admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-08 19:47:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-05-23T18:00:31.140445+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-05-23 18:00:34 +00:00
parent f938f1c87b
commit 4089f484e0
23 changed files with 851 additions and 131 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

73
CVE-2022/CVE-2022-416xx/CVE-2022-41687.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-41687", "id": "CVE-2022-41687",
"sourceIdentifier": "secure@intel.com", "sourceIdentifier": "secure@intel.com",
"published": "2023-05-10T14:15:18.417", "published": "2023-05-10T14:15:18.417",
"lastModified": "2023-05-23T15:35:37.740", "lastModified": "2023-05-23T16:01:47.040",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -88,8 +88,73 @@
"cpeMatch": [ "cpeMatch": [
{ {
"vulnerable": false, "vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "criteria": "cpe:2.3:o:microsoft:windows_10_1507:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21540673-614A-4D40-8BD7-3F07723803B0" "matchCriteriaId": "542DAEEC-73CC-46C6-A630-BF474A3446AC"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1511:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A8E9D99-BD78-4340-88F2-5AFF27AC37C9"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:-:*:*:*:*:*:*:*",
"matchCriteriaId": "61019899-D7AF-46E4-A72C-D189180F66AB"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1703:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E1DD582C-1660-4E6E-81A1-537BD1307A99"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1709:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AC160B20-3EA0-49A0-A857-4E7A1C2D74E2"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1803:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00345596-E9E0-4096-8DC6-0212F4747A13"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2E332666-2E03-468E-BC30-299816D6E8ED"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1903:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A363CE8F-F399-4B6E-9E7D-349792F95DDB"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_1909:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1B570A8-ED1A-46B6-B8AB-064445F8FC4C"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_2004:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D4DBE5B2-AE10-4251-BCDA-DC5EDEE6EE67"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_20h2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6AFD13A6-A390-4400-9029-2F4058CA17E2"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B1FED4C9-B680-4F44-ADC0-AC43D6B5F184"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F513002-D8C1-4D3A-9F79-4B52498F67E9"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D8DC08D-A860-493A-8AA6-1AD4A0A511AD"
} }
] ]
} }

4
CVE-2022/CVE-2022-468xx/CVE-2022-46813.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-46813", "id": "CVE-2022-46813",
"sourceIdentifier": "audit@patchstack.com", "sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-23T15:15:09.107", "published": "2023-05-23T15:15:09.107",
"lastModified": "2023-05-23T15:15:09.107", "lastModified": "2023-05-23T17:29:27.427",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

89
CVE-2023/CVE-2023-03xx/CVE-2023-0361.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-0361", "id": "CVE-2023-0361",
"sourceIdentifier": "secalert@redhat.com", "sourceIdentifier": "secalert@redhat.com",
"published": "2023-02-15T18:15:11.683", "published": "2023-02-15T18:15:11.683",
"lastModified": "2023-03-24T16:15:08.417", "lastModified": "2023-05-23T17:22:55.810",
"vulnStatus": "Modified", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -17,20 +17,20 @@
"type": "Primary", "type": "Primary",
"cvssData": { "cvssData": {
"version": "3.1", "version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK", "attackVector": "NETWORK",
"attackComplexity": "LOW", "attackComplexity": "HIGH",
"privilegesRequired": "NONE", "privilegesRequired": "NONE",
"userInteraction": "NONE", "userInteraction": "NONE",
"scope": "UNCHANGED", "scope": "UNCHANGED",
"confidentialityImpact": "HIGH", "confidentialityImpact": "HIGH",
"integrityImpact": "NONE", "integrityImpact": "HIGH",
"availabilityImpact": "NONE", "availabilityImpact": "NONE",
"baseScore": 7.5, "baseScore": 7.4,
"baseSeverity": "HIGH" "baseSeverity": "HIGH"
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 2.2,
"impactScore": 3.6 "impactScore": 5.2
} }
] ]
}, },
@ -96,6 +96,56 @@
] ]
} }
] ]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"matchCriteriaId": "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
"matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "3A756737-1CC4-42C2-A4DF-E1C893B4E2D5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:converged_systems_advisor_agent:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9A865472-D6A4-49D9-96E5-D33D0E58144D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E7CF3019-975D-40BB-A8A4-894E62BD3797"
}
]
}
]
} }
], ],
"references": [ "references": [
@ -133,19 +183,34 @@
}, },
{ {
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UFIA3X4IZ3CW7SRQ2UHNHNPMRIAWF2FI/", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UFIA3X4IZ3CW7SRQ2UHNHNPMRIAWF2FI/",
"source": "secalert@redhat.com" "source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
}, },
{ {
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WS4KVDOG6QTALWHC2QE4Y7VPDRMLTRWQ/", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WS4KVDOG6QTALWHC2QE4Y7VPDRMLTRWQ/",
"source": "secalert@redhat.com" "source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
}, },
{ {
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z634YBXAJ5VLDI62IOPBVP5K6YFHAWCY/", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z634YBXAJ5VLDI62IOPBVP5K6YFHAWCY/",
"source": "secalert@redhat.com" "source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
}, },
{ {
"url": "https://security.netapp.com/advisory/ntap-20230324-0005/", "url": "https://security.netapp.com/advisory/ntap-20230324-0005/",
"source": "secalert@redhat.com" "source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

