From 4a5baecb77d6f16391884015e6e28893c533a94e Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Wed, 17 May 2023 14:00:45 +0000 Subject: [PATCH] Auto-Update: 2023-05-17 14:00:41.300725+00:00 --- CVE-2021/CVE-2021-271xx/CVE-2021-27131.json | 4 +- CVE-2022/CVE-2022-423xx/CVE-2022-42336.json | 4 +- CVE-2022/CVE-2022-451xx/CVE-2022-45144.json | 4 +- CVE-2022/CVE-2022-471xx/CVE-2022-47129.json | 68 +++- CVE-2023/CVE-2023-08xx/CVE-2023-0863.json | 4 +- CVE-2023/CVE-2023-08xx/CVE-2023-0864.json | 4 +- CVE-2023/CVE-2023-17xx/CVE-2023-1763.json | 4 +- CVE-2023/CVE-2023-17xx/CVE-2023-1764.json | 4 +- CVE-2023/CVE-2023-227xx/CVE-2023-22720.json | 47 ++- CVE-2023/CVE-2023-253xx/CVE-2023-25394.json | 4 +- CVE-2023/CVE-2023-25xx/CVE-2023-2509.json | 4 +- CVE-2023/CVE-2023-25xx/CVE-2023-2528.json | 4 +- CVE-2023/CVE-2023-26xx/CVE-2023-2608.json | 4 +- CVE-2023/CVE-2023-26xx/CVE-2023-2630.json | 55 +++- CVE-2023/CVE-2023-26xx/CVE-2023-2656.json | 63 +++- CVE-2023/CVE-2023-26xx/CVE-2023-2657.json | 60 +++- CVE-2023/CVE-2023-26xx/CVE-2023-2658.json | 62 +++- CVE-2023/CVE-2023-26xx/CVE-2023-2659.json | 73 ++++- CVE-2023/CVE-2023-26xx/CVE-2023-2660.json | 61 +++- CVE-2023/CVE-2023-26xx/CVE-2023-2661.json | 61 +++- CVE-2023/CVE-2023-26xx/CVE-2023-2662.json | 57 +++- CVE-2023/CVE-2023-26xx/CVE-2023-2679.json | 55 ++++ CVE-2023/CVE-2023-273xx/CVE-2023-27385.json | 70 +++- CVE-2023/CVE-2023-277xx/CVE-2023-27742.json | 4 +- CVE-2023/CVE-2023-278xx/CVE-2023-27889.json | 69 +++- CVE-2023/CVE-2023-279xx/CVE-2023-27918.json | 69 +++- CVE-2023/CVE-2023-27xx/CVE-2023-2706.json | 4 +- CVE-2023/CVE-2023-27xx/CVE-2023-2745.json | 4 +- CVE-2023/CVE-2023-27xx/CVE-2023-2752.json | 4 +- CVE-2023/CVE-2023-27xx/CVE-2023-2753.json | 4 +- CVE-2023/CVE-2023-27xx/CVE-2023-2756.json | 4 +- CVE-2023/CVE-2023-292xx/CVE-2023-29273.json | 27 +- CVE-2023/CVE-2023-292xx/CVE-2023-29274.json | 27 +- CVE-2023/CVE-2023-292xx/CVE-2023-29275.json | 27 +- CVE-2023/CVE-2023-292xx/CVE-2023-29276.json | 39 ++- CVE-2023/CVE-2023-292xx/CVE-2023-29277.json | 27 +- CVE-2023/CVE-2023-292xx/CVE-2023-29278.json | 27 +- CVE-2023/CVE-2023-292xx/CVE-2023-29279.json | 27 +- CVE-2023/CVE-2023-292xx/CVE-2023-29280.json | 27 +- CVE-2023/CVE-2023-292xx/CVE-2023-29281.json | 49 ++- CVE-2023/CVE-2023-292xx/CVE-2023-29282.json | 27 +- CVE-2023/CVE-2023-292xx/CVE-2023-29283.json | 39 ++- CVE-2023/CVE-2023-292xx/CVE-2023-29284.json | 39 ++- CVE-2023/CVE-2023-292xx/CVE-2023-29285.json | 27 +- CVE-2023/CVE-2023-292xx/CVE-2023-29286.json | 39 ++- CVE-2023/CVE-2023-297xx/CVE-2023-29791.json | 64 +++- CVE-2023/CVE-2023-299xx/CVE-2023-29927.json | 4 +- CVE-2023/CVE-2023-301xx/CVE-2023-30189.json | 4 +- CVE-2023/CVE-2023-302xx/CVE-2023-30281.json | 4 +- CVE-2023/CVE-2023-304xx/CVE-2023-30438.json | 47 +++ CVE-2023/CVE-2023-304xx/CVE-2023-30452.json | 4 +- CVE-2023/CVE-2023-311xx/CVE-2023-31159.json | 336 +++++++++++++++++++- CVE-2023/CVE-2023-311xx/CVE-2023-31160.json | 336 +++++++++++++++++++- CVE-2023/CVE-2023-312xx/CVE-2023-31208.json | 4 +- CVE-2023/CVE-2023-315xx/CVE-2023-31544.json | 4 +- CVE-2023/CVE-2023-316xx/CVE-2023-31677.json | 4 +- CVE-2023/CVE-2023-316xx/CVE-2023-31678.json | 4 +- CVE-2023/CVE-2023-316xx/CVE-2023-31679.json | 4 +- CVE-2023/CVE-2023-316xx/CVE-2023-31698.json | 20 ++ CVE-2023/CVE-2023-316xx/CVE-2023-31699.json | 20 ++ CVE-2023/CVE-2023-317xx/CVE-2023-31702.json | 20 ++ CVE-2023/CVE-2023-317xx/CVE-2023-31703.json | 20 ++ CVE-2023/CVE-2023-318xx/CVE-2023-31847.json | 4 +- CVE-2023/CVE-2023-318xx/CVE-2023-31848.json | 4 +- CVE-2023/CVE-2023-319xx/CVE-2023-31902.json | 24 ++ CVE-2023/CVE-2023-319xx/CVE-2023-31903.json | 24 ++ CVE-2023/CVE-2023-319xx/CVE-2023-31904.json | 20 ++ CVE-2023/CVE-2023-320xx/CVE-2023-32066.json | 52 ++- README.md | 45 ++- 69 files changed, 2272 insertions(+), 186 deletions(-) create mode 100644 CVE-2023/CVE-2023-26xx/CVE-2023-2679.json create mode 100644 CVE-2023/CVE-2023-304xx/CVE-2023-30438.json create mode 100644 CVE-2023/CVE-2023-316xx/CVE-2023-31698.json create mode 100644 CVE-2023/CVE-2023-316xx/CVE-2023-31699.json create mode 100644 CVE-2023/CVE-2023-317xx/CVE-2023-31702.json create mode 100644 CVE-2023/CVE-2023-317xx/CVE-2023-31703.json create mode 100644 CVE-2023/CVE-2023-319xx/CVE-2023-31902.json create mode 100644 CVE-2023/CVE-2023-319xx/CVE-2023-31903.json create mode 100644 CVE-2023/CVE-2023-319xx/CVE-2023-31904.json diff --git a/CVE-2021/CVE-2021-271xx/CVE-2021-27131.json b/CVE-2021/CVE-2021-271xx/CVE-2021-27131.json index 36d12f43765..6b459c03f0b 100644 --- a/CVE-2021/CVE-2021-271xx/CVE-2021-27131.json +++ b/CVE-2021/CVE-2021-271xx/CVE-2021-27131.json @@ -2,8 +2,8 @@ "id": "CVE-2021-27131", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-16T20:15:08.987", - "lastModified": "2023-05-16T20:15:08.987", - "vulnStatus": "Received", + "lastModified": "2023-05-17T12:46:50.773", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2022/CVE-2022-423xx/CVE-2022-42336.json b/CVE-2022/CVE-2022-423xx/CVE-2022-42336.json index 1156d70081a..15af7e84d47 100644 --- a/CVE-2022/CVE-2022-423xx/CVE-2022-42336.json +++ b/CVE-2022/CVE-2022-423xx/CVE-2022-42336.json @@ -2,8 +2,8 @@ "id": "CVE-2022-42336", "sourceIdentifier": "security@xen.org", "published": "2023-05-17T01:15:09.480", - "lastModified": "2023-05-17T01:15:09.480", - "vulnStatus": "Received", + "lastModified": "2023-05-17T12:46:46.567", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2022/CVE-2022-451xx/CVE-2022-45144.json b/CVE-2022/CVE-2022-451xx/CVE-2022-45144.json index d0858cf6819..a5fcd7b9694 100644 --- a/CVE-2022/CVE-2022-451xx/CVE-2022-45144.json +++ b/CVE-2022/CVE-2022-451xx/CVE-2022-45144.json @@ -2,8 +2,8 @@ "id": "CVE-2022-45144", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-17T01:15:09.660", - "lastModified": "2023-05-17T01:15:09.660", - "vulnStatus": "Received", + "lastModified": "2023-05-17T12:46:46.567", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2022/CVE-2022-471xx/CVE-2022-47129.json b/CVE-2022/CVE-2022-471xx/CVE-2022-47129.json index e5152534706..3d4862f931b 100644 --- a/CVE-2022/CVE-2022-471xx/CVE-2022-47129.json +++ b/CVE-2022/CVE-2022-471xx/CVE-2022-47129.json @@ -2,23 +2,81 @@ "id": "CVE-2022-47129", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-11T14:15:19.623", - "lastModified": "2023-05-11T15:19:56.683", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-17T13:00:26.420", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "PHPOK v6.3 was discovered to contain a remote code execution (RCE) vulnerability." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:phpok:phpok:6.3:*:*:*:*:*:*:*", + "matchCriteriaId": "6634DAC0-70E8-4251-9AA6-6A48074E608A" + } + ] + } + ] + } + ], "references": [ { "url": "https://gist.github.com/Omoredream/43f60004665e9d9d8c71f7e976261387", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://www.yuque.com/g/alipayyz9csdbcdz/zytgq2/vz8ktghkcgvhsdzn/collaborator/join?token=R5phxzuV3w99ndZD", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Permissions Required" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-08xx/CVE-2023-0863.json b/CVE-2023/CVE-2023-08xx/CVE-2023-0863.json index 3c17b6fcb91..9869aa02264 100644 --- a/CVE-2023/CVE-2023-08xx/CVE-2023-0863.json +++ b/CVE-2023/CVE-2023-08xx/CVE-2023-0863.json @@ -2,8 +2,8 @@ "id": "CVE-2023-0863", "sourceIdentifier": "cybersecurity@ch.abb.com", "published": "2023-05-17T08:15:08.510", - "lastModified": "2023-05-17T08:15:08.510", - "vulnStatus": "Received", + "lastModified": "2023-05-17T12:46:46.567", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-08xx/CVE-2023-0864.json b/CVE-2023/CVE-2023-08xx/CVE-2023-0864.json index 927a5828949..3c967a84b1f 100644 --- a/CVE-2023/CVE-2023-08xx/CVE-2023-0864.json +++ b/CVE-2023/CVE-2023-08xx/CVE-2023-0864.json @@ -2,8 +2,8 @@ "id": "CVE-2023-0864", "sourceIdentifier": "cybersecurity@ch.abb.com", "published": "2023-05-17T08:15:08.610", - "lastModified": "2023-05-17T08:15:08.610", - "vulnStatus": "Received", + "lastModified": "2023-05-17T12:46:46.567", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-17xx/CVE-2023-1763.json b/CVE-2023/CVE-2023-17xx/CVE-2023-1763.json index 4feed2941b0..23fcc1987ea 100644 --- a/CVE-2023/CVE-2023-17xx/CVE-2023-1763.json +++ b/CVE-2023/CVE-2023-17xx/CVE-2023-1763.json @@ -2,8 +2,8 @@ "id": "CVE-2023-1763", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-17T01:15:09.833", - "lastModified": "2023-05-17T01:15:09.833", - "vulnStatus": "Received", + "lastModified": "2023-05-17T12:46:46.567", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-17xx/CVE-2023-1764.json b/CVE-2023/CVE-2023-17xx/CVE-2023-1764.json index 218a456e1c3..5c1b396ce67 100644 --- a/CVE-2023/CVE-2023-17xx/CVE-2023-1764.json +++ b/CVE-2023/CVE-2023-17xx/CVE-2023-1764.json @@ -2,8 +2,8 @@ "id": "CVE-2023-1764", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-17T01:15:09.920", - "lastModified": "2023-05-17T01:15:09.920", - "vulnStatus": "Received", + "lastModified": "2023-05-17T12:46:46.567", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-227xx/CVE-2023-22720.json b/CVE-2023/CVE-2023-227xx/CVE-2023-22720.json index 10512f84934..fd055d40ffa 100644 --- a/CVE-2023/CVE-2023-227xx/CVE-2023-22720.json +++ b/CVE-2023/CVE-2023-227xx/CVE-2023-22720.json @@ -2,8 +2,8 @@ "id": "CVE-2023-22720", "sourceIdentifier": "audit@patchstack.com", "published": "2023-05-11T15:15:10.613", - "lastModified": "2023-05-11T15:19:56.683", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-17T12:58:27.107", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +66,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:wp_links_page_project:wp_links_page:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "4.9.4", + "matchCriteriaId": "4744AC01-78EC-4886-AAC1-67DE760F9C76" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/wp-links-page/wordpress-wp-links-page-plugin-4-9-1-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-253xx/CVE-2023-25394.json b/CVE-2023/CVE-2023-253xx/CVE-2023-25394.json index e94ddc3ea6d..70b36ba4af9 100644 --- a/CVE-2023/CVE-2023-253xx/CVE-2023-25394.json +++ b/CVE-2023/CVE-2023-253xx/CVE-2023-25394.json @@ -2,8 +2,8 @@ "id": "CVE-2023-25394", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-17T00:15:08.967", - "lastModified": "2023-05-17T00:15:08.967", - "vulnStatus": "Received", + "lastModified": "2023-05-17T12:46:46.567", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-25xx/CVE-2023-2509.json b/CVE-2023/CVE-2023-25xx/CVE-2023-2509.json index 32d7adc8c5c..3fe8830a1cf 100644 --- a/CVE-2023/CVE-2023-25xx/CVE-2023-2509.json +++ b/CVE-2023/CVE-2023-25xx/CVE-2023-2509.