admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-09-28T22:00:25.512017+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-09-28 22:00:29 +00:00
parent 3216ce8c57
commit 42af83c010
39 changed files with 1702 additions and 143 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
CVE-2022/CVE-2022-276xx/CVE-2022-27665.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-27665",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-03T14:15:07.327",
"lastModified": "2023-04-08T03:15:57.853",
"vulnStatus": "Analyzed",
"lastModified": "2023-09-28T20:15:10.110",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -64,6 +64,10 @@
}
],
"references": [
{
"url": "https://community.progress.com/s/article/WS-FTP-Server-Critical-Vulnerability-September-2023",
"source": "cve@mitre.org"
},
{
"url": "https://docs.ipswitch.com/WS_FTP_Server2020/ReleaseNotes/index.htm",
"source": "cve@mitre.org",

31
CVE-2023/CVE-2023-350xx/CVE-2023-35071.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-35071",
"sourceIdentifier": "cve@usom.gov.tr",
"published": "2023-09-27T15:18:52.687",
"lastModified": "2023-09-27T15:41:36.187",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-28T21:52:38.770",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in MRV Tech Logging Administration Panel allows SQL Injection.This issue affects Logging Administration Panel: before 20230915 .\n\n"
},
{
"lang": "es",
"value": "La Neutralizaci\u00f3n Inadecuada de Elementos Especiales utilizados en una vulnerabilidad de comando SQL ('SQL Injection') en MRV Tech Logging Administration Panel permite la inyecci\u00f3n de SQL. Este problema afecta a Logging Administration Panel: versi\u00f3n anterior a 20230915."
}
],
"metrics": {
@ -46,10 +50,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mrv:logging_administration_panel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "20230915",
"matchCriteriaId": "78F3077D-FB28-4026-A6B0-72BA6E8AC2DE"
}
]
}
]
}
],
"references": [
{
"url": "https://www.usom.gov.tr/bildirim/tr-23-0560",
"source": "cve@usom.gov.tr"
"source": "cve@usom.gov.tr",
"tags": [
"Third Party Advisory"
]
}
]
}

73
CVE-2023/CVE-2023-357xx/CVE-2023-35793.json
View File

@ -2,23 +2,86 @@
"id": "CVE-2023-35793",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-27T15:18:52.857",
"lastModified": "2023-09-27T15:41:47.123",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-28T21:58:14.140",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Cassia Access Controller 2.1.1.2303271039. Establishing a web SSH session to gateways is vulnerable to Cross Site Request Forgery (CSRF) attacks."
},
{
"lang": "es",
"value": "Se descubri\u00f3 un problema en Cassia Access Controller 2.1.1.2303271039. Establecer una sesi\u00f3n web SSH para puertas de enlace es vulnerable a ataques de Cross Site Request Forgery (CSRF)."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cassianetworks:access_controller:2.1.1.2303271039:*:*:*:*:*:*:*",
"matchCriteriaId": "AD4C512A-48EB-43EB-9CAA-CE05673F71D5"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/Dodge-MPTC/CVE-2023-35793-CSRF-On-Web-SSH",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://www.cassianetworks.com/products/iot-access-controller/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
}
]
}

16
CVE-2023/CVE-2023-35xx/CVE-2023-3567.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-3567",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-07-24T16:15:12.990",
"lastModified": "2023-09-22T18:15:10.517",
"lastModified": "2023-09-28T20:15:10.510",
"vulnStatus": "Modified",
"descriptions": [
{
@ -37,20 +37,20 @@
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM"
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
"exploitabilityScore": 1.8,
"impactScore": 5.2
}
]
},

6
CVE-2023/CVE-2023-36xx/CVE-2023-3660.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-3660",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-13T12:15:09.397",
"lastModified": "2023-07-25T19:01:59.357",
"lastModified": "2023-09-28T21:29:30.470",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -102,8 +102,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:campcodes:retro_cellphone_online_store:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "14240D3C-5073-4D9E-8FE0-EF8C9E323E03"
"criteria": "cpe:2.3:a:retro_cellphone_online_store_project:retro_cellphone_online_store:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A77A0EBC-52BE-4672-A49E-9C10696CD13D"
}
]
}

69
CVE-2023/CVE-2023-403xx/CVE-2023-40386.json
View File

@ -2,19 +2,80 @@
"id": "CVE-2023-40386",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-09-27T15:19:05.067",
"lastModified": "2023-09-27T15:41:55.530",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-09-28T21:08:14.443",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Sonoma 14. An app may be able to access Notes attachments."
},
{
"lang": "es",
"value": "Se solucion\u00f3 un problema de privacidad mejorando el manejo de archivos temporales. Este problema se solucion\u00f3 en macOS Sonoma 14. Es posible que una aplicaci\u00f3n pueda acceder a los archivos adjuntos de Notas."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "14.0",
"matchCriteriaId": "7A5DD3D5-FB4F-4313-B873-DCED87FC4605"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/HT213940",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

