From 38c550563a0c8343ec3789bc49c529f6b9bdb229 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Tue, 23 May 2023 20:00:33 +0000 Subject: [PATCH] Auto-Update: 2023-05-23T20:00:29.583424+00:00 --- CVE-2020/CVE-2020-133xx/CVE-2020-13378.json | 84 ++++++++++++++++++ CVE-2022/CVE-2022-466xx/CVE-2022-46645.json | 59 ++++++++++++- CVE-2023/CVE-2023-15xx/CVE-2023-1596.json | 52 ++++++++++- CVE-2023/CVE-2023-18xx/CVE-2023-1835.json | 52 ++++++++++- CVE-2023/CVE-2023-18xx/CVE-2023-1837.json | 55 ++++++++++++ CVE-2023/CVE-2023-18xx/CVE-2023-1839.json | 52 ++++++++++- CVE-2023/CVE-2023-18xx/CVE-2023-1890.json | 52 ++++++++++- CVE-2023/CVE-2023-19xx/CVE-2023-1915.json | 52 ++++++++++- CVE-2023/CVE-2023-20xx/CVE-2023-2009.json | 64 ++++++++++++-- CVE-2023/CVE-2023-21xx/CVE-2023-2179.json | 52 ++++++++++- CVE-2023/CVE-2023-21xx/CVE-2023-2180.json | 52 ++++++++++- CVE-2023/CVE-2023-231xx/CVE-2023-23169.json | 73 ++++++++++++++-- CVE-2023/CVE-2023-236xx/CVE-2023-23657.json | 47 +++++++++- CVE-2023/CVE-2023-236xx/CVE-2023-23673.json | 47 +++++++++- CVE-2023/CVE-2023-236xx/CVE-2023-23676.json | 47 +++++++++- CVE-2023/CVE-2023-236xx/CVE-2023-23682.json | 47 +++++++++- CVE-2023/CVE-2023-237xx/CVE-2023-23703.json | 47 +++++++++- CVE-2023/CVE-2023-237xx/CVE-2023-23709.json | 47 +++++++++- CVE-2023/CVE-2023-237xx/CVE-2023-23720.json | 47 +++++++++- CVE-2023/CVE-2023-25xx/CVE-2023-2515.json | 78 ++++++++++++++++- CVE-2023/CVE-2023-26xx/CVE-2023-2644.json | 67 +++++++++++++-- CVE-2023/CVE-2023-298xx/CVE-2023-29861.json | 81 ++++++++++++++++-- CVE-2023/CVE-2023-298xx/CVE-2023-29862.json | 81 ++++++++++++++++-- CVE-2023/CVE-2023-303xx/CVE-2023-30330.json | 87 +++++++++++++++++++ CVE-2023/CVE-2023-315xx/CVE-2023-31572.json | 64 +++++++++++++- CVE-2023/CVE-2023-315xx/CVE-2023-31576.json | 64 +++++++++++++- CVE-2023/CVE-2023-316xx/CVE-2023-31607.json | 65 +++++++++++++- CVE-2023/CVE-2023-316xx/CVE-2023-31608.json | 65 +++++++++++++- CVE-2023/CVE-2023-316xx/CVE-2023-31609.json | 65 +++++++++++++- CVE-2023/CVE-2023-316xx/CVE-2023-31610.json | 65 +++++++++++++- CVE-2023/CVE-2023-319xx/CVE-2023-31986.json | 76 ++++++++++++++++- CVE-2023/CVE-2023-320xx/CVE-2023-32059.json | 65 ++++++++++++-- CVE-2023/CVE-2023-327xx/CVE-2023-32700.json | 95 +++++++++++++++++++-- README.md | 58 +++++++------ 34 files changed, 1957 insertions(+), 147 deletions(-) create mode 100644 CVE-2020/CVE-2020-133xx/CVE-2020-13378.json create mode 100644 CVE-2023/CVE-2023-18xx/CVE-2023-1837.json create mode 100644 CVE-2023/CVE-2023-303xx/CVE-2023-30330.json diff --git a/CVE-2020/CVE-2020-133xx/CVE-2020-13378.json b/CVE-2020/CVE-2020-133xx/CVE-2020-13378.json new file mode 100644 index 00000000000..701e7923303 --- /dev/null +++ b/CVE-2020/CVE-2020-133xx/CVE-2020-13378.json @@ -0,0 +1,84 @@ +{ + "id": "CVE-2020-13378", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-05-12T01:15:09.023", + "lastModified": "2023-05-23T19:14:56.263", + "vulnStatus": "Analyzed", + "descriptions": [ + { + "lang": "en", + "value": "Loadbalancer.org Enterprise VA MAX through 8.3.8 has an OS Command Injection vulnerability that allows a remote authenticated attacker to execute arbitrary code." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-78" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:loadbalancer:enterprise_va_max:*:*:*:*:*:*:*:*", + "versionEndIncluding": "8.3.8", + "matchCriteriaId": "717820F5-BC57-4D5B-88A3-20381974868D" + } + ] + } + ] + } + ], + "references": [ + { + "url": "https://inf0seq.github.io/cve/2020/04/21/OS.html", + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] + }, + { + "url": "https://www.loadbalancer.org/products/virtual/enterprise-va-max/", + "source": "cve@mitre.org", + "tags": [ + "Product" + ] + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-466xx/CVE-2022-46645.json b/CVE-2022/CVE-2022-466xx/CVE-2022-46645.json index 71d795c9727..03bc1bdaf60 100644 --- a/CVE-2022/CVE-2022-466xx/CVE-2022-46645.json +++ b/CVE-2022/CVE-2022-466xx/CVE-2022-46645.json @@ -2,8 +2,8 @@ "id": "CVE-2022-46645", "sourceIdentifier": "secure@intel.com", "published": "2023-05-10T14:15:26.070", - "lastModified": "2023-05-10T14:38:37.273", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-23T18:57:46.280", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + }, { "source": "secure@intel.com", "type": "Secondary", @@ -34,10 +54,43 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-400" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:intel:smart_campus:*:*:*:*:*:android:*:*", + "versionEndExcluding": "9.9", + "matchCriteriaId": "2E0AEA33-87D8-44FD-9465-FA895289CF86" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00815.html", - "source": "secure@intel.com" + "source": "secure@intel.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-15xx/CVE-2023-1596.json b/CVE-2023/CVE-2023-15xx/CVE-2023-1596.json index b8192c7f8ea..ff5999dba35 100644 --- a/CVE-2023/CVE-2023-15xx/CVE-2023-1596.json +++ b/CVE-2023/CVE-2023-15xx/CVE-2023-1596.json @@ -2,15 +2,38 @@ "id": "CVE-2023-1596", "sourceIdentifier": "contact@wpscan.com", "published": "2023-05-15T13:15:10.410", - "lastModified": "2023-05-15T13:26:09.987", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-23T18:46:32.037", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "The tagDiv Composer WordPress plugin before 4.