admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-06 18:52:58 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-07-20T18:00:44.981141+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-07-20 18:00:48 +00:00
parent 4c0a2eeb39
commit 3d6a0670f5
44 changed files with 1845 additions and 166 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
CVE-2019/CVE-2019-189xx/CVE-2019-18910.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2019-18910",
"sourceIdentifier": "hp-security-alert@hp.com",
"published": "2019-11-22T22:15:11.373",
"lastModified": "2022-01-01T20:12:33.017",
"lastModified": "2023-07-20T17:56:33.730",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -105,21 +105,6 @@
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
}
]
}
]
}
],
"references": [

63
CVE-2021/CVE-2021-09xx/CVE-2021-0948.json
View File

@ -2,19 +2,74 @@
"id": "CVE-2021-0948",
"sourceIdentifier": "security@android.com",
"published": "2023-07-13T00:15:23.133",
"lastModified": "2023-07-13T08:32:09.673",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-20T17:42:35.637",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The PVRSRVBridgeGetMultiCoreInfo ioctl in the PowerVR kernel driver can return uninitialized kernel memory to user space. The contents of this memory could contain sensitive information.\n\n"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-908"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26"
}
]
}
]
}
],
"references": [
{
"url": "https://source.android.com/security/bulletin/2023-07-01",
"source": "security@android.com"
"source": "security@android.com",
"tags": [
"Vendor Advisory"
]
}
]
}

8
CVE-2022/CVE-2022-04xx/CVE-2022-0404.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-0404",
"sourceIdentifier": "contact@wpscan.com",
"published": "2022-04-04T16:15:09.150",
"lastModified": "2022-06-16T19:30:09.247",
"lastModified": "2023-07-20T17:45:49.053",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -65,17 +65,17 @@
},
"weaknesses": [
{
"source": "contact@wpscan.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-863"
"value": "CWE-862"
}
]
},
{
"source": "nvd@nist.gov",
"source": "contact@wpscan.com",
"type": "Secondary",
"description": [
{

4
CVE-2022/CVE-2022-04xx/CVE-2022-0441.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-0441",
"sourceIdentifier": "contact@wpscan.com",
"published": "2022-03-07T09:15:09.720",
"lastModified": "2022-03-11T17:33:37.543",
"lastModified": "2023-07-20T17:46:33.207",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -70,7 +70,7 @@
"description": [
{
"lang": "en",
"value": "CWE-269"
"value": "NVD-CWE-Other"
}
]
},

4
CVE-2022/CVE-2022-04xx/CVE-2022-0442.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-0442",
"sourceIdentifier": "contact@wpscan.com",
"published": "2022-03-07T09:15:09.777",
"lastModified": "2022-03-11T17:35:39.040",
"lastModified": "2023-07-20T17:46:06.670",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -70,7 +70,7 @@
"description": [
{
"lang": "en",
"value": "CWE-863"
"value": "CWE-639"
}
]
},

18
CVE-2022/CVE-2022-04xx/CVE-2022-0444.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-0444",
"sourceIdentifier": "contact@wpscan.com",
"published": "2022-06-27T09:15:08.390",
"lastModified": "2022-07-07T14:48:46.823",
"lastModified": "2023-07-20T17:46:22.067",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -65,8 +65,22 @@
},
"weaknesses": [
{
"source": "contact@wpscan.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
},
{
"lang": "en",
"value": "CWE-862"
}
]
},
{
"source": "contact@wpscan.com",
"type": "Secondary",
"description": [
{
"lang": "en",

4
CVE-2022/CVE-2022-21xx/CVE-2022-2127.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-2127",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-07-20T15:15:11.183",
"lastModified": "2023-07-20T15:15:11.183",
"vulnStatus": "Received",
"lastModified": "2023-07-20T16:45:55.920",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

112
CVE-2022/CVE-2022-234xx/CVE-2022-23447.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-23447",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2023-07-11T17:15:10.383",
"lastModified": "2023-07-12T12:46:51.683",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-20T17:03:00.623",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "psirt@fortinet.com",
"type": "Secondary",
@ -34,10 +54,96 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fortinet:fortiextender_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.2.1",
"versionEndExcluding": "3.2.4",
"matchCriteriaId": "D7C7C2CF-4343-4DC6-A9CC-2AD085FF4719"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fortinet:fortiextender_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.3.0",
"versionEndExcluding": "3.3.3",
"matchCriteriaId": "BF3BA216-3C90-451D-99AC-DC64259A1312"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fortinet:fortiextender_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.0.0",
"versionEndExcluding": "4.0.3",
"matchCriteriaId": "42280061-9248-48CF-98E1-89B83D044137"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fortinet:fortiextender_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.1.1",
"versionEndExcluding": "4.1.9",
"matchCriteriaId": "D6594D0E-3A47-4E9F-B020-FBC2C1AED759"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fortinet:fortiextender_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.2.0",
"versionEndExcluding": "4.2.5",
"matchCriteriaId": "48A96D42-A019-422C-AB50-7CAF378FDDE5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fortinet:fortiextender_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.0.0",
"versionEndExcluding": "7.0.4",
"matchCriteriaId": "46532FCC-760C-43ED-8DC4-81427D279980"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fortinet:fortiextender_firmware:5.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC2C9D3-01FD-4D5B-AE85-05B0CA6C99AA"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:fortinet:fortiextender:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A0617C1D-E321-409D-B54B-775E854A03C1"
}
]
}
]
}
],
"references": [
{
"url": "https://fortiguard.com/psirt/FG-IR-22-039",
"source": "psirt@fortinet.com"
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
]
}
]
}

