admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-21 17:41:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-12-08T23:00:18.203287+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-12-08 23:00:21 +00:00
parent 829667b86c
commit 49a14199ea
19 changed files with 372 additions and 101 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
CVE-2014/CVE-2014-1250xx/CVE-2014-125075.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2014-125075",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-01-11T19:15:09.013",
"lastModified": "2023-11-07T02:18:41.837",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-12-08T21:24:26.043",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -33,7 +33,7 @@
"impactScore": 5.9
},
{
"source": "1af790b2-7ee1-4545-860a-a788eba489b5",
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -55,7 +55,7 @@
],
"cvssMetricV2": [
{
"source": "1af790b2-7ee1-4545-860a-a788eba489b5",
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
@ -81,7 +81,7 @@
},
"weaknesses": [
{
"source": "1af790b2-7ee1-4545-860a-a788eba489b5",
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
@ -113,14 +113,14 @@
"url": "https://github.com/ChrisMcMStone/gmail-servlet/commit/5d72753c2e95bb373aa86824939397dc25f679ea",
"source": "cna@vuldb.com",
"tags": [
"Patch",
"Third Party Advisory"
"Patch"
]
},
{
"url": "https://vuldb.com/?ctiid.218021",
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},

16
CVE-2014/CVE-2014-1251xx/CVE-2014-125101.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2014-125101",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-05-28T13:15:09.347",
"lastModified": "2023-11-07T02:18:48.340",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-12-08T21:27:02.623",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -33,7 +33,7 @@
"impactScore": 5.9
},
{
"source": "1af790b2-7ee1-4545-860a-a788eba489b5",
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -55,7 +55,7 @@
],
"cvssMetricV2": [
{
"source": "1af790b2-7ee1-4545-860a-a788eba489b5",
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
@ -91,7 +91,7 @@
]
},
{
"source": "1af790b2-7ee1-4545-860a-a788eba489b5",
"source": "cna@vuldb.com",
"type": "Secondary",
"description": [
{
@ -131,14 +131,16 @@
"url": "https://vuldb.com/?ctiid.230085",
"source": "cna@vuldb.com",
"tags": [
"Permissions Required"
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.230085",
"source": "cna@vuldb.com",
"tags": [
"Permissions Required"
"Permissions Required",
"Third Party Advisory"
]
}
]

10
CVE-2015/CVE-2015-100xx/CVE-2015-10092.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2015-10092",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-03-06T06:15:09.733",
"lastModified": "2023-11-07T02:23:53.100",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-12-08T21:29:35.770",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -33,7 +33,7 @@
"impactScore": 2.7
},
{
"source": "1af790b2-7ee1-4545-860a-a788eba489b5",
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -55,7 +55,7 @@
],
"cvssMetricV2": [
{
"source": "1af790b2-7ee1-4545-860a-a788eba489b5",
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
@ -81,7 +81,7 @@
},
"weaknesses": [
{
"source": "1af790b2-7ee1-4545-860a-a788eba489b5",
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{

16
CVE-2017/CVE-2017-201xx/CVE-2017-20172.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2017-20172",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-01-18T15:15:11.083",
"lastModified": "2023-11-07T02:43:23.167",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-12-08T21:31:12.723",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -33,7 +33,7 @@
"impactScore": 5.9
},
{
"source": "1af790b2-7ee1-4545-860a-a788eba489b5",
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -55,7 +55,7 @@
],
"cvssMetricV2": [
{
"source": "1af790b2-7ee1-4545-860a-a788eba489b5",
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
@ -81,7 +81,7 @@
},
"weaknesses": [
{
"source": "1af790b2-7ee1-4545-860a-a788eba489b5",
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
@ -114,16 +114,14 @@
"url": "https://github.com/ridhoq/soundslike/commit/90bb4fb667d9253d497b619b9adaac83bf0ce0f8",
"source": "cna@vuldb.com",
"tags": [
"Patch",
"Third Party Advisory"
"Patch"
]
},
{
"url": "https://github.com/ridhoq/soundslike/pull/5",
"source": "cna@vuldb.com",
"tags": [
"Patch",
"Third Party Advisory"
"Patch"
]
},
{

