admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-21 17:41:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-08-17T02:00:29.632127+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-08-17 02:00:33 +00:00
parent 6cad9aca3e
commit 44a30fb445
10 changed files with 666 additions and 65 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

68
CVE-2020/CVE-2020-235xx/CVE-2020-23595.json
View File

@ -2,19 +2,75 @@
"id": "CVE-2020-23595", "id": "CVE-2020-23595",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-08-11T14:15:10.113", "published": "2023-08-11T14:15:10.113",
"lastModified": "2023-08-11T15:18:19.837", "lastModified": "2023-08-17T01:04:25.573",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Cross Site Request Forgery (CSRF) vulnerability in yzmcms version 5.6, allows remote attackers to escalate privileges and gain sensitive information sitemodel/add.html endpoint." "value": "Cross Site Request Forgery (CSRF) vulnerability in yzmcms version 5.6, allows remote attackers to escalate privileges and gain sensitive information sitemodel/add.html endpoint."
} }
], ],
"metrics": {}, "metrics": {
"references": [ "cvssMetricV31": [
{ {
"url": "https://github.com/yzmcms/yzmcms/issues/47", "source": "nvd@nist.gov",
"source": "cve@mitre.org" "type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:yzmcms:yzmcms:5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "2ADF1F0A-5DA0-4A8F-A2EB-F8585263E98A"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/yzmcms/yzmcms/issues/47",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
]
} }
] ]
} }

68
CVE-2020/CVE-2020-248xx/CVE-2020-24804.json
View File

@ -2,19 +2,75 @@
"id": "CVE-2020-24804", "id": "CVE-2020-24804",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-08-11T14:15:10.427", "published": "2023-08-11T14:15:10.427",
"lastModified": "2023-08-11T15:18:19.837", "lastModified": "2023-08-17T01:22:30.637",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Plaintext Password vulnerability in AddAdmin.py in cms-dev/cms v1.4.rc1, allows attackers to gain sensitive information via audit logs." "value": "Plaintext Password vulnerability in AddAdmin.py in cms-dev/cms v1.4.rc1, allows attackers to gain sensitive information via audit logs."
} }
], ],
"metrics": {}, "metrics": {
"references": [ "cvssMetricV31": [
{ {
"url": "https://github.com/cms-dev/cms/issues/1160", "source": "nvd@nist.gov",
"source": "cve@mitre.org" "type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-532"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cms-dev:cms:1.4:rc1:*:*:*:*:*:*",
"matchCriteriaId": "C434E616-D118-4630-B500-6914355A0B02"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/cms-dev/cms/issues/1160",
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
} }
] ]
} }

69
CVE-2020/CVE-2020-249xx/CVE-2020-24904.json
View File

@ -2,19 +2,76 @@
"id": "CVE-2020-24904", "id": "CVE-2020-24904",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-08-11T14:15:10.563", "published": "2023-08-11T14:15:10.563",
"lastModified": "2023-08-11T15:18:19.837", "lastModified": "2023-08-17T01:30:12.930",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "An issue was discovered in attach parameter in GNOME Gmail version 2.5.4, allows remote attackers to gain sensitive information via crafted \"mailto\" link." "value": "An issue was discovered in attach parameter in GNOME Gmail version 2.5.4, allows remote attackers to gain sensitive information via crafted \"mailto\" link."
} }
], ],
"metrics": {}, "metrics": {
"references": [ "cvssMetricV31": [
{ {
"url": "https://github.com/davesteele/gnome-gmail/issues/84", "source": "nvd@nist.gov",
"source": "cve@mitre.org" "type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:davesteele:gnome-gmail:2.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "333018BF-C7AB-43AC-ABDF-6B68D0A9A95E"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/davesteele/gnome-gmail/issues/84",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
]
} }
] ]
} }

