admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-21 17:41:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-10-12T16:00:24.623863+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-10-12 16:00:28 +00:00
parent d6ad5865e2
commit 49c37d3d38
26 changed files with 1597 additions and 211 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

52
CVE-2011/CVE-2011-43xx/CVE-2011-4330.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2011-4330", "id": "CVE-2011-4330",
"sourceIdentifier": "secalert@redhat.com", "sourceIdentifier": "secalert@redhat.com",
"published": "2012-01-27T15:55:04.597", "published": "2012-01-27T15:55:04.597",
"lastModified": "2023-02-13T04:32:50.167", "lastModified": "2023-10-12T14:13:03.737",
"vulnStatus": "Modified", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -62,8 +62,16 @@
"cpeMatch": [ "cpeMatch": [
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6:*:*:*:*:*:*:*", "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FC560CC-F785-42D5-A25B-1BA02E7AC464" "versionEndExcluding": "3.0.10",
"matchCriteriaId": "4BE792C8-F222-43B6-9EF2-68826728E97A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.1",
"versionEndExcluding": "3.1.2",
"matchCriteriaId": "24E7A674-804A-4E91-ABE4-FCCD7651F43E"
} }
] ]
} }
@ -73,27 +81,51 @@
"references": [ "references": [
{ {
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=bc5b8a9003132ae44559edd63a1623", "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=bc5b8a9003132ae44559edd63a1623",
"source": "secalert@redhat.com" "source": "secalert@redhat.com",
"tags": [
"Broken Link",
"Third Party Advisory"
]
}, },
{ {
"url": "http://www.openwall.com/lists/oss-security/2011/11/21/14", "url": "http://www.openwall.com/lists/oss-security/2011/11/21/14",
"source": "secalert@redhat.com" "source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
}, },
{ {
"url": "http://www.openwall.com/lists/oss-security/2011/11/21/5", "url": "http://www.openwall.com/lists/oss-security/2011/11/21/5",
"source": "secalert@redhat.com" "source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
}, },
{ {
"url": "http://www.securityfocus.com/bid/50750", "url": "http://www.securityfocus.com/bid/50750",
"source": "secalert@redhat.com" "source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}, },
{ {
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=755431", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=755431",
"source": "secalert@redhat.com" "source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
]
}, },
{ {
"url": "https://lkml.org/lkml/2011/11/9/303", "url": "https://lkml.org/lkml/2011/11/9/303",
"source": "secalert@redhat.com" "source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
} }
] ]
} }

82
CVE-2012/CVE-2012-21xx/CVE-2012-2123.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2012-2123", "id": "CVE-2012-2123",
"sourceIdentifier": "secalert@redhat.com", "sourceIdentifier": "secalert@redhat.com",
"published": "2012-05-17T11:00:38.367", "published": "2012-05-17T11:00:38.367",
"lastModified": "2023-02-13T00:24:15.200", "lastModified": "2023-10-12T14:12:18.073",
"vulnStatus": "Modified", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -63,8 +63,22 @@
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.1", "versionEndExcluding": "3.0.29",
"matchCriteriaId": "A414BCFE-F436-4E67-BF24-05766DA92376" "matchCriteriaId": "78E044CC-A7B5-4457-9CE9-C1B6A2151C9C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.1",
"versionEndExcluding": "3.2.16",
"matchCriteriaId": "1BC85A39-2EFC-4468-9C66-7455CD4EF690"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.3",
"versionEndExcluding": "3.3.3",
"matchCriteriaId": "77EDD976-8BC1-491C-A240-34C0BA4AC31D"
} }
] ]
} }
@ -74,47 +88,85 @@
"references": [ "references": [
{ {
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=d52fc5dde171f030170a6cb78034d166b13c9445", "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=d52fc5dde171f030170a6cb78034d166b13c9445",
"source": "secalert@redhat.com" "source": "secalert@redhat.com",
"tags": [
"Broken Link"
]
}, },
{ {
"url": "http://rhn.redhat.com/errata/RHSA-2012-0670.html", "url": "http://rhn.redhat.com/errata/RHSA-2012-0670.html",
"source": "secalert@redhat.com" "source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}, },
{ {
"url": "http://rhn.redhat.com/errata/RHSA-2012-0743.html", "url": "http://rhn.redhat.com/errata/RHSA-2012-0743.html",
"source": "secalert@redhat.com" "source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}, },
{ {
"url": "http://www.debian.org/security/2012/dsa-2469", "url": "http://www.debian.org/security/2012/dsa-2469",
"source": "secalert@redhat.com" "source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.3.3", "url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.3.3",
"source": "secalert@redhat.com" "source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
}, },
{ {
"url": "http://www.openwall.com/lists/oss-security/2012/04/20/6", "url": "http://www.openwall.com/lists/oss-security/2012/04/20/6",
"source": "secalert@redhat.com" "source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
}, },
{ {
"url": "http://www.securityfocus.com/bid/53166", "url": "http://www.securityfocus.com/bid/53166",
"source": "secalert@redhat.com" "source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}, },
{ {
"url": "http://www.securitytracker.com/id?1027072", "url": "http://www.securitytracker.com/id?1027072",
"source": "secalert@redhat.com" "source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}, },
{ {
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=806722", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=806722",
"source": "secalert@redhat.com" "source": "secalert@redhat.com",
"tags": [
"Issue Tracking"
]
}, },
{ {
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75043", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75043",
"source": "secalert@redhat.com" "source": "secalert@redhat.com",
"tags": [
"VDB Entry"
]
}, },
{ {
"url": "https://github.com/torvalds/linux/commit/d52fc5dde171f030170a6cb78034d166b13c9445", "url": "https://github.com/torvalds/linux/commit/d52fc5dde171f030170a6cb78034d166b13c9445",
"source": "secalert@redhat.com" "source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

