admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-07 19:16:29 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-10-14T04:00:24.306197+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-10-14 04:00:27 +00:00
parent 8834ccef17
commit 4505c7c090
27 changed files with 1880 additions and 98 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
CVE-2022/CVE-2022-229xx/CVE-2022-22995.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-22995",
"sourceIdentifier": "psirt@wdc.com",
"published": "2022-03-25T23:15:08.410",
"lastModified": "2022-03-31T01:12:32.550",
"vulnStatus": "Analyzed",
"lastModified": "2023-10-14T03:15:09.393",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -416,6 +416,14 @@
}
],
"references": [
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T5CZZLFOTUP3QYHGHSDUNENGSLPJ6KGO/",
"source": "psirt@wdc.com"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XO34FWOIJI6V6PH2XY52WNBBARVWPJG2/",
"source": "psirt@wdc.com"
},
{
"url": "https://www.westerndigital.com/support/product-security/wdc-22005-netatalk-security-vulnerabilities",
"source": "psirt@wdc.com",

743
CVE-2022/CVE-2022-34xx/CVE-2022-3431.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-3431",
"sourceIdentifier": "psirt@lenovo.com",
"published": "2023-10-09T19:15:09.987",
"lastModified": "2023-10-10T12:16:32.703",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-14T02:23:44.330",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "psirt@lenovo.com",
"type": "Secondary",
@ -40,7 +60,7 @@
},
"weaknesses": [
{
"source": "psirt@lenovo.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
@ -48,12 +68,727 @@
"value": "CWE-276"
}
]
},
{
"source": "psirt@lenovo.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-276"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:lenovo:ideapad_creator_5-16ach6_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "gscn34ww",
"matchCriteriaId": "7428DDA8-7629-4AF8-8DAA-7A49FF9D6DA1"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:lenovo:ideapad_creator_5-16ach6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "90031C15-00A0-40F8-A98B-DDFA3F79D247"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:lenovo:ideapad_5_pro-16ihu6_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "grcn22ww",
"matchCriteriaId": "3FFB4225-D28D-4C3B-BB03-349B966CCFCF"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:lenovo:ideapad_5_pro-16ihu6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC34C489-CC06-41DF-91C8-2919B9770E78"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:lenovo:ideapad_5_pro-16ach6_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "gscn34ww",
"matchCriteriaId": "BD22DD91-73C6-4982-9424-6C3AA1D52EA6"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:lenovo:ideapad_5_pro-16ach6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F160EE76-3FF4-42EB-94DE-4FEFCCEE54C2"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:lenovo:yoga_slim_7-13itl05_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "f7cn39ww",
"matchCriteriaId": "09F8B96E-197D-4E6C-B766-EFB312705CA0"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:lenovo:yoga_slim_7-13itl05:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7B6E471A-EB31-46FE-944E-F48397F57E13"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:lenovo:yoga_slim_7-13acn05_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "ghcn28ww",
"matchCriteriaId": "1EBDE114-7FCF-4C49-A8F6-E20B25736454"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:lenovo:yoga_slim_7-13acn05:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FAF0D1D-070A-401E-B5B3-F3BCDD1860F7"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:lenovo:yoga_slim_7_pro_16arh7_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "klcn15ww",
"matchCriteriaId": "650BA4E3-7255-4AE1-B192-58C45166039F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:lenovo:yoga_slim_7_pro_16arh7:-:*:*:*:*:*:*:*",
"matchCriteriaId": "620ACBF6-93BA-47B8-8AA6-974D81473171"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:lenovo:yoga_slim_7_pro_16ach6_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "hucn16ww",
"matchCriteriaId": "851B51FB-DEFB-4E55-8114-BA49BEF8DFDC"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:lenovo:yoga_slim_7_pro_16ach6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0BEB08B-768F-4BFC-819B-B8A1DD01431F"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:lenovo:yoga_slim_7_carbon_13itl5_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "f7cn39ww",
"matchCriteriaId": "63C58648-9441-450E-BFFF-874781D29BC5"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:lenovo:yoga_slim_7_carbon_13itl5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "978E1E13-8918-41D0-985C-53904CE0EC16"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:lenovo:yoga_duet_7-13itl6-lte_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "gpcn24ww",
"matchCriteriaId": "72679907-6E23-4BE7-809B-824B2E16D0EA"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:lenovo:yoga_duet_7-13itl6-lte:-:*:*:*:*:*:*:*",
"matchCriteriaId": "72782D1B-DFFB-4F78-AA4F-C10AEF277D2F"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:lenovo:yoga_duet_7-13itl6_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "gpcn24ww",
"matchCriteriaId": "853F9F82-3DF5-4D6B-A3BD-410AFD9BD7F1"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:lenovo:yoga_duet_7-13itl6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02CB1D39-F031-4AF9-88FE-E0E8E0A38768"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:lenovo:yoga_duet_7-13iml05_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "ercn30ww",
"matchCriteriaId": "E799EC61-46FC-46B1-B27C-67D472AEC947"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:lenovo:yoga_duet_7-13iml05:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8FCE2EC8-8384-4DE1-9B45-AECB510D0B1E"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:lenovo:thinkbook_plus_g3_iap_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "k6cn29ww",
"matchCriteriaId": "1EA39607-1264-4595-8BF2-A03FEE46A677"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:lenovo:thinkbook_plus_g3_iap:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8480B3A8-6F19-4C01-A5E8-B141DA845E4D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:lenovo:thinkbook_plus_g2_itg_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "gycn31ww",
"matchCriteriaId": "CD9DA7E8-963A-4845-A1A5-33FCD953F7AB"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:lenovo:thinkbook_plus_g2_itg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D725D6F-60A7-4BEE-A19F-AF6CEEE46FE1"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:lenovo:thinkbook_16p_nx_arh_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "kjcn27ww",
"matchCriteriaId": "6219BA17-B4B5-476A-A583-0A1A7C724E69"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:lenovo:thinkbook_16p_nx_arh:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F21184FF-7B12-4422-A819-C0836777283B"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:lenovo:thinkbook_16_g4\\+_iap_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "hycn40ww",
"matchCriteriaId": "F4405421-414E-4BAC-8E9F-E99B398BF0CD"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:lenovo:thinkbook_16_g4\\+_iap:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56EA6832-49E6-4FFB-B49B-5ED528C8DC26"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:lenovo:thinkbook_16_g4\\+_ara_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "j6cn40ww",
"matchCriteriaId": "30656321-CDEC-4078-BD88-AF6074D42F48"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:lenovo:thinkbook_16_g4\\+_ara:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4062B850-7517-41A1-BA85-CEA38520B324"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:lenovo:thinkbook_14_g4\\+_iap_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "hycn40ww",
"matchCriteriaId": "D008FDCD-FD4E-4DE7-8AF7-8982E2360E68"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:lenovo:thinkbook_14_g4\\+_iap:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2EE24BE8-EFD8-417E-9059-3844E1526F32"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:lenovo:thinkbook_14_g4\\+_ara_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "j6cn40ww",
"matchCriteriaId": "8AA85A21-27F0-4867-91D4-377EFD9A91CE"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:lenovo:thinkbook_14_g4\\+_ara:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B69C2C6D-E963-48F9-A91D-FC850A5C05DE"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:lenovo:thinkbook_13x_itg_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "hlcn30ww",
"matchCriteriaId": "2CA24E6D-72F4-44A0-B7E2-378CC6260549"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:lenovo:thinkbook_13x_itg:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09B30D44-B6FB-4824-BC6A-24307D8F7439"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:lenovo:ideapad_slim_7_pro_16ach6_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "hucn16ww",
"matchCriteriaId": "57C398C8-388E-4622-B211-CB51120D8933"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:lenovo:ideapad_slim_7_pro_16ach6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9378A311-DA4E-4452-8C0A-337F2375F948"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:lenovo:s540-15iml_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "cncn22ww",
"matchCriteriaId": "7654476D-65DA-495F-91F2-A59A6C840F51"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:lenovo:s540-15iml:-:*:*:*:*:*:*:*",
"matchCriteriaId": "78A9FC30-244F-441E-950E-2FDBFC520133"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:lenovo:slim_7_16arh7_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "klcn15ww",
"matchCriteriaId": "CC68F2A8-9976-4157-9926-1F398584C0EB"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:lenovo:slim_7_16arh7:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CEF0DB00-37E3-48C9-8229-59422C95C937"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:lenovo:ideapad_duet_3_10igl5_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "eqcn37ww",
"matchCriteriaId": "12037F5F-401A-4E68-92A8-922A5CA9BD63"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:lenovo:ideapad_duet_3_10igl5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6ED2CCF-A6BB-45C8-B729-31241AA7254A"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:lenovo:ideapad_5_pro_16arh7_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "j4cn33ww",
"matchCriteriaId": "7F9E07F2-CCDE-4B45-9B04-7691D1869C1C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:lenovo:ideapad_5_pro_16arh7:-:*:*:*:*:*:*:*",
"matchCriteriaId": "33034E99-8CA2-4736-91F6-8E42181E9AF0"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:lenovo:d330-10igl_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "g0cn11ww",
"matchCriteriaId": "93B3E734-67AE-498C-9808-70D5F07161EE"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:lenovo:d330-10igl:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3FBE774E-04D0-46DE-8F9C-D4B9380BD1BC"
}
]
}
]
}
],
"references": [
{
"url": "https://support.lenovo.com/us/en/product_security/LEN-94952",
"source": "psirt@lenovo.com"
"source": "psirt@lenovo.com",
"tags": [
"Vendor Advisory"
]
}
]
}

