admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-08 19:47:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-08-23T16:00:28.413249+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-08-23 16:00:31 +00:00
parent 1935f6410b
commit 43c1512276
39 changed files with 29721 additions and 108 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27669
CVE-2022/CVE-2022-48xx/CVE-2022-4894.json
View File

File diff suppressed because it is too large Load Diff

98
CVE-2023/CVE-2023-202xx/CVE-2023-20242.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-20242",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2023-08-16T21:15:09.800",
"lastModified": "2023-08-17T12:53:44.537",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-23T15:14:06.183",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
@ -34,10 +54,82 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "42A41C41-A370-4C0E-A49D-AD42B2F3FB5C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:11.5\\(1\\):*:*:*:session_management:*:*:*",
"matchCriteriaId": "F770709C-FFB2-4A4E-A2D8-2EAA23F2E87C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:12.5\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3EB73BD4-9ECC-458E-925D-FECE9A49BD48"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:12.5\\(1\\):*:*:*:session_management:*:*:*",
"matchCriteriaId": "EB810DDE-18A0-4168-8EC1-726DA62453E8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:14.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5FFCAAB4-CED3-4D68-9572-15B27876B1F4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:14.0:*:*:*:session_management:*:*:*",
"matchCriteriaId": "5B613D5E-BF3D-426B-9A5B-0322D48EE693"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:unified_communications_manager_im_and_presence_service:11.5\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "34D89C42-AAD9-4B04-9F95-F77681E39553"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:unified_communications_manager_im_and_presence_service:12.5\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CAAAAF61-C33F-462B-B7C4-9F976235888A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:unified_communications_manager_im_and_presence_service:14.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9F161FAB-C375-4F2D-BF13-1645BA6A06F5"
}
]
}
]
}
],
"references": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-imp-xss-QtT4VdsK",
"source": "ykramarz@cisco.com"
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
]
}
]
}

72
CVE-2023/CVE-2023-228xx/CVE-2023-22841.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-22841",
"sourceIdentifier": "secure@intel.com",
"published": "2023-08-11T03:15:17.880",
"lastModified": "2023-08-11T03:44:51.127",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-23T15:45:27.533",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.3,
"impactScore": 5.9
},
{
"source": "secure@intel.com",
"type": "Secondary",
@ -34,10 +54,56 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-427"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:intel:server_firmware_update_utility:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.0.7",
"matchCriteriaId": "FA80CAA6-2CD9-4616-8900-602D48D86C2D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:intel:c621a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F2364774-DA5C-48BF-AEDB-E97BFED643F6"
}
]
}
]
}
],
"references": [
{
"url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00830.html",
"source": "secure@intel.com"
"source": "secure@intel.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

77
CVE-2023/CVE-2023-235xx/CVE-2023-23577.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-23577",
"sourceIdentifier": "secure@intel.com",
"published": "2023-08-11T03:15:18.233",
"lastModified": "2023-08-11T03:44:51.127",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-23T15:45:18.317",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.3,
"impactScore": 5.9
},
{
"source": "secure@intel.com",
"type": "Secondary",
@ -34,10 +54,61 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-427"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:intel:ite_tech_consumer_infrared_driver:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.5.2.1",
"matchCriteriaId": "84E99BAE-AAB7-465D-AAE3-B106CFB3FF75"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:intel:nuc_11_enthusiast_kit_nuc11phki7c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B29DE251-B4BC-4716-99DD-35F4FEE788F0"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:intel:nuc_11_enthusiast_mini_pc_nuc11phki7caa:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6319E7BC-693D-44A9-A342-65E94E477B81"
}
]
}
]
}
],
"references": [
{
"url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00829.html",
"source": "secure@intel.com"
"source": "secure@intel.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-286xx/CVE-2023-28690.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28690",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-08-17T22:15:09.973",
"lastModified": "2023-08-18T12:43:51.207",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-23T14:37:43.853",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:marcosteinbrecher:wp_browserupdate:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "4.5",
"matchCriteriaId": "1AD47041-5F94-4CA8-AE64-5C55136969B5"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wp-browser-update/wordpress-wp-browserupdate-plugin-4-4-1-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

55
CVE-2023/CVE-2023-289xx/CVE-2023-28994.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-28994",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-08-23T15:15:07.890",
"lastModified": "2023-08-23T15:15:07.890",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in UX-themes Flatsome plugin <=\u00a03.16.8 versions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/flatsome/wordpress-flatsome-theme-3-16-8-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

60
CVE-2023/CVE-2023-291xx/CVE-2023-29151.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-29151",
"sourceIdentifier": "secure@intel.com",
"published": "2023-08-11T03:15:27.830",
"lastModified": "2023-08-11T03:44:51.127",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-23T15:00:10.933",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "secure@intel.com",
"type": "Secondary",
@ -34,10 +54,44 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-427"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:intel:platform_service_record_software_development_kit:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.0.0.20",
"matchCriteriaId": "920E9CDE-FF82-4603-91DC-0AF6A572AF57"
}
]
}
]
}
],
"references": [
{
"url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00907.html",
"source": "secure@intel.com"
"source": "secure@intel.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

60
CVE-2023/CVE-2023-291xx/CVE-2023-29182.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-29182",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2023-08-17T10:15:09.703",
"lastModified": "2023-08-17T12:53:44.537",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-23T15:36:23.923",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
},
{
"source": "psirt@fortinet.com",
"type": "Secondary",
@ -34,10 +54,44 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2.0",
"versionEndExcluding": "7.0.4",
"matchCriteriaId": "81949446-ADC8-4B07-95FF-3C2D27DDF927"
}
]
}
]
}
],
"references": [
{
"url": "https://fortiguard.com/psirt/FG-IR-23-149",
"source": "psirt@fortinet.com"
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
]
}
]
}