7
CVE-2022/CVE-2022-35xx/CVE-2022-3533.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-3533",
"sourceIdentifier": "cna@vuldb.com",
"published": "2022-10-17T09:15:12.677",
"lastModified": "2022-10-19T05:05:24.843",
"lastModified": "2023-07-20T17:58:24.967",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -83,8 +83,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.2",
"matchCriteriaId": "108695B6-7133-4B6C-80AF-0F66880FE858"
}
]
}

79
CVE-2023/CVE-2023-212xx/CVE-2023-21262.json
View File

@ -2,23 +2,92 @@
"id": "CVE-2023-21262",
"sourceIdentifier": "security@android.com",
"published": "2023-07-13T00:15:24.250",
"lastModified": "2023-07-13T08:32:09.673",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-20T17:47:41.280",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In startInput of AudioPolicyInterfaceImpl.cpp, there is a possible way of erroneously displaying the microphone privacy indicator due to a race condition. This could lead to false user expectations. User interaction is needed for exploitation.\n\n"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.6,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-362"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C64C1583-CDE0-4C1F-BDE6-05643C1BDD72"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469"
}
]
}
]
}
],
"references": [
{
"url": "https://android.googlesource.com/platform/frameworks/av/+/2c8973c39478cd3c8cf11d9f27cc0556a106d006",
"source": "security@android.com"
"source": "security@android.com",
"tags": [
"Patch"
]
},
{
"url": "https://source.android.com/security/bulletin/2023-07-01",
"source": "security@android.com"
"source": "security@android.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

63
CVE-2023/CVE-2023-213xx/CVE-2023-21399.json
View File

@ -2,19 +2,74 @@
"id": "CVE-2023-21399",
"sourceIdentifier": "security@android.com",
"published": "2023-07-13T00:15:24.297",
"lastModified": "2023-07-13T08:32:09.673",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-20T17:44:44.537",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "there is a possible way to bypass cryptographic assurances due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.\n\n"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-327"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26"
}
]
}
]
}
],
"references": [
{
"url": "https://source.android.com/security/bulletin/pixel/2023-07-01",
"source": "security@android.com"
"source": "security@android.com",
"tags": [
"Vendor Advisory"
]
}
]
}

82
CVE-2023/CVE-2023-214xx/CVE-2023-21400.json
View File

@ -2,31 +2,99 @@
"id": "CVE-2023-21400",
"sourceIdentifier": "security@android.com",
"published": "2023-07-13T00:15:24.340",
"lastModified": "2023-07-19T18:15:10.850",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-07-20T17:44:06.260",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In multiple functions of io_uring.c, there is a possible kernel memory corruption due to improper locking. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation.\n\n"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-667"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26"
}
]
}
]
}
],
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2023/07/14/2",
"source": "security@android.com"
"source": "security@android.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/07/19/2",
"source": "security@android.com"
"source": "security@android.com",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/07/19/7",
"source": "security@android.com"
"source": "security@android.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://source.android.com/security/bulletin/pixel/2023-07-01",
"source": "security@android.com"
"source": "security@android.com",
"tags": [
"Vendor Advisory"
]
}
]
}

95
CVE-2023/CVE-2023-256xx/CVE-2023-25606.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-25606",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2023-07-11T17:15:12.780",
"lastModified": "2023-07-12T12:46:51.683",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-20T17:05:20.230",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "psirt@fortinet.com",
"type": "Secondary",
@ -34,10 +54,79 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortianalyzer:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.4.0",
"versionEndExcluding": "6.4.12",
"matchCriteriaId": "2B7F56A0-3940-43F1-9B29-45CE29043D36"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortianalyzer:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.0.0",
"versionEndIncluding": "7.0.5",
"matchCriteriaId": "7C074678-DF36-4DE2-B930-4E58C4F45135"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortianalyzer:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.2.0",
"versionEndExcluding": "7.2.2",
"matchCriteriaId": "12767150-C085-41ED-A645-83BFE7E846E8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.4.0",
"versionEndExcluding": "6.4.12",
"matchCriteriaId": "142A4113-BEF9-4112-AC7D-757A18CFF2CF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.0.0",
"versionEndIncluding": "7.0.5",
"matchCriteriaId": "B70D346A-A68B-4F41-992B-7C273F792E9B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.2.0",
"versionEndExcluding": "7.2.2",
"matchCriteriaId": "C654DFBA-E3B0-4865-9088-13385A428E78"
}
]
}
]
}
],
"references": [
{
"url": "https://fortiguard.com/psirt/FG-IR-22-471",
"source": "psirt@fortinet.com"
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
]
}
]
}

71
CVE-2023/CVE-2023-304xx/CVE-2023-30428.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30428",
"sourceIdentifier": "security@apache.org",
"published": "2023-07-12T10:15:09.853",
"lastModified": "2023-07-12T12:46:11.343",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-20T16:41:45.247",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2
},
{
"source": "security@apache.org",
"type": "Secondary",
@ -46,10 +66,55 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:pulsar:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.9.0",
"versionEndIncluding": "2.9.5",
"matchCriteriaId": "C219C70D-774B-4E29-90DF-CB14D7AAE6FB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:pulsar:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.10.0",
"versionEndExcluding": "2.10.4",
"matchCriteriaId": "6E8AD5B6-4685-4C1F-912A-37D4956B077F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:pulsar:2.11.0:-:*:*:*:*:*:*",
"matchCriteriaId": "8D3BCDDD-21DA-47B6-A8F4-76822E11662B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:pulsar:2.11.0:candidate_1:*:*:*:*:*:*",
"matchCriteriaId": "AB395C43-88B4-4DE3-8ADC-D276C86250D7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:pulsar:2.11.0:candidate_5:*:*:*:*:*:*",
"matchCriteriaId": "E90E85B9-B04D-4BCB-B7A8-7526C991F022"
}
]
}
]
}
],
"references": [
{
"url": "https://lists.apache.org/thread/v39hqtgrmyxr85rmofwvgrktnflbq3q5",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List",
"Vendor Advisory"
]
}
]
}