114
CVE-2012/CVE-2012-21xx/CVE-2012-2136.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2012-2136", "id": "CVE-2012-2136",
"sourceIdentifier": "secalert@redhat.com", "sourceIdentifier": "secalert@redhat.com",
"published": "2012-08-09T10:29:46.870", "published": "2012-08-09T10:29:46.870",
"lastModified": "2023-02-13T04:33:23.453", "lastModified": "2023-10-12T14:12:02.680",
"vulnStatus": "Modified", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -63,63 +63,22 @@
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.4.4", "versionEndExcluding": "3.0.37",
"matchCriteriaId": "DEB7BA7C-580F-4A05-8A66-2FC332E9FE4C" "matchCriteriaId": "11F3BF95-7AFA-4678-8F7C-1B29BDA05822"
}, },
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:3.4:*:*:*:*:*:*:*", "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0F960FA6-F904-4A4E-B483-44C70090E9A1" "versionStartIncluding": "3.1",
"versionEndExcluding": "3.2.23",
"matchCriteriaId": "8B4D48FD-F61E-4443-A0CD-A7A5D139C6D3"
}, },
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:3.4:rc1:*:*:*:*:*:*", "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "261C1B41-C9E0-414F-8368-51C0C0B8AD38" "versionStartIncluding": "3.3",
}, "versionEndExcluding": "3.4.5",
{ "matchCriteriaId": "478D8BEC-1557-40DC-8AB2-42424B19D0A9"
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:3.4:rc2:*:*:*:*:*:*",
"matchCriteriaId": "5CCA261D-2B97-492F-89A0-5F209A804350"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:3.4:rc3:*:*:*:*:*:*",
"matchCriteriaId": "1B1C0C68-9194-473F-BE5E-EC7F184899FA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:3.4:rc4:*:*:*:*:*:*",
"matchCriteriaId": "D7A6AC9E-BEA6-44B0-B3B3-F0F94E32424A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:3.4:rc5:*:*:*:*:*:*",
"matchCriteriaId": "16038328-9399-4B85-B777-BA4757D02C9B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:3.4:rc6:*:*:*:*:*:*",
"matchCriteriaId": "16CA2757-FA8D-43D9-96E8-D3C0EB6E1DEF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:3.4:rc7:*:*:*:*:*:*",
"matchCriteriaId": "E8CB5481-5EAE-401E-BD7E-D3095CCA9E94"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:3.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A0F36FAC-141D-476D-84C5-A558C199F904"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:3.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "51D64824-25F6-4761-BD6A-29038A143744"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:3.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E284C8A1-740F-454D-A774-99CD3A21B594"
} }
] ]
} }
@ -129,35 +88,68 @@
"references": [ "references": [
{ {
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=cc9b17ad29ecaa20bfe426a8d4dbfb94b13ff1cc", "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=cc9b17ad29ecaa20bfe426a8d4dbfb94b13ff1cc",
"source": "secalert@redhat.com" "source": "secalert@redhat.com",
"tags": [
"Broken Link"
]
}, },
{ {
"url": "http://rhn.redhat.com/errata/RHSA-2012-0743.html", "url": "http://rhn.redhat.com/errata/RHSA-2012-0743.html",
"source": "secalert@redhat.com" "source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}, },
{ {
"url": "http://rhn.redhat.com/errata/RHSA-2012-1087.html", "url": "http://rhn.redhat.com/errata/RHSA-2012-1087.html",
"source": "secalert@redhat.com" "source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://secunia.com/advisories/50807",
"source": "secalert@redhat.com",
"tags": [
"URL Repurposed"
]
}, },
{ {
"url": "http://ubuntu.com/usn/usn-1529-1", "url": "http://ubuntu.com/usn/usn-1529-1",
"source": "secalert@redhat.com" "source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.5", "url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.5",
"source": "secalert@redhat.com" "source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
}, },
{ {
"url": "http://www.securityfocus.com/bid/53721", "url": "http://www.securityfocus.com/bid/53721",
"source": "secalert@redhat.com" "source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}, },
{ {
"url": "http://www.ubuntu.com/usn/USN-1535-1", "url": "http://www.ubuntu.com/usn/USN-1535-1",
"source": "secalert@redhat.com" "source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=816289", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=816289",
"source": "secalert@redhat.com" "source": "secalert@redhat.com",
"tags": [
"Issue Tracking"
]
}, },
{ {
"url": "https://github.com/torvalds/linux/commit/cc9b17ad29ecaa20bfe426a8d4dbfb94b13ff1cc", "url": "https://github.com/torvalds/linux/commit/cc9b17ad29ecaa20bfe426a8d4dbfb94b13ff1cc",

