admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-21 17:41:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-06-23T20:00:27.060629+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-06-23 20:00:30 +00:00
parent 11c527178a
commit 38ae763943
149 changed files with 5468 additions and 262 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

65
CVE-2021/CVE-2021-312xx/CVE-2021-31280.json
View File

@ -2,19 +2,76 @@
"id": "CVE-2021-31280",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-14T14:15:09.517",
"lastModified": "2023-06-14T15:30:58.900",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-23T19:05:02.453",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in tp5cms through 2017-05-25. admin.php/system/set.html has XSS via the keywords parameter."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tp5cms_project:tp5cms:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2017-05-25",
"matchCriteriaId": "867DD6A8-1CED-4FA1-B2CD-2888F8183B66"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/fmsdwifull/tp5cms/issues/8",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking"
]
}
]
}

28
CVE-2022/CVE-2022-226xx/CVE-2022-22630.json Normal file
View File

@ -0,0 +1,28 @@
{
"id": "CVE-2022-22630",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:10.380",
"lastModified": "2023-06-23T19:24:47.997",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.6.6, macOS Monterey 12.3, Security Update 2022-004 Catalina. A remote user may cause an unexpected app termination or arbitrary code execution"
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/HT213183",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213255",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213256",
"source": "product-security@apple.com"
}
]
}

14
CVE-2022/CVE-2022-238xx/CVE-2022-23854.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-23854",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2022-12-23T21:15:09.097",
"lastModified": "2023-01-04T18:15:46.303",
"lastModified": "2023-06-23T18:42:20.577",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -56,8 +56,18 @@
},
"weaknesses": [
{
"source": "ics-cert@hq.dhs.gov",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
},
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"description": [
{
"lang": "en",

6
CVE-2022/CVE-2022-240xx/CVE-2022-24045.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-24045",
"sourceIdentifier": "productcert@siemens.com",
"published": "2022-05-20T13:15:14.600",
"lastModified": "2022-06-01T15:35:30.293",
"lastModified": "2023-06-23T19:48:54.647",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -71,6 +71,10 @@
{
"lang": "en",
"value": "CWE-311"
},
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
},

4
CVE-2022/CVE-2022-247xx/CVE-2022-24711.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-24711",
"sourceIdentifier": "security-advisories@github.com",
"published": "2022-02-28T16:15:07.970",
"lastModified": "2022-03-08T18:03:10.340",
"lastModified": "2023-06-23T19:17:26.633",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -90,7 +90,7 @@
"description": [
{
"lang": "en",
"value": "CWE-94"
"value": "CWE-20"
}
]
},

14
CVE-2022/CVE-2022-247xx/CVE-2022-24725.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-24725",
"sourceIdentifier": "security-advisories@github.com",
"published": "2022-03-03T22:15:08.950",
"lastModified": "2022-03-17T19:13:26.697",
"lastModified": "2023-06-23T19:17:14.040",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -85,8 +85,18 @@
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",

6
CVE-2022/CVE-2022-247xx/CVE-2022-24730.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-24730",
"sourceIdentifier": "security-advisories@github.com",
"published": "2022-03-23T21:15:08.023",
"lastModified": "2022-04-01T14:04:27.673",
"lastModified": "2023-06-23T19:16:54.907",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -90,11 +90,11 @@
"description": [
{
"lang": "en",
"value": "CWE-209"
"value": "CWE-22"
},
{
"lang": "en",
"value": "CWE-22"
"value": "CWE-863"
}
]
},

14
CVE-2022/CVE-2022-247xx/CVE-2022-24748.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-24748",
"sourceIdentifier": "security-advisories@github.com",
"published": "2022-03-09T23:15:08.373",
"lastModified": "2022-03-17T17:32:46.560",
"lastModified": "2023-06-23T19:17:08.653",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -85,8 +85,18 @@
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",

4
CVE-2022/CVE-2022-247xx/CVE-2022-24768.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-24768",
"sourceIdentifier": "security-advisories@github.com",
"published": "2022-03-23T22:15:13.143",
"lastModified": "2022-04-01T14:01:43.967",
"lastModified": "2023-06-23T18:59:47.923",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -90,7 +90,7 @@
"description": [
{
"lang": "en",
"value": "CWE-269"
"value": "CWE-862"
}
]
},

14
CVE-2022/CVE-2022-248xx/CVE-2022-24813.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-24813",
"sourceIdentifier": "security-advisories@github.com",
"published": "2022-04-04T18:15:07.993",
"lastModified": "2022-04-13T12:23:44.603",
"lastModified": "2023-06-23T19:01:44.610",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -85,8 +85,18 @@
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",

14
CVE-2022/CVE-2022-248xx/CVE-2022-24818.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-24818",
"sourceIdentifier": "security-advisories@github.com",
"published": "2022-04-13T21:15:07.753",
"lastModified": "2022-04-21T18:00:50.807",
"lastModified": "2023-06-23T19:10:04.380",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -85,8 +85,18 @@
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-917"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",

4
CVE-2022/CVE-2022-248xx/CVE-2022-24828.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-24828",
"sourceIdentifier": "security-advisories@github.com",
"published": "2022-04-13T21:15:07.820",
"lastModified": "2022-09-09T16:51:33.383",
"lastModified": "2023-06-23T19:22:47.377",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -90,7 +90,7 @@
"description": [
{
"lang": "en",
"value": "CWE-94"
"value": "CWE-88"
}
]
},

4
CVE-2022/CVE-2022-248xx/CVE-2022-24838.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-24838",
"sourceIdentifier": "security-advisories@github.com",
"published": "2022-04-11T21:15:08.760",
"lastModified": "2022-04-19T15:32:08.713",
"lastModified": "2023-06-23T19:22:09.907",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -90,7 +90,7 @@
"description": [
{
"lang": "en",
"value": "CWE-77"
"value": "CWE-74"
}
]
},

14
CVE-2022/CVE-2022-248xx/CVE-2022-24847.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-24847",
"sourceIdentifier": "security-advisories@github.com",
"published": "2022-04-13T22:15:08.400",
"lastModified": "2022-04-21T18:23:24.500",
"lastModified": "2023-06-23T19:22:04.620",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -85,8 +85,18 @@
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-917"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",

4
CVE-2022/CVE-2022-248xx/CVE-2022-24882.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-24882",
"sourceIdentifier": "security-advisories@github.com",
"published": "2022-04-26T16:15:47.813",
"lastModified": "2022-11-16T19:54:13.070",
"lastModified": "2023-06-23T19:32:51.623",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -90,7 +90,7 @@
"description": [
{
"lang": "en",
"value": "CWE-287"
"value": "NVD-CWE-Other"
}
]
},

8
CVE-2022/CVE-2022-248xx/CVE-2022-24891.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-24891",
"sourceIdentifier": "security-advisories@github.com",
"published": "2022-04-27T21:15:08.523",
"lastModified": "2023-02-23T18:48:03.897",
"lastModified": "2023-06-23T19:33:22.173",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -85,17 +85,17 @@
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
"value": "NVD-CWE-Other"
}
]
},
{
"source": "nvd@nist.gov",
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{

14
CVE-2022/CVE-2022-248xx/CVE-2022-24895.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-24895",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-02-03T22:15:11.273",
"lastModified": "2023-02-15T14:25:50.550",
"lastModified": "2023-06-23T19:39:19.693",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -56,8 +56,18 @@
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-613"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",

4
CVE-2022/CVE-2022-249xx/CVE-2022-24900.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-24900",
"sourceIdentifier": "security-advisories@github.com",
"published": "2022-04-29T14:15:11.377",
"lastModified": "2022-05-10T17:42:27.303",
"lastModified": "2023-06-23T19:35:36.413",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -90,7 +90,7 @@
"description": [
{
"lang": "en",
"value": "CWE-610"
"value": "CWE-668"
}
]
},