25
CVE-2020/CVE-2020-238xx/CVE-2020-23804.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2020-23804",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-22T19:16:19.520",
"lastModified": "2023-10-16T14:15:10.247",
"vulnStatus": "Modified",
"lastModified": "2023-12-08T21:04:59.190",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -61,6 +61,21 @@
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"
}
]
}
]
}
],
"references": [
@ -76,7 +91,11 @@
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00022.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
}
]
}

10
CVE-2022/CVE-2022-301xx/CVE-2022-30122.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2022-30122",
"sourceIdentifier": "support@hackerone.com",
"published": "2022-12-05T22:15:10.227",
"lastModified": "2023-10-30T12:15:08.747",
"lastModified": "2023-12-08T22:15:07.127",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
"lang": "en",
"value": "A possible denial of service vulnerability exists in Rack <2.0.9.1, <2.1.4.1 and <2.2.3.1 in the multipart parsing component of Rack."
},
{
"lang": "es",
"value": "Existe una posible vulnerabilidad de Denegaci\u00f3n de Servicio (DoS) en Rack &lt;2.0.9.1, &lt;2.1.4.1 y &lt;2.2.3.1 en el componente de an\u00e1lisis multiparte de Rack."
}
],
"metrics": {
@ -101,6 +105,10 @@
"url": "https://security.gentoo.org/glsa/202310-18",
"source": "support@hackerone.com"
},
{
"url": "https://security.netapp.com/advisory/ntap-20231208-0012/",
"source": "support@hackerone.com"
},
{
"url": "https://www.debian.org/security/2023/dsa-5530",
"source": "support@hackerone.com"

12
CVE-2022/CVE-2022-301xx/CVE-2022-30123.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2022-30123",
"sourceIdentifier": "support@hackerone.com",
"published": "2022-12-05T22:15:10.280",
"lastModified": "2023-11-18T02:44:55.907",
"vulnStatus": "Analyzed",
"lastModified": "2023-12-08T22:15:07.257",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "A sequence injection vulnerability exists in Rack <2.0.9.1, <2.1.4.1 and <2.2.3.1 which could allow is a possible shell escape in the Lint and CommonLogger components of Rack."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad de inyecci\u00f3n de secuencia en Rack &lt;2.0.9.1, &lt;2.1.4.1 y &lt;2.2.3.1 que podr\u00eda permitir un posible escape de shell en los componentes Lint y CommonLogger de Rack."
}
],
"metrics": {
@ -118,6 +122,10 @@
"Third Party Advisory"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20231208-0011/",
"source": "support@hackerone.com"
},
{
"url": "https://www.debian.org/security/2023/dsa-5530",
"source": "support@hackerone.com",

6
CVE-2022/CVE-2022-445xx/CVE-2022-44570.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-44570",
"sourceIdentifier": "support@hackerone.com",
"published": "2023-02-09T20:15:11.090",
"lastModified": "2023-10-22T19:15:08.540",
"lastModified": "2023-12-08T22:15:07.350",
"vulnStatus": "Modified",
"descriptions": [
{
@ -105,6 +105,10 @@
"Vendor Advisory"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20231208-0010/",
"source": "support@hackerone.com"
},
{
"url": "https://www.debian.org/security/2023/dsa-5530",
"source": "support@hackerone.com"

6
CVE-2022/CVE-2022-445xx/CVE-2022-44571.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-44571",
"sourceIdentifier": "support@hackerone.com",
"published": "2023-02-09T20:15:11.153",
"lastModified": "2023-10-22T19:15:08.620",
"lastModified": "2023-12-08T22:15:07.447",
"vulnStatus": "Modified",
"descriptions": [
{
@ -105,6 +105,10 @@
"Vendor Advisory"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20231208-0013/",
"source": "support@hackerone.com"
},
{
"url": "https://www.debian.org/security/2023/dsa-5530",
"source": "support@hackerone.com"

6
CVE-2022/CVE-2022-445xx/CVE-2022-44572.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-44572",
"sourceIdentifier": "support@hackerone.com",
"published": "2023-02-09T20:15:11.220",
"lastModified": "2023-10-22T19:15:08.690",
"lastModified": "2023-12-08T22:15:07.523",
"vulnStatus": "Modified",
"descriptions": [
{
@ -97,6 +97,10 @@
"Third Party Advisory"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20231208-0014/",
"source": "support@hackerone.com"
},
{
"url": "https://www.debian.org/security/2023/dsa-5530",
"source": "support@hackerone.com"