69
CVE-2023/CVE-2023-403xx/CVE-2023-40388.json
View File

@ -2,19 +2,80 @@
"id": "CVE-2023-40388",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-09-27T15:19:05.547",
"lastModified": "2023-09-27T15:41:55.530",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-09-28T21:39:31.380",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Sonoma 14. Safari may save photos to an unprotected location."
},
{
"lang": "es",
"value": "Se solucion\u00f3 un problema de privacidad mejorando el manejo de archivos temporales. Este problema se solucion\u00f3 en macOS Sonoma 14. Safari puede guardar fotos en una ubicaci\u00f3n desprotegida."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "14.0",
"matchCriteriaId": "7A5DD3D5-FB4F-4313-B873-DCED87FC4605"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/HT213940",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

125
CVE-2023/CVE-2023-404xx/CVE-2023-40427.json
View File

@ -2,39 +2,146 @@
"id": "CVE-2023-40427",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-09-27T15:19:12.040",
"lastModified": "2023-09-27T15:41:13.523",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-28T21:35:34.613",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The issue was addressed with improved handling of caches. This issue is fixed in macOS Ventura 13.6, tvOS 17, macOS Monterey 12.7, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to read sensitive location information."
},
{
"lang": "es",
"value": "El problema se solucion\u00f3 mejorando el manejo de los cach\u00e9s. Este problema se solucion\u00f3 en macOS Ventura 13.6, tvOS 17, macOS Monterey 12.7, watchOS 10, iOS 17 y iPadOS 17, macOS Sonoma 14. Es posible que una aplicaci\u00f3n pueda leer informaci\u00f3n sensible de ubicaci\u00f3n."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.0",
"matchCriteriaId": "B511B802-B0A2-412D-ADA4-8B783BDF1880"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.0",
"matchCriteriaId": "E22CC7F9-F302-40B1-9B02-00FBC9805199"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "12.0",
"versionEndExcluding": "12.7",
"matchCriteriaId": "F05757BB-26B5-40A5-B37C-577706EA11C8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.6",
"matchCriteriaId": "7A78DA60-AE3B-4B3C-B338-97DAFABEBB1F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.0",
"matchCriteriaId": "93620AD0-115A-4F86-B533-76A190AF41A0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0",
"matchCriteriaId": "5A079CEF-8220-487C-B114-30BCC45647D6"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/HT213931",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213932",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213936",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213937",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213938",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213940",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
}
]
}

74
CVE-2023/CVE-2023-404xx/CVE-2023-40443.json
View File

@ -2,19 +2,85 @@
"id": "CVE-2023-40443",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-09-27T15:19:16.337",
"lastModified": "2023-09-27T15:41:13.523",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-28T21:30:29.613",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The issue was addressed with improved checks. This issue is fixed in iOS 17 and iPadOS 17. An app may be able to gain root privileges."
},
{
"lang": "es",
"value": "El problema se solucion\u00f3 con controles mejorados. Este problema se solucion\u00f3 en iOS 17 y iPadOS 17. Es posible que una aplicaci\u00f3n pueda obtener privilegios de root."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.0",
"matchCriteriaId": "B511B802-B0A2-412D-ADA4-8B783BDF1880"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "17.0",
"matchCriteriaId": "E22CC7F9-F302-40B1-9B02-00FBC9805199"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/HT213938",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
}
]
}

51
CVE-2023/CVE-2023-406xx/CVE-2023-40668.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-40668",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-09-27T15:19:23.513",
"lastModified": "2023-09-27T15:41:47.123",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-28T20:32:15.353",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Pdfcrowd Save as PDF plugin by Pdfcrowd plugin <=\u00a02.16.0 versions."
},
{
"lang": "es",
"value": "Vulnerabilidad de Coss-Site Scripting (XSS) autenticada (con permisos de admin o superiores) almacenada en Pdfcrowd Guardar como complemento PDF mediante el complemento Pdfcrowd en versiones &lt;=2.16.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pdfcrowd:save_as_pdf:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.16.0",
"matchCriteriaId": "32574422-AAA8-4491-AB04-19661291567A"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/save-as-pdf-by-pdfcrowd/wordpress-save-as-pdf-plugin-by-pdfcrowd-plugin-2-16-0-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

51
CVE-2023/CVE-2023-406xx/CVE-2023-40669.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-40669",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-09-27T15:19:23.810",
"lastModified": "2023-09-27T15:41:47.123",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-28T20:32:34.477",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in twinpictures, baden03 Collapse-O-Matic plugin <=\u00a01.8.5.5 versions."
},
{
"lang": "es",
"value": "Vulnerabilidad de Coss-Site Scripting (XSS) autenticada (con permisos de colaboradores o superiores) almacenada en twinpictures, complemento baden03 Collapse-O-Matic en versiones &lt;= 1.8.5.5."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:twinpictures:collapse-o-matic:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.8.5.5",
"matchCriteriaId": "7FC76A11-2AA4-47E2-9DA4-13B79AB551F2"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/jquery-collapse-o-matic/wordpress-collapse-o-matic-plugin-1-8-3-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