69
CVE-2020/CVE-2020-288xx/CVE-2020-28849.json
View File

@ -2,19 +2,76 @@
"id": "CVE-2020-28849", "id": "CVE-2020-28849",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-08-11T14:15:11.237", "published": "2023-08-11T14:15:11.237",
"lastModified": "2023-08-11T15:18:06.983", "lastModified": "2023-08-17T01:55:09.730",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Cross Site Scripting (XSS) vulnerability in ChurchCRM version 4.2.1, allows remote attckers to execute arbitrary code and gain sensitive information via crafted payload in Add New Deposit field in View All Deposit module." "value": "Cross Site Scripting (XSS) vulnerability in ChurchCRM version 4.2.1, allows remote attckers to execute arbitrary code and gain sensitive information via crafted payload in Add New Deposit field in View All Deposit module."
} }
], ],
"metrics": {}, "metrics": {
"references": [ "cvssMetricV31": [
{ {
"url": "https://github.com/ChurchCRM/CRM/issues/5477", "source": "nvd@nist.gov",
"source": "cve@mitre.org" "type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:churchcrm:churchcrm:*:*:*:*:*:*:*:*",
"versionEndIncluding": "4.2.1",
"matchCriteriaId": "2B81A55D-F3F1-4217-BAED-3DC4A7F24DF9"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/ChurchCRM/CRM/issues/5477",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking"
]
} }
] ]
} }

75
CVE-2020/CVE-2020-359xx/CVE-2020-35990.json
View File

@ -2,23 +2,82 @@
"id": "CVE-2020-35990", "id": "CVE-2020-35990",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-08-11T14:15:11.443", "published": "2023-08-11T14:15:11.443",
"lastModified": "2023-08-11T15:18:06.983", "lastModified": "2023-08-17T01:57:20.720",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Buffer Overflow vulnerability in cFilenameInit parameter in browseForDoc function in Foxit Software Foxit PDF Reader version 10.1.0.37527, allows local attackers to cause a denial of service (DoS) via crafted .pdf file." "value": "Buffer Overflow vulnerability in cFilenameInit parameter in browseForDoc function in Foxit Software Foxit PDF Reader version 10.1.0.37527, allows local attackers to cause a denial of service (DoS) via crafted .pdf file."
} }
], ],
"metrics": {}, "metrics": {
"references": [ "cvssMetricV31": [
{ {
"url": "http://foxit.com", "source": "nvd@nist.gov",
"source": "cve@mitre.org" "type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
}, },
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{ {
"url": "https://www.foxitsoftware.com/support/security-bulletins.php", "source": "nvd@nist.gov",
"source": "cve@mitre.org" "type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:foxit:pdf_reader:*:*:*:*:*:*:*:*",
"versionEndIncluding": "10.1.0.37527",
"matchCriteriaId": "39CBCF67-6EB8-4ECA-B35C-1E32177DE0D4"
}
]
}
]
}
],
"references": [
{
"url": "http://foxit.com",
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://www.foxitsoftware.com/support/security-bulletins.php",
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