6
CVE-2022/CVE-2022-483xx/CVE-2022-48337.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-48337",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-02-20T23:15:12.243",
"lastModified": "2023-09-28T04:15:11.550",
"lastModified": "2023-10-14T03:15:09.567",
"vulnStatus": "Modified",
"descriptions": [
{
@ -91,6 +91,10 @@
"url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00008.html",
"source": "cve@mitre.org"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FLPQ4K6H2S5TY3L5UDN4K4B3L5RQJYQ6/",
"source": "cve@mitre.org"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U6HDBUQNAH2WL4MHWCTUZLN7NGF7CHTK/",
"source": "cve@mitre.org"

6
CVE-2022/CVE-2022-483xx/CVE-2022-48338.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-48338",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-02-20T23:15:12.297",
"lastModified": "2023-09-28T04:15:11.690",
"lastModified": "2023-10-14T03:15:09.650",
"vulnStatus": "Modified",
"descriptions": [
{
@ -72,6 +72,10 @@
"Patch"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FLPQ4K6H2S5TY3L5UDN4K4B3L5RQJYQ6/",
"source": "cve@mitre.org"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U6HDBUQNAH2WL4MHWCTUZLN7NGF7CHTK/",
"source": "cve@mitre.org"

6
CVE-2022/CVE-2022-483xx/CVE-2022-48339.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-48339",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-02-20T23:15:12.350",
"lastModified": "2023-09-28T04:15:11.790",
"lastModified": "2023-10-14T03:15:09.723",
"vulnStatus": "Modified",
"descriptions": [
{
@ -76,6 +76,10 @@
"url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00008.html",
"source": "cve@mitre.org"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FLPQ4K6H2S5TY3L5UDN4K4B3L5RQJYQ6/",
"source": "cve@mitre.org"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U6HDBUQNAH2WL4MHWCTUZLN7NGF7CHTK/",
"source": "cve@mitre.org"

