From 42af83c0105eaf63f3f93ce59c51e05c84ca6848 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Thu, 28 Sep 2023 22:00:29 +0000 Subject: [PATCH] Auto-Update: 2023-09-28T22:00:25.512017+00:00 --- CVE-2022/CVE-2022-276xx/CVE-2022-27665.json | 8 +- CVE-2023/CVE-2023-350xx/CVE-2023-35071.json | 31 ++++- CVE-2023/CVE-2023-357xx/CVE-2023-35793.json | 73 +++++++++++- CVE-2023/CVE-2023-35xx/CVE-2023-3567.json | 16 +-- CVE-2023/CVE-2023-36xx/CVE-2023-3660.json | 6 +- CVE-2023/CVE-2023-403xx/CVE-2023-40386.json | 69 ++++++++++- CVE-2023/CVE-2023-403xx/CVE-2023-40388.json | 69 ++++++++++- CVE-2023/CVE-2023-404xx/CVE-2023-40427.json | 125 ++++++++++++++++++-- CVE-2023/CVE-2023-404xx/CVE-2023-40443.json | 74 +++++++++++- CVE-2023/CVE-2023-406xx/CVE-2023-40668.json | 51 +++++++- CVE-2023/CVE-2023-406xx/CVE-2023-40669.json | 51 +++++++- CVE-2023/CVE-2023-406xx/CVE-2023-40675.json | 51 +++++++- CVE-2023/CVE-2023-406xx/CVE-2023-40676.json | 63 +++++++++- CVE-2023/CVE-2023-406xx/CVE-2023-40677.json | 51 +++++++- CVE-2023/CVE-2023-412xx/CVE-2023-41235.json | 51 +++++++- CVE-2023/CVE-2023-412xx/CVE-2023-41236.json | 51 +++++++- CVE-2023/CVE-2023-414xx/CVE-2023-41445.json | 79 ++++++++++++- CVE-2023/CVE-2023-414xx/CVE-2023-41446.json | 79 ++++++++++++- CVE-2023/CVE-2023-414xx/CVE-2023-41449.json | 79 ++++++++++++- CVE-2023/CVE-2023-414xx/CVE-2023-41451.json | 79 ++++++++++++- CVE-2023/CVE-2023-414xx/CVE-2023-41452.json | 79 ++++++++++++- CVE-2023/CVE-2023-419xx/CVE-2023-41911.json | 43 +++++++ CVE-2023/CVE-2023-427xx/CVE-2023-42793.json | 8 +- CVE-2023/CVE-2023-430xx/CVE-2023-43013.json | 59 +++++++++ CVE-2023/CVE-2023-432xx/CVE-2023-43226.json | 20 ++++ CVE-2023/CVE-2023-433xx/CVE-2023-43323.json | 20 ++++ CVE-2023/CVE-2023-436xx/CVE-2023-43657.json | 4 +- CVE-2023/CVE-2023-436xx/CVE-2023-43663.json | 4 +- CVE-2023/CVE-2023-436xx/CVE-2023-43664.json | 4 +- CVE-2023/CVE-2023-437xx/CVE-2023-43740.json | 59 +++++++++ CVE-2023/CVE-2023-437xx/CVE-2023-43775.json | 8 +- CVE-2023/CVE-2023-43xx/CVE-2023-4316.json | 59 +++++++++ CVE-2023/CVE-2023-441xx/CVE-2023-44173.json | 59 +++++++++ CVE-2023/CVE-2023-50xx/CVE-2023-5004.json | 59 +++++++++ CVE-2023/CVE-2023-50xx/CVE-2023-5053.json | 59 +++++++++ CVE-2023/CVE-2023-51xx/CVE-2023-5185.json | 59 +++++++++ CVE-2023/CVE-2023-52xx/CVE-2023-5217.json | 6 +- CVE-2023/CVE-2023-52xx/CVE-2023-5256.json | 4 +- README.md | 76 ++++++------ 39 files changed, 1702 insertions(+), 143 deletions(-) create mode 100644 CVE-2023/CVE-2023-419xx/CVE-2023-41911.json create mode 100644 CVE-2023/CVE-2023-430xx/CVE-2023-43013.json create mode 100644 CVE-2023/CVE-2023-432xx/CVE-2023-43226.json create mode 100644 CVE-2023/CVE-2023-433xx/CVE-2023-43323.json create mode 100644 CVE-2023/CVE-2023-437xx/CVE-2023-43740.json create mode 100644 CVE-2023/CVE-2023-43xx/CVE-2023-4316.json create mode 100644 CVE-2023/CVE-2023-441xx/CVE-2023-44173.json create mode 100644 CVE-2023/CVE-2023-50xx/CVE-2023-5004.json create mode 100644 CVE-2023/CVE-2023-50xx/CVE-2023-5053.json create mode 100644 CVE-2023/CVE-2023-51xx/CVE-2023-5185.json diff --git a/CVE-2022/CVE-2022-276xx/CVE-2022-27665.json b/CVE-2022/CVE-2022-276xx/CVE-2022-27665.json index ace44dc60f3..449f13e3c37 100644 --- a/CVE-2022/CVE-2022-276xx/CVE-2022-27665.json +++ b/CVE-2022/CVE-2022-276xx/CVE-2022-27665.json @@ -2,8 +2,8 @@ "id": "CVE-2022-27665", "sourceIdentifier": "cve@mitre.org", "published": "2023-04-03T14:15:07.327", - "lastModified": "2023-04-08T03:15:57.853", - "vulnStatus": "Analyzed", + "lastModified": "2023-09-28T20:15:10.110", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -64,6 +64,10 @@ } ], "references": [ + { + "url": "https://community.progress.com/s/article/WS-FTP-Server-Critical-Vulnerability-September-2023", + "source": "cve@mitre.org" + }, { "url": "https://docs.ipswitch.com/WS_FTP_Server2020/ReleaseNotes/index.htm", "source": "cve@mitre.org", diff --git a/CVE-2023/CVE-2023-350xx/CVE-2023-35071.json b/CVE-2023/CVE-2023-350xx/CVE-2023-35071.json index a1947b568d3..d111f296de8 100644 --- a/CVE-2023/CVE-2023-350xx/CVE-2023-35071.json +++ b/CVE-2023/CVE-2023-350xx/CVE-2023-35071.json @@ -2,12 +2,16 @@ "id": "CVE-2023-35071", "sourceIdentifier": "cve@usom.gov.tr", "published": "2023-09-27T15:18:52.687", - "lastModified": "2023-09-27T15:41:36.187", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-28T21:52:38.770", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in MRV Tech Logging Administration Panel allows SQL Injection.This issue affects Logging Administration Panel: before 20230915 .\n\n" + }, + { + "lang": "es", + "value": "La Neutralizaci\u00f3n Inadecuada de Elementos Especiales utilizados en una vulnerabilidad de comando SQL ('SQL Injection') en MRV Tech Logging Administration Panel permite la inyecci\u00f3n de SQL. Este problema afecta a Logging Administration Panel: versi\u00f3n anterior a 20230915." } ], "metrics": { @@ -46,10 +50,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mrv:logging_administration_panel:*:*:*:*:*:*:*:*", + "versionEndExcluding": "20230915", + "matchCriteriaId": "78F3077D-FB28-4026-A6B0-72BA6E8AC2DE" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.usom.gov.tr/bildirim/tr-23-0560", - "source": "cve@usom.gov.tr" + "source": "cve@usom.gov.tr", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-357xx/CVE-2023-35793.json b/CVE-2023/CVE-2023-357xx/CVE-2023-35793.json index 30a4245a5f4..d017c7d434b 100644 --- a/CVE-2023/CVE-2023-357xx/CVE-2023-35793.json +++ b/CVE-2023/CVE-2023-357xx/CVE-2023-35793.json @@ -2,23 +2,86 @@ "id": "CVE-2023-35793", "sourceIdentifier": "cve@mitre.org", "published": "2023-09-27T15:18:52.857", - "lastModified": "2023-09-27T15:41:47.123", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-28T21:58:14.140", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An issue was discovered in Cassia Access Controller 2.1.1.2303271039. Establishing a web SSH session to gateways is vulnerable to Cross Site Request Forgery (CSRF) attacks." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 un problema en Cassia Access Controller 2.1.1.2303271039. Establecer una sesi\u00f3n web SSH para puertas de enlace es vulnerable a ataques de Cross Site Request Forgery (CSRF)." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:cassianetworks:access_controller:2.1.1.2303271039:*:*:*:*:*:*:*", + "matchCriteriaId": "AD4C512A-48EB-43EB-9CAA-CE05673F71D5" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://github.com/Dodge-MPTC/CVE-2023-35793-CSRF-On-Web-SSH", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://www.cassianetworks.com/products/iot-access-controller/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Product" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-35xx/CVE-2023-3567.json b/CVE-2023/CVE-2023-35xx/CVE-2023-3567.json index a9f7b2d559e..36a7987e74e 100644 --- a/CVE-2023/CVE-2023-35xx/CVE-2023-3567.json +++ b/CVE-2023/CVE-2023-35xx/CVE-2023-3567.json @@ -2,7 +2,7 @@ "id": "CVE-2023-3567", "sourceIdentifier": "secalert@redhat.com", "published": "2023-07-24T16:15:12.990", - "lastModified": "2023-09-22T18:15:10.517", + "lastModified": "2023-09-28T20:15:10.510", "vulnStatus": "Modified", "descriptions": [ { @@ -37,20 +37,20 @@ "type": "Secondary", "cvssData": { "version": "3.1", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", - "privilegesRequired": "HIGH", + "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", + "integrityImpact": "NONE", "availabilityImpact": "HIGH", - "baseScore": 6.7, - "baseSeverity": "MEDIUM" + "baseScore": 7.1, + "baseSeverity": "HIGH" }, - "exploitabilityScore": 0.8, - "impactScore": 5.9 + "exploitabilityScore": 1.8, + "impactScore": 5.2 } ] }, diff --git a/CVE-2023/CVE-2023-36xx/CVE-2023-3660.json b/CVE-2023/CVE-2023-36xx/CVE-2023-3660.json index d02c3569aa9..bb5a7533ad2 100644 --- a/CVE-2023/CVE-2023-36xx/CVE-2023-3660.json +++ b/CVE-2023/CVE-2023-36xx/CVE-2023-3660.json @@ -2,7 +2,7 @@ "id": "CVE-2023-3660", "sourceIdentifier": "cna@vuldb.com", "published": "2023-07-13T12:15:09.397", - "lastModified": "2023-07-25T19:01:59.357", + "lastModified": "2023-09-28T21:29:30.470", "vulnStatus": "Analyzed", "descriptions": [ { @@ -102,8 +102,8 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:campcodes:retro_cellphone_online_store:1.0:*:*:*:*:*:*:*", - "matchCriteriaId": "14240D3C-5073-4D9E-8FE0-EF8C9E323E03" + "criteria": "cpe:2.3:a:retro_cellphone_online_store_project:retro_cellphone_online_store:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "A77A0EBC-52BE-4672-A49E-9C10696CD13D" } ] } diff --git a/CVE-2023/CVE-2023-403xx/CVE-2023-40386.json b/CVE-2023/CVE-2023-403xx/CVE-2023-40386.json index 8225be4bb44..b5a3f327701 100644 --- a/CVE-2023/CVE-2023-403xx/CVE-2023-40386.json +++ b/CVE-2023/CVE-2023-403xx/CVE-2023-40386.json @@ -2,19 +2,80 @@ "id": "CVE-2023-40386", "sourceIdentifier": "product-security@apple.com", "published": "2023-09-27T15:19:05.067", - "lastModified": "2023-09-27T15:41:55.530", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2023-09-28T21:08:14.443", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Sonoma 14. An app may be able to access Notes attachments." + }, + { + "lang": "es", + "value": "Se solucion\u00f3 un problema de privacidad mejorando el manejo de archivos temporales. Este problema se solucion\u00f3 en macOS Sonoma 14. Es posible que una aplicaci\u00f3n pueda acceder a los archivos adjuntos de Notas." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 3.3, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 1.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", + "versionEndExcluding": "14.0", + "matchCriteriaId": "7A5DD3D5-FB4F-4313-B873-DCED87FC4605" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://support.apple.com/en-us/HT213940", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-403xx/CVE-2023-40388.json b/CVE-2023/CVE-2023-403xx/CVE-2023-40388.json index 6090bdfc8ed..869eda256b7 100644 --- a/CVE-2023/CVE-2023-403xx/CVE-2023-40388.json +++ b/CVE-2023/CVE-2023-403xx/CVE-2023-40388.json @@ -2,19 +2,80 @@ "id": "CVE-2023-40388", "sourceIdentifier": "product-security@apple.com", "published": "2023-09-27T15:19:05.547", - "lastModified": "2023-09-27T15:41:55.530", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2023-09-28T21:39:31.380", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Sonoma 14. Safari may save photos to an unprotected location." + }, + { + "lang": "es", + "value": "Se solucion\u00f3 un problema de privacidad mejorando el manejo de archivos temporales. Este problema se solucion\u00f3 en macOS Sonoma 14. Safari puede guardar fotos en una ubicaci\u00f3n desprotegida." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", + "versionEndExcluding": "14.0", + "matchCriteriaId": "7A5DD3D5-FB4F-4313-B873-DCED87FC4605" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://support.apple.com/en-us/HT213940", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-404xx/CVE-2023-40427.json b/CVE-2023/CVE-2023-404xx/CVE-2023-40427.json index 0879ce56d21..e7ba7d75ce5 100644 --- a/CVE-2023/CVE-2023-404xx/CVE-2023-40427.json +++ b/CVE-2023/CVE-2023-404xx/CVE-2023-40427.json @@ -2,39 +2,146 @@ "id": "CVE-2023-40427", "sourceIdentifier": "product-security@apple.com", "published": "2023-09-27T15:19:12.040", - "lastModified": "2023-09-27T15:41:13.523", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-28T21:35:34.613", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "The issue was addressed with improved handling of caches. This issue is fixed in macOS Ventura 13.6, tvOS 17, macOS Monterey 12.7, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to read sensitive location information." + }, + { + "lang": "es", + "value": "El problema se solucion\u00f3 mejorando el manejo de los cach\u00e9s. Este problema se solucion\u00f3 en macOS Ventura 13.6, tvOS 17, macOS Monterey 12.7, watchOS 10, iOS 17 y iPadOS 17, macOS Sonoma 14. Es posible que una aplicaci\u00f3n pueda leer informaci\u00f3n sensible de ubicaci\u00f3n." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 3.3, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 1.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*", + "versionEndExcluding": "17.0", + "matchCriteriaId": "B511B802-B0A2-412D-ADA4-8B783BDF1880" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", + "versionEndExcluding": "17.0", + "matchCriteriaId": "E22CC7F9-F302-40B1-9B02-00FBC9805199" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", + "versionStartIncluding": "12.0", + "versionEndExcluding": "12.7", + "matchCriteriaId": "F05757BB-26B5-40A5-B37C-577706EA11C8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", + "versionStartIncluding": "13.0", + "versionEndExcluding": "13.6", + "matchCriteriaId": "7A78DA60-AE3B-4B3C-B338-97DAFABEBB1F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*", + "versionEndExcluding": "17.0", + "matchCriteriaId": "93620AD0-115A-4F86-B533-76A190AF41A0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.0", + "matchCriteriaId": "5A079CEF-8220-487C-B114-30BCC45647D6" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://support.apple.com/en-us/HT213931", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://support.apple.com/en-us/HT213932", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://support.apple.com/en-us/HT213936", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://support.apple.com/en-us/HT213937", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://support.apple.com/en-us/HT213938", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://support.apple.com/en-us/HT213940", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-404xx/CVE-2023-40443.json