65
CVE-2023/CVE-2023-29xx/CVE-2023-2910.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2910",
"sourceIdentifier": "security@asustor.com",
"published": "2023-08-17T10:15:10.737",
"lastModified": "2023-08-17T12:53:44.537",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-23T15:03:06.753",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "security@asustor.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
},
{
"source": "security@asustor.com",
"type": "Secondary",
@ -46,10 +76,39 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:asustor:data_master:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.0.0.rib4",
"versionEndIncluding": "4.0.6.ris1",
"matchCriteriaId": "52E98421-79B4-4483-ABC6-C01289B5C028"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:asustor:data_master:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.1.0.rhu2",
"versionEndExcluding": "4.2.3.rk91",
"matchCriteriaId": "8A135ABF-52BD-43B0-AD0D-0B92FF20B9F5"
}
]
}
]
}
],
"references": [
{
"url": "https://www.asustor.com/security/security_advisory_detail?id=27",
"source": "security@asustor.com"
"source": "security@asustor.com",
"tags": [
"Vendor Advisory"
]
}
]
}

98
CVE-2023/CVE-2023-29xx/CVE-2023-2914.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2914",
"sourceIdentifier": "PSIRT@rockwellautomation.com",
"published": "2023-08-17T16:15:09.513",
"lastModified": "2023-08-17T16:20:42.683",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-23T15:46:19.610",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-190"
}
]
},
{
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary",
@ -46,10 +76,72 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rockwellautomation:thinmanager_thinserver:*:*:*:*:*:*:*:*",
"versionStartIncluding": "11.0.0",
"versionEndIncluding": "11.0.6",
"matchCriteriaId": "6C40EF89-902D-40A0-9460-9C2037CDAF45"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rockwellautomation:thinmanager_thinserver:*:*:*:*:*:*:*:*",
"versionStartIncluding": "11.1.0",
"versionEndIncluding": "11.1.6",
"matchCriteriaId": "DCB9F021-2307-4183-A6B8-CAEE88808C92"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rockwellautomation:thinmanager_thinserver:*:*:*:*:*:*:*:*",
"versionStartIncluding": "11.2.0",
"versionEndIncluding": "11.2.7",
"matchCriteriaId": "A8C2E2BF-3ABA-4E69-9A8F-4E2AC6C48E2E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rockwellautomation:thinmanager_thinserver:*:*:*:*:*:*:*:*",
"versionStartIncluding": "12.0.0",
"versionEndIncluding": "12.0.5",
"matchCriteriaId": "66054D47-416A-4194-9B95-AE810924AD94"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rockwellautomation:thinmanager_thinserver:*:*:*:*:*:*:*:*",
"versionStartIncluding": "12.1.0",
"versionEndIncluding": "12.1.6",
"matchCriteriaId": "3AAE89B3-6C25-4DE7-898A-2F8637122B01"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rockwellautomation:thinmanager_thinserver:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0.0",
"versionEndIncluding": "13.0.2",
"matchCriteriaId": "A5D9F5DA-D66A-4F88-A1C4-E1411715162F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rockwellautomation:thinmanager_thinserver:13.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DE7FC8D4-F5EF-45DC-9D95-4CFBC3FE1E3B"
}
]
}
]
}
],
"references": [
{
"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140471",
"source": "PSIRT@rockwellautomation.com"
"source": "PSIRT@rockwellautomation.com",
"tags": [
"Permissions Required"
]
}
]
}

98
CVE-2023/CVE-2023-29xx/CVE-2023-2915.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2915",
"sourceIdentifier": "PSIRT@rockwellautomation.com",
"published": "2023-08-17T16:15:09.693",
"lastModified": "2023-08-17T16:20:42.683",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-23T15:49:03.143",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2
},
{
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
},
{
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary",
@ -46,10 +76,72 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rockwellautomation:thinmanager_thinserver:*:*:*:*:*:*:*:*",
"versionStartIncluding": "11.0.0",
"versionEndIncluding": "11.0.6",
"matchCriteriaId": "6C40EF89-902D-40A0-9460-9C2037CDAF45"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rockwellautomation:thinmanager_thinserver:*:*:*:*:*:*:*:*",
"versionStartIncluding": "11.1.0",
"versionEndIncluding": "11.1.6",
"matchCriteriaId": "DCB9F021-2307-4183-A6B8-CAEE88808C92"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rockwellautomation:thinmanager_thinserver:*:*:*:*:*:*:*:*",
"versionStartIncluding": "11.2.0",
"versionEndIncluding": "11.2.7",
"matchCriteriaId": "A8C2E2BF-3ABA-4E69-9A8F-4E2AC6C48E2E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rockwellautomation:thinmanager_thinserver:*:*:*:*:*:*:*:*",
"versionStartIncluding": "12.0.0",
"versionEndIncluding": "12.0.5",
"matchCriteriaId": "66054D47-416A-4194-9B95-AE810924AD94"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rockwellautomation:thinmanager_thinserver:*:*:*:*:*:*:*:*",
"versionStartIncluding": "12.1.0",
"versionEndIncluding": "12.1.6",
"matchCriteriaId": "3AAE89B3-6C25-4DE7-898A-2F8637122B01"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rockwellautomation:thinmanager_thinserver:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0.0",
"versionEndIncluding": "13.0.2",
"matchCriteriaId": "A5D9F5DA-D66A-4F88-A1C4-E1411715162F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rockwellautomation:thinmanager_thinserver:13.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DE7FC8D4-F5EF-45DC-9D95-4CFBC3FE1E3B"
}
]
}
]
}
],
"references": [
{
"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140471",
"source": "PSIRT@rockwellautomation.com"
"source": "PSIRT@rockwellautomation.com",
"tags": [
"Permissions Required"
]
}
]
}

