From 4183a81d739bcdc47c0438a9d6e93a9145dc306d Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Wed, 19 Jul 2023 18:01:01 +0000 Subject: [PATCH] Auto-Update: 2023-07-19T18:00:58.031131+00:00 --- CVE-2021/CVE-2021-437xx/CVE-2021-43757.json | 71 +++++++- CVE-2021/CVE-2021-437xx/CVE-2021-43758.json | 71 +++++++- CVE-2021/CVE-2021-437xx/CVE-2021-43759.json | 83 ++++++++- CVE-2021/CVE-2021-437xx/CVE-2021-43760.json | 71 +++++++- CVE-2022/CVE-2022-408xx/CVE-2022-40896.json | 4 +- CVE-2022/CVE-2022-484xx/CVE-2022-48450.json | 145 +++++++++++++++- CVE-2022/CVE-2022-484xx/CVE-2022-48451.json | 150 +++++++++++++++- CVE-2023/CVE-2023-225xx/CVE-2023-22506.json | 4 +- CVE-2023/CVE-2023-237xx/CVE-2023-23756.json | 61 ++++++- CVE-2023/CVE-2023-244xx/CVE-2023-24491.json | 69 +++++++- CVE-2023/CVE-2023-251xx/CVE-2023-25194.json | 14 +- CVE-2023/CVE-2023-258xx/CVE-2023-25838.json | 55 ++++++ CVE-2023/CVE-2023-258xx/CVE-2023-25839.json | 55 ++++++ CVE-2023/CVE-2023-273xx/CVE-2023-27379.json | 4 +- CVE-2023/CVE-2023-287xx/CVE-2023-28744.json | 4 +- CVE-2023/CVE-2023-292xx/CVE-2023-29298.json | 182 +++++++++++++++++++- CVE-2023/CVE-2023-293xx/CVE-2023-29308.json | 52 +++++- CVE-2023/CVE-2023-293xx/CVE-2023-29309.json | 74 +++++++- CVE-2023/CVE-2023-293xx/CVE-2023-29310.json | 74 +++++++- CVE-2023/CVE-2023-293xx/CVE-2023-29311.json | 74 +++++++- CVE-2023/CVE-2023-293xx/CVE-2023-29312.json | 74 +++++++- CVE-2023/CVE-2023-293xx/CVE-2023-29313.json | 74 +++++++- CVE-2023/CVE-2023-293xx/CVE-2023-29314.json | 74 +++++++- CVE-2023/CVE-2023-294xx/CVE-2023-29414.json | 48 +++++- CVE-2023/CVE-2023-307xx/CVE-2023-30799.json | 4 +- CVE-2023/CVE-2023-309xx/CVE-2023-30913.json | 150 +++++++++++++++- CVE-2023/CVE-2023-309xx/CVE-2023-30916.json | 150 +++++++++++++++- CVE-2023/CVE-2023-309xx/CVE-2023-30917.json | 150 +++++++++++++++- CVE-2023/CVE-2023-309xx/CVE-2023-30918.json | 150 +++++++++++++++- CVE-2023/CVE-2023-309xx/CVE-2023-30922.json | 150 +++++++++++++++- CVE-2023/CVE-2023-309xx/CVE-2023-30923.json | 150 +++++++++++++++- CVE-2023/CVE-2023-309xx/CVE-2023-30924.json | 150 +++++++++++++++- CVE-2023/CVE-2023-309xx/CVE-2023-30925.json | 150 +++++++++++++++- CVE-2023/CVE-2023-309xx/CVE-2023-30926.json | 150 +++++++++++++++- CVE-2023/CVE-2023-309xx/CVE-2023-30927.json | 150 +++++++++++++++- CVE-2023/CVE-2023-30xx/CVE-2023-3023.json | 32 +++- CVE-2023/CVE-2023-31xx/CVE-2023-3131.json | 53 +++++- CVE-2023/CVE-2023-31xx/CVE-2023-3158.json | 54 +++++- CVE-2023/CVE-2023-31xx/CVE-2023-3166.json | 54 +++++- CVE-2023/CVE-2023-31xx/CVE-2023-3167.json | 54 +++++- CVE-2023/CVE-2023-322xx/CVE-2023-32261.json | 51 ++++++ CVE-2023/CVE-2023-322xx/CVE-2023-32262.json | 51 ++++++ CVE-2023/CVE-2023-322xx/CVE-2023-32263.json | 47 +++++ CVE-2023/CVE-2023-326xx/CVE-2023-32664.json | 4 +- CVE-2023/CVE-2023-32xx/CVE-2023-3202.json | 37 +++- CVE-2023/CVE-2023-32xx/CVE-2023-3209.json | 53 +++++- CVE-2023/CVE-2023-32xx/CVE-2023-3271.json | 79 ++++++++- CVE-2023/CVE-2023-32xx/CVE-2023-3272.json | 79 ++++++++- CVE-2023/CVE-2023-32xx/CVE-2023-3273.json | 79 ++++++++- CVE-2023/CVE-2023-331xx/CVE-2023-33168.json | 133 +++++++++++++- CVE-2023/CVE-2023-331xx/CVE-2023-33169.json | 133 +++++++++++++- CVE-2023/CVE-2023-331xx/CVE-2023-33170.json | 76 +++++++- CVE-2023/CVE-2023-331xx/CVE-2023-33173.json | 133 +++++++++++++- CVE-2023/CVE-2023-331xx/CVE-2023-33174.json | 111 +++++++++++- CVE-2023/CVE-2023-332xx/CVE-2023-33253.json | 8 +- CVE-2023/CVE-2023-338xx/CVE-2023-33866.json | 4 +- CVE-2023/CVE-2023-338xx/CVE-2023-33876.json | 8 +- CVE-2023/CVE-2023-340xx/CVE-2023-34034.json | 4 +- CVE-2023/CVE-2023-343xx/CVE-2023-34318.json | 94 +++++++++- CVE-2023/CVE-2023-34xx/CVE-2023-3463.json | 4 +- CVE-2023/CVE-2023-358xx/CVE-2023-35874.json | 116 ++++++++++++- CVE-2023/CVE-2023-35xx/CVE-2023-3565.json | 56 +++++- CVE-2023/CVE-2023-35xx/CVE-2023-3566.json | 63 ++++++- CVE-2023/CVE-2023-36xx/CVE-2023-3626.json | 62 ++++++- CVE-2023/CVE-2023-36xx/CVE-2023-3638.json | 4 +- CVE-2023/CVE-2023-371xx/CVE-2023-37196.json | 59 ++++++- CVE-2023/CVE-2023-371xx/CVE-2023-37197.json | 47 ++++- CVE-2023/CVE-2023-371xx/CVE-2023-37198.json | 47 ++++- CVE-2023/CVE-2023-377xx/CVE-2023-37748.json | 24 +++ README.md | 77 ++++----- 70 files changed, 4802 insertions(+), 279 deletions(-) create mode 100644 CVE-2023/CVE-2023-258xx/CVE-2023-25838.json create mode 100644 CVE-2023/CVE-2023-258xx/CVE-2023-25839.json create mode 100644 CVE-2023/CVE-2023-322xx/CVE-2023-32261.json create mode 100644 CVE-2023/CVE-2023-322xx/CVE-2023-32262.json create mode 100644 CVE-2023/CVE-2023-322xx/CVE-2023-32263.json create mode 100644 CVE-2023/CVE-2023-377xx/CVE-2023-37748.json diff --git a/CVE-2021/CVE-2021-437xx/CVE-2021-43757.json b/CVE-2021/CVE-2021-437xx/CVE-2021-43757.json index 92d343bbba6..a7789e3c5c1 100644 --- a/CVE-2021/CVE-2021-437xx/CVE-2021-43757.json +++ b/CVE-2021/CVE-2021-437xx/CVE-2021-43757.json @@ -2,8 +2,8 @@ "id": "CVE-2021-43757", "sourceIdentifier": "psirt@adobe.com", "published": "2023-07-12T12:15:09.330", - "lastModified": "2023-07-12T12:46:11.343", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-19T17:23:39.017", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -13,7 +13,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "psirt@adobe.com", + "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "3.1", @@ -31,6 +31,26 @@ }, "exploitabilityScore": 1.8, "impactScore": 5.9 + }, + { + "source": "psirt@adobe.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 } ] }, @@ -46,10 +66,53 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:media_encoder:*:*:*:*:*:*:*:*", + "versionEndExcluding": "15.4.3", + "matchCriteriaId": "83E97086-4A91-4529-9143-121407A34C76" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:media_encoder:22.0:*:*:*:*:*:*:*", + "matchCriteriaId": "B9AFEE41-4C50-4D43-9963-CF015A7BA056" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", + "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/media-encoder/apsb21-118.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2021/CVE-2021-437xx/CVE-2021-43758.json b/CVE-2021/CVE-2021-437xx/CVE-2021-43758.json index 44470530857..a1e8ddec6a2 100644 --- a/CVE-2021/CVE-2021-437xx/CVE-2021-43758.json +++ b/CVE-2021/CVE-2021-437xx/CVE-2021-43758.json @@ -2,8 +2,8 @@ "id": "CVE-2021-43758", "sourceIdentifier": "psirt@adobe.com", "published": "2023-07-12T12:15:09.437", - "lastModified": "2023-07-12T12:46:11.343", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-19T17:22:19.853", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -13,8 +13,28 @@ "metrics": { "cvssMetricV31": [ { - "source": "psirt@adobe.com", + "source": "nvd@nist.gov", "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + }, + { + "source": "psirt@adobe.com", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", @@ -46,10 +66,53 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:media_encoder:*:*:*:*:*:*:*:*", + "versionEndExcluding": "15.4.3", + "matchCriteriaId": "83E97086-4A91-4529-9143-121407A34C76" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:media_encoder:22.0:*:*:*:*:*:*:*", + "matchCriteriaId": "B9AFEE41-4C50-4D43-9963-CF015A7BA056" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", + "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/media-encoder/apsb21-118.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2021/CVE-2021-437xx/CVE-2021-43759.json b/CVE-2021/CVE-2021-437xx/CVE-2021-43759.json index b9a2db0a7cf..f1b77f999e7 100644 --- a/CVE-2021/CVE-2021-437xx/CVE-2021-43759.json +++ b/CVE-2021/CVE-2021-437xx/CVE-2021-43759.json @@ -2,8 +2,8 @@ "id": "CVE-2021-43759", "sourceIdentifier": "psirt@adobe.com", "published": "2023-07-12T12:15:09.510", - "lastModified": "2023-07-12T12:46:11.343", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-19T17:22:49.173", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -13,8 +13,28 @@ "metrics": { "cvssMetricV31": [ { - "source": "psirt@adobe.com", + "source": "nvd@nist.gov", "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + }, + { + "source": "psirt@adobe.com", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", @@ -36,7 +56,7 @@ }, "weaknesses": [ { - "source": "psirt@adobe.com", + "source": "nvd@nist.gov", "type": "Primary", "description": [ { @@ -44,12 +64,65 @@ "value": "CWE-125" } ] + }, + { + "source": "psirt@adobe.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:media_encoder:*:*:*:*:*:*:*:*", + "versionEndExcluding": "15.4.3", + "matchCriteriaId": "83E97086-4A91-4529-9143-121407A34C76" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:media_encoder:22.0:*:*:*:*:*:*:*", + "matchCriteriaId": "B9AFEE41-4C50-4D43-9963-CF015A7BA056" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", + "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" + } + ] + } + ] } ], "references": [ { "url": "https://helpx.adobe.com/security/products/media-encoder/apsb21-118.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2021/CVE-2021-437xx/CVE-2021-43760.json b/CVE-2021/CVE-2021-437xx/CVE-2021-43760.json index 33d596c1cea..cafa4cc7227 100644 --- a/CVE-2021/CVE-2021-437xx/CVE-2021-43760.json +++ b/CVE-2021/CVE-2021-437xx/CVE-2021-43760.json @@ -2,8 +2,8 @@ "id": "CVE-2021-43760", "sourceIdentifier": "psirt@adobe.com", "published": "2023-07-12T12:15:09.587", - "lastModified": "2023-07-12T12:46:11.343", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-19T17:24:03.743", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -13,8 +13,28 @@ "metrics": { "cvssMetricV31": [ { - "source": "psirt@adobe.com", + "source": "nvd@nist.gov", "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + }, + { + "source": "psirt@adobe.com", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", @@ -46,10 +66,53 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:media_encoder:*:*:*:*:*:*:*:*", + "versionEndExcluding": "15.4.3", + "matchCriteriaId": "83E97086-4A91-4529-9143-121407A34C76" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:media_encoder:22.0:*:*:*:*:*:*:*", + "matchCriteriaId": "B9AFEE41-4C50-4D43-9963-CF015A7BA056" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", + "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/media-encoder/apsb21-118.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-408xx/CVE-2022-40896.json b/CVE-2022/CVE-2022-408xx/CVE-2022-40896.json index a8a5ac5202d..3cc58225408 100644 --- a/CVE-2022/CVE-2022-408xx/CVE-2022-40896.json +++ b/CVE-2022/CVE-2022-408xx/CVE-2022-40896.json @@ -2,8 +2,8 @@ "id": "CVE-2022-40896", "sourceIdentifier": "cve@mitre.org", "published": "2023-07-19T15:15:10.007", - "lastModified": "2023-07-19T15:15:10.007", - "vulnStatus": "Received", + "lastModified": "2023-07-19T16:55:08.940", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2022/CVE-2022-484xx/CVE-2022-48450.json b/CVE-2022/CVE-2022-484xx/CVE-2022-48450.json index 8c3dc56e5c1..71ea626bbd5 100644 --- a/CVE-2022/CVE-2022-484xx/CVE-2022-48450.json +++ b/CVE-2022/CVE-2022-484xx/CVE-2022-48450.json @@ -2,19 +2,156 @@ "id": "CVE-2022-48450", "sourceIdentifier": "security@unisoc.com", "published": "2023-07-12T09:15:10.537", - "lastModified": "2023-07-12T12:46:30.047", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-19T17:22:16.350", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "In bluetooth service, there is a possible missing params check. This could lead to local denial of service with System execution privileges needed." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 4.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*", + "matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*", + "matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*", + "matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*", + "matchCriteriaId": "FDE05D06-C798-4217-8858-8C5DC2C94751" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*", + "matchCriteriaId": "AC867249-B767-4802-868D-6D0E356C8294" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*", + "matchCriteriaId": "25BBD3C5-E87C-4730-970C-19DF855AC3A2" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DE00DFDE-97DD-4D33-B580-73FEF677C71B" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F20E00D8-2F00-4FA3-9455-37DC89908D96" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*", + "matchCriteriaId": "905E39DD-7948-40A4-B042-EBB9A9591347" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*", + "matchCriteriaId": "CDC980D6-B797-4AE1-B553-35395AE80D07" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*", + "matchCriteriaId": "98408A48-561A-49D1-967F-834311742B7F" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*", + "matchCriteriaId": "756E5850-CDC7-46C2-BAFC-1E2A359A2709" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*", + "matchCriteriaId": "39002ECE-636A-4FEB-9A0B-8127E8AAC844" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t760:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3D965CCA-C963-49E4-ACF0-2A9F458AF470" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t770:-:*:*:*:*:*:*:*", + "matchCriteriaId": "0FFEF06A-E3E0-486F-89CC-D52FF3F26F0B" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t820:-:*:*:*:*:*:*:*", + "matchCriteriaId": "49601008-D3FF-47CC-B961-6FDDFC7A0596" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", - "source": "security@unisoc.com" + "source": "security@unisoc.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-484xx/CVE-2022-48451.json b/CVE-2022/CVE-2022-484xx/CVE-2022-48451.json index 2ee44894bb8..aff542f970b 100644 --- a/CVE-2022/CVE-2022-484xx/CVE-2022-48451.json +++ b/CVE-2022/CVE-2022-484xx/CVE-2022-48451.json @@ -2,19 +2,161 @@ "id": "CVE-2022-48451", "sourceIdentifier": "security@unisoc.com", "published": "2023-07-12T09:15:10.677", - "lastModified": "2023-07-12T12:46:30.047", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-19T17:22:34.120", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "In bluetooth service, there is a possible out of bounds write due to race condition. This could lead to local denial of service with System execution privileges needed." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "HIGH", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 4.