202
CVE-2020/CVE-2020-124xx/CVE-2020-12464.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2020-12464", "id": "CVE-2020-12464",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2020-04-29T18:15:13.597", "published": "2020-04-29T18:15:13.597",
"lastModified": "2020-06-22T22:15:12.430", "lastModified": "2023-10-12T14:10:21.507",
"vulnStatus": "Modified", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -85,8 +85,140 @@
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.16.85",
"matchCriteriaId": "4F9567FB-F394-443B-9A95-1DA060A9CCA6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.17",
"versionEndExcluding": "4.4.221",
"matchCriteriaId": "37309B4F-90F2-4B13-A8F4-5A9F0FE59052"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.5",
"versionEndExcluding": "4.9.221",
"matchCriteriaId": "89728144-CE11-450A-A8ED-3C0606DB6806"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.10",
"versionEndExcluding": "4.14.178",
"matchCriteriaId": "1E600389-8ACB-4C7B-A74A-3A8343ACE6D4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.15",
"versionEndExcluding": "4.19.119",
"matchCriteriaId": "C0FB4B86-B8D8-473E-8D1D-3C058D143AF6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.36",
"matchCriteriaId": "0ABDE4F3-29C6-459E-B0B7-751B93447AF0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.6.8", "versionEndExcluding": "5.6.8",
"matchCriteriaId": "BD585B38-A4DA-436C-8F92-3334BD7A443B" "matchCriteriaId": "D62C084A-6676-40AF-868A-D90CDFAB7DDD"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "3A756737-1CC4-42C2-A4DF-E1C893B4E2D5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5C2089EE-5D7F-47EC-8EA5-0F69790564C4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:hci_baseboard_management_controller:h300s:*:*:*:*:*:*:*",
"matchCriteriaId": "27227B35-932A-4035-B39F-6A455753C0D6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:hci_baseboard_management_controller:h410c:*:*:*:*:*:*:*",
"matchCriteriaId": "489D20B9-166F-423D-8C48-A23D3026E33B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:hci_baseboard_management_controller:h410s:*:*:*:*:*:*:*",
"matchCriteriaId": "A4AD592C-222D-4C6F-B176-8145A1A5AFEC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:hci_baseboard_management_controller:h500s:*:*:*:*:*:*:*",
"matchCriteriaId": "8603654B-A8A9-4DEB-B0DD-C82E1C885749"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:hci_baseboard_management_controller:h610c:*:*:*:*:*:*:*",
"matchCriteriaId": "78BE572F-45C1-467F-918F-FB1276F6B495"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:hci_baseboard_management_controller:h610s:*:*:*:*:*:*:*",
"matchCriteriaId": "DE7C6010-F736-4BDA-9E3B-C4370BBFA149"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:hci_baseboard_management_controller:h615c:*:*:*:*:*:*:*",
"matchCriteriaId": "646FFC2B-6DC4-4BD8-AAE0-81895D397700"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:hci_baseboard_management_controller:h700s:*:*:*:*:*:*:*",
"matchCriteriaId": "C855C933-F271-45E6-8E85-8D7CF2EF1BE6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:hci_storage_nodes:-:*:*:*:*:*:*:*",
"matchCriteriaId": "855D6A52-F96F-4CA0-A59C-4D42173F22E1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:solidfire_\\&_hci_storage_node:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D452B464-1200-4B72-9A89-42DC58486191"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E94F7F59-1785-493F-91A7-5F5EA5E87E4D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:h:netapp:aff_a700s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9FED1B0D-F901-413A-85D9-05D4C427570D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AD7447BC-F315-4298-A822-549942FC118B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:h:netapp:solidfire_baseboard_management_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "090AA6F4-4404-4E26-82AB-C3A22636F276"
} }
] ]
} }
@ -96,7 +228,10 @@
"references": [ "references": [
{ {
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.html", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00022.html",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.6.8", "url": "https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.6.8",
@ -124,15 +259,25 @@
}, },
{ {
"url": "https://lists.debian.org/debian-lts-announce/2020/06/msg00011.html", "url": "https://lists.debian.org/debian-lts-announce/2020/06/msg00011.html",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://lists.debian.org/debian-lts-announce/2020/06/msg00012.html", "url": "https://lists.debian.org/debian-lts-announce/2020/06/msg00012.html",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
}, },
{ {
"url": "https://lists.debian.org/debian-lts-announce/2020/06/msg00013.html", "url": "https://lists.debian.org/debian-lts-announce/2020/06/msg00013.html",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://lkml.org/lkml/2020/3/23/52", "url": "https://lkml.org/lkml/2020/3/23/52",
@ -152,35 +297,62 @@
}, },
{ {
"url": "https://security.netapp.com/advisory/ntap-20200608-0001/", "url": "https://security.netapp.com/advisory/ntap-20200608-0001/",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://usn.ubuntu.com/4387-1/", "url": "https://usn.ubuntu.com/4387-1/",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://usn.ubuntu.com/4388-1/", "url": "https://usn.ubuntu.com/4388-1/",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://usn.ubuntu.com/4389-1/", "url": "https://usn.ubuntu.com/4389-1/",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://usn.ubuntu.com/4390-1/", "url": "https://usn.ubuntu.com/4390-1/",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://usn.ubuntu.com/4391-1/", "url": "https://usn.ubuntu.com/4391-1/",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}, },
{ {
"url": "https://www.debian.org/security/2020/dsa-4698", "url": "https://www.debian.org/security/2020/dsa-4698",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}, },
{ {
"url": "https://www.debian.org/security/2020/dsa-4699", "url": "https://www.debian.org/security/2020/dsa-4699",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
} }
] ]
} }

69
CVE-2022/CVE-2022-32xx/CVE-2022-3248.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-3248", "id": "CVE-2022-3248",
"sourceIdentifier": "secalert@redhat.com", "sourceIdentifier": "secalert@redhat.com",
"published": "2023-10-05T14:15:09.650", "published": "2023-10-05T14:15:09.650",
"lastModified": "2023-10-05T16:22:20.787", "lastModified": "2023-10-12T14:08:01.847",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -16,6 +16,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{ {
"source": "secalert@redhat.com", "source": "secalert@redhat.com",
"type": "Secondary", "type": "Secondary",
@ -38,14 +58,55 @@
} }
] ]
}, },
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:advanced_cluster_management_for_kubernetes:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4B0E6B4B-BAA6-474E-A18C-72C9719CEC1F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "932D137F-528B-4526-9A89-CD59FA1AB0FE"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://access.redhat.com/security/cve/CVE-2022-3248", "url": "https://access.redhat.com/security/cve/CVE-2022-3248",
"source": "secalert@redhat.com" "source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
}, },
{ {
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072188", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2072188",
"source": "secalert@redhat.com" "source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
} }
] ]
} }

6
CVE-2022/CVE-2022-44xx/CVE-2022-4479.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-4479", "id": "CVE-2022-4479",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-01-09T23:15:28.340", "published": "2023-01-09T23:15:28.340",
"lastModified": "2023-01-13T06:31:23.103", "lastModified": "2023-10-12T15:28:18.043",
"vulnStatus": "Analyzed", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
@ -55,9 +55,9 @@
"cpeMatch": [ "cpeMatch": [
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:a:table_of_contents_plus_project:table_of_contents_plus:*:*:*:*:*:wordpress:*:*", "criteria": "cpe:2.3:a:dublue:table_of_contents_plus:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2212", "versionEndExcluding": "2212",
"matchCriteriaId": "7D6B90FF-C078-4908-BAAE-F4F6D84BD33C" "matchCriteriaId": "6A511882-1C9D-4D88-B6F3-4DC682952AE0"
} }
] ]
} }