91
CVE-2023/CVE-2023-219xx/CVE-2023-21911.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-21911",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2023-04-18T20:15:12.583",
"lastModified": "2023-09-16T04:15:20.810",
"vulnStatus": "Modified",
"lastModified": "2023-12-08T21:17:44.963",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.32 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)."
},
{
"lang": "es",
"value": "Vulnerabilidad en el producto MySQL Server de Oracle MySQL (componente: InnoDB). Las versiones compatibles que se ven afectadas son la 8.0.32 y anteriores. Una vulnerabilidad f\u00e1cilmente explotable permite que un atacante con altos privilegios y acceso a la red a trav\u00e9s de m\u00faltiples protocolos comprometa el servidor MySQL. Los ataques exitosos a esta vulnerabilidad pueden resultar en una capacidad no autorizada de provocar un bloqueo o una falla frecuentemente repetible (DOS completo) del servidor MySQL. CVSS 3.1 Puntuaci\u00f3n base 4.9 (impactos en la disponibilidad). Vector CVSS: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)."
}
],
"metrics": {
@ -63,24 +67,99 @@
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
"matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*",
"matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "3A756737-1CC4-42C2-A4DF-E1C893B4E2D5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*",
"matchCriteriaId": "B55E8D50-99B4-47EC-86F9-699B67D473CE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1BE6C1F-2565-4E97-92AA-16563E5660A5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5735E553-9731-4AAC-BCFF-989377F817B3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BDFB1169-41A0-4A86-8E4F-FDA9730B1E94"
}
]
}
]
}
],
"references": [
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C63HAGVLQA6FJNDCHR7CNZZL6VSLILB2/",
"source": "secalert_us@oracle.com"
"source": "secalert_us@oracle.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JEHRBBYYTPA4DETOM5XAKGCP37NUTLOA/",
"source": "secalert_us@oracle.com"
"source": "secalert_us@oracle.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QYLDK6ODVC4LJSDULLX6Q2YHTFOWABCN/",
"source": "secalert_us@oracle.com"
"source": "secalert_us@oracle.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20230427-0007/",
"source": "secalert_us@oracle.com"
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2023.html",

91
CVE-2023/CVE-2023-219xx/CVE-2023-21919.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-21919",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2023-04-18T20:15:13.090",
"lastModified": "2023-09-16T04:15:21.007",
"vulnStatus": "Modified",
"lastModified": "2023-12-08T21:18:54.210",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.32 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)."
},
{
"lang": "es",
"value": "Vulnerabilidad en el producto MySQL Server de Oracle MySQL (componente: Servidor: DDL). Las versiones compatibles que se ven afectadas son la 8.0.32 y anteriores. Una vulnerabilidad f\u00e1cilmente explotable permite que un atacante con altos privilegios y acceso a la red a trav\u00e9s de m\u00faltiples protocolos comprometa el servidor MySQL. Los ataques exitosos a esta vulnerabilidad pueden resultar en una capacidad no autorizada de provocar un bloqueo o una falla frecuentemente repetible (DOS completo) del servidor MySQL. CVSS 3.1 Puntuaci\u00f3n base 4.9 (impactos en la disponibilidad). Vector CVSS: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)."
}
],
"metrics": {
@ -63,24 +67,99 @@
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
"matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*",
"matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "3A756737-1CC4-42C2-A4DF-E1C893B4E2D5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*",
"matchCriteriaId": "B55E8D50-99B4-47EC-86F9-699B67D473CE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1BE6C1F-2565-4E97-92AA-16563E5660A5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5735E553-9731-4AAC-BCFF-989377F817B3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BDFB1169-41A0-4A86-8E4F-FDA9730B1E94"
}
]
}
]
}
],
"references": [
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C63HAGVLQA6FJNDCHR7CNZZL6VSLILB2/",
"source": "secalert_us@oracle.com"
"source": "secalert_us@oracle.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JEHRBBYYTPA4DETOM5XAKGCP37NUTLOA/",
"source": "secalert_us@oracle.com"
"source": "secalert_us@oracle.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QYLDK6ODVC4LJSDULLX6Q2YHTFOWABCN/",
"source": "secalert_us@oracle.com"
"source": "secalert_us@oracle.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20230427-0007/",
"source": "secalert_us@oracle.com"
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2023.html",