51
CVE-2023/CVE-2023-406xx/CVE-2023-40675.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-40675",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-09-27T15:19:23.947",
"lastModified": "2023-09-27T15:41:47.123",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-28T20:29:47.320",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in PluginOps Landing Page Builder plugin <=\u00a01.5.1.2 versions."
},
{
"lang": "es",
"value": "Vulnerabilidad de Coss-Site Scripting (XSS) autenticada (con permisos de admin o superiores) almacenada en el complemento PluginOps Landing Page Builder en versiones &lt;=1.5.1.2."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pluginops:landing_page_builder:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.5.1.2",
"matchCriteriaId": "0610E119-A5C1-41BA-93C7-80FB36833904"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/page-builder-add/wordpress-landing-page-builder-plugin-1-5-1-1-cross-site-scripting-xss?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

63
CVE-2023/CVE-2023-406xx/CVE-2023-40676.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-40676",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-09-27T15:19:24.077",
"lastModified": "2023-09-27T15:41:47.123",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-28T20:28:44.137",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Jason Crouse, VeronaLabs Slimstat Analytics plugin <=\u00a05.0.8 versions."
},
{
"lang": "es",
"value": "Vulnerabilidad de Coss-Site Scripting (XSS) autenticada (con permisos de admin o superiores) almacenada en Jason Crouse, complemento VeronaLabs Slimstat Analytics en versiones &lt;= 5.0.8."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -36,7 +60,7 @@
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
@ -44,12 +68,43 @@
"value": "CWE-79"
}
]
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wp-slimstat:slimstat_analytics:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "5.0.8",
"matchCriteriaId": "5C3965CE-C793-4BDE-A29D-958A86C16AAA"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wp-slimstat/wordpress-slimstat-analytics-plugin-5-0-8-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

51
CVE-2023/CVE-2023-406xx/CVE-2023-40677.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-40677",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-09-27T15:19:24.233",
"lastModified": "2023-09-27T15:41:47.123",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-28T20:26:35.013",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gopi Ramasamy Vertical marquee plugin <=\u00a07.1 versions."
},
{
"lang": "es",
"value": "Vulnerabilidad de Coss-Site Scripting (XSS) autenticada (con permisos de admin o superiores) almacenada en el complemento de Gopi Ramasamy Vertical marquee en versiones &lt;=7.1."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gopiplus:vertical_marquee:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "7.1",
"matchCriteriaId": "CBC823E7-78BC-4D10-80CB-E66AFA17AC5D"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/vertical-marquee-plugin/wordpress-vertical-marquee-plugin-plugin-7-1-cross-site-scripting-xss?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

51
CVE-2023/CVE-2023-412xx/CVE-2023-41235.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-41235",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-09-27T15:19:27.140",
"lastModified": "2023-09-27T15:40:54.270",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-28T20:19:44.033",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Everest Themes Everest News Pro theme <=\u00a01.1.7 versions."
},
{
"lang": "es",
"value": "Vulnerabilidad de Cross-Site Scripting (XSS) Reflejada No Autenticada en temas de Everest Tema Everest News Pro en versiones &lt;= 1.1.7."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:everestthemes:everest_news:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.1.7",
"matchCriteriaId": "E61B82C9-3D24-488B-8B12-4FADCFC16521"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/everest-news-pro/wordpress-everest-news-pro-theme-1-1-7-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

51
CVE-2023/CVE-2023-412xx/CVE-2023-41236.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-41236",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-09-27T15:19:27.383",
"lastModified": "2023-09-27T15:40:54.270",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-28T20:19:26.923",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Happy addons Happy Elementor Addons Pro plugin <=\u00a02.8.0 versions."
},
{
"lang": "es",
"value": "Vulnerabilidad de Cross-Site Scripting (XSS) Reflejada No Autenticada en Happy addons del complemento Happy Elementor Addons Pro en versiones &lt;= 2.8.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wedevs:happy_addons_for_elementor:*:*:*:*:pro:wordpress:*:*",
"versionEndIncluding": "2.8.0",
"matchCriteriaId": "9E7CBB7E-3AB4-425C-B25C-BB09FC353DE2"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/happy-elementor-addons-pro/wordpress-happy-elementor-addons-pro-plugin-2-8-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

79
CVE-2023/CVE-2023-414xx/CVE-2023-41445.json
View File

@ -2,27 +2,94 @@
"id": "CVE-2023-41445",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-27T23:15:10.150",
"lastModified": "2023-09-28T12:44:13.510",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-28T21:37:15.117",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cross Site Scripting vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the index.php component."
},
{
"lang": "es",
"value": "Vulnerabilidad de Cross-Site Scripting en phpkobo AjaxNewTicker v.1.0.5 permite a un atacante remoto ejecutar c\u00f3digo arbitrario a trav\u00e9s de un payload manipulado para el componente index.php."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:phpkobo:ajaxnewsticker:1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5AB746FE-B97E-47A9-949A-E9B4FA537D10"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "http://ajaxnewsticker.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Product"
]
},
{
"url": "http://phpkobo.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://gist.github.com/RNPG/84cac1b949bab0e4c587a668385b052d",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