55
CVE-2023/CVE-2023-273xx/CVE-2023-27315.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-27315",
"sourceIdentifier": "security-alert@netapp.com",
"published": "2023-10-12T14:15:10.170",
"lastModified": "2023-10-12T14:15:10.170",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "SnapGathers versions prior to 4.9 are susceptible to a vulnerability \nwhich could allow a local authenticated attacker to discover plaintext \ndomain user credentials"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-alert@netapp.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.0,
"impactScore": 4.0
}
]
},
"weaknesses": [
{
"source": "security-alert@netapp.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-256"
}
]
}
],
"references": [
{
"url": "https://security.netapp.com/advisory/ntap-20231009-0002/",
"source": "security-alert@netapp.com"
}
]
}

55
CVE-2023/CVE-2023-321xx/CVE-2023-32124.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-32124",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-10-12T15:15:46.867",
"lastModified": "2023-10-12T15:15:46.867",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in Arul Prasad J Publish Confirm Message plugin <=\u00a01.3.1 versions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/publish-confirm-message/wordpress-publish-confirm-message-plugin-1-3-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2023/CVE-2023-411xx/CVE-2023-41131.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-41131",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-10-12T15:15:46.980",
"lastModified": "2023-10-12T15:15:46.980",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in Jonk @ Follow me Darling Sp*tify Play Button for WordPress plugin <=\u00a02.10 versions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/spotify-play-button-for-wordpress/wordpress-sp-tify-play-button-for-wordpress-plugin-2-10-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

47
CVE-2023/CVE-2023-418xx/CVE-2023-41858.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-41858", "id": "CVE-2023-41858",
"sourceIdentifier": "audit@patchstack.com", "sourceIdentifier": "audit@patchstack.com",
"published": "2023-10-10T09:15:10.167", "published": "2023-10-10T09:15:10.167",
"lastModified": "2023-10-10T12:16:32.703", "lastModified": "2023-10-12T15:25:50.593",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -16,6 +16,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{ {
"source": "audit@patchstack.com", "source": "audit@patchstack.com",
"type": "Secondary", "type": "Secondary",
@ -50,10 +70,31 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tychesoftwares:order_delivery_date_for_woocommerce:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.2",
"matchCriteriaId": "3F0FAC90-7C0C-43B3-9BBA-13E9EC5C4E38"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://patchstack.com/database/vulnerability/order-delivery-date/wordpress-order-delivery-date-for-wp-e-commerce-plugin-1-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", "url": "https://patchstack.com/database/vulnerability/order-delivery-date/wordpress-order-delivery-date-for-wp-e-commerce-plugin-1-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com" "source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

57
CVE-2023/CVE-2023-443xx/CVE-2023-44390.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-44390", "id": "CVE-2023-44390",
"sourceIdentifier": "security-advisories@github.com", "sourceIdentifier": "security-advisories@github.com",
"published": "2023-10-05T14:15:09.737", "published": "2023-10-05T14:15:09.737",
"lastModified": "2023-10-05T16:22:20.787", "lastModified": "2023-10-12T14:07:35.723",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -16,6 +16,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{ {
"source": "security-advisories@github.com", "source": "security-advisories@github.com",
"type": "Secondary", "type": "Secondary",
@ -50,14 +70,43 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:htmlsanitizer_project:htmlsanitizer:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.0.723",
"matchCriteriaId": "FAB4C837-7F45-4E79-B35B-C85CA2326762"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:htmlsanitizer_project:htmlsanitizer:8.1.719:beta:*:*:*:*:*:*",
"matchCriteriaId": "B85B1227-279E-41EA-B576-8AD3528F5629"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/mganss/HtmlSanitizer/commit/ab29319866c020f0cc11e6b92228cd8039196c6e", "url": "https://github.com/mganss/HtmlSanitizer/commit/ab29319866c020f0cc11e6b92228cd8039196c6e",
"source": "security-advisories@github.com" "source": "security-advisories@github.com",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://github.com/mganss/HtmlSanitizer/security/advisories/GHSA-43cp-6p3q-2pc4", "url": "https://github.com/mganss/HtmlSanitizer/security/advisories/GHSA-43cp-6p3q-2pc4",
"source": "security-advisories@github.com" "source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

55
CVE-2023/CVE-2023-451xx/CVE-2023-45102.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-45102",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-10-12T15:15:47.070",
"lastModified": "2023-10-12T15:15:47.070",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in OTWthemes Blog Manager Light plugin <=\u00a01.20 versions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/blog-manager-light/wordpress-blog-manager-light-plugin-1-20-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2023/CVE-2023-451xx/CVE-2023-45103.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-45103",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-10-12T15:15:47.160",
"lastModified": "2023-10-12T15:15:47.160",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in YAS Global Team Permalinks Customizer plugin <=\u00a02.8.2 versions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/permalinks-customizer/wordpress-permalinks-customizer-plugin-2-8-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2023/CVE-2023-451xx/CVE-2023-45106.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-45106",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-10-12T15:15:47.253",
"lastModified": "2023-10-12T15:15:47.253",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in Fedor Urvanov, Aram Kocharyan Urvanov Syntax Highlighter plugin <=\u00a02.8.33 versions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/urvanov-syntax-highlighter/wordpress-urvanov-syntax-highlighter-plugin-2-8-33-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

