admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-09-19T16:00:24.964018+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-09-19 16:00:28 +00:00
parent cb7fc52b29
commit 3bfaf14a00
29 changed files with 1634 additions and 109 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
CVE-2021/CVE-2021-284xx/CVE-2021-28485.json
View File

@ -2,16 +2,24 @@
"id": "CVE-2021-28485",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-14T15:15:07.827",
"lastModified": "2023-09-15T20:15:07.493",
"lastModified": "2023-09-19T15:15:51.707",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
"lang": "en",
"value": "In Ericsson Mobile Switching Center Server (MSC-S) before IS 3.1 CP22, the SIS web application allows relative path traversal via a specific parameter in the https request after authentication, which allows access to files on the system that are not intended to be accessible via the web application."
},
{
"lang": "es",
"value": "En Ericsson Mobile Switching Center Server (MSC-S) anterior a IS 3.1 CP22, la aplicaci\u00f3n web SIS permite el Path Traversal a trav\u00e9s de un par\u00e1metro espec\u00edfico en la solicitud https despu\u00e9s de la autenticaci\u00f3n, lo que permite el acceso a archivos en el sistema a los que no se pretende que sean accesibles a trav\u00e9s de la aplicaci\u00f3n web."
}
],
"metrics": {},
"references": [
{
"url": "https://www.ericsson.com/en/about-us/security/psirt",
"source": "cve@mitre.org"
},
{
"url": "https://www.gruppotim.it/it/footer/red-team.html",
"source": "cve@mitre.org"

55
CVE-2022/CVE-2022-475xx/CVE-2022-47559.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2022-47559",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2023-09-19T14:15:15.807",
"lastModified": "2023-09-19T14:15:15.807",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "** UNSUPPPORTED WHEN ASSIGNED ** Lack of device control over web requests in ekorCCP and ekorRCI, allowing an attacker to create customised requests to execute malicious actions when a user is logged in, affecting availability, privacy and integrity."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 8.6,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 4.7
}
]
},
"weaknesses": [
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso-sci/multiple-vulnerabilities-ormazabal-products",
"source": "cve-coordination@incibe.es"
}
]
}

71
CVE-2023/CVE-2023-201xx/CVE-2023-20135.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-20135",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2023-09-13T17:15:09.253",
"lastModified": "2023-09-13T17:27:35.837",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-19T14:35:29.487",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Cisco IOS XR Software image verification checks could allow an authenticated, local attacker to execute arbitrary code on the underlying operating system.\r\n\r This vulnerability is due to a time-of-check, time-of-use (TOCTOU) race condition when an install query regarding an ISO image is performed during an install operation that uses an ISO image. An attacker could exploit this vulnerability by modifying an ISO image and then carrying out install requests in parallel. A successful exploit could allow the attacker to execute arbitrary code on an affected device."
},
{
"lang": "es",
"value": "Una vulnerabilidad en las comprobaciones de verificaci\u00f3n de im\u00e1genes del Software Cisco IOS XR podr\u00eda permitir que un atacante local autenticado ejecute c\u00f3digo arbitrario en el sistema operativo subyacente. Esta vulnerabilidad se debe a una condici\u00f3n de ejecuci\u00f3n de tiempo de verificaci\u00f3n, tiempo de uso (TOCTOU) cuando se realiza una consulta de instalaci\u00f3n relacionada con una imagen ISO durante una operaci\u00f3n de instalaci\u00f3n que utiliza una imagen ISO. Un atacante podr\u00eda aprovechar esta vulnerabilidad modificando una imagen ISO y luego realizando solicitudes de instalaci\u00f3n en paralelo. Una explotaci\u00f3n existosa podr\u00eda permitir al atacante ejecutar c\u00f3digo arbitrario en un dispositivo afectado."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9
},
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
@ -34,10 +58,51 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-367"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:h:cisco:ios_xr:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.5.2",
"versionEndExcluding": "7.6",
"matchCriteriaId": "1D0FA627-590F-4E92-880A-6E006CF63D71"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:h:cisco:ios_xr:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.7",
"versionEndExcluding": "7.10.1",
"matchCriteriaId": "2DD39E73-3E40-4716-8ABB-2CF8D58AF25B"
}
]
}
]
}
],
"references": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-lnt-L9zOkBz5",
"source": "ykramarz@cisco.com"
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
]
}
]
}

83
CVE-2023/CVE-2023-201xx/CVE-2023-20190.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-20190",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2023-09-13T17:15:09.357",
"lastModified": "2023-09-13T17:27:35.837",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-19T15:45:04.047",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the classic access control list (ACL) compression feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to bypass the protection that is offered by a configured ACL on an affected device.\r\n\r This vulnerability is due to incorrect destination address range encoding in the compression module of an ACL that is applied to an interface of an affected device. An attacker could exploit this vulnerability by sending traffic through the affected device that should be denied by the configured ACL. A successful exploit could allow the attacker to bypass configured ACL protections on the affected device, allowing the attacker to access trusted networks that the device might be protecting.\r\n\r There are workarounds that address this vulnerability.\r\n\r \r\n\r \r This advisory is part of the September 2023 release of the Cisco IOS XR Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: September 2023 Semiannual Cisco IOS XR Software Security Advisory Bundled Publication ."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la caracter\u00edstica de compresi\u00f3n de la cl\u00e1sica lista de control de acceso (ACL) del software Cisco IOS XR podr\u00eda permitir que un atacante remoto no autenticado evite la protecci\u00f3n que ofrece una ACL configurada en un dispositivo afectado. Esta vulnerabilidad se debe a una codificaci\u00f3n incorrecta del rango de direcciones de destino en el m\u00f3dulo de compresi\u00f3n de una ACL que se aplica a una interfaz de un dispositivo afectado. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando tr\u00e1fico a trav\u00e9s del dispositivo afectado que la ACL configurada deber\u00eda denegar. Una explotaci\u00f3n existosa exitoso podr\u00eda permitir al atacante eludir las protecciones ACL configuradas en el dispositivo afectado, permiti\u00e9ndole acceder a redes confiables que el dispositivo podr\u00eda estar protegiendo. Existen soluciones que abordan esta vulnerabilidad. Este aviso es parte de la publicaci\u00f3n de septiembre de 2023 del paquete de avisos de seguridad del software Cisco IOS XR."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
@ -34,10 +58,63 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:h:cisco:ios_xr:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.3.5",
"matchCriteriaId": "5C9E87A2-289F-413D-AC06-6162141FB1F4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:h:cisco:ios_xr:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.5",
"versionEndExcluding": "7.5.4",
"matchCriteriaId": "94EC85D1-7AE9-4F89-82EC-5FC227044BEA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:h:cisco:ios_xr:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.6",
"versionEndExcluding": "7.8.2",
"matchCriteriaId": "E1244647-6336-41CB-8F2D-665FB76F44D6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:h:cisco:ios_xr:7.9:*:*:*:*:*:*:*",
"matchCriteriaId": "66AEB63B-0A8B-40E7-966C-B7EE01F70E2A"
}
]
}
]
}
],
"references": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-comp3acl-vGmp6BQ3",
"source": "ykramarz@cisco.com"
"source": "ykramarz@cisco.com",
"tags": [
"Exploit",
"Vendor Advisory"
]
}
]
}