10
CVE-2022/CVE-2022-249xx/CVE-2022-24903.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-24903",
"sourceIdentifier": "security-advisories@github.com",
"published": "2022-05-06T00:15:07.873",
"lastModified": "2023-01-20T13:52:27.217",
"lastModified": "2023-06-23T19:43:16.750",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -85,22 +85,22 @@
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
"value": "CWE-1284"
}
]
},
{
"source": "nvd@nist.gov",
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
"value": "CWE-120"
}
]
}

4
CVE-2022/CVE-2022-249xx/CVE-2022-24926.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-24926",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2022-02-11T18:15:12.657",
"lastModified": "2022-02-22T16:48:10.637",
"lastModified": "2023-06-23T18:45:00.747",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -90,7 +90,7 @@
"description": [
{
"lang": "en",
"value": "CWE-20"
"value": "CWE-79"
}
]
},

4
CVE-2022/CVE-2022-249xx/CVE-2022-24930.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-24930",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2022-03-10T17:46:56.017",
"lastModified": "2022-03-17T01:16:10.860",
"lastModified": "2023-06-23T18:36:22.077",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -90,7 +90,7 @@
"description": [
{
"lang": "en",
"value": "CWE-863"
"value": "NVD-CWE-Other"
}
]
},

4
CVE-2022/CVE-2022-249xx/CVE-2022-24931.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-24931",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2022-03-10T17:46:56.907",
"lastModified": "2022-03-17T01:28:47.623",
"lastModified": "2023-06-23T18:40:20.840",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -90,7 +90,7 @@
"description": [
{
"lang": "en",
"value": "CWE-863"
"value": "NVD-CWE-Other"
}
]
},

4
CVE-2022/CVE-2022-24xx/CVE-2022-2458.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-2458",
"sourceIdentifier": "secalert@redhat.com",
"published": "2022-08-10T20:15:36.367",
"lastModified": "2022-08-15T19:36:23.957",
"lastModified": "2023-06-23T18:41:19.240",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -45,7 +45,7 @@
"description": [
{
"lang": "en",
"value": "CWE-91"
"value": "CWE-611"
}
]
},

4
CVE-2022/CVE-2022-251xx/CVE-2022-25151.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-25151",
"sourceIdentifier": "csirt@divd.nl",
"published": "2022-06-09T17:15:08.787",
"lastModified": "2022-06-16T12:45:56.373",
"lastModified": "2023-06-23T18:57:58.710",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -90,7 +90,7 @@
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
"value": "CWE-732"
}
]
},

4
CVE-2022/CVE-2022-251xx/CVE-2022-25168.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-25168",
"sourceIdentifier": "security@apache.org",
"published": "2022-08-04T15:15:08.343",
"lastModified": "2022-10-28T18:33:24.940",
"lastModified": "2023-06-23T18:58:18.473",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -45,7 +45,7 @@
"description": [
{
"lang": "en",
"value": "CWE-88"
"value": "CWE-78"
}
]
},

4
CVE-2022/CVE-2022-255xx/CVE-2022-25597.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-25597",
"sourceIdentifier": "twcert@cert.org.tw",
"published": "2022-04-07T19:15:08.860",
"lastModified": "2022-04-14T20:09:10.477",
"lastModified": "2023-06-23T18:24:28.577",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -90,7 +90,7 @@
"description": [
{
"lang": "en",
"value": "CWE-78"
"value": "NVD-CWE-Other"
}
]
},

4
CVE-2022/CVE-2022-258xx/CVE-2022-25824.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-25824",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2022-03-10T17:47:23.060",
"lastModified": "2022-03-18T16:33:03.393",
"lastModified": "2023-06-23T18:22:41.267",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -90,7 +90,7 @@
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
"value": "NVD-CWE-Other"
}
]
},

4
CVE-2022/CVE-2022-258xx/CVE-2022-25831.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-25831",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2022-04-11T20:15:20.717",
"lastModified": "2022-04-18T17:55:34.327",
"lastModified": "2023-06-23T18:22:59.517",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -90,7 +90,7 @@
"description": [
{
"lang": "en",
"value": "CWE-287"
"value": "NVD-CWE-Other"
}
]
},

12
CVE-2022/CVE-2022-25xx/CVE-2022-2552.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-2552",
"sourceIdentifier": "contact@wpscan.com",
"published": "2022-08-22T15:15:15.373",
"lastModified": "2022-10-27T17:56:48.497",
"lastModified": "2023-06-23T18:24:44.350",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -40,17 +40,21 @@
},
"weaknesses": [
{
"source": "contact@wpscan.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-287"
"value": "CWE-306"
},
{
"lang": "en",
"value": "CWE-862"
}
]
},
{
"source": "nvd@nist.gov",
"source": "contact@wpscan.com",
"type": "Secondary",
"description": [
{

20
CVE-2022/CVE-2022-427xx/CVE-2022-42792.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2022-42792",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:10.507",
"lastModified": "2023-06-23T19:24:47.997",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "This issue was addressed with improved data protection. This issue is fixed in iOS 16.1 and iPadOS 16. An app may be able to read sensitive location information"
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/HT213489",
"source": "product-security@apple.com"
}
]
}

20
CVE-2022/CVE-2022-428xx/CVE-2022-42807.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2022-42807",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:10.553",
"lastModified": "2023-06-23T19:24:47.997",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13. A user may accidentally add a participant to a Shared Album by pressing the Delete key"
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/HT213488",
"source": "product-security@apple.com"
}
]
}

28
CVE-2022/CVE-2022-428xx/CVE-2022-42834.json Normal file
View File

@ -0,0 +1,28 @@
{
"id": "CVE-2022-42834",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:10.597",
"lastModified": "2023-06-23T19:24:47.997",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An access issue was addressed with improved access restrictions. This issue is fixed in macOS Monterey 12.6.3, macOS Ventura 13, macOS Big Sur 11.7.3. An app may be able to access mail folder attachments through a temporary directory used during compression"
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/HT213488",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213603",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213604",
"source": "product-security@apple.com"
}
]
}

28
CVE-2022/CVE-2022-428xx/CVE-2022-42860.json Normal file
View File

@ -0,0 +1,28 @@
{
"id": "CVE-2022-42860",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:10.647",
"lastModified": "2023-06-23T19:24:47.997",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "This issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in macOS Monterey 12.6.1, macOS Big Sur 11.7.1, macOS Ventura 13. An app may be able to modify protected parts of the file system"
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/HT213488",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213493",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213494",
"source": "product-security@apple.com"
}
]
}