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2509", "sourceIdentifier": "security@asustor.com", "published": "2023-05-17T07:15:08.567", - "lastModified": "2023-05-17T07:15:08.567", - "vulnStatus": "Received", + "lastModified": "2023-05-17T12:46:46.567", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-25xx/CVE-2023-2528.json b/CVE-2023/CVE-2023-25xx/CVE-2023-2528.json index 24d44962e00..44368be5bb9 100644 --- a/CVE-2023/CVE-2023-25xx/CVE-2023-2528.json +++ b/CVE-2023/CVE-2023-25xx/CVE-2023-2528.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2528", "sourceIdentifier": "security@wordfence.com", "published": "2023-05-17T00:15:09.027", - "lastModified": "2023-05-17T00:15:09.027", - "vulnStatus": "Received", + "lastModified": "2023-05-17T12:46:46.567", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-26xx/CVE-2023-2608.json b/CVE-2023/CVE-2023-26xx/CVE-2023-2608.json index f05de7ca4d7..5520b977afa 100644 --- a/CVE-2023/CVE-2023-26xx/CVE-2023-2608.json +++ b/CVE-2023/CVE-2023-26xx/CVE-2023-2608.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2608", "sourceIdentifier": "security@wordfence.com", "published": "2023-05-17T02:15:10.997", - "lastModified": "2023-05-17T02:15:10.997", - "vulnStatus": "Received", + "lastModified": "2023-05-17T12:46:46.567", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-26xx/CVE-2023-2630.json b/CVE-2023/CVE-2023-26xx/CVE-2023-2630.json index bad9defd177..c2be3de2111 100644 --- a/CVE-2023/CVE-2023-26xx/CVE-2023-2630.json +++ b/CVE-2023/CVE-2023-26xx/CVE-2023-2630.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2630", "sourceIdentifier": "security@huntr.dev", "published": "2023-05-10T16:15:11.157", - "lastModified": "2023-05-10T17:06:24.873", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-17T13:16:52.083", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + } + ], "cvssMetricV30": [ { "source": "security@huntr.dev", @@ -46,14 +68,39 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:pimcore:pimcore:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.5.21", + "matchCriteriaId": "72C537D6-67BA-4562-B853-F99E6C14315C" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/pimcore/pimcore/commit/7e32cc28145274ddfc30fb791012d26c1278bd38", - "source": "security@huntr.dev" + "source": "security@huntr.dev", + "tags": [ + "Patch" + ] }, { "url": "https://huntr.dev/bounties/e1001870-b8d8-4921-8b9c-bbdfb1a1491e", - "source": "security@huntr.dev" + "source": "security@huntr.dev", + "tags": [ + "Exploit", + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-26xx/CVE-2023-2656.json b/CVE-2023/CVE-2023-26xx/CVE-2023-2656.json index 46d29d44b7f..6b866faea81 100644 --- a/CVE-2023/CVE-2023-26xx/CVE-2023-2656.json +++ b/CVE-2023/CVE-2023-26xx/CVE-2023-2656.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2656", "sourceIdentifier": "cna@vuldb.com", "published": "2023-05-11T13:15:13.850", - "lastModified": "2023-05-11T13:36:16.323", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-17T13:02:41.120", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "cna@vuldb.com", @@ -71,18 +93,49 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ac_repair_and_services_system_project:ac_repair_and_services_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "93360BEF-F4C8-4AA0-9F50-1BA8EFAFC705" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/xiahao90/CVEproject/blob/main/xiahao.webray.com.cn/AC-Repair-and-Services-System---SQL-injections.md", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.228798", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.228798", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-26xx/CVE-2023-2657.json b/CVE-2023/CVE-2023-26xx/CVE-2023-2657.json index c5dc981f50d..0566da4ed7f 100644 --- a/CVE-2023/CVE-2023-26xx/CVE-2023-2657.json +++ b/CVE-2023/CVE-2023-26xx/CVE-2023-2657.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2657", "sourceIdentifier": "cna@vuldb.com", "published": "2023-05-11T14:15:20.217", - "lastModified": "2023-05-11T15:19:56.683", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-17T12:59:22.743", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ], "cvssMetricV30": [ { "source": "cna@vuldb.com", @@ -71,18 +93,46 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:online_computer_and_laptop_store_project:online_computer_and_laptop_store:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "6ADFB9B5-9CB8-4261-902B-4DF0680DF274" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/xiahao90/CVEproject/blob/main/xiahao.webray.com.cn/Online-Computer-and-Laptop-Store---Multiple-vulnerabilities.md#1xss-vulnerability-in-productsphp", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit" + ] }, { "url": "https://vuldb.com/?ctiid.228799", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.228799", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-26xx/CVE-2023-2658.json b/CVE-2023/CVE-2023-26xx/CVE-2023-2658.json index a07d9fe8e1d..9a18767ee95 100644 --- a/CVE-2023/CVE-2023-26xx/CVE-2023-2658.json +++ b/CVE-2023/CVE-2023-26xx/CVE-2023-2658.