51
CVE-2023/CVE-2023-236xx/CVE-2023-23651.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-23651",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-10-12T12:15:10.223",
"lastModified": "2023-10-12T12:59:34.797",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-14T02:21:03.983",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Auth. (subscriber+) SQL Injection (SQLi) vulnerability in MainWP Google Analytics Extension\u00a0plugin <= 4.0.4 versions."
},
{
"lang": "es",
"value": "Vulnerabilidad de inyecci\u00f3n SQL (SQLi) autenticada (con permisos de suscriptor o superiores) en el complemento MainWP Google Analytics Extension en versiones &lt;= 4.0.4."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mainwp:mainwp_google_analytics_extension:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "4.0.4",
"matchCriteriaId": "17CC847F-D5AA-4B89-BF20-92361F99CDFB"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/mainwp-google-analytics-extension/wordpress-mainwp-google-analytics-extension-plugin-4-0-4-subscriber-sql-injection-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

323
CVE-2023/CVE-2023-263xx/CVE-2023-26366.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-26366",
"sourceIdentifier": "psirt@adobe.com",
"published": "2023-10-13T07:15:38.933",
"lastModified": "2023-10-13T12:47:20.137",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-10-14T02:22:03.000",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -36,7 +36,7 @@
},
"weaknesses": [
{
"source": "psirt@adobe.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
@ -44,12 +44,327 @@
"value": "CWE-918"
}
]
},
{
"source": "psirt@adobe.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-918"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.3.7:-:*:*:*:*:*:*",
"matchCriteriaId": "4346BF61-743B-4BBE-AC90-9954FEE6E943"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.3.7:p1:*:*:*:*:*:*",
"matchCriteriaId": "9F471E19-8AFE-4A6C-88EA-DF94428518F7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.3.7:p2:*:*:*:*:*:*",
"matchCriteriaId": "27E5B990-1E1C-46AC-815F-AF737D211C16"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.3.7:p3:*:*:*:*:*:*",
"matchCriteriaId": "8D1598F4-AA41-4F94-A986-E603DC42AC8B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.3.7:p4:*:*:*:*:*:*",
"matchCriteriaId": "3A3535F6-227F-4DD2-881F-9ADAB68373CD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.3.7:p4-ext1:*:*:*:*:*:*",
"matchCriteriaId": "428B889D-3BAF-46A2-913A-E0022217F804"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.3.7:p4-ext2:*:*:*:*:*:*",
"matchCriteriaId": "2A0A7F6F-6218-4714-A7C7-79580FBA8FFF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.3.7:p4-ext3:*:*:*:*:*:*",
"matchCriteriaId": "304A7DB2-0174-42A2-A357-944634C2ADFA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.3.7:p4-ext4:*:*:*:*:*:*",
"matchCriteriaId": "C5954698-9CA1-4463-833C-E7DB447AC80A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.0:-:*:*:*:*:*:*",
"matchCriteriaId": "D845F99F-2958-4118-B27E-6D84602B7FB1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.0:ext-1:*:*:*:*:*:*",
"matchCriteriaId": "61266FCB-916E-4B72-A5CE-8E9D3D817996"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.0:ext-2:*:*:*:*:*:*",
"matchCriteriaId": "4B4BB14A-5BBE-4FF3-B956-306D721D99E3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.0:ext-3:*:*:*:*:*:*",
"matchCriteriaId": "8D33D70D-84E7-46D9-A50B-857DF71B43C6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.0:ext-4:*:*:*:*:*:*",
"matchCriteriaId": "6291AFE6-3F06-4796-B6B8-761D995F1F9D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.1:-:*:*:*:*:*:*",
"matchCriteriaId": "33BE2A5D-A4B1-4863-A1D9-29F08CA8CCE2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.1:ext-1:*:*:*:*:*:*",
"matchCriteriaId": "F1BCDF10-D4D2-4FB5-8A6A-960730C17911"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.1:ext-2:*:*:*:*:*:*",
"matchCriteriaId": "F747F9C6-BD3F-4DFC-BC91-6361F66E50D0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.1:ext-3:*:*:*:*:*:*",
"matchCriteriaId": "8249B061-BD24-4A05-A08B-8CE776C23F79"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.1:ext-4:*:*:*:*:*:*",
"matchCriteriaId": "40315EF0-0EAF-465B-BC82-57B74C23ED98"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.2:-:*:*:*:*:*:*",
"matchCriteriaId": "62BF6A4C-BC58-40A2-AE21-B4F309562661"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.2:ext-1:*:*:*:*:*:*",
"matchCriteriaId": "1D0E8BC4-17BD-4F42-A849-2CC439CF82D8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.2:ext-2:*:*:*:*:*:*",
"matchCriteriaId": "E9E12EC1-36A9-42F5-9EE6-88FAA6FD52F3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.2:ext-3:*:*:*:*:*:*",
"matchCriteriaId": "F2B3EF0E-31B4-4508-AC48-D89CB4460D89"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.2:ext-4:*:*:*:*:*:*",
"matchCriteriaId": "B0B4ABDB-1C22-4B26-BA4D-DA73ED1F50D2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.3:-:*:*:*:*:*:*",
"matchCriteriaId": "7B503C35-8C90-4A24-8E60-722CDBBF556B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.3:ext-1:*:*:*:*:*:*",
"matchCriteriaId": "FC5B997C-8DB4-4FDF-96F6-6DCF23970705"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.3:ext-2:*:*:*:*:*:*",
"matchCriteriaId": "E8B1341E-A0C9-42EB-8BAE-E23D88BC3CB0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.3:ext-3:*:*:*:*:*:*",
"matchCriteriaId": "14CEAFB8-0812-4F19-8E83-93A61A23594F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.3:ext-4:*:*:*:*:*:*",
"matchCriteriaId": "25A9AC2F-7AAC-41FF-8D93-3A5CBE24BED6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.4:-:*:*:*:*:*:*",
"matchCriteriaId": "D258D9EF-94FB-41F0-A7A5-7F66FA7A0055"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.4:p1:*:*:*:*:*:*",
"matchCriteriaId": "4E5CF6F0-2388-4D3F-8FE1-43B8AF148564"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.4:p2:*:*:*:*:*:*",
"matchCriteriaId": "D6D6F1A7-ABB5-4EDC-9EA8-98B74518847A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.4:p3:*:*:*:*:*:*",
"matchCriteriaId": "CFEBDDF2-6443-4482-83B2-3CD272CF599F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.4:p4:*:*:*:*:*:*",
"matchCriteriaId": "6661093F-8D22-450F-BC6C-A8894A52E6A9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.4:p5:*:*:*:*:*:*",
"matchCriteriaId": "2515DA6D-2E74-4A05-BD29-FEEF3322BCB6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.5:-:*:*:*:*:*:*",
"matchCriteriaId": "9B07F7B2-E915-4EFF-8FFC-91143CEF082E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.5:p1:*:*:*:*:*:*",
"matchCriteriaId": "7F5E9DB6-1386-4274-8270-2FE0F0CAF7FD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.5:p2:*:*:*:*:*:*",
"matchCriteriaId": "8605E4E6-0F7D-42C8-B35B-2349A0BEFC69"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.5:p3:*:*:*:*:*:*",
"matchCriteriaId": "B6318F97-E59A-4425-8DC7-045C78A644F8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.5:p4:*:*:*:*:*:*",
"matchCriteriaId": "324A573E-DBC8-42A0-8CB8-EDD8FBAB7115"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.5:p5:*:*:*:*:*:*",
"matchCriteriaId": "54151A00-CFB8-4E6A-8E74-497CB67BF7E2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.6:-:*:*:*:*:*:*",
"matchCriteriaId": "7C7AFBB1-F9C9-4BDE-BCEF-94C9F0AC6798"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.6:p1:*:*:*:*:*:*",
"matchCriteriaId": "D6086841-C175-46A1-8414-71C6163A0E7A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.6:p2:*:*:*:*:*:*",
"matchCriteriaId": "D2E0DDD1-0F4A-4F96-B25D-40A39A1A535A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:commerce:2.4.7:b1:*:*:*:*:*:*",
"matchCriteriaId": "6EBB0608-034B-4F07-A59B-9E6A989BA260"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:magento:2.4.4:-:*:*:open_source:*:*:*",
"matchCriteriaId": "AC641EFE-3B9B-4988-A143-FE1F6FD0D689"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:magento:2.4.4:p1:*:*:open_source:*:*:*",
"matchCriteriaId": "5F7AA4A6-69E3-4BA4-A476-CA37F41D5482"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:magento:2.4.4:p2:*:*:open_source:*:*:*",
"matchCriteriaId": "A3D05570-FA72-4FCF-90E9-EC19731CD9F7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:magento:2.4.4:p3:*:*:open_source:*:*:*",
"matchCriteriaId": "7DF079F1-1886-4974-A0F0-82DEA88F2E83"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:magento:2.4.5:-:*:*:open_source:*:*:*",
"matchCriteriaId": "7A41C717-4B9F-4972-ABA3-2294EEC20F3E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:magento:2.4.5:p1:*:*:open_source:*:*:*",
"matchCriteriaId": "3FA80BBC-2DF2-46E1-84CE-8A899415114E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:magento:2.4.5:p2:*:*:open_source:*:*:*",
"matchCriteriaId": "510B1840-AE77-4BDD-9C09-26C64CC8FC81"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:magento:2.4.5:p3:*:*:open_source:*:*:*",
"matchCriteriaId": "FA1EDF58-8384-48C4-A584-54D24F6F7973"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:magento:2.4.5:p4:*:*:open_source:*:*:*",
"matchCriteriaId": "9D2D9715-3A6B-4BE0-B1C5-8D19A683A083"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:magento:2.4.6:-:*:*:open_source:*:*:*",
"matchCriteriaId": "789BD987-9DAD-4EAE-93DE-0E267D54F124"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:magento:2.4.6:p1:*:*:open_source:*:*:*",
"matchCriteriaId": "A3F113C0-00C5-4BC2-B42B-8AE3756252F2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:magento:2.4.6:p2:*:*:open_source:*:*:*",
"matchCriteriaId": "02592D65-2D2C-460A-A970-8A18F9B156ED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:magento:2.4.7:b1:*:*:open_source:*:*:*",
"matchCriteriaId": "99C620F3-40ED-4D7F-B6A1-205E948FD6F5"
}
]
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/magento/apsb23-50.html",
"source": "psirt@adobe.com"
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
]
}
]
}