79
CVE-2023/CVE-2023-414xx/CVE-2023-41446.json
View File

@ -2,27 +2,94 @@
"id": "CVE-2023-41446",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-28T03:15:11.387",
"lastModified": "2023-09-28T12:44:04.973",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-28T21:49:06.750",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cross Site Scripting vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted script to the title parameter in the index.php component."
},
{
"lang": "es",
"value": "Vulnerabilidad de Cross-Site Scripting en phpkobo AjaxNewTicker v.1.0.5 permite a un atacante remoto ejecutar c\u00f3digo arbitrario a trav\u00e9s de un script manipulado para el par\u00e1metro de t\u00edtulo en el componente index.php."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:phpkobo:ajaxnewsticker:1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5AB746FE-B97E-47A9-949A-E9B4FA537D10"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "http://ajaxnewsticker.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Product"
]
},
{
"url": "http://phpkobo.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://gist.github.com/RNPG/4bb91170f8ee50b395427f26bc96a1f2",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

79
CVE-2023/CVE-2023-414xx/CVE-2023-41449.json
View File

@ -2,27 +2,94 @@
"id": "CVE-2023-41449",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-27T23:15:11.730",
"lastModified": "2023-09-28T12:44:13.510",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-28T21:42:16.540",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue in phpkobo AjaxNewsTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the reque parameter."
},
{
"lang": "es",
"value": "Un problema en phpkobo AjaxNewsTicker v.1.0.5 permite a un atacante remoto ejecutar c\u00f3digo arbitrario a trav\u00e9s de un payload manipulado para el par\u00e1metro reque."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-918"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:phpkobo:ajaxnewsticker:1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5AB746FE-B97E-47A9-949A-E9B4FA537D10"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "http://ajaxnewsticker.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Product"
]
},
{
"url": "http://phpkobo.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://gist.github.com/RNPG/c1ae240f2acec138132aa64ce3faa2e0",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

79
CVE-2023/CVE-2023-414xx/CVE-2023-41451.json
View File

@ -2,27 +2,94 @@
"id": "CVE-2023-41451",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-27T23:15:11.787",
"lastModified": "2023-09-28T12:44:13.510",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-28T21:43:38.937",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cross Site Scripting vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the txt parameter in the index.php component."
},
{
"lang": "es",
"value": "Vulnerabilidad de Cross Site Scripting en phpkobo AjaxNewTicker v.1.0.5 permite a un atacante remoto ejecutar c\u00f3digo arbitrario a trav\u00e9s de un payload manipulado para el par\u00e1metro txt en el componente index.php."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:phpkobo:ajaxnewsticker:1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5AB746FE-B97E-47A9-949A-E9B4FA537D10"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "http://ajaxnewsticker.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Product"
]
},
{
"url": "http://phpkobo.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://gist.github.com/RNPG/062cfca2e293a0e7d24f5d55f8db3fde",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

79
CVE-2023/CVE-2023-414xx/CVE-2023-41452.json
View File

@ -2,27 +2,94 @@
"id": "CVE-2023-41452",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-27T23:15:11.843",
"lastModified": "2023-09-28T12:44:13.510",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-28T21:47:51.073",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cross Site Request Forgery vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the txt parameter in the index.php component."
},
{
"lang": "es",
"value": "Vulnerabilidad de Cross Site Request Forgery en phpkobo AjaxNewTicker v.1.0.5 permite a un atacante remoto ejecutar c\u00f3digo arbitrario a trav\u00e9s de un payload manipulado para el par\u00e1metro txt en el componente index.php."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:phpkobo:ajaxnewsticker:1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5AB746FE-B97E-47A9-949A-E9B4FA537D10"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "http://ajaxnewsticker.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Product"
]
},
{
"url": "http://phpkobo.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://gist.github.com/RNPG/32be1c4bae6f9378d4f382ba0c92b367",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

43
CVE-2023/CVE-2023-419xx/CVE-2023-41911.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-41911",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-28T21:15:09.870",
"lastModified": "2023-09-28T21:15:09.870",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Samsung Mobile Processor Exynos 2200 allows a GPU Double Free (issue 1 of 2)."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@mitre.org",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.0,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/",
"source": "cve@mitre.org"
}
]
}

8
CVE-2023/CVE-2023-427xx/CVE-2023-42793.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-42793",
"sourceIdentifier": "security@jetbrains.com",
"published": "2023-09-19T17:15:08.330",
"lastModified": "2023-09-21T20:01:37.220",
"vulnStatus": "Analyzed",
"lastModified": "2023-09-28T21:15:09.937",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -89,6 +89,10 @@
}
],
"references": [
{
"url": "https://blog.jetbrains.com/teamcity/2023/09/cve-2023-42793-vulnerability-post-mortem/",
"source": "security@jetbrains.com"
},
{
"url": "https://www.jetbrains.com/privacy-security/issues-fixed/",
"source": "security@jetbrains.com",