63
CVE-2023/CVE-2023-304xx/CVE-2023-30429.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30429",
"sourceIdentifier": "security@apache.org",
"published": "2023-07-12T10:15:09.937",
"lastModified": "2023-07-12T12:46:11.343",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-20T16:47:49.747",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "security@apache.org",
"type": "Secondary",
@ -46,10 +66,47 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:pulsar:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.10.4",
"matchCriteriaId": "93203072-AF2C-4C1C-9185-709395C44315"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:pulsar:2.11.0:-:*:*:*:*:*:*",
"matchCriteriaId": "8D3BCDDD-21DA-47B6-A8F4-76822E11662B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:pulsar:2.11.0:candidate_1:*:*:*:*:*:*",
"matchCriteriaId": "AB395C43-88B4-4DE3-8ADC-D276C86250D7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:pulsar:2.11.0:candidate_5:*:*:*:*:*:*",
"matchCriteriaId": "E90E85B9-B04D-4BCB-B7A8-7526C991F022"
}
]
}
]
}
],
"references": [
{
"url": "https://lists.apache.org/thread/v0gcvvxswr830314q4b1kybsfmcf3jf8",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List",
"Vendor Advisory"
]
}
]
}

70
CVE-2023/CVE-2023-310xx/CVE-2023-31007.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-31007",
"sourceIdentifier": "security@apache.org",
"published": "2023-07-12T10:15:10.013",
"lastModified": "2023-07-12T12:46:11.343",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-20T16:53:07.193",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "security@apache.org",
"type": "Secondary",
@ -46,10 +66,54 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:pulsar:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.9.5",
"matchCriteriaId": "575C3B42-8D3E-492F-B7AB-8EEBCEF74B97"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:pulsar:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.10.0",
"versionEndIncluding": "2.10.3",
"matchCriteriaId": "CD068741-3004-4367-A620-701FCB9CF1AD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:pulsar:2.11.0:-:*:*:*:*:*:*",
"matchCriteriaId": "8D3BCDDD-21DA-47B6-A8F4-76822E11662B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:pulsar:2.11.0:candidate_1:*:*:*:*:*:*",
"matchCriteriaId": "AB395C43-88B4-4DE3-8ADC-D276C86250D7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:pulsar:2.11.0:candidate_5:*:*:*:*:*:*",
"matchCriteriaId": "E90E85B9-B04D-4BCB-B7A8-7526C991F022"
}
]
}
]
}
],
"references": [
{
"url": "https://lists.apache.org/thread/qxn99xxyp0zv6jchjggn3soyo5gvqfxj",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List",
"Vendor Advisory"
]
}
]
}

116
CVE-2023/CVE-2023-31xx/CVE-2023-3106.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3106",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-07-12T09:15:14.550",
"lastModified": "2023-07-12T12:46:11.343",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-20T17:11:02.397",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "secalert@redhat.com",
"type": "Secondary",
@ -34,18 +54,104 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.8",
"matchCriteriaId": "28EB12EC-3BC4-4DCC-9A6A-5F810F17E8FE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:4.8:rc1:*:*:*:*:*:*",
"matchCriteriaId": "4DCA12A5-2DA5-4357-9C9A-D57CA605BAB0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:4.8:rc2:*:*:*:*:*:*",
"matchCriteriaId": "9A2F7F5F-5684-4D0A-8AB9-22F739A4CA38"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:4.8:rc3:*:*:*:*:*:*",
"matchCriteriaId": "35868503-6ECC-47B7-A31E-1030CDBD9AC3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:4.8:rc4:*:*:*:*:*:*",
"matchCriteriaId": "5A6BD9A6-A3A8-4277-80ED-A169FD374D5A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:4.8:rc5:*:*:*:*:*:*",
"matchCriteriaId": "22786B53-9B60-4708-9176-276DF0767E9B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:4.8:rc6:*:*:*:*:*:*",
"matchCriteriaId": "1AAE030D-F039-4E93-BFA5-74456E2FC4A5"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"
}
]
}
]
}
],
"references": [
{
"url": "https://access.redhat.com/security/cve/CVE-2023-3106",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2221501",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
]
},
{
"url": "https://github.com/torvalds/linux/commit/1ba5bf993c6a3142e18e68ea6452b347f9cb5635",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Patch"
]
}
]
}