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2658", "sourceIdentifier": "cna@vuldb.com", "published": "2023-05-11T14:15:20.653", - "lastModified": "2023-05-11T15:19:56.683", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-17T12:58:56.517", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "cna@vuldb.com", @@ -71,18 +93,48 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:online_computer_and_laptop_store_project:online_computer_and_laptop_store:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "6ADFB9B5-9CB8-4261-902B-4DF0680DF274" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/xiahao90/CVEproject/blob/main/xiahao.webray.com.cn/Online-Computer-and-Laptop-Store---Multiple-vulnerabilities.md#2sql-injection-vulnerability-in-productsphp", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit" + ] }, { "url": "https://vuldb.com/?ctiid.228800", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.228800", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-26xx/CVE-2023-2659.json b/CVE-2023/CVE-2023-26xx/CVE-2023-2659.json index 2b44b297b60..e55c2bb544b 100644 --- a/CVE-2023/CVE-2023-26xx/CVE-2023-2659.json +++ b/CVE-2023/CVE-2023-26xx/CVE-2023-2659.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2659", "sourceIdentifier": "cna@vuldb.com", "published": "2023-05-11T15:15:11.730", - "lastModified": "2023-05-11T15:19:56.683", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-17T12:57:38.140", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "cna@vuldb.com", @@ -61,7 +83,7 @@ }, "weaknesses": [ { - "source": "cna@vuldb.com", + "source": "nvd@nist.gov", "type": "Primary", "description": [ { @@ -69,20 +91,59 @@ "value": "CWE-89" } ] + }, + { + "source": "cna@vuldb.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:online_computer_and_laptop_store_project:online_computer_and_laptop_store:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "6ADFB9B5-9CB8-4261-902B-4DF0680DF274" + } + ] + } + ] } ], "references": [ { "url": "https://github.com/xiahao90/CVEproject/blob/main/xiahao.webray.com.cn/Online-Computer-and-Laptop-Store---Multiple-vulnerabilities.md#3sql-injection-vulnerability-in-view_productphp", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit" + ] }, { "url": "https://vuldb.com/?ctiid.228801", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.228801", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-26xx/CVE-2023-2660.json b/CVE-2023/CVE-2023-26xx/CVE-2023-2660.json index 0af7493dc9a..c0f925299b3 100644 --- a/CVE-2023/CVE-2023-26xx/CVE-2023-2660.json +++ b/CVE-2023/CVE-2023-26xx/CVE-2023-2660.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2660", "sourceIdentifier": "cna@vuldb.com", "published": "2023-05-11T15:15:11.830", - "lastModified": "2023-05-11T15:19:56.683", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-17T12:57:04.227", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "cna@vuldb.com", @@ -71,18 +93,47 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:online_computer_and_laptop_store_project:online_computer_and_laptop_store:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "6ADFB9B5-9CB8-4261-902B-4DF0680DF274" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/xiahao90/CVEproject/blob/main/xiahao.webray.com.cn/Online-Computer-and-Laptop-Store---Multiple-vulnerabilities.md#4sql-injection-vulnerability-in-view_categoriesphp", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit" + ] }, { "url": "https://vuldb.com/?ctiid.228802", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.228802", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-26xx/CVE-2023-2661.json b/CVE-2023/CVE-2023-26xx/CVE-2023-2661.json index d857f85ea1a..87542f18ee8 100644 --- a/CVE-2023/CVE-2023-26xx/CVE-2023-2661.json +++ b/CVE-2023/CVE-2023-26xx/CVE-2023-2661.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2661", "sourceIdentifier": "cna@vuldb.com", "published": "2023-05-11T15:15:11.917", - "lastModified": "2023-05-11T15:19:56.683", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-17T12:56:37.437", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "cna@vuldb.com", @@ -71,18 +93,47 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:online_computer_and_laptop_store_project:online_computer_and_laptop_store:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "6ADFB9B5-9CB8-4261-902B-4DF0680DF274" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/xiahao90/CVEproject/blob/main/xiahao.webray.com.cn/Online-Computer-and-Laptop-Store---Multiple-vulnerabilities.md#5sql-injection-vulnerability-in-classesmasterphp", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit" + ] }, { "url": "https://vuldb.com/?ctiid.228803", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://vuldb.com/?id.228803", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-26xx/CVE-2023-2662.json b/CVE-2023/CVE-2023-26xx/CVE-2023-2662.json index bab4f98daf2..8dafff7d9fc 100644 --- a/CVE-2023/CVE-2023-26xx/CVE-2023-2662.json +++ b/CVE-2023/CVE-2023-26xx/CVE-2023-2662.