59
CVE-2023/CVE-2023-430xx/CVE-2023-43013.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-43013",
"sourceIdentifier": "help@fluidattacks.com",
"published": "2023-09-28T21:15:10.037",
"lastModified": "2023-09-28T21:15:10.037",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Asset Management System v1.0 is vulnerable to an\n\nunauthenticated SQL Injection vulnerability on the\n\n'email' parameter of index.php page, allowing an\n\nexternal attacker to dump all the contents of the\n\ndatabase contents and bypass the login control.\n\n\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "help@fluidattacks.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "help@fluidattacks.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://fluidattacks.com/advisories/nergal",
"source": "help@fluidattacks.com"
},
{
"url": "https://projectworlds.in/",
"source": "help@fluidattacks.com"
}
]
}

20
CVE-2023/CVE-2023-432xx/CVE-2023-43226.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-43226",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-28T20:15:10.880",
"lastModified": "2023-09-28T20:29:46.433",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An arbitrary file upload vulnerability in dede/baidunews.php in DedeCMS 5.7.111 and earlier allows attackers to execute arbitrary code via uploading a crafted PHP file."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/zzq66/cve/",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-433xx/CVE-2023-43323.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-43323",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-28T20:15:11.107",
"lastModified": "2023-09-28T20:29:46.433",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "mooSocial 3.1.8 is vulnerable to external service interaction on post function. When executed, the server sends a HTTP and DNS request to external server. The Parameters effected are multiple - messageText, data[wall_photo], data[userShareVideo] and data[userShareLink]."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/ahrixia/CVE-2023-43323",
"source": "cve@mitre.org"
}
]
}

4
CVE-2023/CVE-2023-436xx/CVE-2023-43657.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-43657",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-09-28T19:15:10.547",
"lastModified": "2023-09-28T19:15:10.547",
"vulnStatus": "Received",
"lastModified": "2023-09-28T20:29:46.433",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-436xx/CVE-2023-43663.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-43663",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-09-28T19:15:10.633",
"lastModified": "2023-09-28T19:15:10.633",
"vulnStatus": "Received",
"lastModified": "2023-09-28T20:29:46.433",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-436xx/CVE-2023-43664.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-43664",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-09-28T19:15:10.713",
"lastModified": "2023-09-28T19:15:10.713",
"vulnStatus": "Received",
"lastModified": "2023-09-28T20:29:46.433",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

59
CVE-2023/CVE-2023-437xx/CVE-2023-43740.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-43740",
"sourceIdentifier": "help@fluidattacks.com",
"published": "2023-09-28T21:15:10.110",
"lastModified": "2023-09-28T21:15:10.110",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "[PROBLEMTYPE] in [COMPONENT] in [VENDOR] [PRODUCT] [VERSION] on [PLATFORMS] allows [ATTACKER] to [IMPACT] via [VECTOR]"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "help@fluidattacks.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 2.3,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "help@fluidattacks.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"references": [
{
"url": "https://fluidattacks.com/advisories/shagrath",
"source": "help@fluidattacks.com"
},
{
"url": "https://projectworlds.in/",
"source": "help@fluidattacks.com"
}
]
}

8
CVE-2023/CVE-2023-437xx/CVE-2023-43775.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-43775",
"sourceIdentifier": "CybersecurityCOE@eaton.com",
"published": "2023-09-27T15:19:34.517",
"lastModified": "2023-09-27T15:41:42.647",
"lastModified": "2023-09-28T21:15:10.177",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Denial-of-service vulnerability in the web server of the Eaton SMP SG-4260 allows \n\nattacker to potentially force an unexpected restart of the SMP Gateway\nautomation platform, impacting the availability of the product. In rare situations, the issue could cause\nthe SMP device to restart in Safe Mode or Max Safe Mode. When in Max Safe Mode, the product is\nnot vulnerable anymore.\n"
"value": "Denial-of-service vulnerability in the web server of the Eaton SMP Gateway allows \n\nattacker to potentially force an unexpected restart of the automation platform, impacting the availability of the product. In rare situations, the issue could cause\nthe SMP device to restart in Safe Mode or Max Safe Mode. When in Max Safe Mode, the product is\nnot vulnerable anymore.\n"
},
{
"lang": "es",
"value": "Una vulnerabilidad de denegaci\u00f3n de servicio en el servidor web de Eaton SMP SG-4260 permite a un atacante forzar potencialmente un reinicio inesperado de la plataforma de automatizaci\u00f3n SMP Gateway, lo que afecta la disponibilidad del producto. En situaciones excepcionales, el problema podr\u00eda provocar que el dispositivo SMP se reinicie en Safe Mode o Max Safe Mode. Cuando est\u00e1 en modo Max Safe, el producto ya no es vulnerable."
}
],
"metrics": {