b/CVE-2023/CVE-2023-404xx/CVE-2023-40443.json index 814edac51d6..ce399f77abb 100644 --- a/CVE-2023/CVE-2023-404xx/CVE-2023-40443.json +++ b/CVE-2023/CVE-2023-404xx/CVE-2023-40443.json @@ -2,19 +2,85 @@ "id": "CVE-2023-40443", "sourceIdentifier": "product-security@apple.com", "published": "2023-09-27T15:19:16.337", - "lastModified": "2023-09-27T15:41:13.523", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-28T21:30:29.613", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "The issue was addressed with improved checks. This issue is fixed in iOS 17 and iPadOS 17. An app may be able to gain root privileges." + }, + { + "lang": "es", + "value": "El problema se solucion\u00f3 con controles mejorados. Este problema se solucion\u00f3 en iOS 17 y iPadOS 17. Es posible que una aplicaci\u00f3n pueda obtener privilegios de root." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*", + "versionEndExcluding": "17.0", + "matchCriteriaId": "B511B802-B0A2-412D-ADA4-8B783BDF1880" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", + "versionEndExcluding": "17.0", + "matchCriteriaId": "E22CC7F9-F302-40B1-9B02-00FBC9805199" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://support.apple.com/en-us/HT213938", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-406xx/CVE-2023-40668.json b/CVE-2023/CVE-2023-406xx/CVE-2023-40668.json index bd53d2546f0..5f2eac97c27 100644 --- a/CVE-2023/CVE-2023-406xx/CVE-2023-40668.json +++ b/CVE-2023/CVE-2023-406xx/CVE-2023-40668.json @@ -2,16 +2,40 @@ "id": "CVE-2023-40668", "sourceIdentifier": "audit@patchstack.com", "published": "2023-09-27T15:19:23.513", - "lastModified": "2023-09-27T15:41:47.123", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-28T20:32:15.353", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Pdfcrowd Save as PDF plugin by Pdfcrowd plugin <=\u00a02.16.0 versions." + }, + { + "lang": "es", + "value": "Vulnerabilidad de Coss-Site Scripting (XSS) autenticada (con permisos de admin o superiores) almacenada en Pdfcrowd Guardar como complemento PDF mediante el complemento Pdfcrowd en versiones <=2.16.0." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:pdfcrowd:save_as_pdf:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "2.16.0", + "matchCriteriaId": "32574422-AAA8-4491-AB04-19661291567A" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/save-as-pdf-by-pdfcrowd/wordpress-save-as-pdf-plugin-by-pdfcrowd-plugin-2-16-0-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-406xx/CVE-2023-40669.json b/CVE-2023/CVE-2023-406xx/CVE-2023-40669.json index ae7400fc16e..2a1b7026349 100644 --- a/CVE-2023/CVE-2023-406xx/CVE-2023-40669.json +++ b/CVE-2023/CVE-2023-406xx/CVE-2023-40669.json @@ -2,16 +2,40 @@ "id": "CVE-2023-40669", "sourceIdentifier": "audit@patchstack.com", "published": "2023-09-27T15:19:23.810", - "lastModified": "2023-09-27T15:41:47.123", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-28T20:32:34.477", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in twinpictures, baden03 Collapse-O-Matic plugin <=\u00a01.8.5.5 versions." + }, + { + "lang": "es", + "value": "Vulnerabilidad de Coss-Site Scripting (XSS) autenticada (con permisos de colaboradores o superiores) almacenada en twinpictures, complemento baden03 Collapse-O-Matic en versiones <= 1.8.5.5." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:twinpictures:collapse-o-matic:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "1.8.5.5", + "matchCriteriaId": "7FC76A11-2AA4-47E2-9DA4-13B79AB551F2" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/jquery-collapse-o-matic/wordpress-collapse-o-matic-plugin-1-8-3-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-406xx/CVE-2023-40675.json b/CVE-2023/CVE-2023-406xx/CVE-2023-40675.json index 783a31e8a10..490580e02b1 100644 --- a/CVE-2023/CVE-2023-406xx/CVE-2023-40675.json +++ b/CVE-2023/CVE-2023-406xx/CVE-2023-40675.json @@ -2,16 +2,40 @@ "id": "CVE-2023-40675", "sourceIdentifier": "audit@patchstack.com", "published": "2023-09-27T15:19:23.947", - "lastModified": "2023-09-27T15:41:47.123", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-28T20:29:47.320", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in PluginOps Landing Page Builder plugin <=\u00a01.5.1.2 versions." + }, + { + "lang": "es", + "value": "Vulnerabilidad de Coss-Site Scripting (XSS) autenticada (con permisos de admin o superiores) almacenada en el complemento PluginOps Landing Page Builder en versiones <=1.5.1.2." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:pluginops:landing_page_builder:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "1.5.1.2", + "matchCriteriaId": "0610E119-A5C1-41BA-93C7-80FB36833904" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/page-builder-add/wordpress-landing-page-builder-plugin-1-5-1-1-cross-site-scripting-xss?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-406xx/CVE-2023-40676.json b/CVE-2023/CVE-2023-406xx/CVE-2023-40676.json index 00cb051f329..7798f77ea50 100644 --- a/CVE-2023/CVE-2023-406xx/CVE-2023-40676.json +++ b/CVE-2023/CVE-2023-406xx/CVE-2023-40676.json @@ -2,16 +2,40 @@ "id": "CVE-2023-40676", "sourceIdentifier": "audit@patchstack.com", "published": "2023-09-27T15:19:24.077", - "lastModified": "2023-09-27T15:41:47.123", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-28T20:28:44.137", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Jason Crouse, VeronaLabs Slimstat Analytics plugin <=\u00a05.0.8 versions." + }, + { + "lang": "es", + "value": "Vulnerabilidad de Coss-Site Scripting (XSS) autenticada (con permisos de admin o superiores) almacenada en Jason Crouse, complemento VeronaLabs Slimstat Analytics en versiones <= 5.0.8." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -36,7 +60,7 @@ }, "weaknesses": [ { - "source": "audit@patchstack.com", + "source": "nvd@nist.gov", "type": "Primary", "description": [ { @@ -44,12 +68,43 @@ "value": "CWE-79" } ] + }, + { + "source": "audit@patchstack.