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.5, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-362" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*", + "matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*", + "matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*", + "matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*", + "matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*", + "matchCriteriaId": "FDE05D06-C798-4217-8858-8C5DC2C94751" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*", + "matchCriteriaId": "AC867249-B767-4802-868D-6D0E356C8294" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*", + "matchCriteriaId": "25BBD3C5-E87C-4730-970C-19DF855AC3A2" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DE00DFDE-97DD-4D33-B580-73FEF677C71B" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F20E00D8-2F00-4FA3-9455-37DC89908D96" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*", + "matchCriteriaId": "905E39DD-7948-40A4-B042-EBB9A9591347" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*", + "matchCriteriaId": "CDC980D6-B797-4AE1-B553-35395AE80D07" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*", + "matchCriteriaId": "98408A48-561A-49D1-967F-834311742B7F" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*", + "matchCriteriaId": "756E5850-CDC7-46C2-BAFC-1E2A359A2709" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*", + "matchCriteriaId": "39002ECE-636A-4FEB-9A0B-8127E8AAC844" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t760:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3D965CCA-C963-49E4-ACF0-2A9F458AF470" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t770:-:*:*:*:*:*:*:*", + "matchCriteriaId": "0FFEF06A-E3E0-486F-89CC-D52FF3F26F0B" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t820:-:*:*:*:*:*:*:*", + "matchCriteriaId": "49601008-D3FF-47CC-B961-6FDDFC7A0596" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", - "source": "security@unisoc.com" + "source": "security@unisoc.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-225xx/CVE-2023-22506.json b/CVE-2023/CVE-2023-225xx/CVE-2023-22506.json index e430b50a11b..7db279d8565 100644 --- a/CVE-2023/CVE-2023-225xx/CVE-2023-22506.json +++ b/CVE-2023/CVE-2023-225xx/CVE-2023-22506.json @@ -2,12 +2,12 @@ "id": "CVE-2023-22506", "sourceIdentifier": "security@atlassian.com", "published": "2023-07-19T00:15:09.447", - "lastModified": "2023-07-19T12:47:21.130", + "lastModified": "2023-07-19T17:15:22.070", "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", - "value": "This High severity Injection and RCE (Remote Code Execution) vulnerability known as CVE-2023-22506 was introduced in in version 8.0.0 of Bamboo Data Center.\n\u00a0\n\nThis Injection and RCE (Remote Code Execution) vulnerability, with a CVSS Score of 7.5, allows an authenticated attacker to\nmodify the actions taken by a system call and execute arbitrary code which has high impact to confidentiality, high impact to integrity, high impact to availability, and no user interaction.\n\u00a0\n\u00a0\nAtlassian recommends that you upgrade your instance to latest version. If you're unable to upgrade to latest, upgrade to one of these fixed versions: 9.2.3 and 9.3.1. See the release notes ([https://confluence.atlassian.com/bambooreleases/bamboo-release-notes-1189793869.html|https://confluence.atlassian.com/bambooreleases/bamboo-release-notes-1189793869.html]). You can download the latest version of Bamboo Data Center and Bamboo Server from the download center ([https://www.atlassian.com/software/bamboo/download-archives|https://www.atlassian.com/software/bamboo/download-archives]).\n\u00a0\n\nThis vulnerability was reported via our Penetration Testing program." + "value": "This High severity Injection and RCE (Remote Code Execution) vulnerability known as CVE-2023-22506 was introduced in version 8.0.0 of Bamboo Data Center.\n\u00a0\n\nThis Injection and RCE (Remote Code Execution) vulnerability, with a CVSS Score of 7.5, allows an authenticated attacker to\nmodify the actions taken by a system call and execute arbitrary code which has high impact to confidentiality, high impact to integrity, high impact to availability, and no user interaction.\n\u00a0\n\u00a0\nAtlassian recommends that you upgrade your instance to latest version. If you're unable to upgrade to latest, upgrade to one of these fixed versions: 9.2.3 and 9.3.1. See the release notes ([https://confluence.atlassian.com/bambooreleases/bamboo-release-notes-1189793869.html|https://confluence.atlassian.com/bambooreleases/bamboo-release-notes-1189793869.html]). You can download the latest version of Bamboo Data Center and Bamboo Server from the download center ([https://www.atlassian.com/software/bamboo/download-archives|https://www.atlassian.com/software/bamboo/download-archives]).\n\u00a0\n\nThis vulnerability was reported via our Penetration Testing program." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-237xx/CVE-2023-23756.json b/CVE-2023/CVE-2023-237xx/CVE-2023-23756.json index 746aeefeffd..f7a1d6b1dc2 100644 --- a/CVE-2023/CVE-2023-237xx/CVE-2023-23756.json +++ b/CVE-2023/CVE-2023-237xx/CVE-2023-23756.json @@ -2,16 +2,49 @@ "id": "CVE-2023-23756", "sourceIdentifier": "security@joomla.org", "published": "2023-07-11T20:15:10.573", - "lastModified": "2023-07-12T12:46:41.413", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-19T16:41:33.757", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in advcomsys.com oneVote component for Joomla. It allows XSS Targeting Non-Script Elements." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + }, { "source": "security@joomla.org", "type": "Secondary", @@ -23,10 +56,30 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:advcomsys:onevote\\!:1.7:*:*:*:*:joomla\\!:*:*", + "matchCriteriaId": "818725E3-D151-4B32-AA8F-68BAEDF8350F" + } + ] + } + ] + } + ], "references": [ { "url": "https://extensions.joomla.org/vulnerable-extensions/vulnerable/one-vote-1-7-xss-cross-site-scripting/", - "source": "security@joomla.org" + "source": "security@joomla.org", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-244xx/CVE-2023-24491.json b/CVE-2023/CVE-2023-244xx/CVE-2023-24491.json index 42a1603da25..ffc6e12f5c4 100644 --- a/CVE-2023/CVE-2023-244xx/CVE-2023-24491.json +++ b/CVE-2023/CVE-2023-244xx/CVE-2023-24491.json @@ -2,8 +2,8 @@ "id": "CVE-2023-24491", "sourceIdentifier": "secure@citrix.com", "published": "2023-07-11T22:15:09.750", - "lastModified": "2023-07-12T12:46:41.413", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-19T16:47:31.513", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + }, { "source": "secure@citrix.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + }, { "source": "secure@citrix.com", "type": "Secondary", @@ -46,10 +76,43 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:citrix:secure_access_client:*:*:*:*:*:*:*:*", + "versionEndExcluding": "23.5.1.3", + "matchCriteriaId": "7D61B4AB-FAA7-4CB5-9D47-C7DCE6951A4A" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.citrix.com/article/CTX561480/citrix-secure-access-client-for-windows-security-bulletin-for-cve202324491", - "source": "secure@citrix.com" + "source": "secure@citrix.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-251xx/CVE-2023-25194.json b/CVE-2023/CVE-2023-251xx/CVE-2023-25194.json index 7093643c147..721aa0d342f 100644 --- a/CVE-2023/CVE-2023-251xx/CVE-2023-25194.json +++ b/CVE-2023/CVE-2023-251xx/CVE-2023-25194.json @@ -2,8 +2,8 @@ "id": "CVE-2023-25194", "sourceIdentifier": "security@apache.org", "published": "2023-02-07T20:15:09.017", - "lastModified": "2023-06-27T18:15:12.540", - "vulnStatus": "Modified", + "lastModified": "2023-07-19T17:42:24.030", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -55,10 +55,10 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:apache:kafka:*:*:*:*:*:*:*:*", + "criteria": "cpe:2.3:a:apache:kafka_connect:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.3.0", "versionEndIncluding": "3.3.2", - "matchCriteriaId": "BB75AC39-B8FE-4E5A-8286-80CB6DDB9779" + "matchCriteriaId": "D01E6EF4-36BF-49EF-B1DC-6DABE82EEBDC" } ] } @@ -68,7 +68,11 @@ "references": [ { "url": "http://packetstormsecurity.com/files/173151/Apache-Druid-JNDI-Injection-Remote-Code-Execution.html", - "source": "security@apache.org" + "source": "security@apache.org", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://kafka.apache.org/cve-list", diff --git a/CVE-2023/CVE-2023-258xx/CVE-2023-25838.json b/CVE-2023/CVE-2023-258xx/CVE-2023-25838.json new file mode 100644 index 00000000000..a7663ebe6d0 --- /dev/null +++ b/CVE-2023/CVE-2023-258xx/CVE-2023-25838.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-25838", + "sourceIdentifier": "psirt@esri.com", + "published": "2023-07-19T16:15:09.540", + "lastModified": "2023-07-19T16:55:08.940", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "\nThere is SQL injection vulnerability\u00a0in Esri ArcGIS Insights 2022.1 for ArcGIS Enterprise and that may allow a remote, authorized attacker to execute arbitrary SQL commands against the back-end database. The effort required to generate the crafted input required to exploit this issue is complex and requires significant effort before a successful attack can be expected.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@esri.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.6, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@esri.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://www.esri.com/arcgis-blog/products/trust-arcgis/administration/arcgis-insights-security-patches-for-arcgis-insights-2022-1-are-now-available/", + "source": "psirt@esri.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-258xx/CVE-2023-25839.json b/CVE-2023/CVE-2023-258xx/CVE-2023-25839.json new file mode 100644 index 00000000000..b70606c1e11 --- /dev/null +++ b/CVE-2023/CVE-2023-258xx/CVE-2023-25839.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-25839", + "sourceIdentifier": "psirt@esri.com", + "published": "2023-07-19T16:15:09.640", + "lastModified": "2023-07-19T16:55:08.940", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "\nThere is SQL injection vulnerability in Esri ArcGIS Insights Desktop for Mac and Windows version 2022.1 that may allow a local, authorized attacker to execute arbitrary SQL commands against the back-end database. The effort required to generate the crafted input required to exploit this issue is complex and requires significant effort before a successful attack can be expected.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@esri.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.0, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.0, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@esri.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://www.esri.com/arcgis-blog/products/trust-arcgis/administration/arcgis-insights-security-patches-for-arcgis-insights-2022-1-are-now-available/", + "source": "psirt@esri.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-273xx/CVE-2023-27379.json b/CVE-2023/CVE-2023-273xx/CVE-2023-27379.json index 016d3f806e3..b5992a93be2 100644 --- a/CVE-2023/CVE-2023-273xx/CVE-2023-27379.json +++ b/CVE-2023/CVE-2023-273xx/CVE-2023-27379.json @@ -2,8 +2,8 @@ "id": "CVE-2023-27379", "sourceIdentifier": "talos-cna@cisco.com", "published": "2023-07-19T14:15:10.000", - "lastModified": "2023-07-19T15:15:10.160", - "vulnStatus": "Received", + "lastModified": "2023-07-19T16:55:08.940", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-287xx/CVE-2023-28744.json b/CVE-2023/CVE-2023-287xx/CVE-2023-28744.json index 93de9f5396b..3b5bb7baae8 100644 --- a/CVE-2023/CVE-2023-287xx/CVE-2023-28744.json +++ b/CVE-2023/CVE-2023-287xx/CVE-2023-28744.json @@ -2,8 +2,8 @@ "id": "CVE-2023-28744", "sourceIdentifier": "talos-cna@cisco.com", "published": "2023-07-19T14:15:10.117", - "lastModified": "2023-07-19T15:15:10.250", - "vulnStatus": "Received", + "lastModified": "2023-07-19T16:55:08.940", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-292xx/CVE-2023-29298.json b/CVE-2023/CVE-2023-292xx/CVE-2023-29298.json index e2674cf920a..f9613cb5aab 100644 --- a/CVE-2023/CVE-2023-292xx/CVE-2023-29298.json +++ b/CVE-2023/CVE-2023-292xx/CVE-2023-29298.json @@ -2,8 +2,8 @@ "id": "CVE-2023-29298", "sourceIdentifier": "psirt@adobe.com", "published": "2023-07-12T16:15:11.623", - "lastModified": "2023-07-12T17:58:17.960", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-19T17:55:22.400", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -13,7 +13,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "psirt@adobe.com", + "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "3.1", @@ -31,13 +31,43 @@ }, "exploitabilityScore": 3.9, "impactScore": 3.6 + }, + { + "source": "psirt@adobe.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 } ] }, "weaknesses": [ { - "source": "psirt@adobe.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-Other" + } + ] + }, + { + "source": "psirt@adobe.com", + "type": "Secondary", "description": [ { "lang": "en", @@ -46,10 +76,152 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:coldfusion:*:*:*:*:*:*:*:*", + "versionStartIncluding": "2023", + "versionEndIncluding": "2023.0.0.330468", + "matchCriteriaId": "A548657E-F819-4B23-A1DB-AC3F089F3A44" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:coldfusion:2018:-:*:*:*:*:*:*", + "matchCriteriaId": "3B54B2B0-B1E1-4B4E-A529-D0BD3B5DEEF3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:coldfusion:2018:update1:*:*:*:*:*:*", + "matchCriteriaId": "EDB126BF-E09D-4E58-A39F-1190407D1CAB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:coldfusion:2018:update10:*:*:*:*:*:*", + "matchCriteriaId": "8DDD85DF-69A0-476F-8365-CD67C75CF0CE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:coldfusion:2018:update11:*:*:*:*:*:*", + "matchCriteriaId": "23F63675-7817-4AF0-A7DB-5E35EDABF04E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:coldfusion:2018:update12:*:*:*:*:*:*", + "matchCriteriaId": "3E3BF53E-2C0D-4F79-8B62-4C2A50CB5F52" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:coldfusion:2018:update13:*:*:*:*:*:*", + "matchCriteriaId": "C26BF72C-E991-4170-B68B-09B20B6C0679" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:coldfusion:2018:update14:*:*:*:*:*:*", + "matchCriteriaId": "25B4B4F2-318F-4046-ADE5-E9DD64F83FD9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:coldfusion:2018:update15:*:*:*:*:*:*", + "matchCriteriaId": "831E8D69-62E9-4778-8CC5-D6D45CF5AB6F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:coldfusion:2018:update16:*:*:*:*:*:*", + "matchCriteriaId": "2F549BB3-25AB-4C83-B608-3717EADAAB35" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:coldfusion:2018:update2:*:*:*:*:*:*", + "matchCriteriaId": "59649177-81EE-43C3-BFA5-E56E65B486DF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:coldfusion:2018:update3:*:*:*:*:*:*", + "matchCriteriaId": "453B96ED-738A-4642-B461-C5216CF45CA3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:coldfusion:2018:update4:*:*:*:*:*:*", + "matchCriteriaId": "58D32489-627B-4E49-9329-8A3B8F8E4903" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:coldfusion:2018:update5:*:*:*:*:*:*", + "matchCriteriaId": "6D5860E1-D293-48FE-9796-058B78B2D571" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:coldfusion:2018:update6:*:*:*:*:*:*", + "matchCriteriaId": "9F9336CC-E38F-4BCB-83CD-805EC7FEF806" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:coldfusion:2018:update7:*:*:*:*:*:*", + "matchCriteriaId": "97964507-047A-4CC8-8D2B-0EA0C7F9BD50" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:coldfusion:2018:update8:*:*:*:*:*:*", + "matchCriteriaId": "82208628-F32A-4380-9B0F-DC8507E7701D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:coldfusion:2018:update9:*:*:*:*:*:*", + "matchCriteriaId": "1563CE5E-A4F7-40A4-A050-BB96E332D8DD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:coldfusion:2021:-:*:*:*:*:*:*", + "matchCriteriaId": "7A94B406-C011-4673-8C2B-0DD94D46CC4C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:coldfusion:2021:update1:*:*:*:*:*:*", + "matchCriteriaId": "AFD05E3A-10F9-4C75-9710-BA46B66FF6E6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:coldfusion:2021:update2:*:*:*:*:*:*", + "matchCriteriaId": "D57C8681-AC68-47DF-A61E-B5C4B4A47663" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:coldfusion:2021:update3:*:*:*:*:*:*", + "matchCriteriaId": "75608383-B727-48D6-8FFA-D552A338A562" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:coldfusion:2021:update4:*:*:*:*:*:*", + "matchCriteriaId": "7773DB68-414A-4BA9-960F-52471A784379" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:coldfusion:2021:update5:*:*:*:*:*:*", + "matchCriteriaId": "B38B9E86-BCD5-4BCA-8FB7-EC55905184E6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:coldfusion:2021:update6:*:*:*:*:*:*", + "matchCriteriaId": "5E7BAB80-8455-4570-A2A2-8F40469EE9CC" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/coldfusion/apsb23-40.