8
CVE-2023/CVE-2023-275xx/CVE-2023-27530.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-27530",
"sourceIdentifier": "support@hackerone.com",
"published": "2023-03-10T22:15:10.497",
"lastModified": "2023-11-04T02:46:04.243",
"vulnStatus": "Analyzed",
"lastModified": "2023-12-08T22:15:07.603",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -132,6 +132,10 @@
"Third Party Advisory"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20231208-0015/",
"source": "support@hackerone.com"
},
{
"url": "https://www.debian.org/security/2023/dsa-5530",
"source": "support@hackerone.com",

10
CVE-2023/CVE-2023-30xx/CVE-2023-3085.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3085",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-06-03T11:15:21.443",
"lastModified": "2023-11-07T04:17:52.167",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-12-08T21:16:21.743",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -37,7 +37,7 @@
"impactScore": 2.7
},
{
"source": "1af790b2-7ee1-4545-860a-a788eba489b5",
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -59,7 +59,7 @@
],
"cvssMetricV2": [
{
"source": "1af790b2-7ee1-4545-860a-a788eba489b5",
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
@ -95,7 +95,7 @@
]
},
{
"source": "1af790b2-7ee1-4545-860a-a788eba489b5",
"source": "cna@vuldb.com",
"type": "Secondary",
"description": [
{

20
CVE-2023/CVE-2023-343xx/CVE-2023-34320.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-34320",
"sourceIdentifier": "security@xen.org",
"published": "2023-12-08T21:15:07.353",
"lastModified": "2023-12-08T21:15:07.353",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Cortex-A77 cores (r0p0 and r1p0) are affected by erratum 1508412\nwhere software, under certain circumstances, could deadlock a core\ndue to the execution of either a load to device or non-cacheable memory,\nand either a store exclusive or register read of the Physical\nAddress Register (PAR_EL1) in close proximity.\n"
}
],
"metrics": {},
"references": [
{
"url": "https://xenbits.xenproject.org/xsa/advisory-436.html",
"source": "security@xen.org"
}
]
}

5
CVE-2023/CVE-2023-454xx/CVE-2023-45463.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-45463",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-13T13:15:11.987",
"lastModified": "2023-10-16T18:33:53.557",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-12-08T21:01:43.550",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -85,6 +85,7 @@
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Product",
"Third Party Advisory"
]
}

8
CVE-2023/CVE-2023-492xx/CVE-2023-49284.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-49284",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-12-05T00:15:08.737",
"lastModified": "2023-12-08T17:26:11.893",
"vulnStatus": "Analyzed",
"lastModified": "2023-12-08T21:15:07.433",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -89,6 +89,10 @@
}
],
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2023/12/08/1",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/fish-shell/fish-shell/commit/09986f5563e31e2c900a606438f1d60d008f3a14",
"source": "security-advisories@github.com",

55
CVE-2023/CVE-2023-63xx/CVE-2023-6337.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-6337",
"sourceIdentifier": "security@hashicorp.com",
"published": "2023-12-08T22:15:07.713",
"lastModified": "2023-12-08T22:15:07.713",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "HashiCorp Vault and Vault Enterprise 1.12.0 and newer are vulnerable to a denial of service through memory exhaustion of the host when handling large unauthenticated and authenticated HTTP requests from a client. Vault will attempt to map the request to memory, resulting in the exhaustion of available memory on the host, which may cause Vault to crash.\n\nFixed in\u00a0Vault 1.15.4, 1.14.8, 1.13.12.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@hashicorp.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security@hashicorp.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-770"
}
]
}
],
"references": [
{
"url": "https://discuss.hashicorp.com/t/hcsec-2023-34-vault-vulnerable-to-denial-of-service-through-memory-exhaustion-when-handling-large-http-requests/60741",
"source": "security@hashicorp.com"
}
]
}