52
CVE-2023/CVE-2023-06xx/CVE-2023-0600.json
View File

@ -2,15 +2,38 @@
"id": "CVE-2023-0600", "id": "CVE-2023-0600",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-05-15T13:15:09.867", "published": "2023-05-15T13:15:09.867",
"lastModified": "2023-05-15T13:26:09.987", "lastModified": "2023-05-23T16:00:49.437",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "The WP Visitor Statistics (Real Time Traffic) WordPress plugin before 6.9 does not escape user input which is concatenated to an SQL query, allowing unauthenticated visitors to conduct SQL Injection attacks." "value": "The WP Visitor Statistics (Real Time Traffic) WordPress plugin before 6.9 does not escape user input which is concatenated to an SQL query, allowing unauthenticated visitors to conduct SQL Injection attacks."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [ "weaknesses": [
{ {
"source": "contact@wpscan.com", "source": "contact@wpscan.com",
@ -23,10 +46,31 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:plugins-market:wp_visitor_statistics:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "6.9",
"matchCriteriaId": "9A0871E7-BA8C-40BD-AD77-E02D4949F40F"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://wpscan.com/vulnerability/8f46df4d-cb80-4d66-846f-85faf2ea0ec4", "url": "https://wpscan.com/vulnerability/8f46df4d-cb80-4d66-846f-85faf2ea0ec4",
"source": "contact@wpscan.com" "source": "contact@wpscan.com",
"tags": [
"Exploit"
]
} }
] ]
} }

52
CVE-2023/CVE-2023-06xx/CVE-2023-0644.json
View File

@ -2,15 +2,38 @@
"id": "CVE-2023-0644", "id": "CVE-2023-0644",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-05-15T13:15:09.920", "published": "2023-05-15T13:15:09.920",
"lastModified": "2023-05-15T13:26:09.987", "lastModified": "2023-05-23T17:25:31.977",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "The Push Notifications for WordPress by PushAssist WordPress plugin through 3.0.8 does not sanitise and escape various parameters before outputting them back in pages, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin." "value": "The Push Notifications for WordPress by PushAssist WordPress plugin through 3.0.8 does not sanitise and escape various parameters before outputting them back in pages, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [ "weaknesses": [
{ {
"source": "contact@wpscan.com", "source": "contact@wpscan.com",
@ -23,10 +46,31 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pushassist:push_notifications:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "3.0.8",
"matchCriteriaId": "365C929E-D25D-4DFA-988D-53A20B2F4E89"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://wpscan.com/vulnerability/08f5089c-36f3-4d12-bca5-99cd3ae78f67", "url": "https://wpscan.com/vulnerability/08f5089c-36f3-4d12-bca5-99cd3ae78f67",
"source": "contact@wpscan.com" "source": "contact@wpscan.com",
"tags": [
"Exploit"
]
} }
] ]
} }

52
CVE-2023/CVE-2023-07xx/CVE-2023-0761.json
View File

@ -2,15 +2,38 @@
"id": "CVE-2023-0761", "id": "CVE-2023-0761",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-05-15T13:15:09.987", "published": "2023-05-15T13:15:09.987",
"lastModified": "2023-05-15T13:26:09.987", "lastModified": "2023-05-23T17:26:14.353",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "The Clock In Portal- Staff & Attendance Management WordPress plugin through 2.1 does not have CSRF check when deleting Staff members, which could allow attackers to make logged in admins delete arbitrary Staff via a CSRF attack" "value": "The Clock In Portal- Staff & Attendance Management WordPress plugin through 2.1 does not have CSRF check when deleting Staff members, which could allow attackers to make logged in admins delete arbitrary Staff via a CSRF attack"
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [ "weaknesses": [
{ {
"source": "contact@wpscan.com", "source": "contact@wpscan.com",
@ -23,10 +46,31 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:infigosoftware:clock_in_portal-_staff_\\&_attendance_management:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.1",
"matchCriteriaId": "BE31D644-8D4A-41E4-A265-B0EBA148326F"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://wpscan.com/vulnerability/88fb064e-0001-446c-8e43-9fe3feff6c1f", "url": "https://wpscan.com/vulnerability/88fb064e-0001-446c-8e43-9fe3feff6c1f",
"source": "contact@wpscan.com" "source": "contact@wpscan.com",
"tags": [
"Exploit"
]
} }
] ]
} }