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2662", "sourceIdentifier": "xpdf@xpdfreader.com", "published": "2023-05-11T21:15:09.873", - "lastModified": "2023-05-11T21:15:09.873", - "vulnStatus": "Received", + "lastModified": "2023-05-17T12:53:16.877", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + }, { "source": "xpdf@xpdfreader.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-369" + } + ] + }, { "source": "xpdf@xpdfreader.com", "type": "Secondary", @@ -46,10 +76,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:xpdfreader:xpdf:*:*:*:*:*:*:*:*", + "versionEndIncluding": "4.04", + "matchCriteriaId": "C549C6C1-16A2-4372-976B-95334DB1EABA" + } + ] + } + ] + } + ], "references": [ { "url": "https://forum.xpdfreader.com/viewtopic.php?t=42505", - "source": "xpdf@xpdfreader.com" + "source": "xpdf@xpdfreader.com", + "tags": [ + "Exploit" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-26xx/CVE-2023-2679.json b/CVE-2023/CVE-2023-26xx/CVE-2023-2679.json new file mode 100644 index 00000000000..f4e23029d72 --- /dev/null +++ b/CVE-2023/CVE-2023-26xx/CVE-2023-2679.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-2679", + "sourceIdentifier": "security@snowsoftware.com", + "published": "2023-05-17T13:15:09.283", + "lastModified": "2023-05-17T13:15:09.283", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Data leakage in Adobe connector in Snow Software SPE 9.27.0 on Windows allows privileged user to observe other users data." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@snowsoftware.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 4.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "security@snowsoftware.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-269" + } + ] + } + ], + "references": [ + { + "url": "https://community.snowsoftware.com/s/feed/0D56M00009Ex9dySAB", + "source": "security@snowsoftware.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-273xx/CVE-2023-27385.json b/CVE-2023/CVE-2023-273xx/CVE-2023-27385.json index fa4dab587ae..3f4e822cb2d 100644 --- a/CVE-2023/CVE-2023-273xx/CVE-2023-27385.json +++ b/CVE-2023/CVE-2023-273xx/CVE-2023-27385.json @@ -2,23 +2,83 @@ "id": "CVE-2023-27385", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2023-05-10T06:15:13.680", - "lastModified": "2023-05-10T13:06:16.563", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-17T12:49:42.820", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Heap-based buffer overflow vulnerability exists in CX-Drive All models V3.01 and earlier. By having a user open a specially crafted SDD file, arbitrary code may be executed and/or information may be disclosed." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:omron:cx-drive:*:*:*:*:*:*:*:*", + "versionEndIncluding": "3.01", + "matchCriteriaId": "6A89D13B-21E3-4B25-ABB9-FC63BAA75656" + } + ] + } + ] + } + ], "references": [ { "url": "https://jvn.jp/en/vu/JVNVU97372625/", - "source": "vultures@jpcert.or.jp" + "source": "vultures@jpcert.or.jp", + "tags": [ + "Mitigation", + "Third Party Advisory" + ] }, { "url": "https://www.ia.omron.com/product/vulnerability/OMSR-2023-004_en.pdf", - "source": "vultures@jpcert.or.jp" + "source": "vultures@jpcert.or.jp", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-277xx/CVE-2023-27742.json b/CVE-2023/CVE-2023-277xx/CVE-2023-27742.json index e57f2669ef8..892835427db 100644 --- a/CVE-2023/CVE-2023-277xx/CVE-2023-27742.json +++ b/CVE-2023/CVE-2023-277xx/CVE-2023-27742.json @@ -2,8 +2,8 @@ "id": "CVE-2023-27742", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-16T20:15:09.093", - "lastModified": "2023-05-16T20:15:09.093", - "vulnStatus": "Received", + "lastModified": "2023-05-17T12:46:50.773", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-278xx/CVE-2023-27889.json b/CVE-2023/CVE-2023-278xx/CVE-2023-27889.json index 2511a6ab940..281ad77afc4 100644 --- a/CVE-2023/CVE-2023-278xx/CVE-2023-27889.json +++ b/CVE-2023/CVE-2023-278xx/CVE-2023-27889.json @@ -2,23 +2,82 @@ "id": "CVE-2023-27889", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2023-05-10T06:15:14.280", - "lastModified": "2023-05-10T13:06:16.563", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-17T12:54:41.750", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Cross-site request forgery (CSRF) vulnerability in LIQUID SPEECH BALLOON versions prior to 1.2 allows a remote unauthenticated attacker to hijack the authentication of a user and to perform unintended operations by having a user view a malicious page." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:lqd:liquid_speech_balloon:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "1.2", + "matchCriteriaId": "6277C5CD-6B26-4B90-93EC-979625163D03" + } + ] + } + ] + } + ], "references": [ { "url": "https://jvn.jp/en/jp/JVN99657911/", - "source": "vultures@jpcert.or.jp" + "source": "vultures@jpcert.or.jp", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://wordpress.org/plugins/liquid-speech-balloon/#developers", - "source": "vultures@jpcert.or.jp" + "source": "vultures@jpcert.or.jp", + "tags": [ + "Release Notes" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27918.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27918.json index 7edf30e85ec..57cee3120e5 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27918.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27918.json @@ -2,23 +2,82 @@ "id": "CVE-2023-27918", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2023-05-10T06:15:14.547", - "lastModified": "2023-05-10T13:06:16.563", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-17T12:56:58.967", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Cross-site scripting vulnerability in Appointment and Event Booking Calendar for WordPress - Amelia versions prior to 1.0.76 allows a remote unauthenticated attacker to inject an arbitrary script by having a user who is logging in the WordPress where the product is installed visit a malicious URL." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tms-outsource:amelia:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "1.0.76", + "matchCriteriaId": "265E83B8-8CB3-40B5-B2DA-F0C5FB9BE62A" + } + ] + } + ] + } + ], "references": [ { "url": "https://jvn.jp/en/jp/JVN00971105/", - "source": "vultures@jpcert.or.jp" + "source": "vultures@jpcert.or.jp", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://wordpress.org/plugins/ameliabooking/#developers", - "source": "vultures@jpcert.or.jp" + "source": "vultures@jpcert.or.jp", + "tags": [ + "Product" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-27xx/CVE-2023-2706.json b/CVE-2023/CVE-2023-27xx/CVE-2023-2706.json index 672149c85e4..b7efd70f606 100644 --- a/CVE-2023/CVE-2023-27xx/CVE-2023-2706.json +++ b/CVE-2023/CVE-2023-27xx/CVE-2023-2706.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2706", "sourceIdentifier": "security@wordfence.com", "published": "2023-05-17T02:15:11.953", - "lastModified": "2023-05-17T02:15:11.953", - "vulnStatus": "Received", + "lastModified": "2023-05-17T12:46:46.567", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-27xx/CVE-2023-2745.json b/CVE-2023/CVE-2023-27xx/CVE-2023-2745.json index 6b35494d32a..ead0ca3a728 100644 --- a/CVE-2023/CVE-2023-27xx/CVE-2023-2745.json +++ b/CVE-2023/CVE-2023-27xx/CVE-2023-2745.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2745", "sourceIdentifier": "security@wordfence.com", "published": "2023-05-17T09:15:10.303", - "lastModified": "2023-05-17T09:15:10.303", - "vulnStatus": "Received", + "lastModified": "2023-05-17T12:46:46.567", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-27xx/CVE-2023-2752.json b/CVE-2023/CVE-2023-27xx/CVE-2023-2752.json index 981acbbaaec..8acfc2b8f92 100644 --- a/CVE-2023/CVE-2023-27xx/CVE-2023-2752.json +++ b/CVE-2023/CVE-2023-27xx/CVE-2023-2752.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2752", "sourceIdentifier": "security@huntr.dev", "published": "2023-05-17T08:15:08.757", - "lastModified": "2023-05-17T08:15:08.757", - "vulnStatus": "Received", + "lastModified": "2023-05-17T12:46:46.567", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-27xx/CVE-2023-2753.json b/CVE-2023/CVE-2023-27xx/CVE-2023-2753.json index 41256508d39..683959da2f9 100644 --- a/CVE-2023/CVE-2023-27xx/CVE-2023-2753.json +++ b/CVE-2023/CVE-2023-27xx/CVE-2023-2753.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2753", "sourceIdentifier": "security@huntr.dev", "published": "2023-05-17T08:15:08.837", - "lastModified": "2023-05-17T08:15:08.837", - "vulnStatus": "Received", + "lastModified": "2023-05-17T12:46:46.567", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-27xx/CVE-2023-2756.json b/CVE-2023/CVE-2023-27xx/CVE-2023-2756.json index 523d057060d..a3bcbb5e9dc 100644 --- a/CVE-2023/CVE-2023-27xx/CVE-2023-2756.json +++ b/CVE-2023/CVE-2023-27xx/CVE-2023-2756.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2756", "sourceIdentifier": "security@huntr.dev", "published": "2023-05-17T11:15:09.113", - "lastModified": "2023-05-17T11:15:09.113", - "vulnStatus": "Received", + "lastModified": "2023-05-17T12:46:46.567", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-292xx/CVE-2023-29273.json b/CVE-2023/CVE-2023-292xx/CVE-2023-29273.json index 5f485dc9ade..8a5d62d006e 100644 --- a/CVE-2023/CVE-2023-292xx/CVE-2023-29273.json +++ b/CVE-2023/CVE-2023-292xx/CVE-2023-29273.json @@ -2,8 +2,8 @@ "id": "CVE-2023-29273", "sourceIdentifier": "psirt@adobe.com", "published": "2023-05-11T22:15:10.243", - "lastModified": "2023-05-11T22:15:10.243", - "vulnStatus": "Received", + "lastModified": "2023-05-17T12:50:17.923", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:substance_3d_painter:*:*:*:*:*:*:*:*", + "versionEndIncluding": "8.3.0", + "matchCriteriaId": "5A7EC29A-C862-41D3-A17F-9D7C1E53C8F6" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/substance3d_painter/apsb23-29.