64
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-12-08T21:00:18.914884+00:00
2023-12-08T23:00:18.203287+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-12-08T20:57:31.813000+00:00
2023-12-08T22:15:07.713000+00:00
```
### Last Data Feed Release
@ -29,55 +29,37 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
232641
232643
```
### CVEs added in the last Commit
Recently added CVEs: `11`
Recently added CVEs: `2`
* [CVE-2023-6507](CVE-2023/CVE-2023-65xx/CVE-2023-6507.json) (`2023-12-08T19:15:08.440`)
* [CVE-2023-46493](CVE-2023/CVE-2023-464xx/CVE-2023-46493.json) (`2023-12-08T20:15:07.203`)
* [CVE-2023-46494](CVE-2023/CVE-2023-464xx/CVE-2023-46494.json) (`2023-12-08T20:15:07.257`)
* [CVE-2023-46495](CVE-2023/CVE-2023-464xx/CVE-2023-46495.json) (`2023-12-08T20:15:07.313`)
* [CVE-2023-46496](CVE-2023/CVE-2023-464xx/CVE-2023-46496.json) (`2023-12-08T20:15:07.373`)
* [CVE-2023-46497](CVE-2023/CVE-2023-464xx/CVE-2023-46497.json) (`2023-12-08T20:15:07.420`)
* [CVE-2023-46498](CVE-2023/CVE-2023-464xx/CVE-2023-46498.json) (`2023-12-08T20:15:07.473`)
* [CVE-2023-46499](CVE-2023/CVE-2023-464xx/CVE-2023-46499.json) (`2023-12-08T20:15:07.523`)
* [CVE-2023-48311](CVE-2023/CVE-2023-483xx/CVE-2023-48311.json) (`2023-12-08T20:15:07.573`)
* [CVE-2023-49782](CVE-2023/CVE-2023-497xx/CVE-2023-49782.json) (`2023-12-08T20:15:07.783`)
* [CVE-2023-49788](CVE-2023/CVE-2023-497xx/CVE-2023-49788.json) (`2023-12-08T20:15:07.993`)
* [CVE-2023-34320](CVE-2023/CVE-2023-343xx/CVE-2023-34320.json) (`2023-12-08T21:15:07.353`)
* [CVE-2023-6337](CVE-2023/CVE-2023-63xx/CVE-2023-6337.json) (`2023-12-08T22:15:07.713`)
### CVEs modified in the last Commit
Recently modified CVEs: `55`
Recently modified CVEs: `16`
* [CVE-2023-48693](CVE-2023/CVE-2023-486xx/CVE-2023-48693.json) (`2023-12-08T19:24:21.413`)
* [CVE-2023-42567](CVE-2023/CVE-2023-425xx/CVE-2023-42567.json) (`2023-12-08T19:30:57.537`)
* [CVE-2023-48694](CVE-2023/CVE-2023-486xx/CVE-2023-48694.json) (`2023-12-08T19:32:12.633`)
* [CVE-2023-42568](CVE-2023/CVE-2023-425xx/CVE-2023-42568.json) (`2023-12-08T19:35:34.093`)
* [CVE-2023-48696](CVE-2023/CVE-2023-486xx/CVE-2023-48696.json) (`2023-12-08T19:36:56.413`)
* [CVE-2023-48697](CVE-2023/CVE-2023-486xx/CVE-2023-48697.json) (`2023-12-08T19:41:59.550`)
* [CVE-2023-42562](CVE-2023/CVE-2023-425xx/CVE-2023-42562.json) (`2023-12-08T19:53:59.103`)
* [CVE-2023-42561](CVE-2023/CVE-2023-425xx/CVE-2023-42561.json) (`2023-12-08T19:54:52.720`)
* [CVE-2023-42560](CVE-2023/CVE-2023-425xx/CVE-2023-42560.json) (`2023-12-08T19:55:47.237`)
* [CVE-2023-42558](CVE-2023/CVE-2023-425xx/CVE-2023-42558.json) (`2023-12-08T19:57:46.590`)
* [CVE-2023-42556](CVE-2023/CVE-2023-425xx/CVE-2023-42556.json) (`2023-12-08T20:13:16.467`)