59
CVE-2023/CVE-2023-43xx/CVE-2023-4316.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-4316",
"sourceIdentifier": "help@fluidattacks.com",
"published": "2023-09-28T21:15:10.313",
"lastModified": "2023-09-28T21:15:10.313",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Zod in version 3.22.2 allows an attacker to perform a denial of service while validating emails\n\n\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "help@fluidattacks.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "help@fluidattacks.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"references": [
{
"url": "https://fluidattacks.com/advisories/swift",
"source": "help@fluidattacks.com"
},
{
"url": "https://www.npmjs.com/package/zod",
"source": "help@fluidattacks.com"
}
]
}

59
CVE-2023/CVE-2023-441xx/CVE-2023-44173.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-44173",
"sourceIdentifier": "help@fluidattacks.com",
"published": "2023-09-28T21:15:10.250",
"lastModified": "2023-09-28T21:15:10.250",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Online Movie Ticket Booking System v1.0 is vulnerable to\n\nan authenticated Reflected Cross-Site Scripting vulnerability.\n\n\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "help@fluidattacks.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "help@fluidattacks.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://fluidattacks.com/advisories/harrison",
"source": "help@fluidattacks.com"
},
{
"url": "https://projectworlds.in/",
"source": "help@fluidattacks.com"
}
]
}

59
CVE-2023/CVE-2023-50xx/CVE-2023-5004.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-5004",
"sourceIdentifier": "help@fluidattacks.com",
"published": "2023-09-28T21:15:10.383",
"lastModified": "2023-09-28T21:15:10.383",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Hospital management system version 378c157 allows to bypass authentication.\n\nThis is possible because the application is vulnerable to SQLI.\n\n\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "help@fluidattacks.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "help@fluidattacks.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://fluidattacks.com/advisories/alcocer",
"source": "help@fluidattacks.com"
},
{
"url": "https://github.com/projectworldsofficial/hospital-management-system-in-php/",
"source": "help@fluidattacks.com"
}
]
}

59
CVE-2023/CVE-2023-50xx/CVE-2023-5053.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-5053",
"sourceIdentifier": "help@fluidattacks.com",
"published": "2023-09-28T21:15:10.447",
"lastModified": "2023-09-28T21:15:10.447",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Hospital management system version 378c157 allows to bypass authentication.\n\nThis is possible because the application is vulnerable to SQLI.\n\n\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "help@fluidattacks.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "help@fluidattacks.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://fluidattacks.com/advisories/shierro",
"source": "help@fluidattacks.com"
},
{
"url": "https://github.com/projectworldsofficial/hospital-management-system-in-php/",
"source": "help@fluidattacks.com"
}
]
}

59
CVE-2023/CVE-2023-51xx/CVE-2023-5185.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-5185",
"sourceIdentifier": "help@fluidattacks.com",
"published": "2023-09-28T21:15:10.507",
"lastModified": "2023-09-28T21:15:10.507",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Gym Management System Project v1.0 is vulnerable to\n\nan Insecure File Upload vulnerability on the 'file'\n\nparameter of profile/i.php page, allowing an\n\nauthenticated attacker to obtain Remote Code Execution\n\non the server hosting the application.\n\n\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "help@fluidattacks.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 2.3,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "help@fluidattacks.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"references": [
{
"url": "https://fluidattacks.com/advisories/orion",
"source": "help@fluidattacks.com"
},
{
"url": "https://projectworlds.in/",
"source": "help@fluidattacks.com"
}
]
}

6
CVE-2023/CVE-2023-52xx/CVE-2023-5217.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-5217",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-09-28T16:15:10.980",
"lastModified": "2023-09-28T18:19:27.953",
"lastModified": "2023-09-28T21:15:10.570",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -12,6 +12,10 @@
],
"metrics": {},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2023/09/28/5",
"source": "chrome-cve-admin@google.com"
},
{
"url": "https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_27.html",
"source": "chrome-cve-admin@google.com"

4
CVE-2023/CVE-2023-52xx/CVE-2023-5256.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-5256",
"sourceIdentifier": "mlhess@drupal.org",
"published": "2023-09-28T19:15:10.977",
"lastModified": "2023-09-28T19:15:10.977",
"vulnStatus": "Received",
"lastModified": "2023-09-28T20:29:46.433",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