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-293xx/CVE-2023-29308.json b/CVE-2023/CVE-2023-293xx/CVE-2023-29308.json index 5a32eff84a7..34c1bc3ae09 100644 --- a/CVE-2023/CVE-2023-293xx/CVE-2023-29308.json +++ b/CVE-2023/CVE-2023-293xx/CVE-2023-29308.json @@ -2,8 +2,8 @@ "id": "CVE-2023-29308", "sourceIdentifier": "psirt@adobe.com", "published": "2023-07-12T16:15:11.920", - "lastModified": "2023-07-12T17:58:17.960", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-19T17:01:01.777", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,56 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:indesign:*:*:*:*:*:*:*:*", + "versionStartIncluding": "17.0", + "versionEndExcluding": "17.4.2", + "matchCriteriaId": "7DBDFE18-69C8-4386-81B6-D9E7499E97C2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:indesign:*:*:*:*:*:*:*:*", + "versionStartIncluding": "18.0", + "versionEndExcluding": "18.4", + "matchCriteriaId": "614DEEFD-F66F-4D6F-BA8A-05575D199352" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", + "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/indesign/apsb23-38.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-293xx/CVE-2023-29309.json b/CVE-2023/CVE-2023-293xx/CVE-2023-29309.json index 8e31e048259..287bf2b40b1 100644 --- a/CVE-2023/CVE-2023-293xx/CVE-2023-29309.json +++ b/CVE-2023/CVE-2023-293xx/CVE-2023-29309.json @@ -2,8 +2,8 @@ "id": "CVE-2023-29309", "sourceIdentifier": "psirt@adobe.com", "published": "2023-07-12T16:15:12.007", - "lastModified": "2023-07-12T17:58:17.960", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-19T17:01:15.400", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -13,7 +13,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "psirt@adobe.com", + "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "3.1", @@ -31,6 +31,26 @@ }, "exploitabilityScore": 1.8, "impactScore": 3.6 + }, + { + "source": "psirt@adobe.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 } ] }, @@ -46,10 +66,56 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:indesign:*:*:*:*:*:*:*:*", + "versionStartIncluding": "17.0", + "versionEndExcluding": "17.4.2", + "matchCriteriaId": "7DBDFE18-69C8-4386-81B6-D9E7499E97C2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:indesign:*:*:*:*:*:*:*:*", + "versionStartIncluding": "18.0", + "versionEndExcluding": "18.4", + "matchCriteriaId": "614DEEFD-F66F-4D6F-BA8A-05575D199352" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", + "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/indesign/apsb23-38.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-293xx/CVE-2023-29310.json b/CVE-2023/CVE-2023-293xx/CVE-2023-29310.json index c07b65adfbd..3fd75f299e5 100644 --- a/CVE-2023/CVE-2023-293xx/CVE-2023-29310.json +++ b/CVE-2023/CVE-2023-293xx/CVE-2023-29310.json @@ -2,8 +2,8 @@ "id": "CVE-2023-29310", "sourceIdentifier": "psirt@adobe.com", "published": "2023-07-12T16:15:12.110", - "lastModified": "2023-07-12T17:58:17.960", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-19T17:01:36.373", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -13,7 +13,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "psirt@adobe.com", + "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "3.1", @@ -31,6 +31,26 @@ }, "exploitabilityScore": 1.8, "impactScore": 3.6 + }, + { + "source": "psirt@adobe.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 } ] }, @@ -46,10 +66,56 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:indesign:*:*:*:*:*:*:*:*", + "versionStartIncluding": "17.0", + "versionEndExcluding": "17.4.2", + "matchCriteriaId": "7DBDFE18-69C8-4386-81B6-D9E7499E97C2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:indesign:*:*:*:*:*:*:*:*", + "versionStartIncluding": "18.0", + "versionEndExcluding": "18.4", + "matchCriteriaId": "614DEEFD-F66F-4D6F-BA8A-05575D199352" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", + "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/indesign/apsb23-38.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-293xx/CVE-2023-29311.json b/CVE-2023/CVE-2023-293xx/CVE-2023-29311.json index f52df94478f..34e890318df 100644 --- a/CVE-2023/CVE-2023-293xx/CVE-2023-29311.json +++ b/CVE-2023/CVE-2023-293xx/CVE-2023-29311.json @@ -2,8 +2,8 @@ "id": "CVE-2023-29311", "sourceIdentifier": "psirt@adobe.com", "published": "2023-07-12T16:15:12.200", - "lastModified": "2023-07-12T17:58:12.737", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-19T16:58:34.163", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -13,7 +13,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "psirt@adobe.com", + "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "3.1", @@ -31,6 +31,26 @@ }, "exploitabilityScore": 1.8, "impactScore": 3.6 + }, + { + "source": "psirt@adobe.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 } ] }, @@ -46,10 +66,56 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:indesign:*:*:*:*:*:*:*:*", + "versionStartIncluding": "17.0", + "versionEndExcluding": "17.4.2", + "matchCriteriaId": "7DBDFE18-69C8-4386-81B6-D9E7499E97C2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:indesign:*:*:*:*:*:*:*:*", + "versionStartIncluding": "18.0", + "versionEndExcluding": "18.4", + "matchCriteriaId": "614DEEFD-F66F-4D6F-BA8A-05575D199352" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", + "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/indesign/apsb23-38.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-293xx/CVE-2023-29312.json b/CVE-2023/CVE-2023-293xx/CVE-2023-29312.json index 5acfb706dc3..c63ed3d5890 100644 --- a/CVE-2023/CVE-2023-293xx/CVE-2023-29312.json +++ b/CVE-2023/CVE-2023-293xx/CVE-2023-29312.json @@ -2,8 +2,8 @@ "id": "CVE-2023-29312", "sourceIdentifier": "psirt@adobe.com", "published": "2023-07-12T16:15:12.293", - "lastModified": "2023-07-12T17:58:12.737", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-19T16:58:52.913", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -13,7 +13,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "psirt@adobe.com", + "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "3.1", @@ -31,6 +31,26 @@ }, "exploitabilityScore": 1.8, "impactScore": 3.6 + }, + { + "source": "psirt@adobe.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 } ] }, @@ -46,10 +66,56 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:indesign:*:*:*:*:*:*:*:*", + "versionStartIncluding": "17.0", + "versionEndExcluding": "17.4.2", + "matchCriteriaId": "7DBDFE18-69C8-4386-81B6-D9E7499E97C2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:indesign:*:*:*:*:*:*:*:*", + "versionStartIncluding": "18.0", + "versionEndExcluding": "18.4", + "matchCriteriaId": "614DEEFD-F66F-4D6F-BA8A-05575D199352" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", + "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/indesign/apsb23-38.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-293xx/CVE-2023-29313.json b/CVE-2023/CVE-2023-293xx/CVE-2023-29313.json index 24d4b027251..8285a23d1f3 100644 --- a/CVE-2023/CVE-2023-293xx/CVE-2023-29313.json +++ b/CVE-2023/CVE-2023-293xx/CVE-2023-29313.json @@ -2,8 +2,8 @@ "id": "CVE-2023-29313", "sourceIdentifier": "psirt@adobe.com", "published": "2023-07-12T16:15:12.387", - "lastModified": "2023-07-12T17:58:12.737", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-19T16:59:52.927", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -13,7 +13,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "psirt@adobe.com", + "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "3.1", @@ -31,6 +31,26 @@ }, "exploitabilityScore": 1.8, "impactScore": 3.6 + }, + { + "source": "psirt@adobe.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 } ] }, @@ -46,10 +66,56 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:indesign:*:*:*:*:*:*:*:*", + "versionStartIncluding": "17.0", + "versionEndExcluding": "17.4.2", + "matchCriteriaId": "7DBDFE18-69C8-4386-81B6-D9E7499E97C2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:indesign:*:*:*:*:*:*:*:*", + "versionStartIncluding": "18.0", + "versionEndExcluding": "18.4", + "matchCriteriaId": "614DEEFD-F66F-4D6F-BA8A-05575D199352" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", + "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/indesign/apsb23-38.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-293xx/CVE-2023-29314.json b/CVE-2023/CVE-2023-293xx/CVE-2023-29314.json index 3aebd84d628..4b93662c745 100644 --- a/CVE-2023/CVE-2023-293xx/CVE-2023-29314.json +++ b/CVE-2023/CVE-2023-293xx/CVE-2023-29314.json @@ -2,8 +2,8 @@ "id": "CVE-2023-29314", "sourceIdentifier": "psirt@adobe.com", "published": "2023-07-12T16:15:12.463", - "lastModified": "2023-07-12T17:58:12.737", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-19T17:00:15.007", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -13,7 +13,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "psirt@adobe.com", + "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "3.1", @@ -31,6 +31,26 @@ }, "exploitabilityScore": 1.8, "impactScore": 3.6 + }, + { + "source": "psirt@adobe.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 } ] }, @@ -46,10 +66,56 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:indesign:*:*:*:*:*:*:*:*", + "versionStartIncluding": "17.0", + "versionEndExcluding": "17.4.2", + "matchCriteriaId": "7DBDFE18-69C8-4386-81B6-D9E7499E97C2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:indesign:*:*:*:*:*:*:*:*", + "versionStartIncluding": "18.0", + "versionEndExcluding": "18.4", + "matchCriteriaId": "614DEEFD-F66F-4D6F-BA8A-05575D199352" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", + "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/indesign/apsb23-38.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-294xx/CVE-2023-29414.json b/CVE-2023/CVE-2023-294xx/CVE-2023-29414.json index 0b559a440e9..7dd144ed149 100644 --- a/CVE-2023/CVE-2023-294xx/CVE-2023-29414.json +++ b/CVE-2023/CVE-2023-294xx/CVE-2023-29414.json @@ -2,8 +2,8 @@ "id": "CVE-2023-29414", "sourceIdentifier": "cybersecurity@se.com", "published": "2023-07-12T09:15:10.730", - "lastModified": "2023-07-12T12:46:30.047", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-19T16:17:46.167", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + }, { "source": "cybersecurity@se.com", "type": "Secondary", @@ -46,10 +66,32 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:schneider-electric:accutech_manager:*:*:*:*:*:*:*:*", + "versionEndIncluding": "2.7", + "matchCriteriaId": "F0BD34D2-7B6B-4700-9A85-D1177E0ABB75" + } + ] + } + ] + } + ], "references": [ { "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-192-03&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-192-03.pdf", - "source": "cybersecurity@se.com" + "source": "cybersecurity@se.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-307xx/CVE-2023-30799.json b/CVE-2023/CVE-2023-307xx/CVE-2023-30799.json index 188cd2c7c43..ed876b505c3 100644 --- a/CVE-2023/CVE-2023-307xx/CVE-2023-30799.json +++ b/CVE-2023/CVE-2023-307xx/CVE-2023-30799.json @@ -2,8 +2,8 @@ "id": "CVE-2023-30799", "sourceIdentifier": "disclosure@vulncheck.com", "published": "2023-07-19T15:15:10.477", - "lastModified": "2023-07-19T15:15:10.477", - "vulnStatus": "Received", + "lastModified": "2023-07-19T16:55:08.940", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-309xx/CVE-2023-30913.json b/CVE-2023/CVE-2023-309xx/CVE-2023-30913.json index b85dda3ffaf..7a2aca25f16 100644 --- a/CVE-2023/CVE-2023-309xx/CVE-2023-30913.json +++ b/CVE-2023/CVE-2023-309xx/CVE-2023-30913.json @@ -2,19 +2,161 @@ "id": "CVE-2023-30913", "sourceIdentifier": "security@unisoc.com", "published": "2023-07-12T09:15:10.843", - "lastModified": "2023-07-12T12:46:30.047", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-19T16:19:19.733", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*", + "matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*", + "matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*", + "matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*", + "matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*", + "matchCriteriaId": "FDE05D06-C798-4217-8858-8C5DC2C94751" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*", + "matchCriteriaId": "AC867249-B767-4802-868D-6D0E356C8294" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*", + "matchCriteriaId": "25BBD3C5-E87C-4730-970C-19DF855AC3A2" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DE00DFDE-97DD-4D33-B580-73FEF677C71B" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F20E00D8-2F00-4FA3-9455-37DC89908D96" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*", + "matchCriteriaId": "905E39DD-7948-40A4-B042-EBB9A9591347" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*", + "matchCriteriaId": "CDC980D6-B797-4AE1-B553-35395AE80D07" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*", + "matchCriteriaId": "98408A48-561A-49D1-967F-834311742B7F" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*", + "matchCriteriaId": "756E5850-CDC7-46C2-BAFC-1E2A359A2709" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*", + "matchCriteriaId": "39002ECE-636A-4FEB-9A0B-8127E8AAC844" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t760:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3D965CCA-C963-49E4-ACF0-2A9F458AF470" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t770:-:*:*:*:*:*:*:*", + "matchCriteriaId": "0FFEF06A-E3E0-486F-89CC-D52FF3F26F0B" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t820:-:*:*:*:*:*:*:*", + "matchCriteriaId": "49601008-D3FF-47CC-B961-6FDDFC7A0596" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", - "source": "security@unisoc.com" + "source": "security@unisoc.