75
CVE-2023/CVE-2023-201xx/CVE-2023-20191.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-20191",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2023-09-13T17:15:09.440",
"lastModified": "2023-09-13T17:27:35.837",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-19T15:50:22.317",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the access control list (ACL) processing on MPLS interfaces in the ingress direction of Cisco IOS XR Software could allow an unauthenticated, remote attacker to bypass a configured ACL.\r\n\r This vulnerability is due to incomplete support for this feature. An attacker could exploit this vulnerability by attempting to send traffic through an affected device. A successful exploit could allow the attacker to bypass an ACL on the affected device.\r\n\r There are workarounds that address this vulnerability.\r\n\r \r\n\r \r This advisory is part of the September 2023 release of the Cisco IOS XR Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: September 2023 Semiannual Cisco IOS XR Software Security Advisory Bundled Publication ."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el procesamiento de la lista de control de acceso (ACL) en las interfaces MPLS en la direcci\u00f3n de ingreso del software Cisco IOS XR podr\u00eda permitir que un atacante remoto no autenticado omita una ACL configurada. Esta vulnerabilidad se debe a la compatibilidad incompleta con esta caracter\u00edstica. Un atacante podr\u00eda aprovechar esta vulnerabilidad intentando enviar tr\u00e1fico a trav\u00e9s de un dispositivo afectado. Una explotaci\u00f3n existosa podr\u00eda permitir al atacante eludir una ACL en el dispositivo afectado. Existen soluciones que abordan esta vulnerabilidad. Este aviso es parte de la publicaci\u00f3n de septiembre de 2023 del paquete de avisos de seguridad del software Cisco IOS XR."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
@ -34,10 +58,55 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:h:cisco:ios_xr:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.7.21",
"matchCriteriaId": "A1278815-CDE6-471B-A51F-3E0066D5A5EE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:h:cisco:ios_xr:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.8",
"versionEndExcluding": "7.9.2",
"matchCriteriaId": "5770983C-0EB9-4AC7-91FB-BF9AA4A9AE52"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:h:cisco:ios_xr:7.10:*:*:*:*:*:*:*",
"matchCriteriaId": "F12D609A-06F4-44BE-9455-F28C1ECB4DE8"
}
]
}
]
}
],
"references": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dnx-acl-PyzDkeYF",
"source": "ykramarz@cisco.com"
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
]
}
]
}

20
CVE-2023/CVE-2023-318xx/CVE-2023-31808.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-31808",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-19T14:15:20.610",
"lastModified": "2023-09-19T14:15:20.610",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Technicolor TG670 10.5.N.9 devices contain multiple accounts with hard-coded passwords. One account has administrative privileges, allowing for unrestricted access over the WAN interface if Remote Administration is enabled."
}
],
"metrics": {},
"references": [
{
"url": "https://www.kb.cert.org/vuls/id/913565",
"source": "cve@mitre.org"
}
]
}

100
CVE-2023/CVE-2023-32xx/CVE-2023-3280.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-3280",
"sourceIdentifier": "psirt@paloaltonetworks.com",
"published": "2023-09-13T17:15:09.963",
"lastModified": "2023-09-13T17:27:35.837",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-19T15:35:22.453",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local user to disable the agent.\n\n"
},
{
"lang": "es",
"value": "Un problema con un mecanismo de protecci\u00f3n en el agente Cortex XDR de Palo Alto Networks en dispositivos Windows permite a un usuario local desactivar el agente."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "psirt@paloaltonetworks.com",
"type": "Secondary",
@ -35,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-755"
}
]
},
{
"source": "psirt@paloaltonetworks.com",
"type": "Secondary",
@ -46,10 +80,70 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.0",
"versionEndIncluding": "5.0.12.22203",
"matchCriteriaId": "847D7E4D-E088-45F4-8843-56F0F2131D69"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:*:*:*:*:-:*:*:*",
"versionStartIncluding": "7.9.0",
"versionEndExcluding": "7.9.3",
"matchCriteriaId": "5F40DE3D-6113-4823-99EC-730BCA0EA408"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:*:*:*:*:content_update:*:*:*",
"versionStartIncluding": "7.9.0",
"versionEndExcluding": "7.9.101",
"matchCriteriaId": "186B115E-3534-4A84-B663-BF8BB7118EA7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.0.0",
"versionEndExcluding": "8.0.2",
"matchCriteriaId": "FE005B8A-9F4D-49B1-9A41-4711380D9FE3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:paloaltonetworks:cortex_xdr_agent:7.5.102:*:*:*:content_update:*:*:*",
"matchCriteriaId": "4F3F0B52-38A7-4CA4-9727-F105A626F6EB"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://security.paloaltonetworks.com/CVE-2023-3280",
"source": "psirt@paloaltonetworks.com"
"source": "psirt@paloaltonetworks.com",
"tags": [
"Vendor Advisory"
]
}
]
}

