admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-08 19:47:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-10-10T20:00:25.815099+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-10-10 20:00:29 +00:00
parent c2318323c7
commit 421f71b37e
135 changed files with 6357 additions and 130 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

75
CVE-2022/CVE-2022-331xx/CVE-2022-33160.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2022-33160", "id": "CVE-2022-33160",
"sourceIdentifier": "psirt@us.ibm.com", "sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-10-06T22:15:11.523", "published": "2023-10-06T22:15:11.523",
"lastModified": "2023-10-06T22:23:04.467", "lastModified": "2023-10-10T19:33:22.613",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "IBM Security Directory Suite 8.0.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 228568." "value": "IBM Security Directory Suite 8.0.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 228568."
},
{
"lang": "es",
"value": "IBM Security Directory Suite 8.0.1 utiliza algoritmos criptogr\u00e1ficos m\u00e1s d\u00e9biles de lo esperado que podr\u00edan permitir a un atacante descifrar informaci\u00f3n altamente confidencial. ID de IBM X-Force: 228568."
} }
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{ {
"source": "psirt@us.ibm.com", "source": "psirt@us.ibm.com",
"type": "Secondary", "type": "Secondary",
@ -35,6 +59,16 @@
] ]
}, },
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-327"
}
]
},
{ {
"source": "psirt@us.ibm.com", "source": "psirt@us.ibm.com",
"type": "Secondary", "type": "Secondary",
@ -46,14 +80,39 @@
] ]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/228568", "nodes": [
"source": "psirt@us.ibm.com"
},
{ {
"url": "https://www.ibm.com/support/pages/node/7047071", "operator": "OR",
"source": "psirt@us.ibm.com" "negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:security_directory_suite_va:8.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F6B38056-9151-4F19-8D67-C815C28ABB66"
}
]
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/228568",
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
]
},
{
"url": "https://www.ibm.com/support/pages/node/7047071",
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
]
} }
] ]
} }

130
CVE-2023/CVE-2023-225xx/CVE-2023-22515.json
View File

@ -2,15 +2,45 @@
"id": "CVE-2023-22515", "id": "CVE-2023-22515",
"sourceIdentifier": "security@atlassian.com", "sourceIdentifier": "security@atlassian.com",
"published": "2023-10-04T14:15:10.440", "published": "2023-10-04T14:15:10.440",
"lastModified": "2023-10-04T14:16:47.647", "lastModified": "2023-10-10T19:22:02.770",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cisaExploitAdd": "2023-10-05",
"cisaActionDue": "2023-10-26",
"cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"cisaVulnerabilityName": "Atlassian Confluence Data Center and Server Privilege Escalation Vulnerability",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Atlassian has been made aware of an issue reported by a handful of customers where external attackers may have exploited a previously unknown vulnerability in publicly accessible Confluence Data Center and Server instances to create unauthorized Confluence administrator accounts and access Confluence instances.\n\nAtlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue. \n\nFor more details, please review the linked advisory on this CVE." "value": "Atlassian has been made aware of an issue reported by a handful of customers where external attackers may have exploited a previously unknown vulnerability in publicly accessible Confluence Data Center and Server instances to create unauthorized Confluence administrator accounts and access Confluence instances.\n\nAtlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue. \n\nFor more details, please review the linked advisory on this CVE."
},
{
"lang": "es",
"value": "Atlassian ha sido informado de un problema por un pu\u00f1ado de clientes que atacantes externos pueden haber explotado una vulnerabilidad previamente desconocida en instancias de Confluence Data Center y Server de acceso p\u00fablico para crear cuentas de administrador de Confluence no autorizadas y acceder a instancias de Confluence. Los sitios de Atlassian Cloud no se ven afectados por esta vulnerabilidad. Si se accede a su sitio de Confluence a trav\u00e9s de un dominio atlassian.net, est\u00e1 alojado en Atlassian y no es vulnerable a este problema. Para obtener m\u00e1s detalles, revise el aviso vinculado sobre este CVE."
