",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-25T19:00:33.003",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "psirt@honeywell.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-209"
}
]
},
{
"source": "psirt@honeywell.com",
"type": "Secondary",
@ -46,10 +76,167 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:honeywell:experion_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "501.1",
"versionEndIncluding": "501.6hf8",
"matchCriteriaId": "DED6EB36-056C-422C-9C6E-9EDE45DDB5F9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:honeywell:experion_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "510.1",
"versionEndIncluding": "510.2hf12",
"matchCriteriaId": "0511367E-4C62-44C9-BFF9-84E969562A9F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:honeywell:experion_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "511.1",
"versionEndIncluding": "511.5tcu3",
"matchCriteriaId": "3A2EAD5D-9B56-4F09-A25B-E98671AE52AC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:honeywell:experion_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "520.1",
"versionEndIncluding": "520.1tcu4",
"matchCriteriaId": "E9EAE3B9-6173-4568-962A-C472F593FC47"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:honeywell:experion_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "520.2",
"versionEndIncluding": "520.2tcu2",
"matchCriteriaId": "29DFE287-6206-46E2-9118-9159EC44748E"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:honeywell:experion_station:*:*:*:*:*:*:*:*",
"versionStartIncluding": "501.1",
"versionEndIncluding": "501.6hf8",
"matchCriteriaId": "A34A2DF5-19BC-4823-8DD3-54C50EA43B65"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:honeywell:experion_station:*:*:*:*:*:*:*:*",
"versionStartIncluding": "510.1",
"versionEndIncluding": "510.2hf12",
"matchCriteriaId": "0FCC07AA-C8CC-4C69-8011-988932D2F0FB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:honeywell:experion_station:*:*:*:*:*:*:*:*",
"versionStartIncluding": "511.1",
"versionEndIncluding": "511.5tcu3",
"matchCriteriaId": "90CA038F-5C1A-46FF-9EA3-7606B3FF703C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:honeywell:experion_station:*:*:*:*:*:*:*:*",
"versionStartIncluding": "520.1",
"versionEndIncluding": "520.1tcu4",
"matchCriteriaId": "F9BAC831-F60D-4010-8EE9-8A741244CB9B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:honeywell:experion_station:*:*:*:*:*:*:*:*",
"versionStartIncluding": "520.2",
"versionEndIncluding": "520.2tcu2",
"matchCriteriaId": "D1B32781-B0B3-4C74-882B-1DF622DEC11C"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:honeywell:engineering_station:*:*:*:*:*:*:*:*",
"versionStartIncluding": "510.1",
"versionEndIncluding": "511.tcu3",
"matchCriteriaId": "3147FD0E-091B-4096-87D1-C006E3667F6B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:honeywell:engineering_station:*:*:*:*:*:*:*:*",
"versionStartIncluding": "520.1",
"versionEndIncluding": "520.1tcu4",
"matchCriteriaId": "96A06B44-5738-4A77-98EB-DAB61C07A6D5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:honeywell:engineering_station:*:*:*:*:*:*:*:*",
"versionStartIncluding": "520.2",
"versionEndIncluding": "520.2tcu2",
"matchCriteriaId": "177013AA-A2F8-4FC4-82AC-79A6A7196767"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:honeywell:direct_station:*:*:*:*:*:*:*:*",
"versionStartIncluding": "510.1",
"versionEndIncluding": "511.tcu3",
"matchCriteriaId": "F5F7E4E9-50A2-427F-9945-2A83F4D8C62D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:honeywell:direct_station:*:*:*:*:*:*:*:*",
"versionStartIncluding": "520.1",
"versionEndIncluding": "520.1tcu4",
"matchCriteriaId": "6ABEC6C0-CF74-49E3-88BA-5D06484DFAA8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:honeywell:direct_station:*:*:*:*:*:*:*:*",
"versionStartIncluding": "520.2",
"versionEndIncluding": "520.2tcu2",
"matchCriteriaId": "BD33B3A2-FC18-4BE6-98A7-88D06339EE28"
}
]
}
]
}
],
"references": [
{
"url": "https://process.honeywell.com",
"source": "psirt@honeywell.com"
"source": "psirt@honeywell.com",
"tags": [
"Product"
]
}
]
}

98
CVE-2023/CVE-2023-265xx/CVE-2023-26597.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-26597",
"sourceIdentifier": "psirt@honeywell.com",
"published": "2023-07-13T12:15:09.253",
"lastModified": "2023-07-13T12:51:14.383",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-25T19:00:44.870",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "psirt@honeywell.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "psirt@honeywell.com",
"type": "Secondary",
@ -46,10 +76,72 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:honeywell:c300_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "501.1",
"versionEndIncluding": "501.6hf8",
"matchCriteriaId": "C8B1523A-A717-4BE3-97B1-5634188EAAF9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:honeywell:c300_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "510.1",
"versionEndIncluding": "510.2hf12",
"matchCriteriaId": "F01D307E-1DD4-4B16-A1EF-81503E5C7CF1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:honeywell:c300_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "511.1",
"versionEndIncluding": "511.5tcu3",
"matchCriteriaId": "1AAAF640-4704-4BEA-AB36-911B08227497"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:honeywell:c300_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "520.1",
"versionEndIncluding": "520.1tcu4",
"matchCriteriaId": "254FC5F7-6F70-4E38-95B8-E0042AB3321F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:honeywell:c300_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "520.2",
"versionEndIncluding": "520.2tcu2",
"matchCriteriaId": "F075CA91-AFC8-4463-9D02-BE45F98E4840"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:honeywell:c300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CEA14D67-E320-490E-92E6-CC135EBBA245"
}
]
}
]
}
],
"references": [
{
"url": "https://process.honeywell.com",
"source": "psirt@honeywell.com"
"source": "psirt@honeywell.com",
"tags": [
"Product"
]
}
]
}

55
CVE-2023/CVE-2023-26xx/CVE-2023-2626.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-2626",
"sourceIdentifier": "cve-coordination@google.com",
"published": "2023-07-25T18:15:10.690",
"lastModified": "2023-07-25T18:15:10.690",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "There exists an authentication bypass vulnerability in OpenThread border router devices and implementations.\u00a0This issue allows unauthenticated nodes to craft radio frames using \u201cKey ID Mode 2\u201d: a special mode using a static encryption key to bypass security checks, resulting in arbitrary IP packets being allowed on the Thread network.\n This provides a pathway for an attacker to send/receive arbitrary IPv6 packets to devices on the LAN, potentially exploiting them if they lack additional authentication or contain any network vulnerabilities that would normally be mitigated by the home router\u2019s NAT firewall. Effected devices have been mitigated through an automatic update beyond the affected range.\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve-coordination@google.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.6,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "cve-coordination@google.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
}
],
"references": [
{
"url": "https://support.google.com/product-documentation/answer/13588832?hl=en&ref_topic=12974021&sjid=7833436865896465963-NA#zippy=%2Cnest-wifi",
"source": "cve-coordination@google.com"
}
]
}

