admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-07 19:16:29 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-09-25T04:00:24.307383+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-09-25 04:00:27 +00:00
parent f2ae0442b4
commit 39041be4a4
18 changed files with 634 additions and 257 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

75
CVE-2013/CVE-2013-63xx/CVE-2013-6370.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2013-6370",
"sourceIdentifier": "secalert@redhat.com",
"published": "2014-04-22T13:06:26.697",
"lastModified": "2023-09-16T13:09:25.977",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-09-25T02:30:53.533",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -63,59 +63,19 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:a:json-c:json-c:*:*:*:*:*:*:*:*",
"versionEndIncluding": "0.11",
"matchCriteriaId": "806C3A38-6671-4817-9377-5F27125088B9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:json-c:json-c:0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4CE6AA83-0255-44C8-B95C-96A97BB5D2DE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:json-c:json-c:0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "102FF5E0-E5CA-445E-9846-7B6BEDDED2CA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:json-c:json-c:0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2F1DB91B-8A33-4CA1-8CAD-2640F5BE1010"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:json-c:json-c:0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "220EB398-3FD2-4A36-9219-DC3B52239409"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:json-c:json-c:0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "AE1B75FE-C07D-4CAE-B901-AF4513337410"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:json-c:json-c:0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A80EA927-D9C4-4BFE-BEE4-E4D548066B44"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:json-c:json-c:0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "CE465C4D-56F8-4252-A51F-CD5BBFF2DEC7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:json-c:json-c:0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "60BC8718-1544-4267-AC2E-4809C065EF7D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:json-c:json-c:0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F9A7B13C-6A32-40AA-9383-166D33A715C5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:json-c_project:json-c:0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "77D9FE16-669D-45F5-B99E-3D629436FD79"
},
"versionEndExcluding": "0.12-20140410",
"matchCriteriaId": "AD66C8D0-5FF4-49EB-8347-FC463F45157F"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*",
@ -173,7 +133,10 @@
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/92540",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"VDB Entry"
]
},
{
"url": "https://github.com/json-c/json-c/commit/64e36901a0614bf64a19bc3396469c66dcd0b015",

75
CVE-2013/CVE-2013-63xx/CVE-2013-6371.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2013-6371",
"sourceIdentifier": "secalert@redhat.com",
"published": "2014-04-22T13:06:26.710",
"lastModified": "2023-09-16T13:09:25.977",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-09-25T02:30:45.793",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -63,59 +63,19 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:a:json-c:json-c:*:*:*:*:*:*:*:*",
"versionEndIncluding": "0.11",
"matchCriteriaId": "806C3A38-6671-4817-9377-5F27125088B9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:json-c:json-c:0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4CE6AA83-0255-44C8-B95C-96A97BB5D2DE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:json-c:json-c:0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "102FF5E0-E5CA-445E-9846-7B6BEDDED2CA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:json-c:json-c:0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2F1DB91B-8A33-4CA1-8CAD-2640F5BE1010"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:json-c:json-c:0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "220EB398-3FD2-4A36-9219-DC3B52239409"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:json-c:json-c:0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "AE1B75FE-C07D-4CAE-B901-AF4513337410"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:json-c:json-c:0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A80EA927-D9C4-4BFE-BEE4-E4D548066B44"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:json-c:json-c:0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "CE465C4D-56F8-4252-A51F-CD5BBFF2DEC7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:json-c:json-c:0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "60BC8718-1544-4267-AC2E-4809C065EF7D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:json-c:json-c:0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F9A7B13C-6A32-40AA-9383-166D33A715C5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:json-c_project:json-c:0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "77D9FE16-669D-45F5-B99E-3D629436FD79"
},
"versionEndExcluding": "0.12-20140410",
"matchCriteriaId": "AD66C8D0-5FF4-49EB-8347-FC463F45157F"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*",
@ -173,7 +133,10 @@
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/92541",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"VDB Entry"
]
},
{
"url": "https://github.com/json-c/json-c/commit/64e36901a0614bf64a19bc3396469c66dcd0b015",

6
CVE-2019/CVE-2019-90xx/CVE-2019-9017.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2019-9017",
"sourceIdentifier": "cve@mitre.org",
"published": "2019-05-02T19:29:00.390",
"lastModified": "2022-03-30T18:50:30.027",
"lastModified": "2023-09-25T02:29:09.350",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -84,8 +84,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:solarwinds:damewire_mini_remote_control:10.0:*:*:*:*:*:x64:*",
"matchCriteriaId": "438257D7-02FB-4B75-871C-53DC5C1D96D7"
"criteria": "cpe:2.3:a:solarwinds:dameware_mini_remote_control:10.0:*:*:*:*:*:x64:*",
"matchCriteriaId": "247E3F1A-C042-4F9F-B5AC-68AD5FCBC86C"
}
]
}