} }
], ],
"metrics": { "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV30": [ "cvssMetricV30": [
{ {
"source": "security@atlassian.com", "source": "security@atlassian.com",
@ -34,18 +64,94 @@
} }
] ]
}, },
"references": [ "weaknesses": [
{ {
"url": "https://confluence.atlassian.com/display/KB/FAQ+for+CVE-2023-22515", "source": "nvd@nist.gov",
"source": "security@atlassian.com" "type": "Primary",
}, "description": [
{ {
"url": "https://confluence.atlassian.com/pages/viewpage.action?pageId=1295682276", "lang": "en",
"source": "security@atlassian.com" "value": "NVD-CWE-noinfo"
}, }
{ ]
"url": "https://jira.atlassian.com/browse/CONFSERVER-92457", }
"source": "security@atlassian.com" ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.0.0",
"versionEndExcluding": "8.3.3",
"matchCriteriaId": "85B2AD9F-CBA6-4559-9AE3-5F76A9EC3B7F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.4.0",
"versionEndExcluding": "8.4.3",
"matchCriteriaId": "38F9918D-6848-4CD6-8096-4FB48C23818B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.5.0",
"versionEndExcluding": "8.5.2",
"matchCriteriaId": "8D646BCF-214F-449D-AEEB-B253E8715394"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.0.0",
"versionEndExcluding": "8.3.3",
"matchCriteriaId": "970A3DA7-5114-4696-A93D-C3D5AFF5C6C5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.4.0",
"versionEndExcluding": "8.4.3",
"matchCriteriaId": "A2EB19CD-AE29-4775-91C5-05B01A96AC6C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.5.0",
"versionEndExcluding": "8.5.2",
"matchCriteriaId": "79229BE7-0AA0-4308-8BB2-8FB11E8B9AD7"
}
]
}
]
}
],
"references": [
{
"url": "https://confluence.atlassian.com/display/KB/FAQ+for+CVE-2023-22515",
"source": "security@atlassian.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://confluence.atlassian.com/pages/viewpage.action?pageId=1295682276",
"source": "security@atlassian.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://jira.atlassian.com/browse/CONFSERVER-92457",
"source": "security@atlassian.com",
"tags": [
"Issue Tracking",
"Permissions Required"
]
} }
] ]
} }

66
CVE-2023/CVE-2023-233xx/CVE-2023-23365.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-23365", "id": "CVE-2023-23365",
"sourceIdentifier": "security@qnapsecurity.com.tw", "sourceIdentifier": "security@qnapsecurity.com.tw",
"published": "2023-10-06T17:15:11.737", "published": "2023-10-06T17:15:11.737",
"lastModified": "2023-10-06T19:41:01.643", "lastModified": "2023-10-10T19:35:30.007",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "A path traversal vulnerability has been reported to affect Music Station. If exploited, the vulnerability could allow authenticated users to read the contents of unexpected files and expose sensitive data via a network.\n\nWe have already fixed the vulnerability in the following version:\nMusic Station 5.3.22 and later\n" "value": "A path traversal vulnerability has been reported to affect Music Station. If exploited, the vulnerability could allow authenticated users to read the contents of unexpected files and expose sensitive data via a network.\n\nWe have already fixed the vulnerability in the following version:\nMusic Station 5.3.22 and later\n"
},
{
"lang": "es",
"value": "Se ha informado que una vulnerabilidad de path traversal afecta a Music Station. Si se explota, la vulnerabilidad podr\u00eda permitir a los usuarios autenticados leer el contenido de archivos inesperados y exponer datos confidenciales a trav\u00e9s de una red. Ya hemos solucionado la vulnerabilidad en la siguiente versi\u00f3n: Music Station 5.3.22 y posteriores"
} }
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{ {
"source": "security@qnapsecurity.com.tw", "source": "security@qnapsecurity.com.tw",
"type": "Secondary", "type": "Secondary",
@ -35,6 +59,16 @@
] ]
}, },
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
},
{ {
"source": "security@qnapsecurity.com.tw", "source": "security@qnapsecurity.com.tw",
"type": "Secondary", "type": "Secondary",
@ -50,10 +84,32 @@
] ]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://www.qnap.com/en/security-advisory/qsa-23-28", "nodes": [
"source": "security@qnapsecurity.com.tw" {
