Auto-Update: 2023-05-27T23:55:24.791557+00:00

2025-07-09 16:05:11 +00:00 · 2023-05-27 23:55:28 +00:00 · 2023-05-27 23:55:28 +00:00 · 42e9c8f4e6
commit 42e9c8f4e6
parent 0583cefbf0
7 changed files with 365 additions and 7 deletions
--- a/CVE-2023/CVE-2023-29xx/CVE-2023-2942.json
+++ b/CVE-2023/CVE-2023-29xx/CVE-2023-2942.json
@ -0,0 +1,59 @@
+{
+  "id": "CVE-2023-2942",
+  "sourceIdentifier": "security@huntr.dev",
+  "published": "2023-05-27T22:15:09.483",
+  "lastModified": "2023-05-27T22:15:09.483",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Improper Input Validation in GitHub repository openemr/openemr prior to 7.0.1."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV30": [
+      {
+        "source": "security@huntr.dev",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.0",
+          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "NONE",
+          "baseScore": 8.1,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 5.2
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security@huntr.dev",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-20"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/openemr/openemr/commit/c1c0805696ca68577c37bf30e29f90e5f3e0f1a9",
+      "source": "security@huntr.dev"
+    },
+    {
+      "url": "https://huntr.dev/bounties/dd56e7a0-9dff-48fc-bc59-9a22d91869eb",
+      "source": "security@huntr.dev"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-29xx/CVE-2023-2943.json
+++ b/CVE-2023/CVE-2023-29xx/CVE-2023-2943.json
@ -0,0 +1,59 @@
+{
+  "id": "CVE-2023-2943",
+  "sourceIdentifier": "security@huntr.dev",
+  "published": "2023-05-27T22:15:10.007",
+  "lastModified": "2023-05-27T23:15:09.100",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Code Injection in GitHub repository openemr/openemr prior to 7.0.1."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV30": [
+      {
+        "source": "security@huntr.dev",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.0",
+          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "REQUIRED",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE",
+          "baseScore": 4.6,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.1,
+        "impactScore": 2.5
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security@huntr.dev",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-94"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/openemr/openemr/commit/c1c0805696ca68577c37bf30e29f90e5f3e0f1a9",
+      "source": "security@huntr.dev"
+    },
+    {
+      "url": "https://huntr.dev/bounties/4190f944-dc2c-4624-9abf-31479456faa9",
+      "source": "security@huntr.dev"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-29xx/CVE-2023-2944.json
+++ b/CVE-2023/CVE-2023-29xx/CVE-2023-2944.json
@ -0,0 +1,59 @@
+{
+  "id": "CVE-2023-2944",
+  "sourceIdentifier": "security@huntr.dev",
+  "published": "2023-05-27T22:15:10.083",
+  "lastModified": "2023-05-27T22:15:10.083",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Improper Access Control in GitHub repository openemr/openemr prior to 7.0.1."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV30": [
+      {
+        "source": "security@huntr.dev",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.0",
+          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "LOW",
+          "baseScore": 6.3,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 3.4
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security@huntr.dev",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-284"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/openemr/openemr/commit/723ac5d78080d1b8542f47673988cd63e0389d25",
+      "source": "security@huntr.dev"
+    },
+    {
+      "url": "https://huntr.dev/bounties/0d67dcb1-acc0-4d5d-bb69-a09d1bc9fa1d",
+      "source": "security@huntr.dev"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-29xx/CVE-2023-2945.json
+++ b/CVE-2023/CVE-2023-29xx/CVE-2023-2945.json
@ -0,0 +1,59 @@
+{
+  "id": "CVE-2023-2945",
+  "sourceIdentifier": "security@huntr.dev",
+  "published": "2023-05-27T22:15:10.167",
+  "lastModified": "2023-05-27T22:15:10.167",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Missing Authorization in GitHub repository openemr/openemr prior to 7.0.1."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV30": [
+      {
+        "source": "security@huntr.dev",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.0",