52
CVE-2023/CVE-2023-07xx/CVE-2023-0762.json
View File

@ -2,15 +2,38 @@
"id": "CVE-2023-0762", "id": "CVE-2023-0762",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-05-15T13:15:10.037", "published": "2023-05-15T13:15:10.037",
"lastModified": "2023-05-15T13:26:09.987", "lastModified": "2023-05-23T17:33:28.403",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "The Clock In Portal- Staff & Attendance Management WordPress plugin through 2.1 does not have CSRF check when deleting designations, which could allow attackers to make logged in admins delete arbitrary designations via a CSRF attack" "value": "The Clock In Portal- Staff & Attendance Management WordPress plugin through 2.1 does not have CSRF check when deleting designations, which could allow attackers to make logged in admins delete arbitrary designations via a CSRF attack"
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [ "weaknesses": [
{ {
"source": "contact@wpscan.com", "source": "contact@wpscan.com",
@ -23,10 +46,31 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:infigosoftware:clock_in_portal-_staff_\\&_attendance_management:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.1",
"matchCriteriaId": "BE31D644-8D4A-41E4-A265-B0EBA148326F"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://wpscan.com/vulnerability/9be952e0-d8ae-440f-8819-cb19485f35f3", "url": "https://wpscan.com/vulnerability/9be952e0-d8ae-440f-8819-cb19485f35f3",
"source": "contact@wpscan.com" "source": "contact@wpscan.com",
"tags": [
"Exploit"
]
} }
] ]
} }

64
CVE-2023/CVE-2023-07xx/CVE-2023-0763.json
View File

@ -2,18 +2,41 @@
"id": "CVE-2023-0763", "id": "CVE-2023-0763",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-05-15T13:15:10.087", "published": "2023-05-15T13:15:10.087",
"lastModified": "2023-05-15T13:26:09.987", "lastModified": "2023-05-23T17:33:54.027",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "The Clock In Portal- Staff & Attendance Management WordPress plugin through 2.1 does not have CSRF check when deleting Holidays, which could allow attackers to make logged in admins delete arbitrary holidays via a CSRF attack" "value": "The Clock In Portal- Staff & Attendance Management WordPress plugin through 2.1 does not have CSRF check when deleting Holidays, which could allow attackers to make logged in admins delete arbitrary holidays via a CSRF attack"
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [ "weaknesses": [
{ {
"source": "contact@wpscan.com", "source": "nvd@nist.gov",
"type": "Primary", "type": "Primary",
"description": [ "description": [
{ {
@ -21,12 +44,43 @@
"value": "CWE-352" "value": "CWE-352"
} }
] ]
},
{
"source": "contact@wpscan.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:infigosoftware:clock_in_portal-_staff_\\&_attendance_management:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.1",
"matchCriteriaId": "BE31D644-8D4A-41E4-A265-B0EBA148326F"
}
]
}
]
} }
], ],
"references": [ "references": [
{ {
"url": "https://wpscan.com/vulnerability/4b55f868-62f8-43a1-9817-68cd1fc6190f", "url": "https://wpscan.com/vulnerability/4b55f868-62f8-43a1-9817-68cd1fc6190f",
"source": "contact@wpscan.com" "source": "contact@wpscan.com",
"tags": [
"Exploit"
]
} }
] ]
} }

52
CVE-2023/CVE-2023-08xx/CVE-2023-0812.json
View File

@ -2,15 +2,38 @@
"id": "CVE-2023-0812", "id": "CVE-2023-0812",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-05-15T13:15:10.140", "published": "2023-05-15T13:15:10.140",
"lastModified": "2023-05-15T13:26:09.987", "lastModified": "2023-05-23T17:34:40.603",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "The Active Directory Integration / LDAP Integration WordPress plugin before 4.1.1 does not have proper authorization or nonce values for some POST requests, leading to unauthenticated data disclosure." "value": "The Active Directory Integration / LDAP Integration WordPress plugin before 4.1.1 does not have proper authorization or nonce values for some POST requests, leading to unauthenticated data disclosure."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [ "weaknesses": [
{ {
"source": "contact@wpscan.com", "source": "contact@wpscan.com",
@ -23,10 +46,31 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:miniorange:active_directory_integration_\\/_ldap_integration:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "4.1.1",
"matchCriteriaId": "2B0880E0-EC4F-415B-8342-A4CBBE19150D"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://wpscan.com/vulnerability/0ed5e1b3-f2a3-4eb1-b8ae-d3a62f600107", "url": "https://wpscan.com/vulnerability/0ed5e1b3-f2a3-4eb1-b8ae-d3a62f600107",
"source": "contact@wpscan.com" "source": "contact@wpscan.com",
"tags": [
"Exploit"
]
} }
] ]
} }

