mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-07-09 16:05:11 +00:00
Auto-Update: 2023-05-04T12:00:23.542950+00:00
This commit is contained in:
parent
04f072bd96
commit
409a61eec6
55
CVE-2017/CVE-2017-201xx/CVE-2017-20184.json
Normal file
55
CVE-2017/CVE-2017-201xx/CVE-2017-20184.json
Normal file
@ -0,0 +1,55 @@
|
||||
{
|
||||
"id": "CVE-2017-20184",
|
||||
"sourceIdentifier": "info@cert.vde.com",
|
||||
"published": "2023-05-04T10:15:10.540",
|
||||
"lastModified": "2023-05-04T10:15:10.540",
|
||||
"vulnStatus": "Received",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Carlo Gavazzi Powersoft up to version 2.1.1.1 allows an unauthenticated, remote attacker to download any file from the affected device."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "info@cert.vde.com",
|
||||
"type": "Primary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "NONE",
|
||||
"userInteraction": "NONE",
|
||||
"scope": "UNCHANGED",
|
||||
"confidentialityImpact": "HIGH",
|
||||
"integrityImpact": "NONE",
|
||||
"availabilityImpact": "NONE",
|
||||
"baseScore": 7.5,
|
||||
"baseSeverity": "HIGH"
|
||||
},
|
||||
"exploitabilityScore": 3.9,
|
||||
"impactScore": 3.6
|
||||
}
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "info@cert.vde.com",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-22"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://www.exploit-db.com/exploits/42705",
|
||||
"source": "info@cert.vde.com"
|
||||
}
|
||||
]
|
||||
}
|
55
CVE-2022/CVE-2022-42xx/CVE-2022-4259.json
Normal file
55
CVE-2022/CVE-2022-42xx/CVE-2022-4259.json
Normal file
@ -0,0 +1,55 @@
|
||||
{
|
||||
"id": "CVE-2022-4259",
|
||||
"sourceIdentifier": "prodsec@nozominetworks.com",
|
||||
"published": "2023-05-04T11:15:08.930",
|
||||
"lastModified": "2023-05-04T11:15:08.930",
|
||||
"vulnStatus": "Received",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Due to improper input validation in the Alerts controller, a SQL injection vulnerability in Nozomi Networks Guardian and CMC allows an authenticated attacker to execute arbitrary SQL queries on the DBMS used by the web application."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "prodsec@nozominetworks.com",
|
||||
"type": "Secondary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "LOW",
|
||||
"userInteraction": "NONE",
|
||||
"scope": "UNCHANGED",
|
||||
"confidentialityImpact": "HIGH",
|
||||
"integrityImpact": "HIGH",
|
||||
"availabilityImpact": "HIGH",
|
||||
"baseScore": 8.8,
|
||||
"baseSeverity": "HIGH"
|
||||
},
|
||||
"exploitabilityScore": 2.8,
|
||||
"impactScore": 5.9
|
||||
}
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "prodsec@nozominetworks.com",
|
||||
"type": "Secondary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-89"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://security.nozominetworks.com/NN-2023:1-01",
|
||||
"source": "prodsec@nozominetworks.com"
|
||||
}
|
||||
]
|
||||
}
|
15
README.md
15
README.md
@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
|
||||
### Last Repository Update
|
||||
|
||||
```plain
|
||||
2023-05-04T10:00:24.652716+00:00
|
||||
2023-05-04T12:00:23.542950+00:00
|
||||
```
|
||||
|
||||
### Most recent CVE Modification Timestamp synchronized with NVD
|
||||
|
||||
```plain
|
||||
2023-05-04T08:15:26.540000+00:00
|
||||
2023-05-04T11:15:08.930000+00:00
|
||||
```
|
||||
|
||||
### Last Data Feed Release
|
||||
@ -29,22 +29,21 @@ Download and Changelog: [Click](releases/latest)
|
||||
### Total Number of included CVEs
|
||||
|
||||
```plain
|
||||
214044
|
||||
214046
|
||||
```
|
||||
|
||||
### CVEs added in the last Commit
|
||||
|
||||
Recently added CVEs: `1`
|
||||
Recently added CVEs: `2`
|
||||
|
||||
* [CVE-2023-22651](CVE-2023/CVE-2023-226xx/CVE-2023-22651.json) (`2023-05-04T08:15:22.893`)
|
||||
* [CVE-2017-20184](CVE-2017/CVE-2017-201xx/CVE-2017-20184.json) (`2023-05-04T10:15:10.540`)
|
||||
* [CVE-2022-4259](CVE-2022/CVE-2022-42xx/CVE-2022-4259.json) (`2023-05-04T11:15:08.930`)
|
||||
|
||||
|
||||
### CVEs modified in the last Commit
|
||||
|
||||
Recently modified CVEs: `2`
|
||||
Recently modified CVEs: `0`
|
||||
|
||||
* [CVE-2023-1804](CVE-2023/CVE-2023-18xx/CVE-2023-1804.json) (`2023-05-04T08:15:10.067`)
|
||||
* [CVE-2023-22921](CVE-2023/CVE-2023-229xx/CVE-2023-22921.json) (`2023-05-04T08:15:26.540`)
|
||||
|
||||
|
||||
## Download and Usage
|
||||
|
Loading…
x
Reference in New Issue
Block a user