57
CVE-2023/CVE-2023-372xx/CVE-2023-37281.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-37281",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-09-15T20:15:08.310",
"lastModified": "2023-09-17T12:01:22.937",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-19T15:14:11.227",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Contiki-NG is an operating system for internet-of-things devices. In versions 4.9 and prior, when processing the various IPv6 header fields during IPHC header decompression, Contiki-NG confirms the received packet buffer contains enough data as needed for that field. But no similar check is done before decompressing the IPv6 address. Therefore, up to 16 bytes can be read out of bounds on the line with the statement `memcpy(&ipaddr->u8[16 - postcount], iphc_ptr, postcount);`. The value of `postcount` depends on the address compression used in the received packet and can be controlled by the attacker. As a result, an attacker can inject a packet that causes an out-of-bound read. As of time of publication, a patched version is not available. As a workaround, one can apply the changes in Contiki-NG pull request #2509 to patch the system."
},
{
"lang": "es",
"value": "Contiki-NG es un sistema operativo para dispositivos de Internet de las cosas. En las versiones 4.9 y anteriores, al procesar los diversos campos del encabezado IPv6 durante la descompresi\u00f3n del encabezado IPHC, Contiki-NG confirma que el b\u00fafer del paquete recibido contiene suficientes datos necesarios para ese campo. Pero no se realiza ninguna verificaci\u00f3n similar antes de descomprimir la direcci\u00f3n IPv6. Por lo tanto, se pueden leer hasta 16 bytes fuera de l\u00edmites en la l\u00ednea con la declaraci\u00f3n `memcpy(&ipaddr->u8[16 - postcount], iphc_ptr, postcount);`. El valor de \"postcount\" depende de la compresi\u00f3n de direcci\u00f3n utilizada en el paquete recibido y puede ser controlado por el atacante. Como resultado, un atacante puede inyectar un paquete que provoque una lectura fuera de los l\u00edmites. En el momento de la publicaci\u00f3n, no hay una versi\u00f3n parcheada disponible. Como workaround, se pueden aplicar los cambios en la solicitud de extracci\u00f3n #2509 de Contiki-NG para parchear el sistema."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,14 +70,39 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:contiki-ng:contiki-ng:*:*:*:*:*:*:*:*",
"versionEndIncluding": "4.9",
"matchCriteriaId": "5ECE789E-8C10-42CB-BD98-A301AC471904"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/contiki-ng/contiki-ng/pull/2509",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Issue Tracking",
"Patch"
]
},
{
"url": "https://github.com/contiki-ng/contiki-ng/security/advisories/GHSA-2v4c-9p48-g9pr",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
}
]
}

57
CVE-2023/CVE-2023-374xx/CVE-2023-37459.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-37459",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-09-15T20:15:08.650",
"lastModified": "2023-09-17T12:01:22.937",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-19T15:14:43.653",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Contiki-NG is an operating system for internet-of-things devices. In versions 4.9 and prior, when a packet is received, the Contiki-NG network stack attempts to start the periodic TCP timer if it is a TCP packet with the SYN flag set. But the implementation does not first verify that a full TCP header has been received. Specifically, the implementation attempts to access the flags field from the TCP buffer in the following conditional expression in the `check_for_tcp_syn` function. For this reason, an attacker can inject a truncated TCP packet, which will lead to an out-of-bound read from the packet buffer. As of time of publication, a patched version is not available. As a workaround, one can apply the changes in Contiki-NG pull request #2510 to patch the system."
},
{
"lang": "es",
"value": "Contiki-NG es un sistema operativo para dispositivos de Internet de las cosas. En las versiones 4.9 y anteriores, cuando se recibe un paquete, la pila de red Contiki-NG intenta iniciar el temporizador TCP peri\u00f3dico si se trata de un paquete TCP con el indicador SYN configurado. Pero la implementaci\u00f3n no verifica primero que se haya recibido un encabezado TCP completo. Espec\u00edficamente, la implementaci\u00f3n intenta acceder al campo de banderas desde el b\u00fafer TCP en la siguiente expresi\u00f3n condicional en la funci\u00f3n `check_for_tcp_syn`. Por este motivo, un atacante puede inyectar un paquete TCP truncado, lo que provocar\u00e1 una lectura fuera de los l\u00edmites del b\u00fafer de paquetes. Al momento de la publicaci\u00f3n, no hay una versi\u00f3n parcheada disponible. Como soluci\u00f3n alternativa, se pueden aplicar los cambios en la solicitud de extracci\u00f3n #2510 de Contiki-NG para parchear el sistema."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,14 +70,39 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:contiki-ng:contiki-ng:*:*:*:*:*:*:*:*",
"versionEndIncluding": "4.9",
"matchCriteriaId": "5ECE789E-8C10-42CB-BD98-A301AC471904"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/contiki-ng/contiki-ng/pull/2510",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Issue Tracking",
"Patch"
]
},
{
"url": "https://github.com/contiki-ng/contiki-ng/security/advisories/GHSA-6648-m23r-hq8c",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
}
]
}