76
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-09-28T20:00:25.811998+00:00
2023-09-28T22:00:25.512017+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-09-28T19:15:34.223000+00:00
2023-09-28T21:58:14.140000+00:00
```
### Last Data Feed Release
@ -29,50 +29,54 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
226536
226546
```
### CVEs added in the last Commit
Recently added CVEs: `6`
Recently added CVEs: `10`
* [CVE-2023-40375](CVE-2023/CVE-2023-403xx/CVE-2023-40375.json) (`2023-09-28T18:15:11.830`)
* [CVE-2023-43044](CVE-2023/CVE-2023-430xx/CVE-2023-43044.json) (`2023-09-28T18:15:11.930`)
* [CVE-2023-43657](CVE-2023/CVE-2023-436xx/CVE-2023-43657.json) (`2023-09-28T19:15:10.547`)
* [CVE-2023-43663](CVE-2023/CVE-2023-436xx/CVE-2023-43663.json) (`2023-09-28T19:15:10.633`)
* [CVE-2023-43664](CVE-2023/CVE-2023-436xx/CVE-2023-43664.json) (`2023-09-28T19:15:10.713`)
* [CVE-2023-5256](CVE-2023/CVE-2023-52xx/CVE-2023-5256.json) (`2023-09-28T19:15:10.977`)
* [CVE-2023-43226](CVE-2023/CVE-2023-432xx/CVE-2023-43226.json) (`2023-09-28T20:15:10.880`)
* [CVE-2023-43323](CVE-2023/CVE-2023-433xx/CVE-2023-43323.json) (`2023-09-28T20:15:11.107`)
* [CVE-2023-41911](CVE-2023/CVE-2023-419xx/CVE-2023-41911.json) (`2023-09-28T21:15:09.870`)
* [CVE-2023-43013](CVE-2023/CVE-2023-430xx/CVE-2023-43013.json) (`2023-09-28T21:15:10.037`)
* [CVE-2023-43740](CVE-2023/CVE-2023-437xx/CVE-2023-43740.json) (`2023-09-28T21:15:10.110`)
* [CVE-2023-44173](CVE-2023/CVE-2023-441xx/CVE-2023-44173.json) (`2023-09-28T21:15:10.250`)
* [CVE-2023-4316](CVE-2023/CVE-2023-43xx/CVE-2023-4316.json) (`2023-09-28T21:15:10.313`)
* [CVE-2023-5004](CVE-2023/CVE-2023-50xx/CVE-2023-5004.json) (`2023-09-28T21:15:10.383`)
* [CVE-2023-5053](CVE-2023/CVE-2023-50xx/CVE-2023-5053.json) (`2023-09-28T21:15:10.447`)
* [CVE-2023-5185](CVE-2023/CVE-2023-51xx/CVE-2023-5185.json) (`2023-09-28T21:15:10.507`)
### CVEs modified in the last Commit
Recently modified CVEs: `31`
Recently modified CVEs: `28`
* [CVE-2021-40171](CVE-2021/CVE-2021-401xx/CVE-2021-40171.json) (`2023-09-28T18:17:19.183`)
* [CVE-2023-4845](CVE-2023/CVE-2023-48xx/CVE-2023-4845.json) (`2023-09-28T18:12:50.730`)
* [CVE-2023-4844](CVE-2023/CVE-2023-48xx/CVE-2023-4844.json) (`2023-09-28T18:14:56.547`)
* [CVE-2023-0466](CVE-2023/CVE-2023-04xx/CVE-2023-0466.json) (`2023-09-28T18:15:11.707`)
* [CVE-2023-4863](CVE-2023/CVE-2023-48xx/CVE-2023-4863.json) (`2023-09-28T18:15:12.113`)
* [CVE-2023-4846](CVE-2023/CVE-2023-48xx/CVE-2023-4846.json) (`2023-09-28T18:15:15.677`)
* [CVE-2023-43876](CVE-2023/CVE-2023-438xx/CVE-2023-43876.json) (`2023-09-28T18:19:27.953`)
* [CVE-2023-43878](CVE-2023/CVE-2023-438xx/CVE-2023-43878.json) (`2023-09-28T18:19:27.953`)
* [CVE-2023-43879](CVE-2023/CVE-2023-438xx/CVE-2023-43879.json) (`2023-09-28T18:19:27.953`)
* [CVE-2023-43884](CVE-2023/CVE-2023-438xx/CVE-2023-43884.json) (`2023-09-28T18:19:27.953`)
* [CVE-2023-30415](CVE-2023/CVE-2023-304xx/CVE-2023-30415.json) (`2023-09-28T18:19:27.953`)
* [CVE-2023-5186](CVE-2023/CVE-2023-51xx/CVE-2023-5186.json) (`2023-09-28T18:19:27.953`)
* [CVE-2023-5187](CVE-2023/CVE-2023-51xx/CVE-2023-5187.json) (`2023-09-28T18:19:27.953`)
* [CVE-2023-5217](CVE-2023/CVE-2023-52xx/CVE-2023-5217.json) (`2023-09-28T18:19:27.953`)
