admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-10-31T03:00:24.561811+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-10-31 03:00:28 +00:00
parent 7045cdb4b4
commit 3b389dd6f9
11 changed files with 496 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
CVE-2023/CVE-2023-317xx/CVE-2023-31794.json Normal file
View File

@ -0,0 +1,28 @@
{
"id": "CVE-2023-31794",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-31T01:15:07.497",
"lastModified": "2023-10-31T01:15:07.497",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "MuPDF v1.21.1 was discovered to contain an infinite recursion in the component pdf_mark_list_push. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted PDF file."
}
],
"metrics": {},
"references": [
{
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=706506",
"source": "cve@mitre.org"
},
{
"url": "https://gist.github.com/spookhorror/c770d118767b1b0d89fdfe2845169d06",
"source": "cve@mitre.org"
},
{
"url": "https://git.ghostscript.com/?p=mupdf.git;h=c0015401693b58e2deb5d75c39f27bc1216e47c6",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-458xx/CVE-2023-45899.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-45899",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-31T02:15:07.957",
"lastModified": "2023-10-31T02:15:07.957",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An issue in the component SuperUserSetuserModuleFrontController:init() of idnovate superuser before v2.4.2 allows attackers to bypass authentication via a crafted HTTP call."
}
],
"metrics": {},
"references": [
{
"url": "https://security.friendsofpresta.org/modules/2023/10/26/superuser.html",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-460xx/CVE-2023-46040.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-46040",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-31T02:15:08.007",
"lastModified": "2023-10-31T02:15:08.007",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Cross Site Scripting vulnerability in GetSimpleCMS v.3.4.0a allows a remote attacker to execute arbitrary code via the a crafted payload to the components.php function."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/Num-Nine/CVE/wiki/GetSimplecms-exists-to-store-xss",
"source": "cve@mitre.org"
}
]
}

59
CVE-2023/CVE-2023-58xx/CVE-2023-5861.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-5861",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-10-31T01:15:07.630",
"lastModified": "2023-10-31T01:15:07.630",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Cross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber prior to 2.0."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.6,
"impactScore": 4.7
}
]
},
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/microweber/microweber/commit/6ed7ebf1631dd8f0780caa4151a5538f3b227d26",
"source": "security@huntr.dev"
},
{
"url": "https://huntr.com/bounties/7baecef8-6c59-42fc-bced-886c4929e220",
"source": "security@huntr.dev"
}
]
}

59
CVE-2023/CVE-2023-58xx/CVE-2023-5862.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-5862",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-10-31T01:15:07.697",
"lastModified": "2023-10-31T01:15:07.697",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization in GitHub repository hamza417/inure prior to Build95."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.5,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://github.com/hamza417/inure/commit/52b8c0bae36f129a5be05e377d7391afc3629df6",
"source": "security@huntr.dev"
},
{
"url": "https://huntr.com/bounties/0e517db6-d8ba-4cb9-9339-7991dda52e6d",
"source": "security@huntr.dev"
}
]
}

59
CVE-2023/CVE-2023-58xx/CVE-2023-5863.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-5863",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-10-31T01:15:07.757",
"lastModified": "2023-10-31T01:15:07.757",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Cross-site Scripting (XSS) - Reflected in GitHub repository thorsten/phpmyfaq prior to 3.2.2."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.4,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.1,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/thorsten/phpmyfaq/commit/97e813dcd2022bd10a8770569a8b02591716365f",
"source": "security@huntr.dev"
},
{
"url": "https://huntr.com/bounties/fbfd4e84-61fb-4063-8f11-15877b8c1f6f",
"source": "security@huntr.dev"
}
]
}

59
CVE-2023/CVE-2023-58xx/CVE-2023-5864.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-5864",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-10-31T01:15:07.817",
"lastModified": "2023-10-31T01:15:07.817",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.2.1."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 0.7,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/thorsten/phpmyfaq/commit/b3e5a053b59dcc072d76a55d6ce0311ea30174fa",
"source": "security@huntr.dev"
},
{
"url": "https://huntr.com/bounties/e4b0e8f4-5e06-49d1-832f-5756573623ad",
"source": "security@huntr.dev"
}
]
}

59
CVE-2023/CVE-2023-58xx/CVE-2023-5865.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-5865",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-10-31T01:15:07.880",
"lastModified": "2023-10-31T01:15:07.880",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Insufficient Session Expiration in GitHub repository thorsten/phpmyfaq prior to 3.2.2."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "HIGH",
"baseScore": 7.6,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 4.7
}
]
},
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-613"
}
]
}
],
"references": [
{
"url": "https://github.com/thorsten/phpmyfaq/commit/5f43786f52c3d517e7665abd25d534e180e08dc5",
"source": "security@huntr.dev"
},
{
"url": "https://huntr.com/bounties/4c4b7395-d9fd-4ca0-98d7-2e20c1249aff",
"source": "security@huntr.dev"
}
]
}