55
CVE-2023/CVE-2023-38xx/CVE-2023-3892.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-3892",
"sourceIdentifier": "security@mimsoftware.com",
"published": "2023-09-19T15:15:52.053",
"lastModified": "2023-09-19T15:15:52.053",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Improper Restriction of XML External Entity Reference vulnerability in MIM Assistant and Client DICOM RTst Loading modules allows XML Entity Linking / XML External Entities Blowup.\n\n\n\n\nIn order to take advantage of this vulnerability, an attacker must \ncraft a malicious XML document, embed this document into specific 3rd \nparty private RTst metadata tags, transfer the now compromised \nDICOM object to MIM, and force MIM to archive and load the data.\n\nUsers on either version are strongly encouraged to update to an unaffected version (7.2.11+, 7.3.4+).\n\nThis issue was found and analyzed by MIM Software's internal security team.\u00a0 We are unaware of any proof of concept or actual exploit available in the wild.\n\n\nFor more information, visit https://www.mimsoftware.com/cve-2023-3892 https://www.mimsoftware.com/cve-2023-3892 \n\n\n\n\nThis issue affects MIM Assistant: 7.2.10, 7.3.3; MIM Client: 7.2.10, 7.3.3.\n\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@mimsoftware.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "HIGH",
"baseScore": 5.6,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.9,
"impactScore": 4.7
}
]
},
"weaknesses": [
{
"source": "security@mimsoftware.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-611"
}
]
}
],
"references": [
{
"url": "https://www.mimsoftware.com/cve-2023-3892",
"source": "security@mimsoftware.com"
}
]
}

68
CVE-2023/CVE-2023-407xx/CVE-2023-40779.json
View File

@ -2,19 +2,79 @@
"id": "CVE-2023-40779",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-14T18:15:09.253",
"lastModified": "2023-09-14T18:32:35.497",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-19T15:12:36.920",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue in IceWarp Mail Server Deep Castle 2 v.13.0.1.2 allows a remote attacker to execute arbitrary code via a crafted request to the URL."
},
{
"lang": "es",
"value": "Un problema en IceWarp Mail Server Deep Castle 2 v.13.0.1.2 permite a un atacante remoto ejecutar c\u00f3digo arbitrario a trav\u00e9s de una solicitud manipulada a la URL."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-601"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:icewarp:deep_castle_g2:13.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B5DE2A6A-46CA-40C9-AC88-B3DC36D3D20A"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://medium.com/@muthumohanprasath.r/open-redirection-vulnerability-on-icewarp-webclient-product-cve-2023-40779-61176503710",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

80
CVE-2023/CVE-2023-408xx/CVE-2023-40850.json
View File

@ -2,19 +2,91 @@
"id": "CVE-2023-40850",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-13T20:15:07.927",
"lastModified": "2023-09-14T13:01:09.107",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-19T15:26:59.927",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "netentsec NS-ASG 6.3 is vulnerable to Incorrect Access Control. There is a file leak in the website source code of the application security gateway."
},
{
"lang": "es",
"value": "netentsec NS-ASG 6.3 es vulnerable a un Control de Acceso Incorrecto. Hay una fuga de archivos en el c\u00f3digo fuente del sitio web de la puerta de enlace de seguridad de la aplicaci\u00f3n."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:netentsec:ns-asg_firmware:6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6B9BEF1C-D57F-4289-8AE8-D29A43C8F7E8"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:netentsec:ns-asg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F7FC64EC-FBAF-42F3-B743-C4873014168C"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/flyyue2001/cve/blob/main/NS-ASG-bak-leakage.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

55
CVE-2023/CVE-2023-40xx/CVE-2023-4093.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-4093",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2023-09-19T14:15:22.177",
"lastModified": "2023-09-19T14:15:22.177",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Reflected and persistent XSS vulnerability in Arconte \u00c1urea, in its 1.5.0.0 version. The exploitation of this vulnerability could allow an attacker to inject malicious JavaScript code, compromise the victim's browser and take control of it, redirect the user to malicious domains or access information being viewed by the legitimate user."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.1,
"impactScore": 3.4
}
]
},
"weaknesses": [
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-fujitsu-arconte-aurea",
"source": "cve-coordination@incibe.es"
}
]
}

55
CVE-2023/CVE-2023-40xx/CVE-2023-4094.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-4094",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2023-09-19T14:15:22.833",
"lastModified": "2023-09-19T14:15:22.833",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "ARCONTE Aurea's authentication system, in its 1.5.0.0 version, could allow an attacker to make incorrect access requests in order to block each legitimate account and cause a denial of service. In addition, a resource has been identified that could allow circumventing the attempt limit set in the login form."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-1390"
}
]
}
],
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-fujitsu-arconte-aurea",
"source": "cve-coordination@incibe.es"
}
]
}

55
CVE-2023/CVE-2023-40xx/CVE-2023-4095.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-4095",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2023-09-19T14:15:24.270",
"lastModified": "2023-09-19T14:15:24.270",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "User enumeration vulnerability in Arconte \u00c1urea 1.5.0.0 version. The exploitation of this vulnerability could allow an attacker to obtain a list of registered users in the application, obtaining the necessary information to perform more complex attacks on the platform."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-204"
}
]
}
],
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-fujitsu-arconte-aurea",
"source": "cve-coordination@incibe.es"
}
]
}

43
CVE-2023/CVE-2023-40xx/CVE-2023-4096.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-4096",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2023-09-19T14:15:25.567",
"lastModified": "2023-09-19T14:15:25.567",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Weak password recovery mechanism vulnerability in Fujitsu Arconte \u00c1urea version 1.5.0.0,\u00a0which exploitation could allow an attacker to perform a brute force attack on the emailed PIN number in order to change the password of a legitimate user."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 8.6,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 4.7
}
]
},
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-fujitsu-arconte-aurea",
"source": "cve-coordination@incibe.es"
}
]
}

24
CVE-2023/CVE-2023-411xx/CVE-2023-41179.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-41179",
"sourceIdentifier": "security@trendmicro.com",
"published": "2023-09-19T14:15:21.343",
"lastModified": "2023-09-19T14:15:21.343",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the 3rd party AV uninstaller module contained in Trend Micro Apex One (on-prem and SaaS), Worry-Free Business Security and Worry-Free Business Security Services could allow an attacker to manipulate the module to execute arbitrary commands on an affected installation.\r\n\r\nNote that an attacker must first obtain administrative console access on the target system in order to exploit this vulnerability."
}
],
"metrics": {},
"references": [
{
"url": "https://success.trendmicro.com/jp/solution/000294706",
"source": "security@trendmicro.com"
},
{
"url": "https://success.trendmicro.com/solution/000294994",
"source": "security@trendmicro.com"
}
]
}