75
CVE-2023/CVE-2023-451xx/CVE-2023-45160.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-45160", "id": "CVE-2023-45160",
"sourceIdentifier": "security@1e.com", "sourceIdentifier": "security@1e.com",
"published": "2023-10-05T16:15:12.167", "published": "2023-10-05T16:15:12.167",
"lastModified": "2023-10-05T16:22:20.787", "lastModified": "2023-10-12T14:07:03.700",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "\nIn the affected version of the 1E Client, an ordinary user could subvert downloaded instruction resource files, e.g., to substitute a harmful script. by replacing a resource script file created by an instruction at run time with a malicious script. This has been fixed in patch Q23094 as the 1E Client's temporary directory is now locked down\n\n" "value": "\nIn the affected version of the 1E Client, an ordinary user could subvert downloaded instruction resource files, e.g., to substitute a harmful script. by replacing a resource script file created by an instruction at run time with a malicious script. This has been fixed in patch Q23094 as the 1E Client's temporary directory is now locked down\n\n"
},
{
"lang": "es",
"value": "En la versi\u00f3n afectada del 1E Client, un usuario normal podr\u00eda subvertir los archivos de recursos de instrucciones descargados, por ejemplo, para sustituirlos por un script da\u00f1ino o reemplazando un archivo de script de recursos creado por una instrucci\u00f3n en tiempo de ejecuci\u00f3n con un script malicioso. Esto se solucion\u00f3 en el parche Q23094 ya que el directorio temporal del 1E Client ahora est\u00e1 bloqueado"
} }
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{ {
"source": "security@1e.com", "source": "security@1e.com",
"type": "Secondary", "type": "Secondary",
@ -35,6 +59,16 @@
] ]
}, },
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-552"
}
]
},
{ {
"source": "security@1e.com", "source": "security@1e.com",
"type": "Secondary", "type": "Secondary",
@ -46,10 +80,45 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:1e:client:8.1.2.62:*:*:*:*:windows:*:*",
"matchCriteriaId": "EF79F84B-2408-44F9-A7AD-D9CAB9C34A61"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:1e:client:8.4.1.159:*:*:*:*:windows:*:*",
"matchCriteriaId": "4A156058-6634-4C59-831B-9A6E7C95BE84"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:1e:client:9.0.1.88:*:*:*:*:windows:*:*",
"matchCriteriaId": "66EA1F19-4432-4D9F-82DD-91062B54284B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:1e:client:23.7.1.151:*:*:*:*:windows:*:*",
"matchCriteriaId": "73A8F998-B3AF-46C6-B4E5-3FEF6EA25A99"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://www.1e.com/trust-security-compliance/cve-info/", "url": "https://www.1e.com/trust-security-compliance/cve-info/",
"source": "security@1e.com" "source": "security@1e.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

70
CVE-2023/CVE-2023-54xx/CVE-2023-5476.json
View File

@ -2,23 +2,83 @@
"id": "CVE-2023-5476", "id": "CVE-2023-5476",
"sourceIdentifier": "chrome-cve-admin@google.com", "sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-10-11T23:15:10.650", "published": "2023-10-11T23:15:10.650",
"lastModified": "2023-10-12T12:59:39.183", "lastModified": "2023-10-12T15:50:51.520",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Use after free in Blink History in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)" "value": "Use after free in Blink History in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)"
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding": "118.0.5993.70",
"matchCriteriaId": "5F6A81E4-0BDA-4294-BAC9-62B76E18B5BF"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_10.html", "url": "https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_10.html",
"source": "chrome-cve-admin@google.com" "source": "chrome-cve-admin@google.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}, },
{ {
"url": "https://crbug.com/1474253", "url": "https://crbug.com/1474253",
"source": "chrome-cve-admin@google.com" "source": "chrome-cve-admin@google.com",
"tags": [
"Permissions Required"
]
} }
] ]
} }

70
CVE-2023/CVE-2023-54xx/CVE-2023-5477.json
View File

@ -2,23 +2,83 @@
"id": "CVE-2023-5477", "id": "CVE-2023-5477",
"sourceIdentifier": "chrome-cve-admin@google.com", "sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-10-11T23:15:10.700", "published": "2023-10-11T23:15:10.700",
"lastModified": "2023-10-12T12:59:39.183", "lastModified": "2023-10-12T15:50:34.707",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Inappropriate implementation in Installer in Google Chrome prior to 118.0.5993.70 allowed a local attacker to bypass discretionary access control via a crafted command. (Chromium security severity: Low)" "value": "Inappropriate implementation in Installer in Google Chrome prior to 118.0.5993.70 allowed a local attacker to bypass discretionary access control via a crafted command. (Chromium security severity: Low)"
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding": "118.0.5993.70",
"matchCriteriaId": "5F6A81E4-0BDA-4294-BAC9-62B76E18B5BF"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_10.html", "url": "https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_10.html",
"source": "chrome-cve-admin@google.com" "source": "chrome-cve-admin@google.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}, },
{ {
"url": "https://crbug.com/1472558", "url": "https://crbug.com/1472558",
"source": "chrome-cve-admin@google.com" "source": "chrome-cve-admin@google.com",
"tags": [
"Permissions Required"
]
} }
] ]
} }

70
CVE-2023/CVE-2023-54xx/CVE-2023-5478.json
View File

@ -2,23 +2,83 @@
"id": "CVE-2023-5478", "id": "CVE-2023-5478",
"sourceIdentifier": "chrome-cve-admin@google.com", "sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-10-11T23:15:10.747", "published": "2023-10-11T23:15:10.747",
"lastModified": "2023-10-12T12:59:39.183", "lastModified": "2023-10-12T15:50:09.673",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Inappropriate implementation in Autofill in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low)" "value": "Inappropriate implementation in Autofill in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low)"
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding": "118.0.5993.70",
"matchCriteriaId": "5F6A81E4-0BDA-4294-BAC9-62B76E18B5BF"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_10.html", "url": "https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_10.html",
"source": "chrome-cve-admin@google.com" "source": "chrome-cve-admin@google.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}, },
{ {
"url": "https://crbug.com/1472404", "url": "https://crbug.com/1472404",
"source": "chrome-cve-admin@google.com" "source": "chrome-cve-admin@google.com",
"tags": [
"Permissions Required"
]
} }
] ]
} }

70
CVE-2023/CVE-2023-54xx/CVE-2023-5479.json
View File

@ -2,23 +2,83 @@
"id": "CVE-2023-5479", "id": "CVE-2023-5479",
"sourceIdentifier": "chrome-cve-admin@google.com", "sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-10-11T23:15:10.797", "published": "2023-10-11T23:15:10.797",
"lastModified": "2023-10-12T12:59:39.183", "lastModified": "2023-10-12T15:49:54.053",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Inappropriate implementation in Extensions API in Google Chrome prior to 118.0.5993.70 allowed an attacker who convinced a user to install a malicious extension to bypass an enterprise policy via a crafted HTML page. (Chromium security severity: Medium)" "value": "Inappropriate implementation in Extensions API in Google Chrome prior to 118.0.5993.70 allowed an attacker who convinced a user to install a malicious extension to bypass an enterprise policy via a crafted HTML page. (Chromium security severity: Medium)"
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding": "118.0.5993.70",
"matchCriteriaId": "5F6A81E4-0BDA-4294-BAC9-62B76E18B5BF"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_10.html", "url": "https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_10.html",
"source": "chrome-cve-admin@google.com" "source": "chrome-cve-admin@google.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}, },
{ {
"url": "https://crbug.com/1471253", "url": "https://crbug.com/1471253",
"source": "chrome-cve-admin@google.com" "source": "chrome-cve-admin@google.com",
"tags": [
"Permissions Required"
]
} }
] ]
} }