6132
CVE-2023/CVE-2023-299xx/CVE-2023-29984.json
View File

File diff suppressed because it is too large Load Diff

69
CVE-2023/CVE-2023-305xx/CVE-2023-30559.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30559",
"sourceIdentifier": "cybersecurity@bd.com",
"published": "2023-07-13T18:15:09.293",
"lastModified": "2023-07-13T19:15:09.120",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-25T18:55:06.657",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "HIGH",
"baseScore": 5.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.9,
"impactScore": 4.7
},
{
"source": "cybersecurity@bd.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
},
{
"source": "cybersecurity@bd.com",
"type": "Secondary",
@ -46,10 +76,43 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:bd:alaris_8015_pcu_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "12.1.3",
"matchCriteriaId": "F594B01D-BC1A-46AE-9251-F4BBAE6178D5"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bd:alaris_8015_pcu:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5909B9D0-07A7-4AA1-8FF4-CE6DEBCE14DA"
}
]
}
]
}
],
"references": [
{
"url": "https://www.bd.com/en-us/about-bd/cybersecurity/bulletin/bd-alaris-system-with-guardrails-suite-mx",
"source": "cybersecurity@bd.com"
"source": "cybersecurity@bd.com",
"tags": [
"Vendor Advisory"
]
}
]
}

69
CVE-2023/CVE-2023-305xx/CVE-2023-30560.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30560",
"sourceIdentifier": "cybersecurity@bd.com",
"published": "2023-07-13T19:15:09.197",
"lastModified": "2023-07-14T12:47:32.250",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-25T18:53:34.590",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9
},
{
"source": "cybersecurity@bd.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
},
{
"source": "cybersecurity@bd.com",
"type": "Secondary",
@ -46,10 +76,43 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:bd:alaris_8015_pcu_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "12.1.3",
"matchCriteriaId": "F594B01D-BC1A-46AE-9251-F4BBAE6178D5"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bd:alaris_8015_pcu:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5909B9D0-07A7-4AA1-8FF4-CE6DEBCE14DA"
}
]
}
]
}
],
"references": [
{
"url": "https://www.bd.com/en-us/about-bd/cybersecurity/bulletin/bd-alaris-system-with-guardrails-suite-mx",
"source": "cybersecurity@bd.com"
"source": "cybersecurity@bd.com",
"tags": [
"Vendor Advisory"
]
}
]
}

70
CVE-2023/CVE-2023-305xx/CVE-2023-30561.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30561",
"sourceIdentifier": "cybersecurity@bd.com",
"published": "2023-07-13T20:15:09.013",
"lastModified": "2023-07-14T12:47:26.623",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-25T18:51:56.870",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.9,
"impactScore": 5.2
},
{
"source": "cybersecurity@bd.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-311"
}
]
},
{
"source": "cybersecurity@bd.com",
"type": "Secondary",
@ -46,10 +76,44 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:bd:alaris_8015_pcu_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "12.1.3",
"matchCriteriaId": "F594B01D-BC1A-46AE-9251-F4BBAE6178D5"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bd:alaris_8015_pcu:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5909B9D0-07A7-4AA1-8FF4-CE6DEBCE14DA"
}
]
}
]
}
],
"references": [
{
"url": "https://www.bd.com/en-us/about-bd/cybersecurity/bulletin/bd-alaris-system-with-guardrails-suite-mx",
"source": "cybersecurity@bd.com"
"source": "cybersecurity@bd.com",
"tags": [
"Mitigation",
"Vendor Advisory"
]
}
]
}

58
CVE-2023/CVE-2023-305xx/CVE-2023-30562.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30562",
"sourceIdentifier": "cybersecurity@bd.com",
"published": "2023-07-13T20:15:09.080",
"lastModified": "2023-07-14T12:47:26.623",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-25T18:47:10.843",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.5,
"impactScore": 5.2
},
{
"source": "cybersecurity@bd.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-345"
}
]
},
{
"source": "cybersecurity@bd.com",
"type": "Secondary",
@ -46,10 +76,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bd:alaris_guardrails_editor:*:*:*:*:*:*:*:*",
"versionEndIncluding": "12.1.2",
"matchCriteriaId": "B29B969E-C9E9-4E21-9340-9776964B2CE2"
}
]
}
]
}
],
"references": [
{
"url": "https://www.bd.com/en-us/about-bd/cybersecurity/bulletin/bd-alaris-system-with-guardrails-suite-mx",
"source": "cybersecurity@bd.com"
"source": "cybersecurity@bd.com",
"tags": [
"Mitigation",
"Vendor Advisory"
]
}
]
}

58
CVE-2023/CVE-2023-305xx/CVE-2023-30563.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30563",
"sourceIdentifier": "cybersecurity@bd.com",
"published": "2023-07-13T20:15:09.143",
"lastModified": "2023-07-14T12:47:26.623",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-25T18:45:55.723",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 4.7
},
{
"source": "cybersecurity@bd.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "cybersecurity@bd.com",
"type": "Secondary",
@ -46,10 +76,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bd:alaris_systems_manager:*:*:*:*:*:*:*:*",
"versionEndIncluding": "12.3",
"matchCriteriaId": "87213183-05A4-4B91-B127-20E861A4482B"
}
]
}
]
}
],
"references": [
{
"url": "https://www.bd.com/en-us/about-bd/cybersecurity/bulletin/bd-alaris-system-with-guardrails-suite-mx",
"source": "cybersecurity@bd.com"
"source": "cybersecurity@bd.com",
"tags": [
"Mitigation",
"Vendor Advisory"
]
}
]
}

58
CVE-2023/CVE-2023-305xx/CVE-2023-30564.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30564",
"sourceIdentifier": "cybersecurity@bd.com",
"published": "2023-07-13T20:15:09.200",
"lastModified": "2023-07-14T12:47:26.623",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-25T18:43:44.077",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 4.7
},
{
"source": "cybersecurity@bd.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "cybersecurity@bd.com",
"type": "Secondary",
@ -46,10 +76,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bd:alaris_systems_manager:*:*:*:*:*:*:*:*",
"versionEndIncluding": "12.3",
"matchCriteriaId": "87213183-05A4-4B91-B127-20E861A4482B"
}
]
}
]
}
],
"references": [
{
"url": "https://www.bd.com/en-us/about-bd/cybersecurity/bulletin/bd-alaris-system-with-guardrails-suite-mx",
"source": "cybersecurity@bd.com"
"source": "cybersecurity@bd.com",
"tags": [
"Mitigation",
"Vendor Advisory"
]
}
]
}

58
CVE-2023/CVE-2023-305xx/CVE-2023-30565.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30565",
"sourceIdentifier": "cybersecurity@bd.com",
"published": "2023-07-13T20:15:09.260",
"lastModified": "2023-07-14T12:47:26.623",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-25T18:40:50.133",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW"
},
"exploitabilityScore": 2.1,
"impactScore": 1.4
},
{
"source": "cybersecurity@bd.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-319"
}
]
},
{
"source": "cybersecurity@bd.com",
"type": "Secondary",
@ -50,10 +80,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bd:guardrails_cqi_reporter:*:*:*:*:*:*:*:*",
"versionEndIncluding": "10.17",
"matchCriteriaId": "655314BD-CC12-4C62-8FAB-3E49E2AFFF13"
}
]
}
]
}
],
"references": [
{
"url": "https://www.bd.com/en-us/about-bd/cybersecurity/bulletin/bd-alaris-system-with-guardrails-suite-mx",
"source": "cybersecurity@bd.com"
"source": "cybersecurity@bd.com",
"tags": [
"Mitigation",
"Vendor Advisory"
]
}
]
}

74
CVE-2023/CVE-2023-318xx/CVE-2023-31819.json
View File

@ -2,27 +2,89 @@
"id": "CVE-2023-31819",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-13T14:15:09.113",
"lastModified": "2023-07-13T18:33:06.503",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-25T19:03:18.877",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue found in KEISEI STORE Co, Ltd. LIVRE KEISEI v.13.6.1 allows a remote attacker to gain access to sensitive information via the channel access token in the miniapp function."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-311"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:livre:keisei_store:13.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B08F4B57-45D2-4DF7-A150-69C0E6150C9F"
}
]
}
]
}
],
"references": [
{
"url": "http://keisei.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Not Applicable"
]
},
{
"url": "http://livre.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://github.com/syz913/CVE-reports/blob/main/CVE-2023-31819.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