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:wp-slimstat:slimstat_analytics:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "5.0.8", + "matchCriteriaId": "5C3965CE-C793-4BDE-A29D-958A86C16AAA" + } + ] + } + ] } ], "references": [ { "url": "https://patchstack.com/database/vulnerability/wp-slimstat/wordpress-slimstat-analytics-plugin-5-0-8-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-406xx/CVE-2023-40677.json b/CVE-2023/CVE-2023-406xx/CVE-2023-40677.json index 32f2c9e69ca..c7babbec974 100644 --- a/CVE-2023/CVE-2023-406xx/CVE-2023-40677.json +++ b/CVE-2023/CVE-2023-406xx/CVE-2023-40677.json @@ -2,16 +2,40 @@ "id": "CVE-2023-40677", "sourceIdentifier": "audit@patchstack.com", "published": "2023-09-27T15:19:24.233", - "lastModified": "2023-09-27T15:41:47.123", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-28T20:26:35.013", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gopi Ramasamy Vertical marquee plugin <=\u00a07.1 versions." + }, + { + "lang": "es", + "value": "Vulnerabilidad de Coss-Site Scripting (XSS) autenticada (con permisos de admin o superiores) almacenada en el complemento de Gopi Ramasamy Vertical marquee en versiones <=7.1." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gopiplus:vertical_marquee:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "7.1", + "matchCriteriaId": "CBC823E7-78BC-4D10-80CB-E66AFA17AC5D" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/vertical-marquee-plugin/wordpress-vertical-marquee-plugin-plugin-7-1-cross-site-scripting-xss?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-412xx/CVE-2023-41235.json b/CVE-2023/CVE-2023-412xx/CVE-2023-41235.json index d649b45d03d..6750a7dda11 100644 --- a/CVE-2023/CVE-2023-412xx/CVE-2023-41235.json +++ b/CVE-2023/CVE-2023-412xx/CVE-2023-41235.json @@ -2,16 +2,40 @@ "id": "CVE-2023-41235", "sourceIdentifier": "audit@patchstack.com", "published": "2023-09-27T15:19:27.140", - "lastModified": "2023-09-27T15:40:54.270", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-28T20:19:44.033", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Everest Themes Everest News Pro theme <=\u00a01.1.7 versions." + }, + { + "lang": "es", + "value": "Vulnerabilidad de Cross-Site Scripting (XSS) Reflejada No Autenticada en temas de Everest Tema Everest News Pro en versiones <= 1.1.7." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:everestthemes:everest_news:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "1.1.7", + "matchCriteriaId": "E61B82C9-3D24-488B-8B12-4FADCFC16521" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/everest-news-pro/wordpress-everest-news-pro-theme-1-1-7-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-412xx/CVE-2023-41236.json b/CVE-2023/CVE-2023-412xx/CVE-2023-41236.json index 35b580b63fb..28111ed0371 100644 --- a/CVE-2023/CVE-2023-412xx/CVE-2023-41236.json +++ b/CVE-2023/CVE-2023-412xx/CVE-2023-41236.json @@ -2,16 +2,40 @@ "id": "CVE-2023-41236", "sourceIdentifier": "audit@patchstack.com", "published": "2023-09-27T15:19:27.383", - "lastModified": "2023-09-27T15:40:54.270", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-28T20:19:26.923", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Happy addons Happy Elementor Addons Pro plugin <=\u00a02.8.0 versions." + }, + { + "lang": "es", + "value": "Vulnerabilidad de Cross-Site Scripting (XSS) Reflejada No Autenticada en Happy addons del complemento Happy Elementor Addons Pro en versiones <= 2.8.0." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:wedevs:happy_addons_for_elementor:*:*:*:*:pro:wordpress:*:*", + "versionEndIncluding": "2.8.0", + "matchCriteriaId": "9E7CBB7E-3AB4-425C-B25C-BB09FC353DE2" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/happy-elementor-addons-pro/wordpress-happy-elementor-addons-pro-plugin-2-8-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-414xx/CVE-2023-41445.json b/CVE-2023/CVE-2023-414xx/CVE-2023-41445.json index 63802ea3c16..b3526e32244 100644 --- a/CVE-2023/CVE-2023-414xx/CVE-2023-41445.json +++ b/CVE-2023/CVE-2023-414xx/CVE-2023-41445.json @@ -2,27 +2,94 @@ "id": "CVE-2023-41445", "sourceIdentifier": "cve@mitre.org", "published": "2023-09-27T23:15:10.150", - "lastModified": "2023-09-28T12:44:13.510", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-28T21:37:15.117", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Cross Site Scripting vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the index.php component." + }, + { + "lang": "es", + "value": "Vulnerabilidad de Cross-Site Scripting en phpkobo AjaxNewTicker v.1.0.5 permite a un atacante remoto ejecutar c\u00f3digo arbitrario a trav\u00e9s de un payload manipulado para el componente index.php." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:phpkobo:ajaxnewsticker:1.0.5:*:*:*:*:*:*:*", + "matchCriteriaId": "5AB746FE-B97E-47A9-949A-E9B4FA537D10" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "http://ajaxnewsticker.com", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link", + "Product" + ] }, { "url": "http://phpkobo.com", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Product" + ] }, { "url": "https://gist.github.com/RNPG/84cac1b949bab0e4c587a668385b052d", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-414xx/CVE-2023-41446.json b/CVE-2023/CVE-2023-414xx/CVE-2023-41446.json index 05e808849b9..232a45e7e60 100644 --- a/CVE-2023/CVE-2023-414xx/CVE-2023-41446.json +++ b/CVE-2023/CVE-2023-414xx/CVE-2023-41446.json @@ -2,27 +2,94 @@ "id": "CVE-2023-41446", "sourceIdentifier": "cve@mitre.org", "published": "2023-09-28T03:15:11.387", - "lastModified": "2023-09-28T12:44:04.973", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-28T21:49:06.750", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Cross Site Scripting vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted script to the title parameter in the index.php component." + }, + { + "lang": "es", + "value": "Vulnerabilidad de Cross-Site Scripting en phpkobo AjaxNewTicker v.1.0.5 permite a un atacante remoto ejecutar c\u00f3digo arbitrario a trav\u00e9s de un script manipulado para el par\u00e1metro de t\u00edtulo en el componente index.php." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:phpkobo:ajaxnewsticker:1.0.5:*:*:*:*:*:*:*", + "matchCriteriaId": "5AB746FE-B97E-47A9-949A-E9B4FA537D10" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "http://ajaxnewsticker.com", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link", + "Product" + ] }, { "url": "http://phpkobo.com", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Product" + ] }, { "url": "https://gist.github.com/RNPG/4bb91170f8ee50b395427f26bc96a1f2", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-414xx/CVE-2023-41449.json b/CVE-2023/CVE-2023-414xx/CVE-2023-41449.json index e14099372a9..6db41d63a98 100644 --- a/CVE-2023/CVE-2023-414xx/CVE-2023-41449.json +++ b/CVE-2023/CVE-2023-414xx/CVE-2023-41449.json @@ -2,27 +2,94 @@ "id": "CVE-2023-41449", "sourceIdentifier": "cve@mitre.org", "published": "2023-09-27T23:15:11.730", - "lastModified": "2023-09-28T12:44:13.510", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-28T21:42:16.540", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An issue in phpkobo AjaxNewsTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the reque parameter." + }, + { + "lang": "es", + "value": "Un problema en phpkobo AjaxNewsTicker v.1.0.5 permite a un atacante remoto ejecutar c\u00f3digo arbitrario a trav\u00e9s de un payload manipulado para el par\u00e1metro reque." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-918" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:phpkobo:ajaxnewsticker:1.0.5:*:*:*:*:*:*:*", + "matchCriteriaId": "5AB746FE-B97E-47A9-949A-E9B4FA537D10" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "http://ajaxnewsticker.com", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link", + "Product" + ] }, { "url": "http://phpkobo.com", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Product" + ] }, { "url": "https://gist.github.com/RNPG/c1ae240f2acec138132aa64ce3faa2e0", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-414xx/CVE-2023-41451.json b/CVE-2023/CVE-2023-414xx/CVE-2023-41451.json index 74c78a35bb5..90420c77749 100644 --- a/CVE-2023/CVE-2023-414xx/CVE-2023-41451.json +++ b/CVE-2023/CVE-2023-414xx/CVE-2023-41451.json @@ -2,27 +2,94 @@ "id": "CVE-2023-41451", "sourceIdentifier": "cve@mitre.org", "published": "2023-09-27T23:15:11.787", - "lastModified": "2023-09-28T12:44:13.510", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-28T21:43:38.937", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Cross Site Scripting vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the txt parameter in the index.php component." + }, + { + "lang": "es", + "value": "Vulnerabilidad de Cross Site Scripting en phpkobo AjaxNewTicker v.1.0.5 permite a un atacante remoto ejecutar c\u00f3digo arbitrario a trav\u00e9s de un payload manipulado para el par\u00e1metro txt en el componente index.php." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:phpkobo:ajaxnewsticker:1.0.5:*:*:*:*:*:*:*", + "matchCriteriaId": "5AB746FE-B97E-47A9-949A-E9B4FA537D10" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "http://ajaxnewsticker.com", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link", + "Product" + ] }, { "url": "http://phpkobo.com", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Product" + ] }, { "url": "https://gist.github.com/RNPG/062cfca2e293a0e7d24f5d55f8db3fde", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-414xx/CVE-2023-41452.json b/CVE-2023/CVE-2023-414xx/CVE-2023-41452.json index 76596dbec0e..798f4c9a2f8 100644 --- a/CVE-2023/CVE-2023-414xx/CVE-2023-41452.json +++ b/CVE-2023/CVE-2023-414xx/CVE-2023-41452.json @@ -2,27 +2,94 @@ "id": "CVE-2023-41452", "sourceIdentifier": "cve@mitre.org", "published": "2023-09-27T23:15:11.843", - "lastModified": "2023-09-28T12:44:13.510", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-28T21:47:51.073", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Cross Site Request Forgery vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the txt parameter in the index.php component." + }, + { + "lang": "es", + "value": "Vulnerabilidad de Cross Site Request Forgery en phpkobo AjaxNewTicker v.1.0.5 permite a un atacante remoto ejecutar c\u00f3digo arbitrario a trav\u00e9s de un payload manipulado para el par\u00e1metro txt en el componente index.php." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:phpkobo:ajaxnewsticker:1.0.5:*:*:*:*:*:*:*", + "matchCriteriaId": "5AB746FE-B97E-47A9-949A-E9B4FA537D10" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "http://ajaxnewsticker.com", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link", + "Product" + ] }, { "url": "http://phpkobo.com", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Product" + ] }, { "url": "https://gist.github.com/RNPG/32be1c4bae6f9378d4f382ba0c92b367", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-419xx/CVE-2023-41911.json b/CVE-2023/CVE-2023-419xx/CVE-2023-41911.json new file mode 100644 index 00000000000..d7e3dcfa8b6 --- /dev/null +++ b/CVE-2023/CVE-2023-419xx/CVE-2023-41911.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2023-41911", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-09-28T21:15:09.870", + "lastModified": "2023-09-28T21:15:09.870", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Samsung Mobile Processor Exynos 2200 allows a GPU Double Free (issue 1 of 2)." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cve@mitre.org", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 4.7, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.0, + "impactScore": 3.6 + } + ] + }, + "references": [ + { + "url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-427xx/CVE-2023-42793.json b/CVE-2023/CVE-2023-427xx/CVE-2023-42793.json index 11417032860..44006b78958 100644 --- a/CVE-2023/CVE-2023-427xx/CVE-2023-42793.json +++ b/CVE-2023/CVE-2023-427xx/CVE-2023-42793.json @@ -2,8 +2,8 @@ "id": "CVE-2023-42793", "sourceIdentifier": "security@jetbrains.com", "published": "2023-09-19T17:15:08.330", - "lastModified": "2023-09-21T20:01:37.220", - "vulnStatus": "Analyzed", + "lastModified": "2023-09-28T21:15:09.937", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -89,6 +89,10 @@ } ], "references": [ + { + "url": "https://blog.jetbrains.com/teamcity/2023/09/cve-2023-42793-vulnerability-post-mortem/", + "source": "security@jetbrains.com" + }, { "url": "https://www.jetbrains.com/privacy-security/issues-fixed/", "source": "security@jetbrains.com", diff --git a/CVE-2023/CVE-2023-430xx/CVE-2023-43013.json b/CVE-2023/CVE-2023-430xx/CVE-2023-43013.json new file mode 100644 index 00000000000..60988ff2036 --- /dev/null +++ b/CVE-2023/CVE-2023-430xx/CVE-2023-43013.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2023-43013", + "sourceIdentifier": "help@fluidattacks.com", + "published": "2023-09-28T21:15:10.037", + "lastModified": "2023-09-28T21:15:10.037", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Asset Management System v1.0 is vulnerable to an\n\nunauthenticated SQL Injection vulnerability on the\n\n'email' parameter of index.php page, allowing an\n\nexternal attacker to dump all the contents of the\n\ndatabase contents and bypass the login control.