20
CVE-2023/CVE-2023-350xx/CVE-2023-35074.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35074",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-09-27T15:18:52.800",
"lastModified": "2023-10-05T14:33:43.383",
"vulnStatus": "Analyzed",
"lastModified": "2023-10-14T03:15:09.803",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -115,6 +115,18 @@
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2023/Oct/3",
"source": "product-security@apple.com"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Oct/8",
"source": "product-security@apple.com"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Oct/9",
"source": "product-security@apple.com"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/09/28/3",
"source": "product-security@apple.com",
@ -122,6 +134,10 @@
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4EEMDC5TQAANFH5D77QM34ZTUKXPFGVL/",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213936",
"source": "product-security@apple.com",

51
CVE-2023/CVE-2023-386xx/CVE-2023-38640.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-38640",
"sourceIdentifier": "productcert@siemens.com",
"published": "2023-10-10T11:15:12.063",
"lastModified": "2023-10-10T12:16:32.703",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-14T02:43:46.027",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -17,8 +17,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "productcert@siemens.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 2.5
},
{
"source": "productcert@siemens.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
@ -50,10 +70,33 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:siemens:sicam_pas\\/pqs:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.00",
"versionEndExcluding": "8.22",
"matchCriteriaId": "9F7F0A64-D3B9-483E-ABB5-86479D276D07"
}
]
}
]
}
],
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-035466.pdf",
"source": "productcert@siemens.com"
"source": "productcert@siemens.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

