Auto-Update: 2023-10-12T08:00:25.693955+00:00

CVE-2023/CVE-2023-294xx/CVE-2023-29453.json

@@ -0,0 +1,55 @@
+{
+  "id": "CVE-2023-29453",
+  "sourceIdentifier": "security@zabbix.com",
+  "published": "2023-10-12T06:15:13.077",
+  "lastModified": "2023-10-12T06:15:13.077",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Templates do not properly consider backticks (`) as Javascript string delimiters, and do not escape them as expected. Backticks are used, since ES6, for JS template literals. If a template contains a Go template action within a Javascript template literal, the contents of the action can be used to terminate the literal, injecting arbitrary Javascript code into the Go template. As ES6 template literals are rather complex, and themselves can do string interpolation, the decision was made to simply disallow Go template actions from being used inside of them (e.g., \"var a = {{.}}\"), since there is no obviously safe way to allow this behavior. This takes the same approach as github.com/google/safehtml. With fix, Template. Parse returns an Error when it encounters templates like this, with an ErrorCode of value 12. This ErrorCode is currently unexported but will be exported in the release of Go 1.21. Users who rely on the previous behavior can re-enable it using the GODEBUG flag jstmpllitinterp=1, with the caveat that backticks will now be escaped. This should be used with caution."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security@zabbix.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH",
+          "baseScore": 9.8,
+          "baseSeverity": "CRITICAL"
+        },
+        "exploitabilityScore": 3.9,
+        "impactScore": 5.9
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security@zabbix.com",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-94"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://support.zabbix.com/browse/ZBX-23388",
+      "source": "security@zabbix.com"
+    }
+  ]
+}

CVE-2023/CVE-2023-327xx/CVE-2023-32721.json

@@ -0,0 +1,55 @@
+{
+  "id": "CVE-2023-32721",
+  "sourceIdentifier": "security@zabbix.com",
+  "published": "2023-10-12T07:15:09.677",
+  "lastModified": "2023-10-12T07:15:09.677",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A stored XSS has been found in the Zabbix web application in the Maps element if a URL field is set with spaces before URL."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security@zabbix.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:H/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "REQUIRED",
+          "scope": "CHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "NONE",
+          "baseScore": 7.6,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 2.3,
+        "impactScore": 4.7
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security@zabbix.com",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-20"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://support.zabbix.com/browse/ZBX-23389",
+      "source": "security@zabbix.com"
+    }
+  ]
+}

CVE-2023/CVE-2023-327xx/CVE-2023-32722.json

@@ -0,0 +1,55 @@
+{
+  "id": "CVE-2023-32722",
+  "sourceIdentifier": "security@zabbix.com",
+  "published": "2023-10-12T07:15:10.217",
+  "lastModified": "2023-10-12T07:15:10.217",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The zabbix/src/libs/zbxjson module is vulnerable to a buffer overflow when parsing JSON files via zbx_json_open."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security@zabbix.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "REQUIRED",
+          "scope": "CHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH",
+          "baseScore": 9.6,
+          "baseSeverity": "CRITICAL"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 6.0
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security@zabbix.com",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-120"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://support.zabbix.com/browse/ZBX-23390",
+      "source": "security@zabbix.com"
+    }
+  ]
+}

CVE-2023/CVE-2023-327xx/CVE-2023-32723.json

@@ -0,0 +1,55 @@
+{
+  "id": "CVE-2023-32723",
+  "sourceIdentifier": "security@zabbix.com",
+  "published": "2023-10-12T07:15:10.620",
+  "lastModified": "2023-10-12T07:15:10.620",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Request to LDAP is sent before user permissions are checked."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security@zabbix.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "CHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "NONE",
+          "baseScore": 8.5,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 3.1,
+        "impactScore": 4.7
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security@zabbix.com",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-732"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://support.zabbix.com/browse/ZBX-23230",
+      "source": "security@zabbix.com"
+    }
+  ]
+}

CVE-2023/CVE-2023-327xx/CVE-2023-32724.json

@@ -0,0 +1,55 @@
+{
+  "id": "CVE-2023-32724",
+  "sourceIdentifier": "security@zabbix.com",
+  "published": "2023-10-12T07:15:10.713",
+  "lastModified": "2023-10-12T07:15:10.713",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Memory pointer is in a property of the Ducktape object. This leads to multiple vulnerabilities related to direct memory access and manipulation."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security@zabbix.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:H",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "CHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "HIGH",
+          "baseScore": 9.1,
+          "baseSeverity": "CRITICAL"
+        },
+        "exploitabilityScore": 3.1,
+        "impactScore": 5.3
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security@zabbix.com",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-732"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://support.zabbix.com/browse/ZBX-23391",
+      "source": "security@zabbix.com"
+    }
+  ]
+}

CVE-2023/CVE-2023-408xx/CVE-2023-40833.json

@@ -0,0 +1,20 @@
+{
+  "id": "CVE-2023-40833",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2023-10-12T06:15:14.330",
+  "lastModified": "2023-10-12T06:15:14.330",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "An issue in Thecosy IceCMS v.1.0.0 allows a remote attacker to gain privileges via the Id and key parameters in getCosSetting."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://gist.github.com/Sholway/93f05987dbf35c15c26de32b1e5590ec",
+      "source": "cve@mitre.org"
+    }
+  ]
+}