\n\n\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "help@fluidattacks.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "help@fluidattacks.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://fluidattacks.com/advisories/nergal", + "source": "help@fluidattacks.com" + }, + { + "url": "https://projectworlds.in/", + "source": "help@fluidattacks.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-432xx/CVE-2023-43226.json b/CVE-2023/CVE-2023-432xx/CVE-2023-43226.json new file mode 100644 index 00000000000..b5b8ad865bb --- /dev/null +++ b/CVE-2023/CVE-2023-432xx/CVE-2023-43226.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-43226", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-09-28T20:15:10.880", + "lastModified": "2023-09-28T20:29:46.433", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "An arbitrary file upload vulnerability in dede/baidunews.php in DedeCMS 5.7.111 and earlier allows attackers to execute arbitrary code via uploading a crafted PHP file." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/zzq66/cve/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-433xx/CVE-2023-43323.json b/CVE-2023/CVE-2023-433xx/CVE-2023-43323.json new file mode 100644 index 00000000000..ef62303f9cd --- /dev/null +++ b/CVE-2023/CVE-2023-433xx/CVE-2023-43323.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-43323", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-09-28T20:15:11.107", + "lastModified": "2023-09-28T20:29:46.433", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "mooSocial 3.1.8 is vulnerable to external service interaction on post function. When executed, the server sends a HTTP and DNS request to external server. The Parameters effected are multiple - messageText, data[wall_photo], data[userShareVideo] and data[userShareLink]." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/ahrixia/CVE-2023-43323", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-436xx/CVE-2023-43657.json b/CVE-2023/CVE-2023-436xx/CVE-2023-43657.json index eb22312dbe5..63b525c50c8 100644 --- a/CVE-2023/CVE-2023-436xx/CVE-2023-43657.json +++ b/CVE-2023/CVE-2023-436xx/CVE-2023-43657.json @@ -2,8 +2,8 @@ "id": "CVE-2023-43657", "sourceIdentifier": "security-advisories@github.com", "published": "2023-09-28T19:15:10.547", - "lastModified": "2023-09-28T19:15:10.547", - "vulnStatus": "Received", + "lastModified": "2023-09-28T20:29:46.433", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-436xx/CVE-2023-43663.json b/CVE-2023/CVE-2023-436xx/CVE-2023-43663.json index bd6fb029505..efeea3b1e4e 100644 --- a/CVE-2023/CVE-2023-436xx/CVE-2023-43663.json +++ b/CVE-2023/CVE-2023-436xx/CVE-2023-43663.json @@ -2,8 +2,8 @@ "id": "CVE-2023-43663", "sourceIdentifier": "security-advisories@github.com", "published": "2023-09-28T19:15:10.633", - "lastModified": "2023-09-28T19:15:10.633", - "vulnStatus": "Received", + "lastModified": "2023-09-28T20:29:46.433", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-436xx/CVE-2023-43664.json b/CVE-2023/CVE-2023-436xx/CVE-2023-43664.json index a87801fc95b..eaa0e0fcd68 100644 --- a/CVE-2023/CVE-2023-436xx/CVE-2023-43664.json +++ b/CVE-2023/CVE-2023-436xx/CVE-2023-43664.json @@ -2,8 +2,8 @@ "id": "CVE-2023-43664", "sourceIdentifier": "security-advisories@github.com", "published": "2023-09-28T19:15:10.713", - "lastModified": "2023-09-28T19:15:10.713", - "vulnStatus": "Received", + "lastModified": "2023-09-28T20:29:46.433", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-437xx/CVE-2023-43740.json b/CVE-2023/CVE-2023-437xx/CVE-2023-43740.json new file mode 100644 index 00000000000..7a4102a01e2 --- /dev/null +++ b/CVE-2023/CVE-2023-437xx/CVE-2023-43740.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2023-43740", + "sourceIdentifier": "help@fluidattacks.com", + "published": "2023-09-28T21:15:10.110", + "lastModified": "2023-09-28T21:15:10.110", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "[PROBLEMTYPE] in [COMPONENT] in [VENDOR] [PRODUCT] [VERSION] on [PLATFORMS] allows [ATTACKER] to [IMPACT] via [VECTOR]" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "help@fluidattacks.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.1, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 2.3, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "help@fluidattacks.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-434" + } + ] + } + ], + "references": [ + { + "url": "https://fluidattacks.com/advisories/shagrath", + "source": "help@fluidattacks.com" + }, + { + "url": "https://projectworlds.in/", + "source": "help@fluidattacks.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-437xx/CVE-2023-43775.json b/CVE-2023/CVE-2023-437xx/CVE-2023-43775.json index f6c69c3e307..1456eb55134 100644 --- a/CVE-2023/CVE-2023-437xx/CVE-2023-43775.json +++ b/CVE-2023/CVE-2023-437xx/CVE-2023-43775.json @@ -2,12 +2,16 @@ "id": "CVE-2023-43775", "sourceIdentifier": "CybersecurityCOE@eaton.com", "published": "2023-09-27T15:19:34.517", - "lastModified": "2023-09-27T15:41:42.647", + "lastModified": "2023-09-28T21:15:10.177", "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", - "value": "Denial-of-service vulnerability in the web server of the Eaton SMP SG-4260 allows \n\nattacker to potentially force an unexpected restart of the SMP Gateway\nautomation platform, impacting the availability of the product. In rare situations, the issue could cause\nthe SMP device to restart in Safe Mode or Max Safe Mode. When in Max Safe Mode, the product is\nnot vulnerable anymore.\n" + "value": "Denial-of-service vulnerability in the web server of the Eaton SMP Gateway allows \n\nattacker to potentially force an unexpected restart of the automation platform, impacting the availability of the product. In rare situations, the issue could cause\nthe SMP device to restart in Safe Mode or Max Safe Mode. When in Max Safe Mode, the product is\nnot vulnerable anymore.\n" + }, + { + "lang": "es", + "value": "Una vulnerabilidad de denegaci\u00f3n de servicio en el servidor web de Eaton SMP SG-4260 permite a un atacante forzar potencialmente un reinicio inesperado de la plataforma de automatizaci\u00f3n SMP Gateway, lo que afecta la disponibilidad del producto. En situaciones excepcionales, el problema podr\u00eda provocar que el dispositivo SMP se reinicie en Safe Mode o Max Safe Mode. Cuando est\u00e1 en modo Max Safe, el producto ya no es vulnerable." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-43xx/CVE-2023-4316.json b/CVE-2023/CVE-2023-43xx/CVE-2023-4316.json new file mode 100644 index 00000000000..93f5aa1572e --- /dev/null +++ b/CVE-2023/CVE-2023-43xx/CVE-2023-4316.