14
CVE-2020/CVE-2020-106xx/CVE-2020-10627.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2020-10627",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2021-12-01T16:15:07.390",
"lastModified": "2022-10-25T16:12:09.670",
"lastModified": "2023-09-25T02:30:38.667",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -115,8 +115,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:omnipod:insulin_management_system_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5FFB5719-FD81-4202-AC5E-5436B1AE5E99"
"criteria": "cpe:2.3:o:insulet:omnipod_insulin_management_system_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC41AB2D-AB47-41B7-AEBA-AB4C0A8608A5"
}
]
},
@ -126,13 +126,13 @@
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:omnipod:insulin_management_system:19191:*:*:*:*:*:*:*",
"matchCriteriaId": "E4ED813C-DB99-4C1D-AC22-E2D64845BCBF"
"criteria": "cpe:2.3:h:insulet:omnipod_insulin_management_system:19191:*:*:*:*:*:*:*",
"matchCriteriaId": "98184BD3-4593-4194-A00C-9C064BE96144"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:omnipod:insulin_management_system:40160:*:*:*:*:*:*:*",
"matchCriteriaId": "7E4D3369-6D6D-4C11-B52E-5F69ADC84563"
"criteria": "cpe:2.3:h:insulet:omnipod_insulin_management_system:40160:*:*:*:*:*:*:*",
"matchCriteriaId": "7AF53C0A-02F1-4F3C-996F-E0E5269034C2"
}
]
}

13
CVE-2020/CVE-2020-127xx/CVE-2020-12762.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2020-12762",
"sourceIdentifier": "cve@mitre.org",
"published": "2020-05-09T18:15:11.283",
"lastModified": "2023-09-16T13:09:25.977",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-09-25T02:30:32.380",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -89,8 +89,8 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:a:json-c:json-c:*:*:*:*:*:*:*:*",
"versionEndIncluding": "0.14",
"matchCriteriaId": "EF0AFBA0-1594-4486-9D1F-CD0574CC2E6E"
"versionEndExcluding": "0.15-20200726",
"matchCriteriaId": "1B3DEC32-B4B2-4FE9-B702-FB50EB3561C3"
}
]
}
@ -263,7 +263,10 @@
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00023.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CBR36IXYBHITAZFB5PFBJTED22WO5ONB/",

18
CVE-2021/CVE-2021-322xx/CVE-2021-32292.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2021-32292",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-22T19:16:20.350",
"lastModified": "2023-09-14T21:15:09.633",
"vulnStatus": "Modified",
"lastModified": "2023-09-25T02:31:07.580",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in json-c from 20200420 (post 0.14 unreleased code) through 0.15-20200726. A stack-buffer-overflow exists in the auxiliary sample program json_parse which is located in the function parseit."
},
{
"lang": "es",
"value": "Se descubri\u00f3 un problema en json-c desde 20200420 (post 0.14 c\u00f3digo no publicado) hasta 0.15-20200726. Existe un Desbordamiento de B\u00fafer en el programa de ejemplo auxiliar json_parse que se encuentra en el an\u00e1lisis de funciones."
}
],
"metrics": {
@ -55,9 +59,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:json-c_project:json-c:*:*:*:*:*:*:*:*",
"versionEndIncluding": "0.15-20200726",
"matchCriteriaId": "033EAA23-8493-4B45-982C-6BAA1BB7EF70"
"criteria": "cpe:2.3:a:json-c_project:json-c:0.15-20200726:*:*:*:*:*:*:*",
"matchCriteriaId": "5C367D32-8FA6-49E0-A6D5-2D86473F5E75"
}
]
}
@ -75,7 +78,10 @@
},
{
"url": "https://www.debian.org/security/2023/dsa-5486",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

84
CVE-2021/CVE-2021-367xx/CVE-2021-36767.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-36767",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-10-08T15:15:09.037",
"lastModified": "2023-05-26T18:18:57.070",
"lastModified": "2023-09-25T02:30:08.853",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -77,7 +77,6 @@
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
@ -584,87 +583,6 @@
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:digi:connectcore_8x_sbc_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E54F4B6B-774D-46C0-A32C-F56FAD9A0411"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:digi:connectcore_8x_sbc_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "86EE031B-C1F3-4AD0-AE45-CC1ECF1467C7"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:digi:connectcore_8x_som_dualxz_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BFA3DE34-67B9-44F4-8613-C6F2A842FCF6"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:digi:connectcore_8x_som_dualxz:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F76EA5E-704A-4712-A022-4FF2CBD82A57"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:digi:connectcore_8x_som_quadxplus_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C9254C4E-5AA9-4149-ABF6-0A6E4D0AA21A"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:digi:connectcore_8x_som_quadxplus:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00A6FEFF-1A1E-47F3-B831-D1874C6E70A4"
}
]
}
]
}
],
"references": [