98
CVE-2023/CVE-2023-29xx/CVE-2023-2917.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2917",
"sourceIdentifier": "PSIRT@rockwellautomation.com",
"published": "2023-08-17T16:15:09.790",
"lastModified": "2023-08-17T16:20:42.683",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-23T15:56:46.197",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
},
{
"source": "PSIRT@rockwellautomation.com",
"type": "Secondary",
@ -46,10 +76,72 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rockwellautomation:thinmanager_thinserver:*:*:*:*:*:*:*:*",
"versionStartIncluding": "11.0.0",
"versionEndIncluding": "11.0.6",
"matchCriteriaId": "6C40EF89-902D-40A0-9460-9C2037CDAF45"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rockwellautomation:thinmanager_thinserver:*:*:*:*:*:*:*:*",
"versionStartIncluding": "11.1.0",
"versionEndIncluding": "11.1.6",
"matchCriteriaId": "DCB9F021-2307-4183-A6B8-CAEE88808C92"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rockwellautomation:thinmanager_thinserver:*:*:*:*:*:*:*:*",
"versionStartIncluding": "11.2.0",
"versionEndIncluding": "11.2.7",
"matchCriteriaId": "A8C2E2BF-3ABA-4E69-9A8F-4E2AC6C48E2E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rockwellautomation:thinmanager_thinserver:*:*:*:*:*:*:*:*",
"versionStartIncluding": "12.0.0",
"versionEndIncluding": "12.0.5",
"matchCriteriaId": "66054D47-416A-4194-9B95-AE810924AD94"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rockwellautomation:thinmanager_thinserver:*:*:*:*:*:*:*:*",
"versionStartIncluding": "12.1.0",
"versionEndIncluding": "12.1.6",
"matchCriteriaId": "3AAE89B3-6C25-4DE7-898A-2F8637122B01"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rockwellautomation:thinmanager_thinserver:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0.0",
"versionEndIncluding": "13.0.2",
"matchCriteriaId": "A5D9F5DA-D66A-4F88-A1C4-E1411715162F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rockwellautomation:thinmanager_thinserver:13.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DE7FC8D4-F5EF-45DC-9D95-4CFBC3FE1E3B"
}
]
}
]
}
],
"references": [
{
"url": "https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140471",
"source": "PSIRT@rockwellautomation.com"
"source": "PSIRT@rockwellautomation.com",
"tags": [
"Permissions Required"
]
}
]
}

55
CVE-2023/CVE-2023-322xx/CVE-2023-32236.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-32236",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-08-23T14:15:07.967",
"lastModified": "2023-08-23T14:15:07.967",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Booking Ultra Pro Booking Ultra Pro Appointments Booking Calendar Plugin <=\u00a01.1.8 versions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/booking-ultra-pro/wordpress-booking-ultra-pro-appointments-booking-calendar-plugin-plugin-1-1-4-cross-site-scripting-xss?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2023/CVE-2023-323xx/CVE-2023-32300.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-32300",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-08-23T15:15:08.117",
"lastModified": "2023-08-23T15:15:08.117",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Yoast Yoast SEO: Local plugin <=\u00a014.8 versions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wpseo-local/wordpress-yoast-seo-local-plugin-14-8-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2023/CVE-2023-324xx/CVE-2023-32496.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-32496",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-08-23T14:15:08.350",
"lastModified": "2023-08-23T14:15:08.350",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Bill Minozzi Block Bad Bots and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection plugin <=\u00a07.31 versions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/stopbadbots/wordpress-block-bad-bots-and-stop-bad-bots-crawlers-and-spiders-and-anti-spam-protection-plugin-7-31-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2023/CVE-2023-324xx/CVE-2023-32497.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-32497",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-08-23T14:15:08.693",
"lastModified": "2023-08-23T14:15:08.693",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Supersoju Block Referer Spam plugin <=\u00a01.1.9.4 versions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.0,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/block-referer-spam/wordpress-block-referer-spam-plugin-1-1-9-4-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2023/CVE-2023-324xx/CVE-2023-32498.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-32498",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-08-23T14:15:08.887",
"lastModified": "2023-08-23T14:15:08.887",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Easy Form team Easy Form by AYS plugin <=\u00a01.2.0 versions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/easy-form/wordpress-easy-form-by-ays-plugin-1-2-0-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2023/CVE-2023-324xx/CVE-2023-32499.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-32499",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-08-23T14:15:09.047",
"lastModified": "2023-08-23T14:15:09.047",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Tony Zeoli, Tony Hayes Radio Station by netmix\u00ae \u2013 Manage and play your Show Schedule in WordPress! plugin <=\u00a02.4.0.9 versions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/radio-station/wordpress-radio-station-plugin-2-4-0-9-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2023/CVE-2023-325xx/CVE-2023-32505.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-32505",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-08-23T15:15:08.253",
"lastModified": "2023-08-23T15:15:08.253",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Arshid Easy Hide Login plugin <=\u00a01.0.7 versions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/easy-hide-login/wordpress-easy-hide-login-plugin-1-0-7-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2023/CVE-2023-325xx/CVE-2023-32509.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-32509",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-08-23T15:15:08.403",
"lastModified": "2023-08-23T15:15:08.403",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Rolf van Gelder Order Your Posts Manually plugin <=\u00a02.2.5 versions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/order-your-posts-manually/wordpress-order-your-posts-manually-plugin-2-2-5-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