4
CVE-2023/CVE-2023-322xx/CVE-2023-32265.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32265",
"sourceIdentifier": "security@opentext.com",
"published": "2023-07-20T14:15:11.193",
"lastModified": "2023-07-20T14:15:11.193",
"vulnStatus": "Received",
"lastModified": "2023-07-20T16:45:55.920",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-324xx/CVE-2023-32446.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32446",
"sourceIdentifier": "security_alert@emc.com",
"published": "2023-07-20T13:15:10.917",
"lastModified": "2023-07-20T13:15:10.917",
"vulnStatus": "Received",
"lastModified": "2023-07-20T16:45:55.920",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-324xx/CVE-2023-32447.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32447",
"sourceIdentifier": "security_alert@emc.com",
"published": "2023-07-20T13:15:11.020",
"lastModified": "2023-07-20T13:15:11.020",
"vulnStatus": "Received",
"lastModified": "2023-07-20T16:45:55.920",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-324xx/CVE-2023-32455.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32455",
"sourceIdentifier": "security_alert@emc.com",
"published": "2023-07-20T13:15:11.110",
"lastModified": "2023-07-20T13:15:11.110",
"vulnStatus": "Received",
"lastModified": "2023-07-20T16:45:55.920",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-324xx/CVE-2023-32476.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32476",
"sourceIdentifier": "security_alert@emc.com",
"published": "2023-07-20T14:15:11.713",
"lastModified": "2023-07-20T14:15:11.713",
"vulnStatus": "Received",
"lastModified": "2023-07-20T16:45:55.920",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-324xx/CVE-2023-32481.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32481",
"sourceIdentifier": "security_alert@emc.com",
"published": "2023-07-20T12:15:11.220",
"lastModified": "2023-07-20T12:15:11.220",
"vulnStatus": "Received",
"lastModified": "2023-07-20T16:45:55.920",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-324xx/CVE-2023-32482.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32482",
"sourceIdentifier": "security_alert@emc.com",
"published": "2023-07-20T12:15:11.313",
"lastModified": "2023-07-20T12:15:11.313",
"vulnStatus": "Received",
"lastModified": "2023-07-20T16:45:55.920",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-324xx/CVE-2023-32483.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32483",
"sourceIdentifier": "security_alert@emc.com",
"published": "2023-07-20T12:15:11.413",
"lastModified": "2023-07-20T12:15:11.413",
"vulnStatus": "Received",
"lastModified": "2023-07-20T16:45:55.920",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-33xx/CVE-2023-3347.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3347",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-07-20T15:15:11.940",
"lastModified": "2023-07-20T15:15:11.940",
"vulnStatus": "Received",
"lastModified": "2023-07-20T16:45:55.920",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-349xx/CVE-2023-34966.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34966",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-07-20T15:15:11.333",
"lastModified": "2023-07-20T15:15:11.333",
"vulnStatus": "Received",
"lastModified": "2023-07-20T16:45:55.920",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-349xx/CVE-2023-34967.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34967",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-07-20T15:15:11.410",
"lastModified": "2023-07-20T15:15:11.410",
"vulnStatus": "Received",
"lastModified": "2023-07-20T16:45:55.920",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-349xx/CVE-2023-34968.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34968",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-07-20T15:15:11.540",
"lastModified": "2023-07-20T15:15:11.540",
"vulnStatus": "Received",
"lastModified": "2023-07-20T16:45:55.920",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

59
CVE-2023/CVE-2023-359xx/CVE-2023-35908.json
View File

@ -2,15 +2,38 @@
"id": "CVE-2023-35908",
"sourceIdentifier": "security@apache.org",
"published": "2023-07-12T10:15:10.093",
"lastModified": "2023-07-12T12:46:11.343",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-20T17:14:37.213",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Apache Airflow, versions before 2.6.3, is affected by a vulnerability that allows unauthorized read access to a DAG through the URL.\u00a0It is recommended to upgrade to a version that is not affected"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security@apache.org",
@ -23,14 +46,40 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:airflow:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.6.3",
"matchCriteriaId": "59410400-C27B-4D22-93D8-183F74F5081F"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/apache/airflow/pull/32014",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Patch"
]
},
{
"url": "https://lists.apache.org/thread/vsflptk5dt30vrfggn96nx87d7zr6yvw",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List",
"Patch",
"Vendor Advisory"
]
}
]
}

71
CVE-2023/CVE-2023-365xx/CVE-2023-36543.json
View File

@ -2,19 +2,52 @@
"id": "CVE-2023-36543",
"sourceIdentifier": "security@apache.org",
"published": "2023-07-12T10:15:10.157",
"lastModified": "2023-07-12T12:46:11.343",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-20T17:31:19.070",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Apache Airflow, versions before 2.6.3, has a vulnerability where an authenticated user can use crafted input to make the current request hang.\u00a0It is recommended to upgrade to a version that is not affected"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security@apache.org",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-1333"
}
]
},
{
"source": "security@apache.org",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -23,14 +56,40 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:airflow:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.6.3",
"matchCriteriaId": "59410400-C27B-4D22-93D8-183F74F5081F"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/apache/airflow/pull/32060",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Patch"
]
},
{
"url": "https://lists.apache.org/thread/tokfs980504ylgk3cv3hjlnrtbv4tng4",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List",
"Patch",
"Vendor Advisory"
]
}
]
}

84
CVE-2023/CVE-2023-36xx/CVE-2023-3618.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3618",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-07-12T15:15:09.060",
"lastModified": "2023-07-12T15:17:45.827",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-20T17:16:44.123",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "secalert@redhat.com",
"type": "Secondary",
@ -34,14 +54,70 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:libtiff:libtiff:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2FFD25C1-A304-486F-A36B-7167EEF33388"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D"
}
]
}
]
}
],
"references": [
{
"url": "https://access.redhat.com/security/cve/CVE-2023-3618",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2215865",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
]
}
]
}

63
CVE-2023/CVE-2023-374xx/CVE-2023-37471.json Normal file
View File

@ -0,0 +1,63 @@
{
"id": "CVE-2023-37471",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-07-20T17:15:10.917",
"lastModified": "2023-07-20T17:15:10.917",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Open Access Management (OpenAM) is an access management solution that includes Authentication, SSO, Authorization, Federation, Entitlements and Web Services Security. OpenAM up to version 14.7.2 does not properly validate the signature of SAML responses received as part of the SAMLv1.x Single Sign-On process. Attackers can use this fact to impersonate any OpenAM user, including the administrator, by sending a specially crafted SAML response to the SAMLPOSTProfileServlet servlet. This problem has been patched in OpenAM 14.7.3-SNAPSHOT and later. User unable to upgrade should comment servlet `SAMLPOSTProfileServlet` from their pom file. See the linked GHSA for details."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
}
],
"references": [
{
"url": "https://github.com/OpenIdentityPlatform/OpenAM/commit/7c18543d126e8a567b83bb4535631825aaa9d742",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/OpenIdentityPlatform/OpenAM/pull/624",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/OpenIdentityPlatform/OpenAM/security/advisories/GHSA-4mh8-9wq6-rjxg",
"source": "security-advisories@github.com"
}
]
}