84
CVE-2020/CVE-2020-360xx/CVE-2020-36034.json
View File

@ -2,27 +2,89 @@
"id": "CVE-2020-36034", "id": "CVE-2020-36034",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-08-11T14:15:11.643", "published": "2023-08-11T14:15:11.643",
"lastModified": "2023-08-11T15:18:06.983", "lastModified": "2023-08-17T01:51:43.793",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "SQL Injection vulnerability in oretnom23 School Faculty Scheduling System version 1.0, allows remote attacker to execute arbitrary code, escalate privilieges, and gain sensitive information via crafted payload to id parameter in manage_user.php." "value": "SQL Injection vulnerability in oretnom23 School Faculty Scheduling System version 1.0, allows remote attacker to execute arbitrary code, escalate privilieges, and gain sensitive information via crafted payload to id parameter in manage_user.php."
} }
], ],
"metrics": {}, "metrics": {
"references": [ "cvssMetricV31": [
{ {
"url": "https://github.com/TCSWT/School-Faculty-Scheduling-System", "source": "nvd@nist.gov",
"source": "cve@mitre.org" "type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
}, },
{ "exploitabilityScore": 3.9,
"url": "https://www.sourcecodester.com/download-code?nid=14535&title=School+Faculty+Scheduling+System+using+PHP%2FMySQLi+with+Source+Code", "impactScore": 5.9
"source": "cve@mitre.org" }
]
}, },
"weaknesses": [
{ {
"url": "https://www.sourcecodester.com/php/14535/school-faculty-scheduling-system-using-phpmysqli-source-code.html", "source": "nvd@nist.gov",
"source": "cve@mitre.org" "type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:school_faculty_scheduling_system_project:school_faculty_scheduling_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "34A14A1C-2A18-4A3F-80E6-477EA777D46C"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/TCSWT/School-Faculty-Scheduling-System",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://www.sourcecodester.com/download-code?nid=14535&title=School+Faculty+Scheduling+System+using+PHP%2FMySQLi+with+Source+Code",
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://www.sourcecodester.com/php/14535/school-faculty-scheduling-system-using-phpmysqli-source-code.html",
"source": "cve@mitre.org",
"tags": [
"Product"
]
} }
] ]
} }

63
CVE-2023/CVE-2023-257xx/CVE-2023-25757.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-25757", "id": "CVE-2023-25757",
"sourceIdentifier": "secure@intel.com", "sourceIdentifier": "secure@intel.com",
"published": "2023-08-11T03:15:18.740", "published": "2023-08-11T03:15:18.740",
"lastModified": "2023-08-11T03:44:51.127", "lastModified": "2023-08-17T01:01:17.873",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
},
{ {
"source": "secure@intel.com", "source": "secure@intel.com",
"type": "Secondary", "type": "Secondary",
@ -34,10 +54,43 @@
} }
] ]
}, },
"references": [ "weaknesses": [
{ {
"url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00897.html", "source": "nvd@nist.gov",
"source": "secure@intel.com" "type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:intel:unison:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.12",
"matchCriteriaId": "08E8CC7F-08C6-4C0B-B81D-FBB0D7F79CFC"
}
]
}
]
}
],
"references": [
{
"url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00897.html",
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

116
CVE-2023/CVE-2023-334xx/CVE-2023-33469.json
View File

@ -2,23 +2,123 @@
"id": "CVE-2023-33469", "id": "CVE-2023-33469",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-08-09T20:15:10.427", "published": "2023-08-09T20:15:10.427",
"lastModified": "2023-08-10T01:51:18.907", "lastModified": "2023-08-17T01:40:13.813",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "In instances where the screen is visible and remote mouse connection is enabled, KramerAV VIA Connect (2) and VIA Go (2) devices with a version prior to 4.0.1.1326 can be exploited to achieve local code execution at the root level." "value": "In instances where the screen is visible and remote mouse connection is enabled, KramerAV VIA Connect (2) and VIA Go (2) devices with a version prior to 4.0.1.1326 can be exploited to achieve local code execution at the root level."
} }
], ],
"metrics": {}, "metrics": {
"references": [ "cvssMetricV31": [
{ {
"url": "http://kramerav.com", "source": "nvd@nist.gov",
"source": "cve@mitre.org" "type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
}, },
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{ {
"url": "https://github.com/Sharpe-nl/CVEs/tree/main/CVE-2023-33469", "source": "nvd@nist.gov",
"source": "cve@mitre.org" "type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:kramerav:via_go2_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.0.1.1326",
"matchCriteriaId": "1B4DD0C6-167E-4649-BDE4-201EC41BBA7C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:kramerav:via_go2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2192F73C-6F59-4319-8921-3BAE8AF7A330"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:kramerav:via_connect2_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.0.1.1326",
"matchCriteriaId": "4E3A6866-F39F-4D84-A960-9FD8D2834358"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:kramerav:via_connect2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D53EDD4A-B5A0-4440-9B4D-78F8B97D79E8"
}
]
}
]
}
],
"references": [
{
"url": "http://kramerav.com",
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://github.com/Sharpe-nl/CVEs/tree/main/CVE-2023-33469",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