54
CVE-2023/CVE-2023-32xx/CVE-2023-3244.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3244",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-08-17T07:15:43.617",
"lastModified": "2023-08-17T12:53:44.537",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-23T14:30:37.027",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -13,8 +13,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
@ -46,14 +66,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wphappycoders:comments_like_dislike:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.1.9",
"matchCriteriaId": "BAE5A5F5-9F4C-4012-A3C9-57C28784B2C1"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/comments-like-dislike/trunk/inc/classes/cld-admin.php#L99",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/66019297-a8a8-4bbc-99db-4b47066f3e50?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

70
CVE-2023/CVE-2023-342xx/CVE-2023-34215.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34215",
"sourceIdentifier": "psirt@moxa.com",
"published": "2023-08-17T07:15:42.333",
"lastModified": "2023-08-17T12:53:44.537",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-23T15:11:31.647",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "psirt@moxa.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
},
{
"source": "psirt@moxa.com",
"type": "Secondary",
@ -46,10 +76,44 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:moxa:tn-5900_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3",
"matchCriteriaId": "ABA65A45-A850-440B-8B4B-191D46059E71"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:moxa:tn-5900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D1E9F45-0ED4-4223-BC9B-D2E01A583DCA"
}
]
}
]
}
],
"references": [
{
"url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-230402-tn-5900-and-tn-4900-series-web-server-multiple-vulnerabilities",
"source": "psirt@moxa.com"
"source": "psirt@moxa.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

98
CVE-2023/CVE-2023-342xx/CVE-2023-34216.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34216",
"sourceIdentifier": "psirt@moxa.com",
"published": "2023-08-17T07:15:43.297",
"lastModified": "2023-08-17T12:53:44.537",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-23T15:08:57.020",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2
},
{
"source": "psirt@moxa.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
},
{
"source": "psirt@moxa.com",
"type": "Secondary",
@ -46,10 +76,72 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:moxa:tn-5900_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3",
"matchCriteriaId": "ABA65A45-A850-440B-8B4B-191D46059E71"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:moxa:tn-5900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D1E9F45-0ED4-4223-BC9B-D2E01A583DCA"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:moxa:tn-4900_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.2.4",
"matchCriteriaId": "442E0C68-A369-4079-86CC-0E63408C48E7"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:moxa:tn-4900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56CD9ADD-E963-42F4-A2E5-175A0D2EE8D0"
}
]
}
]
}
],
"references": [
{
"url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-230402-tn-5900-and-tn-4900-series-web-server-multiple-vulnerabilities",
"source": "psirt@moxa.com"
"source": "psirt@moxa.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

8
CVE-2023/CVE-2023-358xx/CVE-2023-35808.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35808",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-17T22:15:09.477",
"lastModified": "2023-06-26T18:39:06.933",
"vulnStatus": "Analyzed",
"lastModified": "2023-08-23T14:15:09.297",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -115,6 +115,10 @@
}
],
"references": [
{
"url": "http://seclists.org/fulldisclosure/2023/Aug/26",
"source": "cve@mitre.org"
},
{
"url": "https://support.sugarcrm.com/Resources/Security/sugarcrm-sa-2023-006/",
"source": "cve@mitre.org",

8
CVE-2023/CVE-2023-358xx/CVE-2023-35809.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35809",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-17T22:15:09.517",
"lastModified": "2023-06-26T18:20:57.260",
"vulnStatus": "Analyzed",
"lastModified": "2023-08-23T14:15:10.210",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -115,6 +115,10 @@
}
],
"references": [
{
"url": "http://seclists.org/fulldisclosure/2023/Aug/27",
"source": "cve@mitre.org"
},
{
"url": "https://support.sugarcrm.com/Resources/Security/sugarcrm-sa-2023-007/",
"source": "cve@mitre.org",

8
CVE-2023/CVE-2023-358xx/CVE-2023-35810.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35810",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-17T22:15:09.553",
"lastModified": "2023-06-26T18:20:20.437",
"vulnStatus": "Analyzed",
"lastModified": "2023-08-23T14:15:10.430",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -115,6 +115,10 @@
}
],
"references": [
{
"url": "http://seclists.org/fulldisclosure/2023/Aug/28",
"source": "cve@mitre.org"
},
{
"url": "https://support.sugarcrm.com/Resources/Security/sugarcrm-sa-2023-009/",
"source": "cve@mitre.org",

8
CVE-2023/CVE-2023-358xx/CVE-2023-35811.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35811",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-17T22:15:09.590",
"lastModified": "2023-06-26T18:18:59.553",
"vulnStatus": "Analyzed",
"lastModified": "2023-08-23T14:15:10.707",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -119,6 +119,10 @@
}
],
"references": [
{
"url": "http://seclists.org/fulldisclosure/2023/Aug/29",
"source": "cve@mitre.org"
},
{
"url": "https://support.sugarcrm.com/Resources/Security/sugarcrm-sa-2023-008/",
"source": "cve@mitre.org",

69
CVE-2023/CVE-2023-361xx/CVE-2023-36106.json
View File

@ -2,23 +2,82 @@
"id": "CVE-2023-36106",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-17T20:15:10.213",
"lastModified": "2023-08-18T12:43:51.207",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-23T14:33:07.907",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An incorrect access control vulnerability in powerjob 4.3.2 and earlier allows remote attackers to obtain sensitive information via the interface for querying via appId parameter to /container/list."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:powerjob:powerjob:*:*:*:*:*:*:*:*",
"versionEndIncluding": "4.3.2",
"matchCriteriaId": "8B2C860B-04F0-4977-870C-2F3D7DAB83D5"
}
]
}
]
}
],
"references": [
{
"url": "https://gist.github.com/tztdsb/a653b6db328199ec0f55e54b4e466415#file-gistfile1-txt",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://gitee.com/KFCFans/PowerJob",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
}
]
}