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-309xx/CVE-2023-30916.json b/CVE-2023/CVE-2023-309xx/CVE-2023-30916.json index 3e2e70de2ed..0caa476401a 100644 --- a/CVE-2023/CVE-2023-309xx/CVE-2023-30916.json +++ b/CVE-2023/CVE-2023-309xx/CVE-2023-30916.json @@ -2,19 +2,161 @@ "id": "CVE-2023-30916", "sourceIdentifier": "security@unisoc.com", "published": "2023-07-12T09:15:10.887", - "lastModified": "2023-07-12T12:46:30.047", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-19T17:09:50.000", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "In DMService, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*", + "matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*", + "matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*", + "matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*", + "matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*", + "matchCriteriaId": "FDE05D06-C798-4217-8858-8C5DC2C94751" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*", + "matchCriteriaId": "AC867249-B767-4802-868D-6D0E356C8294" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*", + "matchCriteriaId": "25BBD3C5-E87C-4730-970C-19DF855AC3A2" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DE00DFDE-97DD-4D33-B580-73FEF677C71B" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F20E00D8-2F00-4FA3-9455-37DC89908D96" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*", + "matchCriteriaId": "905E39DD-7948-40A4-B042-EBB9A9591347" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*", + "matchCriteriaId": "CDC980D6-B797-4AE1-B553-35395AE80D07" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*", + "matchCriteriaId": "98408A48-561A-49D1-967F-834311742B7F" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*", + "matchCriteriaId": "756E5850-CDC7-46C2-BAFC-1E2A359A2709" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*", + "matchCriteriaId": "39002ECE-636A-4FEB-9A0B-8127E8AAC844" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t760:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3D965CCA-C963-49E4-ACF0-2A9F458AF470" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t770:-:*:*:*:*:*:*:*", + "matchCriteriaId": "0FFEF06A-E3E0-486F-89CC-D52FF3F26F0B" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t820:-:*:*:*:*:*:*:*", + "matchCriteriaId": "49601008-D3FF-47CC-B961-6FDDFC7A0596" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", - "source": "security@unisoc.com" + "source": "security@unisoc.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-309xx/CVE-2023-30917.json b/CVE-2023/CVE-2023-309xx/CVE-2023-30917.json index adecb569a91..a91661861b6 100644 --- a/CVE-2023/CVE-2023-309xx/CVE-2023-30917.json +++ b/CVE-2023/CVE-2023-309xx/CVE-2023-30917.json @@ -2,19 +2,161 @@ "id": "CVE-2023-30917", "sourceIdentifier": "security@unisoc.com", "published": "2023-07-12T09:15:10.933", - "lastModified": "2023-07-12T12:46:30.047", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-19T17:09:52.580", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "In DMService, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*", + "matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*", + "matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*", + "matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*", + "matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*", + "matchCriteriaId": "FDE05D06-C798-4217-8858-8C5DC2C94751" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*", + "matchCriteriaId": "AC867249-B767-4802-868D-6D0E356C8294" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*", + "matchCriteriaId": "25BBD3C5-E87C-4730-970C-19DF855AC3A2" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DE00DFDE-97DD-4D33-B580-73FEF677C71B" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F20E00D8-2F00-4FA3-9455-37DC89908D96" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*", + "matchCriteriaId": "905E39DD-7948-40A4-B042-EBB9A9591347" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*", + "matchCriteriaId": "CDC980D6-B797-4AE1-B553-35395AE80D07" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*", + "matchCriteriaId": "98408A48-561A-49D1-967F-834311742B7F" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*", + "matchCriteriaId": "756E5850-CDC7-46C2-BAFC-1E2A359A2709" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*", + "matchCriteriaId": "39002ECE-636A-4FEB-9A0B-8127E8AAC844" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t760:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3D965CCA-C963-49E4-ACF0-2A9F458AF470" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t770:-:*:*:*:*:*:*:*", + "matchCriteriaId": "0FFEF06A-E3E0-486F-89CC-D52FF3F26F0B" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t820:-:*:*:*:*:*:*:*", + "matchCriteriaId": "49601008-D3FF-47CC-B961-6FDDFC7A0596" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", - "source": "security@unisoc.com" + "source": "security@unisoc.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-309xx/CVE-2023-30918.json b/CVE-2023/CVE-2023-309xx/CVE-2023-30918.json index e4830e9f98f..5f7bce7a13c 100644 --- a/CVE-2023/CVE-2023-309xx/CVE-2023-30918.json +++ b/CVE-2023/CVE-2023-309xx/CVE-2023-30918.json @@ -2,19 +2,161 @@ "id": "CVE-2023-30918", "sourceIdentifier": "security@unisoc.com", "published": "2023-07-12T09:15:10.983", - "lastModified": "2023-07-12T12:46:30.047", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-19T17:09:55.277", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*", + "matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*", + "matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*", + "matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*", + "matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*", + "matchCriteriaId": "FDE05D06-C798-4217-8858-8C5DC2C94751" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*", + "matchCriteriaId": "AC867249-B767-4802-868D-6D0E356C8294" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*", + "matchCriteriaId": "25BBD3C5-E87C-4730-970C-19DF855AC3A2" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DE00DFDE-97DD-4D33-B580-73FEF677C71B" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F20E00D8-2F00-4FA3-9455-37DC89908D96" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*", + "matchCriteriaId": "905E39DD-7948-40A4-B042-EBB9A9591347" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*", + "matchCriteriaId": "CDC980D6-B797-4AE1-B553-35395AE80D07" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*", + "matchCriteriaId": "98408A48-561A-49D1-967F-834311742B7F" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*", + "matchCriteriaId": "756E5850-CDC7-46C2-BAFC-1E2A359A2709" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*", + "matchCriteriaId": "39002ECE-636A-4FEB-9A0B-8127E8AAC844" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t760:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3D965CCA-C963-49E4-ACF0-2A9F458AF470" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t770:-:*:*:*:*:*:*:*", + "matchCriteriaId": "0FFEF06A-E3E0-486F-89CC-D52FF3F26F0B" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t820:-:*:*:*:*:*:*:*", + "matchCriteriaId": "49601008-D3FF-47CC-B961-6FDDFC7A0596" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", - "source": "security@unisoc.com" + "source": "security@unisoc.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-309xx/CVE-2023-30922.json b/CVE-2023/CVE-2023-309xx/CVE-2023-30922.json index 11d19c6905f..54bb8ca07bc 100644 --- a/CVE-2023/CVE-2023-309xx/CVE-2023-30922.json +++ b/CVE-2023/CVE-2023-309xx/CVE-2023-30922.json @@ -2,19 +2,161 @@ "id": "CVE-2023-30922", "sourceIdentifier": "security@unisoc.com", "published": "2023-07-12T09:15:11.157", - "lastModified": "2023-07-12T12:46:30.047", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-19T17:10:01.970", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "In messaging service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*", + "matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*", + "matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*", + "matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*", + "matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*", + "matchCriteriaId": "FDE05D06-C798-4217-8858-8C5DC2C94751" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*", + "matchCriteriaId": "AC867249-B767-4802-868D-6D0E356C8294" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*", + "matchCriteriaId": "25BBD3C5-E87C-4730-970C-19DF855AC3A2" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DE00DFDE-97DD-4D33-B580-73FEF677C71B" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F20E00D8-2F00-4FA3-9455-37DC89908D96" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*", + "matchCriteriaId": "905E39DD-7948-40A4-B042-EBB9A9591347" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*", + "matchCriteriaId": "CDC980D6-B797-4AE1-B553-35395AE80D07" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*", + "matchCriteriaId": "98408A48-561A-49D1-967F-834311742B7F" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*", + "matchCriteriaId": "756E5850-CDC7-46C2-BAFC-1E2A359A2709" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*", + "matchCriteriaId": "39002ECE-636A-4FEB-9A0B-8127E8AAC844" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t760:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3D965CCA-C963-49E4-ACF0-2A9F458AF470" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t770:-:*:*:*:*:*:*:*", + "matchCriteriaId": "0FFEF06A-E3E0-486F-89CC-D52FF3F26F0B" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t820:-:*:*:*:*:*:*:*", + "matchCriteriaId": "49601008-D3FF-47CC-B961-6FDDFC7A0596" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", - "source": "security@unisoc.com" + "source": "security@unisoc.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-309xx/CVE-2023-30923.json b/CVE-2023/CVE-2023-309xx/CVE-2023-30923.json index b5f5262c334..15e11109505 100644 --- a/CVE-2023/CVE-2023-309xx/CVE-2023-30923.json +++ b/CVE-2023/CVE-2023-309xx/CVE-2023-30923.json @@ -2,19 +2,161 @@ "id": "CVE-2023-30923", "sourceIdentifier": "security@unisoc.com", "published": "2023-07-12T09:15:11.207", - "lastModified": "2023-07-12T12:46:30.047", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-19T17:09:59.927", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "In messaging service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*", + "matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*", + "matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*", + "matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*", + "matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*", + "matchCriteriaId": "FDE05D06-C798-4217-8858-8C5DC2C94751" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*", + "matchCriteriaId": "AC867249-B767-4802-868D-6D0E356C8294" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*", + "matchCriteriaId": "25BBD3C5-E87C-4730-970C-19DF855AC3A2" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DE00DFDE-97DD-4D33-B580-73FEF677C71B" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F20E00D8-2F00-4FA3-9455-37DC89908D96" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*", + "matchCriteriaId": "905E39DD-7948-40A4-B042-EBB9A9591347" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*", + "matchCriteriaId": "CDC980D6-B797-4AE1-B553-35395AE80D07" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*", + "matchCriteriaId": "98408A48-561A-49D1-967F-834311742B7F" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*", + "matchCriteriaId": "756E5850-CDC7-46C2-BAFC-1E2A359A2709" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*", + "matchCriteriaId": "39002ECE-636A-4FEB-9A0B-8127E8AAC844" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t760:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3D965CCA-C963-49E4-ACF0-2A9F458AF470" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t770:-:*:*:*:*:*:*:*", + "matchCriteriaId": "0FFEF06A-E3E0-486F-89CC-D52FF3F26F0B" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t820:-:*:*:*:*:*:*:*", + "matchCriteriaId": "49601008-D3FF-47CC-B961-6FDDFC7A0596" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", - "source": "security@unisoc.com" + "source": "security@unisoc.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-309xx/CVE-2023-30924.json b/CVE-2023/CVE-2023-309xx/CVE-2023-30924.json index c3b098e6394..b8099f2b125 100644 --- a/CVE-2023/CVE-2023-309xx/CVE-2023-30924.json +++ b/CVE-2023/CVE-2023-309xx/CVE-2023-30924.json @@ -2,19 +2,161 @@ "id": "CVE-2023-30924", "sourceIdentifier": "security@unisoc.com", "published": "2023-07-12T09:15:11.253", - "lastModified": "2023-07-12T12:46:30.047", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-19T17:10:04.407", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "In messaging service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*", + "matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*", + "matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*", + "matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*", + "matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*", + "matchCriteriaId": "FDE05D06-C798-4217-8858-8C5DC2C94751" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*", + "matchCriteriaId": "AC867249-B767-4802-868D-6D0E356C8294" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*", + "matchCriteriaId": "25BBD3C5-E87C-4730-970C-19DF855AC3A2" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DE00DFDE-97DD-4D33-B580-73FEF677C71B" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F20E00D8-2F00-4FA3-9455-37DC89908D96" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*", + "matchCriteriaId": "905E39DD-7948-40A4-B042-EBB9A9591347" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*", + "matchCriteriaId": "CDC980D6-B797-4AE1-B553-35395AE80D07" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*", + "matchCriteriaId": "98408A48-561A-49D1-967F-834311742B7F" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*", + "matchCriteriaId": "756E5850-CDC7-46C2-BAFC-1E2A359A2709" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*", + "matchCriteriaId": "39002ECE-636A-4FEB-9A0B-8127E8AAC844" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t760:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3D965CCA-C963-49E4-ACF0-2A9F458AF470" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t770:-:*:*:*:*:*:*:*", + "matchCriteriaId": "0FFEF06A-E3E0-486F-89CC-D52FF3F26F0B" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t820:-:*:*:*:*:*:*:*", + "matchCriteriaId": "49601008-D3FF-47CC-B961-6FDDFC7A0596" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", - "source": "security@unisoc.com" + "source": "security@unisoc.