63
CVE-2023/CVE-2023-375xx/CVE-2023-37579.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-37579",
"sourceIdentifier": "security@apache.org",
"published": "2023-07-12T10:15:11.010",
"lastModified": "2023-07-12T12:46:11.343",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-20T17:37:20.790",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "security@apache.org",
"type": "Secondary",
@ -46,10 +66,47 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:pulsar:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.10.4",
"matchCriteriaId": "93203072-AF2C-4C1C-9185-709395C44315"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:pulsar:2.11.0:-:*:*:*:*:*:*",
"matchCriteriaId": "8D3BCDDD-21DA-47B6-A8F4-76822E11662B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:pulsar:2.11.0:candidate_1:*:*:*:*:*:*",
"matchCriteriaId": "AB395C43-88B4-4DE3-8ADC-D276C86250D7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:pulsar:2.11.0:candidate_5:*:*:*:*:*:*",
"matchCriteriaId": "E90E85B9-B04D-4BCB-B7A8-7526C991F022"
}
]
}
]
}
],
"references": [
{
"url": "https://lists.apache.org/thread/0dmn3cb5n2p08o3cpj3ycfhzfqs2ppwz",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List",
"Vendor Advisory"
]
}
]
}

69
CVE-2023/CVE-2023-376xx/CVE-2023-37627.json
View File

@ -2,23 +2,82 @@
"id": "CVE-2023-37627",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-12T15:15:08.990",
"lastModified": "2023-07-12T15:17:45.827",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-20T17:34:32.177",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Code-projects Online Restaurant Management System 1.0 is vulnerable to SQL Injection. Through SQL injection, an attacker can bypass the admin panel and view order records, add items, delete items etc."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:code-projects:online_restaurant_management_system:1.0:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "8B8A6A0D-AB51-4B45-A4E2-87A3C9BC1985"
}
]
}
]
}
],
"references": [
{
"url": "https://code-projects.org/online-restaurant-management-system-in-php-with-source-code/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://gist.github.com/1337kid/d3e7702bd19cc9355a6b3f153eb2fe8e",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-37xx/CVE-2023-3786.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3786",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-20T13:15:11.200",
"lastModified": "2023-07-20T13:15:11.200",
"vulnStatus": "Received",
"lastModified": "2023-07-20T16:45:55.920",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-37xx/CVE-2023-3787.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3787",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-20T15:15:12.090",
"lastModified": "2023-07-20T15:15:12.090",
"vulnStatus": "Received",
"lastModified": "2023-07-20T16:45:55.920",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

92
CVE-2023/CVE-2023-37xx/CVE-2023-3788.json Normal file
View File

@ -0,0 +1,92 @@
{
"id": "CVE-2023-3788",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-20T16:15:12.527",
"lastModified": "2023-07-20T16:45:55.920",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as problematic, has been found in ActiveITzone Active Super Shop CMS 2.5. This issue affects some unknown processing of the component Manage Details Page. The manipulation of the argument name/phone/address leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-235055."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW"
},
"exploitabilityScore": 2.1,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE",
"baseScore": 4.0
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://seclists.org/fulldisclosure/2023/Jul/34",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.235055",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.235055",
"source": "cna@vuldb.com"
},
{
"url": "https://www.vulnerability-lab.com/get_content.php?id=2278",
"source": "cna@vuldb.com"
}
]
}

92
CVE-2023/CVE-2023-37xx/CVE-2023-3789.json Normal file
View File

@ -0,0 +1,92 @@
{
"id": "CVE-2023-3789",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-20T16:15:12.620",
"lastModified": "2023-07-20T16:45:55.920",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as problematic, was found in PaulPrinting CMS 2018. Affected is an unknown function of the file /account/delivery of the component Search. The manipulation of the argument s leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-235056."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW"
},
"exploitabilityScore": 2.1,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE",
"baseScore": 4.0
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://seclists.org/fulldisclosure/2023/Jul/36",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.235056",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.235056",
"source": "cna@vuldb.com"
},
{
"url": "https://www.vulnerability-lab.com/get_content.php?id=2286",
"source": "cna@vuldb.com"
}
]
}

92
CVE-2023/CVE-2023-37xx/CVE-2023-3790.json Normal file
View File

@ -0,0 +1,92 @@
{
"id": "CVE-2023-3790",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-20T17:15:11.027",
"lastModified": "2023-07-20T17:15:11.027",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in Boom CMS 8.0.7 and classified as problematic. Affected by this vulnerability is the function add of the component assets-manager. The manipulation of the argument title/description leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-235057 was assigned to this vulnerability."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW"
},
"exploitabilityScore": 2.1,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE",
"baseScore": 4.0
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://seclists.org/fulldisclosure/2023/Jul/33",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.235057",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.235057",
"source": "cna@vuldb.com"
},
{
"url": "https://www.vulnerability-lab.com/get_content.php?id=2274",
"source": "cna@vuldb.com"
}
]
}