134
CVE-2023/CVE-2023-402xx/CVE-2023-40216.json
View File

@ -2,23 +2,147 @@
"id": "CVE-2023-40216",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-10T16:15:09.907",
"lastModified": "2023-08-10T18:13:59.283",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-23T15:21:05.607",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "OpenBSD 7.3 before errata 014 is missing an argument-count bounds check in console terminal emulation. This could cause incorrect memory access and a kernel crash after receiving crafted DCS or CSI terminal escape sequences."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:openbsd:openbsd:7.3:-:*:*:*:*:*:*",
"matchCriteriaId": "7BAA0C9B-7CEA-4647-809F-027EB34C142E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:openbsd:openbsd:7.3:errata_001:*:*:*:*:*:*",
"matchCriteriaId": "B3CC37B8-46C0-407B-8DE4-2B5BC36BA969"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:openbsd:openbsd:7.3:errata_002:*:*:*:*:*:*",
"matchCriteriaId": "D53FE3CA-1A90-4783-8AC2-C0B4CF6F052D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:openbsd:openbsd:7.3:errata_003:*:*:*:*:*:*",
"matchCriteriaId": "9C32DD2B-BBE0-4031-B105-743E4058B4A1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:openbsd:openbsd:7.3:errata_004:*:*:*:*:*:*",
"matchCriteriaId": "3F481F84-81C2-4E5F-BD60-4C46CD3DD603"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:openbsd:openbsd:7.3:errata_005:*:*:*:*:*:*",
"matchCriteriaId": "DCAE527B-1176-4759-B903-59A72245517B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:openbsd:openbsd:7.3:errata_006:*:*:*:*:*:*",
"matchCriteriaId": "90AFDC54-DCAD-46F5-8198-3632335D5529"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:openbsd:openbsd:7.3:errata_007:*:*:*:*:*:*",
"matchCriteriaId": "C7289DE0-7A7C-4535-BCA8-23D882468D28"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:openbsd:openbsd:7.3:errata_008:*:*:*:*:*:*",
"matchCriteriaId": "40791FF0-EFA3-4471-BCEB-0E1F36ABF973"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:openbsd:openbsd:7.3:errata_009:*:*:*:*:*:*",
"matchCriteriaId": "2AE8017A-F84D-4A8E-BAF0-8AC795D74FFC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:openbsd:openbsd:7.3:errata_010:*:*:*:*:*:*",
"matchCriteriaId": "FFFC349B-AA6F-4286-8440-699D1F8A934A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:openbsd:openbsd:7.3:errata_011:*:*:*:*:*:*",
"matchCriteriaId": "B5AD12A6-74D4-4696-8126-402E61995D2C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:openbsd:openbsd:7.3:errata_012:*:*:*:*:*:*",
"matchCriteriaId": "A9921E2D-DC9B-46FB-A01F-540C4B721D50"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:openbsd:openbsd:7.3:errata_013:*:*:*:*:*:*",
"matchCriteriaId": "CEFF0DA3-7CF7-42EB-9AA8-914EFD83466A"
}
]
}
]
}
],
"references": [
{
"url": "https://ftp.openbsd.org/pub/OpenBSD/patches/7.3/common/014_wscons.patch.sig",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://github.com/openbsd/src/commit/9d3f688f46eba347e96ff0ae9506ef2061622e0c",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Patch"
]
}
]
}

82
CVE-2023/CVE-2023-402xx/CVE-2023-40251.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-40251",
"sourceIdentifier": "vuln@krcert.or.kr",
"published": "2023-08-17T07:15:43.737",
"lastModified": "2023-08-21T02:15:09.693",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-23T14:43:45.137",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6
},
{
"source": "vuln@krcert.or.kr",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-311"
}
]
},
{
"source": "vuln@krcert.or.kr",
"type": "Secondary",
@ -46,10 +76,56 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:genians:genian_nac:*:*:*:*:-:*:*:*",
"versionStartIncluding": "4.0.0",
"versionEndExcluding": "4.0.156",
"matchCriteriaId": "BE039840-D93C-49CA-BB6A-B70771196C1B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:genians:genian_nac:*:*:*:*:-:*:*:*",
"versionStartIncluding": "5.0.0",
"versionEndExcluding": "5.0.55",
"matchCriteriaId": "04EF7B43-ADE3-474E-8E9F-7B2AD27FAB0C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:genians:genian_nac:5.0.42:-:*:*:lts:*:*:*",
"matchCriteriaId": "E514BF16-6FE5-4029-BBFB-87A487C5BC07"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:genians:genian_nac:5.0.42:revision_117460:*:*:lts:*:*:*",
"matchCriteriaId": "0A8D2C71-F0A1-41D4-9A84-EAE0CBC39B22"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:genians:genian_ztna:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.0.0",
"versionEndExcluding": "6.0.16",
"matchCriteriaId": "A36D6C47-C07E-41F3-9051-47CE254B01D0"
}
]
}
]
}
],
"references": [
{
"url": "https://www.genians.co.kr/notice/2023",
"source": "vuln@krcert.or.kr"
"source": "vuln@krcert.or.kr",
"tags": [
"Vendor Advisory"
]
}
]
}

