admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-19 17:31:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-04-28T00:00:24.560765+00:00

Browse Source
This commit is contained in:
René Helmke 2023-04-28 02:00:27 +02:00
parent ba46de9878
commit 48ba5590c7
10 changed files with 251 additions and 35 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
CVE-2019/CVE-2019-182xx/CVE-2019-18269.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2019-18269",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2019-12-16T20:15:15.773",
"lastModified": "2019-12-27T15:02:18.717",
"vulnStatus": "Analyzed",
"lastModified": "2023-04-27T23:15:14.657",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "In Omron PLC CJ series, all versions, and Omron PLC CS series, all versions, the software properly checks for the existence of a lock, but the lock can be externally controlled or influenced by an actor that is outside of the intended sphere of control."
"value": "\nOmron\u2019s CS and CJ series PLCs have an unrestricted externally accessible lock vulnerability. \n\n"
},
{
"lang": "es",
@ -108,6 +108,10 @@
}
],
"references": [
{
"url": "https://www.omron-cxone.com/security/2019-12-06_PLC_EN.pdf",
"source": "ics-cert@hq.dhs.gov"
},
{
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-346-02",
"source": "ics-cert@hq.dhs.gov",

32
CVE-2023/CVE-2023-19xx/CVE-2023-1967.json Normal file
View File

@ -0,0 +1,32 @@
{
"id": "CVE-2023-1967",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2023-04-27T22:15:09.187",
"lastModified": "2023-04-27T22:15:09.187",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Keysight N8844A Data Analytics Web Service deserializes untrusted data without sufficiently verifying the resulting data will be valid. "
}
],
"metrics": {},
"weaknesses": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-502"
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-115-01",
"source": "ics-cert@hq.dhs.gov"
}
]
}

20
CVE-2023/CVE-2023-273xx/CVE-2023-27350.json
View File

@ -2,8 +2,12 @@
"id": "CVE-2023-27350",
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"published": "2023-04-20T16:15:07.653",
"lastModified": "2023-04-20T23:15:06.840",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-04-27T22:15:09.740",
"vulnStatus": "Undergoing Analysis",
"cisaExploitAdd": "2023-04-21",
"cisaActionDue": "2023-05-12",
"cisaRequiredAction": "Apply updates per vendor instructions.",
"cisaVulnerabilityName": "PaperCut MF/NG Improper Access Control Vulnerability",
"descriptions": [
{
"lang": "en",
@ -47,6 +51,18 @@
}
],
"references": [
{
"url": "http://packetstormsecurity.com/files/171982/PaperCut-MF-NG-Authentication-Bypass-Remote-Code-Execution.html",
"source": "zdi-disclosures@trendmicro.com"
},
{
"url": "http://packetstormsecurity.com/files/172022/PaperCut-NG-MG-22.0.4-Authentication-Bypass.html",
"source": "zdi-disclosures@trendmicro.com"
},
{
"url": "https://news.sophos.com/en-us/2023/04/27/increased-exploitation-of-papercut-drawing-blood-around-the-internet/",
"source": "zdi-disclosures@trendmicro.com"
},
{
"url": "https://www.papercut.com/kb/Main/PO-1216-and-PO-1219",
"source": "zdi-disclosures@trendmicro.com"

32
CVE-2023/CVE-2023-283xx/CVE-2023-28384.json Normal file
View File

@ -0,0 +1,32 @@
{
"id": "CVE-2023-28384",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2023-04-27T23:15:14.867",
"lastModified": "2023-04-27T23:15:14.867",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "mySCADA myPRO versions 8.26.0 and prior has parameters which an authenticated user could exploit to inject arbitrary operating system commands."
}
],
"metrics": {},
"weaknesses": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-096-06",
"source": "ics-cert@hq.dhs.gov"
}
]
}

32
CVE-2023/CVE-2023-284xx/CVE-2023-28400.json Normal file
View File

@ -0,0 +1,32 @@
{
"id": "CVE-2023-28400",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2023-04-27T23:15:14.917",
"lastModified": "2023-04-27T23:15:14.917",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "mySCADA myPRO versions 8.26.0 and prior has parameters which an authenticated user could exploit to inject arbitrary operating system commands. "
}
],
"metrics": {},
"weaknesses": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-096-06",
"source": "ics-cert@hq.dhs.gov"
}
]
}