9
CVE-2022/CVE-2022-321xx/CVE-2022-32190.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-32190",
"sourceIdentifier": "security@golang.org",
"published": "2022-09-13T18:15:14.507",
"lastModified": "2023-03-03T15:40:26.460",
"lastModified": "2023-09-25T02:29:22.430",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -67,13 +67,6 @@
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.18.0",
"versionEndExcluding": "1.18.6",
"matchCriteriaId": "BDCF5AB4-6EC5-4071-8400-D71F3A4C8750"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:golang:go:1.19.0:-:*:*:*:*:*:*",

7
CVE-2022/CVE-2022-429xx/CVE-2022-42965.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-42965",
"sourceIdentifier": "reefs@jfrog.com",
"published": "2022-11-09T20:15:10.820",
"lastModified": "2023-07-06T13:55:16.637",
"lastModified": "2023-09-25T02:29:58.253",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -85,8 +85,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:snowflake:snowflake-connector-python:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7ABE7884-E874-4535-8334-35FBB345DADA"
"criteria": "cpe:2.3:a:snowflake:snowflake-connector-python:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.8.2",
"matchCriteriaId": "F657B17B-564D-40D3-92A1-81AEC0B522C7"
}
]
}

18
CVE-2023/CVE-2023-30xx/CVE-2023-3028.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-3028",
"sourceIdentifier": "cve@asrg.io",
"published": "2023-06-01T06:15:14.577",
"lastModified": "2023-06-09T17:56:53.610",
"lastModified": "2023-09-25T02:29:40.000",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -86,6 +86,7 @@
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
@ -93,8 +94,19 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mqtt:mqtt:201808021036:*:*:*:*:*:*:*",
"matchCriteriaId": "B0BD6491-506E-4E86-B383-77E3DCD7D564"
"criteria": "cpe:2.3:o:hopechart:hqt401_firmware:201808021036:*:*:*:*:*:*:*",
"matchCriteriaId": "880C9F94-81C2-4E74-B24D-48980CA67B48"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:hopechart:hqt401:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FEFC9781-EEA6-49C6-9262-64029F1CF67B"
}
]
}

8
CVE-2023/CVE-2023-390xx/CVE-2023-39018.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-39018",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-28T15:15:13.227",
"lastModified": "2023-08-03T18:04:07.150",
"lastModified": "2023-09-25T02:30:25.407",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -59,9 +59,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:*",
"versionEndIncluding": "0.7",
"matchCriteriaId": "56D511F7-AA2C-42F4-A322-BAAC7A62F78D"
"criteria": "cpe:2.3:a:bramp:ffmpeg-cli-wrapper:*:*:*:*:*:*:*:*",
"versionEndIncluding": "0.7.0",
"matchCriteriaId": "244DDBF7-4158-41C7-8640-ABCAEDB6DDD8"
}
]
}

55
CVE-2023/CVE-2023-418xx/CVE-2023-41872.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-41872",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-09-25T02:15:09.827",
"lastModified": "2023-09-25T02:15:09.827",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Xtemos WoodMart plugin <=\u00a07.2.4 versions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/woodmart/wordpress-woodmart-theme-7-2-4-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

96
CVE-2023/CVE-2023-51xx/CVE-2023-5150.json Normal file
View File

@ -0,0 +1,96 @@
{
"id": "CVE-2023-5150",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-09-25T02:15:10.560",
"lastModified": "2023-09-25T02:15:10.560",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "** UNSUPPPORTED WHEN ASSIGNED ** ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as critical has been found in D-Link DAR-7000 and DAR-8000 up to 20151231. Affected is an unknown function of the file /useratte/web.php. The manipulation of the argument file_upload leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-240246 is the identifier assigned to this vulnerability. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed immediately that the product is end-of-life. It should be retired and replaced."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"references": [
{
"url": "https://github.com/llixixi/cve/blob/main/D-LINK-DAR-7000_upload_%20web.md",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/llixixi/cve/blob/main/D-LINK-DAR-8000-10_upload_%20web.md",
"source": "cna@vuldb.com"
},
{
"url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10354",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.240246",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.240246",
"source": "cna@vuldb.com"
}
]
}