82
CVE-2023/CVE-2023-402xx/CVE-2023-40252.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-40252",
"sourceIdentifier": "vuln@krcert.or.kr",
"published": "2023-08-17T07:15:43.847",
"lastModified": "2023-08-21T02:15:09.917",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-23T15:13:24.897",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "vuln@krcert.or.kr",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
},
{
"source": "vuln@krcert.or.kr",
"type": "Secondary",
@ -46,10 +76,56 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:genians:genian_nac:*:*:*:*:-:*:*:*",
"versionStartIncluding": "4.0.0",
"versionEndExcluding": "4.0.156",
"matchCriteriaId": "BE039840-D93C-49CA-BB6A-B70771196C1B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:genians:genian_nac:*:*:*:*:-:*:*:*",
"versionStartIncluding": "5.0.0",
"versionEndExcluding": "5.0.55",
"matchCriteriaId": "04EF7B43-ADE3-474E-8E9F-7B2AD27FAB0C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:genians:genian_nac:5.0.42:-:*:*:lts:*:*:*",
"matchCriteriaId": "E514BF16-6FE5-4029-BBFB-87A487C5BC07"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:genians:genian_nac:5.0.42:revision_117460:*:*:lts:*:*:*",
"matchCriteriaId": "0A8D2C71-F0A1-41D4-9A84-EAE0CBC39B22"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:genians:genian_ztna:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.0.0",
"versionEndExcluding": "6.0.16",
"matchCriteriaId": "A36D6C47-C07E-41F3-9051-47CE254B01D0"
}
]
}
]
}
],
"references": [
{
"url": "https://www.genians.co.kr/notice/2023",
"source": "vuln@krcert.or.kr"
"source": "vuln@krcert.or.kr",
"tags": [
"Vendor Advisory"
]
}
]
}

113
CVE-2023/CVE-2023-402xx/CVE-2023-40281.json
View File

@ -2,23 +2,126 @@
"id": "CVE-2023-40281",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2023-08-17T07:15:44.153",
"lastModified": "2023-08-17T12:53:44.537",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-23T15:27:41.540",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "EC-CUBE 2.11.0 to 2.17.2-p1 contain a cross-site scripting vulnerability in \"mail/template\" and \"products/product\" of Management page.\r\nIf this vulnerability is exploited, an arbitrary script may be executed on the web browser of the other administrator or the user who accessed the website using the product."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ec-cube:ec-cube:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.11.0",
"versionEndIncluding": "2.11.5",
"matchCriteriaId": "04878955-7CDF-41E3-9D15-EB0C32897503"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ec-cube:ec-cube:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.12.0",
"versionEndIncluding": "2.12.6",
"matchCriteriaId": "829D5D2D-FC6C-409E-A172-FC5F3CF11313"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ec-cube:ec-cube:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.13.0",
"versionEndExcluding": "2.13.5",
"matchCriteriaId": "F9750836-5979-4123-B62A-3423FB40F1C6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ec-cube:ec-cube:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.17.0",
"versionEndExcluding": "2.17.2",
"matchCriteriaId": "8C35039E-3E0E-4D9B-9B3C-6FCBE4FA01FA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ec-cube:ec-cube:2.13.5:-:*:*:*:*:*:*",
"matchCriteriaId": "3C6F2E99-DBA6-4433-AD29-9D00EAAAA17B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ec-cube:ec-cube:2.13.5:patch1:*:*:*:*:*:*",
"matchCriteriaId": "D3C5F732-C51A-4586-9C0E-7B88E23F23FD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ec-cube:ec-cube:2.17.2:-:*:*:*:*:*:*",
"matchCriteriaId": "5AB363C8-0F2E-466A-81D3-536592F4BEC8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ec-cube:ec-cube:2.17.2:patch1:*:*:*:*:*:*",
"matchCriteriaId": "B0B798E3-A599-49B8-A820-244EDD94B2C4"
}
]
}
]
}
],
"references": [
{
"url": "https://jvn.jp/en/jp/JVN46993816/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.ec-cube.net/info/weakness/20230727/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Mitigation",
"Patch",
"Vendor Advisory"
]
}
]
}

15
CVE-2023/CVE-2023-411xx/CVE-2023-41122.json Normal file
View File

@ -0,0 +1,15 @@
{
"id": "CVE-2023-41122",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2023-08-23T15:15:08.557",
"lastModified": "2023-08-23T15:15:08.557",
"vulnStatus": "Rejected",
"descriptions": [
{
"lang": "en",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unused by its CNA. Notes: none."
}
],
"metrics": {},
"references": []
}

15
CVE-2023/CVE-2023-411xx/CVE-2023-41123.json Normal file
View File

@ -0,0 +1,15 @@
{
"id": "CVE-2023-41123",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2023-08-23T15:15:08.657",
"lastModified": "2023-08-23T15:15:08.657",
"vulnStatus": "Rejected",
"descriptions": [
{
"lang": "en",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unused by its CNA. Notes: none."
}
],
"metrics": {},
"references": []
}

15
CVE-2023/CVE-2023-411xx/CVE-2023-41124.json Normal file
View File

@ -0,0 +1,15 @@
{
"id": "CVE-2023-41124",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2023-08-23T15:15:08.750",
"lastModified": "2023-08-23T15:15:08.750",
"vulnStatus": "Rejected",
"descriptions": [
{
"lang": "en",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unused by its CNA. Notes: none."
}
],
"metrics": {},
"references": []
}

15
CVE-2023/CVE-2023-411xx/CVE-2023-41125.json Normal file
View File

@ -0,0 +1,15 @@
{
"id": "CVE-2023-41125",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2023-08-23T15:15:08.850",
"lastModified": "2023-08-23T15:15:08.850",
"vulnStatus": "Rejected",
"descriptions": [
{
"lang": "en",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unused by its CNA. Notes: none."
}
],
"metrics": {},
"references": []
}