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qnap:music_station:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.3.0",
"versionEndExcluding": "5.3.22",
"matchCriteriaId": "6D744B4C-476F-4FFF-A9B0-00A0B9F3E4B2"
}
]
}
]
}
],
"references": [
{
"url": "https://www.qnap.com/en/security-advisory/qsa-23-28",
"source": "security@qnapsecurity.com.tw",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

66
CVE-2023/CVE-2023-233xx/CVE-2023-23366.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-23366", "id": "CVE-2023-23366",
"sourceIdentifier": "security@qnapsecurity.com.tw", "sourceIdentifier": "security@qnapsecurity.com.tw",
"published": "2023-10-06T17:15:11.840", "published": "2023-10-06T17:15:11.840",
"lastModified": "2023-10-06T19:41:01.643", "lastModified": "2023-10-10T19:35:17.273",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "A path traversal vulnerability has been reported to affect Music Station. If exploited, the vulnerability could allow authenticated users to read the contents of unexpected files and expose sensitive data via a network.\n\nWe have already fixed the vulnerability in the following version:\nMusic Station 5.3.22 and later\n" "value": "A path traversal vulnerability has been reported to affect Music Station. If exploited, the vulnerability could allow authenticated users to read the contents of unexpected files and expose sensitive data via a network.\n\nWe have already fixed the vulnerability in the following version:\nMusic Station 5.3.22 and later\n"
},
{
"lang": "es",
"value": "Se ha informado que una vulnerabilidad de path traversal afecta a Music Station. Si se explota, la vulnerabilidad podr\u00eda permitir a los usuarios autenticados leer el contenido de archivos inesperados y exponer datos confidenciales a trav\u00e9s de una red. Ya hemos solucionado la vulnerabilidad en la siguiente versi\u00f3n: Music Station 5.3.22 y posteriores"
} }
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{ {
"source": "security@qnapsecurity.com.tw", "source": "security@qnapsecurity.com.tw",
"type": "Secondary", "type": "Secondary",
@ -35,6 +59,16 @@
] ]
}, },
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
},
{ {
"source": "security@qnapsecurity.com.tw", "source": "security@qnapsecurity.com.tw",
"type": "Secondary", "type": "Secondary",
@ -50,10 +84,32 @@
] ]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://www.qnap.com/en/security-advisory/qsa-23-28", "nodes": [
"source": "security@qnapsecurity.com.tw" {
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qnap:music_station:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.3.0",
"versionEndExcluding": "5.3.22",
"matchCriteriaId": "6D744B4C-476F-4FFF-A9B0-00A0B9F3E4B2"
}
]
}
]
}
],
"references": [
{
"url": "https://www.qnap.com/en/security-advisory/qsa-23-28",
"source": "security@qnapsecurity.com.tw",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

56
CVE-2023/CVE-2023-23xx/CVE-2023-2306.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-2306", "id": "CVE-2023-2306",
"sourceIdentifier": "ics-cert@hq.dhs.gov", "sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2023-10-05T17:15:11.373", "published": "2023-10-05T17:15:11.373",
"lastModified": "2023-10-05T19:13:42.317", "lastModified": "2023-10-10T19:28:52.517",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "\n\n\n\n\nQognify NiceVision versions 3.1 and prior are vulnerable to exposing sensitive information using hard-coded credentials. With these credentials an attacker can retrieve information about the cameras, user information, and modify database records.\n\n\n\n\n" "value": "\n\n\n\n\nQognify NiceVision versions 3.1 and prior are vulnerable to exposing sensitive information using hard-coded credentials. With these credentials an attacker can retrieve information about the cameras, user information, and modify database records.\n\n\n\n\n"
},
{
"lang": "es",
"value": "Las versiones 3.1 y anteriores de Qognify NiceVision son vulnerables a la exposici\u00f3n de informaci\u00f3n confidencial mediante credenciales codificadas. Con estas credenciales, un atacante puede recuperar informaci\u00f3n sobre las c\u00e1maras, informaci\u00f3n del usuario y modificar registros de la base de datos."