* [CVE-2023-40764](CVE-2023/CVE-2023-407xx/CVE-2023-40764.json) (`2023-09-28T18:27:13.700`)
* [CVE-2023-40755](CVE-2023/CVE-2023-407xx/CVE-2023-40755.json) (`2023-09-28T18:32:18.820`)
* [CVE-2023-43376](CVE-2023/CVE-2023-433xx/CVE-2023-43376.json) (`2023-09-28T18:44:02.520`)
* [CVE-2023-43617](CVE-2023/CVE-2023-436xx/CVE-2023-43617.json) (`2023-09-28T18:56:25.610`)
* [CVE-2023-0379](CVE-2023/CVE-2023-03xx/CVE-2023-0379.json) (`2023-09-28T18:56:56.773`)
* [CVE-2023-3141](CVE-2023/CVE-2023-31xx/CVE-2023-3141.json) (`2023-09-28T19:03:11.420`)
* [CVE-2023-1688](CVE-2023/CVE-2023-16xx/CVE-2023-1688.json) (`2023-09-28T19:06:17.677`)
* [CVE-2023-32233](CVE-2023/CVE-2023-322xx/CVE-2023-32233.json) (`2023-09-28T19:07:11.537`)
* [CVE-2023-41448](CVE-2023/CVE-2023-414xx/CVE-2023-41448.json) (`2023-09-28T19:11:38.160`)
* [CVE-2023-41447](CVE-2023/CVE-2023-414xx/CVE-2023-41447.json) (`2023-09-28T19:12:39.430`)
* [CVE-2023-41453](CVE-2023/CVE-2023-414xx/CVE-2023-41453.json) (`2023-09-28T19:15:34.223`)
* [CVE-2023-41235](CVE-2023/CVE-2023-412xx/CVE-2023-41235.json) (`2023-09-28T20:19:44.033`)
* [CVE-2023-40677](CVE-2023/CVE-2023-406xx/CVE-2023-40677.json) (`2023-09-28T20:26:35.013`)
* [CVE-2023-40676](CVE-2023/CVE-2023-406xx/CVE-2023-40676.json) (`2023-09-28T20:28:44.137`)
* [CVE-2023-43657](CVE-2023/CVE-2023-436xx/CVE-2023-43657.json) (`2023-09-28T20:29:46.433`)
* [CVE-2023-43663](CVE-2023/CVE-2023-436xx/CVE-2023-43663.json) (`2023-09-28T20:29:46.433`)
* [CVE-2023-43664](CVE-2023/CVE-2023-436xx/CVE-2023-43664.json) (`2023-09-28T20:29:46.433`)
* [CVE-2023-5256](CVE-2023/CVE-2023-52xx/CVE-2023-5256.json) (`2023-09-28T20:29:46.433`)
* [CVE-2023-40675](CVE-2023/CVE-2023-406xx/CVE-2023-40675.json) (`2023-09-28T20:29:47.320`)
* [CVE-2023-40668](CVE-2023/CVE-2023-406xx/CVE-2023-40668.json) (`2023-09-28T20:32:15.353`)
* [CVE-2023-40669](CVE-2023/CVE-2023-406xx/CVE-2023-40669.json) (`2023-09-28T20:32:34.477`)
* [CVE-2023-40386](CVE-2023/CVE-2023-403xx/CVE-2023-40386.json) (`2023-09-28T21:08:14.443`)
* [CVE-2023-42793](CVE-2023/CVE-2023-427xx/CVE-2023-42793.json) (`2023-09-28T21:15:09.937`)
* [CVE-2023-43775](CVE-2023/CVE-2023-437xx/CVE-2023-43775.json) (`2023-09-28T21:15:10.177`)
* [CVE-2023-5217](CVE-2023/CVE-2023-52xx/CVE-2023-5217.json) (`2023-09-28T21:15:10.570`)
* [CVE-2023-3660](CVE-2023/CVE-2023-36xx/CVE-2023-3660.json) (`2023-09-28T21:29:30.470`)
* [CVE-2023-40443](CVE-2023/CVE-2023-404xx/CVE-2023-40443.json) (`2023-09-28T21:30:29.613`)
* [CVE-2023-40427](CVE-2023/CVE-2023-404xx/CVE-2023-40427.json) (`2023-09-28T21:35:34.613`)
* [CVE-2023-41445](CVE-2023/CVE-2023-414xx/CVE-2023-41445.json) (`2023-09-28T21:37:15.117`)
* [CVE-2023-40388](CVE-2023/CVE-2023-403xx/CVE-2023-40388.json) (`2023-09-28T21:39:31.380`)
* [CVE-2023-41449](CVE-2023/CVE-2023-414xx/CVE-2023-41449.json) (`2023-09-28T21:42:16.540`)
* [CVE-2023-41451](CVE-2023/CVE-2023-414xx/CVE-2023-41451.json) (`2023-09-28T21:43:38.937`)
* [CVE-2023-41452](CVE-2023/CVE-2023-414xx/CVE-2023-41452.json) (`2023-09-28T21:47:51.073`)
* [CVE-2023-41446](CVE-2023/CVE-2023-414xx/CVE-2023-41446.json) (`2023-09-28T21:49:06.750`)
* [CVE-2023-35071](CVE-2023/CVE-2023-350xx/CVE-2023-35071.json) (`2023-09-28T21:52:38.770`)
* [CVE-2023-35793](CVE-2023/CVE-2023-357xx/CVE-2023-35793.json) (`2023-09-28T21:58:14.140`)
## Download and Usage