From 44a97949880ac1deea3edf0b2f3c8e5dbc690a6b Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Thu, 3 Aug 2023 20:00:31 +0000 Subject: [PATCH] Auto-Update: 2023-08-03T20:00:27.907454+00:00 --- CVE-2020/CVE-2020-48xx/CVE-2020-4868.json | 64 +- CVE-2022/CVE-2022-25xx/CVE-2022-2502.json | 83 +- CVE-2022/CVE-2022-381xx/CVE-2022-38106.json | 22 +- CVE-2022/CVE-2022-381xx/CVE-2022-38107.json | 14 +- CVE-2022/CVE-2022-381xx/CVE-2022-38110.json | 28 +- CVE-2022/CVE-2022-381xx/CVE-2022-38113.json | 18 +- CVE-2022/CVE-2022-381xx/CVE-2022-38114.json | 22 +- CVE-2022/CVE-2022-381xx/CVE-2022-38115.json | 18 +- CVE-2022/CVE-2022-429xx/CVE-2022-42986.json | 15 + CVE-2023/CVE-2023-09xx/CVE-2023-0956.json | 51 + CVE-2023/CVE-2023-28xx/CVE-2023-2860.json | 91 +- CVE-2023/CVE-2023-324xx/CVE-2023-32443.json | 89 +- CVE-2023/CVE-2023-324xx/CVE-2023-32468.json | 48 +- CVE-2023/CVE-2023-327xx/CVE-2023-32764.json | 24 + CVE-2023/CVE-2023-350xx/CVE-2023-35081.json | 43 + CVE-2023/CVE-2023-350xx/CVE-2023-35087.json | 77 +- CVE-2023/CVE-2023-362xx/CVE-2023-36217.json | 24 + CVE-2023/CVE-2023-365xx/CVE-2023-36542.json | 71 +- CVE-2023/CVE-2023-36xx/CVE-2023-3670.json | 35 +- CVE-2023/CVE-2023-372xx/CVE-2023-37216.json | 70 +- CVE-2023/CVE-2023-374xx/CVE-2023-37467.json | 1113 ++++++++++++++++++- CVE-2023/CVE-2023-377xx/CVE-2023-37754.json | 74 +- CVE-2023/CVE-2023-37xx/CVE-2023-3773.json | 99 +- CVE-2023/CVE-2023-385xx/CVE-2023-38572.json | 139 ++- CVE-2023/CVE-2023-386xx/CVE-2023-38609.json | 70 +- CVE-2023/CVE-2023-389xx/CVE-2023-38942.json | 24 + CVE-2023/CVE-2023-389xx/CVE-2023-38988.json | 64 +- CVE-2023/CVE-2023-389xx/CVE-2023-38992.json | 65 +- CVE-2023/CVE-2023-390xx/CVE-2023-39010.json | 68 +- CVE-2023/CVE-2023-390xx/CVE-2023-39013.json | 69 +- CVE-2023/CVE-2023-390xx/CVE-2023-39015.json | 65 +- CVE-2023/CVE-2023-390xx/CVE-2023-39016.json | 66 +- CVE-2023/CVE-2023-390xx/CVE-2023-39017.json | 69 +- CVE-2023/CVE-2023-390xx/CVE-2023-39018.json | 70 +- CVE-2023/CVE-2023-390xx/CVE-2023-39020.json | 68 +- CVE-2023/CVE-2023-390xx/CVE-2023-39075.json | 20 + CVE-2023/CVE-2023-391xx/CVE-2023-39122.json | 4 +- CVE-2023/CVE-2023-39xx/CVE-2023-3977.json | 213 +++- CVE-2023/CVE-2023-40xx/CVE-2023-4007.json | 54 +- README.md | 92 +- 40 files changed, 3161 insertions(+), 252 deletions(-) create mode 100644 CVE-2022/CVE-2022-429xx/CVE-2022-42986.json create mode 100644 CVE-2023/CVE-2023-09xx/CVE-2023-0956.json create mode 100644 CVE-2023/CVE-2023-327xx/CVE-2023-32764.json create mode 100644 CVE-2023/CVE-2023-350xx/CVE-2023-35081.json create mode 100644 CVE-2023/CVE-2023-362xx/CVE-2023-36217.json create mode 100644 CVE-2023/CVE-2023-389xx/CVE-2023-38942.json create mode 100644 CVE-2023/CVE-2023-390xx/CVE-2023-39075.json diff --git a/CVE-2020/CVE-2020-48xx/CVE-2020-4868.json b/CVE-2020/CVE-2020-48xx/CVE-2020-4868.json index 80802b3aa3f..b6d6c2a1d3f 100644 --- a/CVE-2020/CVE-2020-48xx/CVE-2020-4868.json +++ b/CVE-2020/CVE-2020-48xx/CVE-2020-4868.json @@ -2,8 +2,8 @@ "id": "CVE-2020-4868", "sourceIdentifier": "psirt@us.ibm.com", "published": "2023-07-31T02:15:09.673", - "lastModified": "2023-07-31T12:54:46.757", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-03T19:25:38.803", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + }, { "source": "psirt@us.ibm.com", "type": "Secondary", @@ -39,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-209" + } + ] + }, { "source": "psirt@us.ibm.com", "type": "Secondary", @@ -50,14 +80,40 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:tririga_application_platform:*:*:*:*:*:*:*:*", + "versionStartIncluding": "3.0", + "versionEndExcluding": "4.5", + "matchCriteriaId": "C4386472-0D4E-4273-9CBE-CDE4C1957780" + } + ] + } + ] + } + ], "references": [ { "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/190744", - "source": "psirt@us.ibm.com" + "source": "psirt@us.ibm.com", + "tags": [ + "VDB Entry", + "Vendor Advisory" + ] }, { "url": "https://www.ibm.com/support/pages/node/7015393", - "source": "psirt@us.ibm.com" + "source": "psirt@us.ibm.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-25xx/CVE-2022-2502.json b/CVE-2022/CVE-2022-25xx/CVE-2022-2502.json index a8195f45456..134f6f479b8 100644 --- a/CVE-2022/CVE-2022-25xx/CVE-2022-2502.json +++ b/CVE-2022/CVE-2022-25xx/CVE-2022-2502.json @@ -2,8 +2,8 @@ "id": "CVE-2022-2502", "sourceIdentifier": "cybersecurity@hitachienergy.com", "published": "2023-07-26T06:15:09.760", - "lastModified": "2023-07-26T12:53:08.817", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-03T19:26:16.343", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + }, { "source": "cybersecurity@hitachienergy.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-20" + } + ] + }, { "source": "cybersecurity@hitachienergy.com", "type": "Secondary", @@ -46,10 +76,57 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hitachienergy:rtu500_firmware:13.3.1:*:*:*:*:*:*:*", + "matchCriteriaId": "C444DE8E-5AC5-409B-8DA0-5C49A69076DD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hitachienergy:rtu500_firmware:13.3.2:*:*:*:*:*:*:*", + "matchCriteriaId": "4C55747C-E5DA-4444-B017-1994011A5EF7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hitachienergy:rtu500_firmware:13.3.3:*:*:*:*:*:*:*", + "matchCriteriaId": "0997C03B-21AC-4767-856C-79833FB378A8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:hitachienergy:rtu500_firmware:13.4.1:*:*:*:*:*:*:*", + "matchCriteriaId": "C0763F03-C6C8-4104-9028-3CF265F289D5" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:hitachienergy:rtu500:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DE94252D-03EE-451B-8322-B4DBC790C6E9" + } + ] + } + ] + } + ], "references": [ { "url": "https://search.abb.com/library/Download.aspx?DocumentID=8DBD000121&LanguageCode=en&DocumentPartId=&Action=Launch", - "source": "cybersecurity@hitachienergy.com" + "source": "cybersecurity@hitachienergy.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-381xx/CVE-2022-38106.json b/CVE-2022/CVE-2022-381xx/CVE-2022-38106.json index 109bea67369..81855d71960 100644 --- a/CVE-2022/CVE-2022-381xx/CVE-2022-38106.json +++ b/CVE-2022/CVE-2022-381xx/CVE-2022-38106.json @@ -2,12 +2,12 @@ "id": "CVE-2022-38106", "sourceIdentifier": "psirt@solarwinds.com", "published": "2022-12-16T16:15:22.127", - "lastModified": "2022-12-21T17:44:51.110", - "vulnStatus": "Analyzed", + "lastModified": "2023-08-03T18:15:10.240", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This vulnerability happens in the web client versions 15.3.0 to Serv-U 15.3.1. This vulnerability affects the directory creation function." + "value": "\nThis vulnerability happens in the web client versions 15.3.0 to Serv-U 15.3.1. This vulnerability affects the directory creation function. \n\n" } ], "metrics": { @@ -37,20 +37,20 @@ "type": "Secondary", "cvssData": { "version": "3.1", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:L", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", - "privilegesRequired": "HIGH", + "privilegesRequired": "LOW", "userInteraction": "REQUIRED", "scope": "CHANGED", - "confidentialityImpact": "HIGH", + "confidentialityImpact": "LOW", "integrityImpact": "LOW", - "availabilityImpact": "LOW", - "baseScore": 7.5, - "baseSeverity": "HIGH" + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" }, - "exploitabilityScore": 1.7, - "impactScore": 5.3 + "exploitabilityScore": 2.3, + "impactScore": 2.7 } ] }, diff --git a/CVE-2022/CVE-2022-381xx/CVE-2022-38107.json b/CVE-2022/CVE-2022-381xx/CVE-2022-38107.json index acb1828b77a..70ddb8d4c55 100644 --- a/CVE-2022/CVE-2022-381xx/CVE-2022-38107.json +++ b/CVE-2022/CVE-2022-381xx/CVE-2022-38107.json @@ -2,12 +2,12 @@ "id": "CVE-2022-38107", "sourceIdentifier": "psirt@solarwinds.com", "published": "2022-10-19T22:15:12.247", - "lastModified": "2022-10-21T13:32:41.257", - "vulnStatus": "Analyzed", + "lastModified": "2023-08-03T18:15:10.463", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Sensitive information could be displayed when a detailed technical error message is posted. This information could disclose environmental details." + "value": "Sensitive information could be displayed when a detailed technical error message is posted. This information could disclose environmental details.\n\n" }, { "lang": "es", @@ -41,19 +41,19 @@ "type": "Secondary", "cvssData": { "version": "3.1", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", - "privilegesRequired": "LOW", + "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "availabilityImpact": "NONE", - "baseScore": 4.3, + "baseScore": 5.3, "baseSeverity": "MEDIUM" }, - "exploitabilityScore": 2.8, + "exploitabilityScore": 3.9, "impactScore": 1.4 } ] diff --git a/CVE-2022/CVE-2022-381xx/CVE-2022-38110.json b/CVE-2022/CVE-2022-381xx/CVE-2022-38110.json index 9d26db3f78c..8678d51be6e 100644 --- a/CVE-2022/CVE-2022-381xx/CVE-2022-38110.json +++ b/CVE-2022/CVE-2022-381xx/CVE-2022-38110.json @@ -2,12 +2,12 @@ "id": "CVE-2022-38110", "sourceIdentifier": "psirt@solarwinds.com", "published": "2023-01-20T18:15:10.190", - "lastModified": "2023-01-27T15:03:47.127", - "vulnStatus": "Analyzed", + "lastModified": "2023-08-03T18:15:10.607", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "In Database Performance Analyzer (DPA) 2022.4 and older releases, certain URL vectors are susceptible to authenticated reflected cross-site scripting." + "value": "In Database Performance Analyzer (DPA) 2022.4 and older releases, certain URL vectors are susceptible to authenticated reflected cross-site scripting.\n\n" } ], "metrics": { @@ -37,20 +37,20 @@ "type": "Secondary", "cvssData": { "version": "3.1", - "vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H", - "attackVector": "ADJACENT_NETWORK", - "attackComplexity": "HIGH", - "privilegesRequired": "HIGH", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 6.3, + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, "baseSeverity": "MEDIUM" }, - "exploitabilityScore": 0.4, - "impactScore": 5.9 + "exploitabilityScore": 2.3, + "impactScore": 2.7 } ] }, diff --git a/CVE-2022/CVE-2022-381xx/CVE-2022-38113.json b/CVE-2022/CVE-2022-381xx/CVE-2022-38113.json index c4d6072082a..a9bac6f8641 100644 --- a/CVE-2022/CVE-2022-381xx/CVE-2022-38113.json +++ b/CVE-2022/CVE-2022-381xx/CVE-2022-38113.json @@ -2,12 +2,12 @@ "id": "CVE-2022-38113", "sourceIdentifier": "psirt@solarwinds.com", "published": "2022-11-23T17:15:10.097", - "lastModified": "2022-11-28T18:15:07.740", - "vulnStatus": "Analyzed", + "lastModified": "2023-08-03T18:15:10.757", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This vulnerability discloses build and services versions in the server response header." + "value": "This vulnerability discloses build and services versions in the server response header.\n\n" } ], "metrics": { @@ -37,19 +37,19 @@ "type": "Secondary", "cvssData": { "version": "3.1", - "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", - "attackVector": "ADJACENT_NETWORK", - "attackComplexity": "HIGH", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "availabilityImpact": "NONE", - "baseScore": 3.1, - "baseSeverity": "LOW" + "baseScore": 5.3, + "baseSeverity": "MEDIUM" }, - "exploitabilityScore": 1.6, + "exploitabilityScore": 3.9, "impactScore": 1.4 } ] diff --git a/CVE-2022/CVE-2022-381xx/CVE-2022-38114.json b/CVE-2022/CVE-2022-381xx/CVE-2022-38114.json index e75b5042a7c..e2765a2424f 100644 --- a/CVE-2022/CVE-2022-381xx/CVE-2022-38114.json +++ b/CVE-2022/CVE-2022-381xx/CVE-2022-38114.json @@ -2,12 +2,12 @@ "id": "CVE-2022-38114", "sourceIdentifier": "psirt@solarwinds.com", "published": "2022-11-23T17:15:10.167", - "lastModified": "2023-06-27T20:07:13.903", - "vulnStatus": "Analyzed", + "lastModified": "2023-08-03T18:15:10.917", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "This vulnerability occurs when a web server fails to correctly process the Content-Length of POST requests. This can lead to HTTP request smuggling or XSS." + "value": "This vulnerability occurs when a web server fails to correctly process the Content-Length of POST requests. This can lead to HTTP request smuggling or XSS.