92
CVE-2023/CVE-2023-51xx/CVE-2023-5151.json Normal file
View File

@ -0,0 +1,92 @@
{
"id": "CVE-2023-5151",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-09-25T02:15:10.657",
"lastModified": "2023-09-25T02:15:10.657",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "** UNSUPPPORTED WHEN ASSIGNED ** ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as critical was found in D-Link DAR-8000 up to 20151231. Affected by this vulnerability is an unknown functionality of the file /autheditpwd.php. The manipulation of the argument hid_id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-240247. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed immediately that the product is end-of-life. It should be retired and replaced."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/llixixi/cve/blob/main/D-LINK-DAR-8000-10_sql_%20autheditpwd.md",
"source": "cna@vuldb.com"
},
{
"url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10354",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.240247",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.240247",
"source": "cna@vuldb.com"
}
]
}

92
CVE-2023/CVE-2023-51xx/CVE-2023-5152.json Normal file
View File

@ -0,0 +1,92 @@
{
"id": "CVE-2023-5152",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-09-25T02:15:10.743",
"lastModified": "2023-09-25T02:15:10.743",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "** UNSUPPPORTED WHEN ASSIGNED ** ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, has been found in D-Link DAR-8000 up to 20151231. Affected by this issue is some unknown functionality of the file /importexport.php. The manipulation of the argument sql leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-240248. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed immediately that the product is end-of-life. It should be retired and replaced."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/llixixi/cve/blob/main/D-LINK-DAR-8000-10_sql_%20importexport.md",
"source": "cna@vuldb.com"
},
{
"url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10354",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.240248",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.240248",
"source": "cna@vuldb.com"
}
]
}

92
CVE-2023/CVE-2023-51xx/CVE-2023-5153.json Normal file
View File

@ -0,0 +1,92 @@
{
"id": "CVE-2023-5153",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-09-25T03:15:09.390",
"lastModified": "2023-09-25T03:15:09.390",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "** UNSUPPPORTED WHEN ASSIGNED ** ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, was found in D-Link DAR-8000 up to 20151231. This affects an unknown part of the file /Tool/querysql.php. The manipulation leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-240249 was assigned to this vulnerability. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed immediately that the product is end-of-life. It should be retired and replaced."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/llixixi/cve/blob/main/D-LINK-DAR-8000-10_sql_%20querysql.md",
"source": "cna@vuldb.com"
},
{
"url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10354",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.240249",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.240249",
"source": "cna@vuldb.com"
}
]
}

92
CVE-2023/CVE-2023-51xx/CVE-2023-5154.json Normal file
View File

@ -0,0 +1,92 @@
{
"id": "CVE-2023-5154",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-09-25T03:15:09.743",
"lastModified": "2023-09-25T03:15:09.743",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "** UNSUPPPORTED WHEN ASSIGNED ** ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability has been found in D-Link DAR-8000 up to 20151231 and classified as critical. This vulnerability affects unknown code of the file /sysmanage/changelogo.php. The manipulation of the argument file_upload leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-240250 is the identifier assigned to this vulnerability. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed immediately that the product is end-of-life. It should be retired and replaced."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"references": [
{
"url": "https://github.com/llixixi/cve/blob/main/D-LINK-DAR-8000-10_upload_%20changelogo.md",
"source": "cna@vuldb.com"
},
{
"url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10354",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.240250",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.240250",
"source": "cna@vuldb.com"
}
]
}