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2023-4316", + "sourceIdentifier": "help@fluidattacks.com", + "published": "2023-09-28T21:15:10.313", + "lastModified": "2023-09-28T21:15:10.313", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Zod in version 3.22.2 allows an attacker to perform a denial of service while validating emails\n\n\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "help@fluidattacks.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "help@fluidattacks.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-20" + } + ] + } + ], + "references": [ + { + "url": "https://fluidattacks.com/advisories/swift", + "source": "help@fluidattacks.com" + }, + { + "url": "https://www.npmjs.com/package/zod", + "source": "help@fluidattacks.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-441xx/CVE-2023-44173.json b/CVE-2023/CVE-2023-441xx/CVE-2023-44173.json new file mode 100644 index 00000000000..67e61845e49 --- /dev/null +++ b/CVE-2023/CVE-2023-441xx/CVE-2023-44173.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2023-44173", + "sourceIdentifier": "help@fluidattacks.com", + "published": "2023-09-28T21:15:10.250", + "lastModified": "2023-09-28T21:15:10.250", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Online Movie Ticket Booking System v1.0 is vulnerable to\n\nan authenticated Reflected Cross-Site Scripting vulnerability.\n\n\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "help@fluidattacks.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "help@fluidattacks.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://fluidattacks.com/advisories/harrison", + "source": "help@fluidattacks.com" + }, + { + "url": "https://projectworlds.in/", + "source": "help@fluidattacks.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-50xx/CVE-2023-5004.json b/CVE-2023/CVE-2023-50xx/CVE-2023-5004.json new file mode 100644 index 00000000000..7cb79b78ae2 --- /dev/null +++ b/CVE-2023/CVE-2023-50xx/CVE-2023-5004.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2023-5004", + "sourceIdentifier": "help@fluidattacks.com", + "published": "2023-09-28T21:15:10.383", + "lastModified": "2023-09-28T21:15:10.383", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Hospital management system version 378c157 allows to bypass authentication.\n\nThis is possible because the application is vulnerable to SQLI.\n\n\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "help@fluidattacks.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "help@fluidattacks.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://fluidattacks.com/advisories/alcocer", + "source": "help@fluidattacks.com" + }, + { + "url": "https://github.com/projectworldsofficial/hospital-management-system-in-php/", + "source": "help@fluidattacks.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-50xx/CVE-2023-5053.json b/CVE-2023/CVE-2023-50xx/CVE-2023-5053.json new file mode 100644 index 00000000000..9268793810f --- /dev/null +++ b/CVE-2023/CVE-2023-50xx/CVE-2023-5053.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2023-5053", + "sourceIdentifier": "help@fluidattacks.com", + "published": "2023-09-28T21:15:10.447", + "lastModified": "2023-09-28T21:15:10.447", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Hospital management system version 378c157 allows to bypass authentication.\n\nThis is possible because the application is vulnerable to SQLI.\n\n\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "help@fluidattacks.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "help@fluidattacks.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://fluidattacks.com/advisories/shierro", + "source": "help@fluidattacks.com" + }, + { + "url": "https://github.com/projectworldsofficial/hospital-management-system-in-php/", + "source": "help@fluidattacks.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-51xx/CVE-2023-5185.json b/CVE-2023/CVE-2023-51xx/CVE-2023-5185.json new file mode 100644 index 00000000000..ca31e03cfaf --- /dev/null +++ b/CVE-2023/CVE-2023-51xx/CVE-2023-5185.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2023-5185", + "sourceIdentifier": "help@fluidattacks.com", + "published": "2023-09-28T21:15:10.507", + "lastModified": "2023-09-28T21:15:10.507", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Gym Management System Project v1.0 is vulnerable to\n\nan Insecure File Upload vulnerability on the 'file'\n\nparameter of profile/i.php page, allowing an\n\nauthenticated attacker to obtain Remote Code Execution\n\non the server hosting the application.\n\n\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "help@fluidattacks.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.1, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 2.3, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "help@fluidattacks.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-434" + } + ] + } + ], + "references": [ + { + "url": "https://fluidattacks.com/advisories/orion", + "source": "help@fluidattacks.com" + }, + { + "url": "https://projectworlds.in/", + "source": "help@fluidattacks.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-52xx/CVE-2023-5217.json b/CVE-2023/CVE-2023-52xx/CVE-2023-5217.json index 3cfc2f05e3b..e20db3c1844 100644 --- a/CVE-2023/CVE-2023-52xx/CVE-2023-5217.json +++ b/CVE-2023/CVE-2023-52xx/CVE-2023-5217.json @@ -2,7 +2,7 @@ "id": "CVE-2023-5217", "sourceIdentifier": "chrome-cve-admin@google.com", "published": "2023-09-28T16:15:10.980", - "lastModified": "2023-09-28T18:19:27.953", + "lastModified": "2023-09-28T21:15:10.570", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -12,6 +12,10 @@ ], "metrics": {}, "references": [ + { + "url": "http://www.openwall.com/lists/oss-security/2023/09/28/5", + "source": "chrome-cve-admin@google.com" + }, { "url": "https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_27.html", "source": "chrome-cve-admin@google.com" diff --git a/CVE-2023/CVE-2023-52xx/CVE-2023-5256.json b/CVE-2023/CVE-2023-52xx/CVE-2023-5256.json index 5188fe9a42d..0b719163406 100644 --- a/CVE-2023/CVE-2023-52xx/CVE-2023-5256.json +++ b/CVE-2023/CVE-2023-52xx/CVE-2023-5256.json @@ -2,8 +2,8 @@ "id": "CVE-2023-5256", "sourceIdentifier": "mlhess@drupal.org", "published": "2023-09-28T19:15:10.977", - "lastModified": "2023-09-28T19:15:10.977", - "vulnStatus": "Received", + "lastModified": "2023-09-28T20:29:46.433", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/README.md b/README.md index 6996587bc73..d09ca4539ef 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-09-28T20:00:25.811998+00:00 +2023-09-28T22:00:25.512017+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-09-28T19:15:34.223000+00:00 +2023-09-28T21:58:14.140000+00:00 ``` ### Last Data Feed Release @@ -29,50 +29,54 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -226536 +226546 ``` ### CVEs added in the last Commit -Recently added CVEs: `6` +Recently added CVEs: `10` -* [CVE-2023-40375](CVE-2023/CVE-2023-403xx/CVE-2023-40375.json) (`2023-09-28T18:15:11.830`) -* [CVE-2023-43044](CVE-2023/CVE-2023-430xx/CVE-2023-43044.json) (`2023-09-28T18:15:11.930`) -* [CVE-2023-43657](CVE-2023/CVE-2023-436xx/CVE-2023-43657.json) (`2023-09-28T19:15:10.547`) -* [CVE-2023-43663](CVE-2023/CVE-2023-436xx/CVE-2023-43663.json) (`2023-09-28T19:15:10.633`) -* [CVE-2023-43664](CVE-2023/CVE-2023-436xx/CVE-2023-43664.json) (`2023-09-28T19:15:10.713`) -* [CVE-2023-5256](CVE-2023/CVE-2023-52xx/CVE-2023-5256.json) (`2023-09-28T19:15:10.977`) +* [CVE-2023-43226](CVE-2023/CVE-2023-432xx/CVE-2023-43226.json) (`2023-09-28T20:15:10.880`) +* [CVE-2023-43323](CVE-2023/CVE-2023-433xx/CVE-2023-43323.json) (`2023-09-28T20:15:11.107`) +* [CVE-2023-41911](CVE-2023/CVE-2023-419xx/CVE-2023-41911.json) (`2023-09-28T21:15:09.870`) +* [CVE-2023-43013](CVE-2023/CVE-2023-430xx/CVE-2023-43013.json) (`2023-09-28T21:15:10.037`) +* [CVE-2023-43740](CVE-2023/CVE-2023-437xx/CVE-2023-43740.json) (`2023-09-28T21:15:10.110`) +* [CVE-2023-44173](CVE-2023/CVE-2023-441xx/CVE-2023-44173.json) (`2023-09-28T21:15:10.250`) +* [CVE-2023-4316](CVE-2023/CVE-2023-43xx/CVE-2023-4316.json) (`2023-09-28T21:15:10.313`) +* [CVE-2023-5004](CVE-2023/CVE-2023-50xx/CVE-2023-5004.json) (`2023-09-28T21:15:10.383`) +* [CVE-2023-5053](CVE-2023/CVE-2023-50xx/CVE-2023-5053.json) (`2023-09-28T21:15:10.447`) +* [CVE-2023-5185](CVE-2023/CVE-2023-51xx/CVE-2023-5185.json) (`2023-09-28T21:15:10.507`) ### CVEs modified in the last Commit -Recently modified CVEs: `31` +Recently modified CVEs: `28` -* [CVE-2021-40171](CVE-2021/CVE-2021-401xx/CVE-2021-40171.json) (`2023-09-28T18:17:19.183`) -* [CVE-2023-4845](CVE-2023/CVE-2023-48xx/CVE-2023-4845.json) (`2023-09-28T18:12:50.730`) -* [CVE-2023-4844](CVE-2023/CVE-2023-48xx/CVE-2023-4844.json) (`2023-09-28T18:14:56.547`) -* [CVE-2023-0466](CVE-2023/CVE-2023-04xx/CVE-2023-0466.json) (`2023-09-28T18:15:11.707`) -* [CVE-2023-4863](CVE-2023/CVE-2023-48xx/CVE-2023-4863.json) (`2023-09-28T18:15:12.113`) -* [CVE-2023-4846](CVE-2023/CVE-2023-48xx/CVE-2023-4846.json) (`2023-09-28T18:15:15.677`) -* [CVE-2023-43876](CVE-2023/CVE-2023-438xx/CVE-2023-43876.json) (`2023-09-28T18:19:27.953`) -* [CVE-2023-43878](CVE-2023/CVE-2023-438xx/CVE-2023-43878.json) (`2023-09-28T18:19:27.953`) -* [CVE-2023-43879](CVE-2023/CVE-2023-438xx/CVE-2023-43879.json) (`2023-09-28T18:19:27.953`) -* [CVE-2023-43884](CVE-2023/CVE-2023-438xx/CVE-2023-43884.json) (`2023-09-28T18:19:27.953`) -* [CVE-2023-30415](CVE-2023/CVE-2023-304xx/CVE-2023-30415.json) (`2023-09-28T18:19:27.953`) -* [CVE-2023-5186](CVE-2023/CVE-2023-51xx/CVE-2023-5186.json) (`2023-09-28T18:19:27.953`) -* [CVE-2023-5187](CVE-2023/CVE-2023-51xx/CVE-2023-5187.json) (`2023-09-28T18:19:27.953`) -* [CVE-2023-5217](CVE-2023/CVE-2023-52xx/CVE-2023-5217.json) (`2023-09-28T18:19:27.953`) -* [CVE-2023-40764](CVE-2023/CVE-2023-407xx/CVE-2023-40764.json) (`2023-09-28T18:27:13.700`) -* [CVE-2023-40755](CVE-2023/CVE-2023-407xx/CVE-2023-40755.json) (`2023-09-28T18:32:18.820`) -* [CVE-2023-43376](CVE-2023/CVE-2023-433xx/CVE-2023-43376.json) (`2023-09-28T18:44:02.520`) -* [CVE-2023-43617](CVE-2023/CVE-2023-436xx/CVE-2023-43617.json) (`2023-09-28T18:56:25.610`) -* [CVE-2023-0379](CVE-2023/CVE-2023-03xx/CVE-2023-0379.json) (`2023-09-28T18:56:56.773`) -* [CVE-2023-3141](CVE-2023/CVE-2023-31xx/CVE-2023-3141.json) (`2023-09-28T19:03:11.420`) -* [CVE-2023-1688](CVE-2023/CVE-2023-16xx/CVE-2023-1688.json) (`2023-09-28T19:06:17.677`) -* [CVE-2023-32233](CVE-2023/CVE-2023-322xx/CVE-2023-32233.json) (`2023-09-28T19:07:11.537`) -* [CVE-2023-41448](CVE-2023/CVE-2023-414xx/CVE-2023-41448.json) (`2023-09-28T19:11:38.160`) -* [CVE-2023-41447](CVE-2023/CVE-2023-414xx/CVE-2023-41447.json) (`2023-09-28T19:12:39.430`) -* [CVE-2023-41453](CVE-2023/CVE-2023-414xx/CVE-2023-41453.json) (`2023-09-28T19:15:34.223`) +* [CVE-2023-41235](CVE-2023/CVE-2023-412xx/CVE-2023-41235.json) (`2023-09-28T20:19:44.033`) +* [CVE-2023-40677](CVE-2023/CVE-2023-406xx/CVE-2023-40677.json) (`2023-09-28T20:26:35.013`) +* [CVE-2023-40676](CVE-2023/CVE-2023-406xx/CVE-2023-40676.json) (`2023-09-28T20:28:44.137`) +* [CVE-2023-43657](CVE-2023/CVE-2023-436xx/CVE-2023-43657.json) (`2023-09-28T20:29:46.433`) +* [CVE-2023-43663](CVE-2023/CVE-2023-436xx/CVE-2023-43663.json) (`2023-09-28T20:29:46.433`) +* [CVE-2023-43664](CVE-2023/CVE-2023-436xx/CVE-2023-43664.json) (`2023-09-28T20:29:46.433`) +* [CVE-2023-5256](CVE-2023/CVE-2023-52xx/CVE-2023-5256.json) (`2023-09-28T20:29:46.433`) +* [CVE-2023-40675](CVE-2023/CVE-2023-406xx/CVE-2023-40675.json) (`2023-09-28T20:29:47.320`) +* [CVE-2023-40668](CVE-2023/CVE-2023-406xx/CVE-2023-40668.json) (`2023-09-28T20:32:15.353`) +* [CVE-2023-40669](CVE-2023/CVE-2023-406xx/CVE-2023-40669.json) (`2023-09-28T20:32:34.477`) +* [CVE-2023-40386](CVE-2023/CVE-2023-403xx/CVE-2023-40386.json) (`2023-09-28T21:08:14.443`) +* [CVE-2023-42793](CVE-2023/CVE-2023-427xx/CVE-2023-42793.json) (`2023-09-28T21:15:09.937`) +* [CVE-2023-43775](CVE-2023/CVE-2023-437xx/CVE-2023-43775.json) (`2023-09-28T21:15:10.177`) +* [CVE-2023-5217](CVE-2023/CVE-2023-52xx/CVE-2023-5217.json) (`2023-09-28T21:15:10.570`) +* [CVE-2023-3660](CVE-2023/CVE-2023-36xx/CVE-2023-3660.json) (`2023-09-28T21:29:30.470`) +* [CVE-2023-40443](CVE-2023/CVE-2023-404xx/CVE-2023-40443.json) (`2023-09-28T21:30:29.613`) +* [CVE-2023-40427](CVE-2023/CVE-2023-404xx/CVE-2023-40427.json) (`2023-09-28T21:35:34.613`) +* [CVE-2023-41445](CVE-2023/CVE-2023-414xx/CVE-2023-41445.json) (`2023-09-28T21:37:15.117`) +* [CVE-2023-40388](CVE-2023/CVE-2023-403xx/CVE-2023-40388.json) (`2023-09-28T21:39:31.380`) +* [CVE-2023-41449](CVE-2023/CVE-2023-414xx/CVE-2023-41449.json) (`2023-09-28T21:42:16.540`) +* [CVE-2023-41451](CVE-2023/CVE-2023-414xx/CVE-2023-41451.json) (`2023-09-28T21:43:38.937`) +* [CVE-2023-41452](CVE-2023/CVE-2023-414xx/CVE-2023-41452.json) (`2023-09-28T21:47:51.073`) +* [CVE-2023-41446](CVE-2023/CVE-2023-414xx/CVE-2023-41446.json) (`2023-09-28T21:49:06.750`) +* [CVE-2023-35071](CVE-2023/CVE-2023-350xx/CVE-2023-35071.json) (`2023-09-28T21:52:38.770`) +* [CVE-2023-35793](CVE-2023/CVE-2023-357xx/CVE-2023-35793.json) (`2023-09-28T21:58:14.140`) ## Download and Usage