+          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE",
+          "baseScore": 4.3,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 1.4
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security@huntr.dev",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-862"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/openemr/openemr/commit/3656bc88288957d68ba040cad2e5f9dbd1b607b1",
+      "source": "security@huntr.dev"
+    },
+    {
+      "url": "https://huntr.dev/bounties/62de71bd-333d-4593-91a5-534ef7f0c435",
+      "source": "security@huntr.dev"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-29xx/CVE-2023-2946.json
+++ b/CVE-2023/CVE-2023-29xx/CVE-2023-2946.json
@ -0,0 +1,59 @@
+{
+  "id": "CVE-2023-2946",
+  "sourceIdentifier": "security@huntr.dev",
+  "published": "2023-05-27T23:15:09.217",
+  "lastModified": "2023-05-27T23:15:09.217",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Improper Access Control in GitHub repository openemr/openemr prior to 7.0.1."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV30": [
+      {
+        "source": "security@huntr.dev",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.0",
+          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "LOW",
+          "baseScore": 6.3,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 3.4
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security@huntr.dev",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-284"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/openemr/openemr/commit/81832acc14207e577e76c4175967c99ae7e3d3f4",
+      "source": "security@huntr.dev"
+    },
+    {
+      "url": "https://huntr.dev/bounties/e550f4b0-945c-4886-af7f-ee0dc30b2a08",
+      "source": "security@huntr.dev"
+    }
+  ]
+}
--- a/CVE-2023/CVE-2023-29xx/CVE-2023-2947.json
+++ b/CVE-2023/CVE-2023-29xx/CVE-2023-2947.json
@ -0,0 +1,59 @@
+{
+  "id": "CVE-2023-2947",
+  "sourceIdentifier": "security@huntr.dev",
+  "published": "2023-05-27T23:15:09.283",
+  "lastModified": "2023-05-27T23:15:09.283",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Cross-site Scripting (XSS) - Stored in GitHub repository openemr/openemr prior to 7.0.1."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV30": [
+      {
+        "source": "security@huntr.dev",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.0",
+          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "HIGH",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "LOW",
+          "baseScore": 4.7,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 1.2,
+        "impactScore": 3.4
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "security@huntr.dev",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-79"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/openemr/openemr/commit/8d2d601ac40aca75bcd2c3cf193f59c8e56d8425",
+      "source": "security@huntr.dev"
+    },
+    {
+      "url": "https://huntr.dev/bounties/52534def-acab-4200-a79a-89ef4ce6a0b0",
+      "source": "security@huntr.dev"
+    }
+  ]
+}
--- a/README.md
+++ b/README.md
@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2023-05-27T20:00:25.280395+00:00
+2023-05-27T23:55:24.791557+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2023-05-27T19:15:09.650000+00:00
+2023-05-27T23:15:09.283000+00:00
 ```

 ### Last Data Feed Release
@ -29,21 +29,25 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs

 ```plain
-216159
+216165
 ```

 ### CVEs added in the last Commit

-Recently added CVEs: `1`
+Recently added CVEs: `6`

-* [CVE-2015-20108](CVE-2015/CVE-2015-201xx/CVE-2015-20108.json) (`2023-05-27T19:15:09.043`)
+* [CVE-2023-2942](CVE-2023/CVE-2023-29xx/CVE-2023-2942.json) (`2023-05-27T22:15:09.483`)
+* [CVE-2023-2944](CVE-2023/CVE-2023-29xx/CVE-2023-2944.json) (`2023-05-27T22:15:10.083`)
+* [CVE-2023-2945](CVE-2023/CVE-2023-29xx/CVE-2023-2945.json) (`2023-05-27T22:15:10.167`)
+* [CVE-2023-2943](CVE-2023/CVE-2023-29xx/CVE-2023-2943.json) (`2023-05-27T22:15:10.007`)
+* [CVE-2023-2946](CVE-2023/CVE-2023-29xx/CVE-2023-2946.json) (`2023-05-27T23:15:09.217`)
+* [CVE-2023-2947](CVE-2023/CVE-2023-29xx/CVE-2023-2947.json) (`2023-05-27T23:15:09.283`)


 ### CVEs modified in the last Commit

-Recently modified CVEs: `1`
+Recently modified CVEs: `0`

-* [CVE-2023-29820](CVE-2023/CVE-2023-298xx/CVE-2023-29820.json) (`2023-05-27T19:15:09.650`)


 ## Download and Usage