45
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-09-25T02:00:25.713305+00:00
2023-09-25T04:00:24.307383+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-09-25T01:35:47.210000+00:00
2023-09-25T03:15:09.743000+00:00
```
### Last Data Feed Release
@ -29,37 +29,36 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
226085
226091
```
### CVEs added in the last Commit
Recently added CVEs: `8`
Recently added CVEs: `6`
* [CVE-2023-5145](CVE-2023/CVE-2023-51xx/CVE-2023-5145.json) (`2023-09-25T00:15:10.217`)
* [CVE-2023-5146](CVE-2023/CVE-2023-51xx/CVE-2023-5146.json) (`2023-09-25T00:15:11.300`)
* [CVE-2023-41874](CVE-2023/CVE-2023-418xx/CVE-2023-41874.json) (`2023-09-25T01:15:17.280`)
* [CVE-2023-41948](CVE-2023/CVE-2023-419xx/CVE-2023-41948.json) (`2023-09-25T01:15:19.130`)
* [CVE-2023-41949](CVE-2023/CVE-2023-419xx/CVE-2023-41949.json) (`2023-09-25T01:15:19.217`)
* [CVE-2023-5147](CVE-2023/CVE-2023-51xx/CVE-2023-5147.json) (`2023-09-25T01:15:19.327`)
* [CVE-2023-5148](CVE-2023/CVE-2023-51xx/CVE-2023-5148.json) (`2023-09-25T01:15:19.420`)
* [CVE-2023-5149](CVE-2023/CVE-2023-51xx/CVE-2023-5149.json) (`2023-09-25T01:15:19.503`)
* [CVE-2023-41872](CVE-2023/CVE-2023-418xx/CVE-2023-41872.json) (`2023-09-25T02:15:09.827`)
* [CVE-2023-5150](CVE-2023/CVE-2023-51xx/CVE-2023-5150.json) (`2023-09-25T02:15:10.560`)
* [CVE-2023-5151](CVE-2023/CVE-2023-51xx/CVE-2023-5151.json) (`2023-09-25T02:15:10.657`)
* [CVE-2023-5152](CVE-2023/CVE-2023-51xx/CVE-2023-5152.json) (`2023-09-25T02:15:10.743`)
* [CVE-2023-5153](CVE-2023/CVE-2023-51xx/CVE-2023-5153.json) (`2023-09-25T03:15:09.390`)
* [CVE-2023-5154](CVE-2023/CVE-2023-51xx/CVE-2023-5154.json) (`2023-09-25T03:15:09.743`)
### CVEs modified in the last Commit
Recently modified CVEs: `10`
Recently modified CVEs: `11`
* [CVE-2022-3962](CVE-2022/CVE-2022-39xx/CVE-2022-3962.json) (`2023-09-25T01:35:47.210`)
* [CVE-2023-5125](CVE-2023/CVE-2023-51xx/CVE-2023-5125.json) (`2023-09-25T01:35:47.210`)
* [CVE-2023-5134](CVE-2023/CVE-2023-51xx/CVE-2023-5134.json) (`2023-09-25T01:35:47.210`)
* [CVE-2023-1260](CVE-2023/CVE-2023-12xx/CVE-2023-1260.json) (`2023-09-25T01:35:47.210`)
* [CVE-2023-1625](CVE-2023/CVE-2023-16xx/CVE-2023-1625.json) (`2023-09-25T01:35:47.210`)
* [CVE-2023-1633](CVE-2023/CVE-2023-16xx/CVE-2023-1633.json) (`2023-09-25T01:35:47.210`)
* [CVE-2023-1636](CVE-2023/CVE-2023-16xx/CVE-2023-1636.json) (`2023-09-25T01:35:47.210`)
* [CVE-2023-5142](CVE-2023/CVE-2023-51xx/CVE-2023-5142.json) (`2023-09-25T01:35:47.210`)
* [CVE-2023-5143](CVE-2023/CVE-2023-51xx/CVE-2023-5143.json) (`2023-09-25T01:35:47.210`)
* [CVE-2023-5144](CVE-2023/CVE-2023-51xx/CVE-2023-5144.json) (`2023-09-25T01:35:47.210`)
* [CVE-2013-6371](CVE-2013/CVE-2013-63xx/CVE-2013-6371.json) (`2023-09-25T02:30:45.793`)
* [CVE-2013-6370](CVE-2013/CVE-2013-63xx/CVE-2013-6370.json) (`2023-09-25T02:30:53.533`)
* [CVE-2019-9017](CVE-2019/CVE-2019-90xx/CVE-2019-9017.json) (`2023-09-25T02:29:09.350`)
* [CVE-2020-12762](CVE-2020/CVE-2020-127xx/CVE-2020-12762.json) (`2023-09-25T02:30:32.380`)
* [CVE-2020-10627](CVE-2020/CVE-2020-106xx/CVE-2020-10627.json) (`2023-09-25T02:30:38.667`)
* [CVE-2021-36767](CVE-2021/CVE-2021-367xx/CVE-2021-36767.json) (`2023-09-25T02:30:08.853`)
* [CVE-2021-32292](CVE-2021/CVE-2021-322xx/CVE-2021-32292.json) (`2023-09-25T02:31:07.580`)
* [CVE-2022-32190](CVE-2022/CVE-2022-321xx/CVE-2022-32190.json) (`2023-09-25T02:29:22.430`)
* [CVE-2022-42965](CVE-2022/CVE-2022-429xx/CVE-2022-42965.json) (`2023-09-25T02:29:58.253`)
* [CVE-2023-3028](CVE-2023/CVE-2023-30xx/CVE-2023-3028.json) (`2023-09-25T02:29:40.000`)
* [CVE-2023-39018](CVE-2023/CVE-2023-390xx/CVE-2023-39018.json) (`2023-09-25T02:30:25.407`)
## Download and Usage