67
CVE-2023/CVE-2023-416xx/CVE-2023-41626.json
View File

@ -2,19 +2,78 @@
"id": "CVE-2023-41626",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-15T23:15:07.370",
"lastModified": "2023-09-17T12:01:04.570",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-19T15:11:54.677",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Gradio v3.27.0 was discovered to contain an arbitrary file upload vulnerability via the /upload interface."
},
{
"lang": "es",
"value": "Se descubri\u00f3 que Gradio v3.27.0 conten\u00eda una vulnerabilidad de carga de archivos arbitraria a trav\u00e9s de la interfaz /upload."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.2,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gradio_project:gradio:3.27.0:*:*:*:*:python:*:*",
"matchCriteriaId": "E414D9E4-2AAD-4D20-B783-7FE41B0D7697"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://gist.github.com/impose1/590472eb0544ef1ec36c8a5a40122adb",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

67
CVE-2023/CVE-2023-418xx/CVE-2023-41890.json Normal file
View File

@ -0,0 +1,67 @@
{
"id": "CVE-2023-41890",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-09-19T15:15:52.863",
"lastModified": "2023-09-19T15:15:52.863",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Sustainsys.Saml2 library adds SAML2P support to ASP.NET web sites, allowing the web site to act as a SAML2 Service Provider. \nPrior to versions 1.0.3 and 2.9.2, when a response is processed, the issuer of the Identity Provider is not sufficiently validated. This could allow a malicious identity provider to craft a Saml2 response that is processed as if issued by another identity provider. It is also possible for a malicious end user to cause stored state intended for one identity provider to be used when processing the response from another provider. An application is impacted if they rely on any of these features in their authentication/authorization logic: the issuer of the generated identity and claims; or items in the stored request state (AuthenticationProperties). This issue is patched in versions 2.9.2 and 1.0.3. The `AcsCommandResultCreated` notification can be used to add the validation required if an upgrade to patched packages is not possible."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-289"
},
{
"lang": "en",
"value": "CWE-294"
}
]
}
],
"references": [
{
"url": "https://github.com/Sustainsys/Saml2/issues/712",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/Sustainsys/Saml2/issues/713",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/Sustainsys/Saml2/security/advisories/GHSA-fv2h-753j-9g39",
"source": "security-advisories@github.com"
}
]
}

71
CVE-2023/CVE-2023-424xx/CVE-2023-42444.json Normal file
View File

@ -0,0 +1,71 @@
{
"id": "CVE-2023-42444",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-09-19T15:15:56.660",
"lastModified": "2023-09-19T15:15:56.660",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "phonenumber is a library for parsing, formatting and validating international phone numbers. Prior to versions `0.3.3+8.13.9` and `0.2.5+8.11.3`, the phonenumber parsing code may panic due to a panic-guarded out-of-bounds access on the phonenumber string. In a typical deployment of `rust-phonenumber`, this may get triggered by feeding a maliciously crafted phonenumber over the network, specifically the string `.;phone-context=`. Versions `0.3.3+8.13.9` and `0.2.5+8.11.3` contain a patch for this issue. There are no known workarounds."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-1284"
},
{
"lang": "en",
"value": "CWE-248"
},
{
"lang": "en",
"value": "CWE-392"
}
]
}
],
"references": [
{
"url": "https://github.com/whisperfish/rust-phonenumber/commit/2dd44be94539c051b4dee55d1d9d349bd7bedde6",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/whisperfish/rust-phonenumber/commit/bea8e732b9cada617ede5cf51663dba183747f71",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/whisperfish/rust-phonenumber/security/advisories/GHSA-whhr-7f2w-qqj2",
"source": "security-advisories@github.com"
}
]
}

63
CVE-2023/CVE-2023-424xx/CVE-2023-42447.json Normal file
View File

@ -0,0 +1,63 @@
{
"id": "CVE-2023-42447",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-09-19T15:15:57.270",
"lastModified": "2023-09-19T15:15:57.270",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "blurhash-rs is a pure Rust implementation of Blurhash, software for encoding images into ASCII strings that can be turned into a gradient of colors representing the original image. In version 0.1.1, the blurhash parsing code may panic due to multiple panic-guarded out-of-bounds accesses on untrusted input. In a typical deployment, this may get triggered by feeding a maliciously crafted blurhashes over the network. These may include UTF-8 compliant strings containing multi-byte UTF-8 characters. A patch is available in version 0.2.0, which requires user intervention because of slight API churn. No known workarounds are available."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-1284"
},
{
"lang": "en",
"value": "CWE-248"
},
{
"lang": "en",
"value": "CWE-392"
}
]
}
],
"references": [
{
"url": "https://github.com/whisperfish/blurhash-rs/security/advisories/GHSA-cxvp-82cq-57h2",
"source": "security-advisories@github.com"
}
]
}

64
CVE-2023/CVE-2023-48xx/CVE-2023-4841.json
View File

@ -2,19 +2,43 @@
"id": "CVE-2023-4841",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-09-14T03:15:08.583",
"lastModified": "2023-09-14T13:01:03.610",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-19T14:39:22.057",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The Feeds for YouTube for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'youtube-feed' shortcode in versions up to, and including, 2.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
},
{
"lang": "es",
"value": "El complemento Feeds for YouTube for WordPress para WordPress es vulnerable a Stored Cross-Site Scripting (XSS) a trav\u00e9s del c\u00f3digo corto 'youtube-feed' en versiones hasta la 2.1 inclusive debido a una sanitizaci\u00f3n de entrada insuficiente y a un escape de salida en los atributos proporcionados por el usuario. Esto hace posible que atacantes autenticados con permisos de nivel de colaborador y superiores inyecten scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
@ -46,18 +70,46 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:smashballoon:feeds_for_youtube:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.1",
"matchCriteriaId": "A07C3BC2-D6AD-4BE2-9953-11F495F1F932"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/feeds-for-youtube/tags/2.1/templates/feed.php#L33",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/2966017/feeds-for-youtube#file564",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/376e2638-a873-4142-ad7d-067ae3333709?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