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, "weaknesses": [ { "source": "contact@wpscan.com", @@ -23,10 +46,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tagdiv:composer:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "4.0", + "matchCriteriaId": "D5317DA3-5594-4529-9DA2-190D3B9E3A77" + } + ] + } + ] + } + ], "references": [ { "url": "https://wpscan.com/vulnerability/cada9be9-522a-4ce8-847d-c8fff2ddcc07", - "source": "contact@wpscan.com" + "source": "contact@wpscan.com", + "tags": [ + "Exploit" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-18xx/CVE-2023-1835.json b/CVE-2023/CVE-2023-18xx/CVE-2023-1835.json index 11214d4e6f2..6e4625f212c 100644 --- a/CVE-2023/CVE-2023-18xx/CVE-2023-1835.json +++ b/CVE-2023/CVE-2023-18xx/CVE-2023-1835.json @@ -2,15 +2,38 @@ "id": "CVE-2023-1835", "sourceIdentifier": "contact@wpscan.com", "published": "2023-05-15T13:15:10.463", - "lastModified": "2023-05-15T13:26:09.987", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-23T18:45:51.570", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "The Ninja Forms Contact Form WordPress plugin before 3.6.22 does not properly escape user input before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, "weaknesses": [ { "source": "contact@wpscan.com", @@ -23,10 +46,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ninjaforms:ninja_forms:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "3.6.22", + "matchCriteriaId": "A483DE71-11CB-429C-997D-9476653F86C3" + } + ] + } + ] + } + ], "references": [ { "url": "https://wpscan.com/vulnerability/b5fc223c-5ec0-44b2-b2f6-b35f9942d341", - "source": "contact@wpscan.com" + "source": "contact@wpscan.com", + "tags": [ + "Exploit" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-18xx/CVE-2023-1837.json b/CVE-2023/CVE-2023-18xx/CVE-2023-1837.json new file mode 100644 index 00000000000..ff5be1be907 --- /dev/null +++ b/CVE-2023/CVE-2023-18xx/CVE-2023-1837.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-1837", + "sourceIdentifier": "security@hypr.com", + "published": "2023-05-23T19:15:09.237", + "lastModified": "2023-05-23T19:15:09.237", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Missing Authentication for critical function vulnerability in HYPR Server allows Authentication Bypass when using Legacy APIs.This issue affects HYPR Server: before 8.0 (with enabled Legacy APIs)\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@hypr.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "security@hypr.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-306" + } + ] + } + ], + "references": [ + { + "url": "https://www.hypr.com/security-advisories", + "source": "security@hypr.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-18xx/CVE-2023-1839.json b/CVE-2023/CVE-2023-18xx/CVE-2023-1839.json index 0008a524936..90b8bf415a2 100644 --- a/CVE-2023/CVE-2023-18xx/CVE-2023-1839.json +++ b/CVE-2023/CVE-2023-18xx/CVE-2023-1839.json @@ -2,15 +2,38 @@ "id": "CVE-2023-1839", "sourceIdentifier": "contact@wpscan.com", "published": "2023-05-15T13:15:10.537", - "lastModified": "2023-05-15T13:26:09.987", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-23T18:43:27.077", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "The Product Addons & Fields for WooCommerce WordPress plugin before 32.0.6 does not sanitize and escape some of its setting fields, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example, in multisite setup)." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + } + ] + }, "weaknesses": [ { "source": "contact@wpscan.com", @@ -23,10 +46,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:themeisle:product_addons_\\&_fields_for_woocommerce:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "32.0.6", + "matchCriteriaId": "7CD67960-A445-4637-BEB0-4A6E7B15A2A9" + } + ] + } + ] + } + ], "references": [ { "url": "https://wpscan.com/vulnerability/fddc5a1c-f267-4ef4-8acf-731dbecac450", - "source": "contact@wpscan.com" + "source": "contact@wpscan.com", + "tags": [ + "Exploit" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-18xx/CVE-2023-1890.json b/CVE-2023/CVE-2023-18xx/CVE-2023-1890.json index 5dd87e91ed2..2cd03522cd4 100644 --- a/CVE-2023/CVE-2023-18xx/CVE-2023-1890.json +++ b/CVE-2023/CVE-2023-18xx/CVE-2023-1890.json @@ -2,15 +2,38 @@ "id": "CVE-2023-1890", "sourceIdentifier": "contact@wpscan.com", "published": "2023-05-15T13:15:10.593", - "lastModified": "2023-05-15T13:26:09.987", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-23T18:42:50.847", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "The Tablesome WordPress plugin before 1.0.9 does not escape various generated URLs, before outputting them in attributes when some notices are displayed, leading to Reflected Cross-Site Scripting" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, "weaknesses": [ { "source": "contact@wpscan.com", @@ -23,10 +46,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:pauple:tablesome:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "1.0.9", + "matchCriteriaId": "07B0D10A-D0CF-4FCF-B4A9-FFA4A54BF01A" + } + ] + } + ] + } + ], "references": [ { "url": "https://wpscan.com/vulnerability/8ef64490-30cd-4e07-9b7c-64f551944f3d", - "source": "contact@wpscan.com" + "source": "contact@wpscan.com", + "tags": [ + "Exploit" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-19xx/CVE-2023-1915.json b/CVE-2023/CVE-2023-19xx/CVE-2023-1915.json index 50e181a7535..d70ed54753e 100644 --- a/CVE-2023/CVE-2023-19xx/CVE-2023-1915.json +++ b/CVE-2023/CVE-2023-19xx/CVE-2023-1915.json @@ -2,15 +2,38 @@ "id": "CVE-2023-1915", "sourceIdentifier": "contact@wpscan.com", "published": "2023-05-15T13:15:10.650", - "lastModified": "2023-05-15T13:26:09.987", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-23T18:40:29.990", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "The Thumbnail carousel slider WordPress plugin before 1.1.10 does not sanitise and escape some parameters before outputting them back in pages, leading to Reflected Cross-Site Scripting vulnerability which could be used against high privilege users such as admin." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, "weaknesses": [ { "source": "contact@wpscan.com", @@ -23,10 +46,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:i13websolution:thumbnail_carousel_slider:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "1.1.10", + "matchCriteriaId": "4B506064-E839-4713-B823-FB00246C1F81" + } + ] + } + ] + } + ], "references": [ { "url": "https://wpscan.com/vulnerability/0487c3f6-1a3c-4089-a614-15138f52f69b", - "source": "contact@wpscan.com" + "source": "contact@wpscan.com", + "tags": [ + "Exploit" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-20xx/CVE-2023-2009.json b/CVE-2023/CVE-2023-20xx/CVE-2023-2009.json index 0cb4a054ba9..4841b0be09c 100644 --- a/CVE-2023/CVE-2023-20xx/CVE-2023-2009.json +++ b/CVE-2023/CVE-2023-20xx/CVE-2023-2009.json @@ -2,18 +2,41 @@ "id": "CVE-2023-2009", "sourceIdentifier": "contact@wpscan.com", "published": "2023-05-15T13:15:10.817", - "lastModified": "2023-05-15T13:26:09.987", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-23T18:21:56.943", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Plugin does not sanitize and escape the URL field in the Pretty Url WordPress plugin through 1.5.4 settings, which could allow high-privilege users to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + } + ] + }, "weaknesses": [ { - "source": "contact@wpscan.com", + "source": "nvd@nist.gov", "type": "Primary", "description": [ { @@ -21,12 +44,43 @@ "value": "CWE-79" } ] + }, + { + "source": "contact@wpscan.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:pretty_url_project:pretty_url:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "1.5.4", + "matchCriteriaId": "8C96DB7B-1B32-470E-8C8F-A89EEE7BCC81" + } + ] + } + ] } ], "references": [ { "url": "https://wpscan.com/vulnerability/f7988a18-ba9d-4ead-82c8-30ea8223846f", - "source": "contact@wpscan.com" + "source": "contact@wpscan.com", + "tags": [ + "Exploit" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-21xx/CVE-2023-2179.json b/CVE-2023/CVE-2023-21xx/CVE-2023-2179.json index e985e75e007..ae3cf40e058 100644 --- a/CVE-2023/CVE-2023-21xx/CVE-2023-2179.json +++ b/CVE-2023/CVE-2023-21xx/CVE-2023-2179.json @@ -2,15 +2,38 @@ "id": "CVE-2023-2179", "sourceIdentifier": "contact@wpscan.com", "published": "2023-05-15T13:15:10.870", - "lastModified": "2023-05-15T13:26:09.987", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-23T18:18:59.863", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "The WooCommerce Order Status Change Notifier WordPress plugin through 1.1.0 does not have authorisation and CSRF when updating status orders via an AJAX action available to any authenticated users, which could allow low privilege users such as subscriber to update arbitrary order status, making them paid without actually paying for them for example" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, "weaknesses": [ { "source": "contact@wpscan.com", @@ -27,10 +50,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:woocommerce:woocommerce_order_status_change_notifier:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "1.1.0", + "matchCriteriaId": "186BCFC3-4AF0-425B-B316-F61CCA234DC9" + } + ] + } + ] + } + ], "references": [ { "url": "https://wpscan.com/vulnerability/fbc56973-4225-4f44-8c38-d488e57cd551", - "source": "contact@wpscan.com" + "source": "contact@wpscan.com", + "tags": [ + "Exploit" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-21xx/CVE-2023-2180.json b/CVE-2023/CVE-2023-21xx/CVE-2023-2180.json index 23b5aa167b9..83719c06d41 100644 --- a/CVE-2023/CVE-2023-21xx/CVE-2023-2180.json +++ b/CVE-2023/CVE-2023-21xx/CVE-2023-2180.json @@ -2,15 +2,38 @@ "id": "CVE-2023-2180", "sourceIdentifier": "contact@wpscan.com", "published": "2023-05-15T13:15:10.927", - "lastModified": "2023-05-15T13:26:09.987", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-23T18:17:01.457", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "The KIWIZ Invoices Certification & PDF System WordPress plugin through 2.1.3 does not validate the path of files to be downloaded, which could allow unauthenticated attacker to read/downlaod arbitrary files, as well as perform PHAR unserialization (assuming they can upload a file on the server)" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, "weaknesses": [ { "source": "contact@wpscan.com", @@ -23,10 +46,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:kiwiz_invoices_certification_\\&_pdf_system_project:kiwiz_invoices_certification_\\&_pdf_system:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "2.1.3", + "matchCriteriaId": "DEBDBB94-3761-4715-995B-AF35218C7C29" + } + ] + } + ] + } + ], "references": [ { "url": "https://wpscan.com/vulnerability/4d3b90d8-8a6d-4b72-8bc7-21f861259a1b", - "source": "contact@wpscan.com" + "source": "contact@wpscan.com", + "tags": [ + "Exploit" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-231xx/CVE-2023-23169.json b/CVE-2023/CVE-2023-231xx/CVE-2023-23169.json index 1d80c436ceb..e7e45fc3de6 100644 --- a/CVE-2023/CVE-2023-231xx/CVE-2023-23169.json +++ b/CVE-2023/CVE-2023-231xx/CVE-2023-23169.json @@ -2,23 +2,86 @@ "id": "CVE-2023-23169", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-12T11:15:12.727", - "lastModified": "2023-05-12T14:21:57.583", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-23T19:59:08.250", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Synapsoft pdfocus 1.17 is vulnerable to local file inclusion and server-side request forgery Directory Traversal." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + }, + { + "lang": "en", + "value": "CWE-918" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:synapsoft:pdfocus:1.17:*:*:*:*:*:*:*", + "matchCriteriaId": "C3AE4174-95B8-4691-BC56-9C3A50B5A9A8" + } + ] + } + ] + } + ], "references": [ { "url": "http://support.synapsoft.co.kr:50000/skin/try_pdfocus/index.