CVE-2023/CVE-2023-54xx/CVE-2023-5470.json

@@ -0,0 +1,67 @@
+{
+  "id": "CVE-2023-5470",
+  "sourceIdentifier": "security@wordfence.com",
+  "published": "2023-10-12T07:15:11.120",
+  "lastModified": "2023-10-12T07:15:11.120",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The Etsy Shop plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'etsy-shop' shortcode in versions up to, and including, 3.0.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security@wordfence.com",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "CHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE",
+          "baseScore": 6.4,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 3.1,
+        "impactScore": 2.7
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security@wordfence.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-79"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://plugins.trac.wordpress.org/browser/etsy-shop/tags/3.0.4/etsy-shop.php#L417",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://plugins.trac.wordpress.org/browser/etsy-shop/tags/3.0.4/etsy-shop.php#L94",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://plugins.trac.wordpress.org/changeset/2977260/etsy-shop#file1",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e4696f7a-8b87-4376-b4c9-596eca30b38c?source=cve",
+      "source": "security@wordfence.com"
+    }
+  ]
+}

CVE-2023/CVE-2023-55xx/CVE-2023-5531.json

@@ -0,0 +1,63 @@
+{
+  "id": "CVE-2023-5531",
+  "sourceIdentifier": "security@wordfence.com",
+  "published": "2023-10-12T06:15:14.773",
+  "lastModified": "2023-10-12T06:15:14.773",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "The Thumbnail Slider With Lightbox plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0. This is due to missing or incorrect nonce validation on the delete functionality. This makes it possible for unauthenticated attackers to delete image lightboxes via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "security@wordfence.com",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "REQUIRED",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE",
+          "baseScore": 4.3,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 1.4
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security@wordfence.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-352"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=1263536%40wp-responsive-slider-with-lightbox&new=1263536%40wp-responsive-slider-with-lightbox&sfp_email=&sfph_mail=",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://wordpress.org/plugins/wp-responsive-slider-with-lightbox/",
+      "source": "security@wordfence.com"
+    },
+    {
+      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/055b7ed5-268a-485e-ac7d-8082dc9fb2ad?source=cve",
+      "source": "security@wordfence.com"
+    }
+  ]
+}

README.md

@@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update
 
 ```plain
-2023-10-12T06:00:25.597780+00:00
+2023-10-12T08:00:25.693955+00:00
 ```
 
 ### Most recent CVE Modification Timestamp synchronized with NVD
 
 ```plain
-2023-10-12T05:15:46.967000+00:00
+2023-10-12T07:15:11.120000+00:00
 ```
 
 ### Last Data Feed Release
@@ -29,23 +29,27 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs
 
 ```plain
-227634
+227642
 ```
 
 ### CVEs added in the last Commit
 
-Recently added CVEs: `3`
+Recently added CVEs: `8`
 
-* [CVE-2023-42298](CVE-2023/CVE-2023-422xx/CVE-2023-42298.json) (`2023-10-12T04:15:13.053`)
-* [CVE-2023-40829](CVE-2023/CVE-2023-408xx/CVE-2023-40829.json) (`2023-10-12T05:15:46.863`)
-* [CVE-2023-44793](CVE-2023/CVE-2023-447xx/CVE-2023-44793.json) (`2023-10-12T05:15:46.967`)
+* [CVE-2023-29453](CVE-2023/CVE-2023-294xx/CVE-2023-29453.json) (`2023-10-12T06:15:13.077`)
+* [CVE-2023-40833](CVE-2023/CVE-2023-408xx/CVE-2023-40833.json) (`2023-10-12T06:15:14.330`)
+* [CVE-2023-5531](CVE-2023/CVE-2023-55xx/CVE-2023-5531.json) (`2023-10-12T06:15:14.773`)
+* [CVE-2023-32721](CVE-2023/CVE-2023-327xx/CVE-2023-32721.json) (`2023-10-12T07:15:09.677`)
+* [CVE-2023-32722](CVE-2023/CVE-2023-327xx/CVE-2023-32722.json) (`2023-10-12T07:15:10.217`)
+* [CVE-2023-32723](CVE-2023/CVE-2023-327xx/CVE-2023-32723.json) (`2023-10-12T07:15:10.620`)
+* [CVE-2023-32724](CVE-2023/CVE-2023-327xx/CVE-2023-32724.json) (`2023-10-12T07:15:10.713`)
+* [CVE-2023-5470](CVE-2023/CVE-2023-54xx/CVE-2023-5470.json) (`2023-10-12T07:15:11.120`)
 
 
 ### CVEs modified in the last Commit
 
-Recently modified CVEs: `1`
+Recently modified CVEs: `0`
 
-* [CVE-2023-43641](CVE-2023/CVE-2023-436xx/CVE-2023-43641.json) (`2023-10-12T04:15:13.200`)
 
 
 ## Download and Usage