69
CVE-2023/CVE-2023-318xx/CVE-2023-31820.json
View File

@ -2,23 +2,82 @@
"id": "CVE-2023-31820",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-13T14:15:09.177",
"lastModified": "2023-07-13T18:33:06.503",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-25T19:03:34.687",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue found in Shizutetsu Store v.13.6.1 allows a remote attacker to gain access to sensitive information via the channel access token in the miniapp function."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-311"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:shizutetsu:shizutetsu_store:13.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E3143FBA-270F-4618-9E7F-239585C97717"
}
]
}
]
}
],
"references": [
{
"url": "http://shizutetsu.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://github.com/syz913/CVE-reports/blob/main/CVE-2023-31820.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

69
CVE-2023/CVE-2023-318xx/CVE-2023-31822.json
View File

@ -2,23 +2,82 @@
"id": "CVE-2023-31822",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-13T14:15:09.230",
"lastModified": "2023-07-13T18:33:06.503",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-25T19:03:50.593",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue found in Entetsu Store v.13.4.1 allows a remote attacker to gain access to sensitive information via the channel access token in the miniapp Entetsu Store function."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-311"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:entetsu:entetsu_store:13.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F812C1E1-6E43-4F11-9945-F18B8CFD7F69"
}
]
}
]
}
],
"references": [
{
"url": "http://entetsu.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://github.com/syz913/CVE-reports/blob/main/CVE-2023-31822.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

69
CVE-2023/CVE-2023-318xx/CVE-2023-31823.json
View File

@ -2,23 +2,82 @@
"id": "CVE-2023-31823",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-13T15:15:09.073",
"lastModified": "2023-07-13T18:33:01.447",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-25T18:57:14.280",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue found in Marui Co Marui Official app v.13.6.1 allows a remote attacker to gain access to sensitive information via the channel access token in the miniapp Marui Official Store function."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-319"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:marui:marui:13.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6E999B9E-A814-4D66-8918-88940BDAC8F6"
}
]
}
]
}
],
"references": [
{
"url": "http://marui.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://github.com/syz913/CVE-reports/blob/main/CVE-2023-31823.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

74
CVE-2023/CVE-2023-318xx/CVE-2023-31824.json
View File

@ -2,27 +2,89 @@
"id": "CVE-2023-31824",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-13T15:15:09.123",
"lastModified": "2023-07-13T18:33:01.447",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-25T18:55:34.030",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue found in DERICIA Co. Ltd, DELICIA v.13.6.1 allows a remote attacker to gain access to sensitive information via the channel access token in the miniapp DELICIA function."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dericia:delicia:13.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "714D0CA1-296C-46EC-BDE6-706B1FEF736B"
}
]
}
]
}
],
"references": [
{
"url": "http://delicia.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "http://dericia.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://github.com/syz913/CVE-reports/blob/main/CVE-2023-31824.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

69
CVE-2023/CVE-2023-318xx/CVE-2023-31825.json
View File

@ -2,23 +2,82 @@
"id": "CVE-2023-31825",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-13T14:15:09.283",
"lastModified": "2023-07-13T18:33:01.447",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-25T19:04:20.037",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue found in Inageya v.13.4.1 allows a remote attacker to gain access to sensitive information via the channel access token in the miniapp Inageya function."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-311"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:inageya:inageya:13.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0C5F342E-4489-4C67-8636-3A55287FD4BD"
}
]
}
]
}
],
"references": [
{
"url": "http://inageya.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://github.com/syz913/CVE-reports/blob/main/CVE-2023-31825.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

64
CVE-2023/CVE-2023-332xx/CVE-2023-33274.json
View File

@ -2,19 +2,75 @@
"id": "CVE-2023-33274",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-12T21:15:09.097",
"lastModified": "2023-07-13T08:32:09.673",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-25T18:12:32.557",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The authentication mechanism in PowerShield SNMP Web Pro 1.1 contains a vulnerability that allows unauthenticated users to directly access Common Gateway Interface (CGI) scripts without proper identification or authorization. This vulnerability arises from a lack of proper cookie verification and affects all instances of SNMP Web Pro 1.1 without HTTP Digest authentication enabled, regardless of the password used for the web interface."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:voltronicpower:snmp_web_pro:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6059B1DE-C7AB-4C17-B714-438F37EEAA3C"
}
]
}
]
}
],
"references": [
{
"url": "https://gist.github.com/pedromonteirobb/a0584095b46141702c8cae0f3f1b6759",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

59
CVE-2023/CVE-2023-342xx/CVE-2023-34235.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-34235",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-07-25T18:15:10.800",
"lastModified": "2023-07-25T18:15:10.800",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Strapi is an open-source headless content management system. Prior to version 4.10.8, it is possible to leak private fields if one is using the `t(number)` prefix. Knex query allows users to change the default prefix. For example, if someone changes the prefix to be the same as it was before or to another table they want to query, the query changes from `password` to `t1.password`. `password` is protected by filtering protections but `t1.password` is not protected. This can lead to filtering attacks on everything related to the object again, including admin passwords and reset-tokens. Version 4.10.8 fixes this issue."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 8.6,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"references": [
{
"url": "https://github.com/strapi/strapi/releases/tag/v4.10.8",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/strapi/strapi/security/advisories/GHSA-9xg4-3qfm-9w8f",
"source": "security-advisories@github.com"
}
]
}

74
CVE-2023/CVE-2023-344xx/CVE-2023-34458.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34458",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-07-13T19:15:09.263",
"lastModified": "2023-07-14T12:47:26.623",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-25T18:52:55.960",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -36,8 +56,18 @@
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -46,22 +76,52 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:multiversx:mx-chain-go:*:*:*:*:*:go:*:*",
"versionEndExcluding": "1.4.17",
"matchCriteriaId": "B695903B-094D-4C3A-AE10-6E776400726D"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/multiversx/mx-chain-go/blob/babdb144f1316ab6176bf3dbd7d4621120414d43/integrationTests/vm/txsFee/relayedMoveBalance_test.go#LL165C14-L165C14",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Product"
]
},
{
"url": "https://github.com/multiversx/mx-chain-go/commit/babdb144f1316ab6176bf3dbd7d4621120414d43",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/multiversx/mx-chain-go/releases/tag/v1.4.17",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/multiversx/mx-chain-go/security/advisories/GHSA-j494-7x2v-vvvp",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
}
]
}

27
CVE-2023/CVE-2023-350xx/CVE-2023-35070.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35070",
"sourceIdentifier": "cve@usom.gov.tr",
"published": "2023-07-13T14:15:09.333",
"lastModified": "2023-07-13T18:33:01.447",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-25T18:57:36.717",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -46,10 +46,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vegagroup:web_collection:*:*:*:*:*:*:*:*",
"versionEndExcluding": "31197",
"matchCriteriaId": "8C4FCC29-3E42-4E37-9A83-EC7C4BA59500"
}
]
}
]
}
],
"references": [
{
"url": "https://www.usom.gov.tr/bildirim/tr-23-0406",
"source": "cve@usom.gov.tr"
"source": "cve@usom.gov.tr",
"tags": [
"Third Party Advisory"
]
}
]
}