52
CVE-2023/CVE-2023-08xx/CVE-2023-0892.json
View File

@ -2,15 +2,38 @@
"id": "CVE-2023-0892", "id": "CVE-2023-0892",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-05-15T13:15:10.190", "published": "2023-05-15T13:15:10.190",
"lastModified": "2023-05-15T13:26:09.987", "lastModified": "2023-05-23T17:36:58.950",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "The BizLibrary WordPress plugin through 1.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)" "value": "The BizLibrary WordPress plugin through 1.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)"
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},
"weaknesses": [ "weaknesses": [
{ {
"source": "contact@wpscan.com", "source": "contact@wpscan.com",
@ -23,10 +46,31 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bizlibrary:bizlibrary:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.1",
"matchCriteriaId": "963E68A3-6ABC-4F29-BFBC-FC9E063BE91C"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://wpscan.com/vulnerability/54150be5-a53f-4b94-8ce5-04e073e3ab1f", "url": "https://wpscan.com/vulnerability/54150be5-a53f-4b94-8ce5-04e073e3ab1f",
"source": "contact@wpscan.com" "source": "contact@wpscan.com",
"tags": [
"Exploit"
]
} }
] ]
} }

52
CVE-2023/CVE-2023-10xx/CVE-2023-1019.json
View File

@ -2,15 +2,38 @@
"id": "CVE-2023-1019", "id": "CVE-2023-1019",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-05-15T13:15:10.253", "published": "2023-05-15T13:15:10.253",
"lastModified": "2023-05-15T13:26:09.987", "lastModified": "2023-05-23T17:37:30.257",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "The Help Desk WP WordPress plugin through 1.2.0 does not sanitise and escape some parameters, which could allow users with a role as low as Editor to perform Cross-Site Scripting attacks." "value": "The Help Desk WP WordPress plugin through 1.2.0 does not sanitise and escape some parameters, which could allow users with a role as low as Editor to perform Cross-Site Scripting attacks."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [ "weaknesses": [
{ {
"source": "contact@wpscan.com", "source": "contact@wpscan.com",
@ -23,10 +46,31 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:help_desk_wp_project:help_desk_wp:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.2.0",
"matchCriteriaId": "EA603281-5CEB-4625-AA2E-2E7CDD18D0EB"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://wpscan.com/vulnerability/a6331ca8-9603-4134-af39-8e77ac9d511c", "url": "https://wpscan.com/vulnerability/a6331ca8-9603-4134-af39-8e77ac9d511c",
"source": "contact@wpscan.com" "source": "contact@wpscan.com",
"tags": [
"Exploit"
]
} }
] ]
} }

52
CVE-2023/CVE-2023-12xx/CVE-2023-1207.json
View File

@ -2,15 +2,38 @@
"id": "CVE-2023-1207", "id": "CVE-2023-1207",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-05-15T13:15:10.303", "published": "2023-05-15T13:15:10.303",
"lastModified": "2023-05-15T13:26:09.987", "lastModified": "2023-05-23T17:40:40.700",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "This HTTP Headers WordPress plugin before 1.18.8 has an import functionality which executes arbitrary SQL on the server, leading to an SQL Injection vulnerability." "value": "This HTTP Headers WordPress plugin before 1.18.8 has an import functionality which executes arbitrary SQL on the server, leading to an SQL Injection vulnerability."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
"weaknesses": [ "weaknesses": [
{ {
"source": "contact@wpscan.com", "source": "contact@wpscan.com",
@ -23,10 +46,31 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:http_headers_project:http_headers:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.18.8",
"matchCriteriaId": "90D4B3F3-D7F6-48F5-AE76-6478BA3C4037"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://wpscan.com/vulnerability/6f3f460b-542a-4d32-8feb-afa1aef57e37", "url": "https://wpscan.com/vulnerability/6f3f460b-542a-4d32-8feb-afa1aef57e37",
"source": "contact@wpscan.com" "source": "contact@wpscan.com",
"tags": [
"Exploit"
]
} }
] ]
} }