63
CVE-2023/CVE-2023-49xx/CVE-2023-4944.json
View File

@ -2,19 +2,43 @@
"id": "CVE-2023-4944",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-09-14T03:15:08.777",
"lastModified": "2023-09-14T13:01:03.610",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-19T15:19:59.443",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The Awesome Weather Widget for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'awesome-weather' shortcode in versions up to, and including, 3.0.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
},
{
"lang": "es",
"value": "El complemento Awesome Weather Widget para WordPress es vulnerable a Stored Cross-Site Scripting (XSS) a trav\u00e9s del c\u00f3digo corto 'awesome-weather' en versiones hasta la 3.0.2 inclusive debido a una sanittizaci\u00f3n de entrada insuficiente y a un escape de salida en los atributos proporcionados por el usuario. Esto hace posible que atacantes autenticados con permisos de nivel de colaborador y superiores inyecten scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
@ -46,18 +70,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:awesome_weather_widget_project:awesome_weather_widget:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "3.0.2",
"matchCriteriaId": "8FE82F66-321F-437B-A3B5-AE0A35BAADA8"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/awesome-weather/tags/3.0.2/awesome-weather.php#L117",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/awesome-weather/tags/3.0.2/awesome-weather.php#L133",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/3bf77988-370b-437f-83a0-18a147e3e087?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

63
CVE-2023/CVE-2023-49xx/CVE-2023-4945.json
View File

@ -2,19 +2,43 @@
"id": "CVE-2023-4945",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-09-14T03:15:08.877",
"lastModified": "2023-09-14T13:01:03.610",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-19T14:15:06.200",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The Booster for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple shortcodes in versions up to, and including, 7.1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
},
{
"lang": "es",
"value": "El complemento Booster for WooCommerce para WordPress es vulnerable Stored Cross-Site Scripting (XSS) a trav\u00e9s de m\u00faltiples c\u00f3digos cortos en versiones hasta la 7.1.0 inclusive debido a una sanitizaci\u00f3n de entrada insuficiente y a un escape de salida en los atributos proporcionados por el usuario. Esto hace posible que atacantes autenticados con permisos de nivel de colaborador y superiores inyecten scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
@ -46,18 +70,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:booster:booster_for_woocommerce:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "7.1.0",
"matchCriteriaId": "6E4FD2D6-4993-4088-AF94-6D5C5E4CCDDC"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/woocommerce-jetpack/tags/7.1.0/includes/shortcodes/class-wcj-general-shortcodes.php#L1035",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/2966325/woocommerce-jetpack",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/981639a3-63c4-4b3f-827f-4d770bd44806?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

58
CVE-2023/CVE-2023-49xx/CVE-2023-4983.json
View File

@ -2,15 +2,41 @@
"id": "CVE-2023-4983",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-09-15T14:15:11.320",
"lastModified": "2023-09-15T16:20:53.853",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-19T15:00:08.800",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in app1pro Shopicial up to 20230830. It has been declared as problematic. This vulnerability affects unknown code of the file search. The manipulation of the argument from with the input comments</script>'\"><img src=x onerror=alert(document.cookie)> leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-239794 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "es",
"value": "Una vulnerabilidad fue encontrada en app1pro Shopicial hasta 20230830. Ha sido declarada problem\u00e1tica. Esta vulnerabilidad afecta a c\u00f3digo desconocido de b\u00fasqueda de archivos. La manipulaci\u00f3n del argumento con los comentarios de entrada'\"&gt; conduce a cross site scripting. El ataque se puede iniciar de forma remota. El exploit se ha revelado al p\u00fablico y puede usarse. VDB-239794 es el identificador asignado a esta vulnerabilidad. NOTA: Se contact\u00f3 primeramente al proveedor sobre esta divulgaci\u00f3n, pero no respondi\u00f3 de ninguna manera."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,14 +97,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:app1pro:shopicial:*:*:*:*:*:shopify:*:*",
"versionEndIncluding": "20230830",
"matchCriteriaId": "8E0E4761-5ED8-4003-AE04-FA21973F7B01"
}
]
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?ctiid.239794",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.239794",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

73
CVE-2023/CVE-2023-49xx/CVE-2023-4984.json
View File

@ -2,15 +2,41 @@
"id": "CVE-2023-4984",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-09-15T14:15:11.457",
"lastModified": "2023-09-15T16:20:53.853",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-19T15:00:47.123",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in didi KnowSearch 0.3.2/0.3.1.2. It has been rated as problematic. This issue affects some unknown processing of the file /api/es/admin/v3/security/user/1. The manipulation leads to unprotected storage of credentials. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-239795."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una vulnerabilidad en didi KnowSearch 0.3.2/0.3.1.2. Ha sido calificado como problem\u00e1tico. Este problema afecta a alg\u00fan procesamiento desconocido del archivo /api/es/admin/v3/security/user/1. La manipulaci\u00f3n conduce al almacenamiento desprotegido de credenciales. El ataque puede iniciarse de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. El identificador asociado de esta vulnerabilidad es VDB-239795."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,22 +97,57 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:didiglobal:knowsearch:0.3.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "61BF4201-C7AE-403F-87ED-292387FE8F4A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:didiglobal:knowsearch:0.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "84C37BBC-DBA5-42E7-A08F-6E659771A955"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/didi/KnowSearch/files/12135597/ad1aa7b3-ecee-44b0-a22a-80917ca0fe71.pdf4398935202801712312.pdf",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
},
{
"url": "https://github.com/didi/KnowSearch/issues/86",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Issue Tracking"
]
},
{
"url": "https://vuldb.com/?ctiid.239795",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.239795",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