70
CVE-2023/CVE-2023-358xx/CVE-2023-35833.json
View File

@ -2,23 +2,83 @@
"id": "CVE-2023-35833",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-13T17:15:09.270",
"lastModified": "2023-07-13T18:33:01.447",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-25T18:55:20.907",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in YSoft SAFEQ 6 Server before 6.0.82. When modifying the URL of the LDAP server configuration from LDAPS to LDAP, the system does not require the password to be (re)entered. This results in exposing cleartext credentials when connecting to a rogue LDAP server."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-319"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:h:ysoft:safeq_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.0",
"versionEndExcluding": "6.0.82",
"matchCriteriaId": "2D367A15-4EB0-47A3-B359-20E87C26CDBB"
}
]
}
]
}
],
"references": [
{
"url": "https://www.ysoft.com/en/legal/ldaps-encryption-downgrade-attack-vulnerability",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://ysoft.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
}
]
}

67
CVE-2023/CVE-2023-359xx/CVE-2023-35929.json Normal file
View File

@ -0,0 +1,67 @@
{
"id": "CVE-2023-35929",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-07-25T18:15:10.897",
"lastModified": "2023-07-25T18:15:10.897",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Tuleap is a free and open source suite to improve management of software development and collaboration. Prior to version 14.10.99.4 of Tuleap Community Edition and prior to versions 14.10-2 and 14.9-5 of Tuleap Enterprise Edition, content displayed in the \"card fields\" (visible in the kanban and PV2 apps) is not properly escaped. A malicious user with the capability to create an artifact or to edit a field used as a card field could force victim to execute uncontrolled code. Tuleap Community Edition 14.10.99.4, Tuleap Enterprise Edition 14.10-2, and Tuleap Enterprise Edition 14.9-5 contain a fix."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/Enalean/tuleap/commit/0b2945fbd260d37aa0aff2ca1c867d160f76188d",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/Enalean/tuleap/security/advisories/GHSA-xhjp-4rjf-q268",
"source": "security-advisories@github.com"
},
{
"url": "https://tuleap.net/plugins/git/tuleap/tuleap/stable?a=commit&h=0b2945fbd260d37aa0aff2ca1c867d160f76188d",
"source": "security-advisories@github.com"
},
{
"url": "https://tuleap.net/plugins/tracker/?aid=32629",
"source": "security-advisories@github.com"
}
]
}

55
CVE-2023/CVE-2023-359xx/CVE-2023-35941.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-35941",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-07-25T18:15:10.993",
"lastModified": "2023-07-25T18:15:10.993",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12, a malicious client is able to construct credentials with permanent validity in some specific scenarios. This is caused by the some rare scenarios in which HMAC payload can be always valid in OAuth2 filter's check. Versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12 have a fix for this issue. As a workaround, avoid wildcards/prefix domain wildcards in the host's domain configuration."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 8.6,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 4.7
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-116"
}
]
}
],
"references": [
{
"url": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-7mhv-gr67-hq55",
"source": "security-advisories@github.com"
}
]
}

55
CVE-2023/CVE-2023-359xx/CVE-2023-35942.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-35942",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-07-25T19:15:11.050",
"lastModified": "2023-07-25T19:15:11.050",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12, gRPC access loggers using listener's global scope can cause a `use-after-free` crash when the listener is drained. Versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12 have a fix for this issue. As a workaround, disable gRPC access log or stop listener update."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"references": [
{
"url": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-69vr-g55c-v2v4",
"source": "security-advisories@github.com"
}
]
}

55
CVE-2023/CVE-2023-359xx/CVE-2023-35943.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-35943",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-07-25T19:15:11.153",
"lastModified": "2023-07-25T19:15:11.153",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12, the CORS filter will segfault and crash Envoy when the `origin` header is removed and deleted between `decodeHeaders`and `encodeHeaders`. Versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12 have a fix for this issue. As a workaround, do not remove the `origin` header in the Envoy configuration."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.1,
"impactScore": 4.2
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"references": [
{
"url": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-mc6h-6j9x-v3gq",
"source": "security-advisories@github.com"
}
]
}

55
CVE-2023/CVE-2023-359xx/CVE-2023-35944.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-35944",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-07-25T19:15:11.240",
"lastModified": "2023-07-25T19:15:11.240",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Envoy is an open source edge and service proxy designed for cloud-native applications. Envoy allows mixed-case schemes in HTTP/2, however, some internal scheme checks are case-sensitive. Prior to versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12, this can lead to the rejection of requests with mixed-case schemes such as `htTp` or `htTps`, or the bypassing of some requests such as `https` in unencrypted connections. With a fix in versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12, Envoy will now lowercase scheme values by default, and change the internal scheme checks that were case-sensitive to be case-insensitive. There are no known workarounds for this issue."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 4.2
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"references": [
{
"url": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-pvgm-7jpg-pw5g",
"source": "security-advisories@github.com"
}
]
}

85
CVE-2023/CVE-2023-359xx/CVE-2023-35945.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35945",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-07-13T21:15:08.880",
"lastModified": "2023-07-14T12:47:26.623",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-25T18:36:37.267",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -36,8 +56,18 @@
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-459"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -46,14 +76,59 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.23.11",
"matchCriteriaId": "6229C1E0-69F5-49E0-AECC-F98E792E06F4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.24.0",
"versionEndExcluding": "1.24.9",
"matchCriteriaId": "E48F872E-5893-4F65-AB15-CA5E9240FD48"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.25.0",
"versionEndExcluding": "1.25.8",
"matchCriteriaId": "5A8C39F9-39D8-475E-BF5D-52DF8435C02D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.26.0",
"versionEndExcluding": "1.26.3",
"matchCriteriaId": "E208BBEC-FFAC-4513-AF33-45029CC8E0F3"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/envoyproxy/envoy/security/advisories/GHSA-jfxv-29pc-x22r",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://github.com/nghttp2/nghttp2/blob/e7f59406556c80904b81b593d38508591bb7523a/lib/nghttp2_session.c#L3346",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Product"
]
}
]
}

43
CVE-2023/CVE-2023-359xx/CVE-2023-35980.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-35980",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2023-07-25T19:15:11.327",
"lastModified": "2023-07-25T19:15:11.327",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets\u00a0destined to the PAPI (Aruba's access point management\u00a0protocol) UDP port (8211). Successful exploitation of these\u00a0vulnerabilities result in the ability to execute arbitrary\u00a0code as a privileged user on the underlying operating system."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-alert@hpe.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-009.txt",
"source": "security-alert@hpe.com"
}
]
}

43
CVE-2023/CVE-2023-359xx/CVE-2023-35981.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-35981",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2023-07-25T19:15:11.410",
"lastModified": "2023-07-25T19:15:11.410",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets\u00a0destined to the PAPI (Aruba's access point management\u00a0protocol) UDP port (8211). Successful exploitation of these\u00a0vulnerabilities result in the ability to execute arbitrary\u00a0code as a privileged user on the underlying operating system."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-alert@hpe.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-009.txt",
"source": "security-alert@hpe.com"
}
]
}

43
CVE-2023/CVE-2023-359xx/CVE-2023-35982.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-35982",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2023-07-25T19:15:11.480",
"lastModified": "2023-07-25T19:15:11.480",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets\u00a0destined to the PAPI (Aruba's access point management\u00a0protocol) UDP port (8211). Successful exploitation of these\u00a0vulnerabilities result in the ability to execute arbitrary\u00a0code as a privileged user on the underlying operating system."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-alert@hpe.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-009.txt",
"source": "security-alert@hpe.com"
}
]
}