} }
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2
},
{ {
"source": "ics-cert@hq.dhs.gov", "source": "ics-cert@hq.dhs.gov",
"type": "Secondary", "type": "Secondary",
@ -46,10 +70,32 @@
] ]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-278-02", "nodes": [
"source": "ics-cert@hq.dhs.gov" {
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qognify:nicevision:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.1",
"matchCriteriaId": "6354A1C6-107B-4CC9-BA9F-CEFB5AD4B6C6"
}
]
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-278-02",
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
]
} }
] ]
} }

43
CVE-2023/CVE-2023-293xx/CVE-2023-29348.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-29348",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:11.830",
"lastModified": "2023-10-10T18:21:21.487",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Windows Remote Desktop Gateway (RD Gateway) Information Disclosure Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29348",
"source": "secure@microsoft.com"
}
]
}

24
CVE-2023/CVE-2023-310xx/CVE-2023-31096.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-31096",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-10T19:15:09.530",
"lastModified": "2023-10-10T19:37:40.180",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Broadcom) LSI PCI-SV92EX Soft Modem Kernel Driver through 2.2.100.1 (aka AGRSM64.sys). There is Local Privilege Escalation to SYSTEM via a Stack Overflow in RTLCopyMemory (IOCTL 0x1b2150). An attacker can exploit this to elevate privileges from a medium-integrity process to SYSTEM. This can also be used to bypass kernel-level protections such as AV or PPL, because exploit code runs with high-integrity privileges and can be used in coordinated BYOVD (bring your own vulnerable driver) ransomware campaigns."
}
],
"metrics": {},
"references": [
{
"url": "https://cschwarz1.github.io/posts/0x04/",
"source": "cve@mitre.org"
},
{
"url": "https://www.broadcom.com",
"source": "cve@mitre.org"
}
]
}

43
CVE-2023/CVE-2023-353xx/CVE-2023-35349.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-35349",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:11.923",
"lastModified": "2023-10-10T18:21:21.487",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Message Queuing Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35349",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-364xx/CVE-2023-36414.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36414",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:12.000",
"lastModified": "2023-10-10T18:21:21.487",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Azure Identity SDK Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36414",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-364xx/CVE-2023-36415.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36415",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:12.070",
"lastModified": "2023-10-10T18:21:21.487",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Azure Identity SDK Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36415",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-364xx/CVE-2023-36416.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36416",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:12.127",
"lastModified": "2023-10-10T18:21:21.487",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36416",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-364xx/CVE-2023-36417.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36417",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:12.190",
"lastModified": "2023-10-10T18:21:21.487",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Microsoft SQL ODBC Driver Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36417",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-364xx/CVE-2023-36418.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36418",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:12.247",
"lastModified": "2023-10-10T18:21:21.487",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Azure RTOS GUIX Studio Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36418",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-364xx/CVE-2023-36419.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36419",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:12.300",
"lastModified": "2023-10-10T18:21:21.487",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Azure HDInsight Apache Oozie Workflow Scheduler Elevation of Privilege Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36419",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-364xx/CVE-2023-36420.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36420",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:12.363",
"lastModified": "2023-10-10T18:21:15.910",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.3,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36420",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-364xx/CVE-2023-36429.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36429",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:12.430",
"lastModified": "2023-10-10T18:21:15.910",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36429",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-364xx/CVE-2023-36431.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36431",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:12.497",
"lastModified": "2023-10-10T18:21:15.910",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Message Queuing Denial of Service Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36431",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-364xx/CVE-2023-36433.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36433",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:12.557",
"lastModified": "2023-10-10T18:21:15.910",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36433",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-364xx/CVE-2023-36434.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36434",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:12.617",
"lastModified": "2023-10-10T18:21:15.910",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Windows IIS Server Elevation of Privilege Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36434",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-364xx/CVE-2023-36435.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36435",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:12.680",
"lastModified": "2023-10-10T18:21:15.910",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Microsoft QUIC Denial of Service Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36435",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-364xx/CVE-2023-36436.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36436",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:12.737",
"lastModified": "2023-10-10T18:21:15.910",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Windows MSHTML Platform Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36436",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-364xx/CVE-2023-36438.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36438",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:12.803",
"lastModified": "2023-10-10T18:21:15.910",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Windows TCP/IP Information Disclosure Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36438",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-365xx/CVE-2023-36557.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36557",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:12.867",
"lastModified": "2023-10-10T18:21:15.910",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "PrintHTML API Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36557",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-365xx/CVE-2023-36561.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36561",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:12.930",
"lastModified": "2023-10-10T18:21:15.910",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Azure DevOps Server Elevation of Privilege Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36561",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-365xx/CVE-2023-36563.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36563",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:13.003",
"lastModified": "2023-10-10T18:21:15.910",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Microsoft WordPad Information Disclosure Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36563",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-365xx/CVE-2023-36564.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36564",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:13.070",
"lastModified": "2023-10-10T18:21:15.910",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Windows Search Security Feature Bypass Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36564",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-365xx/CVE-2023-36565.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36565",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:13.137",
"lastModified": "2023-10-10T18:21:15.910",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Office Graphics Elevation of Privilege Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36565",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-365xx/CVE-2023-36566.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36566",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:13.200",
