diff --git a/CVE-2023/CVE-2023-29xx/CVE-2023-2942.json b/CVE-2023/CVE-2023-29xx/CVE-2023-2942.json new file mode 100644 index 00000000000..bdc90d66ca8 --- /dev/null +++ b/CVE-2023/CVE-2023-29xx/CVE-2023-2942.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2023-2942", + "sourceIdentifier": "security@huntr.dev", + "published": "2023-05-27T22:15:09.483", + "lastModified": "2023-05-27T22:15:09.483", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Input Validation in GitHub repository openemr/openemr prior to 7.0.1." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "security@huntr.dev", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 8.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.2 + } + ] + }, + "weaknesses": [ + { + "source": "security@huntr.dev", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-20" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/openemr/openemr/commit/c1c0805696ca68577c37bf30e29f90e5f3e0f1a9", + "source": "security@huntr.dev" + }, + { + "url": "https://huntr.dev/bounties/dd56e7a0-9dff-48fc-bc59-9a22d91869eb", + "source": "security@huntr.dev" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-29xx/CVE-2023-2943.json b/CVE-2023/CVE-2023-29xx/CVE-2023-2943.json new file mode 100644 index 00000000000..affc7801b6b --- /dev/null +++ b/CVE-2023/CVE-2023-29xx/CVE-2023-2943.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2023-2943", + "sourceIdentifier": "security@huntr.dev", + "published": "2023-05-27T22:15:10.007", + "lastModified": "2023-05-27T23:15:09.100", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Code Injection in GitHub repository openemr/openemr prior to 7.0.1." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "security@huntr.dev", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.6, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.1, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "security@huntr.dev", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-94" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/openemr/openemr/commit/c1c0805696ca68577c37bf30e29f90e5f3e0f1a9", + "source": "security@huntr.dev" + }, + { + "url": "https://huntr.dev/bounties/4190f944-dc2c-4624-9abf-31479456faa9", + "source": "security@huntr.dev" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-29xx/CVE-2023-2944.json b/CVE-2023/CVE-2023-29xx/CVE-2023-2944.json new file mode 100644 index 00000000000..3a3df59f452 --- /dev/null +++ b/CVE-2023/CVE-2023-29xx/CVE-2023-2944.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2023-2944", + "sourceIdentifier": "security@huntr.dev", + "published": "2023-05-27T22:15:10.083", + "lastModified": "2023-05-27T22:15:10.083", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Access Control in GitHub repository openemr/openemr prior to 7.0.1." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "security@huntr.dev", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ] + }, + "weaknesses": [ + { + "source": "security@huntr.dev", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-284" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/openemr/openemr/commit/723ac5d78080d1b8542f47673988cd63e0389d25", + "source": "security@huntr.dev" + }, + { + "url": "https://huntr.dev/bounties/0d67dcb1-acc0-4d5d-bb69-a09d1bc9fa1d", + "source": "security@huntr.dev" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-29xx/CVE-2023-2945.json b/CVE-2023/CVE-2023-29xx/CVE-2023-2945.json new file mode 100644 index 00000000000..6681686b3aa --- /dev/null +++ b/CVE-2023/CVE-2023-29xx/CVE-2023-2945.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2023-2945", + "sourceIdentifier": "security@huntr.dev", + "published": "2023-05-27T22:15:10.167", + "lastModified": "2023-05-27T22:15:10.167", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization in GitHub repository openemr/openemr prior to 7.0.1." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "security@huntr.dev", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "security@huntr.dev", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/openemr/openemr/commit/3656bc88288957d68ba040cad2e5f9dbd1b607b1", + "source": "security@huntr.dev" + }, + { + "url": "https://huntr.dev/bounties/62de71bd-333d-4593-91a5-534ef7f0c435", + "source": "security@huntr.dev" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-29xx/CVE-2023-2946.json b/CVE-2023/CVE-2023-29xx/CVE-2023-2946.json new file mode 100644 index 00000000000..e4237c22ae7 --- /dev/null +++ b/CVE-2023/CVE-2023-29xx/CVE-2023-2946.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2023-2946", + "sourceIdentifier": "security@huntr.dev", + "published": "2023-05-27T23:15:09.217", + "lastModified": "2023-05-27T23:15:09.217", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Access Control in GitHub repository openemr/openemr prior to 7.0.1." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "security@huntr.dev", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ] + }, + "weaknesses": [ + { + "source": "security@huntr.dev", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-284" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/openemr/openemr/commit/81832acc14207e577e76c4175967c99ae7e3d3f4", + "source": "security@huntr.dev" + }, + { + "url": "https://huntr.dev/bounties/e550f4b0-945c-4886-af7f-ee0dc30b2a08", + "source": "security@huntr.dev" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-29xx/CVE-2023-2947.json b/CVE-2023/CVE-2023-29xx/CVE-2023-2947.json new file mode 100644 index 00000000000..c712fabb253 --- /dev/null +++ b/CVE-2023/CVE-2023-29xx/CVE-2023-2947.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2023-2947", + "sourceIdentifier": "security@huntr.dev", + "published": "2023-05-27T23:15:09.283", + "lastModified": "2023-05-27T23:15:09.283", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Cross-site Scripting (XSS) - Stored in GitHub repository openemr/openemr prior to 7.0.1." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "security@huntr.dev", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 4.7, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.2, + "impactScore": 3.4 + } + ] + }, + "weaknesses": [ + { + "source": "security@huntr.dev", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/openemr/openemr/commit/8d2d601ac40aca75bcd2c3cf193f59c8e56d8425", + "source": "security@huntr.dev" + }, + { + "url": "https://huntr.dev/bounties/52534def-acab-4200-a79a-89ef4ce6a0b0", + "source": "security@huntr.dev" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 53f78445ab9..0d1f08ab319 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-05-27T20:00:25.280395+00:00 +2023-05-27T23:55:24.791557+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-05-27T19:15:09.650000+00:00 +2023-05-27T23:15:09.283000+00:00 ``` ### Last Data Feed Release @@ -29,21 +29,25 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -216159 +216165 ``` ### CVEs added in the last Commit -Recently added CVEs: `1` +Recently added CVEs: `6` -* [CVE-2015-20108](CVE-2015/CVE-2015-201xx/CVE-2015-20108.json) (`2023-05-27T19:15:09.043`) +* [CVE-2023-2942](CVE-2023/CVE-2023-29xx/CVE-2023-2942.json) (`2023-05-27T22:15:09.483`) +* [CVE-2023-2944](CVE-2023/CVE-2023-29xx/CVE-2023-2944.json) (`2023-05-27T22:15:10.083`) +* [CVE-2023-2945](CVE-2023/CVE-2023-29xx/CVE-2023-2945.json) (`2023-05-27T22:15:10.167`) +* [CVE-2023-2943](CVE-2023/CVE-2023-29xx/CVE-2023-2943.json) (`2023-05-27T22:15:10.007`) +* [CVE-2023-2946](CVE-2023/CVE-2023-29xx/CVE-2023-2946.json) (`2023-05-27T23:15:09.217`) +* [CVE-2023-2947](CVE-2023/CVE-2023-29xx/CVE-2023-2947.json) (`2023-05-27T23:15:09.283`) ### CVEs modified in the last Commit -Recently modified CVEs: `1` +Recently modified CVEs: `0` -* [CVE-2023-29820](CVE-2023/CVE-2023-298xx/CVE-2023-29820.json) (`2023-05-27T19:15:09.650`) ## Download and Usage