* [CVE-2023-42559](CVE-2023/CVE-2023-425xx/CVE-2023-42559.json) (`2023-12-08T20:14:34.330`)
* [CVE-2023-5808](CVE-2023/CVE-2023-58xx/CVE-2023-5808.json) (`2023-12-08T20:15:08.200`)
* [CVE-2023-42557](CVE-2023/CVE-2023-425xx/CVE-2023-42557.json) (`2023-12-08T20:16:19.493`)
* [CVE-2023-6606](CVE-2023/CVE-2023-66xx/CVE-2023-6606.json) (`2023-12-08T20:18:15.033`)
* [CVE-2023-6610](CVE-2023/CVE-2023-66xx/CVE-2023-6610.json) (`2023-12-08T20:18:15.033`)
* [CVE-2023-6615](CVE-2023/CVE-2023-66xx/CVE-2023-6615.json) (`2023-12-08T20:18:15.033`)
* [CVE-2023-6616](CVE-2023/CVE-2023-66xx/CVE-2023-6616.json) (`2023-12-08T20:18:15.033`)
* [CVE-2023-6617](CVE-2023/CVE-2023-66xx/CVE-2023-6617.json) (`2023-12-08T20:18:15.033`)
* [CVE-2023-6618](CVE-2023/CVE-2023-66xx/CVE-2023-6618.json) (`2023-12-08T20:18:15.033`)
* [CVE-2023-6619](CVE-2023/CVE-2023-66xx/CVE-2023-6619.json) (`2023-12-08T20:18:15.033`)
* [CVE-2023-6622](CVE-2023/CVE-2023-66xx/CVE-2023-6622.json) (`2023-12-08T20:18:15.033`)
* [CVE-2023-1380](CVE-2023/CVE-2023-13xx/CVE-2023-1380.json) (`2023-12-08T20:45:02.020`)
* [CVE-2023-2002](CVE-2023/CVE-2023-20xx/CVE-2023-2002.json) (`2023-12-08T20:48:30.057`)
* [CVE-2023-41419](CVE-2023/CVE-2023-414xx/CVE-2023-41419.json) (`2023-12-08T20:51:32.543`)
* [CVE-2014-125075](CVE-2014/CVE-2014-1250xx/CVE-2014-125075.json) (`2023-12-08T21:24:26.043`)
* [CVE-2014-125101](CVE-2014/CVE-2014-1251xx/CVE-2014-125101.json) (`2023-12-08T21:27:02.623`)
* [CVE-2015-10092](CVE-2015/CVE-2015-100xx/CVE-2015-10092.json) (`2023-12-08T21:29:35.770`)
* [CVE-2017-20172](CVE-2017/CVE-2017-201xx/CVE-2017-20172.json) (`2023-12-08T21:31:12.723`)
* [CVE-2020-23804](CVE-2020/CVE-2020-238xx/CVE-2020-23804.json) (`2023-12-08T21:04:59.190`)
* [CVE-2022-30122](CVE-2022/CVE-2022-301xx/CVE-2022-30122.json) (`2023-12-08T22:15:07.127`)
* [CVE-2022-30123](CVE-2022/CVE-2022-301xx/CVE-2022-30123.json) (`2023-12-08T22:15:07.257`)
* [CVE-2022-44570](CVE-2022/CVE-2022-445xx/CVE-2022-44570.json) (`2023-12-08T22:15:07.350`)
* [CVE-2022-44571](CVE-2022/CVE-2022-445xx/CVE-2022-44571.json) (`2023-12-08T22:15:07.447`)
* [CVE-2022-44572](CVE-2022/CVE-2022-445xx/CVE-2022-44572.json) (`2023-12-08T22:15:07.523`)
* [CVE-2023-45463](CVE-2023/CVE-2023-454xx/CVE-2023-45463.json) (`2023-12-08T21:01:43.550`)
* [CVE-2023-49284](CVE-2023/CVE-2023-492xx/CVE-2023-49284.json) (`2023-12-08T21:15:07.433`)
* [CVE-2023-3085](CVE-2023/CVE-2023-30xx/CVE-2023-3085.json) (`2023-12-08T21:16:21.743`)
* [CVE-2023-21911](CVE-2023/CVE-2023-219xx/CVE-2023-21911.json) (`2023-12-08T21:17:44.963`)
* [CVE-2023-21919](CVE-2023/CVE-2023-219xx/CVE-2023-21919.json) (`2023-12-08T21:18:54.210`)
* [CVE-2023-27530](CVE-2023/CVE-2023-275xx/CVE-2023-27530.json) (`2023-12-08T22:15:07.603`)
## Download and Usage