416
CVE-2022/CVE-2022-436xx/CVE-2022-43684.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-43684",
"sourceIdentifier": "psirt@servicenow.com",
"published": "2023-06-13T19:15:09.243",
"lastModified": "2023-06-13T21:27:45.680",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-23T19:38:37.433",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "psirt@servicenow.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-668"
}
]
},
{
"source": "psirt@servicenow.com",
"type": "Secondary",
@ -46,10 +76,390 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:quebec:patch_1_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "1B349D86-36DF-46C1-A268-F9C5EBE80223"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:quebec:patch_10:*:*:*:*:*:*",
"matchCriteriaId": "8816E561-8E81-4C30-9C48-7836069202D9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:quebec:patch_10_hotfix_3:*:*:*:*:*:*",
"matchCriteriaId": "F9AB04CB-F83E-4C6B-8F5E-9D317845D56E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:quebec:patch_10_hotfix_3a:*:*:*:*:*:*",
"matchCriteriaId": "68E70794-77D1-4B96-B5B4-7E9624153D56"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:quebec:patch_10_hotfix_3b:*:*:*:*:*:*",
"matchCriteriaId": "408EF715-7549-47B2-8F36-7D7C693C347D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:quebec:patch_10_hotfix_4:*:*:*:*:*:*",
"matchCriteriaId": "0CE44A53-AF6C-488F-9163-7162955D9E21"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:quebec:patch_2:*:*:*:*:*:*",
"matchCriteriaId": "B2B004A9-64C0-4279-AA1E-7CA2C4C9CAC0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:quebec:patch_2_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "9992847C-D46A-4557-8E3E-3E15619C31DD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:quebec:patch_2_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "1DF72944-0771-4867-A9FF-EBAA25787FE4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:quebec:patch_3:*:*:*:*:*:*",
"matchCriteriaId": "6FDDA0D0-5010-4C07-A6C4-D6B2A873E348"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:quebec:patch_4:*:*:*:*:*:*",
"matchCriteriaId": "F3AD962E-FCD3-490E-BD60-587227732B92"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:quebec:patch_4_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "10B1C7D9-E7A6-47FC-94B0-0C73E3C84F6A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:quebec:patch_5:*:*:*:*:*:*",
"matchCriteriaId": "B0FE839F-229A-459C-AEEB-AFE424764B72"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:quebec:patch_6:*:*:*:*:*:*",
"matchCriteriaId": "77BE7B49-D510-4D23-BB2A-A2C0FA31B3E9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:quebec:patch_7:*:*:*:*:*:*",
"matchCriteriaId": "F0D9D4EB-5113-4FC4-B4E1-2E081FE45CF4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:quebec:patch_8:*:*:*:*:*:*",
"matchCriteriaId": "AB5847EE-379F-48CD-AB5C-472582EEC9FB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:quebec:patch_9:*:*:*:*:*:*",
"matchCriteriaId": "29725C9C-F01E-48D0-8AC6-EF4187B53461"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_1:*:*:*:*:*:*",
"matchCriteriaId": "52C8A7D2-F930-4078-9E9D-E48782E46CBD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_1_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "512C81E4-0C27-42EC-AD05-7563B50EF1DD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_1_hotfix_1a:*:*:*:*:*:*",
"matchCriteriaId": "2B403376-993D-404D-B75B-A2B634095DD9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_1_hotfix_1b:*:*:*:*:*:*",
"matchCriteriaId": "A5BBA03C-2A2E-4259-9F8E-99622F6758B7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_1_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "D609B90C-E67E-461A-8756-36E06E265FF0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_1_hotfix_3:*:*:*:*:*:*",
"matchCriteriaId": "2A05F1AF-0E08-4280-A006-A27C917C9E82"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_10:*:*:*:*:*:*",
"matchCriteriaId": "5E3198D2-CC9C-46F7-A366-6C16F3F35439"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_2:*:*:*:*:*:*",
"matchCriteriaId": "EAA82A56-93C2-47DC-92BA-D2EBF0C19EEC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_2_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "B4FEEDD5-F852-49AA-BDF9-869040C7F3C4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_2_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "763B0915-14EF-4405-AAB6-78B185D5744B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_3:*:*:*:*:*:*",
"matchCriteriaId": "B053530E-1CB3-4A86-BD4B-569750776A53"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_3_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "4CF1B2AB-D561-4396-AA99-71FCD55B5D3E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_4:*:*:*:*:*:*",
"matchCriteriaId": "00EE16EE-B759-4BD8-A30B-C952142C860E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_4_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "1F157018-E6F2-45D1-8B54-68C051247798"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_4_hotfix_1a:*:*:*:*:*:*",
"matchCriteriaId": "88603AEF-0EC2-4006-B7F2-E5FFAC8F354C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_4_hotfix_1b:*:*:*:*:*:*",
"matchCriteriaId": "FB5BC2C0-A5CF-455F-A732-E49672B5682E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_5:*:*:*:*:*:*",
"matchCriteriaId": "66E9CCC4-7BC4-4FC2-8B54-B8746A83256C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_5_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "56E7DB16-6ABC-4ED3-99C1-A33914242405"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_5_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "55AC0E29-0F51-4D1D-A5EF-AECD29FAE417"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_6:*:*:*:*:*:*",
"matchCriteriaId": "5DCC0D37-6840-4882-84E1-AE1E83ABF31B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_6_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "CF53F785-2D19-48FB-9D88-9817785E5082"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_6_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "9EAAADE1-5804-44FB-BD9A-881BDA4FE1F0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_7:*:*:*:*:*:*",
"matchCriteriaId": "DC20DB81-AA27-4BE5-9296-2E4E6000F56B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_7_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "DECC9979-3A0B-4F36-85D1-DD539A7D18C9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_7a:*:*:*:*:*:*",
"matchCriteriaId": "563F3D85-A23A-453F-9932-3044F8B5566C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_7b:*:*:*:*:*:*",
"matchCriteriaId": "3C770579-EDDC-4F46-8288-33A13289A8A4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_8:*:*:*:*:*:*",
"matchCriteriaId": "78447698-90FF-4010-BF0B-3294E2EBB69B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_8_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "A32EF135-C229-49B1-8766-1ED6066C7CC8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_8_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "22E5BA6F-6C66-4589-8AA9-C76776DCFCCB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_9:*:*:*:*:*:*",
"matchCriteriaId": "AE93BECE-CC4A-400A-9322-5E61DA5E6A75"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_9_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "38D3CF30-CAC5-49B1-B527-9C9D24C28A54"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_9a:*:*:*:*:*:*",
"matchCriteriaId": "8C48A10D-0295-4023-AB20-0BE4D8AA582A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_9b:*:*:*:*:*:*",
"matchCriteriaId": "0F42AF52-C388-44BB-B328-5E77CF9E4622"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_1:*:*:*:*:*:*",
"matchCriteriaId": "71A44062-D94F-4246-A218-33AD4C43C7FF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_1_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "6A4ABAF4-C84B-4E7B-A156-24640B7D56EE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_1_hotfix_1a:*:*:*:*:*:*",
"matchCriteriaId": "2855AE65-1B96-4537-BB6E-7659114955EA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_1_hotfix_1b:*:*:*:*:*:*",
"matchCriteriaId": "63725CBE-34A5-4B9E-BA8E-32E66B89C646"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_10_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "9F249B02-DB97-4AFB-A786-AA685AA4E50B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_10_hotfix_1a:*:*:*:*:*:*",
"matchCriteriaId": "C143A667-EBF1-4F6D-AB21-833B184FBFF8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_10_hotfix_1b:*:*:*:*:*:*",
"matchCriteriaId": "CD9C6C64-E92C-45A8-BC0C-71DE31F70D34"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_10_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "0C7C2818-6225-4652-B066-A11BD45D4608"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_10_hotfix_2b:*:*:*:*:*:*",
"matchCriteriaId": "C46E8D6C-A65F-473B-AFCD-B16EA09023AB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_2:*:*:*:*:*:*",
"matchCriteriaId": "8B2DC45C-17A0-4D92-AB29-3497DA43707E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_2_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "F2822278-2089-4F78-86EE-D63A9516B5A5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_3:*:*:*:*:*:*",
"matchCriteriaId": "49444E5E-0AB7-4083-8663-089955134AA7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_3_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "8B5E2C3D-F838-48E0-8135-455AF964221D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_3_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "2494C288-83E1-48DF-9661-540B26C9137E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_3_hotfix_3:*:*:*:*:*:*",
"matchCriteriaId": "815997A7-39CB-4C78-B776-54DECE294AA1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_3_hotfix_4:*:*:*:*:*:*",
"matchCriteriaId": "DE7FDD4B-163B-462A-A80C-454F5040FF90"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_4:*:*:*:*:*:*",
"matchCriteriaId": "FB55D9E6-FD9C-48A8-800D-10C665120792"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_4a:*:*:*:*:*:*",
"matchCriteriaId": "D481F300-EDF4-4E22-B865-F3AAFCE27692"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_4b:*:*:*:*:*:*",
"matchCriteriaId": "311B0413-3771-4CAF-9A14-0726B2923A76"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_5:*:*:*:*:*:*",
"matchCriteriaId": "E74913AB-25EE-4F18-B2FA-5C261D7ADE25"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_6:*:*:*:*:*:*",
"matchCriteriaId": "5C99222F-B676-471F-8E44-707024B2B097"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:-:*:*:*:*:*:*",
"matchCriteriaId": "4332BE18-DA60-4921-A9DF-C434AB32839B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:-:*:*:*:*:*:*",
"matchCriteriaId": "69E0078E-1953-4F4F-9D5A-B1A140C4B310"
}
]
}
]
}
],
"references": [
{
"url": "https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1303489",
"source": "psirt@servicenow.com"
"source": "psirt@servicenow.com",
"tags": [
"Vendor Advisory"
]
}
]
}