136
CVE-2023/CVE-2023-42xx/CVE-2023-4273.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4273", "id": "CVE-2023-4273",
"sourceIdentifier": "secalert@redhat.com", "sourceIdentifier": "secalert@redhat.com",
"published": "2023-08-09T15:15:09.823", "published": "2023-08-09T15:15:09.823",
"lastModified": "2023-08-14T03:15:09.913", "lastModified": "2023-08-17T01:47:42.410",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
},
{ {
"source": "secalert@redhat.com", "source": "secalert@redhat.com",
"type": "Secondary", "type": "Secondary",
@ -34,18 +54,110 @@
} }
] ]
}, },
"references": [ "weaknesses": [
{ {
"url": "https://access.redhat.com/security/cve/CVE-2023-4273", "source": "nvd@nist.gov",
"source": "secalert@redhat.com" "type": "Primary",
}, "description": [
{ {
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2221609", "lang": "en",
"source": "secalert@redhat.com" "value": "CWE-787"
}, }
{ ]
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3TYLSJ2SAI7RF56ZLQ5CQWCJLVJSD73Q/", }
"source": "secalert@redhat.com" ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.4",
"matchCriteriaId": "18D12E25-2947-44E7-989D-24450E013A1F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.5:rc1:*:*:*:*:*:*",
"matchCriteriaId": "0B3E6E4D-E24E-4630-B00C-8C9901C597B0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.5:rc2:*:*:*:*:*:*",
"matchCriteriaId": "E4A01A71-0F09-4DB2-A02F-7EFFBE27C98D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.5:rc3:*:*:*:*:*:*",
"matchCriteriaId": "F5608371-157A-4318-8A2E-4104C3467EA1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.5:rc4:*:*:*:*:*:*",
"matchCriteriaId": "2226A776-DF8C-49E0-A030-0A7853BB018A"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D"
}
]
}
]
}
],
"references": [
{
"url": "https://access.redhat.com/security/cve/CVE-2023-4273",
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2221609",
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3TYLSJ2SAI7RF56ZLQ5CQWCJLVJSD73Q/",
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
} }
] ]
} }