59
CVE-2023/CVE-2023-58xx/CVE-2023-5866.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-5866",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-10-31T01:15:07.947",
"lastModified": "2023-10-31T01:15:07.947",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository thorsten/phpmyfaq prior to 3.2.1."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
]
},
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-614"
}
]
}
],
"references": [
{
"url": "https://github.com/thorsten/phpmyfaq/commit/fdacff14acd5e69841068f0e32b59e2d1b1d0d55",
"source": "security@huntr.dev"
},
{
"url": "https://huntr.com/bounties/ec44bcba-ae7f-497a-851e-8165ecf56945",
"source": "security@huntr.dev"
}
]
}

59
CVE-2023/CVE-2023-58xx/CVE-2023-5867.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-5867",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-10-31T01:15:08.020",
"lastModified": "2023-10-31T01:15:08.020",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.2.2."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.1,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/thorsten/phpmyfaq/commit/5310cb8c37dc3a5c5aead0898690b14705c433d3",
"source": "security@huntr.dev"
},
{
"url": "https://huntr.com/bounties/5c09b32e-a041-4a1e-a277-eb3e80967df0",
"source": "security@huntr.dev"
}
]
}

32
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update ### Last Repository Update
```plain ```plain
2023-10-31T00:55:24.716120+00:00 2023-10-31T03:00:24.561811+00:00
``` ```
### Most recent CVE Modification Timestamp synchronized with NVD ### Most recent CVE Modification Timestamp synchronized with NVD
```plain ```plain
2023-10-31T00:15:10.107000+00:00 2023-10-31T02:15:08.007000+00:00
``` ```
### Last Data Feed Release ### Last Data Feed Release
@ -23,31 +23,29 @@ Repository synchronizes with the NVD every 2 hours.
Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/releases/latest) Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/releases/latest)
```plain ```plain
2023-10-30T01:00:13.533300+00:00 2023-10-31T01:00:13.562077+00:00
``` ```
### Total Number of included CVEs ### Total Number of included CVEs
```plain ```plain
229297 229307
``` ```
### CVEs added in the last Commit ### CVEs added in the last Commit
Recently added CVEs: `12` Recently added CVEs: `10`
* [CVE-2023-43797](CVE-2023/CVE-2023-437xx/CVE-2023-43797.json) (`2023-10-30T23:15:08.317`) * [CVE-2023-31794](CVE-2023/CVE-2023-317xx/CVE-2023-31794.json) (`2023-10-31T01:15:07.497`)
* [CVE-2023-43798](CVE-2023/CVE-2023-437xx/CVE-2023-43798.json) (`2023-10-30T23:15:08.397`) * [CVE-2023-5861](CVE-2023/CVE-2023-58xx/CVE-2023-5861.json) (`2023-10-31T01:15:07.630`)
* [CVE-2023-44397](CVE-2023/CVE-2023-443xx/CVE-2023-44397.json) (`2023-10-30T23:15:08.467`) * [CVE-2023-5862](CVE-2023/CVE-2023-58xx/CVE-2023-5862.json) (`2023-10-31T01:15:07.697`)
* [CVE-2023-45670](CVE-2023/CVE-2023-456xx/CVE-2023-45670.json) (`2023-10-30T23:15:08.543`) * [CVE-2023-5863](CVE-2023/CVE-2023-58xx/CVE-2023-5863.json) (`2023-10-31T01:15:07.757`)
* [CVE-2023-45671](CVE-2023/CVE-2023-456xx/CVE-2023-45671.json) (`2023-10-30T23:15:08.620`) * [CVE-2023-5864](CVE-2023/CVE-2023-58xx/CVE-2023-5864.json) (`2023-10-31T01:15:07.817`)
* [CVE-2023-45672](CVE-2023/CVE-2023-456xx/CVE-2023-45672.json) (`2023-10-30T23:15:08.697`) * [CVE-2023-5865](CVE-2023/CVE-2023-58xx/CVE-2023-5865.json) (`2023-10-31T01:15:07.880`)
* [CVE-2023-45804](CVE-2023/CVE-2023-458xx/CVE-2023-45804.json) (`2023-10-30T23:15:08.773`) * [CVE-2023-5866](CVE-2023/CVE-2023-58xx/CVE-2023-5866.json) (`2023-10-31T01:15:07.947`)
* [CVE-2023-46478](CVE-2023/CVE-2023-464xx/CVE-2023-46478.json) (`2023-10-30T23:15:08.820`) * [CVE-2023-5867](CVE-2023/CVE-2023-58xx/CVE-2023-5867.json) (`2023-10-31T01:15:08.020`)
* [CVE-2023-46502](CVE-2023/CVE-2023-465xx/CVE-2023-46502.json) (`2023-10-30T23:15:08.857`) * [CVE-2023-45899](CVE-2023/CVE-2023-458xx/CVE-2023-45899.json) (`2023-10-31T02:15:07.957`)
* [CVE-2023-46129](CVE-2023/CVE-2023-461xx/CVE-2023-46129.json) (`2023-10-31T00:15:09.933`) * [CVE-2023-46040](CVE-2023/CVE-2023-460xx/CVE-2023-46040.json) (`2023-10-31T02:15:08.007`)
* [CVE-2023-46138](CVE-2023/CVE-2023-461xx/CVE-2023-46138.json) (`2023-10-31T00:15:10.023`)
* [CVE-2023-46139](CVE-2023/CVE-2023-461xx/CVE-2023-46139.json) (`2023-10-31T00:15:10.107`)
### CVEs modified in the last Commit ### CVEs modified in the last Commit