366
CVE-2023/CVE-2023-35xx/CVE-2023-3595.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3595",
"sourceIdentifier": "PSIRT@rockwellautomation.com",
"published": "2023-07-12T13:15:09.880",
"lastModified": "2023-07-12T14:15:10.070",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-25T19:55:53.177",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary",
@ -46,10 +76,340 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:rockwellautomation:1756-en2f_series_a_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D4B3185-B776-46C4-B47F-CE48861A422B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:rockwellautomation:1756-en2f_series_a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "97AC710F-97B3-47A1-86EC-3148A21F16B2"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:rockwellautomation:1756-en2f_series_b_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7242493E-0B2A-4AF3-BF44-15D3D1DB0021"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:rockwellautomation:1756-en2f_series_b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA49358A-F76E-4DEC-994C-B988DE38BF7F"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:rockwellautomation:1756-en2f_series_c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "48F83304-EF89-48A4-AA0E-EBD5AE5E46E5"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:rockwellautomation:1756-en2f_series_c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6E5B08F-BD0C-4B3F-9897-61C945981CC6"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:rockwellautomation:1756-en2t_series_a_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B8E9CEA5-F039-484D-A234-1E3ADA352E32"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:rockwellautomation:1756-en2t_series_a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BBB6A3C1-6419-4CDB-B7F5-57F20DA43C5A"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:rockwellautomation:1756-en2t_series_b_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADCF431D-0F13-4037-BBDF-4199B5860CCA"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:rockwellautomation:1756-en2t_series_b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5E9D2541-B0DB-4925-ACD6-FCC2A028FA4A"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:rockwellautomation:1756-en2t_series_c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E9B8DEC1-3980-49E0-82B1-275FD7870EC9"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:rockwellautomation:1756-en2t_series_c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "13581B79-89FF-42F0-93C1-CB77582E7303"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:rockwellautomation:1756-en2t_series_d_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "88F147B7-96D5-4C52-AE8C-C5A24A103290"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:rockwellautomation:1756-en2t_series_d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F71090C1-36AD-4A1B-92B5-CB391593DF4B"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:rockwellautomation:1756-en2tr_series_a_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "94271569-D658-4F95-B9A6-2C1DB2647EB2"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:rockwellautomation:1756-en2tr_series_a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A4A8E21A-3826-497C-9F3D-6D9091AD7647"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:rockwellautomation:1756-en2tr_series_b_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BAEF2D94-6224-4877-9169-E5B0DB3FAA25"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:rockwellautomation:1756-en2tr_series_b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8607CD0D-0EE7-41CF-8E00-C0F5C83646A8"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:rockwellautomation:1756-en2tr_series_c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EAB58AD4-EA1F-4106-ADD1-52EF2592B92C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:rockwellautomation:1756-en2tr_series_c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D58BA41B-3859-4489-9C74-730C27B1EFF0"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:rockwellautomation:1756-en3tr_series_a_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE90B141-E680-4D15-8BCE-8D58909A3679"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:rockwellautomation:1756-en3tr_series_a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4824C266-82B1-4B74-AF72-BFCEF0547023"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:rockwellautomation:1756-en3tr_series_b_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "01816E19-DF07-4A48-BC59-4A9918AE94FA"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:rockwellautomation:1756-en3tr_series_b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "14CF3A11-7130-420A-B99E-8FADA7C23484"
}
]
}
]
}
],
"references": [
{
"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140010",
"source": "PSIRT@rockwellautomation.com"
"source": "PSIRT@rockwellautomation.com",
"tags": [
"Permissions Required",
"Vendor Advisory"
]
}
]
}

1092
CVE-2023/CVE-2023-364xx/CVE-2023-36473.json
View File

File diff suppressed because it is too large Load Diff

67
CVE-2023/CVE-2023-368xx/CVE-2023-36806.json Normal file
View File

@ -0,0 +1,67 @@
{
"id": "CVE-2023-36806",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-07-25T19:15:11.550",
"lastModified": "2023-07-25T19:15:11.550",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Contao is an open source content management system. Starting in version 4.0.0 and prior to versions 4.9.42, 4.13.28, and 5.1.10, it is possible for untrusted backend users to inject malicious code into headline fields in the back end, which will be executed both in the element preview (back end) and on the website (front end). Installations are only affected if there are untrusted back end users who have the rights to modify headline fields, or other fields using the input unit widget. Contao 4.9.42, 4.13.28, and 5.1.10 have a patch for this issue. As a workaround, disable the login for all untrusted back end users."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/contao/contao/commit/5c9aff32cfc1f7dc452a045862ac2f86a6b9b4b4",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/contao/contao/commit/c98585d36baa25fda69c062421e7e7eadc53c82b",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/contao/contao/commit/ccb64c777eb0f9c0e6490c9135d80e915d37cd32",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/contao/contao/security/advisories/GHSA-4gpr-p634-922x",
"source": "security-advisories@github.com"
}
]
}

67
CVE-2023/CVE-2023-368xx/CVE-2023-36826.json Normal file
View File

@ -0,0 +1,67 @@
{
"id": "CVE-2023-36826",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-07-25T19:15:11.640",
"lastModified": "2023-07-25T19:15:11.640",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Sentry is an error tracking and performance monitoring platform. Starting in version 8.21.0 and prior to version 23.5.2, an authenticated user can download a debug or artifact bundle from arbitrary organizations and projects with a known bundle ID. The user does not need to be a member of the organization or have permissions on the project. A patch was issued in version 23.5.2 to ensure authorization checks are properly scoped on requests to retrieve debug or artifact bundles. Authenticated users who do not have the necessary permissions on the particular project are no longer able to download them. Sentry SaaS users do not need to take any action. Self-Hosted Sentry users should upgrade to version 23.5.2 or higher."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.1,
"impactScore": 4.0
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-285"
},
{
"lang": "en",
"value": "CWE-863"
}
]
}
],
"references": [
{
"url": "https://github.com/getsentry/sentry/commit/e932b15435bf36239431eaa3790a6bcfa47046a9",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/getsentry/sentry/pull/49680",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/getsentry/sentry/security/advisories/GHSA-m4hc-m2v6-hfw8",
"source": "security-advisories@github.com"
}
]
}

70
CVE-2023/CVE-2023-36xx/CVE-2023-3648.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3648",
"sourceIdentifier": "cve@gitlab.com",
"published": "2023-07-14T07:15:08.387",
"lastModified": "2023-07-14T12:47:21.903",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-25T18:24:30.347",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "cve@gitlab.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
},
{
"source": "cve@gitlab.com",
"type": "Secondary",
@ -46,14 +76,46 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.6.0",
"versionEndIncluding": "3.6.14",
"matchCriteriaId": "5330ADDD-4D42-4085-8F50-5C21FB172A49"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.0.0",
"versionEndIncluding": "4.0.6",
"matchCriteriaId": "6E8AD4F6-E793-4847-858F-30F069053088"
}
]
}
]
}
],
"references": [
{
"url": "https://gitlab.com/wireshark/wireshark/-/issues/19105",
"source": "cve@gitlab.com"
"source": "cve@gitlab.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.wireshark.org/security/wnpa-sec-2023-21.html",
"source": "cve@gitlab.com"
"source": "cve@gitlab.com",
"tags": [
"Vendor Advisory"
]
}
]
}