39
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update ### Last Repository Update
```plain ```plain
2023-08-16T23:55:26.746374+00:00 2023-08-17T02:00:29.632127+00:00
``` ```
### Most recent CVE Modification Timestamp synchronized with NVD ### Most recent CVE Modification Timestamp synchronized with NVD
```plain ```plain
2023-08-16T23:15:10.297000+00:00 2023-08-17T01:57:20.720000+00:00
``` ```
### Last Data Feed Release ### Last Data Feed Release
@ -23,7 +23,7 @@ Repository synchronizes with the NVD every 2 hours.
Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/releases/latest) Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/releases/latest)
```plain ```plain
2023-08-16T00:00:13.566981+00:00 2023-08-17T00:00:13.554416+00:00
``` ```
### Total Number of included CVEs ### Total Number of included CVEs
@ -34,34 +34,23 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### CVEs added in the last Commit ### CVEs added in the last Commit
Recently added CVEs: `20` Recently added CVEs: `0`
* [CVE-2023-20013](CVE-2023/CVE-2023-200xx/CVE-2023-20013.json) (`2023-08-16T22:15:09.750`)
* [CVE-2023-20017](CVE-2023/CVE-2023-200xx/CVE-2023-20017.json) (`2023-08-16T22:15:10.353`)
* [CVE-2023-20111](CVE-2023/CVE-2023-201xx/CVE-2023-20111.json) (`2023-08-16T22:15:10.433`)
* [CVE-2023-20197](CVE-2023/CVE-2023-201xx/CVE-2023-20197.json) (`2023-08-16T22:15:10.510`)
* [CVE-2023-20201](CVE-2023/CVE-2023-202xx/CVE-2023-20201.json) (`2023-08-16T22:15:10.750`)
* [CVE-2023-20203](CVE-2023/CVE-2023-202xx/CVE-2023-20203.json) (`2023-08-16T22:15:11.023`)
* [CVE-2023-20205](CVE-2023/CVE-2023-202xx/CVE-2023-20205.json) (`2023-08-16T22:15:11.127`)
* [CVE-2023-20211](CVE-2023/CVE-2023-202xx/CVE-2023-20211.json) (`2023-08-16T22:15:11.337`)
* [CVE-2023-20217](CVE-2023/CVE-2023-202xx/CVE-2023-20217.json) (`2023-08-16T22:15:11.437`)
* [CVE-2023-20221](CVE-2023/CVE-2023-202xx/CVE-2023-20221.json) (`2023-08-16T22:15:11.687`)
* [CVE-2023-20222](CVE-2023/CVE-2023-202xx/CVE-2023-20222.json) (`2023-08-16T22:15:11.757`)
* [CVE-2023-20224](CVE-2023/CVE-2023-202xx/CVE-2023-20224.json) (`2023-08-16T22:15:11.837`)
* [CVE-2023-20229](CVE-2023/CVE-2023-202xx/CVE-2023-20229.json) (`2023-08-16T22:15:12.213`)
* [CVE-2023-20232](CVE-2023/CVE-2023-202xx/CVE-2023-20232.json) (`2023-08-16T22:15:12.597`)
* [CVE-2023-20237](CVE-2023/CVE-2023-202xx/CVE-2023-20237.json) (`2023-08-16T22:15:12.777`)
* [CVE-2023-35893](CVE-2023/CVE-2023-358xx/CVE-2023-35893.json) (`2023-08-16T22:15:13.300`)
* [CVE-2023-38894](CVE-2023/CVE-2023-388xx/CVE-2023-38894.json) (`2023-08-16T22:15:13.397`)
* [CVE-2023-39846](CVE-2023/CVE-2023-398xx/CVE-2023-39846.json) (`2023-08-16T22:15:13.450`)
* [CVE-2023-35009](CVE-2023/CVE-2023-350xx/CVE-2023-35009.json) (`2023-08-16T23:15:09.570`)
* [CVE-2023-35011](CVE-2023/CVE-2023-350xx/CVE-2023-35011.json) (`2023-08-16T23:15:10.297`)
### CVEs modified in the last Commit ### CVEs modified in the last Commit
Recently modified CVEs: `0` Recently modified CVEs: `9`
* [CVE-2020-23595](CVE-2020/CVE-2020-235xx/CVE-2020-23595.json) (`2023-08-17T01:04:25.573`)
* [CVE-2020-24804](CVE-2020/CVE-2020-248xx/CVE-2020-24804.json) (`2023-08-17T01:22:30.637`)
* [CVE-2020-24904](CVE-2020/CVE-2020-249xx/CVE-2020-24904.json) (`2023-08-17T01:30:12.930`)
* [CVE-2020-36034](CVE-2020/CVE-2020-360xx/CVE-2020-36034.json) (`2023-08-17T01:51:43.793`)
* [CVE-2020-28849](CVE-2020/CVE-2020-288xx/CVE-2020-28849.json) (`2023-08-17T01:55:09.730`)
* [CVE-2020-35990](CVE-2020/CVE-2020-359xx/CVE-2020-35990.json) (`2023-08-17T01:57:20.720`)
* [CVE-2023-25757](CVE-2023/CVE-2023-257xx/CVE-2023-25757.json) (`2023-08-17T01:01:17.873`)
* [CVE-2023-33469](CVE-2023/CVE-2023-334xx/CVE-2023-33469.json) (`2023-08-17T01:40:13.813`)
* [CVE-2023-4273](CVE-2023/CVE-2023-42xx/CVE-2023-4273.json) (`2023-08-17T01:47:42.410`)
## Download and Usage ## Download and Usage