4
CVE-2022/CVE-2022-445xx/CVE-2022-44566.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-44566",
"sourceIdentifier": "support@hackerone.com",
"published": "2023-02-09T20:15:11.017",
"lastModified": "2023-02-16T20:22:06.907",
"lastModified": "2023-06-23T18:29:30.760",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -41,7 +41,7 @@
"description": [
{
"lang": "en",
"value": "CWE-400"
"value": "NVD-CWE-Other"
}
]
},

4
CVE-2022/CVE-2022-445xx/CVE-2022-44570.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-44570",
"sourceIdentifier": "support@hackerone.com",
"published": "2023-02-09T20:15:11.090",
"lastModified": "2023-02-17T16:33:04.063",
"lastModified": "2023-06-23T18:30:05.373",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -41,7 +41,7 @@
"description": [
{
"lang": "en",
"value": "CWE-400"
"value": "CWE-1333"
}
]
},

20
CVE-2022/CVE-2022-467xx/CVE-2022-46715.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2022-46715",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:10.697",
"lastModified": "2023-06-23T19:24:47.997",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A logic issue was addressed with improved checks. This issue is fixed in iOS 16.1 and iPadOS 16. An app may be able to bypass certain Privacy preferences"
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/HT213489",
"source": "product-security@apple.com"
}
]
}

32
CVE-2022/CVE-2022-467xx/CVE-2022-46718.json Normal file
View File

@ -0,0 +1,32 @@
{
"id": "CVE-2022-46718",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:10.743",
"lastModified": "2023-06-23T19:24:47.997",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A logic issue was addressed with improved restrictions. This issue is fixed in iOS 15.7.2 and iPadOS 15.7.2, macOS Ventura 13.1, macOS Big Sur 11.7.2, macOS Monterey 12.6.2. An app may be able to read sensitive location information"
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/HT213531",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213532",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213533",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213534",
"source": "product-security@apple.com"
}
]
}

28
CVE-2023/CVE-2023-235xx/CVE-2023-23516.json Normal file
View File

@ -0,0 +1,28 @@
{
"id": "CVE-2023-23516",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:10.797",
"lastModified": "2023-06-23T19:24:47.997",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.6.3, macOS Big Sur 11.7.3, macOS Ventura 13.2. An app may be able to execute arbitrary code with kernel privileges"
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/HT213603",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213604",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213605",
"source": "product-security@apple.com"
}
]
}

20
CVE-2023/CVE-2023-235xx/CVE-2023-23539.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-23539",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:10.843",
"lastModified": "2023-06-23T19:24:47.997",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2. Mounting a maliciously crafted Samba network share may lead to arbitrary code execution"
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/HT213605",
"source": "product-security@apple.com"
}
]
}

74
CVE-2023/CVE-2023-244xx/CVE-2023-24469.json
View File

@ -2,27 +2,89 @@
"id": "CVE-2023-24469",
"sourceIdentifier": "security@opentext.com",
"published": "2023-06-13T22:15:09.317",
"lastModified": "2023-06-15T19:15:10.483",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-23T19:28:17.867",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Potential Cross-Site Scripting in ArcSight Logger versions prior to 7.3.0"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microfocus:arcsight_logger:*:*:*:*:*:*:*:*",
"versionEndIncluding": "7.3.0",
"matchCriteriaId": "4C8F5467-FB16-4E3C-9D26-70937C1E511E"
}
]
}
]
}
],
"references": [
{
"url": "https://portal.microfocus.com/s/article/KM000018224?language=en_US,",
"source": "security@opentext.com"
"source": "security@opentext.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.microfocus.com/documentation/arcsight/logger-7.3/logger-7.3-release-notes/",
"source": "security@opentext.com"
"source": "security@opentext.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://www.microfocus.com/support/downloads/",
"source": "security@opentext.com"
"source": "security@opentext.com",
"tags": [
"Not Applicable"
]
}
]
}

74
CVE-2023/CVE-2023-244xx/CVE-2023-24470.json
View File

@ -2,27 +2,89 @@
"id": "CVE-2023-24470",
"sourceIdentifier": "security@opentext.com",
"published": "2023-06-13T23:15:08.937",
"lastModified": "2023-06-14T03:37:44.217",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-23T19:23:32.700",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Potential XML External Entity Injection in ArcSight Logger versions prior to 7.3.0."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-611"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microfocus:arcsight_logger:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.3.0",
"matchCriteriaId": "2CD67067-7EA5-42E2-ACFC-C60145650DE7"
}
]
}
]
}
],
"references": [
{
"url": "https://portal.microfocus.com/s/article/KM000018224?language=en_US",
"source": "security@opentext.com"
"source": "security@opentext.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.microfocus.com/documentation/arcsight/logger-7.3/logger-7.3-release-notes/",
"source": "security@opentext.com"
"source": "security@opentext.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://www.microfocus.com/support/downloads/,",
"source": "security@opentext.com"
"source": "security@opentext.com",
"tags": [
"Broken Link"
]
}
]
}

20
CVE-2023/CVE-2023-250xx/CVE-2023-25003.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-25003",
"sourceIdentifier": "psirt@autodesk.com",
"published": "2023-06-23T19:15:08.983",
"lastModified": "2023-06-23T19:24:31.607",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A maliciously crafted pskernel.dll file in Autodesk AutoCAD 2023 and Maya 2022 may be used to trigger out-of-bound read write / read vulnerabilities. Exploitation of this vulnerability may lead to code execution."
}
],
"metrics": {},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009",
"source": "psirt@autodesk.com"
}
]
}

55
CVE-2023/CVE-2023-255xx/CVE-2023-25515.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-25515",
"sourceIdentifier": "psirt@nvidia.com",
"published": "2023-06-23T18:15:10.887",
"lastModified": "2023-06-23T19:24:47.997",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "\nNVIDIA Jetson contains a vulnerability in CBoot, where the PCIe controller is initialized without IOMMU, which may allow an attacker with physical access to the target device to read and write to arbitrary memory. A successful exploit of this vulnerability may lead to code execution, denial of service, information disclosure, and loss of integrity. \n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@nvidia.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "PHYSICAL",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 0.5,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "psirt@nvidia.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-923"
}
]
}
],
"references": [
{
"url": "https://https://nvidia.custhelp.com/app/answers/detail/a_id/5466",
"source": "psirt@nvidia.com"
}
]
}