59
CVE-2023/CVE-2023-12xx/CVE-2023-1209.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-1209",
"sourceIdentifier": "psirt@servicenow.com",
"published": "2023-05-23T17:15:08.950",
"lastModified": "2023-05-23T17:29:27.427",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Scripting (XSS) vulnerabilities exist in ServiceNow records allowing an authenticated attacker to inject arbitrary scripts."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@servicenow.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "psirt@servicenow.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1262967",
"source": "psirt@servicenow.com"
},
{
"url": "https://www.linkedin.com/in/osamay/",
"source": "psirt@servicenow.com"
}
]
}

52
CVE-2023/CVE-2023-15xx/CVE-2023-1549.json
View File

@ -2,15 +2,38 @@
"id": "CVE-2023-1549", "id": "CVE-2023-1549",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-05-15T13:15:10.353", "published": "2023-05-15T13:15:10.353",
"lastModified": "2023-05-15T13:26:09.987", "lastModified": "2023-05-23T17:41:07.897",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "The Ad Inserter WordPress plugin before 2.7.27 unserializes user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is present" "value": "The Ad Inserter WordPress plugin before 2.7.27 unserializes user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is present"
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
"weaknesses": [ "weaknesses": [
{ {
"source": "contact@wpscan.com", "source": "contact@wpscan.com",
@ -23,10 +46,31 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ad_inserter_project:ad_inserter:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.7.27",
"matchCriteriaId": "565B607D-9D5F-4EA4-97A9-D1547BFA6A4D"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://wpscan.com/vulnerability/c94b3a68-673b-44d7-9251-f3590cc5ee9e", "url": "https://wpscan.com/vulnerability/c94b3a68-673b-44d7-9251-f3590cc5ee9e",
"source": "contact@wpscan.com" "source": "contact@wpscan.com",
"tags": [
"Exploit"
]
} }
] ]
} }

6
CVE-2023/CVE-2023-228xx/CVE-2023-22809.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-22809", "id": "CVE-2023-22809",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-01-18T17:15:10.353", "published": "2023-01-18T17:15:10.353",
"lastModified": "2023-05-03T12:16:45.740", "lastModified": "2023-05-23T16:15:21.390",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"descriptions": [ "descriptions": [
{ {
@ -115,6 +115,10 @@
"url": "http://packetstormsecurity.com/files/171644/sudo-1.9.12p1-Privilege-Escalation.html", "url": "http://packetstormsecurity.com/files/171644/sudo-1.9.12p1-Privilege-Escalation.html",
"source": "cve@mitre.org" "source": "cve@mitre.org"
}, },
{
"url": "http://packetstormsecurity.com/files/172509/Sudoedit-Extra-Arguments-Privilege-Escalation.html",
"source": "cve@mitre.org"
},
{ {
"url": "http://www.openwall.com/lists/oss-security/2023/01/19/1", "url": "http://www.openwall.com/lists/oss-security/2023/01/19/1",
"source": "cve@mitre.org", "source": "cve@mitre.org",

55
CVE-2023/CVE-2023-254xx/CVE-2023-25474.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-25474",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-23T16:15:21.577",
"lastModified": "2023-05-23T17:29:27.427",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in Csaba Kissi About Me 3000 widget plugin <=\u00a02.2.6 versions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/about-me-3000/wordpress-about-me-3000-widget-plugin-2-2-6-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

4
CVE-2023/CVE-2023-260xx/CVE-2023-26011.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-26011", "id": "CVE-2023-26011",
"sourceIdentifier": "audit@patchstack.com", "sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-23T15:15:09.190", "published": "2023-05-23T15:15:09.190",
"lastModified": "2023-05-23T15:15:09.190", "lastModified": "2023-05-23T17:29:27.427",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

4
CVE-2023/CVE-2023-260xx/CVE-2023-26014.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-26014", "id": "CVE-2023-26014",
"sourceIdentifier": "audit@patchstack.com", "sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-23T15:15:09.263", "published": "2023-05-23T15:15:09.263",
"lastModified": "2023-05-23T15:15:09.263", "lastModified": "2023-05-23T17:29:27.427",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

32
CVE-2023/CVE-2023-325xx/CVE-2023-32573.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-32573", "id": "CVE-2023-32573",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-05-10T06:15:19.070", "published": "2023-05-10T06:15:19.070",
"lastModified": "2023-05-17T16:56:07.567", "lastModified": "2023-05-23T17:24:32.613",
"vulnStatus": "Analyzed", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
@ -17,19 +17,19 @@
"type": "Primary", "type": "Primary",
"cvssData": { "cvssData": {
"version": "3.1", "version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK", "attackVector": "NETWORK",
"attackComplexity": "LOW", "attackComplexity": "LOW",
"privilegesRequired": "NONE", "privilegesRequired": "NONE",
"userInteraction": "NONE", "userInteraction": "REQUIRED",
"scope": "UNCHANGED", "scope": "UNCHANGED",
"confidentialityImpact": "NONE", "confidentialityImpact": "NONE",
"integrityImpact": "NONE", "integrityImpact": "NONE",
"availabilityImpact": "HIGH", "availabilityImpact": "HIGH",
"baseScore": 7.5, "baseScore": 6.5,
"baseSeverity": "HIGH" "baseSeverity": "MEDIUM"
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 2.8,
"impactScore": 3.6 "impactScore": 3.6
} }
] ]
@ -76,6 +76,26 @@
] ]
} }
] ]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D"
}
]
}
]
} }
], ],
"references": [ "references": [