57
CVE-2023/CVE-2023-49xx/CVE-2023-4987.json
View File

@ -2,15 +2,41 @@
"id": "CVE-2023-4987",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-09-15T15:15:08.273",
"lastModified": "2023-09-15T16:20:53.853",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-19T15:02:28.477",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, has been found in infinitietech taskhub 2.8.7. Affected by this issue is some unknown functionality of the file /home/get_tasks_list of the component GET Parameter Handler. The manipulation of the argument project/status/user_id/sort/search leads to sql injection. VDB-239798 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "es",
"value": "Una vulnerabilidad fue encontrada en infinitietech taskhub 2.8.7 y clasificada como cr\u00edtica. Una funci\u00f3n desconocida del archivo /home/get_tasks_list del componente GET Parameter Handler es afectada por esta vulnerabilidad. La manipulaci\u00f3n del argumento project/status/user_id/sort/search conduce a la inyecci\u00f3n de SQL. VDB-239798 es el identificador asignado a esta vulnerabilidad. NOTA: Se contact\u00f3 primeramente al proveedor sobre esta divulgaci\u00f3n, pero no respondi\u00f3 de ninguna manera."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.1,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,14 +97,37 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:infinitietech:taskhub:2.8.7:*:*:*:*:*:*:*",
"matchCriteriaId": "6B6527C5-8430-4EEC-BF6D-B49218805423"
}
]
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?ctiid.239798",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.239798",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

62
CVE-2023/CVE-2023-50xx/CVE-2023-5032.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-5032",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-09-18T04:15:11.327",
"lastModified": "2023-09-18T13:26:56.797",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-19T15:01:54.080",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -15,6 +15,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -75,18 +97,48 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openrapid:rapidcms:1.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D66CF166-4A08-45F5-9577-38D3CE25AFBA"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/yhy217/rapidcms-vul/issues/2",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.239876",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.239876",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
}
]
}