55
CVE-2023/CVE-2023-255xx/CVE-2023-25518.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-25518",
"sourceIdentifier": "psirt@nvidia.com",
"published": "2023-06-23T18:15:10.970",
"lastModified": "2023-06-23T19:24:43.457",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "\nNVIDIA Jetson contains a vulnerability in CBoot, where the PCIe controller is initialized without IOMMU, which may allow an attacker with physical access to the target device to read and write to arbitrary memory. A successful exploit of this vulnerability may lead to code execution, denial of service, information disclosure, and loss of integrity. \n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@nvidia.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "PHYSICAL",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 0.5,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "psirt@nvidia.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-923"
}
]
}
],
"references": [
{
"url": "https://https://nvidia.custhelp.com/app/answers/detail/a_id/5466",
"source": "psirt@nvidia.com"
}
]
}

55
CVE-2023/CVE-2023-255xx/CVE-2023-25520.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-25520",
"sourceIdentifier": "psirt@nvidia.com",
"published": "2023-06-23T18:15:11.033",
"lastModified": "2023-06-23T19:24:43.457",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "\nNVIDIA Jetson Linux Driver Package contains a vulnerability in nvbootctrl, where a privileged local attacker can configure invalid settings, resulting in denial of service.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@nvidia.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 4.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "psirt@nvidia.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"references": [
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5466",
"source": "psirt@nvidia.com"
}
]
}

47
CVE-2023/CVE-2023-265xx/CVE-2023-26515.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-26515",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-06-16T11:15:08.850",
"lastModified": "2023-06-16T12:47:13.233",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-23T19:33:57.187",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:simple_slug_translate_project:simple_slug_translate:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.7.3",
"matchCriteriaId": "61953FD3-A906-431B-8833-65D5DD89A6F3"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/simple-slug-translate/wordpress-simple-slug-translate-plugin-2-7-2-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-265xx/CVE-2023-26541.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-26541",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-06-16T09:15:09.653",
"lastModified": "2023-06-16T12:47:18.707",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-23T19:00:12.567",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:asmember_project:asmember:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.5.4",
"matchCriteriaId": "A048B592-7FD4-4375-810D-1110CCD78A6A"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/asmember/wordpress-asmember-plugin-1-5-4-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

32
CVE-2023/CVE-2023-279xx/CVE-2023-27930.json Normal file
View File

@ -0,0 +1,32 @@
{
"id": "CVE-2023-27930",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:11.097",
"lastModified": "2023-06-23T19:24:43.457",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A type confusion issue was addressed with improved checks. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, watchOS 9.5, tvOS 16.5. An app may be able to execute arbitrary code with kernel privileges"
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/HT213757",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213758",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213761",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213764",
"source": "product-security@apple.com"
}
]
}

28
CVE-2023/CVE-2023-279xx/CVE-2023-27940.json Normal file
View File

@ -0,0 +1,28 @@
{
"id": "CVE-2023-27940",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:11.147",
"lastModified": "2023-06-23T19:24:43.457",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "The issue was addressed with additional permissions checks. This issue is fixed in macOS Ventura 13.4, iOS 15.7.6 and iPadOS 15.7.6, macOS Monterey 12.6.6. A sandboxed app may be able to observe system-wide network connections"
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/HT213758",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213759",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213765",
"source": "product-security@apple.com"
}
]
}

20
CVE-2023/CVE-2023-279xx/CVE-2023-27964.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-27964",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:11.197",
"lastModified": "2023-06-23T19:24:43.457",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An authentication issue was addressed with improved state management. This issue is fixed in AirPods Firmware Update 5E133. When your headphones are seeking a connection request to one of your previously paired devices, an attacker in Bluetooth range might be able to spoof the intended source device and gain access to your headphones."
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/HT213752",
"source": "product-security@apple.com"
}
]
}

70
CVE-2023/CVE-2023-27xx/CVE-2023-2784.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2784",
"sourceIdentifier": "responsibledisclosure@mattermost.com",
"published": "2023-06-16T09:15:09.787",
"lastModified": "2023-06-16T12:47:13.233",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-23T19:38:31.707",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "responsibledisclosure@mattermost.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
},
{
"source": "responsibledisclosure@mattermost.com",
"type": "Secondary",
@ -46,10 +76,44 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.8.0",
"versionEndIncluding": "7.8.4",
"matchCriteriaId": "970C833F-3F25-43E1-B7AE-717BF35F998F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.9.0",
"versionEndIncluding": "7.9.3",
"matchCriteriaId": "EB584691-CB58-4D9A-B475-4078ED1984F3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mattermost:mattermost:7.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "980D0FB9-D2FF-4C31-BC92-07073A8F4BB3"
}
]
}
]
}
],
"references": [
{
"url": "https://mattermost.com/security-updates",
"source": "responsibledisclosure@mattermost.com"
"source": "responsibledisclosure@mattermost.com",
"tags": [
"Vendor Advisory"
]
}
]
}

40
CVE-2023/CVE-2023-281xx/CVE-2023-28191.json Normal file
View File

@ -0,0 +1,40 @@
{
"id": "CVE-2023-28191",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:11.240",
"lastModified": "2023-06-23T19:24:43.457",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in watchOS 9.5, macOS Ventura 13.4, tvOS 16.5, iOS 16.5 and iPadOS 16.5, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. An app may be able to bypass Privacy preferences"
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/HT213757",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213758",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213759",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213760",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213761",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213764",
"source": "product-security@apple.com"
}
]
}

32
CVE-2023/CVE-2023-282xx/CVE-2023-28202.json Normal file
View File

@ -0,0 +1,32 @@
{
"id": "CVE-2023-28202",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:11.290",
"lastModified": "2023-06-23T19:24:43.457",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "This issue was addressed with improved state management. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, watchOS 9.5, tvOS 16.5. An app firewall setting may not take effect after exiting the Settings app"
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/HT213757",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213758",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213761",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213764",
"source": "product-security@apple.com"
}
]
}

40
CVE-2023/CVE-2023-282xx/CVE-2023-28204.json Normal file
View File

@ -0,0 +1,40 @@
{
"id": "CVE-2023-28204",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:11.333",
"lastModified": "2023-06-23T19:24:43.457",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in watchOS 9.5, iOS 15.7.6 and iPadOS 15.7.6, macOS Ventura 13.4, Safari 16.5, tvOS 16.5, iOS 16.5 and iPadOS 16.5. Processing web content may disclose sensitive information. Apple is aware of a report that this issue may have been actively exploited."
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/HT213757",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213758",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213761",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213762",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213764",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213765",
"source": "product-security@apple.com"
}
]
}

57
CVE-2023/CVE-2023-28xx/CVE-2023-2807.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2807",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2023-06-13T12:15:09.380",
"lastModified": "2023-06-13T13:00:37.647",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-23T19:49:50.537",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-290"
}
]
},
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
@ -46,10 +76,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pandorafms:pandora_fms:*:*:*:*:*:*:*:*",
"versionEndExcluding": "772",
"matchCriteriaId": "A93BD4B6-4029-451C-B6C9-A095794B14CE"
}
]
}
]
}
],
"references": [
{
"url": "https://pandorafms.com/en/security/common-vulnerabilities-and-exposures/",
"source": "cve-coordination@incibe.es"
"source": "cve-coordination@incibe.es",
"tags": [
"Vendor Advisory"
]
}
]
}