45
CVE-2023/CVE-2023-326xx/CVE-2023-32668.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32668", "id": "CVE-2023-32668",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-05-11T06:15:10.000", "published": "2023-05-11T06:15:10.000",
"lastModified": "2023-05-20T18:15:09.253", "lastModified": "2023-05-23T17:31:45.217",
"vulnStatus": "Modified", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -17,20 +17,20 @@
"type": "Primary", "type": "Primary",
"cvssData": { "cvssData": {
"version": "3.1", "version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK", "attackVector": "LOCAL",
"attackComplexity": "LOW", "attackComplexity": "LOW",
"privilegesRequired": "NONE", "privilegesRequired": "NONE",
"userInteraction": "NONE", "userInteraction": "REQUIRED",
"scope": "UNCHANGED", "scope": "UNCHANGED",
"confidentialityImpact": "HIGH", "confidentialityImpact": "HIGH",
"integrityImpact": "HIGH", "integrityImpact": "NONE",
"availabilityImpact": "HIGH", "availabilityImpact": "NONE",
"baseScore": 9.8, "baseScore": 5.5,
"baseSeverity": "CRITICAL" "baseSeverity": "MEDIUM"
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 1.8,
"impactScore": 5.9 "impactScore": 3.6
} }
] ]
}, },
@ -56,8 +56,23 @@
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:a:luatex_project:luatex:*:*:*:*:*:*:*:*", "criteria": "cpe:2.3:a:luatex_project:luatex:*:*:*:*:*:*:*:*",
"versionStartIncluding": "0.27.0",
"versionEndExcluding": "1.17.0", "versionEndExcluding": "1.17.0",
"matchCriteriaId": "58757D4F-419C-4613-AEC1-4D6792932B4F" "matchCriteriaId": "A202E549-A10A-44D1-BCD1-C3838612CB19"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:miktex:miktex:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.9.0",
"versionEndExcluding": "23.5",
"matchCriteriaId": "2823626C-8167-41D8-A912-87EAEEE441F2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tug:tex_live:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2009",
"versionEndExcluding": "2023",
"matchCriteriaId": "13840740-D76B-422F-9D41-4DCAFCF04F6E"
} }
] ]
} }
@ -90,7 +105,11 @@
}, },
{ {
"url": "https://tug.org/~mseven/luatex.html#luasocket", "url": "https://tug.org/~mseven/luatex.html#luasocket",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
]
} }
] ]
} }

4
CVE-2023/CVE-2023-335xx/CVE-2023-33599.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-33599", "id": "CVE-2023-33599",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-05-23T15:15:09.343", "published": "2023-05-23T15:15:09.343",
"lastModified": "2023-05-23T15:15:09.343", "lastModified": "2023-05-23T17:29:27.427",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

4
CVE-2023/CVE-2023-336xx/CVE-2023-33617.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-33617", "id": "CVE-2023-33617",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-05-23T15:15:09.403", "published": "2023-05-23T15:15:09.403",
"lastModified": "2023-05-23T15:15:09.403", "lastModified": "2023-05-23T17:29:27.427",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