\n\n" } ], "metrics": { @@ -37,20 +37,20 @@ "type": "Secondary", "cvssData": { "version": "3.1", - "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N", - "attackVector": "ADJACENT_NETWORK", - "attackComplexity": "HIGH", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", - "scope": "UNCHANGED", + "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "NONE", - "baseScore": 3.7, - "baseSeverity": "LOW" + "baseScore": 6.1, + "baseSeverity": "MEDIUM" }, - "exploitabilityScore": 1.2, - "impactScore": 2.5 + "exploitabilityScore": 2.8, + "impactScore": 2.7 } ] }, diff --git a/CVE-2022/CVE-2022-381xx/CVE-2022-38115.json b/CVE-2022/CVE-2022-381xx/CVE-2022-38115.json index 0e35fa05b79..7aced621dac 100644 --- a/CVE-2022/CVE-2022-381xx/CVE-2022-38115.json +++ b/CVE-2022/CVE-2022-381xx/CVE-2022-38115.json @@ -2,12 +2,12 @@ "id": "CVE-2022-38115", "sourceIdentifier": "psirt@solarwinds.com", "published": "2022-11-23T17:15:10.237", - "lastModified": "2022-11-28T18:20:35.117", - "vulnStatus": "Analyzed", + "lastModified": "2023-08-03T19:15:09.793", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Insecure method vulnerability in which allowed HTTP methods are disclosed. E.g., OPTIONS, DELETE, TRACE, and PUT" + "value": "Insecure method vulnerability in which allowed HTTP methods are disclosed. E.g., OPTIONS, DELETE, TRACE, and PUT\n\n" } ], "metrics": { @@ -37,19 +37,19 @@ "type": "Secondary", "cvssData": { "version": "3.1", - "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", - "attackVector": "ADJACENT_NETWORK", - "attackComplexity": "HIGH", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "availabilityImpact": "NONE", - "baseScore": 3.1, - "baseSeverity": "LOW" + "baseScore": 5.3, + "baseSeverity": "MEDIUM" }, - "exploitabilityScore": 1.6, + "exploitabilityScore": 3.9, "impactScore": 1.4 } ] diff --git a/CVE-2022/CVE-2022-429xx/CVE-2022-42986.json b/CVE-2022/CVE-2022-429xx/CVE-2022-42986.json new file mode 100644 index 00000000000..dd9938d9a50 --- /dev/null +++ b/CVE-2022/CVE-2022-429xx/CVE-2022-42986.json @@ -0,0 +1,15 @@ +{ + "id": "CVE-2022-42986", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-03T18:15:11.113", + "lastModified": "2023-08-03T18:15:11.113", + "vulnStatus": "Rejected", + "descriptions": [ + { + "lang": "en", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2023-39122. Reason: This candidate is a reservation duplicate of CVE-2023-39122. Notes: All CVE users should reference CVE-2023-39122 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." + } + ], + "metrics": {}, + "references": [] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-09xx/CVE-2023-0956.json b/CVE-2023/CVE-2023-09xx/CVE-2023-0956.json new file mode 100644 index 00000000000..55b1fbf5d83 --- /dev/null +++ b/CVE-2023/CVE-2023-09xx/CVE-2023-0956.json @@ -0,0 +1,51 @@ +{ + "id": "CVE-2023-0956", + "sourceIdentifier": "ics-cert@hq.dhs.gov", + "published": "2023-08-03T19:15:10.323", + "lastModified": "2023-08-03T19:15:10.323", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "\nExternal input could be used on TEL-STER TelWin SCADA WebInterface to construct paths to files and directories without properly neutralizing special elements within the pathname, which could allow an unauthenticated attacker to read files on the system.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "ics-cert@hq.dhs.gov", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "references": [ + { + "url": "https://cert.pl/posts/2023/07/CVE-2023-0956/", + "source": "ics-cert@hq.dhs.gov" + }, + { + "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-215-03", + "source": "ics-cert@hq.dhs.gov" + }, + { + "url": "https://www.tel-ster.pl/index.php/telwin-scada/nowosci/372-telwin-scada-podatnosc-cve-2023-0956", + "source": "ics-cert@hq.dhs.gov" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-28xx/CVE-2023-2860.json b/CVE-2023/CVE-2023-28xx/CVE-2023-2860.json index ca53d2ffced..51349039e82 100644 --- a/CVE-2023/CVE-2023-28xx/CVE-2023-2860.json +++ b/CVE-2023/CVE-2023-28xx/CVE-2023-2860.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2860", "sourceIdentifier": "secalert@redhat.com", "published": "2023-07-24T16:15:11.293", - "lastModified": "2023-07-25T13:01:13.730", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-03T18:39:50.520", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 4.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.8, + "impactScore": 3.6 + }, { "source": "secalert@redhat.com", "type": "Secondary", @@ -34,18 +54,79 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionEndIncluding": "5.19.19", + "matchCriteriaId": "F4891542-C989-4DD0-8B76-477B7E532CBC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.0:rc1:*:*:*:*:*:*", + "matchCriteriaId": "E8BD11A3-8643-49B6-BADE-5029A0117325" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.0:rc2:*:*:*:*:*:*", + "matchCriteriaId": "5F0AD220-F6A9-4012-8636-155F1B841FAD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.0:rc3:*:*:*:*:*:*", + "matchCriteriaId": "A46498B3-78E1-4623-AAE1-94D29A42BE4E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.0:rc4:*:*:*:*:*:*", + "matchCriteriaId": "F8446E87-F5F6-41CA-8201-BAE0F0CA6DD9" + } + ] + } + ] + } + ], "references": [ { "url": "https://access.redhat.com/security/cve/CVE-2023-2860", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2218122", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Issue Tracking", + "Patch" + ] }, { "url": "https://www.zerodayinitiative.com/advisories/ZDI-CAN-18511", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32443.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32443.json index d9217d6aa17..96aec932235 100644 --- a/CVE-2023/CVE-2023-324xx/CVE-2023-32443.json +++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32443.json @@ -2,27 +2,104 @@ "id": "CVE-2023-32443", "sourceIdentifier": "product-security@apple.com", "published": "2023-07-27T01:15:31.987", - "lastModified": "2023-07-27T12:13:15.833", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-03T18:16:54.600", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Monterey 12.6.8, macOS Ventura 13.5, macOS Big Sur 11.7.9. Processing a file may lead to a denial-of-service or potentially disclose memory contents." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 8.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.2 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", + "versionStartIncluding": "11.0", + "versionEndExcluding": "11.7.9", + "matchCriteriaId": "FB5312D6-AEEA-4548-B3EF-B07B46168475" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", + "versionStartIncluding": "12.0", + "versionEndExcluding": "12.6.8", + "matchCriteriaId": "5B763A1F-C183-4728-B593-67558FD9FC36" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", + "versionStartIncluding": "13.0", + "versionEndExcluding": "13.5", + "matchCriteriaId": "3D701507-146E-4E5B-8C32-60E797E46627" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.apple.com/en-us/HT213843", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://support.apple.com/en-us/HT213844", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://support.apple.com/en-us/HT213845", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32468.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32468.json index 3198162aafb..9811d693a8c 100644 --- a/CVE-2023/CVE-2023-324xx/CVE-2023-32468.json +++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32468.json @@ -2,8 +2,8 @@ "id": "CVE-2023-32468", "sourceIdentifier": "security_alert@emc.com", "published": "2023-07-26T08:15:10.063", - "lastModified": "2023-07-26T12:53:08.817", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-03T18:23:50.197", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 4.9, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.2, + "impactScore": 3.6 + }, { "source": "security_alert@emc.com", "type": "Secondary", @@ -46,10 +66,32 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:dell:ecs_streamer:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.0.7.1", + "matchCriteriaId": "AF74D338-0809-4C44-B3FC-D7AA375D1C11" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.dell.com/support/kbdoc/en-us/000215903/dsa-2023-254-security-update-for-dell-ecs-streamer-sensitive-data-exposure-vulnerability", - "source": "security_alert@emc.com" + "source": "security_alert@emc.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-327xx/CVE-2023-32764.json b/CVE-2023/CVE-2023-327xx/CVE-2023-32764.json new file mode 100644 index 00000000000..bdb328011ef --- /dev/null +++ b/CVE-2023/CVE-2023-327xx/CVE-2023-32764.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-32764", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-03T18:15:11.230", + "lastModified": "2023-08-03T18:15:11.230", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Fabasoft Cloud Enterprise Client 23.3.0.130 allows a user to escalate their privileges to local administrator." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://help.supportservices.fabasoft.com/index.php?topic=doc/Vulnerabilities-Fabasoft-Folio/vulnerabilities-2023.htm#client-autoupdate-harmful-code-installation-vulnerability-pdo06614-", + "source": "cve@mitre.org" + }, + { + "url": "https://www.compass-security.com/fileadmin/Research/Advisories/2023_01_CSNC-2023-002_LPE_Cloud_Client.txt", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-350xx/CVE-2023-35081.json b/CVE-2023/CVE-2023-350xx/CVE-2023-35081.json new file mode 100644 index 00000000000..470cd4a5ecd --- /dev/null +++ b/CVE-2023/CVE-2023-350xx/CVE-2023-35081.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2023-35081", + "sourceIdentifier": "support@hackerone.com", + "published": "2023-08-03T18:15:11.303", + "lastModified": "2023-08-03T18:15:11.303", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A path traversal vulnerability in Ivanti EPMM versions (11.10.x < 11.10.0.3, 11.9.x < 11.9.1.2 and 11.8.x < 11.8.1.2) allows an authenticated administrator to write arbitrary files onto the appliance." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "support@hackerone.com", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.9 + } + ] + }, + "references": [ + { + "url": "https://forums.ivanti.com/s/article/CVE-2023-35081-Arbitrary-File-Write?language=en_US", + "source": "support@hackerone.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-350xx/CVE-2023-35087.json b/CVE-2023/CVE-2023-350xx/CVE-2023-35087.json index 2c92791732c..e60e87e856e 100644 --- a/CVE-2023/CVE-2023-350xx/CVE-2023-35087.json +++ b/CVE-2023/CVE-2023-350xx/CVE-2023-35087.json @@ -2,8 +2,8 @@ "id": "CVE-2023-35087", "sourceIdentifier": "twcert@cert.org.tw", "published": "2023-07-21T08:15:09.900", - "lastModified": "2023-07-21T12:52:26.787", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-03T18:43:53.560", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -36,7 +36,7 @@ }, "weaknesses": [ { - "source": "twcert@cert.org.tw", + "source": "nvd@nist.gov", "type": "Primary", "description": [ { @@ -44,12 +44,81 @@ "value": "CWE-134" } ] + }, + { + "source": "twcert@cert.org.tw", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-134" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:asus:rt-ac86u_firmware:3.0.0.4_386_51529:*:*:*:*:*:*:*", + "matchCriteriaId": "E3A1AA3F-0CCF-41B0-B8D7-2D72D82C0261" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:asus:rt-ac86u:-:*:*:*:*:*:*:*", + "matchCriteriaId": "89095282-ABBD-4056-B731-7F05638DB1A6" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:asus:rt-ax56u_v2_firmware:3.0.0.4.386_50460:*:*:*:*:*:*:*", + "matchCriteriaId": "7201F0D9-5111-414B-8756-3B36838193CD" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:asus:rt-ax56u_v2:-:*:*:*:*:*:*:*", + "matchCriteriaId": "FFFF5EF7-E4EC-4DA0-82B4-9996087B951F" + } + ] + } + ] } ], "references": [ { "url": "https://www.twcert.org.tw/tw/cp-132-7249-ab2d1-1.html", - "source": "twcert@cert.org.tw" + "source": "twcert@cert.org.tw", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-362xx/CVE-2023-36217.json b/CVE-2023/CVE-2023-362xx/CVE-2023-36217.json new file mode 100644 index 00000000000..da1c35063a7 --- /dev/null +++ b/CVE-2023/CVE-2023-362xx/CVE-2023-36217.