63
CVE-2023/CVE-2023-380xx/CVE-2023-38046.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-38046",
"sourceIdentifier": "psirt@paloaltonetworks.com",
"published": "2023-07-12T17:15:08.877",
"lastModified": "2023-07-12T17:58:08.637",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-20T17:24:37.857",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6
},
{
"source": "psirt@paloaltonetworks.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-610"
}
]
},
{
"source": "psirt@paloaltonetworks.com",
"type": "Secondary",
@ -46,10 +76,37 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "10.2.0",
"versionEndExcluding": "10.2.4",
"matchCriteriaId": "D61F01F8-1598-4078-9D98-BFF5B62F3BA5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:paloaltonetworks:pan-os:11.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6F3693A5-182E-4723-BE2A-062D0C9E736C"
}
]
}
]
}
],
"references": [
{
"url": "https://security.paloaltonetworks.com/CVE-2023-38046",
"source": "psirt@paloaltonetworks.com"
"source": "psirt@paloaltonetworks.com",
"tags": [
"Vendor Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-380xx/CVE-2023-38068.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-38068",
"sourceIdentifier": "security@jetbrains.com",
"published": "2023-07-12T13:15:09.737",
"lastModified": "2023-07-12T13:56:22.010",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-20T16:19:33.920",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
},
{
"source": "security@jetbrains.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:jetbrains:youtrack:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2023.1.16597",
"matchCriteriaId": "707B4E04-6893-4D73-B5C6-FDA1882D8A84"
}
]
}
]
}
],
"references": [
{
"url": "https://www.jetbrains.com/privacy-security/issues-fixed/",
"source": "security@jetbrains.com"
"source": "security@jetbrains.com",
"tags": [
"Vendor Advisory"
]
}
]
}

211
CVE-2023/CVE-2023-382xx/CVE-2023-38203.json Normal file
View File

@ -0,0 +1,211 @@
{
"id": "CVE-2023-38203",
"sourceIdentifier": "psirt@adobe.com",
"published": "2023-07-20T16:15:12.180",
"lastModified": "2023-07-20T16:46:06.097",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Adobe ColdFusion versions 2018u17 (and earlier), 2021u7 (and earlier) and 2023u1 (and earlier) are affected by a Deserialization of Untrusted Data vulnerability that could result in Arbitrary code execution. Exploitation of this issue does not require user interaction."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-502"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:coldfusion:2018:-:*:*:*:*:*:*",
"matchCriteriaId": "3B54B2B0-B1E1-4B4E-A529-D0BD3B5DEEF3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:coldfusion:2018:update1:*:*:*:*:*:*",
"matchCriteriaId": "EDB126BF-E09D-4E58-A39F-1190407D1CAB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:coldfusion:2018:update10:*:*:*:*:*:*",
"matchCriteriaId": "8DDD85DF-69A0-476F-8365-CD67C75CF0CE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:coldfusion:2018:update11:*:*:*:*:*:*",
"matchCriteriaId": "23F63675-7817-4AF0-A7DB-5E35EDABF04E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:coldfusion:2018:update12:*:*:*:*:*:*",
"matchCriteriaId": "3E3BF53E-2C0D-4F79-8B62-4C2A50CB5F52"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:coldfusion:2018:update13:*:*:*:*:*:*",
"matchCriteriaId": "C26BF72C-E991-4170-B68B-09B20B6C0679"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:coldfusion:2018:update14:*:*:*:*:*:*",
"matchCriteriaId": "25B4B4F2-318F-4046-ADE5-E9DD64F83FD9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:coldfusion:2018:update15:*:*:*:*:*:*",
"matchCriteriaId": "831E8D69-62E9-4778-8CC5-D6D45CF5AB6F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:coldfusion:2018:update16:*:*:*:*:*:*",
"matchCriteriaId": "2F549BB3-25AB-4C83-B608-3717EADAAB35"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:coldfusion:2018:update17:*:*:*:*:*:*",
"matchCriteriaId": "907F11B7-56C6-49F1-BC7B-E86B35346FD3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:coldfusion:2018:update2:*:*:*:*:*:*",
"matchCriteriaId": "59649177-81EE-43C3-BFA5-E56E65B486DF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:coldfusion:2018:update3:*:*:*:*:*:*",
"matchCriteriaId": "453B96ED-738A-4642-B461-C5216CF45CA3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:coldfusion:2018:update4:*:*:*:*:*:*",
"matchCriteriaId": "58D32489-627B-4E49-9329-8A3B8F8E4903"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:coldfusion:2018:update5:*:*:*:*:*:*",
"matchCriteriaId": "6D5860E1-D293-48FE-9796-058B78B2D571"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:coldfusion:2018:update6:*:*:*:*:*:*",
"matchCriteriaId": "9F9336CC-E38F-4BCB-83CD-805EC7FEF806"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:coldfusion:2018:update7:*:*:*:*:*:*",
"matchCriteriaId": "97964507-047A-4CC8-8D2B-0EA0C7F9BD50"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:coldfusion:2018:update8:*:*:*:*:*:*",
"matchCriteriaId": "82208628-F32A-4380-9B0F-DC8507E7701D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:coldfusion:2018:update9:*:*:*:*:*:*",
"matchCriteriaId": "1563CE5E-A4F7-40A4-A050-BB96E332D8DD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:coldfusion:2021:-:*:*:*:*:*:*",
"matchCriteriaId": "7A94B406-C011-4673-8C2B-0DD94D46CC4C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:coldfusion:2021:update1:*:*:*:*:*:*",
"matchCriteriaId": "AFD05E3A-10F9-4C75-9710-BA46B66FF6E6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:coldfusion:2021:update2:*:*:*:*:*:*",
"matchCriteriaId": "D57C8681-AC68-47DF-A61E-B5C4B4A47663"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:coldfusion:2021:update3:*:*:*:*:*:*",
"matchCriteriaId": "75608383-B727-48D6-8FFA-D552A338A562"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:coldfusion:2021:update4:*:*:*:*:*:*",
"matchCriteriaId": "7773DB68-414A-4BA9-960F-52471A784379"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:coldfusion:2021:update5:*:*:*:*:*:*",
"matchCriteriaId": "B38B9E86-BCD5-4BCA-8FB7-EC55905184E6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:coldfusion:2021:update6:*:*:*:*:*:*",
"matchCriteriaId": "5E7BAB80-8455-4570-A2A2-8F40469EE9CC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:coldfusion:2021:update7:*:*:*:*:*:*",
"matchCriteriaId": "F9D645A2-E02D-4E82-A2BD-0A7DE5B8FBCC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:coldfusion:2023:-:*:*:*:*:*:*",
"matchCriteriaId": "B02A37FE-5D31-4892-A3E6-156A8FE62D28"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:coldfusion:2023:update1:*:*:*:*:*:*",
"matchCriteriaId": "0AA3D302-CFEE-4DFD-AB92-F53C87721BFF"
}
]
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/coldfusion/apsb23-41.html",
"source": "psirt@adobe.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