70
CVE-2023/CVE-2023-54xx/CVE-2023-5481.json
View File

@ -2,23 +2,83 @@
"id": "CVE-2023-5481", "id": "CVE-2023-5481",
"sourceIdentifier": "chrome-cve-admin@google.com", "sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-10-11T23:15:10.850", "published": "2023-10-11T23:15:10.850",
"lastModified": "2023-10-12T12:59:39.183", "lastModified": "2023-10-12T15:49:34.023",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Inappropriate implementation in Downloads in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to spoof security UI via a crafted HTML page. (Chromium security severity: Medium)" "value": "Inappropriate implementation in Downloads in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to spoof security UI via a crafted HTML page. (Chromium security severity: Medium)"
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding": "118.0.5993.70",
"matchCriteriaId": "5F6A81E4-0BDA-4294-BAC9-62B76E18B5BF"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_10.html", "url": "https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_10.html",
"source": "chrome-cve-admin@google.com" "source": "chrome-cve-admin@google.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}, },
{ {
"url": "https://crbug.com/1458934", "url": "https://crbug.com/1458934",
"source": "chrome-cve-admin@google.com" "source": "chrome-cve-admin@google.com",
"tags": [
"Permissions Required"
]
} }
] ]
} }

71
CVE-2023/CVE-2023-54xx/CVE-2023-5483.json
View File

@ -2,23 +2,84 @@
"id": "CVE-2023-5483", "id": "CVE-2023-5483",
"sourceIdentifier": "chrome-cve-admin@google.com", "sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-10-11T23:15:10.897", "published": "2023-10-11T23:15:10.897",
"lastModified": "2023-10-12T12:59:39.183", "lastModified": "2023-10-12T15:49:19.497",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Inappropriate implementation in Intents in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity: Medium)" "value": "Inappropriate implementation in Intents in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity: Medium)"
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding": "118.0.5993.70",
"matchCriteriaId": "5F6A81E4-0BDA-4294-BAC9-62B76E18B5BF"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_10.html", "url": "https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_10.html",
"source": "chrome-cve-admin@google.com" "source": "chrome-cve-admin@google.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}, },
{ {
"url": "https://crbug.com/1425355", "url": "https://crbug.com/1425355",
"source": "chrome-cve-admin@google.com" "source": "chrome-cve-admin@google.com",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
} }
] ]
} }

70
CVE-2023/CVE-2023-54xx/CVE-2023-5484.json
View File

@ -2,23 +2,83 @@
"id": "CVE-2023-5484", "id": "CVE-2023-5484",
"sourceIdentifier": "chrome-cve-admin@google.com", "sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-10-11T23:15:10.950", "published": "2023-10-11T23:15:10.950",
"lastModified": "2023-10-12T12:59:39.183", "lastModified": "2023-10-12T15:49:06.953",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Inappropriate implementation in Navigation in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to spoof security UI via a crafted HTML page. (Chromium security severity: Medium)" "value": "Inappropriate implementation in Navigation in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to spoof security UI via a crafted HTML page. (Chromium security severity: Medium)"
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding": "118.0.5993.70",
"matchCriteriaId": "5F6A81E4-0BDA-4294-BAC9-62B76E18B5BF"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_10.html", "url": "https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_10.html",
"source": "chrome-cve-admin@google.com" "source": "chrome-cve-admin@google.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}, },
{ {
"url": "https://crbug.com/1414936", "url": "https://crbug.com/1414936",
"source": "chrome-cve-admin@google.com" "source": "chrome-cve-admin@google.com",
"tags": [
"Permissions Required"
]
} }
] ]
} }

70
CVE-2023/CVE-2023-54xx/CVE-2023-5485.json
View File

@ -2,23 +2,83 @@
"id": "CVE-2023-5485", "id": "CVE-2023-5485",
"sourceIdentifier": "chrome-cve-admin@google.com", "sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-10-11T23:15:11.007", "published": "2023-10-11T23:15:11.007",
"lastModified": "2023-10-12T12:59:39.183", "lastModified": "2023-10-12T15:48:50.690",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Inappropriate implementation in Autofill in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to bypass autofill restrictions via a crafted HTML page. (Chromium security severity: Low)" "value": "Inappropriate implementation in Autofill in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to bypass autofill restrictions via a crafted HTML page. (Chromium security severity: Low)"
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding": "118.0.5993.70",
"matchCriteriaId": "5F6A81E4-0BDA-4294-BAC9-62B76E18B5BF"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_10.html", "url": "https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_10.html",
"source": "chrome-cve-admin@google.com" "source": "chrome-cve-admin@google.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}, },
{ {
"url": "https://crbug.com/1395164", "url": "https://crbug.com/1395164",
"source": "chrome-cve-admin@google.com" "source": "chrome-cve-admin@google.com",
"tags": [
"Permissions Required"
]
} }
] ]
} }

70
CVE-2023/CVE-2023-54xx/CVE-2023-5486.json
View File

@ -2,23 +2,83 @@
"id": "CVE-2023-5486", "id": "CVE-2023-5486",
"sourceIdentifier": "chrome-cve-admin@google.com", "sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-10-11T23:15:11.060", "published": "2023-10-11T23:15:11.060",
"lastModified": "2023-10-12T12:59:39.183", "lastModified": "2023-10-12T15:48:22.557",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Inappropriate implementation in Input in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to spoof security UI via a crafted HTML page. (Chromium security severity: Low)" "value": "Inappropriate implementation in Input in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to spoof security UI via a crafted HTML page. (Chromium security severity: Low)"
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding": "118.0.5993.70",
"matchCriteriaId": "5F6A81E4-0BDA-4294-BAC9-62B76E18B5BF"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_10.html", "url": "https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_10.html",
"source": "chrome-cve-admin@google.com" "source": "chrome-cve-admin@google.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}, },
{ {
"url": "https://crbug.com/1357442", "url": "https://crbug.com/1357442",
"source": "chrome-cve-admin@google.com" "source": "chrome-cve-admin@google.com",
"tags": [
"Permissions Required"
]
} }
] ]
} }