"lastModified": "2023-10-10T18:21:15.910",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Common Data Model SDK Denial of Service Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36566",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-365xx/CVE-2023-36567.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36567",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:13.260",
"lastModified": "2023-10-10T18:21:15.910",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Windows Deployment Services Information Disclosure Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36567",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-365xx/CVE-2023-36568.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36568",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:13.323",
"lastModified": "2023-10-10T18:21:15.910",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Office Click-To-Run Elevation of Privilege Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36568",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-365xx/CVE-2023-36569.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36569",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:13.387",
"lastModified": "2023-10-10T18:21:15.910",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Office Elevation of Privilege Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.5,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36569",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-365xx/CVE-2023-36570.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36570",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:13.450",
"lastModified": "2023-10-10T18:21:15.910",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Message Queuing Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.3,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36570",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-365xx/CVE-2023-36571.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36571",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:13.510",
"lastModified": "2023-10-10T18:21:15.910",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Message Queuing Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.3,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36571",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-365xx/CVE-2023-36572.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36572",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:13.573",
"lastModified": "2023-10-10T18:21:15.910",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Message Queuing Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.3,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36572",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-365xx/CVE-2023-36573.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36573",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:13.637",
"lastModified": "2023-10-10T18:21:10.523",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Message Queuing Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.3,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36573",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-365xx/CVE-2023-36574.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36574",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:13.697",
"lastModified": "2023-10-10T18:21:10.523",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Message Queuing Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.3,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36574",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-365xx/CVE-2023-36575.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36575",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:13.757",
"lastModified": "2023-10-10T18:21:10.523",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Message Queuing Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.3,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36575",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-365xx/CVE-2023-36576.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36576",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:13.823",
"lastModified": "2023-10-10T18:21:10.523",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Windows Kernel Information Disclosure Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36576",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-365xx/CVE-2023-36577.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36577",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:13.887",
"lastModified": "2023-10-10T18:21:10.523",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36577",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-365xx/CVE-2023-36578.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36578",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:13.950",
"lastModified": "2023-10-10T18:21:10.523",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Message Queuing Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.3,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36578",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-365xx/CVE-2023-36579.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36579",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:14.027",
"lastModified": "2023-10-10T18:21:10.523",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Message Queuing Denial of Service Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36579",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-365xx/CVE-2023-36581.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36581",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:14.090",
"lastModified": "2023-10-10T18:21:10.523",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Message Queuing Denial of Service Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36581",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-365xx/CVE-2023-36582.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36582",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:14.153",
"lastModified": "2023-10-10T18:21:10.523",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Message Queuing Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.3,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36582",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-365xx/CVE-2023-36583.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36583",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:14.217",
"lastModified": "2023-10-10T18:21:10.523",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Message Queuing Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.3,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36583",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-365xx/CVE-2023-36584.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36584",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:14.280",
"lastModified": "2023-10-10T18:21:10.523",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Windows Mark of the Web Security Feature Bypass Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36584",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-365xx/CVE-2023-36585.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36585",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:14.343",
"lastModified": "2023-10-10T18:21:10.523",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Active Template Library Denial of Service Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36585",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-365xx/CVE-2023-36589.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36589",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:14.407",
"lastModified": "2023-10-10T18:21:10.523",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Message Queuing Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.3,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36589",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-365xx/CVE-2023-36590.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36590",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:14.470",
"lastModified": "2023-10-10T18:21:10.523",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Message Queuing Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.3,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36590",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-365xx/CVE-2023-36591.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36591",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:14.530",
"lastModified": "2023-10-10T18:21:10.523",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Message Queuing Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.3,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36591",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-365xx/CVE-2023-36592.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36592",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:14.590",
"lastModified": "2023-10-10T18:21:10.523",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Message Queuing Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.3,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36592",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-365xx/CVE-2023-36593.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36593",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:14.650",