85
CVE-2023/CVE-2023-295xx/CVE-2023-29501.json
View File

@ -2,31 +2,102 @@
"id": "CVE-2023-29501",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2023-06-13T10:15:10.250",
"lastModified": "2023-06-13T13:00:37.647",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-23T19:34:28.727",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Jiyu Kukan Toku-Toku coupon App for iOS versions 3.5.0 and earlier, and Jiyu Kukan Toku-Toku coupon App for Android versions 3.5.0 and earlier are vulnerable to improper server certificate verification. If this vulnerability is exploited, a man-in-the-middle attack may allow an attacker to eavesdrop on an encrypted communication."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.2,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-295"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:runsystem:jiyu_kukan_toku-toku_coupon:*:*:*:*:*:android:*:*",
"versionEndIncluding": "3.5.0",
"matchCriteriaId": "2DEC31D6-A0B2-4ED8-9C07-C2F6915B55B0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:runsystem:jiyu_kukan_toku-toku_coupon:*:*:*:*:*:iphone_os:*:*",
"versionEndIncluding": "3.5.0",
"matchCriteriaId": "A195E9E8-A166-4BAC-B12D-03AA53AEC323"
}
]
}
]
}
],
"references": [
{
"url": "https://apps.apple.com/jp/app/%E8%87%AA%E9%81%8A%E7%A9%BA%E9%96%93%E3%81%A8%E3%81%8F%E3%81%A8%E3%81%8F%E3%82%AF%E3%83%BC%E3%83%9D%E3%83%B3/id608149604",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Product"
]
},
{
"url": "https://jvn.jp/en/jp/JVN33836375/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://play.google.com/store/apps/details?id=jp.runsystem",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Product"
]
},
{
"url": "https://www.runsystem.co.jp/g1-pr/17570",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Vendor Advisory"
]
}
]
}

73
CVE-2023/CVE-2023-314xx/CVE-2023-31437.json
View File

@ -2,27 +2,88 @@
"id": "CVE-2023-31437",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-13T17:15:14.657",
"lastModified": "2023-06-14T12:15:09.497",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-23T19:16:38.727",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "** DISPUTED ** An issue was discovered in systemd 253. An attacker can modify a sealed log file such that, in some views, not all existing and sealed log messages are displayed. NOTE: the vendor reportedly sent \"a reply denying that any of the finding was a security vulnerability.\""
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-354"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:systemd_project:systemd:253:-:*:*:*:*:*:*",
"matchCriteriaId": "733DE777-9802-4CB6-8B03-6B6295BCE29D"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/kastel-security/Journald",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Technical Description"
]
},
{
"url": "https://github.com/systemd/systemd/releases",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Release Notes"
]
}
]
}

73
CVE-2023/CVE-2023-314xx/CVE-2023-31438.json
View File

@ -2,27 +2,88 @@
"id": "CVE-2023-31438",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-13T17:15:14.707",
"lastModified": "2023-06-14T12:15:09.553",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-23T19:16:18.397",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "** DISPUTED ** An issue was discovered in systemd 253. An attacker can truncate a sealed log file and then resume log sealing such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent \"a reply denying that any of the finding was a security vulnerability.\""
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-354"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:systemd_project:systemd:253:-:*:*:*:*:*:*",
"matchCriteriaId": "733DE777-9802-4CB6-8B03-6B6295BCE29D"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/kastel-security/Journald",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Technical Description"
]
},
{
"url": "https://github.com/systemd/systemd/releases",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Release Notes"
]
}
]
}

74
CVE-2023/CVE-2023-314xx/CVE-2023-31439.json
View File

@ -2,27 +2,89 @@
"id": "CVE-2023-31439",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-13T17:15:14.753",
"lastModified": "2023-06-14T12:15:09.597",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-23T19:15:39.693",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "** DISPUTED ** An issue was discovered in systemd 253. An attacker can modify the contents of past events in a sealed log file and then adjust the file such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent \"a reply denying that any of the finding was a security vulnerability.\""
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-354"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:systemd_project:systemd:253:-:*:*:*:*:*:*",
"matchCriteriaId": "733DE777-9802-4CB6-8B03-6B6295BCE29D"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/kastel-security/Journald",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
]
},
{
"url": "https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Technical Description"
]
},
{
"url": "https://github.com/systemd/systemd/releases",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Release Notes"
]
}
]
}

122
CVE-2023/CVE-2023-319xx/CVE-2023-31975.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-31975",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-09T13:15:18.590",
"lastModified": "2023-06-23T15:15:09.137",
"vulnStatus": "Modified",
"lastModified": "2023-06-23T18:49:42.833",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -17,20 +17,20 @@
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
@ -55,8 +55,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tortall:yasm:1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1453CF78-5025-49BF-A1A6-C62F948B5735"
"criteria": "cpe:2.3:a:yasm_project:yasm:1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AD6556F7-3880-452A-ABA9-1A8A14BA41F3"
}
]
}
@ -66,67 +66,131 @@
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2023/06/20/6",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/06/21/10",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/06/21/13",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/06/21/2",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/06/21/5",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/06/21/7",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/06/21/8",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/06/21/9",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/06/22/1",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/06/22/3",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/06/22/6",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/06/23/1",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/06/23/2",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/06/23/4",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/06/23/8",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/06/23/9",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://github.com/yasm/yasm/issues/210",

20
CVE-2023/CVE-2023-323xx/CVE-2023-32351.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-32351",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:11.383",
"lastModified": "2023-06-23T19:24:43.457",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A logic issue was addressed with improved checks. This issue is fixed in iTunes 12.12.9 for Windows. An app may be able to gain elevated privileges"
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/HT213763",
"source": "product-security@apple.com"
}
]
}

36
CVE-2023/CVE-2023-323xx/CVE-2023-32352.json Normal file
View File

@ -0,0 +1,36 @@
{
"id": "CVE-2023-32352",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:11.427",
"lastModified": "2023-06-23T19:24:43.457",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A logic issue was addressed with improved checks. This issue is fixed in watchOS 9.5, macOS Ventura 13.4, iOS 16.5 and iPadOS 16.5, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. An app may bypass Gatekeeper checks"
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/HT213757",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213758",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213759",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213760",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213764",
"source": "product-security@apple.com"
}
]
}

20
CVE-2023/CVE-2023-323xx/CVE-2023-32353.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-32353",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:11.470",
"lastModified": "2023-06-23T19:24:43.457",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A logic issue was addressed with improved checks. This issue is fixed in iTunes 12.12.9 for Windows. An app may be able to elevate privileges"
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/HT213763",
"source": "product-security@apple.com"
}
]
}

28
CVE-2023/CVE-2023-323xx/CVE-2023-32354.json Normal file
View File

@ -0,0 +1,28 @@
{
"id": "CVE-2023-32354",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:11.513",
"lastModified": "2023-06-23T19:24:43.457",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 16.5 and iPadOS 16.5, watchOS 9.5, tvOS 16.5. An app may be able to disclose kernel memory"
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/HT213757",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213761",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213764",
"source": "product-security@apple.com"
}
]
}

28
CVE-2023/CVE-2023-323xx/CVE-2023-32355.json Normal file
View File

@ -0,0 +1,28 @@
{
"id": "CVE-2023-32355",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:11.553",
"lastModified": "2023-06-23T19:24:43.457",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.4, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. An app may be able to modify protected parts of the file system"
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/HT213758",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213759",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213760",
"source": "product-security@apple.com"
}
]
}

40
CVE-2023/CVE-2023-323xx/CVE-2023-32357.json Normal file
View File

@ -0,0 +1,40 @@
{
"id": "CVE-2023-32357",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:11.600",
"lastModified": "2023-06-23T19:24:43.457",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An authorization issue was addressed with improved state management. This issue is fixed in watchOS 9.5, macOS Ventura 13.4, tvOS 16.5, iOS 16.5 and iPadOS 16.5, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. An app may be able to retain access to system configuration files even after its permission is revoked"
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/HT213757",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213758",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213759",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213760",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213761",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213764",
"source": "product-security@apple.com"
}
]
}

28
CVE-2023/CVE-2023-323xx/CVE-2023-32360.json Normal file
View File

@ -0,0 +1,28 @@
{
"id": "CVE-2023-32360",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:11.647",
"lastModified": "2023-06-23T19:24:43.457",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An authentication issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.4, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. An unauthenticated user may be able to access recently printed documents"
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/HT213758",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213759",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213760",
"source": "product-security@apple.com"
}
]
}