8
CVE-2023/CVE-2023-399xx/CVE-2023-39928.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-39928",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-10-06T16:15:13.223",
"lastModified": "2023-10-13T02:15:09.530",
"vulnStatus": "Modified",
"lastModified": "2023-10-14T03:15:09.890",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
"lang": "en",
@ -98,6 +98,10 @@
}
],
"references": [
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4EEMDC5TQAANFH5D77QM34ZTUKXPFGVL/",
"source": "talos-cna@cisco.com"
},
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1831",
"source": "talos-cna@cisco.com",

8
CVE-2023/CVE-2023-410xx/CVE-2023-41074.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-41074",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-09-27T15:19:26.570",
"lastModified": "2023-10-13T02:15:09.640",
"vulnStatus": "Modified",
"lastModified": "2023-10-14T03:15:10.020",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
"lang": "en",
@ -147,6 +147,10 @@
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4EEMDC5TQAANFH5D77QM34ZTUKXPFGVL/",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213936",
"source": "product-security@apple.com",

8
CVE-2023/CVE-2023-419xx/CVE-2023-41993.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-41993",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-09-21T19:15:11.660",
"lastModified": "2023-10-13T02:15:09.717",
"vulnStatus": "Modified",
"lastModified": "2023-10-14T03:15:10.120",
"vulnStatus": "Undergoing Analysis",
"cisaExploitAdd": "2023-09-25",
"cisaActionDue": "2023-10-16",
"cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
@ -143,6 +143,10 @@
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4EEMDC5TQAANFH5D77QM34ZTUKXPFGVL/",
"source": "product-security@apple.com"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7ELXBV26Q54BIOVN5LBCJFM2G6VQZ7FO/",
"source": "product-security@apple.com",

100
CVE-2023/CVE-2023-437xx/CVE-2023-43788.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-43788",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-10-10T13:15:22.137",
"lastModified": "2023-10-12T12:15:10.630",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-14T02:24:34.383",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "secalert@redhat.com",
"type": "Secondary",
@ -38,14 +58,86 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:x.org:libxpm:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.5.17",
"matchCriteriaId": "23294C91-C2BF-4AC4-A163-8E43E2D85E43"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D"
}
]
}
]
}
],
"references": [
{
"url": "https://access.redhat.com/security/cve/CVE-2023-43788",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242248",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
]
}
]
}

112
CVE-2023/CVE-2023-441xx/CVE-2023-44110.json
View File

@ -2,16 +2,53 @@
"id": "CVE-2023-44110",
"sourceIdentifier": "psirt@huawei.com",
"published": "2023-10-11T12:15:11.623",
"lastModified": "2023-10-11T12:54:05.787",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-14T02:19:27.097",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds access vulnerability in the audio module.Successful exploitation of this vulnerability may affect availability."
},
{
"lang": "es",
"value": "Vulnerabilidad de acceso fuera de l\u00edmites en el m\u00f3dulo audio. La explotaci\u00f3n exitosa de esta vulnerabilidad puede afectar la disponibilidad."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
},
{
"source": "psirt@huawei.com",
"type": "Secondary",
@ -23,14 +60,79 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "64118936-E2A5-4935-8594-29DF29B5475A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CB3751C1-7729-41D3-AE50-80B5AF601135"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4D81C4EF-7CAF-4E60-91A4-8CF7B95B2B54"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8198CDB2-4BC5-411A-8736-615A531FC545"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:emui:12.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF07E7F-3A18-4B74-B73D-DF3647C2A48F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:emui:13.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "353AEAF2-AF46-4835-93E1-4F942D5E2810"
}
]
}
]
}
],
"references": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2023/10/",
"source": "psirt@huawei.com"
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202310-0000001663676540",
"source": "psirt@huawei.com"
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202310-0000001663676540",
"source": "nvd@nist.gov",
"tags": [
"Vendor Advisory"
]
}
]
}

70
CVE-2023/CVE-2023-448xx/CVE-2023-44846.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-44846",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-10T01:15:10.240",
"lastModified": "2023-10-10T12:16:32.703",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-10-14T02:15:52.660",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,15 +14,75 @@
"value": "Un problema en SeaCMS v.12.8 permite a un atacante ejecutar c\u00f3digo arbitrario a trav\u00e9s del componente admin_notify.php."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:seacms:seacms:*:*:*:*:*:*:*:*",
"versionEndIncluding": "12.8",
"matchCriteriaId": "1387A5B3-00DF-47D3-8482-136F59D91D77"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.csdn.net/2301_79997870/article/details/133365547?spm=1001.2014.3001.5501",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://blog.csdn.net/2301_79997870/article/details/133661890?spm=1001.2014.3001.5502",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

65
CVE-2023/CVE-2023-448xx/CVE-2023-44847.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-44847",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-10T01:15:10.300",
"lastModified": "2023-10-10T12:16:32.703",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-10-14T02:16:27.750",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,11 +14,68 @@
"value": "Un problema en SeaCMS v.12.8 permite a un atacante ejecutar c\u00f3digo arbitrario a trav\u00e9s del componente admin_Weixin.php."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:seacms:seacms:*:*:*:*:*:*:*:*",
"versionEndIncluding": "12.8",
"matchCriteriaId": "1387A5B3-00DF-47D3-8482-136F59D91D77"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.csdn.net/2301_79997870/article/details/133661890?spm=1001.2014.3001.5502",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