70
CVE-2023/CVE-2023-54xx/CVE-2023-5487.json
View File

@ -2,23 +2,83 @@
"id": "CVE-2023-5487", "id": "CVE-2023-5487",
"sourceIdentifier": "chrome-cve-admin@google.com", "sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-10-11T23:15:11.110", "published": "2023-10-11T23:15:11.110",
"lastModified": "2023-10-12T12:59:39.183", "lastModified": "2023-10-12T15:47:43.260",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Inappropriate implementation in Fullscreen in Google Chrome prior to 118.0.5993.70 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. (Chromium security severity: Medium)" "value": "Inappropriate implementation in Fullscreen in Google Chrome prior to 118.0.5993.70 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. (Chromium security severity: Medium)"
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding": "118.0.5993.70",
"matchCriteriaId": "5F6A81E4-0BDA-4294-BAC9-62B76E18B5BF"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_10.html", "url": "https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_10.html",
"source": "chrome-cve-admin@google.com" "source": "chrome-cve-admin@google.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}, },
{ {
"url": "https://crbug.com/1062251", "url": "https://crbug.com/1062251",
"source": "chrome-cve-admin@google.com" "source": "chrome-cve-admin@google.com",
"tags": [
"Permissions Required"
]
} }
] ]
} }

73
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update ### Last Repository Update
```plain ```plain
2023-10-12T14:00:28.060274+00:00 2023-10-12T16:00:24.623863+00:00
``` ```
### Most recent CVE Modification Timestamp synchronized with NVD ### Most recent CVE Modification Timestamp synchronized with NVD
```plain ```plain
2023-10-12T13:31:56.897000+00:00 2023-10-12T15:50:51.520000+00:00
``` ```
### Last Data Feed Release ### Last Data Feed Release
@ -29,57 +29,44 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs ### Total Number of included CVEs
```plain ```plain
227659 227665
``` ```
### CVEs added in the last Commit ### CVEs added in the last Commit
Recently added CVEs: `13` Recently added CVEs: `6`
* [CVE-2023-23651](CVE-2023/CVE-2023-236xx/CVE-2023-23651.json) (`2023-10-12T12:15:10.223`) * [CVE-2023-27315](CVE-2023/CVE-2023-273xx/CVE-2023-27315.json) (`2023-10-12T14:15:10.170`)
* [CVE-2023-23737](CVE-2023/CVE-2023-237xx/CVE-2023-23737.json) (`2023-10-12T12:15:10.313`) * [CVE-2023-32124](CVE-2023/CVE-2023-321xx/CVE-2023-32124.json) (`2023-10-12T15:15:46.867`)
* [CVE-2023-43789](CVE-2023/CVE-2023-437xx/CVE-2023-43789.json) (`2023-10-12T12:15:10.710`) * [CVE-2023-41131](CVE-2023/CVE-2023-411xx/CVE-2023-41131.json) (`2023-10-12T15:15:46.980`)
* [CVE-2023-5045](CVE-2023/CVE-2023-50xx/CVE-2023-5045.json) (`2023-10-12T12:15:10.777`) * [CVE-2023-45102](CVE-2023/CVE-2023-451xx/CVE-2023-45102.json) (`2023-10-12T15:15:47.070`)
* [CVE-2023-5046](CVE-2023/CVE-2023-50xx/CVE-2023-5046.json) (`2023-10-12T12:15:10.867`) * [CVE-2023-45103](CVE-2023/CVE-2023-451xx/CVE-2023-45103.json) (`2023-10-12T15:15:47.160`)
* [CVE-2023-44998](CVE-2023/CVE-2023-449xx/CVE-2023-44998.json) (`2023-10-12T13:15:10.163`) * [CVE-2023-45106](CVE-2023/CVE-2023-451xx/CVE-2023-45106.json) (`2023-10-12T15:15:47.253`)
* [CVE-2023-45011](CVE-2023/CVE-2023-450xx/CVE-2023-45011.json) (`2023-10-12T13:15:10.353`)
* [CVE-2023-45048](CVE-2023/CVE-2023-450xx/CVE-2023-45048.json) (`2023-10-12T13:15:10.440`)
* [CVE-2023-45052](CVE-2023/CVE-2023-450xx/CVE-2023-45052.json) (`2023-10-12T13:15:10.543`)
* [CVE-2023-45058](CVE-2023/CVE-2023-450xx/CVE-2023-45058.json) (`2023-10-12T13:15:10.713`)
* [CVE-2023-45060](CVE-2023/CVE-2023-450xx/CVE-2023-45060.json) (`2023-10-12T13:15:10.800`)
* [CVE-2023-45063](CVE-2023/CVE-2023-450xx/CVE-2023-45063.json) (`2023-10-12T13:15:10.897`)
* [CVE-2023-45068](CVE-2023/CVE-2023-450xx/CVE-2023-45068.json) (`2023-10-12T13:15:11.063`)
### CVEs modified in the last Commit ### CVEs modified in the last Commit
Recently modified CVEs: `45` Recently modified CVEs: `19`