71
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update ### Last Repository Update
```plain ```plain
2023-05-23T16:00:29.409474+00:00 2023-05-23T18:00:31.140445+00:00
``` ```
### Most recent CVE Modification Timestamp synchronized with NVD ### Most recent CVE Modification Timestamp synchronized with NVD
```plain ```plain
2023-05-23T15:59:19.260000+00:00 2023-05-23T17:41:07.897000+00:00
``` ```
### Last Data Feed Release ### Last Data Feed Release
@ -29,58 +29,41 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs ### Total Number of included CVEs
```plain ```plain
215857 215859
``` ```
### CVEs added in the last Commit ### CVEs added in the last Commit
Recently added CVEs: `14` Recently added CVEs: `2`
* [CVE-2022-46851](CVE-2022/CVE-2022-468xx/CVE-2022-46851.json) (`2023-05-23T14:15:09.277`) * [CVE-2023-25474](CVE-2023/CVE-2023-254xx/CVE-2023-25474.json) (`2023-05-23T16:15:21.577`)
* [CVE-2022-46853](CVE-2022/CVE-2022-468xx/CVE-2022-46853.json) (`2023-05-23T14:15:09.410`) * [CVE-2023-1209](CVE-2023/CVE-2023-12xx/CVE-2023-1209.json) (`2023-05-23T17:15:08.950`)
* [CVE-2022-46813](CVE-2022/CVE-2022-468xx/CVE-2022-46813.json) (`2023-05-23T15:15:09.107`)
* [CVE-2023-23705](CVE-2023/CVE-2023-237xx/CVE-2023-23705.json) (`2023-05-23T14:15:09.507`)
* [CVE-2023-23713](CVE-2023/CVE-2023-237xx/CVE-2023-23713.json) (`2023-05-23T14:15:09.577`)
* [CVE-2023-25056](CVE-2023/CVE-2023-250xx/CVE-2023-25056.json) (`2023-05-23T14:15:09.657`)
* [CVE-2023-30440](CVE-2023/CVE-2023-304xx/CVE-2023-30440.json) (`2023-05-23T14:15:09.733`)
* [CVE-2023-33359](CVE-2023/CVE-2023-333xx/CVE-2023-33359.json) (`2023-05-23T14:15:09.813`)
* [CVE-2023-33361](CVE-2023/CVE-2023-333xx/CVE-2023-33361.json) (`2023-05-23T14:15:09.863`)
* [CVE-2023-33362](CVE-2023/CVE-2023-333xx/CVE-2023-33362.json) (`2023-05-23T14:15:09.917`)
* [CVE-2023-26011](CVE-2023/CVE-2023-260xx/CVE-2023-26011.json) (`2023-05-23T15:15:09.190`)
* [CVE-2023-26014](CVE-2023/CVE-2023-260xx/CVE-2023-26014.json) (`2023-05-23T15:15:09.263`)
* [CVE-2023-33599](CVE-2023/CVE-2023-335xx/CVE-2023-33599.json) (`2023-05-23T15:15:09.343`)
* [CVE-2023-33617](CVE-2023/CVE-2023-336xx/CVE-2023-33617.json) (`2023-05-23T15:15:09.403`)
### CVEs modified in the last Commit ### CVEs modified in the last Commit
Recently modified CVEs: `29` Recently modified CVEs: `20`
* [CVE-2016-10878](CVE-2016/CVE-2016-108xx/CVE-2016-10878.json) (`2023-05-23T15:11:16.463`) * [CVE-2022-41687](CVE-2022/CVE-2022-416xx/CVE-2022-41687.json) (`2023-05-23T16:01:47.040`)
* [CVE-2020-9334](CVE-2020/CVE-2020-93xx/CVE-2020-9334.json) (`2023-05-23T14:22:22.827`) * [CVE-2022-46813](CVE-2022/CVE-2022-468xx/CVE-2022-46813.json) (`2023-05-23T17:29:27.427`)
* [CVE-2020-11514](CVE-2020/CVE-2020-115xx/CVE-2020-11514.json) (`2023-05-23T14:57:32.420`) * [CVE-2023-0600](CVE-2023/CVE-2023-06xx/CVE-2023-0600.json) (`2023-05-23T16:00:49.437`)
* [CVE-2020-11515](CVE-2020/CVE-2020-115xx/CVE-2020-11515.json) (`2023-05-23T14:57:32.420`) * [CVE-2023-22809](CVE-2023/CVE-2023-228xx/CVE-2023-22809.json) (`2023-05-23T16:15:21.390`)
* [CVE-2022-43507](CVE-2022/CVE-2022-435xx/CVE-2022-43507.json) (`2023-05-23T14:20:04.157`) * [CVE-2023-0361](CVE-2023/CVE-2023-03xx/CVE-2023-0361.json) (`2023-05-23T17:22:55.810`)