64
CVE-2023/CVE-2023-448xx/CVE-2023-44848.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-44848",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-10T01:15:10.353",
"lastModified": "2023-10-10T12:16:32.703",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-10-14T02:16:39.717",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,11 +14,67 @@
"value": "Un problema en SeaCMS v.12.8 permite a un atacante ejecutar c\u00f3digo arbitrario a trav\u00e9s del componente admin_template.php."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:seacms:seacms:*:*:*:*:*:*:*:*",
"versionEndIncluding": "12.8",
"matchCriteriaId": "1387A5B3-00DF-47D3-8482-136F59D91D77"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.csdn.net/2301_79997870/article/details/133661890?spm=1001.2014.3001.5502",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

63
CVE-2023/CVE-2023-450xx/CVE-2023-45047.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-45047",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-10-12T09:15:15.447",
"lastModified": "2023-10-12T12:59:34.797",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-14T02:19:12.007",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in LeadSquared, Inc LeadSquared Suite plugin <=\u00a00.7.4 versions."
},
{
"lang": "es",
"value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en el complemento LeadSquared, Inc LeadSquared Suite en versiones &lt;= 0.7.4."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -36,7 +60,7 @@
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
@ -44,12 +68,43 @@
"value": "CWE-352"
}
]
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:leadsquared:leadsquared_suite:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "0.7.4",
"matchCriteriaId": "C0A3F466-2001-409D-8981-6A1B7BDC6C42"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/leadsquared-suite/wordpress-leadsquared-suite-plugin-0-7-4-cross-site-request-forgery-csrf-leading-to-form-deactivation-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

29
CVE-2023/CVE-2023-452xx/CVE-2023-45205.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-45205",
"sourceIdentifier": "productcert@siemens.com",
"published": "2023-10-10T11:15:13.163",
"lastModified": "2023-10-10T12:16:32.703",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-14T02:24:01.100",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -50,10 +50,33 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:siemens:sicam_pas\\/pqs:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.00",
"versionEndExcluding": "8.20",
"matchCriteriaId": "E5CA7439-57B5-43C7-B9E8-46B1305CF522"
}
]
}
]
}
],
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-035466.pdf",
"source": "productcert@siemens.com"
"source": "productcert@siemens.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

24
CVE-2023/CVE-2023-458xx/CVE-2023-45852.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-45852",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-14T02:15:09.270",
"lastModified": "2023-10-14T02:15:09.270",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In Vitogate 300 2.1.3.0, /cgi-bin/vitogate.cgi allows an unauthenticated attacker to bypass authentication and execute arbitrary commands via shell metacharacters in the ipaddr params JSON data for the put method."
}
],
"metrics": {},
"references": [
{
"url": "https://connectivity.viessmann.com/gb/mp-fp/vitogate/vitogate-300-bn-mb.html",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/Push3AX/vul/blob/main/viessmann/Vitogate300_RCE.md",
"source": "cve@mitre.org"
}
]
}

36
CVE-2023/CVE-2023-458xx/CVE-2023-45853.json Normal file
View File

@ -0,0 +1,36 @@
{
"id": "CVE-2023-45853",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-14T02:15:09.323",
"lastModified": "2023-10-14T02:15:09.323",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_64 via a long filename, comment, or extra field. NOTE: MiniZip is not a supported part of the zlib product."
}
],
"metrics": {},
"references": [
{
"url": "https://chromium.googlesource.com/chromium/src/+/d709fb23806858847131027da95ef4c548813356",
"source": "cve@mitre.org"
},
{
"url": "https://chromium.googlesource.com/chromium/src/+/de29dd6c7151d3cd37cb4cf0036800ddfb1d8b61",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/madler/zlib/blob/ac8f12c97d1afd9bafa9c710f827d40a407d3266/contrib/README.contrib#L1-L4",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/madler/zlib/pull/843",
"source": "cve@mitre.org"
},
{
"url": "https://www.winimage.com/zLibDll/minizip.html",
"source": "cve@mitre.org"
}
]
}

12
CVE-2023/CVE-2023-52xx/CVE-2023-5218.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-5218",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-10-11T23:15:10.443",
"lastModified": "2023-10-13T02:15:10.000",
"vulnStatus": "Modified",
"lastModified": "2023-10-14T03:15:10.277",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
"lang": "en",
"value": "Use after free in Site Isolation in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)"
},
{
"lang": "es",
"value": "Use after free de Site Isolation en Google Chrome anterior a 118.0.5993.70 permit\u00eda a un atacante remoto explotar potencialmente la corrupci\u00f3n del mont\u00f3n a trav\u00e9s de una p\u00e1gina HTML manipulada. (Severidad de seguridad de Chromium: Cr\u00edtica)"
}
],
"metrics": {
@ -80,6 +84,10 @@
"Permissions Required"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F5QCMP6KKWPDZZLFU7YXSZDHEKOE7BXO/",
"source": "chrome-cve-admin@google.com"
},
{
"url": "https://www.debian.org/security/2023/dsa-5526",
"source": "chrome-cve-admin@google.com"

68
CVE-2023/CVE-2023-54xx/CVE-2023-5470.json
View File

@ -2,19 +2,43 @@
"id": "CVE-2023-5470",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-10-12T07:15:11.120",
"lastModified": "2023-10-12T12:59:34.797",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-14T02:20:55.440",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The Etsy Shop plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'etsy-shop' shortcode in versions up to, and including, 3.0.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
},
{
"lang": "es",
"value": "El complemento Etsy Shop para WordPress es vulnerable a Cross-Site Scripting almacenado a trav\u00e9s del shortcode 'etsy-shop' en versiones hasta la 3.0.4 incluida, debido a una sanitizaci\u00f3n de entrada y a un escape de la salida en los atributos proporcionados por el usuario insuficientes. Esto hace posible que atacantes autenticados con permisos de nivel de colaborador y superiores inyecten scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
@ -46,22 +70,52 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:etsy_shop_project:etsy_shop:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "3.0.4",
"matchCriteriaId": "12DBB532-69CA-4F26-925D-00A378870FD7"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/etsy-shop/tags/3.0.4/etsy-shop.php#L417",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/etsy-shop/tags/3.0.4/etsy-shop.php#L94",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/2977260/etsy-shop#file1",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e4696f7a-8b87-4376-b4c9-596eca30b38c?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