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-309xx/CVE-2023-30925.json b/CVE-2023/CVE-2023-309xx/CVE-2023-30925.json index 6df2b775036..3ed6a9e74be 100644 --- a/CVE-2023/CVE-2023-309xx/CVE-2023-30925.json +++ b/CVE-2023/CVE-2023-309xx/CVE-2023-30925.json @@ -2,19 +2,161 @@ "id": "CVE-2023-30925", "sourceIdentifier": "security@unisoc.com", "published": "2023-07-12T09:15:11.293", - "lastModified": "2023-07-12T12:46:30.047", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-19T17:10:07.203", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "In opm service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*", + "matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*", + "matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*", + "matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*", + "matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*", + "matchCriteriaId": "FDE05D06-C798-4217-8858-8C5DC2C94751" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*", + "matchCriteriaId": "AC867249-B767-4802-868D-6D0E356C8294" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*", + "matchCriteriaId": "25BBD3C5-E87C-4730-970C-19DF855AC3A2" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DE00DFDE-97DD-4D33-B580-73FEF677C71B" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F20E00D8-2F00-4FA3-9455-37DC89908D96" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*", + "matchCriteriaId": "905E39DD-7948-40A4-B042-EBB9A9591347" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*", + "matchCriteriaId": "CDC980D6-B797-4AE1-B553-35395AE80D07" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*", + "matchCriteriaId": "98408A48-561A-49D1-967F-834311742B7F" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*", + "matchCriteriaId": "756E5850-CDC7-46C2-BAFC-1E2A359A2709" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*", + "matchCriteriaId": "39002ECE-636A-4FEB-9A0B-8127E8AAC844" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t760:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3D965CCA-C963-49E4-ACF0-2A9F458AF470" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t770:-:*:*:*:*:*:*:*", + "matchCriteriaId": "0FFEF06A-E3E0-486F-89CC-D52FF3F26F0B" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t820:-:*:*:*:*:*:*:*", + "matchCriteriaId": "49601008-D3FF-47CC-B961-6FDDFC7A0596" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", - "source": "security@unisoc.com" + "source": "security@unisoc.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-309xx/CVE-2023-30926.json b/CVE-2023/CVE-2023-309xx/CVE-2023-30926.json index 7ed29b9b2c2..678634da815 100644 --- a/CVE-2023/CVE-2023-309xx/CVE-2023-30926.json +++ b/CVE-2023/CVE-2023-309xx/CVE-2023-30926.json @@ -2,19 +2,161 @@ "id": "CVE-2023-30926", "sourceIdentifier": "security@unisoc.com", "published": "2023-07-12T09:15:11.337", - "lastModified": "2023-07-12T12:46:30.047", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-19T17:12:46.443", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "In opm service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*", + "matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*", + "matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*", + "matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*", + "matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*", + "matchCriteriaId": "FDE05D06-C798-4217-8858-8C5DC2C94751" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*", + "matchCriteriaId": "AC867249-B767-4802-868D-6D0E356C8294" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*", + "matchCriteriaId": "25BBD3C5-E87C-4730-970C-19DF855AC3A2" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DE00DFDE-97DD-4D33-B580-73FEF677C71B" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F20E00D8-2F00-4FA3-9455-37DC89908D96" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*", + "matchCriteriaId": "905E39DD-7948-40A4-B042-EBB9A9591347" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*", + "matchCriteriaId": "CDC980D6-B797-4AE1-B553-35395AE80D07" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*", + "matchCriteriaId": "98408A48-561A-49D1-967F-834311742B7F" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*", + "matchCriteriaId": "756E5850-CDC7-46C2-BAFC-1E2A359A2709" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*", + "matchCriteriaId": "39002ECE-636A-4FEB-9A0B-8127E8AAC844" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t760:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3D965CCA-C963-49E4-ACF0-2A9F458AF470" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t770:-:*:*:*:*:*:*:*", + "matchCriteriaId": "0FFEF06A-E3E0-486F-89CC-D52FF3F26F0B" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t820:-:*:*:*:*:*:*:*", + "matchCriteriaId": "49601008-D3FF-47CC-B961-6FDDFC7A0596" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", - "source": "security@unisoc.com" + "source": "security@unisoc.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-309xx/CVE-2023-30927.json b/CVE-2023/CVE-2023-309xx/CVE-2023-30927.json index 5f5e94611aa..1506db21065 100644 --- a/CVE-2023/CVE-2023-309xx/CVE-2023-30927.json +++ b/CVE-2023/CVE-2023-309xx/CVE-2023-30927.json @@ -2,19 +2,161 @@ "id": "CVE-2023-30927", "sourceIdentifier": "security@unisoc.com", "published": "2023-07-12T09:15:11.380", - "lastModified": "2023-07-12T12:46:30.047", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-19T17:10:12.373", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*", + "matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*", + "matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*", + "matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*", + "matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*", + "matchCriteriaId": "FDE05D06-C798-4217-8858-8C5DC2C94751" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:sc7731e:-:*:*:*:*:*:*:*", + "matchCriteriaId": "AC867249-B767-4802-868D-6D0E356C8294" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:sc9832e:-:*:*:*:*:*:*:*", + "matchCriteriaId": "25BBD3C5-E87C-4730-970C-19DF855AC3A2" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:sc9863a:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DE00DFDE-97DD-4D33-B580-73FEF677C71B" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t310:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F20E00D8-2F00-4FA3-9455-37DC89908D96" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*", + "matchCriteriaId": "905E39DD-7948-40A4-B042-EBB9A9591347" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t610:-:*:*:*:*:*:*:*", + "matchCriteriaId": "CDC980D6-B797-4AE1-B553-35395AE80D07" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*", + "matchCriteriaId": "98408A48-561A-49D1-967F-834311742B7F" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*", + "matchCriteriaId": "756E5850-CDC7-46C2-BAFC-1E2A359A2709" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t618:-:*:*:*:*:*:*:*", + "matchCriteriaId": "39002ECE-636A-4FEB-9A0B-8127E8AAC844" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t760:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3D965CCA-C963-49E4-ACF0-2A9F458AF470" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t770:-:*:*:*:*:*:*:*", + "matchCriteriaId": "0FFEF06A-E3E0-486F-89CC-D52FF3F26F0B" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t820:-:*:*:*:*:*:*:*", + "matchCriteriaId": "49601008-D3FF-47CC-B961-6FDDFC7A0596" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073", - "source": "security@unisoc.com" + "source": "security@unisoc.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-30xx/CVE-2023-3023.json b/CVE-2023/CVE-2023-30xx/CVE-2023-3023.json index b290cee852c..454616a7806 100644 --- a/CVE-2023/CVE-2023-30xx/CVE-2023-3023.json +++ b/CVE-2023/CVE-2023-30xx/CVE-2023-3023.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3023", "sourceIdentifier": "security@wordfence.com", "published": "2023-07-12T05:15:09.427", - "lastModified": "2023-07-12T12:46:30.047", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-19T17:13:40.433", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,14 +46,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:wpeasycart:wp_easycart:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "5.4.11", + "matchCriteriaId": "CDB130DF-8032-4593-A0B4-9E7BD3B1E866" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/changeset/2923668/wp-easycart/trunk/admin/inc/wp_easycart_admin_table.php", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c9c1ddaf-4bf2-4937-b7bf-a09162db043e?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-31xx/CVE-2023-3131.json b/CVE-2023/CVE-2023-31xx/CVE-2023-3131.json index 79985119d8c..d21d0e613df 100644 --- a/CVE-2023/CVE-2023-31xx/CVE-2023-3131.json +++ b/CVE-2023/CVE-2023-31xx/CVE-2023-3131.json @@ -2,15 +2,38 @@ "id": "CVE-2023-3131", "sourceIdentifier": "contact@wpscan.com", "published": "2023-07-10T16:15:55.080", - "lastModified": "2023-07-10T16:27:17.833", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-19T17:15:43.263", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "The MStore API WordPress plugin before 3.9.7 does not secure most of its AJAX actions by implementing privilege checks, nonce checks, or a combination of both." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, "weaknesses": [ { "source": "contact@wpscan.com", @@ -23,10 +46,32 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:inspireui:mstore_api:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "3.9.7", + "matchCriteriaId": "E6EC200A-F39A-43AA-A1EF-1B4CB0178E8C" + } + ] + } + ] + } + ], "references": [ { "url": "https://wpscan.com/vulnerability/970735f1-24bb-441c-89b6-5a0959246d6c", - "source": "contact@wpscan.com" + "source": "contact@wpscan.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-31xx/CVE-2023-3158.json b/CVE-2023/CVE-2023-31xx/CVE-2023-3158.json index ac878049238..4bbd4a0b309 100644 --- a/CVE-2023/CVE-2023-31xx/CVE-2023-3158.json +++ b/CVE-2023/CVE-2023-31xx/CVE-2023-3158.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3158", "sourceIdentifier": "security@wordfence.com", "published": "2023-07-12T05:15:10.277", - "lastModified": "2023-07-12T12:46:30.047", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-19T17:43:47.977", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -13,8 +13,28 @@ "metrics": { "cvssMetricV31": [ { - "source": "security@wordfence.com", + "source": "nvd@nist.gov", "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + }, + { + "source": "security@wordfence.com", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N", @@ -46,14 +66,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:instareza:mail_control:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "0.2.8", + "matchCriteriaId": "604E6526-E5D7-4E83-A9C0-287DBD619957" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/browser/mail-control/trunk/includes/admin.php#L42", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/77537eb8-1c84-4702-aba1-727b0de1c3e1?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-31xx/CVE-2023-3166.json b/CVE-2023/CVE-2023-31xx/CVE-2023-3166.json index 3fdd7cbf22d..26cd88bbde6 100644 --- a/CVE-2023/CVE-2023-31xx/CVE-2023-3166.json +++ b/CVE-2023/CVE-2023-31xx/CVE-2023-3166.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3166", "sourceIdentifier": "security@wordfence.com", "published": "2023-07-12T05:15:10.347", - "lastModified": "2023-07-12T12:46:30.047", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-19T17:39:27.673", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -13,8 +13,28 @@ "metrics": { "cvssMetricV31": [ { - "source": "security@wordfence.com", + "source": "nvd@nist.gov", "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + }, + { + "source": "security@wordfence.com", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N", @@ -46,14 +66,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:lanacodes:lana_email_logger:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "1.0.2", + "matchCriteriaId": "6C5A9BD2-289F-441B-9FA5-E716CA622AD0" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/changeset/2923581/lana-email-logger#file1", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d5f372bf-6b13-4ba7-8b8b-9d3b500e4420?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-31xx/CVE-2023-3167.json b/CVE-2023/CVE-2023-31xx/CVE-2023-3167.json index 6ac17ae8998..e4059327601 100644 --- a/CVE-2023/CVE-2023-31xx/CVE-2023-3167.json +++ b/CVE-2023/CVE-2023-31xx/CVE-2023-3167.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3167", "sourceIdentifier": "security@wordfence.com", "published": "2023-07-12T05:15:10.417", - "lastModified": "2023-07-12T12:46:30.047", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-19T17:46:13.803", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -13,8 +13,28 @@ "metrics": { "cvssMetricV31": [ { - "source": "security@wordfence.com", + "source": "nvd@nist.gov", "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + }, + { + "source": "security@wordfence.com", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N", @@ -46,14 +66,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:webdesignmunich:mail_queue:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "1.1", + "matchCriteriaId": "9D2066BF-0213-45D7-A2B1-FBF14D364F89" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/changeset/2924661/mail-queue", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Issue Tracking" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d4aaca22-76b9-42ec-a960-65d44d696324?