72
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-09-19T14:00:23.924866+00:00
2023-09-19T16:00:24.964018+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-09-19T13:57:56.327000+00:00
2023-09-19T15:50:22.317000+00:00
```
### Last Data Feed Release
@ -29,53 +29,47 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
225813
225824
```
### CVEs added in the last Commit
Recently added CVEs: `9`
Recently added CVEs: `11`
* [CVE-2022-47553](CVE-2022/CVE-2022-475xx/CVE-2022-47553.json) (`2023-09-19T13:16:18.183`)
* [CVE-2022-47554](CVE-2022/CVE-2022-475xx/CVE-2022-47554.json) (`2023-09-19T13:16:19.653`)
* [CVE-2022-47555](CVE-2022/CVE-2022-475xx/CVE-2022-47555.json) (`2023-09-19T13:16:20.057`)
* [CVE-2022-47556](CVE-2022/CVE-2022-475xx/CVE-2022-47556.json) (`2023-09-19T13:16:20.480`)
* [CVE-2022-47557](CVE-2022/CVE-2022-475xx/CVE-2022-47557.json) (`2023-09-19T13:16:20.843`)
* [CVE-2022-47558](CVE-2022/CVE-2022-475xx/CVE-2022-47558.json) (`2023-09-19T13:16:21.193`)
* [CVE-2023-23957](CVE-2023/CVE-2023-239xx/CVE-2023-23957.json) (`2023-09-19T13:16:21.653`)
* [CVE-2023-41834](CVE-2023/CVE-2023-418xx/CVE-2023-41834.json) (`2023-09-19T13:16:22.333`)
* [CVE-2023-4092](CVE-2023/CVE-2023-40xx/CVE-2023-4092.json) (`2023-09-19T13:16:23.133`)
* [CVE-2022-47559](CVE-2022/CVE-2022-475xx/CVE-2022-47559.json) (`2023-09-19T14:15:15.807`)
* [CVE-2023-31808](CVE-2023/CVE-2023-318xx/CVE-2023-31808.json) (`2023-09-19T14:15:20.610`)
* [CVE-2023-41179](CVE-2023/CVE-2023-411xx/CVE-2023-41179.json) (`2023-09-19T14:15:21.343`)
* [CVE-2023-4093](CVE-2023/CVE-2023-40xx/CVE-2023-4093.json) (`2023-09-19T14:15:22.177`)
* [CVE-2023-4094](CVE-2023/CVE-2023-40xx/CVE-2023-4094.json) (`2023-09-19T14:15:22.833`)
* [CVE-2023-4095](CVE-2023/CVE-2023-40xx/CVE-2023-4095.json) (`2023-09-19T14:15:24.270`)
* [CVE-2023-4096](CVE-2023/CVE-2023-40xx/CVE-2023-4096.json) (`2023-09-19T14:15:25.567`)
* [CVE-2023-3892](CVE-2023/CVE-2023-38xx/CVE-2023-3892.json) (`2023-09-19T15:15:52.053`)
* [CVE-2023-41890](CVE-2023/CVE-2023-418xx/CVE-2023-41890.json) (`2023-09-19T15:15:52.863`)
* [CVE-2023-42444](CVE-2023/CVE-2023-424xx/CVE-2023-42444.json) (`2023-09-19T15:15:56.660`)
* [CVE-2023-42447](CVE-2023/CVE-2023-424xx/CVE-2023-42447.json) (`2023-09-19T15:15:57.270`)
### CVEs modified in the last Commit
Recently modified CVEs: `37`
Recently modified CVEs: `17`
* [CVE-2023-26143](CVE-2023/CVE-2023-261xx/CVE-2023-26143.json) (`2023-09-19T13:23:09.283`)
* [CVE-2023-5054](CVE-2023/CVE-2023-50xx/CVE-2023-5054.json) (`2023-09-19T13:23:09.283`)
* [CVE-2023-5009](CVE-2023/CVE-2023-50xx/CVE-2023-5009.json) (`2023-09-19T13:23:09.283`)
* [CVE-2023-41387](CVE-2023/CVE-2023-413xx/CVE-2023-41387.json) (`2023-09-19T13:23:09.283`)
* [CVE-2023-0773](CVE-2023/CVE-2023-07xx/CVE-2023-0773.json) (`2023-09-19T13:23:09.283`)
* [CVE-2023-32184](CVE-2023/CVE-2023-321xx/CVE-2023-32184.json) (`2023-09-19T13:23:09.283`)
* [CVE-2023-32186](CVE-2023/CVE-2023-321xx/CVE-2023-32186.json) (`2023-09-19T13:23:09.283`)
* [CVE-2023-29245](CVE-2023/CVE-2023-292xx/CVE-2023-29245.json) (`2023-09-19T13:23:09.283`)
* [CVE-2023-2567](CVE-2023/CVE-2023-25xx/CVE-2023-2567.json) (`2023-09-19T13:23:09.283`)
* [CVE-2023-32649](CVE-2023/CVE-2023-326xx/CVE-2023-32649.json) (`2023-09-19T13:23:09.283`)
* [CVE-2023-4951](CVE-2023/CVE-2023-49xx/CVE-2023-4951.json) (`2023-09-19T13:25:40.600`)
* [CVE-2023-4849](CVE-2023/CVE-2023-48xx/CVE-2023-4849.json) (`2023-09-19T13:29:40.430`)
* [CVE-2023-4850](CVE-2023/CVE-2023-48xx/CVE-2023-4850.json) (`2023-09-19T13:33:27.320`)
* [CVE-2023-4852](CVE-2023/CVE-2023-48xx/CVE-2023-4852.json) (`2023-09-19T13:34:27.140`)
* [CVE-2023-4851](CVE-2023/CVE-2023-48xx/CVE-2023-4851.json) (`2023-09-19T13:35:45.163`)
* [CVE-2023-37739](CVE-2023/CVE-2023-377xx/CVE-2023-37739.json) (`2023-09-19T13:40:30.487`)
* [CVE-2023-37755](CVE-2023/CVE-2023-377xx/CVE-2023-37755.json) (`2023-09-19T13:41:43.653`)
* [CVE-2023-42405](CVE-2023/CVE-2023-424xx/CVE-2023-42405.json) (`2023-09-19T13:41:53.263`)
* [CVE-2023-39639](CVE-2023/CVE-2023-396xx/CVE-2023-39639.json) (`2023-09-19T13:42:18.780`)
* [CVE-2023-41588](CVE-2023/CVE-2023-415xx/CVE-2023-41588.json) (`2023-09-19T13:42:29.510`)
* [CVE-2023-42503](CVE-2023/CVE-2023-425xx/CVE-2023-42503.json) (`2023-09-19T13:43:59.493`)
* [CVE-2023-40924](CVE-2023/CVE-2023-409xx/CVE-2023-40924.json) (`2023-09-19T13:47:13.017`)
* [CVE-2023-36250](CVE-2023/CVE-2023-362xx/CVE-2023-36250.json) (`2023-09-19T13:48:27.490`)
* [CVE-2023-41158](CVE-2023/CVE-2023-411xx/CVE-2023-41158.json) (`2023-09-19T13:49:06.557`)
* [CVE-2023-41162](CVE-2023/CVE-2023-411xx/CVE-2023-41162.json) (`2023-09-19T13:57:56.327`)
* [CVE-2021-28485](CVE-2021/CVE-2021-284xx/CVE-2021-28485.json) (`2023-09-19T15:15:51.707`)
* [CVE-2023-4945](CVE-2023/CVE-2023-49xx/CVE-2023-4945.json) (`2023-09-19T14:15:06.200`)
* [CVE-2023-20135](CVE-2023/CVE-2023-201xx/CVE-2023-20135.json) (`2023-09-19T14:35:29.487`)
* [CVE-2023-4841](CVE-2023/CVE-2023-48xx/CVE-2023-4841.json) (`2023-09-19T14:39:22.057`)
* [CVE-2023-4983](CVE-2023/CVE-2023-49xx/CVE-2023-4983.json) (`2023-09-19T15:00:08.800`)
* [CVE-2023-4984](CVE-2023/CVE-2023-49xx/CVE-2023-4984.json) (`2023-09-19T15:00:47.123`)
* [CVE-2023-5032](CVE-2023/CVE-2023-50xx/CVE-2023-5032.json) (`2023-09-19T15:01:54.080`)
* [CVE-2023-4987](CVE-2023/CVE-2023-49xx/CVE-2023-4987.json) (`2023-09-19T15:02:28.477`)
* [CVE-2023-41626](CVE-2023/CVE-2023-416xx/CVE-2023-41626.json) (`2023-09-19T15:11:54.677`)
* [CVE-2023-40779](CVE-2023/CVE-2023-407xx/CVE-2023-40779.json) (`2023-09-19T15:12:36.920`)
* [CVE-2023-37281](CVE-2023/CVE-2023-372xx/CVE-2023-37281.json) (`2023-09-19T15:14:11.227`)
* [CVE-2023-37459](CVE-2023/CVE-2023-374xx/CVE-2023-37459.json) (`2023-09-19T15:14:43.653`)
* [CVE-2023-4944](CVE-2023/CVE-2023-49xx/CVE-2023-4944.json) (`2023-09-19T15:19:59.443`)
* [CVE-2023-40850](CVE-2023/CVE-2023-408xx/CVE-2023-40850.json) (`2023-09-19T15:26:59.927`)
* [CVE-2023-3280](CVE-2023/CVE-2023-32xx/CVE-2023-3280.json) (`2023-09-19T15:35:22.453`)
* [CVE-2023-20190](CVE-2023/CVE-2023-201xx/CVE-2023-20190.json) (`2023-09-19T15:45:04.047`)
* [CVE-2023-20191](CVE-2023/CVE-2023-201xx/CVE-2023-20191.json) (`2023-09-19T15:50:22.317`)
## Download and Usage