32
CVE-2023/CVE-2023-287xx/CVE-2023-28716.json Normal file
View File

@ -0,0 +1,32 @@
{
"id": "CVE-2023-28716",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2023-04-27T23:15:14.963",
"lastModified": "2023-04-27T23:15:14.963",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "mySCADA myPRO versions 8.26.0 and prior has parameters which an authenticated user could exploit to inject arbitrary operating system commands. "
}
],
"metrics": {},
"weaknesses": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-096-06",
"source": "ics-cert@hq.dhs.gov"
}
]
}

32
CVE-2023/CVE-2023-291xx/CVE-2023-29150.json Normal file
View File

@ -0,0 +1,32 @@
{
"id": "CVE-2023-29150",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2023-04-27T23:15:15.007",
"lastModified": "2023-04-27T23:15:15.007",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "mySCADA myPRO versions 8.26.0 and prior has parameters which an authenticated user could exploit to inject arbitrary operating system commands. "
}
],
"metrics": {},
"weaknesses": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-096-06",
"source": "ics-cert@hq.dhs.gov"
}
]
}

32
CVE-2023/CVE-2023-291xx/CVE-2023-29169.json Normal file
View File

@ -0,0 +1,32 @@
{
"id": "CVE-2023-29169",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2023-04-27T23:15:15.050",
"lastModified": "2023-04-27T23:15:15.050",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "mySCADA myPRO versions 8.26.0 and prior has parameters which an authenticated user could exploit to inject arbitrary operating system commands. "
}
],
"metrics": {},
"weaknesses": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-096-06",
"source": "ics-cert@hq.dhs.gov"
}
]
}

20
CVE-2023/CVE-2023-303xx/CVE-2023-30380.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-30380",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-27T22:15:09.917",
"lastModified": "2023-04-27T22:15:09.917",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An issue in the component /dialog/select_media.php of DedeCMS v5.7.107 allows attackers to execute a directory traversal."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/Howard512966/DedeCMS-v5.7.107-Directory-Traversal",
"source": "cve@mitre.org"
}
]
}