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-322xx/CVE-2023-32261.json b/CVE-2023/CVE-2023-322xx/CVE-2023-32261.json new file mode 100644 index 00000000000..da815e2e1e0 --- /dev/null +++ b/CVE-2023/CVE-2023-322xx/CVE-2023-32261.json @@ -0,0 +1,51 @@ +{ + "id": "CVE-2023-32261", + "sourceIdentifier": "security@opentext.com", + "published": "2023-07-19T16:15:09.737", + "lastModified": "2023-07-19T16:55:08.940", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "\nA potential vulnerability has been identified in the Micro Focus Dimensions CM Plugin for Jenkins. The vulnerability allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.\nSee the following Jenkins security advisory for details: * https://www.jenkins.io/security/advisory/2023-06-14/ https://www.jenkins.io/security/advisory/2023-06-14/ \n\n\n\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@opentext.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.2, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.6, + "impactScore": 2.5 + } + ] + }, + "references": [ + { + "url": "https://plugins.jenkins.io/dimensionsscm/", + "source": "security@opentext.com" + }, + { + "url": "https://portal.microfocus.com/s/article/KM000019297", + "source": "security@opentext.com" + }, + { + "url": "https://www.jenkins.io/security/advisory/2023-06-14/", + "source": "security@opentext.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-322xx/CVE-2023-32262.json b/CVE-2023/CVE-2023-322xx/CVE-2023-32262.json new file mode 100644 index 00000000000..9ed90e5b8c4 --- /dev/null +++ b/CVE-2023/CVE-2023-322xx/CVE-2023-32262.json @@ -0,0 +1,51 @@ +{ + "id": "CVE-2023-32262", + "sourceIdentifier": "security@opentext.com", + "published": "2023-07-19T16:15:09.817", + "lastModified": "2023-07-19T16:55:08.940", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "\nA potential vulnerability has been identified in the Micro Focus Dimensions CM Plugin for Jenkins. The vulnerability allows attackers with Item/Configure permission to access and capture credentials they are not entitled to.\nSee the following Jenkins security advisory for details: * https://www.jenkins.io/security/advisory/2023-06-14/ https://www.jenkins.io/security/advisory/2023-06-14/ \n\n\n\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@opentext.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "references": [ + { + "url": "https://plugins.jenkins.io/dimensionsscm/", + "source": "security@opentext.com" + }, + { + "url": "https://portal.microfocus.com/s/article/KM000019298", + "source": "security@opentext.com" + }, + { + "url": "https://www.jenkins.io/security/advisory/2023-06-14/", + "source": "security@opentext.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-322xx/CVE-2023-32263.json b/CVE-2023/CVE-2023-322xx/CVE-2023-32263.json new file mode 100644 index 00000000000..1f6921a6349 --- /dev/null +++ b/CVE-2023/CVE-2023-322xx/CVE-2023-32263.json @@ -0,0 +1,47 @@ +{ + "id": "CVE-2023-32263", + "sourceIdentifier": "security@opentext.com", + "published": "2023-07-19T16:15:09.893", + "lastModified": "2023-07-19T16:55:08.940", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "\nA potential vulnerability has been identified in the Micro Focus Dimensions CM Plugin for Jenkins. The vulnerability could be exploited to retrieve a login certificate if an authenticated user is duped into using an attacker-controlled Dimensions CM server. This vulnerability only applies when the Jenkins plugin is configured to use login certificate credentials.\n\n\n https://www.jenkins.io/security/advisory/2023-06-14/ \n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@opentext.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 2.6, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 1.2, + "impactScore": 1.4 + } + ] + }, + "references": [ + { + "url": "https://plugins.jenkins.io/dimensionsscm/", + "source": "security@opentext.com" + }, + { + "url": "https://portal.microfocus.com/s/article/KM000019293", + "source": "security@opentext.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-326xx/CVE-2023-32664.json b/CVE-2023/CVE-2023-326xx/CVE-2023-32664.json index ac47783f8b2..89384b3b40e 100644 --- a/CVE-2023/CVE-2023-326xx/CVE-2023-32664.json +++ b/CVE-2023/CVE-2023-326xx/CVE-2023-32664.json @@ -2,8 +2,8 @@ "id": "CVE-2023-32664", "sourceIdentifier": "talos-cna@cisco.com", "published": "2023-07-19T14:15:10.207", - "lastModified": "2023-07-19T15:15:10.557", - "vulnStatus": "Received", + "lastModified": "2023-07-19T16:55:08.940", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-32xx/CVE-2023-3202.json b/CVE-2023/CVE-2023-32xx/CVE-2023-3202.json index a2bdb13af31..62775f4559c 100644 --- a/CVE-2023/CVE-2023-32xx/CVE-2023-3202.json +++ b/CVE-2023/CVE-2023-32xx/CVE-2023-3202.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3202", "sourceIdentifier": "security@wordfence.com", "published": "2023-07-12T05:15:10.623", - "lastModified": "2023-07-12T12:46:30.047", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-19T17:21:53.547", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,18 +46,45 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:inspireui:mstore_api:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "3.9.6", + "matchCriteriaId": "D181286E-99D3-48F5-A6A6-CE69143FBA0A" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/browser/mstore-api/trunk/mstore-api.php#L232", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2925048%40mstore-api&new=2925048%40mstore-api&sfp_email=&sfph_mail=", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d2b3612e-3c91-469b-98ef-fdb03b0ee9d9?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-32xx/CVE-2023-3209.json b/CVE-2023/CVE-2023-32xx/CVE-2023-3209.json index 1797e40379d..727ee11a940 100644 --- a/CVE-2023/CVE-2023-32xx/CVE-2023-3209.json +++ b/CVE-2023/CVE-2023-32xx/CVE-2023-3209.json @@ -2,15 +2,38 @@ "id": "CVE-2023-3209", "sourceIdentifier": "contact@wpscan.com", "published": "2023-07-10T16:15:55.190", - "lastModified": "2023-07-10T16:27:17.833", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-19T17:16:05.520", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "The MStore API WordPress plugin before 3.9.7 does not secure most of its AJAX actions by implementing privilege checks, nonce checks, or a combination of both." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 3.5, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 2.1, + "impactScore": 1.4 + } + ] + }, "weaknesses": [ { "source": "contact@wpscan.com", @@ -23,10 +46,32 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:inspireui:mstore_api:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "3.9.7", + "matchCriteriaId": "E6EC200A-F39A-43AA-A1EF-1B4CB0178E8C" + } + ] + } + ] + } + ], "references": [ { "url": "https://wpscan.com/vulnerability/970735f1-24bb-441c-89b6-5a0959246d6c", - "source": "contact@wpscan.com" + "source": "contact@wpscan.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-32xx/CVE-2023-3271.json b/CVE-2023/CVE-2023-32xx/CVE-2023-3271.json index 650021c011a..d39b4e5a90a 100644 --- a/CVE-2023/CVE-2023-32xx/CVE-2023-3271.json +++ b/CVE-2023/CVE-2023-32xx/CVE-2023-3271.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3271", "sourceIdentifier": "psirt@sick.de", "published": "2023-07-10T16:15:55.443", - "lastModified": "2023-07-10T16:27:17.833", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-19T17:16:17.150", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + }, { "source": "psirt@sick.de", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + }, { "source": "psirt@sick.de", "type": "Secondary", @@ -46,18 +76,57 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:sick:icr890-4_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.5.0", + "matchCriteriaId": "C9781FA2-2446-4587-8BBA-1AC342BC5A0F" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:sick:icr890-4:-:*:*:*:*:*:*:*", + "matchCriteriaId": "8E1AF1D7-8380-4B5C-8258-214F00638CC2" + } + ] + } + ] + } + ], "references": [ { "url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0006.json", - "source": "psirt@sick.de" + "source": "psirt@sick.de", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0006.pdf", - "source": "psirt@sick.de" + "source": "psirt@sick.de", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://sick.com/psirt", - "source": "psirt@sick.de" + "source": "psirt@sick.de", + "tags": [ + "Product" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-32xx/CVE-2023-3272.json b/CVE-2023/CVE-2023-32xx/CVE-2023-3272.json index 19dc604c809..224f29a83df 100644 --- a/CVE-2023/CVE-2023-32xx/CVE-2023-3272.json +++ b/CVE-2023/CVE-2023-32xx/CVE-2023-3272.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3272", "sourceIdentifier": "psirt@sick.de", "published": "2023-07-10T16:15:55.507", - "lastModified": "2023-07-10T16:27:17.833", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-19T16:23:42.457", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + }, { "source": "psirt@sick.de", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-319" + } + ] + }, { "source": "psirt@sick.de", "type": "Secondary", @@ -46,18 +76,57 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:sick:icr890-4_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.5.0", + "matchCriteriaId": "C9781FA2-2446-4587-8BBA-1AC342BC5A0F" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:sick:icr890-4:-:*:*:*:*:*:*:*", + "matchCriteriaId": "8E1AF1D7-8380-4B5C-8258-214F00638CC2" + } + ] + } + ] + } + ], "references": [ { "url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0006.json", - "source": "psirt@sick.de" + "source": "psirt@sick.de", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0006.pdf", - "source": "psirt@sick.de" + "source": "psirt@sick.de", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://sick.com/psirt", - "source": "psirt@sick.de" + "source": "psirt@sick.de", + "tags": [ + "Product" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-32xx/CVE-2023-3273.json b/CVE-2023/CVE-2023-32xx/CVE-2023-3273.json index 69b1753b8cc..3b32fa1c499 100644 --- a/CVE-2023/CVE-2023-32xx/CVE-2023-3273.json +++ b/CVE-2023/CVE-2023-32xx/CVE-2023-3273.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3273", "sourceIdentifier": "psirt@sick.de", "published": "2023-07-10T16:15:55.560", - "lastModified": "2023-07-10T16:27:17.833", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-19T16:24:40.650", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + }, { "source": "psirt@sick.de", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + }, { "source": "psirt@sick.de", "type": "Secondary", @@ -46,18 +76,57 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:sick:icr890-4_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.5.0", + "matchCriteriaId": "C9781FA2-2446-4587-8BBA-1AC342BC5A0F" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:sick:icr890-4:-:*:*:*:*:*:*:*", + "matchCriteriaId": "8E1AF1D7-8380-4B5C-8258-214F00638CC2" + } + ] + } + ] + } + ], "references": [ { "url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0006.json", - "source": "psirt@sick.de" + "source": "psirt@sick.de", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0006.pdf", - "source": "psirt@sick.de" + "source": "psirt@sick.de", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://sick.com/psirt", - "source": "psirt@sick.de" + "source": "psirt@sick.de", + "tags": [ + "Product" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-331xx/CVE-2023-33168.json b/CVE-2023/CVE-2023-331xx/CVE-2023-33168.json index 4d961cac43c..28e910bce9a 100644 --- a/CVE-2023/CVE-2023-331xx/CVE-2023-33168.json +++ b/CVE-2023/CVE-2023-331xx/CVE-2023-33168.json @@ -2,8 +2,8 @@ "id": "CVE-2023-33168", "sourceIdentifier": "secure@microsoft.com", "published": "2023-07-11T18:15:15.543", - "lastModified": "2023-07-12T12:46:51.683", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-19T16:03:05.723", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -13,8 +13,28 @@ "metrics": { "cvssMetricV31": [ { - "source": "secure@microsoft.com", + "source": "nvd@nist.gov", "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + }, + { + "source": "secure@microsoft.com", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", @@ -34,10 +54,115 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.10240.20048", + "matchCriteriaId": "CA7DB0E9-3DCD-4FAE-8F9A-20D15E061ED7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.14393.6085", + "matchCriteriaId": "8557A170-443F-49D3-9041-0D883E6CB556" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.17763.4645", + "matchCriteriaId": "E7CD9EA5-EB3A-4C42-B208-75590288F6F6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19041.3208", + "matchCriteriaId": "22A20A25-6FDE-4715-873E-E7FBF2DFABCA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19045.3208", + "matchCriteriaId": "7408C04A-729A-4CFF-8AF0-97A18BB2BD9C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22000.2176", + "matchCriteriaId": "F10BCA0D-417F-42E3-93BF-2C227357702B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22621.1992", + "matchCriteriaId": "B1C277B2-DE09-453D-B33E-42917E11D0E5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", + "matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", + "matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", + "matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", + "matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", + "matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33168", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-331xx/CVE-2023-33169.json b/CVE-2023/CVE-2023-331xx/CVE-2023-33169.json index 38bfafaf7cb..fcbc14ab81a 100644 --- a/CVE-2023/CVE-2023-331xx/CVE-2023-33169.json +++ b/CVE-2023/CVE-2023-331xx/CVE-2023-33169.json @@ -2,8 +2,8 @@ "id": "CVE-2023-33169", "sourceIdentifier": "secure@microsoft.com", "published": "2023-07-11T18:15:15.603", - "lastModified": "2023-07-12T12:46:51.683", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-19T16:26:53.297", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -13,8 +13,28 @@ "metrics": { "cvssMetricV31": [ { - "source": "secure@microsoft.com", + "source": "nvd@nist.gov", "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + }, + { + "source": "secure@microsoft.com", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", @@ -34,10 +54,115 