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-292xx/CVE-2023-29274.json b/CVE-2023/CVE-2023-292xx/CVE-2023-29274.json index e65b39fbcd7..4c33b8c287b 100644 --- a/CVE-2023/CVE-2023-292xx/CVE-2023-29274.json +++ b/CVE-2023/CVE-2023-292xx/CVE-2023-29274.json @@ -2,8 +2,8 @@ "id": "CVE-2023-29274", "sourceIdentifier": "psirt@adobe.com", "published": "2023-05-11T22:15:10.337", - "lastModified": "2023-05-11T22:15:10.337", - "vulnStatus": "Received", + "lastModified": "2023-05-17T12:50:06.257", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:substance_3d_painter:*:*:*:*:*:*:*:*", + "versionEndIncluding": "8.3.0", + "matchCriteriaId": "5A7EC29A-C862-41D3-A17F-9D7C1E53C8F6" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/substance3d_painter/apsb23-29.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-292xx/CVE-2023-29275.json b/CVE-2023/CVE-2023-292xx/CVE-2023-29275.json index 2f6f8d60a68..2cab1538e2f 100644 --- a/CVE-2023/CVE-2023-292xx/CVE-2023-29275.json +++ b/CVE-2023/CVE-2023-292xx/CVE-2023-29275.json @@ -2,8 +2,8 @@ "id": "CVE-2023-29275", "sourceIdentifier": "psirt@adobe.com", "published": "2023-05-11T22:15:10.427", - "lastModified": "2023-05-11T22:15:10.427", - "vulnStatus": "Received", + "lastModified": "2023-05-17T12:50:00.397", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:substance_3d_painter:*:*:*:*:*:*:*:*", + "versionEndIncluding": "8.3.0", + "matchCriteriaId": "5A7EC29A-C862-41D3-A17F-9D7C1E53C8F6" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/substance3d_painter/apsb23-29.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-292xx/CVE-2023-29276.json b/CVE-2023/CVE-2023-292xx/CVE-2023-29276.json index 30c6fcb10e9..0f042ae2e03 100644 --- a/CVE-2023/CVE-2023-292xx/CVE-2023-29276.json +++ b/CVE-2023/CVE-2023-292xx/CVE-2023-29276.json @@ -2,8 +2,8 @@ "id": "CVE-2023-29276", "sourceIdentifier": "psirt@adobe.com", "published": "2023-05-11T22:15:10.507", - "lastModified": "2023-05-11T22:15:10.507", - "vulnStatus": "Received", + "lastModified": "2023-05-17T12:49:50.070", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -36,7 +36,7 @@ }, "weaknesses": [ { - "source": "psirt@adobe.com", + "source": "nvd@nist.gov", "type": "Primary", "description": [ { @@ -44,12 +44,43 @@ "value": "CWE-787" } ] + }, + { + "source": "psirt@adobe.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:substance_3d_painter:*:*:*:*:*:*:*:*", + "versionEndIncluding": "8.3.0", + "matchCriteriaId": "5A7EC29A-C862-41D3-A17F-9D7C1E53C8F6" + } + ] + } + ] } ], "references": [ { "url": "https://helpx.adobe.com/security/products/substance3d_painter/apsb23-29.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-292xx/CVE-2023-29277.json b/CVE-2023/CVE-2023-292xx/CVE-2023-29277.json index 8f2c9a9ded4..eaeb8ca689b 100644 --- a/CVE-2023/CVE-2023-292xx/CVE-2023-29277.json +++ b/CVE-2023/CVE-2023-292xx/CVE-2023-29277.json @@ -2,8 +2,8 @@ "id": "CVE-2023-29277", "sourceIdentifier": "psirt@adobe.com", "published": "2023-05-11T22:15:10.587", - "lastModified": "2023-05-11T22:15:10.587", - "vulnStatus": "Received", + "lastModified": "2023-05-17T12:49:25.880", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:substance_3d_painter:*:*:*:*:*:*:*:*", + "versionEndIncluding": "8.3.0", + "matchCriteriaId": "5A7EC29A-C862-41D3-A17F-9D7C1E53C8F6" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/substance3d_painter/apsb23-29.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-292xx/CVE-2023-29278.json b/CVE-2023/CVE-2023-292xx/CVE-2023-29278.json index d564f0083fd..3d48ddb0976 100644 --- a/CVE-2023/CVE-2023-292xx/CVE-2023-29278.json +++ b/CVE-2023/CVE-2023-292xx/CVE-2023-29278.json @@ -2,8 +2,8 @@ "id": "CVE-2023-29278", "sourceIdentifier": "psirt@adobe.com", "published": "2023-05-11T22:15:10.670", - "lastModified": "2023-05-11T22:15:10.670", - "vulnStatus": "Received", + "lastModified": "2023-05-17T12:49:36.830", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:substance_3d_painter:*:*:*:*:*:*:*:*", + "versionEndIncluding": "8.3.0", + "matchCriteriaId": "5A7EC29A-C862-41D3-A17F-9D7C1E53C8F6" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/substance3d_painter/apsb23-29.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-292xx/CVE-2023-29279.json b/CVE-2023/CVE-2023-292xx/CVE-2023-29279.json index 679d185fd82..2e87f0e272f 100644 --- a/CVE-2023/CVE-2023-292xx/CVE-2023-29279.json +++ b/CVE-2023/CVE-2023-292xx/CVE-2023-29279.json @@ -2,8 +2,8 @@ "id": "CVE-2023-29279", "sourceIdentifier": "psirt@adobe.com", "published": "2023-05-11T22:15:10.743", - "lastModified": "2023-05-11T22:15:10.743", - "vulnStatus": "Received", + "lastModified": "2023-05-17T12:49:18.707", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:substance_3d_painter:*:*:*:*:*:*:*:*", + "versionEndIncluding": "8.3.0", + "matchCriteriaId": "5A7EC29A-C862-41D3-A17F-9D7C1E53C8F6" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/substance3d_painter/apsb23-29.