73
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-07-20T16:00:58.473245+00:00
2023-07-20T18:00:44.981141+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-07-20T15:42:40.977000+00:00
2023-07-20T17:58:24.967000+00:00
```
### Last Data Feed Release
@ -29,52 +29,49 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
220736
220741
```
### CVEs added in the last Commit
Recently added CVEs: `8`
Recently added CVEs: `5`
* [CVE-2022-2127](CVE-2022/CVE-2022-21xx/CVE-2022-2127.json) (`2023-07-20T15:15:11.183`)
* [CVE-2023-32265](CVE-2023/CVE-2023-322xx/CVE-2023-32265.json) (`2023-07-20T14:15:11.193`)
* [CVE-2023-32476](CVE-2023/CVE-2023-324xx/CVE-2023-32476.json) (`2023-07-20T14:15:11.713`)
* [CVE-2023-34966](CVE-2023/CVE-2023-349xx/CVE-2023-34966.json) (`2023-07-20T15:15:11.333`)
* [CVE-2023-34967](CVE-2023/CVE-2023-349xx/CVE-2023-34967.json) (`2023-07-20T15:15:11.410`)
* [CVE-2023-34968](CVE-2023/CVE-2023-349xx/CVE-2023-34968.json) (`2023-07-20T15:15:11.540`)
* [CVE-2023-3347](CVE-2023/CVE-2023-33xx/CVE-2023-3347.json) (`2023-07-20T15:15:11.940`)
* [CVE-2023-3787](CVE-2023/CVE-2023-37xx/CVE-2023-3787.json) (`2023-07-20T15:15:12.090`)
* [CVE-2023-3788](CVE-2023/CVE-2023-37xx/CVE-2023-3788.json) (`2023-07-20T16:15:12.527`)
* [CVE-2023-3789](CVE-2023/CVE-2023-37xx/CVE-2023-3789.json) (`2023-07-20T16:15:12.620`)
* [CVE-2023-38203](CVE-2023/CVE-2023-382xx/CVE-2023-38203.json) (`2023-07-20T16:15:12.180`)
* [CVE-2023-37471](CVE-2023/CVE-2023-374xx/CVE-2023-37471.json) (`2023-07-20T17:15:10.917`)
* [CVE-2023-3790](CVE-2023/CVE-2023-37xx/CVE-2023-3790.json) (`2023-07-20T17:15:11.027`)
### CVEs modified in the last Commit
Recently modified CVEs: `26`
Recently modified CVEs: `38`
* [CVE-2022-26365](CVE-2022/CVE-2022-263xx/CVE-2022-26365.json) (`2023-07-20T15:09:02.473`)
* [CVE-2022-33740](CVE-2022/CVE-2022-337xx/CVE-2022-33740.json) (`2023-07-20T15:09:40.970`)
* [CVE-2022-33741](CVE-2022/CVE-2022-337xx/CVE-2022-33741.json) (`2023-07-20T15:10:38.310`)
* [CVE-2022-33742](CVE-2022/CVE-2022-337xx/CVE-2022-33742.json) (`2023-07-20T15:11:25.187`)
* [CVE-2022-46651](CVE-2022/CVE-2022-466xx/CVE-2022-46651.json) (`2023-07-20T15:34:36.687`)
* [CVE-2023-37948](CVE-2023/CVE-2023-379xx/CVE-2023-37948.json) (`2023-07-20T14:15:47.827`)
* [CVE-2023-37947](CVE-2023/CVE-2023-379xx/CVE-2023-37947.json) (`2023-07-20T14:17:35.470`)
* [CVE-2023-37949](CVE-2023/CVE-2023-379xx/CVE-2023-37949.json) (`2023-07-20T14:19:54.443`)
* [CVE-2023-29301](CVE-2023/CVE-2023-293xx/CVE-2023-29301.json) (`2023-07-20T14:22:06.230`)
* [CVE-2023-29300](CVE-2023/CVE-2023-293xx/CVE-2023-29300.json) (`2023-07-20T14:22:26.210`)
* [CVE-2023-34127](CVE-2023/CVE-2023-341xx/CVE-2023-34127.json) (`2023-07-20T14:30:23.300`)
* [CVE-2023-38063](CVE-2023/CVE-2023-380xx/CVE-2023-38063.json) (`2023-07-20T14:31:19.060`)
* [CVE-2023-38065](CVE-2023/CVE-2023-380xx/CVE-2023-38065.json) (`2023-07-20T14:32:21.220`)
* [CVE-2023-34126](CVE-2023/CVE-2023-341xx/CVE-2023-34126.json) (`2023-07-20T14:37:35.083`)
* [CVE-2023-37950](CVE-2023/CVE-2023-379xx/CVE-2023-37950.json) (`2023-07-20T14:46:19.417`)
* [CVE-2023-38066](CVE-2023/CVE-2023-380xx/CVE-2023-38066.json) (`2023-07-20T14:47:04.187`)