20
CVE-2023/CVE-2023-323xx/CVE-2023-32363.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-32363",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:11.693",
"lastModified": "2023-06-23T19:24:43.457",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A permissions issue was addressed by removing vulnerable code and adding additional checks. This issue is fixed in macOS Ventura 13.4. An app may be able to bypass Privacy preferences"
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/HT213758",
"source": "product-security@apple.com"
}
]
}

24
CVE-2023/CVE-2023-323xx/CVE-2023-32365.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-32365",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:11.733",
"lastModified": "2023-06-23T19:24:43.457",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "The issue was addressed with improved checks. This issue is fixed in iOS 16.5 and iPadOS 16.5, iOS 15.7.6 and iPadOS 15.7.6. Shake-to-undo may allow a deleted photo to be re-surfaced without authentication"
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/HT213757",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213765",
"source": "product-security@apple.com"
}
]
}

24
CVE-2023/CVE-2023-323xx/CVE-2023-32367.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-32367",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:11.777",
"lastModified": "2023-06-23T19:24:43.457",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "This issue was addressed with improved entitlements. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4. An app may be able to access user-sensitive data"
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/HT213757",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213758",
"source": "product-security@apple.com"
}
]
}

36
CVE-2023/CVE-2023-323xx/CVE-2023-32368.json Normal file
View File

@ -0,0 +1,36 @@
{
"id": "CVE-2023-32368",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:11.823",
"lastModified": "2023-06-23T19:24:43.457",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in watchOS 9.5, macOS Ventura 13.4, tvOS 16.5, iOS 16.5 and iPadOS 16.5, macOS Monterey 12.6.6. Processing a 3D model may result in disclosure of process memory"
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/HT213757",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213758",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213759",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213761",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213764",
"source": "product-security@apple.com"
}
]
}

28
CVE-2023/CVE-2023-323xx/CVE-2023-32369.json Normal file
View File

@ -0,0 +1,28 @@
{
"id": "CVE-2023-32369",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:11.870",
"lastModified": "2023-06-23T19:24:43.457",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
"lang": "en",
"value": "A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.4, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. An app may be able to modify protected parts of the file system"
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/HT213758",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213759",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213760",
"source": "product-security@apple.com"
}
]
}

24
CVE-2023/CVE-2023-323xx/CVE-2023-32371.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-32371",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:11.917",
"lastModified": "2023-06-23T19:24:39.577",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "The issue was addressed with improved checks. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4. An app may be able to break out of its sandbox"
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/HT213757",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213758",
"source": "product-security@apple.com"
}
]
}

32
CVE-2023/CVE-2023-323xx/CVE-2023-32372.json Normal file
View File

@ -0,0 +1,32 @@
{
"id": "CVE-2023-32372",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:11.963",
"lastModified": "2023-06-23T19:24:39.577",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, watchOS 9.5, tvOS 16.5. Processing an image may result in disclosure of process memory"
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/HT213757",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213758",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213761",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213764",
"source": "product-security@apple.com"
}
]
}

40
CVE-2023/CVE-2023-323xx/CVE-2023-32373.json Normal file
View File

@ -0,0 +1,40 @@
{
"id": "CVE-2023-32373",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:12.007",
"lastModified": "2023-06-23T19:24:39.577",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A use-after-free issue was addressed with improved memory management. This issue is fixed in watchOS 9.5, iOS 15.7.6 and iPadOS 15.7.6, macOS Ventura 13.4, Safari 16.5, tvOS 16.5, iOS 16.5 and iPadOS 16.5. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited."
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/HT213757",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213758",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213761",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213762",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213764",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213765",
"source": "product-security@apple.com"
}
]
}

24
CVE-2023/CVE-2023-323xx/CVE-2023-32375.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-32375",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:12.050",
"lastModified": "2023-06-23T19:24:39.577",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.4, macOS Monterey 12.6.6. Processing a 3D model may result in disclosure of process memory"
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/HT213758",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213759",
"source": "product-security@apple.com"
}
]
}

32
CVE-2023/CVE-2023-323xx/CVE-2023-32376.json Normal file
View File

@ -0,0 +1,32 @@
{
"id": "CVE-2023-32376",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:12.097",
"lastModified": "2023-06-23T19:24:39.577",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "This issue was addressed with improved entitlements. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, watchOS 9.5, tvOS 16.5. An app may be able to modify protected parts of the file system"
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/HT213757",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213758",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213761",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213764",
"source": "product-security@apple.com"
}
]
}

28
CVE-2023/CVE-2023-323xx/CVE-2023-32380.json Normal file
View File

@ -0,0 +1,28 @@
{
"id": "CVE-2023-32380",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:12.140",
"lastModified": "2023-06-23T19:24:39.577",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Ventura 13.4, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. Processing a 3D model may lead to arbitrary code execution"
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/HT213758",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213759",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213760",
"source": "product-security@apple.com"
}
]
}

28
CVE-2023/CVE-2023-323xx/CVE-2023-32382.json Normal file
View File

@ -0,0 +1,28 @@
{
"id": "CVE-2023-32382",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:12.190",
"lastModified": "2023-06-23T19:24:39.577",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.4, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. Processing a 3D model may result in disclosure of process memory"
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/HT213758",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213759",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213760",
"source": "product-security@apple.com"
}
]
}

44
CVE-2023/CVE-2023-323xx/CVE-2023-32384.json Normal file
View File

@ -0,0 +1,44 @@
{
"id": "CVE-2023-32384",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:12.237",
"lastModified": "2023-06-23T19:24:39.577",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow was addressed with improved bounds checking. This issue is fixed in watchOS 9.5, iOS 15.7.6 and iPadOS 15.7.6, macOS Ventura 13.4, tvOS 16.5, iOS 16.5 and iPadOS 16.5, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. Processing an image may lead to arbitrary code execution"
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/HT213757",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213758",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213759",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213760",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213761",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213764",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213765",
"source": "product-security@apple.com"
}
]
}

24
CVE-2023/CVE-2023-323xx/CVE-2023-32385.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-32385",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:12.283",
"lastModified": "2023-06-23T19:24:39.577",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A denial-of-service issue was addressed with improved memory handling. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4. Opening a PDF file may lead to unexpected app termination"
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/HT213757",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213758",
"source": "product-security@apple.com"
}
]
}

28
CVE-2023/CVE-2023-323xx/CVE-2023-32386.json Normal file
View File

@ -0,0 +1,28 @@
{
"id": "CVE-2023-32386",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:12.333",
"lastModified": "2023-06-23T19:24:39.577",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Ventura 13.4, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. An app may be able to observe unprotected user data"
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/HT213758",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213759",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213760",
"source": "product-security@apple.com"
}
]
}

28
CVE-2023/CVE-2023-323xx/CVE-2023-32387.json Normal file
View File

@ -0,0 +1,28 @@
{
"id": "CVE-2023-32387",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:12.373",
"lastModified": "2023-06-23T19:24:39.577",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13.4, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. A remote attacker may be able to cause unexpected app termination or arbitrary code execution"
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/HT213758",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213759",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213760",
"source": "product-security@apple.com"
}
]
}

40
CVE-2023/CVE-2023-323xx/CVE-2023-32388.json Normal file
View File

@ -0,0 +1,40 @@
{
"id": "CVE-2023-32388",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:12.417",
"lastModified": "2023-06-23T19:24:39.577",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in watchOS 9.5, iOS 15.7.6 and iPadOS 15.7.6, macOS Ventura 13.4, iOS 16.5 and iPadOS 16.5, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. An app may be able to bypass Privacy preferences"
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/HT213757",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213758",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213759",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213760",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213764",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213765",
"source": "product-security@apple.com"
}
]
}