15
CVE-2023/CVE-2023-411xx/CVE-2023-41126.json Normal file
View File

@ -0,0 +1,15 @@
{
"id": "CVE-2023-41126",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2023-08-23T15:15:08.947",
"lastModified": "2023-08-23T15:15:08.947",
"vulnStatus": "Rejected",
"descriptions": [
{
"lang": "en",
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unused by its CNA. Notes: none."
}
],
"metrics": {},
"references": []
}

8
CVE-2023/CVE-2023-41xx/CVE-2023-4136.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4136",
"sourceIdentifier": "security@craftersoftware.com",
"published": "2023-08-03T15:15:34.167",
"lastModified": "2023-08-07T18:43:08.007",
"vulnStatus": "Analyzed",
"lastModified": "2023-08-23T15:15:09.143",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -155,6 +155,10 @@
}
],
"references": [
{
"url": "http://seclists.org/fulldisclosure/2023/Aug/30",
"source": "security@craftersoftware.com"
},
{
"url": "https://docs.craftercms.org/en/4.0/security/advisory.html#cv-2023080301",
"source": "security@craftersoftware.com",

75
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-08-23T14:00:29.993635+00:00
2023-08-23T16:00:28.413249+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-08-23T13:51:23.510000+00:00
2023-08-23T15:56:46.197000+00:00
```
### Last Data Feed Release
@ -29,46 +29,57 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
223299
223313
```
### CVEs added in the last Commit
Recently added CVEs: `2`
Recently added CVEs: `14`
* [CVE-2023-32119](CVE-2023/CVE-2023-321xx/CVE-2023-32119.json) (`2023-08-23T13:15:07.617`)
* [CVE-2023-4042](CVE-2023/CVE-2023-40xx/CVE-2023-4042.json) (`2023-08-23T13:15:07.847`)
* [CVE-2023-32236](CVE-2023/CVE-2023-322xx/CVE-2023-32236.json) (`2023-08-23T14:15:07.967`)
* [CVE-2023-32496](CVE-2023/CVE-2023-324xx/CVE-2023-32496.json) (`2023-08-23T14:15:08.350`)
* [CVE-2023-32497](CVE-2023/CVE-2023-324xx/CVE-2023-32497.json) (`2023-08-23T14:15:08.693`)
* [CVE-2023-32498](CVE-2023/CVE-2023-324xx/CVE-2023-32498.json) (`2023-08-23T14:15:08.887`)
* [CVE-2023-32499](CVE-2023/CVE-2023-324xx/CVE-2023-32499.json) (`2023-08-23T14:15:09.047`)
* [CVE-2023-28994](CVE-2023/CVE-2023-289xx/CVE-2023-28994.json) (`2023-08-23T15:15:07.890`)
* [CVE-2023-32300](CVE-2023/CVE-2023-323xx/CVE-2023-32300.json) (`2023-08-23T15:15:08.117`)
* [CVE-2023-32505](CVE-2023/CVE-2023-325xx/CVE-2023-32505.json) (`2023-08-23T15:15:08.253`)
* [CVE-2023-32509](CVE-2023/CVE-2023-325xx/CVE-2023-32509.json) (`2023-08-23T15:15:08.403`)
* [CVE-2023-41122](CVE-2023/CVE-2023-411xx/CVE-2023-41122.json) (`2023-08-23T15:15:08.557`)
* [CVE-2023-41123](CVE-2023/CVE-2023-411xx/CVE-2023-41123.json) (`2023-08-23T15:15:08.657`)
* [CVE-2023-41124](CVE-2023/CVE-2023-411xx/CVE-2023-41124.json) (`2023-08-23T15:15:08.750`)
* [CVE-2023-41125](CVE-2023/CVE-2023-411xx/CVE-2023-41125.json) (`2023-08-23T15:15:08.850`)
* [CVE-2023-41126](CVE-2023/CVE-2023-411xx/CVE-2023-41126.json) (`2023-08-23T15:15:08.947`)
### CVEs modified in the last Commit
Recently modified CVEs: `30`
Recently modified CVEs: `24`
* [CVE-2023-39985](CVE-2023/CVE-2023-399xx/CVE-2023-39985.json) (`2023-08-23T13:17:18.197`)
* [CVE-2023-39986](CVE-2023/CVE-2023-399xx/CVE-2023-39986.json) (`2023-08-23T13:17:18.197`)
* [CVE-2023-3495](CVE-2023/CVE-2023-34xx/CVE-2023-3495.json) (`2023-08-23T13:17:18.197`)
* [CVE-2023-4404](CVE-2023/CVE-2023-44xx/CVE-2023-4404.json) (`2023-08-23T13:17:18.197`)
* [CVE-2023-38585](CVE-2023/CVE-2023-385xx/CVE-2023-38585.json) (`2023-08-23T13:17:18.197`)
* [CVE-2023-40158](CVE-2023/CVE-2023-401xx/CVE-2023-40158.json) (`2023-08-23T13:17:18.197`)
* [CVE-2023-40144](CVE-2023/CVE-2023-401xx/CVE-2023-40144.json) (`2023-08-23T13:17:18.197`)
* [CVE-2023-40282](CVE-2023/CVE-2023-402xx/CVE-2023-40282.json) (`2023-08-23T13:17:18.197`)