12
CVE-2023/CVE-2023-54xx/CVE-2023-5475.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-5475",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-10-11T23:15:10.603",
"lastModified": "2023-10-13T02:15:10.317",
"vulnStatus": "Modified",
"lastModified": "2023-10-14T03:15:10.380",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
"lang": "en",
"value": "Inappropriate implementation in DevTools in Google Chrome prior to 118.0.5993.70 allowed an attacker who convinced a user to install a malicious extension to bypass discretionary access control via a crafted Chrome Extension. (Chromium security severity: Medium)"
},
{
"lang": "es",
"value": "La implementaci\u00f3n inadecuada de DevTools en Google Chrome anterior a 118.0.5993.70 permiti\u00f3 a un atacante que convenci\u00f3 a un usuario de instalar una extensi\u00f3n maliciosa para evitar el control de acceso discrecional a trav\u00e9s de una extensi\u00f3n de Chrome manipulada. (Severidad de seguridad de Chromium: Media)"
}
],
"metrics": {
@ -80,6 +84,10 @@
"Permissions Required"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F5QCMP6KKWPDZZLFU7YXSZDHEKOE7BXO/",
"source": "chrome-cve-admin@google.com"
},
{
"url": "https://www.debian.org/security/2023/dsa-5526",
"source": "chrome-cve-admin@google.com"

12
CVE-2023/CVE-2023-54xx/CVE-2023-5484.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-5484",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-10-11T23:15:10.950",
"lastModified": "2023-10-13T02:15:10.833",
"vulnStatus": "Modified",
"lastModified": "2023-10-14T03:15:10.463",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
"lang": "en",
"value": "Inappropriate implementation in Navigation in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to spoof security UI via a crafted HTML page. (Chromium security severity: Medium)"
},
{
"lang": "es",
"value": "La implementaci\u00f3n inadecuada de la navegaci\u00f3n en Google Chrome anterior a 118.0.5993.70 permiti\u00f3 a un atacante remoto falsificar la interfaz de usuario de seguridad a trav\u00e9s de una p\u00e1gina HTML manipulada. (Severidad de seguridad de Chromium: Media)"
}
],
"metrics": {
@ -80,6 +84,10 @@
"Permissions Required"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F5QCMP6KKWPDZZLFU7YXSZDHEKOE7BXO/",
"source": "chrome-cve-admin@google.com"
},
{
"url": "https://www.debian.org/security/2023/dsa-5526",
"source": "chrome-cve-admin@google.com"

12
CVE-2023/CVE-2023-54xx/CVE-2023-5487.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-5487",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-10-11T23:15:11.110",
"lastModified": "2023-10-13T02:15:11.007",
"vulnStatus": "Modified",
"lastModified": "2023-10-14T03:15:10.550",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
"lang": "en",
"value": "Inappropriate implementation in Fullscreen in Google Chrome prior to 118.0.5993.70 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. (Chromium security severity: Medium)"
},
{
"lang": "es",
"value": "La implementaci\u00f3n inadecuada de Fullscreen en Google Chrome anterior a 118.0.5993.70 permiti\u00f3 a un atacante convencer a un usuario de instalar una extensi\u00f3n maliciosa para evitar las restricciones de navegaci\u00f3n a trav\u00e9s de una extensi\u00f3n de Chrome manipulada. (Severidad de seguridad de Chromium: Media)"
}
],
"metrics": {
@ -80,6 +84,10 @@
"Permissions Required"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F5QCMP6KKWPDZZLFU7YXSZDHEKOE7BXO/",
"source": "chrome-cve-admin@google.com"
},
{
"url": "https://www.debian.org/security/2023/dsa-5526",
"source": "chrome-cve-admin@google.com"