44
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-04-27T21:55:25.522143+00:00
2023-04-28T00:00:24.560765+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-04-27T21:15:10.783000+00:00
2023-04-27T23:15:15.050000+00:00
```
### Last Data Feed Release
@ -29,44 +29,28 @@ Download and Changelog: [Click](releases/latest)
### Total Number of included CVEs
```plain
213701
213708
```
### CVEs added in the last Commit
Recently added CVEs: `9`
Recently added CVEs: `7`
* [CVE-2022-25091](CVE-2022/CVE-2022-250xx/CVE-2022-25091.json) (`2023-04-27T21:15:10.343`)
* [CVE-2022-31647](CVE-2022/CVE-2022-316xx/CVE-2022-31647.json) (`2023-04-27T20:15:39.930`)
* [CVE-2022-34292](CVE-2022/CVE-2022-342xx/CVE-2022-34292.json) (`2023-04-27T20:15:40.070`)
* [CVE-2022-37326](CVE-2022/CVE-2022-373xx/CVE-2022-37326.json) (`2023-04-27T20:15:40.113`)
* [CVE-2022-38730](CVE-2022/CVE-2022-387xx/CVE-2022-38730.json) (`2023-04-27T20:15:40.153`)
* [CVE-2023-25437](CVE-2023/CVE-2023-254xx/CVE-2023-25437.json) (`2023-04-27T21:15:10.630`)
* [CVE-2023-29471](CVE-2023/CVE-2023-294xx/CVE-2023-29471.json) (`2023-04-27T21:15:10.710`)
* [CVE-2023-29489](CVE-2023/CVE-2023-294xx/CVE-2023-29489.json) (`2023-04-27T21:15:10.783`)
* [CVE-2023-29950](CVE-2023/CVE-2023-299xx/CVE-2023-29950.json) (`2023-04-27T20:15:40.207`)
* [CVE-2023-1967](CVE-2023/CVE-2023-19xx/CVE-2023-1967.json) (`2023-04-27T22:15:09.187`)
* [CVE-2023-28384](CVE-2023/CVE-2023-283xx/CVE-2023-28384.json) (`2023-04-27T23:15:14.867`)
* [CVE-2023-28400](CVE-2023/CVE-2023-284xx/CVE-2023-28400.json) (`2023-04-27T23:15:14.917`)
* [CVE-2023-28716](CVE-2023/CVE-2023-287xx/CVE-2023-28716.json) (`2023-04-27T23:15:14.963`)
* [CVE-2023-29150](CVE-2023/CVE-2023-291xx/CVE-2023-29150.json) (`2023-04-27T23:15:15.007`)
* [CVE-2023-29169](CVE-2023/CVE-2023-291xx/CVE-2023-29169.json) (`2023-04-27T23:15:15.050`)
* [CVE-2023-30380](CVE-2023/CVE-2023-303xx/CVE-2023-30380.json) (`2023-04-27T22:15:09.917`)
### CVEs modified in the last Commit
Recently modified CVEs: `16`
Recently modified CVEs: `2`
* [CVE-2021-0881](CVE-2021/CVE-2021-08xx/CVE-2021-0881.json) (`2023-04-27T20:29:10.367`)
* [CVE-2021-0882](CVE-2021/CVE-2021-08xx/CVE-2021-0882.json) (`2023-04-27T20:27:13.317`)
* [CVE-2021-0883](CVE-2021/CVE-2021-08xx/CVE-2021-0883.json) (`2023-04-27T20:32:39.413`)
* [CVE-2021-0884](CVE-2021/CVE-2021-08xx/CVE-2021-0884.json) (`2023-04-27T20:30:01.747`)
* [CVE-2023-20950](CVE-2023/CVE-2023-209xx/CVE-2023-20950.json) (`2023-04-27T20:42:01.237`)
* [CVE-2023-20967](CVE-2023/CVE-2023-209xx/CVE-2023-20967.json) (`2023-04-27T20:46:11.307`)
* [CVE-2023-21080](CVE-2023/CVE-2023-210xx/CVE-2023-21080.json) (`2023-04-27T20:45:58.033`)
* [CVE-2023-21081](CVE-2023/CVE-2023-210xx/CVE-2023-21081.json) (`2023-04-27T20:45:34.997`)
* [CVE-2023-24500](CVE-2023/CVE-2023-245xx/CVE-2023-24500.json) (`2023-04-27T20:15:23.703`)
* [CVE-2023-24501](CVE-2023/CVE-2023-245xx/CVE-2023-24501.json) (`2023-04-27T20:14:40.943`)
* [CVE-2023-24502](CVE-2023/CVE-2023-245xx/CVE-2023-24502.json) (`2023-04-27T20:13:46.637`)
* [CVE-2023-24503](CVE-2023/CVE-2023-245xx/CVE-2023-24503.json) (`2023-04-27T20:06:19.567`)
* [CVE-2023-24504](CVE-2023/CVE-2023-245xx/CVE-2023-24504.json) (`2023-04-27T20:04:37.783`)
* [CVE-2023-24685](CVE-2023/CVE-2023-246xx/CVE-2023-24685.json) (`2023-04-27T21:15:10.457`)
* [CVE-2023-28440](CVE-2023/CVE-2023-284xx/CVE-2023-28440.json) (`2023-04-27T20:23:17.573`)
* [CVE-2023-28839](CVE-2023/CVE-2023-288xx/CVE-2023-28839.json) (`2023-04-27T20:21:36.517`)
* [CVE-2019-18269](CVE-2019/CVE-2019-182xx/CVE-2019-18269.json) (`2023-04-27T23:15:14.657`)
* [CVE-2023-27350](CVE-2023/CVE-2023-273xx/CVE-2023-27350.json) (`2023-04-27T22:15:09.740`)
## Download and Usage