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Product" + ] }, { "url": "https://github.com/S4nshine/CVE-2023-23169", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-236xx/CVE-2023-23657.json b/CVE-2023/CVE-2023-236xx/CVE-2023-23657.json index 48827d97152..c2d884a275f 100644 --- a/CVE-2023/CVE-2023-236xx/CVE-2023-23657.json +++ b/CVE-2023/CVE-2023-236xx/CVE-2023-23657.json @@ -2,8 +2,8 @@ "id": "CVE-2023-23657", "sourceIdentifier": "audit@patchstack.com", "published": "2023-05-16T10:15:09.350", - "lastModified": "2023-05-16T10:46:36.147", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-23T18:54:10.007", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +66,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:webfwd:mail_subscribe_list:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "2.1.9", + "matchCriteriaId": "5259437D-A521-4286-B1E0-D3D59673211F" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/mail-subscribe-list/wordpress-mail-subscribe-list-plugin-2-1-9-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-236xx/CVE-2023-23673.json b/CVE-2023/CVE-2023-236xx/CVE-2023-23673.json index ef881d22def..9de7124e800 100644 --- a/CVE-2023/CVE-2023-236xx/CVE-2023-23673.json +++ b/CVE-2023/CVE-2023-236xx/CVE-2023-23673.json @@ -2,8 +2,8 @@ "id": "CVE-2023-23673", "sourceIdentifier": "audit@patchstack.com", "published": "2023-05-16T09:15:09.313", - "lastModified": "2023-05-16T10:46:36.147", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-23T18:55:45.033", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +66,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:themeist:i_recommend_this:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "3.8.3", + "matchCriteriaId": "86E6E7CD-0414-4E22-8A81-EDFAAB307F54" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/i-recommend-this/wordpress-i-recommend-this-plugin-3-8-3-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-236xx/CVE-2023-23676.json b/CVE-2023/CVE-2023-236xx/CVE-2023-23676.json index b15d7e36213..fa2cf7a78ed 100644 --- a/CVE-2023/CVE-2023-236xx/CVE-2023-23676.json +++ b/CVE-2023/CVE-2023-236xx/CVE-2023-23676.json @@ -2,8 +2,8 @@ "id": "CVE-2023-23676", "sourceIdentifier": "audit@patchstack.com", "published": "2023-05-16T09:15:09.720", - "lastModified": "2023-05-16T10:46:36.147", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-23T18:54:45.910", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +66,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:file_gallery_project:file_gallery:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "1.8.5.4", + "matchCriteriaId": "FF250CA4-7840-4427-A8D8-417D173A9237" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/file-gallery/wordpress-file-gallery-plugin-1-8-5-3-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-236xx/CVE-2023-23682.json b/CVE-2023/CVE-2023-236xx/CVE-2023-23682.json index 2b48e079a86..c104235eb60 100644 --- a/CVE-2023/CVE-2023-236xx/CVE-2023-23682.json +++ b/CVE-2023/CVE-2023-236xx/CVE-2023-23682.json @@ -2,8 +2,8 @@ "id": "CVE-2023-23682", "sourceIdentifier": "audit@patchstack.com", "published": "2023-05-15T13:15:10.707", - "lastModified": "2023-05-15T13:26:09.987", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-23T18:39:41.410", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +66,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:duplicator:ezp_maintenance_mode:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "1.0.1", + "matchCriteriaId": "042D76F9-A67E-491B-9347-9EA9E9F566B8" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/easy-pie-maintenance-mode/wordpress-ezp-maintenance-mode-plugin-1-0-1-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Exploit" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-237xx/CVE-2023-23703.json b/CVE-2023/CVE-2023-237xx/CVE-2023-23703.json index 75e6d2bf4f8..6755aef2d8a 100644 --- a/CVE-2023/CVE-2023-237xx/CVE-2023-23703.json +++ b/CVE-2023/CVE-2023-237xx/CVE-2023-23703.json @@ -2,8 +2,8 @@ "id": "CVE-2023-23703", "sourceIdentifier": "audit@patchstack.com", "published": "2023-05-16T10:15:09.407", - "lastModified": "2023-05-16T10:46:36.147", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-23T18:53:27.673", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +66,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tychesoftwares:arconix_shortcodes:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "2.1.7", + "matchCriteriaId": "EB998F36-4C3B-4D6F-AC0F-A4B1FCE1B0FD" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/arconix-shortcodes/wordpress-arconix-shortcodes-plugin-2-1-7-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-237xx/CVE-2023-23709.json b/CVE-2023/CVE-2023-237xx/CVE-2023-23709.json index 87582652e03..dc562f2ec2f 100644 --- a/CVE-2023/CVE-2023-237xx/CVE-2023-23709.json +++ b/CVE-2023/CVE-2023-237xx/CVE-2023-23709.json @@ -2,8 +2,8 @@ "id": "CVE-2023-23709", "sourceIdentifier": "audit@patchstack.com", "published": "2023-05-16T10:15:09.467", - "lastModified": "2023-05-16T10:46:36.147", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-23T18:53:01.447", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +66,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:wpjam_basic_project:wpjam_basic:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "6.2.1.1", + "matchCriteriaId": "A99B3ACB-1D56-4F8B-85DF-F8C99938F06A" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/wpjam-basic/wordpress-wpjam-basic-plugin-6-2-1-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-237xx/CVE-2023-23720.json