64
CVE-2023/CVE-2023-36xx/CVE-2023-3649.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3649",
"sourceIdentifier": "cve@gitlab.com",
"published": "2023-07-14T07:15:08.593",
"lastModified": "2023-07-14T12:47:21.903",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-25T18:20:46.537",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "cve@gitlab.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
},
{
"source": "cve@gitlab.com",
"type": "Secondary",
@ -46,14 +76,40 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.0.0",
"versionEndIncluding": "4.0.6",
"matchCriteriaId": "6E8AD4F6-E793-4847-858F-30F069053088"
}
]
}
]
}
],
"references": [
{
"url": "https://gitlab.com/wireshark/wireshark/-/issues/19164",
"source": "cve@gitlab.com"
"source": "cve@gitlab.com",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
},
{
"url": "https://www.wireshark.org/security/wnpa-sec-2023-22.html",
"source": "cve@gitlab.com"
"source": "cve@gitlab.com",
"tags": [
"Vendor Advisory"
]
}
]
}

57
CVE-2023/CVE-2023-36xx/CVE-2023-3658.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3658",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-13T11:15:09.340",
"lastModified": "2023-07-13T12:51:14.383",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-25T19:00:21.943",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,14 +93,41 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ac_repair_and_services_system_project:ac_repair_and_services_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "93360BEF-F4C8-4AA0-9F50-1BA8EFAFC705"
}
]
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?ctiid.234012",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.234012",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
}
]
}

57
CVE-2023/CVE-2023-36xx/CVE-2023-3659.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3659",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-13T11:15:09.417",
"lastModified": "2023-07-13T12:51:14.383",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-25T18:59:54.670",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,14 +93,41 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ac_repair_and_services_system_project:ac_repair_and_services_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "93360BEF-F4C8-4AA0-9F50-1BA8EFAFC705"
}
]
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?ctiid.234013",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.234013",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
}
]
}

62
CVE-2023/CVE-2023-36xx/CVE-2023-3660.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3660",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-13T12:15:09.397",
"lastModified": "2023-07-13T12:51:14.383",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-25T19:01:59.357",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,18 +93,48 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:campcodes:retro_cellphone_online_store:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "14240D3C-5073-4D9E-8FE0-EF8C9E323E03"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/E1CHO/cve_hub/blob/main/Retro%20Cellphone%20Online%20Store%20-%20vlun%206.pdf",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://vuldb.com/?ctiid.234014",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.234014",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
}
]
}

57
CVE-2023/CVE-2023-36xx/CVE-2023-3661.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3661",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-13T12:15:09.470",
"lastModified": "2023-07-13T12:51:14.383",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-25T19:02:46.437",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,14 +93,41 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ac_repair_and_services_system_project:ac_repair_and_services_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "93360BEF-F4C8-4AA0-9F50-1BA8EFAFC705"
}
]
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?ctiid.234015",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.234015",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
}
]
}

55
CVE-2023/CVE-2023-36xx/CVE-2023-3672.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3672",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-07-14T10:15:08.920",
"lastModified": "2023-07-14T12:47:21.903",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-25T18:17:50.647",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -46,14 +68,39 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:plaidweb:webmention.js:*:*:*:*:*:*:*:*",
"versionEndExcluding": "0.5.5",
"matchCriteriaId": "1891F45F-543B-49CC-A962-CC444964387A"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/plaidweb/webmention.js/commit/3551b66b3e40da37fee89ecf72930c5efdc53011",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Patch"
]
},
{
"url": "https://huntr.dev/bounties/75cfb7ad-a75f-45ff-8688-32a9c55179aa",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

53
CVE-2023/CVE-2023-36xx/CVE-2023-3683.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3683",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-16T08:15:14.263",
"lastModified": "2023-07-17T13:02:42.053",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-25T19:12:48.627",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,14 +93,37 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:livelyworks:articart:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B688B4F2-D9E8-4DC5-BE53-B969A9E1A8EF"
}
]
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?ctiid.234229",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.234229",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

65
CVE-2023/CVE-2023-36xx/CVE-2023-3684.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3684",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-16T11:15:09.333",
"lastModified": "2023-07-17T13:02:42.053",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-25T19:12:31.023",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -61,7 +83,7 @@
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
@ -69,16 +91,49 @@
"value": "CWE-601"
}
]
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-601"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:livelyworks:articart:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B688B4F2-D9E8-4DC5-BE53-B969A9E1A8EF"
}
]
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?ctiid.234230",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.234230",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

53
CVE-2023/CVE-2023-36xx/CVE-2023-3685.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3685",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-16T11:15:09.680",
"lastModified": "2023-07-17T13:02:42.053",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-25T19:28:29.557",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,14 +93,37 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nesote:inout_search_engine_ai_edition:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C682CF8D-230F-496E-946A-C9F605E5D6B0"
}
]
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?ctiid.234231",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.234231",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

53
CVE-2023/CVE-2023-36xx/CVE-2023-3686.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3686",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-16T13:15:09.380",
"lastModified": "2023-07-17T13:02:42.053",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-25T19:11:35.773",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,14 +93,37 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bylancer:quickai_openai:3.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9A7FA783-6EF2-43CE-9063-6DAC3D88FB69"
}
]
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?ctiid.234232",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.234232",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

65
CVE-2023/CVE-2023-36xx/CVE-2023-3687.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3687",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-16T14:15:09.310",
"lastModified": "2023-07-17T13:02:42.053",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-25T19:11:50.817",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -61,7 +83,7 @@
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
@ -69,16 +91,49 @@
"value": "CWE-89"
}
]
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bylancer:quickvcard:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CE1FD4-AC16-40DA-B1C8-8F7C074FA7B9"
}
]
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?ctiid.234233",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.234233",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

53
CVE-2023/CVE-2023-36xx/CVE-2023-3688.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3688",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-16T15:15:09.143",
"lastModified": "2023-07-17T13:02:42.053",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-25T18:57:37.553",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,14 +93,37 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bylancer:quickjob:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6A738251-D90F-4E6C-9E58-D6AA4E8CE6D7"
}
]
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?ctiid.234234",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.234234",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

53
CVE-2023/CVE-2023-36xx/CVE-2023-3689.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3689",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-16T16:15:09.360",
"lastModified": "2023-07-17T13:02:42.053",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-25T18:58:18.733",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -15,6 +15,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -75,14 +97,37 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bylancer:quickqr:6.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "9290F879-4314-48A7-9A04-9FA7FB2210F9"
}
]
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?ctiid.234235",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.234235",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

53
CVE-2023/CVE-2023-36xx/CVE-2023-3690.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3690",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-16T16:15:09.437",
"lastModified": "2023-07-17T13:02:42.053",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-25T19:09:50.323",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -15,6 +15,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -75,14 +97,37 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bylancer:quickorder:6.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3ADE7477-2D3D-48AA-894D-BEDF273B2DB2"
}
]
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?ctiid.234236",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.234236",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

89
CVE-2023/CVE-2023-372xx/CVE-2023-37267.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-37267",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-07-13T14:15:09.427",
"lastModified": "2023-07-13T18:33:01.447",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-25T18:57:24.717",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -36,8 +56,18 @@
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -46,22 +76,67 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:umbraco:umbraco_cms:*:*:*:*:*:*:*:*",
"versionStartIncluding": "10.0.0",
"versionEndExcluding": "10.6.1",
"matchCriteriaId": "841B2B22-690A-4EA6-AF97-C2C4F17825A5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:umbraco:umbraco_cms:*:*:*:*:*:*:*:*",
"versionStartIncluding": "11.0.0",
"versionEndExcluding": "11.4.2",
"matchCriteriaId": "CDC616B7-2605-4852-9198-ACFDD02EC4DD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:umbraco:umbraco_cms:*:*:*:*:*:*:*:*",
"versionStartIncluding": "12.0.0",
"versionEndExcluding": "12.0.1",
"matchCriteriaId": "50859076-CC8D-4B69-AD2F-7AF958CF6D2D"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/umbraco/Umbraco-CMS/commit/1f26f2c6f3428833892cde5c6d8441fb041e410e",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/umbraco/Umbraco-CMS/commit/20a4e475c8d7b91d263e4e103ef19f3644e7b569",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/umbraco/Umbraco-CMS/commit/82eae48d098b9deecbdf86cf288b2b18020e1fed",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/umbraco/Umbraco-CMS/security/advisories/GHSA-h8wc-r4jh-mg7m",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
}
]
}