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.10240.20048", + "matchCriteriaId": "CA7DB0E9-3DCD-4FAE-8F9A-20D15E061ED7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.14393.6085", + "matchCriteriaId": "8557A170-443F-49D3-9041-0D883E6CB556" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.17763.4645", + "matchCriteriaId": "E7CD9EA5-EB3A-4C42-B208-75590288F6F6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19041.3208", + "matchCriteriaId": "22A20A25-6FDE-4715-873E-E7FBF2DFABCA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19045.3208", + "matchCriteriaId": "7408C04A-729A-4CFF-8AF0-97A18BB2BD9C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22000.2176", + "matchCriteriaId": "F10BCA0D-417F-42E3-93BF-2C227357702B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22621.1992", + "matchCriteriaId": "B1C277B2-DE09-453D-B33E-42917E11D0E5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", + "matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", + "matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", + "matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", + "matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", + "matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33169", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-331xx/CVE-2023-33170.json b/CVE-2023/CVE-2023-331xx/CVE-2023-33170.json index 514a50787dc..409af8f5976 100644 --- a/CVE-2023/CVE-2023-331xx/CVE-2023-33170.json +++ b/CVE-2023/CVE-2023-331xx/CVE-2023-33170.json @@ -2,8 +2,8 @@ "id": "CVE-2023-33170", "sourceIdentifier": "secure@microsoft.com", "published": "2023-07-11T18:15:15.660", - "lastModified": "2023-07-12T12:46:51.683", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-19T17:25:39.773", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -34,10 +34,80 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-362" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.0.0", + "versionEndExcluding": "6.0.20", + "matchCriteriaId": "5730CE86-D1BB-403D-BE28-09BAC686B645" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.0.0", + "versionEndExcluding": "7.0.9", + "matchCriteriaId": "4EBEC922-21D4-458E-B9A9-A29CAD09C2D3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", + "versionStartIncluding": "17.0.0", + "versionEndExcluding": "17.0.23", + "matchCriteriaId": "608BDDA8-7FCB-4739-B265-729560D5A7F3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", + "versionStartIncluding": "17.2.0", + "versionEndExcluding": "17.2.17", + "matchCriteriaId": "63B52F8F-CF6B-40C5-B4D9-342FA4C3D21C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", + "versionStartIncluding": "17.4.0", + "versionEndExcluding": "17.4.9", + "matchCriteriaId": "45D57A7D-14A4-4916-B029-12E8D3C8EDAD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", + "versionStartIncluding": "17.6.0", + "versionEndExcluding": "17.6.5", + "matchCriteriaId": "D8771AEC-CE62-4C47-922A-A6205FDF3ECE" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33170", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-331xx/CVE-2023-33173.json b/CVE-2023/CVE-2023-331xx/CVE-2023-33173.json index 22157768c1b..a98e79d89a3 100644 --- a/CVE-2023/CVE-2023-331xx/CVE-2023-33173.json +++ b/CVE-2023/CVE-2023-331xx/CVE-2023-33173.json @@ -2,8 +2,8 @@ "id": "CVE-2023-33173", "sourceIdentifier": "secure@microsoft.com", "published": "2023-07-11T18:15:15.827", - "lastModified": "2023-07-12T12:46:51.683", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-19T17:27:22.683", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -13,8 +13,28 @@ "metrics": { "cvssMetricV31": [ { - "source": "secure@microsoft.com", + "source": "nvd@nist.gov", "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + }, + { + "source": "secure@microsoft.com", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", @@ -34,10 +54,115 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.10240.20048", + "matchCriteriaId": "CA7DB0E9-3DCD-4FAE-8F9A-20D15E061ED7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.14393.6085", + "matchCriteriaId": "8557A170-443F-49D3-9041-0D883E6CB556" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.17763.4645", + "matchCriteriaId": "E7CD9EA5-EB3A-4C42-B208-75590288F6F6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19041.3208", + "matchCriteriaId": "22A20A25-6FDE-4715-873E-E7FBF2DFABCA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19045.3208", + "matchCriteriaId": "7408C04A-729A-4CFF-8AF0-97A18BB2BD9C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22000.2176", + "matchCriteriaId": "F10BCA0D-417F-42E3-93BF-2C227357702B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22621.1992", + "matchCriteriaId": "B1C277B2-DE09-453D-B33E-42917E11D0E5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", + "matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", + "matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", + "matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", + "matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", + "matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33173", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-331xx/CVE-2023-33174.json b/CVE-2023/CVE-2023-331xx/CVE-2023-33174.json index a16b399f01d..5be3580202f 100644 --- a/CVE-2023/CVE-2023-331xx/CVE-2023-33174.json +++ b/CVE-2023/CVE-2023-331xx/CVE-2023-33174.json @@ -2,8 +2,8 @@ "id": "CVE-2023-33174", "sourceIdentifier": "secure@microsoft.com", "published": "2023-07-11T18:15:15.883", - "lastModified": "2023-07-12T12:46:51.683", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-19T17:28:11.077", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -34,10 +34,115 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.10240.20048", + "matchCriteriaId": "CA7DB0E9-3DCD-4FAE-8F9A-20D15E061ED7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.14393.6085", + "matchCriteriaId": "8557A170-443F-49D3-9041-0D883E6CB556" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.17763.4645", + "matchCriteriaId": "E7CD9EA5-EB3A-4C42-B208-75590288F6F6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19041.3208", + "matchCriteriaId": "22A20A25-6FDE-4715-873E-E7FBF2DFABCA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.19045.3208", + "matchCriteriaId": "7408C04A-729A-4CFF-8AF0-97A18BB2BD9C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22000.2176", + "matchCriteriaId": "F10BCA0D-417F-42E3-93BF-2C227357702B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0.22621.1992", + "matchCriteriaId": "B1C277B2-DE09-453D-B33E-42917E11D0E5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", + "matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", + "matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", + "matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", + "matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", + "matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33174", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-332xx/CVE-2023-33253.json b/CVE-2023/CVE-2023-332xx/CVE-2023-33253.json index ff2d70460ef..9d5ee781f61 100644 --- a/CVE-2023/CVE-2023-332xx/CVE-2023-33253.json +++ b/CVE-2023/CVE-2023-332xx/CVE-2023-33253.json @@ -2,8 +2,8 @@ "id": "CVE-2023-33253", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-12T13:15:10.187", - "lastModified": "2023-06-21T15:46:07.963", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-19T17:15:22.167", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -80,6 +80,10 @@ "tags": [ "Product" ] + }, + { + "url": "https://labcollector.com/changelog-labcollector/", + "source": "cve@mitre.org" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-338xx/CVE-2023-33866.json b/CVE-2023/CVE-2023-338xx/CVE-2023-33866.json index 8b6adcbec5e..72214486bc8 100644 --- a/CVE-2023/CVE-2023-338xx/CVE-2023-33866.json +++ b/CVE-2023/CVE-2023-338xx/CVE-2023-33866.json @@ -2,8 +2,8 @@ "id": "CVE-2023-33866", "sourceIdentifier": "talos-cna@cisco.com", "published": "2023-07-19T14:15:10.297", - "lastModified": "2023-07-19T15:15:10.637", - "vulnStatus": "Received", + "lastModified": "2023-07-19T16:55:08.940", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-338xx/CVE-2023-33876.json b/CVE-2023/CVE-2023-338xx/CVE-2023-33876.json index 8055294444e..a0c7cc9c6f8 100644 --- a/CVE-2023/CVE-2023-338xx/CVE-2023-33876.json +++ b/CVE-2023/CVE-2023-338xx/CVE-2023-33876.json @@ -2,8 +2,8 @@ "id": "CVE-2023-33876", "sourceIdentifier": "talos-cna@cisco.com", "published": "2023-07-19T14:15:10.393", - "lastModified": "2023-07-19T15:15:10.797", - "vulnStatus": "Received", + "lastModified": "2023-07-19T17:15:22.243", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", @@ -50,10 +50,6 @@ { "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1796", "source": "talos-cna@cisco.com" - }, - { - "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1796", - "source": "talos-cna@cisco.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-340xx/CVE-2023-34034.json b/CVE-2023/CVE-2023-340xx/CVE-2023-34034.json index 9ae0ea8a251..e576004f2d9 100644 --- a/CVE-2023/CVE-2023-340xx/CVE-2023-34034.json +++ b/CVE-2023/CVE-2023-340xx/CVE-2023-34034.json @@ -2,8 +2,8 @@ "id": "CVE-2023-34034", "sourceIdentifier": "security@vmware.com", "published": "2023-07-19T15:15:11.127", - "lastModified": "2023-07-19T15:15:11.127", - "vulnStatus": "Received", + "lastModified": "2023-07-19T16:55:08.940", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-343xx/CVE-2023-34318.json b/CVE-2023/CVE-2023-343xx/CVE-2023-34318.json index 7a527dc749a..57a7b87e7a3 100644 --- a/CVE-2023/CVE-2023-343xx/CVE-2023-34318.json +++ b/CVE-2023/CVE-2023-343xx/CVE-2023-34318.json @@ -2,8 +2,8 @@ "id": "CVE-2023-34318", "sourceIdentifier": "secalert@redhat.com", "published": "2023-07-10T18:15:10.833", - "lastModified": "2023-07-10T18:15:29.887", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-19T17:09:12.453", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + }, { "source": "secalert@redhat.com", "type": "Secondary", @@ -34,14 +54,80 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:sox_project:sox:14.4.3:*:*:*:*:*:*:*", + "matchCriteriaId": "14A53C19-2DA3-49D1-8114-3DB90ACE3263" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:fedoraproject:extra_packages_for_enterprise_linux:8.0:*:*:*:*:*:*:*", + "matchCriteriaId": "BB176AC3-3CDA-4DDA-9089-C67B2F73AA62" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*", + "matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", + "matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", + "matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A" + } + ] + } + ] + } + ], "references": [ { "url": "https://access.redhat.com/security/cve/CVE-2023-34318", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2212283", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Issue Tracking", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-34xx/CVE-2023-3463.json b/CVE-2023/CVE-2023-34xx/CVE-2023-3463.json index a56b12f38bc..ae7334c5011 100644 --- a/CVE-2023/CVE-2023-34xx/CVE-2023-3463.json +++ b/CVE-2023/CVE-2023-34xx/CVE-2023-3463.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3463", "sourceIdentifier": "ics-cert@hq.dhs.gov", "published": "2023-07-19T14:15:10.620", - "lastModified": "2023-07-19T14:15:10.620", - "vulnStatus": "Received", + "lastModified": "2023-07-19T16:55:08.940", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-358xx/CVE-2023-35874.json b/CVE-2023/CVE-2023-358xx/CVE-2023-35874.json index 76047832531..9a72f9b1ef1 100644 --- a/CVE-2023/CVE-2023-358xx/CVE-2023-35874.json +++ b/CVE-2023/CVE-2023-358xx/CVE-2023-35874.json @@ -2,8 +2,8 @@ "id": "CVE-2023-35874", "sourceIdentifier": "cna@sap.com", "published": "2023-07-11T03:15:10.050", - "lastModified": "2023-07-11T12:43:16.387", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-19T17:13:20.070", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.4, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.1, + "impactScore": 3.7 + }, { "source": "cna@sap.com", "type": "Secondary", @@ -46,14 +66,102 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:kernel_7.22:*:*:*:*:*:*:*", + "matchCriteriaId": "6C07042F-C47F-441E-AB32-B58A066909E2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:kernel_7.53:*:*:*:*:*:*:*", + "matchCriteriaId": "DBC44C62-0BFD-4170-B094-C82DEA473938" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:kernel_7.54:*:*:*:*:*:*:*", + "matchCriteriaId": "D99F18BB-B44E-48B5-BD7C-D20E40915268" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:kernel_7.77:*:*:*:*:*:*:*", + "matchCriteriaId": "208F59B2-7D79-4E0E-97DA-AEB9976C8EEA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:kernel_7.81:*:*:*:*:*:*:*", + "matchCriteriaId": "F39863DC-8CF3-4FB9-8FBF-1776791D701F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:kernel_7.85:*:*:*:*:*:*:*", + "matchCriteriaId": "A120BC2E-92B2-404A-ADF6-F1AF512631E6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:kernel_7.89:*:*:*:*:*:*:*", + "matchCriteriaId": "56F63498-DAC3-40EE-9625-51FA522BA0DB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:kernel_7.92:*:*:*:*:*:*:*", + "matchCriteriaId": "104EE65A-202C-4F4E-B725-791A73687167" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:kernel_7.93:*:*:*:*:*:*:*", + "matchCriteriaId": "0269C487-81F8-4240-BEF8-1A7C33864519" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:krnl64nuc_7.22:*:*:*:*:*:*:*", + "matchCriteriaId": "C2D5BECF-C4BA-44C7-9AD7-56865DD9AD60" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:krnl64nuc_7.22ext:*:*:*:*:*:*:*", + "matchCriteriaId": "AB7E91DE-A52F-4E57-8397-7670E30C8B5C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:krnl64uc_7.22:*:*:*:*:*:*:*", + "matchCriteriaId": "23257C18-B75C-471C-9EAF-1E86DEE845FA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:krnl64uc_7.22ext:*:*:*:*:*:*:*", + "matchCriteriaId": "A01290A1-3C1B-4AF7-9284-C164BDEC85A2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:sap:netweaver_application_server_abap:krnl64uc_7.53:*:*:*:*:*:*:*", + "matchCriteriaId": "ADE160BD-659F-4517-B625-61CFB2FBD456" + } + ] + } + ] + } + ], "references": [ { "url": "https://me.sap.com/notes/3318850", - "source": "cna@sap.com" + "source": "cna@sap.com", + "tags": [ + "Permissions Required" + ] }, { "url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", - "source": "cna@sap.com" + "source": "cna@sap.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-35xx/CVE-2023-3565.json b/CVE-2023/CVE-2023-35xx/CVE-2023-3565.json index 91df948c6c4..b38c594a764 100644 --- a/CVE-2023/CVE-2023-35xx/CVE-2023-3565.json +++ b/CVE-2023/CVE-2023-35xx/CVE-2023-3565.