b/CVE-2023/CVE-2023-237xx/CVE-2023-23720.json index 47f124e18e5..bf7cf07888a 100644 --- a/CVE-2023/CVE-2023-237xx/CVE-2023-23720.json +++ b/CVE-2023/CVE-2023-237xx/CVE-2023-23720.json @@ -2,8 +2,8 @@ "id": "CVE-2023-23720", "sourceIdentifier": "audit@patchstack.com", "published": "2023-05-16T10:15:09.530", - "lastModified": "2023-05-16T10:46:36.147", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-23T18:52:10.690", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +66,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:skeepers:verified_reviews_\\(avis_verifies\\):*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "2.3.13", + "matchCriteriaId": "666CE769-833F-4A08-9BE3-A31D08C5B208" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/netreviews/wordpress-verified-reviews-avis-verifies-plugin-2-3-12-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-25xx/CVE-2023-2515.json b/CVE-2023/CVE-2023-25xx/CVE-2023-2515.json index 9a818631e97..f3a9f1cf838 100644 --- a/CVE-2023/CVE-2023-25xx/CVE-2023-2515.json +++ b/CVE-2023/CVE-2023-25xx/CVE-2023-2515.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2515", "sourceIdentifier": "responsibledisclosure@mattermost.com", "published": "2023-05-12T09:15:10.373", - "lastModified": "2023-05-12T14:21:57.583", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-23T19:53:59.490", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "responsibledisclosure@mattermost.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-863" + } + ] + }, { "source": "responsibledisclosure@mattermost.com", "type": "Secondary", @@ -46,10 +76,52 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*", + "versionEndExcluding": "7.1.8", + "matchCriteriaId": "6DF5031B-328F-437D-8B96-BDED19E417FA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.2.0", + "versionEndExcluding": "7.7.4", + "matchCriteriaId": "1FA172F4-5BE3-45B2-BB2C-B05F2446923F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.8.0", + "versionEndExcluding": "7.8.3", + "matchCriteriaId": "53D5D9CC-6065-43C9-A17C-9DBB30447F3D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.9.0", + "versionEndExcluding": "7.9.2", + "matchCriteriaId": "FBCD0E6A-14E1-41E9-A215-822115B4622E" + } + ] + } + ] + } + ], "references": [ { "url": "https://mattermost.com/security-updates", - "source": "responsibledisclosure@mattermost.com" + "source": "responsibledisclosure@mattermost.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-26xx/CVE-2023-2644.json b/CVE-2023/CVE-2023-26xx/CVE-2023-2644.json index 1ad9184ace3..a4a30e7029e 100644 --- a/CVE-2023/CVE-2023-26xx/CVE-2023-2644.json +++ b/CVE-2023/CVE-2023-26xx/CVE-2023-2644.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2644", "sourceIdentifier": "cna@vuldb.com", "published": "2023-05-11T07:15:08.480", - "lastModified": "2023-05-11T13:36:25.773", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-23T19:00:42.333", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "cna@vuldb.com", @@ -61,7 +83,7 @@ }, "weaknesses": [ { - "source": "cna@vuldb.com", + "source": "nvd@nist.gov", "type": "Primary", "description": [ { @@ -69,16 +91,51 @@ "value": "CWE-428" } ] + }, + { + "source": "cna@vuldb.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-428" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:digitalpersona_fpsensor_project:digitalpersona_fpsensor:1.0.0.1:*:*:*:*:*:*:*", + "matchCriteriaId": "0BE06811-9453-4BAA-9FF8-1BE60B9BA28A" + } + ] + } + ] } ], "references": [ { "url": "https://vuldb.com/?ctiid.228773", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?id.228773", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-298xx/CVE-2023-29861.json b/CVE-2023/CVE-2023-298xx/CVE-2023-29861.json index 24606f83208..cf9244b8977 100644 --- a/CVE-2023/CVE-2023-298xx/CVE-2023-29861.json +++ b/CVE-2023/CVE-2023-298xx/CVE-2023-29861.json @@ -2,23 +2,94 @@ "id": "CVE-2023-29861", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-15T15:15:11.513", - "lastModified": "2023-05-15T15:20:32.293", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-23T18:12:44.910", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An issue found in FLIR-DVTEL version not specified allows a remote attacker to execute arbitrary code via a crafted request to the management page of the device." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-Other" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:flir:dvtel_camera_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E4B2A5A9-B46E-4D67-933C-1B1796B6712E" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:flir:dvtel_camera:-:*:*:*:*:*:*:*", + "matchCriteriaId": "36F6946B-CD6B-4622-AC02-6B5160999BA9" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/Duke1410/CVE/blob/main/CVE-2023-29861", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://woolly-espadrille-ed5.notion.site/The-FLIR-DVTEL-camera-device-has-a-logic-flaw-vulnerability-363a2158e372440b80a2be739271c6f3", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-298xx/CVE-2023-29862.json b/CVE-2023/CVE-2023-298xx/CVE-2023-29862.json index f8cee073186..4979a4dc0fc 100644 --- a/CVE-2023/CVE-2023-298xx/CVE-2023-29862.json +++ b/CVE-2023/CVE-2023-298xx/CVE-2023-29862.json @@ -2,23 +2,94 @@ "id": "CVE-2023-29862", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-15T13:15:10.773", - "lastModified": "2023-05-15T13:26:09.987", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-23T18:22:53.290", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An issue found in Agasio-Camera device version not specified allows a remote attacker to execute arbitrary code via the check and authLevel parameters." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-Other" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:agasio_camera_project:agasio_camera_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F2439A26-22F1-4C9F-8E29-4478AB5BC2D1" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:agasio_camera_project:agasio_camera:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3895B75B-DC93-41D9-9AAF-87155168E231" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/Duke1410/CVE/blob/main/CVE-2023-29862", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://woolly-espadrille-ed5.notion.site/Agasio-Camera-device-has-a-logic-flaw-vulnerability-d4514e7217c54dd7ac62582b6664aa66", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-303xx/CVE-2023-30330.json b/CVE-2023/CVE-2023-303xx/CVE-2023-30330.json new file mode 100644 index 00000000000..9ff33008fa4 --- /dev/null +++ b/CVE-2023/CVE-2023-303xx/CVE-2023-30330.json @@ -0,0 +1,87 @@ +{ + "id": "CVE-2023-30330", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-05-12T01:15:09.903", + "lastModified": "2023-05-23T19:17:36.410", + "vulnStatus": "Analyzed", + "descriptions": [ + { + "lang": "en", + "value": "SoftExpert (SE) Excellence Suite 2.x versions before 2.1.3 is vulnerable to Local File Inclusion in the function /se/v42300/generic/gn_defaultframe/2.0/defaultframe_filter.php." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:softexpert:excellence_suite:*:*:*:*:*:*:*:*", + "versionStartIncluding": "2.0", + "versionEndExcluding": "2.1.3", + "matchCriteriaId": "7B487560-94C8-4675-9187-6104A6C1016B" + } + ] + } + ] + } + ], + "references": [ + { + "url": "https://github.com/Filiplain/LFI-to-RCE-SE-Suite-2.0", + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] + }, + { + "url": "https://www.exploit-db.com/exploits/51404", + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory", + "VDB Entry" + ] + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-315xx/CVE-2023-31572.json b/CVE-2023/CVE-2023-315xx/CVE-2023-31572.json index 8c40b328ee6..66c441088b0 100644 --- a/CVE-2023/CVE-2023-315xx/CVE-2023-31572.json +++ b/CVE-2023/CVE-2023-315xx/CVE-2023-31572.json @@ -2,19 +2,75 @@ "id": "CVE-2023-31572", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-16T14:15:09.540", - "lastModified": "2023-05-16T20:04:03.627", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-23T18:51:16.873", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An issue in Bludit 4.0.0-rc-2 allows authenticated attackers to change the Administrator password and escalate privileges via a crafted request." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:bludit:bludit:4.0.0:rc2:*:*:*:*:*:*", + "matchCriteriaId": "F65D3B2E-5F44-498D-B79F-B283D08898F5" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/bludit/2023/Bludit-v4.0.0-Release-candidate-2", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-315xx/CVE-2023-31576.json b/CVE-2023/CVE-2023-315xx/CVE-2023-31576.json index addfff15b25..b9db6df9cc0 100644 --- a/CVE-2023/CVE-2023-315xx/CVE-2023-31576.json +++ b/CVE-2023/CVE-2023-315xx/CVE-2023-31576.json @@ -2,19 +2,75 @@ "id": "CVE-2023-31576", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-16T14:15:09.603", - "lastModified": "2023-05-16T20:04:03.627", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-23T18:50:15.687", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An arbitrary file upload vulnerability in Serendipity 2.4-beta1 allows attackers to execute arbitrary code via a crafted HTML or Javascript file." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-434" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:s9y:serendipity:2.4.0:beta1:*:*:*:*:*:*", + "matchCriteriaId": "79F75A97-EBF1-4767-B1F9-68F1ED7AA58B" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/s9y/2023/Serendipity-2.4-beta-1", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-316xx/CVE-2023-31607.json b/CVE-2023/CVE-2023-316xx/CVE-2023-31607.json index 87ae56ba177..f71376659b8 100644 --- a/CVE-2023/CVE-2023-316xx/CVE-2023-31607.json +++ b/CVE-2023/CVE-2023-316xx/CVE-2023-31607.json @@ -2,19 +2,76 @@ "id": "CVE-2023-31607", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-15T15:15:11.573", - "lastModified": "2023-05-15T15:20:32.293", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-23T18:05:16.233", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An issue in the __libc_malloc component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:openlinksw:virtuoso:7.2.9:*:*:*:open_source:*:*:*", + "matchCriteriaId": "75FD7F91-D201-4286-8F97-D2D1C7C9D4C3" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/openlink/virtuoso-opensource/issues/1120", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking", + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-316xx/CVE-2023-31608.json b/CVE-2023/CVE-2023-316xx/CVE-2023-31608.json index 495b3ee85f8..bf5fe5bbf40 100644 --- a/CVE-2023/CVE-2023-316xx/CVE-2023-31608.json +++ b/CVE-2023/CVE-2023-316xx/CVE-2023-31608.json @@ -2,19 +2,76 @@ "id": "CVE-2023-31608", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-15T15:15:11.623", - "lastModified": "2023-05-15T15:20:32.293", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-23T18:05:02.027", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An issue in the artm_div_int component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:openlinksw:virtuoso:7.2.9:*:*:*:open_source:*:*:*", + "matchCriteriaId": "75FD7F91-D201-4286-8F97-D2D1C7C9D4C3" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/openlink/virtuoso-opensource/issues/1123", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking", + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-316xx/CVE-2023-31609.json b/CVE-2023/CVE-2023-316xx/CVE-2023-31609.json