"lastModified": "2023-10-10T18:21:10.523",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Message Queuing Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36593",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-365xx/CVE-2023-36594.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36594",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:14.717",
"lastModified": "2023-10-10T18:21:10.523",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Windows Graphics Component Elevation of Privilege Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36594",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-365xx/CVE-2023-36596.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36596",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:14.783",
"lastModified": "2023-10-10T18:21:10.523",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Remote Procedure Call Information Disclosure Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36596",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-365xx/CVE-2023-36598.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36598",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:14.847",
"lastModified": "2023-10-10T18:21:10.523",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Microsoft WDAC ODBC Driver Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36598",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-366xx/CVE-2023-36602.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36602",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:14.910",
"lastModified": "2023-10-10T18:21:04.527",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Windows TCP/IP Denial of Service Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36602",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-366xx/CVE-2023-36603.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36603",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:14.973",
"lastModified": "2023-10-10T18:21:04.527",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Windows TCP/IP Denial of Service Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36603",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-366xx/CVE-2023-36605.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36605",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:15.047",
"lastModified": "2023-10-10T18:21:04.527",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Windows Named Pipe Filesystem Elevation of Privilege Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.4,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36605",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-366xx/CVE-2023-36606.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36606",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:15.110",
"lastModified": "2023-10-10T18:21:04.527",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Message Queuing Denial of Service Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36606",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-366xx/CVE-2023-36697.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36697",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:15.173",
"lastModified": "2023-10-10T18:21:04.527",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Message Queuing Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36697",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-366xx/CVE-2023-36698.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36698",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:15.250",
"lastModified": "2023-10-10T18:21:04.527",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Windows Kernel Security Feature Bypass Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 3.6,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.0,
"impactScore": 2.5
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36698",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-367xx/CVE-2023-36701.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36701",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:15.337",
"lastModified": "2023-10-10T18:21:04.527",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Resilient File System (ReFS) Elevation of Privilege Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36701",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-367xx/CVE-2023-36702.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36702",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:15.410",
"lastModified": "2023-10-10T18:21:04.527",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Microsoft DirectMusic Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36702",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-367xx/CVE-2023-36703.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36703",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:15.483",
"lastModified": "2023-10-10T18:21:04.527",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "DHCP Server Service Denial of Service Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36703",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-367xx/CVE-2023-36704.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36704",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:15.547",
"lastModified": "2023-10-10T18:21:04.527",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Windows Setup Files Cleanup Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36704",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-367xx/CVE-2023-36706.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36706",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:15.607",
"lastModified": "2023-10-10T18:21:04.527",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Windows Deployment Services Information Disclosure Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36706",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-367xx/CVE-2023-36707.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36707",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:15.667",
"lastModified": "2023-10-10T18:21:04.527",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Windows Deployment Services Denial of Service Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36707",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-367xx/CVE-2023-36709.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36709",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:15.733",
"lastModified": "2023-10-10T18:21:04.527",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Microsoft AllJoyn API Denial of Service Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36709",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-367xx/CVE-2023-36710.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36710",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:15.797",
"lastModified": "2023-10-10T18:21:04.527",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Windows Media Foundation Core Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36710",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-367xx/CVE-2023-36711.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36711",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:16.243",
"lastModified": "2023-10-10T18:21:04.527",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Windows Runtime C++ Template Library Elevation of Privilege Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36711",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-367xx/CVE-2023-36712.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36712",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:16.307",
"lastModified": "2023-10-10T18:21:04.527",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Windows Kernel Elevation of Privilege Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36712",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-367xx/CVE-2023-36713.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36713",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:16.370",
"lastModified": "2023-10-10T18:21:04.527",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Windows Common Log File System Driver Information Disclosure Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36713",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-367xx/CVE-2023-36717.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36717",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:16.433",
"lastModified": "2023-10-10T18:21:04.527",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Windows Virtual Trusted Platform Module Denial of Service Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.0,
"impactScore": 4.0
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36717",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-367xx/CVE-2023-36718.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36718",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:16.493",
"lastModified": "2023-10-10T18:21:04.527",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Virtual Trusted Platform Module Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.1,
"impactScore": 6.0
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36718",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-367xx/CVE-2023-36720.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36720",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:16.557",