* [CVE-2022-46279](CVE-2022/CVE-2022-462xx/CVE-2022-46279.json) (`2023-05-23T14:21:58.433`) * [CVE-2023-32573](CVE-2023/CVE-2023-325xx/CVE-2023-32573.json) (`2023-05-23T17:24:32.613`)
* [CVE-2022-43474](CVE-2022/CVE-2022-434xx/CVE-2022-43474.json) (`2023-05-23T14:29:33.257`) * [CVE-2023-0644](CVE-2023/CVE-2023-06xx/CVE-2023-0644.json) (`2023-05-23T17:25:31.977`)
* [CVE-2022-41801](CVE-2022/CVE-2022-418xx/CVE-2022-41801.json) (`2023-05-23T14:33:44.353`) * [CVE-2023-0761](CVE-2023/CVE-2023-07xx/CVE-2023-0761.json) (`2023-05-23T17:26:14.353`)
* [CVE-2022-36376](CVE-2022/CVE-2022-363xx/CVE-2022-36376.json) (`2023-05-23T14:57:32.420`) * [CVE-2023-26011](CVE-2023/CVE-2023-260xx/CVE-2023-26011.json) (`2023-05-23T17:29:27.427`)
* [CVE-2022-41769](CVE-2022/CVE-2022-417xx/CVE-2022-41769.json) (`2023-05-23T15:02:51.017`) * [CVE-2023-26014](CVE-2023/CVE-2023-260xx/CVE-2023-26014.json) (`2023-05-23T17:29:27.427`)
* [CVE-2022-41693](CVE-2022/CVE-2022-416xx/CVE-2022-41693.json) (`2023-05-23T15:29:10.507`) * [CVE-2023-33599](CVE-2023/CVE-2023-335xx/CVE-2023-33599.json) (`2023-05-23T17:29:27.427`)
* [CVE-2022-41690](CVE-2022/CVE-2022-416xx/CVE-2022-41690.json) (`2023-05-23T15:34:58.283`) * [CVE-2023-33617](CVE-2023/CVE-2023-336xx/CVE-2023-33617.json) (`2023-05-23T17:29:27.427`)
* [CVE-2022-41687](CVE-2022/CVE-2022-416xx/CVE-2022-41687.json) (`2023-05-23T15:35:37.740`) * [CVE-2023-32668](CVE-2023/CVE-2023-326xx/CVE-2023-32668.json) (`2023-05-23T17:31:45.217`)
* [CVE-2022-41610](CVE-2022/CVE-2022-416xx/CVE-2022-41610.json) (`2023-05-23T15:40:00.390`) * [CVE-2023-0762](CVE-2023/CVE-2023-07xx/CVE-2023-0762.json) (`2023-05-23T17:33:28.403`)
* [CVE-2022-4774](CVE-2022/CVE-2022-47xx/CVE-2022-4774.json) (`2023-05-23T15:42:56.457`) * [CVE-2023-0763](CVE-2023/CVE-2023-07xx/CVE-2023-0763.json) (`2023-05-23T17:33:54.027`)
* [CVE-2022-41628](CVE-2022/CVE-2022-416xx/CVE-2022-41628.json) (`2023-05-23T15:59:19.260`) * [CVE-2023-0812](CVE-2023/CVE-2023-08xx/CVE-2023-0812.json) (`2023-05-23T17:34:40.603`)
* [CVE-2023-31845](CVE-2023/CVE-2023-318xx/CVE-2023-31845.json) (`2023-05-23T14:50:03.040`) * [CVE-2023-0892](CVE-2023/CVE-2023-08xx/CVE-2023-0892.json) (`2023-05-23T17:36:58.950`)
* [CVE-2023-31844](CVE-2023/CVE-2023-318xx/CVE-2023-31844.json) (`2023-05-23T14:50:41.410`) * [CVE-2023-1019](CVE-2023/CVE-2023-10xx/CVE-2023-1019.json) (`2023-05-23T17:37:30.257`)
* [CVE-2023-31843](CVE-2023/CVE-2023-318xx/CVE-2023-31843.json) (`2023-05-23T14:51:02.440`) * [CVE-2023-1207](CVE-2023/CVE-2023-12xx/CVE-2023-1207.json) (`2023-05-23T17:40:40.700`)
* [CVE-2023-31842](CVE-2023/CVE-2023-318xx/CVE-2023-31842.json) (`2023-05-23T14:51:14.240`) * [CVE-2023-1549](CVE-2023/CVE-2023-15xx/CVE-2023-1549.json) (`2023-05-23T17:41:07.897`)
* [CVE-2023-23878](CVE-2023/CVE-2023-238xx/CVE-2023-23878.json) (`2023-05-23T15:11:16.463`)
* [CVE-2023-28473](CVE-2023/CVE-2023-284xx/CVE-2023-28473.json) (`2023-05-23T15:38:06.487`)
* [CVE-2023-0233](CVE-2023/CVE-2023-02xx/CVE-2023-0233.json) (`2023-05-23T15:43:28.077`)
* [CVE-2023-0490](CVE-2023/CVE-2023-04xx/CVE-2023-0490.json) (`2023-05-23T15:43:58.993`)
* [CVE-2023-0520](CVE-2023/CVE-2023-05xx/CVE-2023-0520.json) (`2023-05-23T15:45:27.587`)
## Download and Usage ## Download and Usage