* [CVE-2023-34124](CVE-2023/CVE-2023-341xx/CVE-2023-34124.json) (`2023-07-20T14:55:19.577`)
* [CVE-2023-34128](CVE-2023/CVE-2023-341xx/CVE-2023-34128.json) (`2023-07-20T14:59:37.243`)
* [CVE-2023-1380](CVE-2023/CVE-2023-13xx/CVE-2023-1380.json) (`2023-07-20T15:12:11.260`)
* [CVE-2023-1611](CVE-2023/CVE-2023-16xx/CVE-2023-1611.json) (`2023-07-20T15:12:29.797`)
* [CVE-2023-38408](CVE-2023/CVE-2023-384xx/CVE-2023-38408.json) (`2023-07-20T15:15:11.707`)
* [CVE-2023-38064](CVE-2023/CVE-2023-380xx/CVE-2023-38064.json) (`2023-07-20T15:17:03.457`)
* [CVE-2023-38067](CVE-2023/CVE-2023-380xx/CVE-2023-38067.json) (`2023-07-20T15:35:33.227`)
* [CVE-2023-22887](CVE-2023/CVE-2023-228xx/CVE-2023-22887.json) (`2023-07-20T15:38:48.467`)
* [CVE-2023-22888](CVE-2023/CVE-2023-228xx/CVE-2023-22888.json) (`2023-07-20T15:42:40.977`)
* [CVE-2023-32483](CVE-2023/CVE-2023-324xx/CVE-2023-32483.json) (`2023-07-20T16:45:55.920`)
* [CVE-2023-32446](CVE-2023/CVE-2023-324xx/CVE-2023-32446.json) (`2023-07-20T16:45:55.920`)
* [CVE-2023-32447](CVE-2023/CVE-2023-324xx/CVE-2023-32447.json) (`2023-07-20T16:45:55.920`)
* [CVE-2023-32455](CVE-2023/CVE-2023-324xx/CVE-2023-32455.json) (`2023-07-20T16:45:55.920`)
* [CVE-2023-3786](CVE-2023/CVE-2023-37xx/CVE-2023-3786.json) (`2023-07-20T16:45:55.920`)
* [CVE-2023-32265](CVE-2023/CVE-2023-322xx/CVE-2023-32265.json) (`2023-07-20T16:45:55.920`)
* [CVE-2023-32476](CVE-2023/CVE-2023-324xx/CVE-2023-32476.json) (`2023-07-20T16:45:55.920`)
* [CVE-2023-34966](CVE-2023/CVE-2023-349xx/CVE-2023-34966.json) (`2023-07-20T16:45:55.920`)
* [CVE-2023-34967](CVE-2023/CVE-2023-349xx/CVE-2023-34967.json) (`2023-07-20T16:45:55.920`)
* [CVE-2023-34968](CVE-2023/CVE-2023-349xx/CVE-2023-34968.json) (`2023-07-20T16:45:55.920`)
* [CVE-2023-3347](CVE-2023/CVE-2023-33xx/CVE-2023-3347.json) (`2023-07-20T16:45:55.920`)
* [CVE-2023-3787](CVE-2023/CVE-2023-37xx/CVE-2023-3787.json) (`2023-07-20T16:45:55.920`)
* [CVE-2023-30429](CVE-2023/CVE-2023-304xx/CVE-2023-30429.json) (`2023-07-20T16:47:49.747`)
* [CVE-2023-31007](CVE-2023/CVE-2023-310xx/CVE-2023-31007.json) (`2023-07-20T16:53:07.193`)
* [CVE-2023-25606](CVE-2023/CVE-2023-256xx/CVE-2023-25606.json) (`2023-07-20T17:05:20.230`)
* [CVE-2023-3106](CVE-2023/CVE-2023-31xx/CVE-2023-3106.json) (`2023-07-20T17:11:02.397`)
* [CVE-2023-35908](CVE-2023/CVE-2023-359xx/CVE-2023-35908.json) (`2023-07-20T17:14:37.213`)
* [CVE-2023-3618](CVE-2023/CVE-2023-36xx/CVE-2023-3618.json) (`2023-07-20T17:16:44.123`)
* [CVE-2023-38046](CVE-2023/CVE-2023-380xx/CVE-2023-38046.json) (`2023-07-20T17:24:37.857`)
* [CVE-2023-36543](CVE-2023/CVE-2023-365xx/CVE-2023-36543.json) (`2023-07-20T17:31:19.070`)
* [CVE-2023-37627](CVE-2023/CVE-2023-376xx/CVE-2023-37627.json) (`2023-07-20T17:34:32.177`)
* [CVE-2023-37579](CVE-2023/CVE-2023-375xx/CVE-2023-37579.json) (`2023-07-20T17:37:20.790`)
* [CVE-2023-21400](CVE-2023/CVE-2023-214xx/CVE-2023-21400.json) (`2023-07-20T17:44:06.260`)
* [CVE-2023-21399](CVE-2023/CVE-2023-213xx/CVE-2023-21399.json) (`2023-07-20T17:44:44.537`)
* [CVE-2023-21262](CVE-2023/CVE-2023-212xx/CVE-2023-21262.json) (`2023-07-20T17:47:41.280`)
## Download and Usage