"lastModified": "2023-10-10T18:21:04.527",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Windows Mixed Reality Developer Tools Denial of Service Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36720",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-367xx/CVE-2023-36721.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36721",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:16.620",
"lastModified": "2023-10-10T18:20:58.777",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Windows Error Reporting Service Elevation of Privilege Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36721",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-367xx/CVE-2023-36722.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36722",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:16.680",
"lastModified": "2023-10-10T18:20:58.777",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Active Directory Domain Services Information Disclosure Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.7,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36722",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-367xx/CVE-2023-36723.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36723",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:16.743",
"lastModified": "2023-10-10T18:20:58.777",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Windows Container Manager Service Elevation of Privilege Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36723",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-367xx/CVE-2023-36724.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36724",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:16.807",
"lastModified": "2023-10-10T18:20:58.777",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Windows Power Management Service Information Disclosure Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36724",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-367xx/CVE-2023-36725.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36725",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:16.883",
"lastModified": "2023-10-10T18:20:58.777",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Windows Kernel Elevation of Privilege Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36725",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-367xx/CVE-2023-36726.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36726",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:16.967",
"lastModified": "2023-10-10T18:20:58.777",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Windows Internet Key Exchange (IKE) Extension Elevation of Privilege Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36726",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-367xx/CVE-2023-36728.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36728",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:17.030",
"lastModified": "2023-10-10T18:20:58.777",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Microsoft SQL Server Denial of Service Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36728",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-367xx/CVE-2023-36729.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36729",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:17.100",
"lastModified": "2023-10-10T18:20:58.777",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Named Pipe File System Elevation of Privilege Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36729",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-367xx/CVE-2023-36730.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36730",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:17.160",
"lastModified": "2023-10-10T18:20:58.777",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36730",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-367xx/CVE-2023-36731.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36731",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:17.227",
"lastModified": "2023-10-10T18:20:58.777",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Win32k Elevation of Privilege Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36731",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-367xx/CVE-2023-36732.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36732",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:17.287",
"lastModified": "2023-10-10T18:20:58.777",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Win32k Elevation of Privilege Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36732",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-367xx/CVE-2023-36737.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36737",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:17.347",
"lastModified": "2023-10-10T18:20:58.777",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Azure Network Watcher VM Agent Elevation of Privilege Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36737",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-367xx/CVE-2023-36743.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36743",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:17.407",
"lastModified": "2023-10-10T18:20:58.777",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Win32k Elevation of Privilege Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36743",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-367xx/CVE-2023-36776.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36776",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:17.467",
"lastModified": "2023-10-10T18:20:58.777",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Win32k Elevation of Privilege Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36776",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-367xx/CVE-2023-36778.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36778",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:17.523",
"lastModified": "2023-10-10T18:20:58.777",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Exchange Server Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.1,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36778",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-367xx/CVE-2023-36780.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36780",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:17.587",
"lastModified": "2023-10-10T18:20:58.777",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Skype for Business Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36780",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-367xx/CVE-2023-36785.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36785",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:17.650",
"lastModified": "2023-10-10T18:20:58.777",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36785",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-367xx/CVE-2023-36786.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36786",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:17.710",
"lastModified": "2023-10-10T18:20:58.777",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Skype for Business Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36786",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-367xx/CVE-2023-36789.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36789",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:17.767",
"lastModified": "2023-10-10T18:20:58.777",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Skype for Business Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36789",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-367xx/CVE-2023-36790.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36790",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:17.827",
"lastModified": "2023-10-10T18:20:58.777",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Windows RDP Encoder Mirror Driver Elevation of Privilege Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36790",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-369xx/CVE-2023-36902.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36902",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:17.890",
"lastModified": "2023-10-10T18:20:50.797",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Windows Runtime Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36902",
"source": "secure@microsoft.com"
}
]
}

65
CVE-2023/CVE-2023-36xx/CVE-2023-3665.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-3665", "id": "CVE-2023-3665",
"sourceIdentifier": "trellixpsirt@trellix.com", "sourceIdentifier": "trellixpsirt@trellix.com",
"published": "2023-10-04T15:15:12.360", "published": "2023-10-04T15:15:12.360",
"lastModified": "2023-10-04T15:53:23.283", "lastModified": "2023-10-10T19:11:44.630",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "\nA code injection vulnerability in Trellix ENS 10.7.0 April 2023 release and earlier, allowed a local user to disable the ENS AMSI component via environment variables,\nleading to denial of service and or the execution of arbitrary code.\n\n" "value": "\nA code injection vulnerability in Trellix ENS 10.7.0 April 2023 release and earlier, allowed a local user to disable the ENS AMSI component via environment variables,\nleading to denial of service and or the execution of arbitrary code.\n\n"
},
{
"lang": "es",
"value": "Una vulnerabilidad de inyecci\u00f3n de c\u00f3digo en Trellix ENS 10.7.0 de abril de 2023 y versiones anteriores permiti\u00f3 a un usuario local deshabilitar el componente ENS AMSI a trav\u00e9s de variables de entorno, lo que provoc\u00f3 la denegaci\u00f3n de servicio o la ejecuci\u00f3n de c\u00f3digo arbitrario."