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-36217", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-03T18:15:11.397", + "lastModified": "2023-08-03T18:15:11.397", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Cross Site Scripting vulnerability in Xoops CMS v.2.5.10 allows a remote attacker to execute arbitrary code via the category name field of the image manager function." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/XOOPS/XoopsCore25/releases/tag/v2.5.10", + "source": "cve@mitre.org" + }, + { + "url": "https://www.exploit-db.com/exploits/51520", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-365xx/CVE-2023-36542.json b/CVE-2023/CVE-2023-365xx/CVE-2023-36542.json index 0e3de53f7c4..21b7fb15dac 100644 --- a/CVE-2023/CVE-2023-365xx/CVE-2023-36542.json +++ b/CVE-2023/CVE-2023-365xx/CVE-2023-36542.json @@ -2,15 +2,38 @@ "id": "CVE-2023-36542", "sourceIdentifier": "security@apache.org", "published": "2023-07-29T08:15:48.833", - "lastModified": "2023-07-31T12:54:52.103", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-03T19:09:29.110", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Apache NiFi 0.0.2 through 1.22.0 include Processors and Controller Services that support HTTP URL references for retrieving drivers, which allows an authenticated and authorized user to configure a location that enables custom code execution. The resolution introduces a new Required Permission for referencing remote resources, restricting configuration of these components to privileged users. The permission prevents unprivileged users from configuring Processors and Controller Services annotated with the new Reference Remote Resources restriction. Upgrading to Apache NiFi 1.23.0 is the recommended mitigation.\n" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, "weaknesses": [ { "source": "security@apache.org", @@ -23,22 +46,56 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:apache:nifi:*:*:*:*:*:*:*:*", + "versionStartIncluding": "0.0.2", + "versionEndIncluding": "1.22.0", + "matchCriteriaId": "9C3B1469-F3F7-42FD-AB7A-A4B46384EB02" + } + ] + } + ] + } + ], "references": [ { "url": "http://seclists.org/fulldisclosure/2023/Jul/43", - "source": "security@apache.org" + "source": "security@apache.org", + "tags": [ + "Not Applicable" + ] }, { "url": "http://www.openwall.com/lists/oss-security/2023/07/29/1", - "source": "security@apache.org" + "source": "security@apache.org", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://lists.apache.org/thread/swnly3dzhhq9zo3rofc8djq77stkhbof", - "source": "security@apache.org" + "source": "security@apache.org", + "tags": [ + "Issue Tracking", + "Mailing List", + "Vendor Advisory" + ] }, { "url": "https://nifi.apache.org/security.html#CVE-2023-36542", - "source": "security@apache.org" + "source": "security@apache.org", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-36xx/CVE-2023-3670.json b/CVE-2023/CVE-2023-36xx/CVE-2023-3670.json index 1b87c2a3d8a..265822e2516 100644 --- a/CVE-2023/CVE-2023-36xx/CVE-2023-3670.json +++ b/CVE-2023/CVE-2023-36xx/CVE-2023-3670.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3670", "sourceIdentifier": "info@cert.vde.com", "published": "2023-07-28T08:15:10.557", - "lastModified": "2023-07-28T13:44:31.450", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-03T18:44:39.050", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,39 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:development_system:*:*:*:*:*:*:*:*", + "versionStartIncluding": "3.5.9.0", + "versionEndExcluding": "3.5.17.0", + "matchCriteriaId": "727C53CA-E8D1-4280-8CFA-64A6ECFDA41B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codesys:scripting:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.0.0.0", + "versionEndExcluding": "4.1.0.0", + "matchCriteriaId": "FBD63247-C6C1-44FC-99C7-71FC875125A6" + } + ] + } + ] + } + ], "references": [ { "url": "https://cert.vde.com/en/advisories/VDE-2023-024", - "source": "info@cert.vde.com" + "source": "info@cert.vde.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-372xx/CVE-2023-37216.json b/CVE-2023/CVE-2023-372xx/CVE-2023-37216.json index 9997e03c8ff..a1470c5873e 100644 --- a/CVE-2023/CVE-2023-372xx/CVE-2023-37216.json +++ b/CVE-2023/CVE-2023-372xx/CVE-2023-37216.json @@ -2,8 +2,8 @@ "id": "CVE-2023-37216", "sourceIdentifier": "cna@cyber.gov.il", "published": "2023-07-30T10:15:09.710", - "lastModified": "2023-07-31T12:54:52.103", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-03T19:14:49.727", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + }, { "source": "cna@cyber.gov.il", "type": "Secondary", @@ -34,10 +54,54 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:anasystem:sensmini_m4_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3BF05D75-D441-4714-90DF-11DA742EB42F" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:anasystem:sensmini_m4:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3F96C835-CF16-463F-BFD9-EC26C46017AF" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.gov.il/en/Departments/faq/cve_advisories", - "source": "cna@cyber.gov.il" + "source": "cna@cyber.gov.il", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-374xx/CVE-2023-37467.json b/CVE-2023/CVE-2023-374xx/CVE-2023-37467.json index 504601938e3..57ff283b8a6 100644 --- a/CVE-2023/CVE-2023-374xx/CVE-2023-37467.json +++ b/CVE-2023/CVE-2023-374xx/CVE-2023-37467.json @@ -2,8 +2,8 @@ "id": "CVE-2023-37467", "sourceIdentifier": "security-advisories@github.com", "published": "2023-07-28T15:15:10.960", - "lastModified": "2023-07-28T16:41:43.963", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-03T18:34:44.600", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, { "source": "security-advisories@github.com", "type": "Secondary", @@ -36,8 +56,18 @@ }, "weaknesses": [ { - "source": "security-advisories@github.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + }, + { + "source": "security-advisories@github.com", + "type": "Secondary", "description": [ { "lang": "en", @@ -46,14 +76,1087 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.1.0:beta1:*:*:beta:*:*:*", + "matchCriteriaId": "BF272688-1B08-4ABC-8002-66B59690F9A5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.1.0:beta2:*:*:beta:*:*:*", + "matchCriteriaId": "A29A2465-B21D-4147-8292-DCF864D385B4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.1.0:beta3:*:*:beta:*:*:*", + "matchCriteriaId": "BBC3511E-3D68-42E2-B521-966FB429B640" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.1.0:beta4:*:*:beta:*:*:*", + "matchCriteriaId": "EC8B99C2-E267-4EC2-AF09-C9AD1EEE76D9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.1.0:beta5:*:*:beta:*:*:*", + "matchCriteriaId": "F21A22EE-081A-4489-A7F8-22E2DBC5B00E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.1.0:beta6:*:*:beta:*:*:*", + "matchCriteriaId": "6E6C8FB3-4B19-4510-B9A8-BCF9ED8ED7C9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.1.0:beta6b:*:*:beta:*:*:*", + "matchCriteriaId": "5B827291-6483-4BB7-AF76-530B669B3ED5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.1.0:beta7:*:*:beta:*:*:*", + "matchCriteriaId": "551E70ED-34FF-4989-91C9-6312DE4AB4DF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.1.0:beta8:*:*:beta:*:*:*", + "matchCriteriaId": "204FB99A-8F11-4F04-9ED9-D94551790116" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.2.0:beta1:*:*:beta:*:*:*", + "matchCriteriaId": "46A8705C-0DF6-45D7-A38C-D2AB69194C59" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.2.0:beta2:*:*:beta:*:*:*", + "matchCriteriaId": "F59B0D8E-CFFB-4EBA-9D6A-526F9541BA17" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.2.0:beta3:*:*:beta:*:*:*", + "matchCriteriaId": "D801A898-27D0-4076-8AF9-2B574FA11723" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.2.0:beta4:*:*:beta:*:*:*", + "matchCriteriaId": "E7CBBD4A-4FDB-49E0-A5B6-22701C12BDF2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.2.0:beta5:*:*:beta:*:*:*", + "matchCriteriaId": "9E7328DF-1924-4D0D-AC6B-1BA2D9CF1D4D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.2.0:beta6:*:*:beta:*:*:*", + "matchCriteriaId": "9421CE10-F226-4F2C-9DA7-EBB44B73C304" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.2.0:beta7:*:*:beta:*:*:*", + "matchCriteriaId": "1E71FBB6-ECAD-4581-9982-4C330D55FEAF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.2.0:beta8:*:*:beta:*:*:*", + "matchCriteriaId": "1B631CCC-D456-49FF-B626-59C40BD4E167" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.2.0:beta9:*:*:beta:*:*:*", + "matchCriteriaId": "BE83F98D-F7AA-434B-8438-5B1FB96681B9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.3.0:beta1:*:*:beta:*:*:*", + "matchCriteriaId": "EB93F19B-9087-44CE-B884-45F434B7906F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.3.0:beta10:*:*:beta:*:*:*", + "matchCriteriaId": "5A88A5A3-EF1A-4E86-B074-CE0AC4325484" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.3.0:beta11:*:*:beta:*:*:*", + "matchCriteriaId": "0650B4C7-BCFE-4180-8FEF-4170A67E8BD3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.3.0:beta2:*:*:beta:*:*:*", + "matchCriteriaId": "388F376E-46C9-4163-992D-95E3E4548D0F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.3.0:beta3:*:*:beta:*:*:*", + "matchCriteriaId": "D661090A-DA61-4BBE-85C3-6F48C053C84B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.3.0:beta4:*:*:beta:*:*:*", + "matchCriteriaId": "4A458242-D6DD-46E3-AF09-66BC87C5D7A6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.3.0:beta5:*:*:beta:*:*:*", + "matchCriteriaId": "A8FACCBA-0D3B-4E6F-85A0-1CBD2B367F71" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.3.0:beta6:*:*:beta:*:*:*", + "matchCriteriaId": "F1D83D80-A0BE-4794-91A1-599AF558FB67" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.3.0:beta7:*:*:beta:*:*:*", + "matchCriteriaId": "BD15B6B2-BFB3-4271-A507-48E9B827FA02" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.3.0:beta8:*:*:beta:*:*:*", + "matchCriteriaId": "E0003042-9B14-4E1B-800F-3D154FFE8A1A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.3.0:beta9:*:*:beta:*:*:*", + "matchCriteriaId": "E449EA29-81C8-4477-977E-746EACDBED86" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.4.0:beta1:*:*:beta:*:*:*", + "matchCriteriaId": "6FC6D4DF-8686-4054-A0C1-784E194171E6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.4.0:beta10:*:*:beta:*:*:*", + "matchCriteriaId": "C574C37D-3D99-4430-A3D5-199883556B64" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.4.0:beta11:*:*:beta:*:*:*", + "matchCriteriaId": "F344E950-EFF9-4405-99D7-0B615C32873F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.4.0:beta12:*:*:beta:*:*:*", + "matchCriteriaId": "0A50DE1B-29EB-4014-B5B6-46CF493485F2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.4.0:beta2:*:*:beta:*:*:*", + "matchCriteriaId": "638B3E17-9F0A-4A96-B8D3-DDFEA518DBE9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.4.0:beta3:*:*:beta:*:*:*", + "matchCriteriaId": "6D3E3AEB-8CD4-4EE7-9C81-2F74512071DD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.4.0:beta4:*:*:beta:*:*:*", + "matchCriteriaId": "254FF9D9-E696-41C8-B15B-DA089D2C6597" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.4.0:beta5:*:*:beta:*:*:*", + "matchCriteriaId": "2A5001E1-E716-43AA-8093-E0EED9E07909" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.4.0:beta6:*:*:beta:*:*:*", + "matchCriteriaId": "7FD16B13-516A-4D03-B1EF-A11156471A06" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.4.0:beta7:*:*:beta:*:*:*", + "matchCriteriaId": "E886D9EF-7FBD-4A24-A8B6-54E4B15403C6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.4.0:beta8:*:*:beta:*:*:*", + "matchCriteriaId": "369A83D1-AB7E-488D-9D74-26A69DFC1AD9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.4.0:beta9:*:*:beta:*:*:*", + "matchCriteriaId": "3189CAC1-8970-4A33-B1E4-EB9EC3C19A25" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.5.0:beta1:*:*:beta:*:*:*", + "matchCriteriaId": "A8733438-7625-400E-8237-BAE3D9F147AB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.5.0:beta10:*:*:beta:*:*:*", + "matchCriteriaId": "E87F1ED0-FD0D-4767-8E7C-325D920B79BD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.5.0:beta11:*:*:beta:*:*:*", + "matchCriteriaId": "97811266-A13C-4441-A1B5-BFA4B0862DFE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.5.0:beta12:*:*:beta:*:*:*", + "matchCriteriaId": "3D09D157-4B19-4561-AB20-952F2EA9BA0C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.5.0:beta13:*:*:beta:*:*:*", + "matchCriteriaId": "789087AF-0011-4E8F-A5AB-432A5F91BBA8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.5.0:beta13b:*:*:beta:*:*:*", + "matchCriteriaId": "8EC9DC8C-56DC-482B-8847-BD0CFACA6F8D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.5.0:beta14:*:*:beta:*:*:*", + "matchCriteriaId": "F63B3D13-24F6-4EFA-9528-DBF59D973A9A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.5.0:beta2:*:*:beta:*:*:*", + "matchCriteriaId": "7F3A2388-18DE-46B0-BC13-7714E25D1B1C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.5.0:beta3:*:*:beta:*:*:*", + "matchCriteriaId": "940B11CB-053F-4D60-8BC4-81CA659D2F7B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.5.0:beta4:*:*:beta:*:*:*", + "matchCriteriaId": "83684DCB-B201-43B8-8B6E-6D0B13B7E437" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.5.0:beta5:*:*:beta:*:*:*", + "matchCriteriaId": "DF92E1FD-9B41-4A41-8B13-9D789C5729D6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.5.0:beta6:*:*:beta:*:*:*", + "matchCriteriaId": "351D224A-E67C-454C-AF43-8AD6CD44C685" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.5.0:beta7:*:*:beta:*:*:*", + "matchCriteriaId": "E058CA6D-A295-4CAD-8C85-E8C83BAFEBD2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.5.0:beta8:*:*:beta:*:*:*", + "matchCriteriaId": "FF99C114-1BCA-4400-BC7E-EDA1F55559CE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.5.0:beta9:*:*:beta:*:*:*", + "matchCriteriaId": "BBA1EFBA-5A26-46A0-B2A6-53B9924253BF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.6.0:beta1:*:*:beta:*:*:*", + "matchCriteriaId": "FE5B90B0-B6CC-4189-9C98-CF29017A47B5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.6.0:beta10:*:*:beta:*:*:*", + "matchCriteriaId": "A1818628-5F4E-4E5D-974A-0BEBCE821209" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.6.0:beta11:*:*:beta:*:*:*", + "matchCriteriaId": "14785840-3BC0-4030-AE44-E3013DF19AD7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.6.0:beta12:*:*:beta:*:*:*", + "matchCriteriaId": "90444209-684C-4BF8-9BCF-6B29EA0A0593" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.6.0:beta2:*:*:beta:*:*:*", + "matchCriteriaId": "668E15DE-8CF2-4AF3-B13A-9080046B1E03" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.6.0:beta3:*:*:beta:*:*:*", + "matchCriteriaId": "1191861C-1B2C-4762-805D-FCDC20F84D05" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.6.0:beta4:*:*:beta:*:*:*", + "matchCriteriaId": "3CB518E5-CCC0-46B8-848E-C492BCF7E9BB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.6.0:beta5:*:*:beta:*:*:*", + "matchCriteriaId": "CA1F68FE-67EA-4408-8E0F-558B0FAFFF32" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.6.0:beta6:*:*:beta:*:*:*", + "matchCriteriaId": "66E9F05C-799A-43D3-9367-FCA86166BD65" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.6.0:beta7:*:*:beta:*:*:*", + "matchCriteriaId": "85DB4097-6EFC-4017-ADFD-56EE49BB2F34" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.6.0:beta8:*:*:beta:*:*:*", + "matchCriteriaId": "AD283EA2-9026-497F-A7DE-E16CE0764ED0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.6.0:beta9:*:*:beta:*:*:*", + "matchCriteriaId": "ED19DDDF-A29E-4C3F-A818-23D7E37B6974" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.7.0:beta1:*:*:beta:*:*:*", + "matchCriteriaId": "508D0052-B7D7-4A08-8BB0-7D7A1EDAB96D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.7.0:beta10:*:*:beta:*:*:*", + "matchCriteriaId": "3E50BFB0-67D3-4EDE-93FE-85EAF605461E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.7.0:beta11:*:*:beta:*:*:*", + "matchCriteriaId": "D7EE0134-6AD7-4695-B536-1959FE3A9672" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.7.0:beta2:*:*:beta:*:*:*", + "matchCriteriaId": "25DFFB5C-277F-4436-9BCE-643E98721C5A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.7.0:beta3:*:*:beta:*:*:*", + "matchCriteriaId": "B8B80EB2-0B48-4AFA-8A09-26006CCDB022" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.7.0:beta4:*:*:beta:*:*:*", + "matchCriteriaId": "AC8705E0-23ED-4817-8B69-21A4963C27F8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.7.0:beta5:*:*:beta:*:*:*", + "matchCriteriaId": "BAA156A9-A9FB-4D03-B0EE-4AA303D7A9CF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.7.0:beta6:*:*:beta:*:*:*", + "matchCriteriaId": "F733E585-075C-402A-9B34-1FE79DE4137E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.7.0:beta7:*:*:beta:*:*:*", + "matchCriteriaId": "05C43439-C694-47AA-90AF-0AC2277E3D3B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.7.0:beta8:*:*:beta:*:*:*", + "matchCriteriaId": "B391F8A1-F102-4C88-864C-1386452CDAB0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.7.0:beta9:*:*:beta:*:*:*", + "matchCriteriaId": "0BC33C93-9947-4983-96A3-7DE223929817" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.8.0:beta1:*:*:beta:*:*:*", + "matchCriteriaId": "B46DE141-1224-499E-AAE0-6CC0D5249B2C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.8.0:beta10:*:*:beta:*:*:*", + "matchCriteriaId": "D8D07501-A07E-4743-A188-2E5BBC3C8F97" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.8.0:beta11:*:*:beta:*:*:*", + "matchCriteriaId": "64FD2A30-EE33-4680-9DCF-29283DBA3C4F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.8.0:beta12:*:*:beta:*:*:*", + "matchCriteriaId": "B517F7A2-6FD1-4A7B-80E7-1167EC296591" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.8.0:beta13:*:*:beta:*:*:*", + "matchCriteriaId": "E6CA6EA5-DDAD-4882-AD1B-634C0CD741BE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.8.0:beta2:*:*:beta:*:*:*", + "matchCriteriaId": "F14DCB07-9464-4DDE-98A1-FAE85DD60FBC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.8.0:beta3:*:*:beta:*:*:*", + "matchCriteriaId": "6EDFD679-4710-4A62-B254-E658EED4295B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.8.0:beta4:*:*:beta:*:*:*", + "matchCriteriaId": "A1B81072-08A5-4EC6-B737-E35C505C1E47" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.8.0:beta5:*:*:beta:*:*:*", + "matchCriteriaId": "A0748A9E-5737-48F9-BB66-6576AFE16198" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.8.0:beta6:*:*:beta:*:*:*", + "matchCriteriaId": "453E51D9-89A1-4A91-B218-05C45CC4E329" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.8.0:beta7:*:*:beta:*:*:*", + "matchCriteriaId": "51542BA7-8151-4FC9-9C86-36CEB476B912" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.8.0:beta8:*:*:beta:*:*:*", + "matchCriteriaId": "5F95391C-0B75-47D2-9770-561E05414CEF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.8.0:beta9:*:*:beta:*:*:*", + "matchCriteriaId": "10384675-B949-4B50-AF42-B5A3EE27250B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.9.0:beta1:*:*:beta:*:*:*", + "matchCriteriaId": "7C0DB1C0-5749-4508-A265-C2138F7852E9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.9.0:beta10:*:*:beta:*:*:*", + "matchCriteriaId": "CA9977CF-575C-4A19-84C8-EBB68EBE88C9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.9.0:beta11:*:*:beta:*:*:*", + "matchCriteriaId": "87C525C5-E282-4EC6-956F-0C94DC11FC69" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.9.0:beta12:*:*:beta:*:*:*", + "matchCriteriaId": "7F02A2A8-6312-4F6D-ABBF-952CA4C5E02E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.9.0:beta13:*:*:beta:*:*:*", + "matchCriteriaId": "DE54D1A3-FC2A-40DE-9177-50332208B0B2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.9.0:beta14:*:*:beta:*:*:*", + "matchCriteriaId": "170AE3DA-92C1-4D1D-9CAC-543C01FFF479" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.9.0:beta15:*:*:beta:*:*:*", + "matchCriteriaId": "2130C3C5-E4A5-41C3-89F0-C6FB4E47D096" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.9.0:beta16:*:*:beta:*:*:*", + "matchCriteriaId": "74248527-B884-4134-95C8-DEAF3D774A9A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.9.0:beta17:*:*:beta:*:*:*", + "matchCriteriaId": "01A8AF9C-8BF6-4ADC-A85A-A5C1F9FFB2C7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.9.0:beta2:*:*:beta:*:*:*", + "matchCriteriaId": "B4038D09-467C-4815-A429-F0E1E3E545E7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.9.0:beta3:*:*:beta:*:*:*", + "matchCriteriaId": "6F273237-7223-4047-83B7-16A49B7E554A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.9.0:beta4:*:*:beta:*:*:*", + "matchCriteriaId": "CF26EE13-554C-4180-98A2-238D84E40927" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.9.0:beta5:*:*:beta:*:*:*", + "matchCriteriaId": "12688C9C-291D-4BF2-93F9-09AA323C52A9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.9.0:beta6:*:*:beta:*:*:*", + "matchCriteriaId": "A7F7A437-D538-4B44-AC41-C95641A11A35" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.9.0:beta7:*:*:beta:*:*:*", + "matchCriteriaId": "9BB61DCF-52DB-498D-8779-D565E548C285" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.9.0:beta8:*:*:beta:*:*:*", + "matchCriteriaId": "EE56BB77-B7F7-4BE7-AD9C-33888C5D01FE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:1.9.0:beta9:*:*:beta:*:*:*", + "matchCriteriaId": "9DB49E1D-BCC8-4984-A81D-5DAC5E3DF168" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.0.0:beta1:*:*:beta:*:*:*", + "matchCriteriaId": "F775EA72-CCE3-4230-A666-EFDAA61F71FE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.0.0:beta10:*:*:beta:*:*:*", + "matchCriteriaId": "5E65BDEE-850A-41C6-8CFB-BD8B3A105CD1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.0.0:beta2:*:*:beta:*:*:*", + "matchCriteriaId": "AF196429-FDED-4C3F-9F7D-0A2BF7DCAD1E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.0.0:beta3:*:*:beta:*:*:*", + "matchCriteriaId": "64B84326-5397-4C60-8007-F7E7D81DC661" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.0.0:beta4:*:*:beta:*:*:*", + "matchCriteriaId": "9A0A526A-9662-4E39-8BF6-E464BE1A2B6F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.0.0:beta5:*:*:beta:*:*:*", + "matchCriteriaId": "712DACC2-A21E-429F-8A7B-86D8F7CE3468" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.0.0:beta6:*:*:beta:*:*:*", + "matchCriteriaId": "6E93F9F6-5B03-4F77-B8B4-AEC9E4011692" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.0.0:beta7:*:*:beta:*:*:*", + "matchCriteriaId": "C5B2B98E-804F-4525-B726-3F1DF2693F79" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.0.0:beta8:*:*:beta:*:*:*", + "matchCriteriaId": "582E339F-678A-4377-8EE0-8F4208E3EF78" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.0.0:beta9:*:*:beta:*:*:*", + "matchCriteriaId": "1BF1D945-6EAA-4FA7-8252-2FED079587F0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.1.0:beta1:*:*:beta:*:*:*", + "matchCriteriaId": "9325DFF5-EA7B-4B8D-A227-4B1A59449CE1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.1.0:beta2:*:*:beta:*:*:*", + "matchCriteriaId": "0ECB28DA-3CA1-4011-9170-BFBF2ED3E091" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.1.0:beta3:*:*:beta:*:*:*", + "matchCriteriaId": "2A6399B0-471B-4B26-859C-3836F2A6B7D1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.1.0:beta4:*:*:beta:*:*:*", + "matchCriteriaId": "131E2AE4-E35D-495D-8907-3B899BB8AC41" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.1.0:beta5:*:*:beta:*:*:*", + "matchCriteriaId": "83601528-0DD9-4835-B6C0-0F341871CC15" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.1.0:beta6:*:*:beta:*:*:*", + "matchCriteriaId": "4AEB5AAF-73EB-4356-8C53-10E22B2F910E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.2.0:beta1:*:*:beta:*:*:*", + "matchCriteriaId": "9EB199D6-E253-4EC2-BF0B-059F7B6662ED" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.2.0:beta10:*:*:beta:*:*:*", + "matchCriteriaId": "94A586EB-B0E0-4190-88DF-3BCC04E5EF84" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.2.0:beta2:*:*:beta:*:*:*", + "matchCriteriaId": "0BF27B44-9AA7-4B91-9B4B-0E84418F5632" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.2.0:beta3:*:*:beta:*:*:*", + "matchCriteriaId": "461744BD-3974-4C33-8514-0A917DC90C6C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.2.0:beta4:*:*:beta:*:*:*", + "matchCriteriaId": "6A86FB2B-6915-49C0-B993-0711AAECA5FE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.2.0:beta5:*:*:beta:*:*:*", + "matchCriteriaId": "9EF3DD36-2776-4CD2-A3F1-88872024D223" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.2.0:beta6:*:*:beta:*:*:*", + "matchCriteriaId": "D91D71ED-F08F-4DB5-B7DD-062E7C11435F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.2.0:beta7:*:*:beta:*:*:*", + "matchCriteriaId": "62B5812A-FB52-4F4B-9A15-3AA5CD6562E3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.2.0:beta8:*:*:beta:*:*:*", + "matchCriteriaId": "83231EC0-E3F7-4E35-B165-487C2725B4F1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.2.0:beta9:*:*:beta:*:*:*", + "matchCriteriaId": "A53AFFA6-7B98-47F2-9BD7-71C83A69CE26" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.3.0:beta1:*:*:beta:*:*:*", + "matchCriteriaId": "A42D3FB9-9197-4101-A729-876C490BD572" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.3.0:beta10:*:*:beta:*:*:*", + "matchCriteriaId": "A5DE0C47-0C66-4EFE-AF82-1B22F4F54A44" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.3.0:beta11:*:*:beta:*:*:*", + "matchCriteriaId": "E587D10F-BEF8-4923-AF76-6DC3172880EE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.3.0:beta2:*:*:beta:*:*:*", + "matchCriteriaId": "155568EF-6A7E-423A-B5EA-D20E407B271B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.3.0:beta3:*:*:beta:*:*:*", + "matchCriteriaId": "7E94B119-8C75-43DF-A2DF-A5B3E04F0778" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.3.0:beta4:*:*:beta:*:*:*", + "matchCriteriaId": "5348F94F-F6AE-4400-8AC7-036111EF43D9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.3.0:beta5:*:*:beta:*:*:*", + "matchCriteriaId": "57948A73-C9C5-4C24-947D-0A4659C7002E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.3.0:beta6:*:*:beta:*:*:*", + "matchCriteriaId": "3532EE37-2D0F-496C-B5A8-F9315FFB4552" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.3.0:beta7:*:*:beta:*:*:*", + "matchCriteriaId": "2CAE7CC9-B91D-494C-B91A-497D6FE6B14B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.3.0:beta8:*:*:beta:*:*:*", + "matchCriteriaId": "623BBBF8-4121-466A-82C8-D179B02B3E34" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.3.0:beta9:*:*:beta:*:*:*", + "matchCriteriaId": "648D010A-8B8D-42AA-8888-09E4E0FAA954" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.4.0:beta1:*:*:beta:*:*:*", + "matchCriteriaId": "8ADC7613-25E3-4CB8-A962-2775C20E4D4F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.4.0:beta10:*:*:beta:*:*:*", + "matchCriteriaId": "1B0099F0-A275-4C65-9B79-041374F183DF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.4.0:beta11:*:*:beta:*:*:*", + "matchCriteriaId": "FE69800E-5CB5-4916-879C-51DE5E94489F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.4.0:beta2:*:*:beta:*:*:*", + "matchCriteriaId": "8C64EAFE-2B60-4D95-869F-4A2FC98B99C8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.4.0:beta3:*:*:beta:*:*:*", + "matchCriteriaId": "AB2045F1-AC39-4738-B3F0-33F00D23C921" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.4.0:beta4:*:*:beta:*:*:*", + "matchCriteriaId": "E32589F8-2E87-40D2-BAD3-E6C1C088CA60" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.4.0:beta5:*:*:beta:*:*:*", + "matchCriteriaId": "4868BAFD-BFE5-4361-855A-644B040E7233" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.4.0:beta6:*:*:beta:*:*:*", + "matchCriteriaId": "4B6C25BF-5B2A-43C4-8918-E32BA9DD8A22" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.4.0:beta7:*:*:beta:*:*:*", + "matchCriteriaId": "EB9917D3-D848-4D2B-8A44-B3723BA377DA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.4.0:beta8:*:*:beta:*:*:*", + "matchCriteriaId": "7046D95B-73CE-406B-ACC3-FD71F7DEC7CE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.4.0:beta9:*:*:beta:*:*:*", + "matchCriteriaId": "D3BA5033-2C06-42FF-962E-48EBA2EBB469" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.5.0:beta1:*:*:beta:*:*:*", + "matchCriteriaId": "630D29DE-0FD7-4306-BA80-20D0791D334B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.5.0:beta2:*:*:beta:*:*:*", + "matchCriteriaId": "08F94E42-07A1-480D-B6DD-D96AE38F1EBA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.5.0:beta3:*:*:beta:*:*:*", + "matchCriteriaId": "FA4B3DE5-21DA-4185-AF74-AAA6DD89FB3D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.5.0:beta4:*:*:beta:*:*:*", + "matchCriteriaId": "E602BEF9-E89D-40F7-BC6F-5C6F9F25BA97" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.5.0:beta5:*:*:beta:*:*:*", + "matchCriteriaId": "C06A8627-683D-4328-BE7A-4A33A4B736F2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.5.0:beta6:*:*:beta:*:*:*", + "matchCriteriaId": "E3EF8240-D3F5-422C-B70A-90C6CBA4E622" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.5.0:beta7:*:*:beta:*:*:*", + "matchCriteriaId": "93CC792D-AE0B-498E-8374-5D09EF4E28FF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.6.0:beta1:*:*:beta:*:*:*", + "matchCriteriaId": "093D4EA8-B002-4AB4-97C9-CEE4D70BF3C8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.6.0:beta2:*:*:beta:*:*:*", + "matchCriteriaId": "4C778180-E7BF-4EF2-8B19-0388E23E1424" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.6.0:beta3:*:*:beta:*:*:*", + "matchCriteriaId": "0C0B2BC1-35F1-4A1D-B9B2-54426B4ADF34" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.6.0:beta4:*:*:beta:*:*:*", + "matchCriteriaId": "6BCAB620-465A-41FF-A064-FB638DD3A557" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.6.0:beta5:*:*:beta:*:*:*", + "matchCriteriaId": "6AFCB802-A275-444C-8245-D0397322125F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.6.0:beta6:*:*:beta:*:*:*", + "matchCriteriaId": "9F9B70E2-AAAD-4E61-AEB2-E5F635F6AAD5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.7.0:beta1:*:*:beta:*:*:*", + "matchCriteriaId": "6182074E-C467-448C-9299-B92CFE4EEBE0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.7.0:beta2:*:*:beta:*:*:*", + "matchCriteriaId": "09EA8F36-7647-42D0-8675-34C002E0754D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.7.0:beta3:*:*:beta:*:*:*", + "matchCriteriaId": "9CE2276A-9680-4B14-9636-806F7E4C1669" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.7.0:beta4:*:*:beta:*:*:*", + "matchCriteriaId": "AD150166-4C8D-47E3-989A-1A71A46C36A1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.7.0:beta5:*:*:beta:*:*:*", + "matchCriteriaId": "CF5CA6AD-FA4D-47DF-A684-5DAD7662EA13" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.7.0:beta6:*:*:beta:*:*:*", + "matchCriteriaId": "B94F75B8-7C84-4727-9D18-114A815E1906" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.7.0:beta7:*:*:beta:*:*:*", + "matchCriteriaId": "4D94E03A-32EE-408F-81FA-4B9C25AA7DDF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.7.0:beta8:*:*:beta:*:*:*", + "matchCriteriaId": "AD495875-007C-4A90-B940-B62E6FA492CC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.7.0:beta9:*:*:beta:*:*:*", + "matchCriteriaId": "05F1B84E-8AF8-46E8-9DE9-00D1DE348C2C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.8.0:beta1:*:*:beta:*:*:*", + "matchCriteriaId": "BCCEFDFB-61E6-4846-8093-B5CEB0D8450C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.8.0:beta10:*:*:beta:*:*:*", + "matchCriteriaId": "0BC63647-B692-4BB9-9A3D-6F8DF19C3494" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.8.0:beta11:*:*:beta:*:*:*", + "matchCriteriaId": "05F0ED55-C8C6-47C1-859A-60046838B6F7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.8.0:beta2:*:*:beta:*:*:*", + "matchCriteriaId": "6A2D59BC-2EE8-4F9C-AB5B-B9D01B44F7CD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.8.0:beta3:*:*:beta:*:*:*", + "matchCriteriaId": "933DFEBC-5568-431B-809D-AFAEFD08E985" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.8.0:beta4:*:*:beta:*:*:*", + "matchCriteriaId": "BE920E80-C02B-4EC8-982F-ADE89C936684" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.8.0:beta5:*:*:beta:*:*:*", + "matchCriteriaId": "CDAE3441-12BA-41F4-8A5A-B2EE844C86BF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.8.0:beta6:*:*:beta:*:*:*", + "matchCriteriaId": "1443EA1B-D210-4219-8452-CBFD5FACBC77" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.8.0:beta7:*:*:beta:*:*:*", + "matchCriteriaId": "948A4B4A-A11F-477E-BEC5-0D60C7E3570C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.8.0:beta8:*:*:beta:*:*:*", + "matchCriteriaId": "98B2A052-5427-4B72-9F59-82F430836CB4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.8.0:beta9:*:*:beta:*:*:*", + "matchCriteriaId": "CB6D636E-B51F-4648-A637-62B2603BA18F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.9.0:beta1:*:*:beta:*:*:*", + "matchCriteriaId": "3DA17871-7ED7-4D68-A46D-D15DC5B3235F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.9.0:beta10:*:*:beta:*:*:*", + "matchCriteriaId": "705FE965-0415-4382-8CA1-A19DF3B5EF35" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.9.0:beta11:*:*:beta:*:*:*", + "matchCriteriaId": "BC6EDCE3-D564-434F-9A7F-D4A6D579F8F7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.9.0:beta12:*:*:beta:*:*:*", + "matchCriteriaId": "FB05E54B-9CF6-45A7-8D47-C98DB6D19E7E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.9.0:beta13:*:*:beta:*:*:*", + "matchCriteriaId": "03CD1C5E-18F5-4C6D-B92C-C511C8C12D0B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.9.0:beta14:*:*:beta:*:*:*", + "matchCriteriaId": "FF4ABB9D-69DF-42D5-AD60-F9CEEC1B6730" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.9.0:beta2:*:*:beta:*:*:*", + "matchCriteriaId": "7B4DCCF5-E290-4BDA-AAB9-DF362A2EB7B3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.9.0:beta3:*:*:beta:*:*:*", + "matchCriteriaId": "3AE1F3A2-8340-4ED7-B943-ACDA9617DF64" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.9.0:beta4:*:*:beta:*:*:*", + "matchCriteriaId": "5E033AB7-9987-4C30-849F-2495376CA4F2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.9.0:beta5:*:*:beta:*:*:*", + "matchCriteriaId": "D87E9338-C7F6-43BA-886F-C30987ADBA1D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.9.0:beta6:*:*:beta:*:*:*", + "matchCriteriaId": "E24EB90F-FE81-4746-8741-8DC9346F79C1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.9.0:beta7:*:*:beta:*:*:*", + "matchCriteriaId": "D237956F-FC90-467E-A493-24EFDA1A9F2D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.9.0:beta8:*:*:beta:*:*:*", + "matchCriteriaId": "F7AA9AB8-AB6F-43E2-B3E5-685EE9BFE7D4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:2.9.0:beta9:*:*:beta:*:*:*", + "matchCriteriaId": "5BC240A1-431E-4A50-88DC-7AC9BC674254" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:3.0.0:beta15:*:*:beta:*:*:*", + "matchCriteriaId": "3F85AFD4-D397-4FDB-B762-521BD5FF14C1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:3.0.0:beta16:*:*:beta:*:*:*", + "matchCriteriaId": "D40CDCE1-3462-4D6C-A3C7-487F175264CA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:3.1.0:beta1:*:*:beta:*:*:*", + "matchCriteriaId": "B9BBED17-A6BA-4F17-8814-8D8521F28375" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:3.1.0:beta2:*:*:beta:*:*:*", + "matchCriteriaId": "888B8ECF-EBE0-4821-82F6-B0026E95E407" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:3.1.0:beta3:*:*:beta:*:*:*", + "matchCriteriaId": "FD0302B1-C0BA-49EE-8E1B-E8A43879BFC2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:3.1.0:beta5:*:*:beta:*:*:*", + "matchCriteriaId": "9FE11D4E-32EE-48F4-8082-B37D2F804450" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:discourse:discourse:3.1.0:beta6:*:*:beta:*:*:*", + "matchCriteriaId": "9D797DA5-1AE5-4D49-B133-AF45D7FB0A4A" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/discourse/discourse/commit/0976c8fad6970b6182e7837bf87de07709407f25", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/discourse/discourse/security/advisories/GHSA-gr5h-hm62-jr3j", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-377xx/CVE-2023-37754.json b/CVE-2023/CVE-2023-377xx/CVE-2023-37754.json index 910dba08098..d17b4cd0794 100644 --- a/CVE-2023/CVE-2023-377xx/CVE-2023-37754.json +++ b/CVE-2023/CVE-2023-377xx/CVE-2023-37754.json @@ -2,27 +2,89 @@ "id": "CVE-2023-37754", "sourceIdentifier": "cve@mitre.org", "published": "2023-07-28T15:15:11.717", - "lastModified": "2023-07-28T16:41:43.963", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-03T18:11:04.527", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "PowerJob v4.3.3 was discovered to contain a remote command execution (RCE) vulnerability via the instanceId parameter at /instance/detail." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:powerjob:powerjob:4.3.3:*:*:*:*:*:*:*", + "matchCriteriaId": "27A728AA-E26E-4C96-8450-407C1D678C82" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/PowerJob/PowerJob/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Product" + ] }, { "url": "https://github.com/PowerJob/PowerJob/issues/675", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking" + ] }, { "url": "https://novysodope.github.io/2023/07/02/100/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-37xx/CVE-2023-3773.json b/CVE-2023/CVE-2023-37xx/CVE-2023-3773.json index 7836839be7d..39428f29f60 100644 --- a/CVE-2023/CVE-2023-37xx/CVE-2023-3773.json +++ b/CVE-2023/CVE-2023-37xx/CVE-2023-3773.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3773", "sourceIdentifier": "secalert@redhat.com", "published": "2023-07-25T16:15:11.733", - "lastModified": "2023-07-25T17:22:14.780", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-03T18:51:44.460", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 4.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.8, + "impactScore": 3.6 + }, { "source": "secalert@redhat.com", "type": "Secondary", @@ -34,14 +54,85 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", + "matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*", + "matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:fedoraproject:fedora:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D3FEADDA-2AEE-4F65-9401-971B585664A8" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", + "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1" + } + ] + } + ] + } + ], "references": [ { "url": "https://access.redhat.com/security/cve/CVE-2023-3773", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2218944", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Issue Tracking", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-385xx/CVE-2023-38572.json b/CVE-2023/CVE-2023-385xx/CVE-2023-38572.json index dae5c7b2838..0e260f65774 100644 --- a/CVE-2023/CVE-2023-385xx/CVE-2023-38572.json +++ b/CVE-2023/CVE-2023-385xx/CVE-2023-38572.json @@ -2,43 +2,162 @@ "id": "CVE-2023-38572", "sourceIdentifier": "product-security@apple.com", "published": "2023-07-27T01:15:36.913", - "lastModified": "2023-08-02T12:15:10.443", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2023-08-03T19:57:55.053", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "The issue was addressed with improved checks. This issue is fixed in iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Ventura 13.5, Safari 16.6, watchOS 9.6. A website may be able to bypass Same Origin Policy." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*", + "versionEndExcluding": "16.6", + "matchCriteriaId": "DB91291B-DB98-4E2A-BDA6-F9B5C48CDC6F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*", + "versionEndExcluding": "15.7.8", + "matchCriteriaId": "5E276423-4032-4E12-AB11-88F7047E35EA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*", + "versionStartIncluding": "16.0", + "versionEndExcluding": "16.6", + "matchCriteriaId": "33013784-1828-4402-81CF-2794D94A7C48" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", + "versionEndExcluding": "15.7.8", + "matchCriteriaId": "8635FA0F-1876-4E3A-B02D-31AEA459C38E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", + "versionStartIncluding": "16.0", + "versionEndExcluding": "16.6", + "matchCriteriaId": "4C67BFEB-764A-4C07-A02A-117C6AFAAC6A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", + "versionStartIncluding": "13.0", + "versionEndExcluding": "13.5", + "matchCriteriaId": "3D701507-146E-4E5B-8C32-60E797E46627" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*", + "versionEndExcluding": "16.6", + "matchCriteriaId": "339039D5-7AAC-4252-B4F6-BFCEBB48D92A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*", + "versionEndExcluding": "9.6", + "matchCriteriaId": "90DFD981-D950-40B0-A699-4878B653A20D" + } + ] + } + ] + } + ], "references": [ { "url": "http://www.openwall.com/lists/oss-security/2023/08/02/1", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://support.apple.com/en-us/HT213841", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://support.apple.com/en-us/HT213842", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://support.apple.com/en-us/HT213843", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://support.apple.com/en-us/HT213846", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://support.apple.com/en-us/HT213847", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://support.apple.com/en-us/HT213848", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-386xx/CVE-2023-38609.json b/CVE-2023/CVE-2023-386xx/CVE-2023-38609.json index e8c33be1a76..2bbe39fd572 100644 --- a/CVE-2023/CVE-2023-386xx/CVE-2023-38609.json +++ b/CVE-2023/CVE-2023-386xx/CVE-2023-38609.json @@ -2,23 +2,83 @@ "id": "CVE-2023-38609", "sourceIdentifier": "product-security@apple.com", "published": "2023-07-28T05:15:11.150", - "lastModified": "2023-07-28T21:15:14.157", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-03T18:09:27.580", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An injection issue was addressed with improved input validation. This issue is fixed in macOS Ventura 13.5. An app may be able to bypass certain Privacy preferences." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-74" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", + "versionStartIncluding": "13.0", + "versionEndExcluding": "13.5", + "matchCriteriaId": "3D701507-146E-4E5B-8C32-60E797E46627" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.apple.com/en-us/HT213843", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://support.apple.com/kb/HT213843", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-389xx/CVE-2023-38942.json b/CVE-2023/CVE-2023-389xx/CVE-2023-38942.json new file mode 100644 index 00000000000..bbcbad7f27f --- /dev/null +++ b/CVE-2023/CVE-2023-389xx/CVE-2023-38942.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-38942", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-03T19:15:10.600", + "lastModified": "2023-08-03T19:15:10.600", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Dango-Translator v4.5.5 was discovered to contain a remote command execution (RCE) vulnerability via the component app/config/cloud_config.json." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/PantsuDango/Dango-Translator", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/PantsuDango/Dango-Translator/issues/127", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-389xx/CVE-2023-38988.json b/CVE-2023/CVE-2023-389xx/CVE-2023-38988.json index 85f18265be9..b784853945d 100644 --- a/CVE-2023/CVE-2023-389xx/CVE-2023-38988.json +++ b/CVE-2023/CVE-2023-389xx/CVE-2023-38988.json @@ -2,19 +2,75 @@ "id": "CVE-2023-38988", "sourceIdentifier": "cve@mitre.org", "published": "2023-07-28T21:15:14.213", - "lastModified": "2023-07-31T12:55:03.903", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-03T18:54:14.513", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An issue in the delete function in the OaNotifyController class of jeesite v1.2.6 allows authenticated attackers to arbitrarily delete notifications created by Administrators." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:jeesite:jeesite:1.2.6:*:*:*:*:*:*:*", + "matchCriteriaId": "C6C335A4-A2F6-43E7-A432-2568E1D3460B" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/thinkgem/jeesite/issues/517", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-389xx/CVE-2023-38992.json b/CVE-2023/CVE-2023-389xx/CVE-2023-38992.json index 4b46eadd25d..57533821d7a 100644 --- a/CVE-2023/CVE-2023-389xx/CVE-2023-38992.json +++ b/CVE-2023/CVE-2023-389xx/CVE-2023-38992.json @@ -2,19 +2,76 @@ "id": "CVE-2023-38992", "sourceIdentifier": "cve@mitre.org", "published": "2023-07-28T15:15:12.030", - "lastModified": "2023-07-28T16:41:43.963", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-03T18:10:52.757", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "jeecg-boot v3.5.1 was discovered to contain a SQL injection vulnerability via the title parameter at /sys/dict/loadTreeData." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:jeecg:jeecg_boot:3.5.1:*:*:*:*:*:*:*", + "matchCriteriaId": "52891D2B-E0C4-4263-9804-45F1551B5142" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/jeecgboot/jeecg-boot/issues/5173", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking", + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-390xx/CVE-2023-39010.json b/CVE-2023/CVE-2023-390xx/CVE-2023-39010.json index dfd67970ca3..c6519b25372 100644 --- a/CVE-2023/CVE-2023-390xx/CVE-2023-39010.json +++ b/CVE-2023/CVE-2023-390xx/CVE-2023-39010.json @@ -2,19 +2,79 @@ "id": "CVE-2023-39010", "sourceIdentifier": "cve@mitre.org", "published": "2023-07-28T15:15:12.313", - "lastModified": "2023-07-28T16:41:43.963", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-03T18:10:42.550", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "BoofCV 0.42 was discovered to contain a code injection vulnerability via the component boofcv.io.calibration.CalibrationIO.load. This vulnerability is exploited by loading a crafted camera calibration file." + }, + { + "lang": "es", + "value": "Se ha descubierto que BoofCV v0.42 contiene una vulnerabilidad de inyecci\u00f3n de c\u00f3digo a trav\u00e9s del componente \"boofcv.io.calibration.CalibrationIO.load\". Esta vulnerabilidad se aprovecha cargando un archivo manipulado de calibraci\u00f3n de c\u00e1mara. " + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-94" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:lessthanoptimal:boofcv:0.42:*:*:*:*:*:*:*", + "matchCriteriaId": "0F941A07-B1CB-40E7-99C7-0185ED55369B" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://github.com/lessthanoptimal/BoofCV/issues/406", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-390xx/CVE-2023-39013.json b/CVE-2023/CVE-2023-390xx/CVE-2023-39013.json index 03d93609458..8ae7e5299be 100644 --- a/CVE-2023/CVE-2023-390xx/CVE-2023-39013.json +++ b/CVE-2023/CVE-2023-390xx/CVE-2023-39013.json @@ -2,19 +2,80 @@ "id": "CVE-2023-39013", "sourceIdentifier": "cve@mitre.org", "published": "2023-07-28T15:15:12.670", - "lastModified": "2023-07-28T16:41:43.963", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-03T18:10:07.200", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Duke v1.2 and below was discovered to contain a code injection vulnerability via the component no.priv.garshol.duke.server.CommonJTimer.init." + }, + { + "lang": "es", + "value": "Se ha descubierto que Duke v1.2 e inferiores contienen una vulnerabilidad de inyecci\u00f3n de c\u00f3digo a trav\u00e9s del componente \"no.priv.garshol.duke.server.CommonJTimer.init\". " + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-94" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:larsga:duke:*:*:*:*:*:*:*:*", + "versionEndIncluding": "1.2", + "matchCriteriaId": "30BF5241-CC66-4E24-BE31-38027C149B9A" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://github.com/larsga/Duke/issues/273", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-390xx/CVE-2023-39015.json b/CVE-2023/CVE-2023-390xx/CVE-2023-39015.json index a1e87478281..8aad897d483 100644 --- a/CVE-2023/CVE-2023-390xx/CVE-2023-39015.json +++ b/CVE-2023/CVE-2023-390xx/CVE-2023-39015.json @@ -2,19 +2,76 @@ "id": "CVE-2023-39015", "sourceIdentifier": "cve@mitre.org", "published": "2023-07-28T15:15:12.947", - "lastModified": "2023-07-28T16:41:43.963", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-03T18:09:48.280", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "webmagic-extension v0.9.0 and below was discovered to contain a code injection vulnerability via the component us.codecraft.webmagic.downloader.PhantomJSDownloader." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-94" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:code4craft:webmagic:*:*:*:*:*:*:*:*", + "versionEndIncluding": "0.9.0", + "matchCriteriaId": "6D0E750B-89B8-4B32-8DA1-5D4F607A051F" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/code4craft/webmagic/issues/1122", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-390xx/CVE-2023-39016.json b/CVE-2023/CVE-2023-390xx/CVE-2023-39016.json index 64d9619e8dd..185a412279d 100644 --- a/CVE-2023/CVE-2023-390xx/CVE-2023-39016.json +++ b/CVE-2023/CVE-2023-390xx/CVE-2023-39016.json @@ -2,19 +2,77 @@ "id": "CVE-2023-39016", "sourceIdentifier": "cve@mitre.org", "published": "2023-07-28T15:15:13.043", - "lastModified": "2023-07-28T16:41:43.963", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-03T18:07:14.903", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "bboss-persistent v6.0.9 and below was discovered to contain a code injection vulnerability in the component com.frameworkset.common.poolman.util.SQLManager.createPool. This vulnerability is exploited via passing an unchecked argument." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-94" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:bbossgroups:bboss-persistent:*:*:*:*:*:*:*:*", + "versionEndIncluding": "6.0.9", + "matchCriteriaId": "F1A9F3EE-A668-42E8-A3B7-80FEE54E485A" + } + ] + } + ] + } + ], "references": [ { "url": "https://gitee.com/bboss/bboss/issues/I7MH08", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-390xx/CVE-2023-39017.json b/CVE-2023/CVE-2023-390xx/CVE-2023-39017.json index bb9ecd9ecba..bc76278be77 100644 --- a/CVE-2023/CVE-2023-390xx/CVE-2023-39017.json +++ b/CVE-2023/CVE-2023-390xx/CVE-2023-39017.json @@ -2,19 +2,80 @@ "id": "CVE-2023-39017", "sourceIdentifier": "cve@mitre.org", "published": "2023-07-28T15:15:13.160", - "lastModified": "2023-07-28T16:41:43.963", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-03T18:05:20.460", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "quartz-jobs 2.3.2 and below was discovered to contain a code injection vulnerability in the component org.quartz.jobs.ee.jms.SendQueueMessageJob.execute. This vulnerability is exploited via passing an unchecked argument." + }, + { + "lang": "es", + "value": "Se ha descubierto que Quartz-jobs v2.3.2 e inferiores contienen una vulnerabilidad de inyecci\u00f3n de c\u00f3digo en el componente \"org.quartz.jobs.ee.jms.SendQueueMessageJob.execute\". Esta vulnerabilidad se aprovecha pasando un argumento no comprobado. " + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-94" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:softwareag:quartz:*:*:*:*:*:*:*:*", + "versionEndIncluding": "2.3.2", + "matchCriteriaId": "E0DFE306-E60E-422A-8019-275E2D8C4509" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://github.com/quartz-scheduler/quartz/issues/943", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-390xx/CVE-2023-39018.json b/CVE-2023/CVE-2023-390xx/CVE-2023-39018.json index 0bea3e6f826..1b5a6cd47a3 100644 --- a/CVE-2023/CVE-2023-390xx/CVE-2023-39018.json +++ b/CVE-2023/CVE-2023-390xx/CVE-2023-39018.json @@ -2,19 +2,81 @@ "id": "CVE-2023-39018", "sourceIdentifier": "cve@mitre.org", "published": "2023-07-28T15:15:13.227", - "lastModified": "2023-07-28T16:41:43.963", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-03T18:04:07.150", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "FFmpeg 0.7.0 and below was discovered to contain a code injection vulnerability in the component net.bramp.ffmpeg.FFmpeg.. This vulnerability is exploited via passing an unchecked argument." + }, + { + "lang": "es", + "value": "Se ha descubierto que FFmpeg v0.7.0 e inferiores contienen una vulnerabilidad de inyecci\u00f3n de c\u00f3digo en el componente \"net.bramp.ffmpeg.FFmpeg..\". Esta vulnerabilidad se aprovecha pasando un argumento no comprobado. " + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-94" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:*", + "versionEndIncluding": "0.7", + "matchCriteriaId": "56D511F7-AA2C-42F4-A322-BAAC7A62F78D" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://github.com/bramp/ffmpeg-cli-wrapper/issues/291", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking", + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-390xx/CVE-2023-39020.json b/CVE-2023/CVE-2023-390xx/CVE-2023-39020.json index aa9bc7a77cf..6b2ffa799f9 100644 --- a/CVE-2023/CVE-2023-390xx/CVE-2023-39020.json +++ b/CVE-2023/CVE-2023-390xx/CVE-2023-39020.json @@ -2,19 +2,79 @@ "id": "CVE-2023-39020", "sourceIdentifier": "cve@mitre.org", "published": "2023-07-28T15:15:13.287", - "lastModified": "2023-07-28T16:41:43.963", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-03T18:01:31.200", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "stanford-parser v3.9.2 and below was discovered to contain a code injection vulnerability in the component edu.stanford.nlp.io.getBZip2PipedInputStream. This vulnerability is exploited via passing an unchecked argument." + }, + { + "lang": "es", + "value": "Se ha descubierto que standford-parser v3.9.2 y versiones inferiores contienen una vulnerabilidad de inyecci\u00f3n de c\u00f3digo en el componente \"edu.stanford.nlp.io.getBZip2PipedInputStream\". Esta vulnerabilidad se aprovecha pasando un argumento no comprobado. " + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-94" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:stanford:stanford_parser:*:*:*:*:*:*:*:*", + "versionEndIncluding": "3.9.2", + "matchCriteriaId": "942594D2-81EF-4D2D-A6AF-3373350B59D9" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://github.com/LetianYuan/My-CVE-Public-References/tree/main/edu_stanford_nlp_stanford-parser", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-390xx/CVE-2023-39075.json b/CVE-2023/CVE-2023-390xx/CVE-2023-39075.json new file mode 100644 index 00000000000..81ae23b7840 --- /dev/null +++ b/CVE-2023/CVE-2023-390xx/CVE-2023-39075.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-39075", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-03T18:15:11.477", + "lastModified": "2023-08-03T18:15:11.477", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Renault Zoe EV 2021 automotive infotainment system versions 283C35202R to 283C35519R (builds 11.10.2021 to 16.01.2023) allows attackers to crash the infotainment system by sending arbitrary USB data via a USB device." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://blog.jhyeon.dev/posts/vuln/202307/renault-zoe/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-391xx/CVE-2023-39122.json b/CVE-2023/CVE-2023-391xx/CVE-2023-39122.json index fbd3b8a2ffb..35d311aa92e 100644 --- a/CVE-2023/CVE-2023-391xx/CVE-2023-39122.json +++ b/CVE-2023/CVE-2023-391xx/CVE-2023-39122.json @@ -2,12 +2,12 @@ "id": "CVE-2023-39122", "sourceIdentifier": "cve@mitre.org", "published": "2023-07-31T23:15:10.297", - "lastModified": "2023-08-01T12:55:38.437", + "lastModified": "2023-08-03T18:15:11.547", "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", - "value": "BMC Control-M Software v9.0.20.200 was discovered to contain a SQL injection vulnerability via the report-id parameter at /report/deleteReport." + "value": "BMC Control-M through 9.0.20.200 allows SQL injection via the /RF-Server/report/deleteReport report-id parameter. This is fixed in 9.0.21 (and is also fixed by a patch for 9.0.20.200)." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-39xx/CVE-2023-3977.json b/CVE-2023/CVE-2023-39xx/CVE-2023-3977.json index adff6be518b..4c05c425f97 100644 --- a/CVE-2023/CVE-2023-39xx/CVE-2023-3977.json +++ b/CVE-2023/CVE-2023-39xx/CVE-2023-3977.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3977", "sourceIdentifier": "security@wordfence.com", "published": "2023-07-28T05:15:11.200", - "lastModified": "2023-07-28T13:44:31.450", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-03T18:29:30.730", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -13,7 +13,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "security@wordfence.com", + "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "3.1", @@ -31,6 +31,26 @@ }, "exploitabilityScore": 2.8, "impactScore": 1.4 + }, + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 } ] }, @@ -46,98 +66,239 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:backupbliss:backup_migration:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "1.2.8", + "matchCriteriaId": "36C708AE-2CF9-44A1-9C86-29AE363FF1BA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:backupbliss:clone:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "2.3.8", + "matchCriteriaId": "B538A93E-38F6-478D-A09A-96E644A61115" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:copy-delete-posts:duplicate_post:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "1.4.0", + "matchCriteriaId": "770C6157-3ED4-4D47-8180-F4B1C743AE93" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:inisev:redirection:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "1.1.4", + "matchCriteriaId": "27D46495-F393-42C8-BBD7-3BF4760CEA94" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:inisev:rss_redirect_\\&_feedburner_alternative:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "3.8", + "matchCriteriaId": "D8AB2D37-FBB8-4031-BABF-729446E832CD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:inisev:ssl_mixed_content_fix:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "3.2.4", + "matchCriteriaId": "9A2623B9-EE90-41CA-9D77-41F6A69E3131" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mypopups:pop-up:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "1.2.0", + "matchCriteriaId": "424C4B95-E7D2-47DD-B151-C7A3B9E8C443" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:themecheck:enhanced_text_widget:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "1.5.8", + "matchCriteriaId": "D254C14C-C0A6-45DD-8A5F-041D0F6C0B71" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:themecheck:ultimate_posts_widget:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "2.2.5", + "matchCriteriaId": "30DAA0C1-7E10-412A-A5BE-7145274933CA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ultimatelysocial:social_media_share_buttons_\\&_social_sharing_icons:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "3.5.8", + "matchCriteriaId": "9936B5DE-C987-48A5-8A70-E298BF8A9A99" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/browser/backup-backup/tags/1.2.7/includes/banner/misc.php#L427", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Exploit" + ] }, { "url": "https://plugins.trac.wordpress.org/browser/backup-backup/tags/1.2.8/includes/banner/misc.php#L434", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Exploit" + ] }, { "url": "https://plugins.trac.wordpress.org/browser/copy-delete-posts/tags/1.3.8/banner/misc.php#L426", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Exploit" + ] }, { "url": "https://plugins.trac.wordpress.org/browser/copy-delete-posts/tags/1.4.0/banner/misc.php#L434", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Exploit" + ] }, { "url": "https://plugins.trac.wordpress.org/browser/enhanced-text-widget/tags/1.5.6/banner/misc.php#L339", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Exploit" + ] }, { "url": "https://plugins.trac.wordpress.org/browser/enhanced-text-widget/tags/1.5.7/banner/misc.php#L351", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Exploit" + ] }, { "url": "https://plugins.trac.wordpress.org/browser/feedburner-alternative-and-rss-redirect/tags/3.7/modules/banner/misc.php#L427", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Exploit" + ] }, { "url": "https://plugins.trac.wordpress.org/browser/http-https-remover/tags/3.2.3/banner/misc.php#L427", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Exploit" + ] }, { "url": "https://plugins.trac.wordpress.org/browser/pop-up-pop-up/tags/1.1.9/modules/banner/misc.php#L427", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Exploit" + ] }, { "url": "https://plugins.trac.wordpress.org/browser/pop-up-pop-up/tags/1.2.0/modules/banner/misc.php#L432", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Exploit" + ] }, { "url": "https://plugins.trac.wordpress.org/browser/redirect-redirection/tags/1.1.3/includes/banner/misc.php#L427", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Exploit" + ] }, { "url": "https://plugins.trac.wordpress.org/browser/ultimate-posts-widget/tags/2.2.4/banner/misc.php#L343", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Exploit" + ] }, { "url": "https://plugins.trac.wordpress.org/browser/ultimate-posts-widget/tags/2.2.5/banner/misc.php#L351", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Exploit" + ] }, { "url": "https://plugins.trac.wordpress.org/browser/ultimate-social-media-icons/tags/2.8.0/banner/misc.php#L424", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Exploit" + ] }, { "url": "https://plugins.trac.wordpress.org/browser/ultimate-social-media-icons/tags/2.8.2/banner/misc.php#L434", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Exploit" + ] }, { "url": "https://plugins.trac.wordpress.org/browser/ultimate-social-media-plus/tags/3.5.7/banner/misc.php#L424", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Exploit" + ] }, { "url": "https://plugins.trac.wordpress.org/browser/wp-clone-by-wp-academy/tags/2.3.7/modules/banner/misc.php#L438", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Exploit" + ] }, { "url": "https://plugins.trac.wordpress.org/browser/wp-clone-by-wp-academy/tags/2.3.8/modules/banner/misc.php#L432", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Exploit" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset/2944041/ultimate-social-media-plus/tags/3.5.8/banner/misc.php?old=2823720&old_path=ultimate-social-media-plus%2Ftags%2F3.5.7%2Fbanner%2Fmisc.php", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset?old_path=%2Fcopy-delete-posts%2Ftags%2F1.3.8&old=2923021&new_path=%2Fcopy-delete-posts%2Ftags%2F1.3.9&new=2923021&sfp_email=&sfph_mail=", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2823769%40http-https-remover%2Ftags%2F3.2.3&new=2944114%40http-https-remover%2Ftags%2F3.2.4", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2823770%40feedburner-alternative-and-rss-redirect%2Ftags%2F3.7&new=2944116%40feedburner-alternative-and-rss-redirect%2Ftags%2F3.8#file115", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ab7c8926-c762-49b1-bc97-4b7a2f4f97fc?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-40xx/CVE-2023-4007.json b/CVE-2023/CVE-2023-40xx/CVE-2023-4007.json index 79f52b527a9..bfe4127a059 100644 --- a/CVE-2023/CVE-2023-40xx/CVE-2023-4007.json +++ b/CVE-2023/CVE-2023-40xx/CVE-2023-4007.json @@ -2,8 +2,8 @@ "id": "CVE-2023-4007", "sourceIdentifier": "security@huntr.dev", "published": "2023-07-31T01:15:10.017", - "lastModified": "2023-07-31T12:54:46.757", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-03T19:16:00.417", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ], "cvssMetricV30": [ { "source": "security@huntr.dev", @@ -46,14 +68,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:phpmyfaq:phpmyfaq:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.1.16", + "matchCriteriaId": "EF9F1132-3D27-4D51-AF94-75A8C3DDE21F" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/thorsten/phpmyfaq/commit/40eb9685198128908e83c2bef4c228751fd43a0e", - "source": "security@huntr.dev" + "source": "security@huntr.dev", + "tags": [ + "Patch" + ] }, { "url": "https://huntr.dev/bounties/e891dcbc-2092-49d3-9518-23e37187a5ea", - "source": "security@huntr.dev" + "source": "security@huntr.dev", + "tags": [ + "Permissions Required" + ] } ] } \ No newline at end of file diff --git a/README.md b/README.md index 11bdd5ae112..603b67d3c02 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-08-03T18:00:40.989581+00:00 +2023-08-03T20:00:27.907454+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-08-03T17:59:21.500000+00:00 +2023-08-03T19:57:55.053000+00:00 ``` ### Last Data Feed Release @@ -29,69 +29,51 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -221590 +221597 ``` ### CVEs added in the last Commit -Recently added CVEs: `26` +Recently added CVEs: `7` -* [CVE-2023-38812](CVE-2023/CVE-2023-388xx/CVE-2023-38812.json) (`2023-08-03T15:15:28.903`) -* [CVE-2023-22277](CVE-2023/CVE-2023-222xx/CVE-2023-22277.json) (`2023-08-03T15:15:17.393`) -* [CVE-2023-25600](CVE-2023/CVE-2023-256xx/CVE-2023-25600.json) (`2023-08-03T15:15:19.340`) -* [CVE-2023-28468](CVE-2023/CVE-2023-284xx/CVE-2023-28468.json) (`2023-08-03T15:15:20.167`) -* [CVE-2023-2754](CVE-2023/CVE-2023-27xx/CVE-2023-2754.json) (`2023-08-03T15:15:23.347`) -* [CVE-2023-36298](CVE-2023/CVE-2023-362xx/CVE-2023-36298.json) (`2023-08-03T15:15:28.510`) -* [CVE-2023-36299](CVE-2023/CVE-2023-362xx/CVE-2023-36299.json) (`2023-08-03T15:15:28.620`) -* [CVE-2023-39096](CVE-2023/CVE-2023-390xx/CVE-2023-39096.json) (`2023-08-03T15:15:29.060`) -* [CVE-2023-39097](CVE-2023/CVE-2023-390xx/CVE-2023-39097.json) (`2023-08-03T15:15:29.763`) -* [CVE-2023-3180](CVE-2023/CVE-2023-31xx/CVE-2023-3180.json) (`2023-08-03T15:15:29.960`) -* [CVE-2023-3348](CVE-2023/CVE-2023-33xx/CVE-2023-3348.json) (`2023-08-03T15:15:30.227`) -* [CVE-2023-3766](CVE-2023/CVE-2023-37xx/CVE-2023-3766.json) (`2023-08-03T15:15:32.097`) -* [CVE-2023-4132](CVE-2023/CVE-2023-41xx/CVE-2023-4132.json) (`2023-08-03T15:15:32.833`) -* [CVE-2023-4133](CVE-2023/CVE-2023-41xx/CVE-2023-4133.json) (`2023-08-03T15:15:33.940`) -* [CVE-2023-4136](CVE-2023/CVE-2023-41xx/CVE-2023-4136.json) (`2023-08-03T15:15:34.167`) -* [CVE-2023-4138](CVE-2023/CVE-2023-41xx/CVE-2023-4138.json) (`2023-08-03T15:15:36.643`) -* [CVE-2023-33363](CVE-2023/CVE-2023-333xx/CVE-2023-33363.json) (`2023-08-03T16:15:11.713`) -* [CVE-2023-33364](CVE-2023/CVE-2023-333xx/CVE-2023-33364.json) (`2023-08-03T16:15:11.813`) -* [CVE-2023-33365](CVE-2023/CVE-2023-333xx/CVE-2023-33365.json) (`2023-08-03T16:15:11.870`) -* [CVE-2023-33366](CVE-2023/CVE-2023-333xx/CVE-2023-33366.json) (`2023-08-03T16:15:11.937`) -* [CVE-2023-38947](CVE-2023/CVE-2023-389xx/CVE-2023-38947.json) (`2023-08-03T16:15:12.010`) -* [CVE-2023-38948](CVE-2023/CVE-2023-389xx/CVE-2023-38948.json) (`2023-08-03T16:15:12.077`) -* [CVE-2023-25524](CVE-2023/CVE-2023-255xx/CVE-2023-25524.json) (`2023-08-03T17:15:11.527`) -* [CVE-2023-36213](CVE-2023/CVE-2023-362xx/CVE-2023-36213.json) (`2023-08-03T17:15:11.977`) -* [CVE-2023-4145](CVE-2023/CVE-2023-41xx/CVE-2023-4145.json) (`2023-08-03T17:15:12.237`) +* [CVE-2022-42986](CVE-2022/CVE-2022-429xx/CVE-2022-42986.json) (`2023-08-03T18:15:11.113`) +* [CVE-2023-32764](CVE-2023/CVE-2023-327xx/CVE-2023-32764.json) (`2023-08-03T18:15:11.230`) +* [CVE-2023-35081](CVE-2023/CVE-2023-350xx/CVE-2023-35081.json) (`2023-08-03T18:15:11.303`) +* [CVE-2023-36217](CVE-2023/CVE-2023-362xx/CVE-2023-36217.json) (`2023-08-03T18:15:11.397`) +* [CVE-2023-39075](CVE-2023/CVE-2023-390xx/CVE-2023-39075.json) (`2023-08-03T18:15:11.477`) +* [CVE-2023-0956](CVE-2023/CVE-2023-09xx/CVE-2023-0956.json) (`2023-08-03T19:15:10.323`) +* [CVE-2023-38942](CVE-2023/CVE-2023-389xx/CVE-2023-38942.json) (`2023-08-03T19:15:10.600`) ### CVEs modified in the last Commit -Recently modified CVEs: `141` +Recently modified CVEs: `32` -* [CVE-2023-38590](CVE-2023/CVE-2023-385xx/CVE-2023-38590.json) (`2023-08-03T16:55:34.797`) -* [CVE-2023-38136](CVE-2023/CVE-2023-381xx/CVE-2023-38136.json) (`2023-08-03T16:56:20.357`) -* [CVE-2023-38571](CVE-2023/CVE-2023-385xx/CVE-2023-38571.json) (`2023-08-03T16:58:19.650`) -* [CVE-2023-37285](CVE-2023/CVE-2023-372xx/CVE-2023-37285.json) (`2023-08-03T16:59:16.257`) -* [CVE-2023-34425](CVE-2023/CVE-2023-344xx/CVE-2023-34425.json) (`2023-08-03T16:59:34.220`) -* [CVE-2023-36495](CVE-2023/CVE-2023-364xx/CVE-2023-36495.json) (`2023-08-03T16:59:42.207`) -* [CVE-2023-32654](CVE-2023/CVE-2023-326xx/CVE-2023-32654.json) (`2023-08-03T17:00:15.653`) -* [CVE-2023-35993](CVE-2023/CVE-2023-359xx/CVE-2023-35993.json) (`2023-08-03T17:01:05.247`) -* [CVE-2023-37907](CVE-2023/CVE-2023-379xx/CVE-2023-37907.json) (`2023-08-03T17:01:24.863`) -* [CVE-2023-32444](CVE-2023/CVE-2023-324xx/CVE-2023-32444.json) (`2023-08-03T17:02:02.867`) -* [CVE-2023-32445](CVE-2023/CVE-2023-324xx/CVE-2023-32445.json) (`2023-08-03T17:02:11.737`) -* [CVE-2023-32734](CVE-2023/CVE-2023-327xx/CVE-2023-32734.json) (`2023-08-03T17:03:51.680`) -* [CVE-2023-38259](CVE-2023/CVE-2023-382xx/CVE-2023-38259.json) (`2023-08-03T17:06:30.207`) -* [CVE-2023-32427](CVE-2023/CVE-2023-324xx/CVE-2023-32427.json) (`2023-08-03T17:06:40.617`) -* [CVE-2023-3488](CVE-2023/CVE-2023-34xx/CVE-2023-3488.json) (`2023-08-03T17:10:17.167`) -* [CVE-2023-25835](CVE-2023/CVE-2023-258xx/CVE-2023-25835.json) (`2023-08-03T17:15:11.777`) -* [CVE-2023-3946](CVE-2023/CVE-2023-39xx/CVE-2023-3946.json) (`2023-08-03T17:18:16.407`) -* [CVE-2023-1401](CVE-2023/CVE-2023-14xx/CVE-2023-1401.json) (`2023-08-03T17:25:40.487`) -* [CVE-2023-38685](CVE-2023/CVE-2023-386xx/CVE-2023-38685.json) (`2023-08-03T17:35:33.533`) -* [CVE-2023-38684](CVE-2023/CVE-2023-386xx/CVE-2023-38684.json) (`2023-08-03T17:36:39.170`) -* [CVE-2023-38498](CVE-2023/CVE-2023-384xx/CVE-2023-38498.json) (`2023-08-03T17:37:01.537`) -* [CVE-2023-37906](CVE-2023/CVE-2023-379xx/CVE-2023-37906.json) (`2023-08-03T17:49:29.230`) -* [CVE-2023-37904](CVE-2023/CVE-2023-379xx/CVE-2023-37904.json) (`2023-08-03T17:51:20.897`) -* [CVE-2023-39023](CVE-2023/CVE-2023-390xx/CVE-2023-39023.json) (`2023-08-03T17:55:41.163`) -* [CVE-2023-39022](CVE-2023/CVE-2023-390xx/CVE-2023-39022.json) (`2023-08-03T17:59:21.500`) +* [CVE-2022-2502](CVE-2022/CVE-2022-25xx/CVE-2022-2502.json) (`2023-08-03T19:26:16.343`) +* [CVE-2023-39020](CVE-2023/CVE-2023-390xx/CVE-2023-39020.json) (`2023-08-03T18:01:31.200`) +* [CVE-2023-39018](CVE-2023/CVE-2023-390xx/CVE-2023-39018.json) (`2023-08-03T18:04:07.150`) +* [CVE-2023-39017](CVE-2023/CVE-2023-390xx/CVE-2023-39017.json) (`2023-08-03T18:05:20.460`) +* [CVE-2023-39016](CVE-2023/CVE-2023-390xx/CVE-2023-39016.json) (`2023-08-03T18:07:14.903`) +* [CVE-2023-38609](CVE-2023/CVE-2023-386xx/CVE-2023-38609.json) (`2023-08-03T18:09:27.580`) +* [CVE-2023-39015](CVE-2023/CVE-2023-390xx/CVE-2023-39015.json) (`2023-08-03T18:09:48.280`) +* [CVE-2023-39013](CVE-2023/CVE-2023-390xx/CVE-2023-39013.json) (`2023-08-03T18:10:07.200`) +* [CVE-2023-39010](CVE-2023/CVE-2023-390xx/CVE-2023-39010.json) (`2023-08-03T18:10:42.550`) +* [CVE-2023-38992](CVE-2023/CVE-2023-389xx/CVE-2023-38992.json) (`2023-08-03T18:10:52.757`) +* [CVE-2023-37754](CVE-2023/CVE-2023-377xx/CVE-2023-37754.json) (`2023-08-03T18:11:04.527`) +* [CVE-2023-39122](CVE-2023/CVE-2023-391xx/CVE-2023-39122.json) (`2023-08-03T18:15:11.547`) +* [CVE-2023-32443](CVE-2023/CVE-2023-324xx/CVE-2023-32443.json) (`2023-08-03T18:16:54.600`) +* [CVE-2023-32468](CVE-2023/CVE-2023-324xx/CVE-2023-32468.json) (`2023-08-03T18:23:50.197`) +* [CVE-2023-3977](CVE-2023/CVE-2023-39xx/CVE-2023-3977.json) (`2023-08-03T18:29:30.730`) +* [CVE-2023-37467](CVE-2023/CVE-2023-374xx/CVE-2023-37467.json) (`2023-08-03T18:34:44.600`) +* [CVE-2023-2860](CVE-2023/CVE-2023-28xx/CVE-2023-2860.json) (`2023-08-03T18:39:50.520`) +* [CVE-2023-35087](CVE-2023/CVE-2023-350xx/CVE-2023-35087.json) (`2023-08-03T18:43:53.560`) +* [CVE-2023-3670](CVE-2023/CVE-2023-36xx/CVE-2023-3670.json) (`2023-08-03T18:44:39.050`) +* [CVE-2023-3773](CVE-2023/CVE-2023-37xx/CVE-2023-3773.json) (`2023-08-03T18:51:44.460`) +* [CVE-2023-38988](CVE-2023/CVE-2023-389xx/CVE-2023-38988.json) (`2023-08-03T18:54:14.513`) +* [CVE-2023-36542](CVE-2023/CVE-2023-365xx/CVE-2023-36542.json) (`2023-08-03T19:09:29.110`) +* [CVE-2023-37216](CVE-2023/CVE-2023-372xx/CVE-2023-37216.json) (`2023-08-03T19:14:49.727`) +* [CVE-2023-4007](CVE-2023/CVE-2023-40xx/CVE-2023-4007.json) (`2023-08-03T19:16:00.417`) +* [CVE-2023-38572](CVE-2023/CVE-2023-385xx/CVE-2023-38572.json) (`2023-08-03T19:57:55.053`) ## Download and Usage