32
CVE-2023/CVE-2023-323xx/CVE-2023-32389.json Normal file
View File

@ -0,0 +1,32 @@
{
"id": "CVE-2023-32389",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:12.467",
"lastModified": "2023-06-23T19:24:39.577",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, watchOS 9.5, tvOS 16.5. An app may be able to disclose kernel memory"
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/HT213757",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213758",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213761",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213764",
"source": "product-security@apple.com"
}
]
}

28
CVE-2023/CVE-2023-323xx/CVE-2023-32390.json Normal file
View File

@ -0,0 +1,28 @@
{
"id": "CVE-2023-32390",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:12.510",
"lastModified": "2023-06-23T19:24:39.577",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "The issue was addressed with improved checks. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, watchOS 9.5. Photos belonging to the Hidden Photos Album could be viewed without authentication through Visual Lookup"
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/HT213757",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213758",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213764",
"source": "product-security@apple.com"
}
]
}

32
CVE-2023/CVE-2023-323xx/CVE-2023-32391.json Normal file
View File

@ -0,0 +1,32 @@
{
"id": "CVE-2023-32391",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:12.557",
"lastModified": "2023-06-23T19:24:39.577",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "The issue was addressed with improved checks. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, watchOS 9.5, iOS 15.7.6 and iPadOS 15.7.6. A shortcut may be able to use sensitive data with certain actions without prompting the user"
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/HT213757",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213758",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213764",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213765",
"source": "product-security@apple.com"
}
]
}

40
CVE-2023/CVE-2023-323xx/CVE-2023-32392.json Normal file
View File

@ -0,0 +1,40 @@
{
"id": "CVE-2023-32392",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:12.607",
"lastModified": "2023-06-23T19:24:39.577",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in watchOS 9.5, macOS Ventura 13.4, tvOS 16.5, iOS 16.5 and iPadOS 16.5, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. An app may be able to read sensitive location information"
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/HT213757",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213758",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213759",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213760",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213761",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213764",
"source": "product-security@apple.com"
}
]
}

32
CVE-2023/CVE-2023-323xx/CVE-2023-32394.json Normal file
View File

@ -0,0 +1,32 @@
{
"id": "CVE-2023-32394",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:12.657",
"lastModified": "2023-06-23T19:24:39.577",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "The issue was addressed with improved checks. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, watchOS 9.5, tvOS 16.5. A person with physical access to a device may be able to view contact information from the lock screen"
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/HT213757",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213758",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213761",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213764",
"source": "product-security@apple.com"
}
]
}

28
CVE-2023/CVE-2023-323xx/CVE-2023-32395.json Normal file
View File

@ -0,0 +1,28 @@
{
"id": "CVE-2023-32395",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:12.703",
"lastModified": "2023-06-23T19:24:39.577",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.4, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. An app may be able to modify protected parts of the file system"
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/HT213758",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213759",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213760",
"source": "product-security@apple.com"
}
]
}

32
CVE-2023/CVE-2023-323xx/CVE-2023-32397.json Normal file
View File

@ -0,0 +1,32 @@
{
"id": "CVE-2023-32397",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:12.743",
"lastModified": "2023-06-23T19:24:39.577",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.4, macOS Big Sur 11.7.7, iOS 15.7.6 and iPadOS 15.7.6, macOS Monterey 12.6.6. An app may be able to modify protected parts of the file system"
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/HT213758",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213759",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213760",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213765",
"source": "product-security@apple.com"
}
]
}

44
CVE-2023/CVE-2023-323xx/CVE-2023-32398.json Normal file
View File

@ -0,0 +1,44 @@
{
"id": "CVE-2023-32398",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:12.783",
"lastModified": "2023-06-23T19:24:39.577",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A use-after-free issue was addressed with improved memory management. This issue is fixed in watchOS 9.5, iOS 15.7.6 and iPadOS 15.7.6, macOS Ventura 13.4, tvOS 16.5, iOS 16.5 and iPadOS 16.5, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. An app may be able to execute arbitrary code with kernel privileges"
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/HT213757",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213758",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213759",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213760",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213761",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213764",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213765",
"source": "product-security@apple.com"
}
]
}

32
CVE-2023/CVE-2023-323xx/CVE-2023-32399.json Normal file
View File

@ -0,0 +1,32 @@
{
"id": "CVE-2023-32399",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:12.827",
"lastModified": "2023-06-23T19:24:35.610",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "The issue was addressed with improved handling of caches. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, watchOS 9.5, tvOS 16.5. An app may be able to read sensitive location information"
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/HT213757",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213758",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213761",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213764",
"source": "product-security@apple.com"
}
]
}

28
CVE-2023/CVE-2023-324xx/CVE-2023-32400.json Normal file
View File

@ -0,0 +1,28 @@
{
"id": "CVE-2023-32400",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:12.870",
"lastModified": "2023-06-23T19:24:35.610",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "This issue was addressed with improved checks. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, watchOS 9.5. Entitlements and privacy permissions granted to this app may be used by a malicious app"
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/HT213757",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213758",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213764",
"source": "product-security@apple.com"
}
]
}

36
CVE-2023/CVE-2023-324xx/CVE-2023-32402.json Normal file
View File

@ -0,0 +1,36 @@
{
"id": "CVE-2023-32402",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:12.917",
"lastModified": "2023-06-23T19:24:35.610",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in watchOS 9.5, macOS Ventura 13.4, Safari 16.5, tvOS 16.5, iOS 16.5 and iPadOS 16.5. Processing web content may disclose sensitive information"
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/HT213757",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213758",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213761",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213762",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213764",
"source": "product-security@apple.com"
}
]
}

44
CVE-2023/CVE-2023-324xx/CVE-2023-32403.json Normal file
View File

@ -0,0 +1,44 @@
{
"id": "CVE-2023-32403",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:12.960",
"lastModified": "2023-06-23T19:24:35.610",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in watchOS 9.5, iOS 15.7.6 and iPadOS 15.7.6, macOS Ventura 13.4, tvOS 16.5, iOS 16.5 and iPadOS 16.5, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. An app may be able to read sensitive location information"
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/HT213757",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213758",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213759",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213760",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213761",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213764",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213765",
"source": "product-security@apple.com"
}
]
}

28
CVE-2023/CVE-2023-324xx/CVE-2023-32404.json Normal file
View File

@ -0,0 +1,28 @@
{
"id": "CVE-2023-32404",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:13.007",
"lastModified": "2023-06-23T19:24:35.610",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "This issue was addressed with improved entitlements. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, watchOS 9.5. An app may be able to bypass Privacy preferences"
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/HT213757",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213758",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213764",
"source": "product-security@apple.com"
}
]
}

28
CVE-2023/CVE-2023-324xx/CVE-2023-32405.json Normal file
View File

@ -0,0 +1,28 @@
{
"id": "CVE-2023-32405",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:13.047",
"lastModified": "2023-06-23T19:24:35.610",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.4, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. An app may be able to gain root privileges"
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/HT213758",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213759",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213760",
"source": "product-security@apple.com"
}
]
}

44
CVE-2023/CVE-2023-324xx/CVE-2023-32407.json Normal file
View File

@ -0,0 +1,44 @@
{
"id": "CVE-2023-32407",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:13.093",
"lastModified": "2023-06-23T19:24:35.610",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A logic issue was addressed with improved state management. This issue is fixed in watchOS 9.5, iOS 15.7.6 and iPadOS 15.7.6, macOS Ventura 13.4, tvOS 16.5, iOS 16.5 and iPadOS 16.5, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. An app may be able to bypass Privacy preferences"
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/HT213757",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213758",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213759",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213760",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213761",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213764",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213765",
"source": "product-security@apple.com"
}
]
}

Some files were not shown because too many files have changed in this diff Show More