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3565", "sourceIdentifier": "security@huntr.dev", "published": "2023-07-10T16:15:56.317", - "lastModified": "2023-07-10T16:27:17.833", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-19T16:25:11.427", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ], "cvssMetricV30": [ { "source": "security@huntr.dev", @@ -46,14 +68,40 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:teampass:teampass:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.0.10", + "matchCriteriaId": "6C3D28BC-A4B7-45E4-8B54-0F13DFB41437" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/nilsteampassnet/teampass/commit/820bb49a362a566c9038e4a3048b26d654babb0e", - "source": "security@huntr.dev" + "source": "security@huntr.dev", + "tags": [ + "Patch" + ] }, { "url": "https://huntr.dev/bounties/fcf46e1f-2ab6-4057-9d25-cf493ab09530", - "source": "security@huntr.dev" + "source": "security@huntr.dev", + "tags": [ + "Exploit", + "Patch", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-35xx/CVE-2023-3566.json b/CVE-2023/CVE-2023-35xx/CVE-2023-3566.json index d849ac10095..cfdbaf9b4a7 100644 --- a/CVE-2023/CVE-2023-35xx/CVE-2023-3566.json +++ b/CVE-2023/CVE-2023-35xx/CVE-2023-3566.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3566", "sourceIdentifier": "cna@vuldb.com", "published": "2023-07-10T16:15:56.380", - "lastModified": "2023-07-10T16:27:17.833", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-19T16:30:53.323", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ], "cvssMetricV30": [ { "source": "cna@vuldb.com", @@ -71,22 +93,51 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:wallabag:wallabag:2.5.4:*:*:*:*:*:*:*", + "matchCriteriaId": "230CE52B-8B7D-4FEF-B61D-8A177890A4B6" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/ctflearner/Vulnerability/blob/main/WALLABAG/NAME-LIMIT.md", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit" + ] }, { "url": "https://vuldb.com/?ctiid.233359", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required" + ] }, { "url": "https://vuldb.com/?id.233359", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required" + ] }, { "url": "https://youtu.be/ouwud0PlHkE", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-36xx/CVE-2023-3626.json b/CVE-2023/CVE-2023-36xx/CVE-2023-3626.json index 485315fca99..a0d569068d6 100644 --- a/CVE-2023/CVE-2023-36xx/CVE-2023-3626.json +++ b/CVE-2023/CVE-2023-36xx/CVE-2023-3626.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3626", "sourceIdentifier": "cna@vuldb.com", "published": "2023-07-11T18:15:20.967", - "lastModified": "2023-07-12T12:46:41.413", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-19T16:31:21.577", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "cna@vuldb.com", @@ -71,18 +93,48 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:istrong:mountain_flood_disaster_prevention_monitoring_and_early_warning_system:*:*:*:*:*:*:*:*", + "versionEndIncluding": "20230706", + "matchCriteriaId": "F3A2170B-0893-4B96-B988-87E7952C690D" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/MoeMion233/cve/blob/main/2.md", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.233579", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?id.233579", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-36xx/CVE-2023-3638.json b/CVE-2023/CVE-2023-36xx/CVE-2023-3638.json index 4d3dab769bc..d7f6dc68843 100644 --- a/CVE-2023/CVE-2023-36xx/CVE-2023-3638.json +++ b/CVE-2023/CVE-2023-36xx/CVE-2023-3638.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3638", "sourceIdentifier": "ics-cert@hq.dhs.gov", "published": "2023-07-19T15:15:11.257", - "lastModified": "2023-07-19T15:15:11.257", - "vulnStatus": "Received", + "lastModified": "2023-07-19T16:55:08.940", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-371xx/CVE-2023-37196.json b/CVE-2023/CVE-2023-371xx/CVE-2023-37196.json index 82aa962eb7d..10d076f8fd9 100644 --- a/CVE-2023/CVE-2023-371xx/CVE-2023-37196.json +++ b/CVE-2023/CVE-2023-371xx/CVE-2023-37196.json @@ -2,8 +2,8 @@ "id": "CVE-2023-37196", "sourceIdentifier": "cybersecurity@se.com", "published": "2023-07-12T07:15:10.377", - "lastModified": "2023-07-12T12:46:30.047", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-19T17:56:49.593", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "cybersecurity@se.com", "type": "Secondary", @@ -36,7 +56,7 @@ }, "weaknesses": [ { - "source": "cybersecurity@se.com", + "source": "nvd@nist.gov", "type": "Primary", "description": [ { @@ -44,12 +64,43 @@ "value": "CWE-89" } ] + }, + { + "source": "cybersecurity@se.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:schneider-electric:struxureware_data_center_expert:*:*:*:*:*:*:*:*", + "versionEndIncluding": "7.9.3", + "matchCriteriaId": "DA0F4FA6-8C57-494B-B6AB-5CF125AFBAEE" + } + ] + } + ] } ], "references": [ { "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-192-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-192-01.pdf", - "source": "cybersecurity@se.com" + "source": "cybersecurity@se.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-371xx/CVE-2023-37197.json b/CVE-2023/CVE-2023-371xx/CVE-2023-37197.json index ca172682340..5afc4df9f28 100644 --- a/CVE-2023/CVE-2023-371xx/CVE-2023-37197.json +++ b/CVE-2023/CVE-2023-371xx/CVE-2023-37197.json @@ -2,8 +2,8 @@ "id": "CVE-2023-37197", "sourceIdentifier": "cybersecurity@se.com", "published": "2023-07-12T07:15:10.500", - "lastModified": "2023-07-12T12:46:30.047", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-19T17:55:59.233", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "cybersecurity@se.com", "type": "Secondary", @@ -46,10 +66,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:schneider-electric:struxureware_data_center_expert:*:*:*:*:*:*:*:*", + "versionEndIncluding": "7.9.3", + "matchCriteriaId": "DA0F4FA6-8C57-494B-B6AB-5CF125AFBAEE" + } + ] + } + ] + } + ], "references": [ { "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-192-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-192-01.pdf", - "source": "cybersecurity@se.com" + "source": "cybersecurity@se.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-371xx/CVE-2023-37198.json b/CVE-2023/CVE-2023-371xx/CVE-2023-37198.json index 70ba1479254..3b0089f9008 100644 --- a/CVE-2023/CVE-2023-371xx/CVE-2023-37198.json +++ b/CVE-2023/CVE-2023-371xx/CVE-2023-37198.json @@ -2,8 +2,8 @@ "id": "CVE-2023-37198", "sourceIdentifier": "cybersecurity@se.com", "published": "2023-07-12T07:15:10.597", - "lastModified": "2023-07-12T12:46:30.047", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-19T17:52:50.213", + "vulnStatus": "Undergoing Analysis", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "cybersecurity@se.com", "type": "Secondary", @@ -46,10 +66,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:schneider-electric:struxureware_data_center_expert:*:*:*:*:*:*:*:*", + "versionEndIncluding": "7.9.3", + "matchCriteriaId": "DA0F4FA6-8C57-494B-B6AB-5CF125AFBAEE" + } + ] + } + ] + } + ], "references": [ { "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-192-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-192-01.pdf", - "source": "cybersecurity@se.com" + "source": "cybersecurity@se.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-377xx/CVE-2023-37748.json b/CVE-2023/CVE-2023-377xx/CVE-2023-37748.json new file mode 100644 index 00000000000..aa97381a538 --- /dev/null +++ b/CVE-2023/CVE-2023-377xx/CVE-2023-37748.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-37748", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-07-19T17:15:22.323", + "lastModified": "2023-07-19T17:15:22.323", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "ngiflib commit 5e7292 was discovered to contain an infinite loop via the function DecodeGifImg at ngiflib.c." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/miniupnp/ngiflib/", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/miniupnp/ngiflib/issues/25", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 57c1c29ef45..ec902751494 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-07-19T16:01:05.735904+00:00 +2023-07-19T18:00:58.031131+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-07-19T15:59:56.657000+00:00 +2023-07-19T17:56:49.593000+00:00 ``` ### Last Data Feed Release @@ -29,55 +29,50 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -220683 +220689 ``` ### CVEs added in the last Commit -Recently added CVEs: `11` +Recently added CVEs: `6` -* [CVE-2022-40896](CVE-2022/CVE-2022-408xx/CVE-2022-40896.json) (`2023-07-19T15:15:10.007`) -* [CVE-2023-3463](CVE-2023/CVE-2023-34xx/CVE-2023-3463.json) (`2023-07-19T14:15:10.620`) -* [CVE-2023-27379](CVE-2023/CVE-2023-273xx/CVE-2023-27379.json) (`2023-07-19T14:15:10.000`) -* [CVE-2023-28744](CVE-2023/CVE-2023-287xx/CVE-2023-28744.json) (`2023-07-19T14:15:10.117`) -* [CVE-2023-30799](CVE-2023/CVE-2023-307xx/CVE-2023-30799.json) (`2023-07-19T15:15:10.477`) -* [CVE-2023-32664](CVE-2023/CVE-2023-326xx/CVE-2023-32664.json) (`2023-07-19T14:15:10.207`) -* [CVE-2023-33866](CVE-2023/CVE-2023-338xx/CVE-2023-33866.json) (`2023-07-19T14:15:10.297`) -* [CVE-2023-33876](CVE-2023/CVE-2023-338xx/CVE-2023-33876.json) (`2023-07-19T14:15:10.393`) -* [CVE-2023-34034](CVE-2023/CVE-2023-340xx/CVE-2023-34034.json) (`2023-07-19T15:15:11.127`) -* [CVE-2023-3446](CVE-2023/CVE-2023-34xx/CVE-2023-3446.json) (`2023-07-19T12:15:10.003`) -* [CVE-2023-3638](CVE-2023/CVE-2023-36xx/CVE-2023-3638.json) (`2023-07-19T15:15:11.257`) +* [CVE-2023-25838](CVE-2023/CVE-2023-258xx/CVE-2023-25838.json) (`2023-07-19T16:15:09.540`) +* [CVE-2023-25839](CVE-2023/CVE-2023-258xx/CVE-2023-25839.json) (`2023-07-19T16:15:09.640`) +* [CVE-2023-32261](CVE-2023/CVE-2023-322xx/CVE-2023-32261.json) (`2023-07-19T16:15:09.737`) +* [CVE-2023-32262](CVE-2023/CVE-2023-322xx/CVE-2023-32262.json) (`2023-07-19T16:15:09.817`) +* [CVE-2023-32263](CVE-2023/CVE-2023-322xx/CVE-2023-32263.json) (`2023-07-19T16:15:09.893`) +* [CVE-2023-37748](CVE-2023/CVE-2023-377xx/CVE-2023-37748.json) (`2023-07-19T17:15:22.323`) ### CVEs modified in the last Commit -Recently modified CVEs: `76` +Recently modified CVEs: `63` -* [CVE-2023-35872](CVE-2023/CVE-2023-358xx/CVE-2023-35872.json) (`2023-07-19T13:36:59.200`) -* [CVE-2023-3011](CVE-2023/CVE-2023-30xx/CVE-2023-3011.json) (`2023-07-19T13:54:26.223`) -* [CVE-2023-2869](CVE-2023/CVE-2023-28xx/CVE-2023-2869.json) (`2023-07-19T13:56:00.660`) -* [CVE-2023-2562](CVE-2023/CVE-2023-25xx/CVE-2023-2562.json) (`2023-07-19T14:07:58.010`) -* [CVE-2023-36053](CVE-2023/CVE-2023-360xx/CVE-2023-36053.json) (`2023-07-19T14:15:10.500`) -* [CVE-2023-1936](CVE-2023/CVE-2023-19xx/CVE-2023-1936.json) (`2023-07-19T14:26:15.807`) -* [CVE-2023-35920](CVE-2023/CVE-2023-359xx/CVE-2023-35920.json) (`2023-07-19T14:58:06.770`) -* [CVE-2023-28754](CVE-2023/CVE-2023-287xx/CVE-2023-28754.json) (`2023-07-19T15:15:10.330`) -* [CVE-2023-2975](CVE-2023/CVE-2023-29xx/CVE-2023-2975.json) (`2023-07-19T15:15:10.407`) -* [CVE-2023-36521](CVE-2023/CVE-2023-365xx/CVE-2023-36521.json) (`2023-07-19T15:21:04.790`) -* [CVE-2023-35921](CVE-2023/CVE-2023-359xx/CVE-2023-35921.json) (`2023-07-19T15:21:30.293`) -* [CVE-2023-35873](CVE-2023/CVE-2023-358xx/CVE-2023-35873.json) (`2023-07-19T15:27:53.343`) -* [CVE-2023-3135](CVE-2023/CVE-2023-31xx/CVE-2023-3135.json) (`2023-07-19T15:30:54.893`) -* [CVE-2023-29319](CVE-2023/CVE-2023-293xx/CVE-2023-29319.json) (`2023-07-19T15:41:02.070`) -* [CVE-2023-29315](CVE-2023/CVE-2023-293xx/CVE-2023-29315.json) (`2023-07-19T15:42:01.287`) -* [CVE-2023-29316](CVE-2023/CVE-2023-293xx/CVE-2023-29316.json) (`2023-07-19T15:42:22.723`) -* [CVE-2023-29317](CVE-2023/CVE-2023-293xx/CVE-2023-29317.json) (`2023-07-19T15:42:41.643`) -* [CVE-2023-29318](CVE-2023/CVE-2023-293xx/CVE-2023-29318.json) (`2023-07-19T15:42:57.663`) -* [CVE-2023-33167](CVE-2023/CVE-2023-331xx/CVE-2023-33167.json) (`2023-07-19T15:44:42.697`) -* [CVE-2023-23348](CVE-2023/CVE-2023-233xx/CVE-2023-23348.json) (`2023-07-19T15:48:28.893`) -* [CVE-2023-3579](CVE-2023/CVE-2023-35xx/CVE-2023-3579.json) (`2023-07-19T15:52:19.567`) -* [CVE-2023-3578](CVE-2023/CVE-2023-35xx/CVE-2023-3578.json) (`2023-07-19T15:58:04.330`) -* [CVE-2023-3574](CVE-2023/CVE-2023-35xx/CVE-2023-3574.json) (`2023-07-19T15:58:24.693`) -* [CVE-2023-3568](CVE-2023/CVE-2023-35xx/CVE-2023-3568.json) (`2023-07-19T15:58:44.357`) -* [CVE-2023-3625](CVE-2023/CVE-2023-36xx/CVE-2023-3625.json) (`2023-07-19T15:59:56.657`) +* [CVE-2023-30922](CVE-2023/CVE-2023-309xx/CVE-2023-30922.json) (`2023-07-19T17:10:01.970`) +* [CVE-2023-30924](CVE-2023/CVE-2023-309xx/CVE-2023-30924.json) (`2023-07-19T17:10:04.407`) +* [CVE-2023-30925](CVE-2023/CVE-2023-309xx/CVE-2023-30925.json) (`2023-07-19T17:10:07.203`) +* [CVE-2023-30927](CVE-2023/CVE-2023-309xx/CVE-2023-30927.json) (`2023-07-19T17:10:12.373`) +* [CVE-2023-30926](CVE-2023/CVE-2023-309xx/CVE-2023-30926.json) (`2023-07-19T17:12:46.443`) +* [CVE-2023-35874](CVE-2023/CVE-2023-358xx/CVE-2023-35874.json) (`2023-07-19T17:13:20.070`) +* [CVE-2023-3023](CVE-2023/CVE-2023-30xx/CVE-2023-3023.json) (`2023-07-19T17:13:40.433`) +* [CVE-2023-22506](CVE-2023/CVE-2023-225xx/CVE-2023-22506.json) (`2023-07-19T17:15:22.070`) +* [CVE-2023-33253](CVE-2023/CVE-2023-332xx/CVE-2023-33253.json) (`2023-07-19T17:15:22.167`) +* [CVE-2023-33876](CVE-2023/CVE-2023-338xx/CVE-2023-33876.json) (`2023-07-19T17:15:22.243`) +* [CVE-2023-3131](CVE-2023/CVE-2023-31xx/CVE-2023-3131.json) (`2023-07-19T17:15:43.263`) +* [CVE-2023-3209](CVE-2023/CVE-2023-32xx/CVE-2023-3209.json) (`2023-07-19T17:16:05.520`) +* [CVE-2023-3271](CVE-2023/CVE-2023-32xx/CVE-2023-3271.json) (`2023-07-19T17:16:17.150`) +* [CVE-2023-3202](CVE-2023/CVE-2023-32xx/CVE-2023-3202.json) (`2023-07-19T17:21:53.547`) +* [CVE-2023-33170](CVE-2023/CVE-2023-331xx/CVE-2023-33170.json) (`2023-07-19T17:25:39.773`) +* [CVE-2023-33173](CVE-2023/CVE-2023-331xx/CVE-2023-33173.json) (`2023-07-19T17:27:22.683`) +* [CVE-2023-33174](CVE-2023/CVE-2023-331xx/CVE-2023-33174.json) (`2023-07-19T17:28:11.077`) +* [CVE-2023-3166](CVE-2023/CVE-2023-31xx/CVE-2023-3166.json) (`2023-07-19T17:39:27.673`) +* [CVE-2023-25194](CVE-2023/CVE-2023-251xx/CVE-2023-25194.json) (`2023-07-19T17:42:24.030`) +* [CVE-2023-3158](CVE-2023/CVE-2023-31xx/CVE-2023-3158.json) (`2023-07-19T17:43:47.977`) +* [CVE-2023-3167](CVE-2023/CVE-2023-31xx/CVE-2023-3167.json) (`2023-07-19T17:46:13.803`) +* [CVE-2023-37198](CVE-2023/CVE-2023-371xx/CVE-2023-37198.json) (`2023-07-19T17:52:50.213`) +* [CVE-2023-29298](CVE-2023/CVE-2023-292xx/CVE-2023-29298.json) (`2023-07-19T17:55:22.400`) +* [CVE-2023-37197](CVE-2023/CVE-2023-371xx/CVE-2023-37197.json) (`2023-07-19T17:55:59.233`) +* [CVE-2023-37196](CVE-2023/CVE-2023-371xx/CVE-2023-37196.json) (`2023-07-19T17:56:49.593`) ## Download and Usage