57
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-10-14T02:00:24.970767+00:00
2023-10-14T04:00:24.306197+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-10-14T01:55:51.437000+00:00
2023-10-14T03:15:10.550000+00:00
```
### Last Data Feed Release
@ -29,40 +29,45 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
227784
227786
```
### CVEs added in the last Commit
Recently added CVEs: `1`
Recently added CVEs: `2`
* [CVE-2023-45674](CVE-2023/CVE-2023-456xx/CVE-2023-45674.json) (`2023-10-14T00:15:10.143`)
* [CVE-2023-45852](CVE-2023/CVE-2023-458xx/CVE-2023-45852.json) (`2023-10-14T02:15:09.270`)
* [CVE-2023-45853](CVE-2023/CVE-2023-458xx/CVE-2023-45853.json) (`2023-10-14T02:15:09.323`)
### CVEs modified in the last Commit
Recently modified CVEs: `20`
Recently modified CVEs: `24`
* [CVE-2023-4911](CVE-2023/CVE-2023-49xx/CVE-2023-4911.json) (`2023-10-14T00:15:10.243`)
* [CVE-2023-44487](CVE-2023/CVE-2023-444xx/CVE-2023-44487.json) (`2023-10-14T01:15:46.647`)
* [CVE-2023-35654](CVE-2023/CVE-2023-356xx/CVE-2023-35654.json) (`2023-10-14T01:44:18.977`)
* [CVE-2023-35655](CVE-2023/CVE-2023-356xx/CVE-2023-35655.json) (`2023-10-14T01:44:43.167`)
* [CVE-2023-38218](CVE-2023/CVE-2023-382xx/CVE-2023-38218.json) (`2023-10-14T01:47:06.707`)
* [CVE-2023-38219](CVE-2023/CVE-2023-382xx/CVE-2023-38219.json) (`2023-10-14T01:47:31.190`)
* [CVE-2023-38220](CVE-2023/CVE-2023-382xx/CVE-2023-38220.json) (`2023-10-14T01:47:42.457`)
* [CVE-2023-38221](CVE-2023/CVE-2023-382xx/CVE-2023-38221.json) (`2023-10-14T01:48:06.990`)
* [CVE-2023-38249](CVE-2023/CVE-2023-382xx/CVE-2023-38249.json) (`2023-10-14T01:48:13.133`)
* [CVE-2023-38250](CVE-2023/CVE-2023-382xx/CVE-2023-38250.json) (`2023-10-14T01:48:28.497`)
* [CVE-2023-38251](CVE-2023/CVE-2023-382xx/CVE-2023-38251.json) (`2023-10-14T01:48:38.493`)
* [CVE-2023-34977](CVE-2023/CVE-2023-349xx/CVE-2023-34977.json) (`2023-10-14T01:49:11.190`)
* [CVE-2023-44996](CVE-2023/CVE-2023-449xx/CVE-2023-44996.json) (`2023-10-14T01:49:41.830`)
* [CVE-2023-35646](CVE-2023/CVE-2023-356xx/CVE-2023-35646.json) (`2023-10-14T01:51:33.463`)
* [CVE-2023-35647](CVE-2023/CVE-2023-356xx/CVE-2023-35647.json) (`2023-10-14T01:51:55.580`)
* [CVE-2023-35648](CVE-2023/CVE-2023-356xx/CVE-2023-35648.json) (`2023-10-14T01:52:29.360`)
* [CVE-2023-35653](CVE-2023/CVE-2023-356xx/CVE-2023-35653.json) (`2023-10-14T01:53:05.593`)
* [CVE-2023-26367](CVE-2023/CVE-2023-263xx/CVE-2023-26367.json) (`2023-10-14T01:55:23.770`)
* [CVE-2023-38217](CVE-2023/CVE-2023-382xx/CVE-2023-38217.json) (`2023-10-14T01:55:40.983`)
* [CVE-2023-26370](CVE-2023/CVE-2023-263xx/CVE-2023-26370.json) (`2023-10-14T01:55:51.437`)
* [CVE-2022-3431](CVE-2022/CVE-2022-34xx/CVE-2022-3431.json) (`2023-10-14T02:23:44.330`)
* [CVE-2022-22995](CVE-2022/CVE-2022-229xx/CVE-2022-22995.json) (`2023-10-14T03:15:09.393`)
* [CVE-2022-48337](CVE-2022/CVE-2022-483xx/CVE-2022-48337.json) (`2023-10-14T03:15:09.567`)
* [CVE-2022-48338](CVE-2022/CVE-2022-483xx/CVE-2022-48338.json) (`2023-10-14T03:15:09.650`)
* [CVE-2022-48339](CVE-2022/CVE-2022-483xx/CVE-2022-48339.json) (`2023-10-14T03:15:09.723`)
* [CVE-2023-44846](CVE-2023/CVE-2023-448xx/CVE-2023-44846.json) (`2023-10-14T02:15:52.660`)
* [CVE-2023-44847](CVE-2023/CVE-2023-448xx/CVE-2023-44847.json) (`2023-10-14T02:16:27.750`)
* [CVE-2023-44848](CVE-2023/CVE-2023-448xx/CVE-2023-44848.json) (`2023-10-14T02:16:39.717`)
* [CVE-2023-45047](CVE-2023/CVE-2023-450xx/CVE-2023-45047.json) (`2023-10-14T02:19:12.007`)
* [CVE-2023-44110](CVE-2023/CVE-2023-441xx/CVE-2023-44110.json) (`2023-10-14T02:19:27.097`)
* [CVE-2023-5470](CVE-2023/CVE-2023-54xx/CVE-2023-5470.json) (`2023-10-14T02:20:55.440`)
* [CVE-2023-23651](CVE-2023/CVE-2023-236xx/CVE-2023-23651.json) (`2023-10-14T02:21:03.983`)
* [CVE-2023-26366](CVE-2023/CVE-2023-263xx/CVE-2023-26366.json) (`2023-10-14T02:22:03.000`)
* [CVE-2023-45205](CVE-2023/CVE-2023-452xx/CVE-2023-45205.json) (`2023-10-14T02:24:01.100`)
* [CVE-2023-43788](CVE-2023/CVE-2023-437xx/CVE-2023-43788.json) (`2023-10-14T02:24:34.383`)
* [CVE-2023-38640](CVE-2023/CVE-2023-386xx/CVE-2023-38640.json) (`2023-10-14T02:43:46.027`)
* [CVE-2023-35074](CVE-2023/CVE-2023-350xx/CVE-2023-35074.json) (`2023-10-14T03:15:09.803`)
* [CVE-2023-39928](CVE-2023/CVE-2023-399xx/CVE-2023-39928.json) (`2023-10-14T03:15:09.890`)
* [CVE-2023-41074](CVE-2023/CVE-2023-410xx/CVE-2023-41074.json) (`2023-10-14T03:15:10.020`)
* [CVE-2023-41993](CVE-2023/CVE-2023-419xx/CVE-2023-41993.json) (`2023-10-14T03:15:10.120`)
* [CVE-2023-5218](CVE-2023/CVE-2023-52xx/CVE-2023-5218.json) (`2023-10-14T03:15:10.277`)
* [CVE-2023-5475](CVE-2023/CVE-2023-54xx/CVE-2023-5475.json) (`2023-10-14T03:15:10.380`)
* [CVE-2023-5484](CVE-2023/CVE-2023-54xx/CVE-2023-5484.json) (`2023-10-14T03:15:10.463`)
* [CVE-2023-5487](CVE-2023/CVE-2023-54xx/CVE-2023-5487.json) (`2023-10-14T03:15:10.550`)
## Download and Usage