* [CVE-2023-4041](CVE-2023/CVE-2023-40xx/CVE-2023-4041.json) (`2023-08-23T13:17:18.197`)
* [CVE-2023-41098](CVE-2023/CVE-2023-410xx/CVE-2023-41098.json) (`2023-08-23T13:17:18.197`)
* [CVE-2023-41100](CVE-2023/CVE-2023-411xx/CVE-2023-41100.json) (`2023-08-23T13:17:18.197`)
* [CVE-2023-41104](CVE-2023/CVE-2023-411xx/CVE-2023-41104.json) (`2023-08-23T13:17:18.197`)
* [CVE-2023-41105](CVE-2023/CVE-2023-411xx/CVE-2023-41105.json) (`2023-08-23T13:17:18.197`)
* [CVE-2023-3899](CVE-2023/CVE-2023-38xx/CVE-2023-3899.json) (`2023-08-23T13:17:18.197`)
* [CVE-2023-33850](CVE-2023/CVE-2023-338xx/CVE-2023-33850.json) (`2023-08-23T13:17:22.070`)
* [CVE-2023-38733](CVE-2023/CVE-2023-387xx/CVE-2023-38733.json) (`2023-08-23T13:17:22.070`)
* [CVE-2023-38734](CVE-2023/CVE-2023-387xx/CVE-2023-38734.json) (`2023-08-23T13:17:22.070`)
* [CVE-2023-39026](CVE-2023/CVE-2023-390xx/CVE-2023-39026.json) (`2023-08-23T13:17:22.070`)
* [CVE-2023-40370](CVE-2023/CVE-2023-403xx/CVE-2023-40370.json) (`2023-08-23T13:17:22.070`)
* [CVE-2023-4427](CVE-2023/CVE-2023-44xx/CVE-2023-4427.json) (`2023-08-23T13:17:22.070`)
* [CVE-2023-4428](CVE-2023/CVE-2023-44xx/CVE-2023-4428.json) (`2023-08-23T13:17:22.070`)
* [CVE-2023-31072](CVE-2023/CVE-2023-310xx/CVE-2023-31072.json) (`2023-08-23T13:18:35.667`)
* [CVE-2023-34355](CVE-2023/CVE-2023-343xx/CVE-2023-34355.json) (`2023-08-23T13:43:21.320`)
* [CVE-2023-40014](CVE-2023/CVE-2023-400xx/CVE-2023-40014.json) (`2023-08-23T13:48:41.133`)
* [CVE-2023-23908](CVE-2023/CVE-2023-239xx/CVE-2023-23908.json) (`2023-08-23T13:51:23.510`)
* [CVE-2022-4894](CVE-2022/CVE-2022-48xx/CVE-2022-4894.json) (`2023-08-23T15:29:31.687`)
* [CVE-2023-35808](CVE-2023/CVE-2023-358xx/CVE-2023-35808.json) (`2023-08-23T14:15:09.297`)
* [CVE-2023-35809](CVE-2023/CVE-2023-358xx/CVE-2023-35809.json) (`2023-08-23T14:15:10.210`)
* [CVE-2023-35810](CVE-2023/CVE-2023-358xx/CVE-2023-35810.json) (`2023-08-23T14:15:10.430`)
* [CVE-2023-35811](CVE-2023/CVE-2023-358xx/CVE-2023-35811.json) (`2023-08-23T14:15:10.707`)
* [CVE-2023-3244](CVE-2023/CVE-2023-32xx/CVE-2023-3244.json) (`2023-08-23T14:30:37.027`)
* [CVE-2023-36106](CVE-2023/CVE-2023-361xx/CVE-2023-36106.json) (`2023-08-23T14:33:07.907`)
* [CVE-2023-28690](CVE-2023/CVE-2023-286xx/CVE-2023-28690.json) (`2023-08-23T14:37:43.853`)
* [CVE-2023-40251](CVE-2023/CVE-2023-402xx/CVE-2023-40251.json) (`2023-08-23T14:43:45.137`)
* [CVE-2023-29151](CVE-2023/CVE-2023-291xx/CVE-2023-29151.json) (`2023-08-23T15:00:10.933`)
* [CVE-2023-2910](CVE-2023/CVE-2023-29xx/CVE-2023-2910.json) (`2023-08-23T15:03:06.753`)
* [CVE-2023-34216](CVE-2023/CVE-2023-342xx/CVE-2023-34216.json) (`2023-08-23T15:08:57.020`)
* [CVE-2023-34215](CVE-2023/CVE-2023-342xx/CVE-2023-34215.json) (`2023-08-23T15:11:31.647`)
* [CVE-2023-40252](CVE-2023/CVE-2023-402xx/CVE-2023-40252.json) (`2023-08-23T15:13:24.897`)
* [CVE-2023-20242](CVE-2023/CVE-2023-202xx/CVE-2023-20242.json) (`2023-08-23T15:14:06.183`)
* [CVE-2023-4136](CVE-2023/CVE-2023-41xx/CVE-2023-4136.json) (`2023-08-23T15:15:09.143`)
* [CVE-2023-40216](CVE-2023/CVE-2023-402xx/CVE-2023-40216.json) (`2023-08-23T15:21:05.607`)
* [CVE-2023-40281](CVE-2023/CVE-2023-402xx/CVE-2023-40281.json) (`2023-08-23T15:27:41.540`)
* [CVE-2023-29182](CVE-2023/CVE-2023-291xx/CVE-2023-29182.json) (`2023-08-23T15:36:23.923`)
* [CVE-2023-23577](CVE-2023/CVE-2023-235xx/CVE-2023-23577.json) (`2023-08-23T15:45:18.317`)
* [CVE-2023-22841](CVE-2023/CVE-2023-228xx/CVE-2023-22841.json) (`2023-08-23T15:45:27.533`)
* [CVE-2023-2914](CVE-2023/CVE-2023-29xx/CVE-2023-2914.json) (`2023-08-23T15:46:19.610`)
* [CVE-2023-2915](CVE-2023/CVE-2023-29xx/CVE-2023-2915.json) (`2023-08-23T15:49:03.143`)
* [CVE-2023-2917](CVE-2023/CVE-2023-29xx/CVE-2023-2917.json) (`2023-08-23T15:56:46.197`)
## Download and Usage