index 95c03c43ae4..63b2a1a6133 100644 --- a/CVE-2023/CVE-2023-316xx/CVE-2023-31609.json +++ b/CVE-2023/CVE-2023-316xx/CVE-2023-31609.json @@ -2,19 +2,76 @@ "id": "CVE-2023-31609", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-15T15:15:11.673", - "lastModified": "2023-05-15T15:20:32.293", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-23T18:04:43.933", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An issue in the dfe_unit_col_loci component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:openlinksw:virtuoso:7.2.9:*:*:*:open_source:*:*:*", + "matchCriteriaId": "75FD7F91-D201-4286-8F97-D2D1C7C9D4C3" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/openlink/virtuoso-opensource/issues/1126", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking", + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-316xx/CVE-2023-31610.json b/CVE-2023/CVE-2023-316xx/CVE-2023-31610.json index 58a1c1537a4..e98a21af9d3 100644 --- a/CVE-2023/CVE-2023-316xx/CVE-2023-31610.json +++ b/CVE-2023/CVE-2023-316xx/CVE-2023-31610.json @@ -2,19 +2,76 @@ "id": "CVE-2023-31610", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-15T15:15:11.720", - "lastModified": "2023-05-15T15:20:32.293", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-23T18:04:27.727", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An issue in the _IO_default_xsputn component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:openlinksw:virtuoso:7.2.9:*:*:*:open_source:*:*:*", + "matchCriteriaId": "75FD7F91-D201-4286-8F97-D2D1C7C9D4C3" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/openlink/virtuoso-opensource/issues/1118", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking", + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-319xx/CVE-2023-31986.json b/CVE-2023/CVE-2023-319xx/CVE-2023-31986.json index 5e93013aba6..25c5086ba14 100644 --- a/CVE-2023/CVE-2023-319xx/CVE-2023-31986.json +++ b/CVE-2023/CVE-2023-319xx/CVE-2023-31986.json @@ -2,19 +2,87 @@ "id": "CVE-2023-31986", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-15T12:15:09.787", - "lastModified": "2023-05-15T12:54:28.597", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-23T18:48:17.007", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A Command Injection vulnerability in Edimax Wireless Router N300 Firmware BR-6428NS_v4 allows attacker to execute arbitrary code via the setWAN function in /bin/webs without any limitations." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-77" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:edimax:br-6428ns_firmware:1.10:*:*:*:*:*:*:*", + "matchCriteriaId": "4D2C9DF5-576D-4CDF-A7E3-356FDE0B1A9F" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:edimax:br-6428ns:v4:*:*:*:*:*:*:*", + "matchCriteriaId": "A2693C87-4F33-430F-83D7-CC8286E37534" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/Erebua/CVE/blob/main/N300_BR-6428nS%20V4/4/Readme.md", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-320xx/CVE-2023-32059.json b/CVE-2023/CVE-2023-320xx/CVE-2023-32059.json index 3c6e2228178..c9f8c06da33 100644 --- a/CVE-2023/CVE-2023-320xx/CVE-2023-32059.json +++ b/CVE-2023/CVE-2023-320xx/CVE-2023-32059.json @@ -2,8 +2,8 @@ "id": "CVE-2023-32059", "sourceIdentifier": "security-advisories@github.com", "published": "2023-05-11T22:15:11.803", - "lastModified": "2023-05-11T22:15:11.803", - "vulnStatus": "Received", + "lastModified": "2023-05-23T19:07:14.350", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + }, { "source": "security-advisories@github.com", "type": "Secondary", @@ -36,8 +56,18 @@ }, "weaknesses": [ { - "source": "security-advisories@github.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + }, + { + "source": "security-advisories@github.com", + "type": "Secondary", "description": [ { "lang": "en", @@ -46,14 +76,39 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:vyper_project:vyper:*:*:*:*:*:*:*:*", + "versionEndExcluding": "0.3.8", + "matchCriteriaId": "BD6E3906-C87B-4245-9871-27CD85C32EEF" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/vyperlang/vyper/commit/c3e68c302aa6e1429946473769dd1232145822ac", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/vyperlang/vyper/security/advisories/GHSA-ph9x-4vc9-m39g", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Exploit", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-327xx/CVE-2023-32700.json b/CVE-2023/CVE-2023-327xx/CVE-2023-32700.json index 0b12c3ef1e3..9f6ae586827 100644 --- a/CVE-2023/CVE-2023-327xx/CVE-2023-32700.json +++ b/CVE-2023/CVE-2023-327xx/CVE-2023-32700.json @@ -2,31 +2,112 @@ "id": "CVE-2023-32700", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-20T18:15:09.370", - "lastModified": "2023-05-22T10:56:56.373", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-23T18:10:24.263", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "LuaTeX before 1.17.0 allows execution of arbitrary shell commands when compiling a TeX file obtained from an untrusted source. This occurs because luatex-core.lua lets the original io.popen be accessed. This also affects TeX Live before 2023 r66984 and MiKTeX before 23.5." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-Other" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:luatex_project:luatex:*:*:*:*:*:*:*:*", + "versionStartIncluding": "1.04", + "versionEndExcluding": "1.16.2", + "matchCriteriaId": "0CC436A6-682A-42AD-8A48-9DE9DC45DAF4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:miktex:miktex:*:*:*:*:*:*:*:*", + "versionStartIncluding": "2.9.6300", + "versionEndExcluding": "23.5", + "matchCriteriaId": "7F1F072F-1CC4-4C21-822E-19B37F47DEB0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tug:tex_live:*:*:*:*:*:*:*:*", + "versionStartIncluding": "2017", + "versionEndExcluding": "2023", + "matchCriteriaId": "E388AE22-25C9-4F24-90A6-7E5C42EFC224" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/TeX-Live/texlive-source/releases/tag/build-svn66984", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Release Notes" + ] }, { "url": "https://gitlab.lisn.upsaclay.fr/texlive/luatex/-/tags/1.17.0", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Release Notes" + ] }, { "url": "https://tug.org/pipermail/tex-live/2023-May/049188.