} }
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{ {
"source": "trellixpsirt@trellix.com", "source": "trellixpsirt@trellix.com",
"type": "Secondary", "type": "Secondary",
@ -35,6 +59,16 @@
] ]
}, },
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
},
{ {
"source": "trellixpsirt@trellix.com", "source": "trellixpsirt@trellix.com",
"type": "Secondary", "type": "Secondary",
@ -46,10 +80,31 @@
] ]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://kcm.trellix.com/corporate/index?page=content&id=SB10405", "nodes": [
"source": "trellixpsirt@trellix.com" {
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:trellix:endpoint_security:*:*:*:*:*:*:*:*",
"versionEndIncluding": "10.7.0",
"matchCriteriaId": "0C5D96D4-8748-42BA-BBFC-50D0F422FD50"
}
]
}
]
}
],
"references": [
{
"url": "https://kcm.trellix.com/corporate/index?page=content&id=SB10405",
"source": "trellixpsirt@trellix.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

43
CVE-2023/CVE-2023-381xx/CVE-2023-38159.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-38159",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:17.957",
"lastModified": "2023-10-10T18:20:50.797",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Windows Graphics Component Elevation of Privilege Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38159",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-381xx/CVE-2023-38166.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-38166",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:18.017",
"lastModified": "2023-10-10T18:20:50.797",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Layer 2 Tunneling Protocol Remote Code Execution Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38166",
"source": "secure@microsoft.com"
}
]
}

43
CVE-2023/CVE-2023-381xx/CVE-2023-38171.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-38171",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:18.087",
"lastModified": "2023-10-10T18:20:50.797",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Microsoft QUIC Denial of Service Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38171",
"source": "secure@microsoft.com"
}
]
}

69
CVE-2023/CVE-2023-399xx/CVE-2023-39928.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-39928", "id": "CVE-2023-39928",
"sourceIdentifier": "talos-cna@cisco.com", "sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-10-06T16:15:13.223", "published": "2023-10-06T16:15:13.223",
"lastModified": "2023-10-09T15:15:09.890", "lastModified": "2023-10-10T19:37:06.347",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -16,6 +16,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{ {
"source": "talos-cna@cisco.com", "source": "talos-cna@cisco.com",
"type": "Secondary", "type": "Secondary",
@ -39,6 +59,16 @@
] ]
}, },
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
},
{ {
"source": "talos-cna@cisco.com", "source": "talos-cna@cisco.com",
"type": "Secondary", "type": "Secondary",
@ -50,14 +80,37 @@
] ]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1831", "nodes": [
"source": "talos-cna@cisco.com"
},
{ {
"url": "https://webkitgtk.org/security/WSA-2023-0009.html", "operator": "OR",
"source": "talos-cna@cisco.com" "negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:webkitgtk:webkitgtk:2.40.5:*:*:*:*:*:*:*",
"matchCriteriaId": "31CB68F9-C6F2-4E7C-9D0D-1E53ACB0A828"
}
]
}
]
}
],
"references": [
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1831",
"source": "talos-cna@cisco.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://webkitgtk.org/security/WSA-2023-0009.html",
"source": "talos-cna@cisco.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

Some files were not shown because too many files have changed in this diff Show More