* [CVE-2023-5470](CVE-2023/CVE-2023-54xx/CVE-2023-5470.json) (`2023-10-12T12:59:34.797`) * [CVE-2011-4330](CVE-2011/CVE-2011-43xx/CVE-2011-4330.json) (`2023-10-12T14:13:03.737`)
* [CVE-2023-45047](CVE-2023/CVE-2023-450xx/CVE-2023-45047.json) (`2023-10-12T12:59:34.797`) * [CVE-2012-2136](CVE-2012/CVE-2012-21xx/CVE-2012-2136.json) (`2023-10-12T14:12:02.680`)
* [CVE-2023-5554](CVE-2023/CVE-2023-55xx/CVE-2023-5554.json) (`2023-10-12T12:59:34.797`) * [CVE-2012-2123](CVE-2012/CVE-2012-21xx/CVE-2012-2123.json) (`2023-10-12T14:12:18.073`)
* [CVE-2023-5555](CVE-2023/CVE-2023-55xx/CVE-2023-5555.json) (`2023-10-12T12:59:34.797`) * [CVE-2020-12464](CVE-2020/CVE-2020-124xx/CVE-2020-12464.json) (`2023-10-12T14:10:21.507`)
* [CVE-2023-5556](CVE-2023/CVE-2023-55xx/CVE-2023-5556.json) (`2023-10-12T12:59:34.797`) * [CVE-2022-3248](CVE-2022/CVE-2022-32xx/CVE-2022-3248.json) (`2023-10-12T14:08:01.847`)
* [CVE-2023-39325](CVE-2023/CVE-2023-393xx/CVE-2023-39325.json) (`2023-10-12T12:59:39.183`) * [CVE-2022-4479](CVE-2022/CVE-2022-44xx/CVE-2022-4479.json) (`2023-10-12T15:28:18.043`)
* [CVE-2023-44189](CVE-2023/CVE-2023-441xx/CVE-2023-44189.json) (`2023-10-12T12:59:39.183`) * [CVE-2023-45160](CVE-2023/CVE-2023-451xx/CVE-2023-45160.json) (`2023-10-12T14:07:03.700`)
* [CVE-2023-44190](CVE-2023/CVE-2023-441xx/CVE-2023-44190.json) (`2023-10-12T12:59:39.183`) * [CVE-2023-44390](CVE-2023/CVE-2023-443xx/CVE-2023-44390.json) (`2023-10-12T14:07:35.723`)
* [CVE-2023-5218](CVE-2023/CVE-2023-52xx/CVE-2023-5218.json) (`2023-10-12T12:59:39.183`) * [CVE-2023-41858](CVE-2023/CVE-2023-418xx/CVE-2023-41858.json) (`2023-10-12T15:25:50.593`)
* [CVE-2023-5473](CVE-2023/CVE-2023-54xx/CVE-2023-5473.json) (`2023-10-12T12:59:39.183`) * [CVE-2023-5487](CVE-2023/CVE-2023-54xx/CVE-2023-5487.json) (`2023-10-12T15:47:43.260`)
* [CVE-2023-5474](CVE-2023/CVE-2023-54xx/CVE-2023-5474.json) (`2023-10-12T12:59:39.183`) * [CVE-2023-5486](CVE-2023/CVE-2023-54xx/CVE-2023-5486.json) (`2023-10-12T15:48:22.557`)
* [CVE-2023-5475](CVE-2023/CVE-2023-54xx/CVE-2023-5475.json) (`2023-10-12T12:59:39.183`) * [CVE-2023-5485](CVE-2023/CVE-2023-54xx/CVE-2023-5485.json) (`2023-10-12T15:48:50.690`)
* [CVE-2023-5476](CVE-2023/CVE-2023-54xx/CVE-2023-5476.json) (`2023-10-12T12:59:39.183`) * [CVE-2023-5484](CVE-2023/CVE-2023-54xx/CVE-2023-5484.json) (`2023-10-12T15:49:06.953`)
* [CVE-2023-5477](CVE-2023/CVE-2023-54xx/CVE-2023-5477.json) (`2023-10-12T12:59:39.183`) * [CVE-2023-5483](CVE-2023/CVE-2023-54xx/CVE-2023-5483.json) (`2023-10-12T15:49:19.497`)
* [CVE-2023-5478](CVE-2023/CVE-2023-54xx/CVE-2023-5478.json) (`2023-10-12T12:59:39.183`) * [CVE-2023-5481](CVE-2023/CVE-2023-54xx/CVE-2023-5481.json) (`2023-10-12T15:49:34.023`)
* [CVE-2023-5479](CVE-2023/CVE-2023-54xx/CVE-2023-5479.json) (`2023-10-12T12:59:39.183`) * [CVE-2023-5479](CVE-2023/CVE-2023-54xx/CVE-2023-5479.json) (`2023-10-12T15:49:54.053`)
* [CVE-2023-5481](CVE-2023/CVE-2023-54xx/CVE-2023-5481.json) (`2023-10-12T12:59:39.183`) * [CVE-2023-5478](CVE-2023/CVE-2023-54xx/CVE-2023-5478.json) (`2023-10-12T15:50:09.673`)
* [CVE-2023-5483](CVE-2023/CVE-2023-54xx/CVE-2023-5483.json) (`2023-10-12T12:59:39.183`) * [CVE-2023-5477](CVE-2023/CVE-2023-54xx/CVE-2023-5477.json) (`2023-10-12T15:50:34.707`)
* [CVE-2023-5484](CVE-2023/CVE-2023-54xx/CVE-2023-5484.json) (`2023-10-12T12:59:39.183`) * [CVE-2023-5476](CVE-2023/CVE-2023-54xx/CVE-2023-5476.json) (`2023-10-12T15:50:51.520`)
* [CVE-2023-5485](CVE-2023/CVE-2023-54xx/CVE-2023-5485.json) (`2023-10-12T12:59:39.183`)
* [CVE-2023-5486](CVE-2023/CVE-2023-54xx/CVE-2023-5486.json) (`2023-10-12T12:59:39.183`)
* [CVE-2023-5487](CVE-2023/CVE-2023-54xx/CVE-2023-5487.json) (`2023-10-12T12:59:39.183`)
* [CVE-2023-39194](CVE-2023/CVE-2023-391xx/CVE-2023-39194.json) (`2023-10-12T13:00:04.280`)
* [CVE-2023-28617](CVE-2023/CVE-2023-286xx/CVE-2023-28617.json) (`2023-10-12T13:15:10.023`)
* [CVE-2023-20231](CVE-2023/CVE-2023-202xx/CVE-2023-20231.json) (`2023-10-12T13:30:05.050`)
## Download and Usage ## Download and Usage