64
CVE-2023/CVE-2023-374xx/CVE-2023-37463.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-37463",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-07-13T20:15:09.327",
"lastModified": "2023-07-14T12:47:26.623",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-25T18:37:08.047",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -36,8 +56,18 @@
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -46,14 +76,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:github:cmark-gfm:*:*:*:*:*:*:*:*",
"versionEndExcluding": "0.29.0.gfm.12",
"matchCriteriaId": "78444374-3BCE-483F-94BC-AECCBE065DA5"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/github/cmark-gfm/releases/tag/0.29.0.gfm.12",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/github/cmark-gfm/security/advisories/GHSA-w4qg-3vf7-m9x5",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit"
]
}
]
}

58
CVE-2023/CVE-2023-374xx/CVE-2023-37468.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-37468",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-07-13T21:15:09.253",
"lastModified": "2023-07-14T12:47:26.623",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-25T18:35:42.230",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -50,18 +70,46 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:thm:feedbacksystem:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.5.0",
"versionEndExcluding": "1.9.2",
"matchCriteriaId": "CC3297F4-C7E7-407D-9099-5FC637CE8E14"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/thm-mni-ii/feedbacksystem/commit/8d896125263e1efb1b70990987c7704426325bcf",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/thm-mni-ii/feedbacksystem/releases/tag/v1.9.2",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/thm-mni-ii/feedbacksystem/security/advisories/GHSA-g28r-8wg3-7349",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
}
]
}

64
CVE-2023/CVE-2023-375xx/CVE-2023-37598.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-37598",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-13T21:15:09.337",
"lastModified": "2023-07-14T12:47:26.623",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-25T18:33:52.923",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,11 +14,67 @@
"value": "Una vulnerabilidad de tipo Cross-Site Request Forgery (CSRF) en issabel-pbx v4.0.0-6 permite a un atacante remoto causar una denegaci\u00f3n de servicio a trav\u00e9s de la funci\u00f3n de eliminar nuevo fax virtual. "
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 4.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:issabel:pbx:4.0.0-6:*:*:*:*:*:*:*",
"matchCriteriaId": "D1A5E56B-4B74-4BF7-ACF5-1D9F3C0FC0FF"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/sahiloj/CVE-2023-37598",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

6
CVE-2023/CVE-2023-384xx/CVE-2023-38435.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-38435",
"sourceIdentifier": "security@apache.org",
"published": "2023-07-25T16:15:11.500",
"lastModified": "2023-07-25T17:22:14.780",
"lastModified": "2023-07-25T18:15:11.087",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -24,6 +24,10 @@
}
],
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2023/07/25/10",
"source": "security@apache.org"
},
{
"url": "https://lists.apache.org/thread/r3blhp3onr4rdbkgdyglqnccg0v79pfv",
"source": "security@apache.org"

20
CVE-2023/CVE-2023-391xx/CVE-2023-39128.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-39128",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-25T19:15:11.740",
"lastModified": "2023-07-25T19:15:11.740",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a stack overflow via the function ada_decode at /gdb/ada-lang.c."
}
],
"metrics": {},
"references": [
{
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=30639",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-391xx/CVE-2023-39129.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-39129",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-25T19:15:11.800",
"lastModified": "2023-07-25T19:15:11.800",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a heap use after free via the function add_pe_exported_sym() at /gdb/coff-pe-read.c."
}
],
"metrics": {},
"references": [
{
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=30640",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-391xx/CVE-2023-39130.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-39130",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-25T19:15:11.857",
"lastModified": "2023-07-25T19:15:11.857",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "GNU gdb (GDB) 13.0.50.20220805-git was discovered to contain a heap buffer overflow via the function pe_as16() at /gdb/coff-pe-read.c."
}
],
"metrics": {},
"references": [
{
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=30641",
"source": "cve@mitre.org"
}
]
}

78
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-07-25T18:00:31.419140+00:00
2023-07-25T20:00:29.768653+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-07-25T17:42:56.930000+00:00
2023-07-25T19:55:53.177000+00:00
```
### Last Data Feed Release
@ -29,47 +29,59 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
220993
221008
```
### CVEs added in the last Commit
Recently added CVEs: `3`
Recently added CVEs: `15`
* [CVE-2023-38435](CVE-2023/CVE-2023-384xx/CVE-2023-38435.json) (`2023-07-25T16:15:11.500`)
* [CVE-2023-3772](CVE-2023/CVE-2023-37xx/CVE-2023-3772.json) (`2023-07-25T16:15:11.660`)
* [CVE-2023-3773](CVE-2023/CVE-2023-37xx/CVE-2023-3773.json) (`2023-07-25T16:15:11.733`)
* [CVE-2023-2626](CVE-2023/CVE-2023-26xx/CVE-2023-2626.json) (`2023-07-25T18:15:10.690`)
* [CVE-2023-34235](CVE-2023/CVE-2023-342xx/CVE-2023-34235.json) (`2023-07-25T18:15:10.800`)
* [CVE-2023-35929](CVE-2023/CVE-2023-359xx/CVE-2023-35929.json) (`2023-07-25T18:15:10.897`)
* [CVE-2023-35941](CVE-2023/CVE-2023-359xx/CVE-2023-35941.json) (`2023-07-25T18:15:10.993`)
* [CVE-2023-35942](CVE-2023/CVE-2023-359xx/CVE-2023-35942.json) (`2023-07-25T19:15:11.050`)
* [CVE-2023-35943](CVE-2023/CVE-2023-359xx/CVE-2023-35943.json) (`2023-07-25T19:15:11.153`)
* [CVE-2023-35944](CVE-2023/CVE-2023-359xx/CVE-2023-35944.json) (`2023-07-25T19:15:11.240`)
* [CVE-2023-35980](CVE-2023/CVE-2023-359xx/CVE-2023-35980.json) (`2023-07-25T19:15:11.327`)
* [CVE-2023-35981](CVE-2023/CVE-2023-359xx/CVE-2023-35981.json) (`2023-07-25T19:15:11.410`)
* [CVE-2023-35982](CVE-2023/CVE-2023-359xx/CVE-2023-35982.json) (`2023-07-25T19:15:11.480`)
* [CVE-2023-36806](CVE-2023/CVE-2023-368xx/CVE-2023-36806.json) (`2023-07-25T19:15:11.550`)
* [CVE-2023-36826](CVE-2023/CVE-2023-368xx/CVE-2023-36826.json) (`2023-07-25T19:15:11.640`)
* [CVE-2023-39128](CVE-2023/CVE-2023-391xx/CVE-2023-39128.json) (`2023-07-25T19:15:11.740`)
* [CVE-2023-39129](CVE-2023/CVE-2023-391xx/CVE-2023-39129.json) (`2023-07-25T19:15:11.800`)
* [CVE-2023-39130](CVE-2023/CVE-2023-391xx/CVE-2023-39130.json) (`2023-07-25T19:15:11.857`)
### CVEs modified in the last Commit
Recently modified CVEs: `44`
Recently modified CVEs: `65`
* [CVE-2023-2068](CVE-2023/CVE-2023-20xx/CVE-2023-2068.json) (`2023-07-25T17:15:11.137`)
* [CVE-2023-2223](CVE-2023/CVE-2023-22xx/CVE-2023-2223.json) (`2023-07-25T17:15:11.277`)
* [CVE-2023-2224](CVE-2023/CVE-2023-22xx/CVE-2023-2224.json) (`2023-07-25T17:15:11.420`)
* [CVE-2023-2601](CVE-2023/CVE-2023-26xx/CVE-2023-2601.json) (`2023-07-25T17:15:11.547`)
* [CVE-2023-2605](CVE-2023/CVE-2023-26xx/CVE-2023-2605.json) (`2023-07-25T17:15:11.710`)
* [CVE-2023-23833](CVE-2023/CVE-2023-238xx/CVE-2023-23833.json) (`2023-07-25T17:22:14.780`)
* [CVE-2023-33925](CVE-2023/CVE-2023-339xx/CVE-2023-33925.json) (`2023-07-25T17:22:14.780`)
* [CVE-2023-35043](CVE-2023/CVE-2023-350xx/CVE-2023-35043.json) (`2023-07-25T17:22:14.780`)
* [CVE-2023-3486](CVE-2023/CVE-2023-34xx/CVE-2023-3486.json) (`2023-07-25T17:22:14.780`)
* [CVE-2023-3637](CVE-2023/CVE-2023-36xx/CVE-2023-3637.json) (`2023-07-25T17:22:14.780`)
* [CVE-2023-34017](CVE-2023/CVE-2023-340xx/CVE-2023-34017.json) (`2023-07-25T17:22:14.780`)
* [CVE-2023-34369](CVE-2023/CVE-2023-343xx/CVE-2023-34369.json) (`2023-07-25T17:22:14.780`)
* [CVE-2023-36385](CVE-2023/CVE-2023-363xx/CVE-2023-36385.json) (`2023-07-25T17:22:14.780`)
* [CVE-2023-36501](CVE-2023/CVE-2023-365xx/CVE-2023-36501.json) (`2023-07-25T17:22:14.780`)
* [CVE-2023-36502](CVE-2023/CVE-2023-365xx/CVE-2023-36502.json) (`2023-07-25T17:22:14.780`)
* [CVE-2023-36503](CVE-2023/CVE-2023-365xx/CVE-2023-36503.json) (`2023-07-25T17:22:14.780`)
* [CVE-2023-3548](CVE-2023/CVE-2023-35xx/CVE-2023-3548.json) (`2023-07-25T17:22:14.780`)
* [CVE-2023-34093](CVE-2023/CVE-2023-340xx/CVE-2023-34093.json) (`2023-07-25T17:22:14.780`)
* [CVE-2023-37895](CVE-2023/CVE-2023-378xx/CVE-2023-37895.json) (`2023-07-25T17:22:14.780`)
* [CVE-2023-39173](CVE-2023/CVE-2023-391xx/CVE-2023-39173.json) (`2023-07-25T17:22:14.780`)
* [CVE-2023-39174](CVE-2023/CVE-2023-391xx/CVE-2023-39174.json) (`2023-07-25T17:22:14.780`)
* [CVE-2023-39175](CVE-2023/CVE-2023-391xx/CVE-2023-39175.json) (`2023-07-25T17:22:14.780`)
* [CVE-2023-25078](CVE-2023/CVE-2023-250xx/CVE-2023-25078.json) (`2023-07-25T17:24:34.817`)
* [CVE-2023-25178](CVE-2023/CVE-2023-251xx/CVE-2023-25178.json) (`2023-07-25T17:24:39.447`)
* [CVE-2023-20942](CVE-2023/CVE-2023-209xx/CVE-2023-20942.json) (`2023-07-25T17:42:56.930`)
* [CVE-2023-31819](CVE-2023/CVE-2023-318xx/CVE-2023-31819.json) (`2023-07-25T19:03:18.877`)
* [CVE-2023-31820](CVE-2023/CVE-2023-318xx/CVE-2023-31820.json) (`2023-07-25T19:03:34.687`)
* [CVE-2023-31822](CVE-2023/CVE-2023-318xx/CVE-2023-31822.json) (`2023-07-25T19:03:50.593`)
* [CVE-2023-31825](CVE-2023/CVE-2023-318xx/CVE-2023-31825.json) (`2023-07-25T19:04:20.037`)
* [CVE-2023-3690](CVE-2023/CVE-2023-36xx/CVE-2023-3690.json) (`2023-07-25T19:09:50.323`)
* [CVE-2023-3686](CVE-2023/CVE-2023-36xx/CVE-2023-3686.json) (`2023-07-25T19:11:35.773`)
* [CVE-2023-3687](CVE-2023/CVE-2023-36xx/CVE-2023-3687.json) (`2023-07-25T19:11:50.817`)
* [CVE-2023-3684](CVE-2023/CVE-2023-36xx/CVE-2023-3684.json) (`2023-07-25T19:12:31.023`)
* [CVE-2023-3683](CVE-2023/CVE-2023-36xx/CVE-2023-3683.json) (`2023-07-25T19:12:48.627`)
* [CVE-2023-22033](CVE-2023/CVE-2023-220xx/CVE-2023-22033.json) (`2023-07-25T19:23:31.577`)
* [CVE-2023-22008](CVE-2023/CVE-2023-220xx/CVE-2023-22008.json) (`2023-07-25T19:23:57.457`)
* [CVE-2023-22007](CVE-2023/CVE-2023-220xx/CVE-2023-22007.json) (`2023-07-25T19:24:25.677`)
* [CVE-2023-22005](CVE-2023/CVE-2023-220xx/CVE-2023-22005.json) (`2023-07-25T19:24:46.737`)
* [CVE-2023-21950](CVE-2023/CVE-2023-219xx/CVE-2023-21950.json) (`2023-07-25T19:25:20.693`)
* [CVE-2023-22053](CVE-2023/CVE-2023-220xx/CVE-2023-22053.json) (`2023-07-25T19:26:36.587`)
* [CVE-2023-22048](CVE-2023/CVE-2023-220xx/CVE-2023-22048.json) (`2023-07-25T19:26:57.163`)
* [CVE-2023-22046](CVE-2023/CVE-2023-220xx/CVE-2023-22046.json) (`2023-07-25T19:27:45.300`)
* [CVE-2023-22038](CVE-2023/CVE-2023-220xx/CVE-2023-22038.json) (`2023-07-25T19:28:07.100`)
* [CVE-2023-3685](CVE-2023/CVE-2023-36xx/CVE-2023-3685.json) (`2023-07-25T19:28:29.557`)
* [CVE-2023-22054](CVE-2023/CVE-2023-220xx/CVE-2023-22054.json) (`2023-07-25T19:30:25.787`)
* [CVE-2023-22056](CVE-2023/CVE-2023-220xx/CVE-2023-22056.json) (`2023-07-25T19:30:37.157`)
* [CVE-2023-22057](CVE-2023/CVE-2023-220xx/CVE-2023-22057.json) (`2023-07-25T19:30:48.877`)
* [CVE-2023-22058](CVE-2023/CVE-2023-220xx/CVE-2023-22058.json) (`2023-07-25T19:33:36.430`)
* [CVE-2023-29984](CVE-2023/CVE-2023-299xx/CVE-2023-29984.json) (`2023-07-25T19:45:53.773`)
* [CVE-2023-3595](CVE-2023/CVE-2023-35xx/CVE-2023-3595.json) (`2023-07-25T19:55:53.177`)
## Download and Usage