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Release Notes" + ] }, { "url": "https://tug.org/~mseven/luatex.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/README.md b/README.md index 19f0eca4532..2760f37835e 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-05-23T18:00:31.140445+00:00 +2023-05-23T20:00:29.583424+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-05-23T17:41:07.897000+00:00 +2023-05-23T19:59:08.250000+00:00 ``` ### Last Data Feed Release @@ -29,41 +29,45 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -215859 +215860 ``` ### CVEs added in the last Commit -Recently added CVEs: `2` +Recently added CVEs: `1` -* [CVE-2023-25474](CVE-2023/CVE-2023-254xx/CVE-2023-25474.json) (`2023-05-23T16:15:21.577`) -* [CVE-2023-1209](CVE-2023/CVE-2023-12xx/CVE-2023-1209.json) (`2023-05-23T17:15:08.950`) +* [CVE-2023-1837](CVE-2023/CVE-2023-18xx/CVE-2023-1837.json) (`2023-05-23T19:15:09.237`) ### CVEs modified in the last Commit -Recently modified CVEs: `20` +Recently modified CVEs: `32` -* [CVE-2022-41687](CVE-2022/CVE-2022-416xx/CVE-2022-41687.json) (`2023-05-23T16:01:47.040`) -* [CVE-2022-46813](CVE-2022/CVE-2022-468xx/CVE-2022-46813.json) (`2023-05-23T17:29:27.427`) -* [CVE-2023-0600](CVE-2023/CVE-2023-06xx/CVE-2023-0600.json) (`2023-05-23T16:00:49.437`) -* [CVE-2023-22809](CVE-2023/CVE-2023-228xx/CVE-2023-22809.json) (`2023-05-23T16:15:21.390`) -* [CVE-2023-0361](CVE-2023/CVE-2023-03xx/CVE-2023-0361.json) (`2023-05-23T17:22:55.810`) -* [CVE-2023-32573](CVE-2023/CVE-2023-325xx/CVE-2023-32573.json) (`2023-05-23T17:24:32.613`) -* [CVE-2023-0644](CVE-2023/CVE-2023-06xx/CVE-2023-0644.json) (`2023-05-23T17:25:31.977`) -* [CVE-2023-0761](CVE-2023/CVE-2023-07xx/CVE-2023-0761.json) (`2023-05-23T17:26:14.353`) -* [CVE-2023-26011](CVE-2023/CVE-2023-260xx/CVE-2023-26011.json) (`2023-05-23T17:29:27.427`) -* [CVE-2023-26014](CVE-2023/CVE-2023-260xx/CVE-2023-26014.json) (`2023-05-23T17:29:27.427`) -* [CVE-2023-33599](CVE-2023/CVE-2023-335xx/CVE-2023-33599.json) (`2023-05-23T17:29:27.427`) -* [CVE-2023-33617](CVE-2023/CVE-2023-336xx/CVE-2023-33617.json) (`2023-05-23T17:29:27.427`) -* [CVE-2023-32668](CVE-2023/CVE-2023-326xx/CVE-2023-32668.json) (`2023-05-23T17:31:45.217`) -* [CVE-2023-0762](CVE-2023/CVE-2023-07xx/CVE-2023-0762.json) (`2023-05-23T17:33:28.403`) -* [CVE-2023-0763](CVE-2023/CVE-2023-07xx/CVE-2023-0763.json) (`2023-05-23T17:33:54.027`) -* [CVE-2023-0812](CVE-2023/CVE-2023-08xx/CVE-2023-0812.json) (`2023-05-23T17:34:40.603`) -* [CVE-2023-0892](CVE-2023/CVE-2023-08xx/CVE-2023-0892.json) (`2023-05-23T17:36:58.950`) -* [CVE-2023-1019](CVE-2023/CVE-2023-10xx/CVE-2023-1019.json) (`2023-05-23T17:37:30.257`) -* [CVE-2023-1207](CVE-2023/CVE-2023-12xx/CVE-2023-1207.json) (`2023-05-23T17:40:40.700`) -* [CVE-2023-1549](CVE-2023/CVE-2023-15xx/CVE-2023-1549.json) (`2023-05-23T17:41:07.897`) +* [CVE-2023-29861](CVE-2023/CVE-2023-298xx/CVE-2023-29861.json) (`2023-05-23T18:12:44.910`) +* [CVE-2023-2180](CVE-2023/CVE-2023-21xx/CVE-2023-2180.json) (`2023-05-23T18:17:01.457`) +* [CVE-2023-2179](CVE-2023/CVE-2023-21xx/CVE-2023-2179.json) (`2023-05-23T18:18:59.863`) +* [CVE-2023-2009](CVE-2023/CVE-2023-20xx/CVE-2023-2009.json) (`2023-05-23T18:21:56.943`) +* [CVE-2023-29862](CVE-2023/CVE-2023-298xx/CVE-2023-29862.json) (`2023-05-23T18:22:53.290`) +* [CVE-2023-23682](CVE-2023/CVE-2023-236xx/CVE-2023-23682.json) (`2023-05-23T18:39:41.410`) +* [CVE-2023-1915](CVE-2023/CVE-2023-19xx/CVE-2023-1915.json) (`2023-05-23T18:40:29.990`) +* [CVE-2023-1890](CVE-2023/CVE-2023-18xx/CVE-2023-1890.json) (`2023-05-23T18:42:50.847`) +* [CVE-2023-1839](CVE-2023/CVE-2023-18xx/CVE-2023-1839.json) (`2023-05-23T18:43:27.077`) +* [CVE-2023-1835](CVE-2023/CVE-2023-18xx/CVE-2023-1835.json) (`2023-05-23T18:45:51.570`) +* [CVE-2023-1596](CVE-2023/CVE-2023-15xx/CVE-2023-1596.json) (`2023-05-23T18:46:32.037`) +* [CVE-2023-31986](CVE-2023/CVE-2023-319xx/CVE-2023-31986.json) (`2023-05-23T18:48:17.007`) +* [CVE-2023-31576](CVE-2023/CVE-2023-315xx/CVE-2023-31576.json) (`2023-05-23T18:50:15.687`) +* [CVE-2023-31572](CVE-2023/CVE-2023-315xx/CVE-2023-31572.json) (`2023-05-23T18:51:16.873`) +* [CVE-2023-23720](CVE-2023/CVE-2023-237xx/CVE-2023-23720.json) (`2023-05-23T18:52:10.690`) +* [CVE-2023-23709](CVE-2023/CVE-2023-237xx/CVE-2023-23709.json) (`2023-05-23T18:53:01.447`) +* [CVE-2023-23703](CVE-2023/CVE-2023-237xx/CVE-2023-23703.json) (`2023-05-23T18:53:27.673`) +* [CVE-2023-23657](CVE-2023/CVE-2023-236xx/CVE-2023-23657.json) (`2023-05-23T18:54:10.007`) +* [CVE-2023-23676](CVE-2023/CVE-2023-236xx/CVE-2023-23676.json) (`2023-05-23T18:54:45.910`) +* [CVE-2023-23673](CVE-2023/CVE-2023-236xx/CVE-2023-23673.json) (`2023-05-23T18:55:45.033`) +* [CVE-2023-2644](CVE-2023/CVE-2023-26xx/CVE-2023-2644.json) (`2023-05-23T19:00:42.333`) +* [CVE-2023-32059](CVE-2023/CVE-2023-320xx/CVE-2023-32059.json) (`2023-05-23T19:07:14.350`) +* [CVE-2023-30330](CVE-2023/CVE-2023-303xx/CVE-2023-30330.json) (`2023-05-23T19:17:36.410`) +* [CVE-2023-2515](CVE-2023/CVE-2023-25xx/CVE-2023-2515.json) (`2023-05-23T19:53:59.490`) +* [CVE-2023-23169](CVE-2023/CVE-2023-231xx/CVE-2023-23169.json) (`2023-05-23T19:59:08.250`) ## Download and Usage