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-292xx/CVE-2023-29280.json b/CVE-2023/CVE-2023-292xx/CVE-2023-29280.json index fde461bb966..73efa5ff248 100644 --- a/CVE-2023/CVE-2023-292xx/CVE-2023-29280.json +++ b/CVE-2023/CVE-2023-292xx/CVE-2023-29280.json @@ -2,8 +2,8 @@ "id": "CVE-2023-29280", "sourceIdentifier": "psirt@adobe.com", "published": "2023-05-11T22:15:10.817", - "lastModified": "2023-05-11T22:15:10.817", - "vulnStatus": "Received", + "lastModified": "2023-05-17T12:49:06.630", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:substance_3d_painter:*:*:*:*:*:*:*:*", + "versionEndIncluding": "8.3.0", + "matchCriteriaId": "5A7EC29A-C862-41D3-A17F-9D7C1E53C8F6" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/substance3d_painter/apsb23-29.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-292xx/CVE-2023-29281.json b/CVE-2023/CVE-2023-292xx/CVE-2023-29281.json index 85a210c341b..e747b6174d5 100644 --- a/CVE-2023/CVE-2023-292xx/CVE-2023-29281.json +++ b/CVE-2023/CVE-2023-292xx/CVE-2023-29281.json @@ -2,8 +2,8 @@ "id": "CVE-2023-29281", "sourceIdentifier": "psirt@adobe.com", "published": "2023-05-11T22:15:10.893", - "lastModified": "2023-05-11T22:15:10.893", - "vulnStatus": "Received", + "lastModified": "2023-05-17T12:48:52.397", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -13,7 +13,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "psirt@adobe.com", + "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "3.1", @@ -31,6 +31,26 @@ }, "exploitabilityScore": 1.8, "impactScore": 5.9 + }, + { + "source": "psirt@adobe.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 } ] }, @@ -46,10 +66,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:substance_3d_painter:*:*:*:*:*:*:*:*", + "versionEndIncluding": "8.3.0", + "matchCriteriaId": "5A7EC29A-C862-41D3-A17F-9D7C1E53C8F6" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/substance3d_painter/apsb23-29.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-292xx/CVE-2023-29282.json b/CVE-2023/CVE-2023-292xx/CVE-2023-29282.json index 495528128c2..24b70819c03 100644 --- a/CVE-2023/CVE-2023-292xx/CVE-2023-29282.json +++ b/CVE-2023/CVE-2023-292xx/CVE-2023-29282.json @@ -2,8 +2,8 @@ "id": "CVE-2023-29282", "sourceIdentifier": "psirt@adobe.com", "published": "2023-05-11T22:15:10.970", - "lastModified": "2023-05-11T22:15:10.970", - "vulnStatus": "Received", + "lastModified": "2023-05-17T12:48:31.203", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:substance_3d_painter:*:*:*:*:*:*:*:*", + "versionEndIncluding": "8.3.0", + "matchCriteriaId": "5A7EC29A-C862-41D3-A17F-9D7C1E53C8F6" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/substance3d_painter/apsb23-29.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-292xx/CVE-2023-29283.json b/CVE-2023/CVE-2023-292xx/CVE-2023-29283.json index 953c8b12530..0ea84a34b40 100644 --- a/CVE-2023/CVE-2023-292xx/CVE-2023-29283.json +++ b/CVE-2023/CVE-2023-292xx/CVE-2023-29283.json @@ -2,8 +2,8 @@ "id": "CVE-2023-29283", "sourceIdentifier": "psirt@adobe.com", "published": "2023-05-11T22:15:11.077", - "lastModified": "2023-05-11T22:15:11.077", - "vulnStatus": "Received", + "lastModified": "2023-05-17T12:48:18.053", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -36,8 +36,18 @@ }, "weaknesses": [ { - "source": "psirt@adobe.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + }, + { + "source": "psirt@adobe.com", + "type": "Secondary", "description": [ { "lang": "en", @@ -46,10 +56,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:substance_3d_painter:*:*:*:*:*:*:*:*", + "versionEndIncluding": "8.3.0", + "matchCriteriaId": "5A7EC29A-C862-41D3-A17F-9D7C1E53C8F6" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/substance3d_painter/apsb23-29.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-292xx/CVE-2023-29284.json b/CVE-2023/CVE-2023-292xx/CVE-2023-29284.json index a793b912954..f5d19890918 100644 --- a/CVE-2023/CVE-2023-292xx/CVE-2023-29284.json +++ b/CVE-2023/CVE-2023-292xx/CVE-2023-29284.json @@ -2,8 +2,8 @@ "id": "CVE-2023-29284", "sourceIdentifier": "psirt@adobe.com", "published": "2023-05-11T22:15:11.197", - "lastModified": "2023-05-11T22:15:11.197", - "vulnStatus": "Received", + "lastModified": "2023-05-17T13:01:17.987", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -36,8 +36,18 @@ }, "weaknesses": [ { - "source": "psirt@adobe.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + }, + { + "source": "psirt@adobe.com", + "type": "Secondary", "description": [ { "lang": "en", @@ -46,10 +56,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:substance_3d_painter:*:*:*:*:*:*:*:*", + "versionEndIncluding": "8.3.0", + "matchCriteriaId": "5A7EC29A-C862-41D3-A17F-9D7C1E53C8F6" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/substance3d_painter/apsb23-29.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-292xx/CVE-2023-29285.json b/CVE-2023/CVE-2023-292xx/CVE-2023-29285.json index de7a0ba6ee2..dbeab41e585 100644 --- a/CVE-2023/CVE-2023-292xx/CVE-2023-29285.json +++ b/CVE-2023/CVE-2023-292xx/CVE-2023-29285.json @@ -2,8 +2,8 @@ "id": "CVE-2023-29285", "sourceIdentifier": "psirt@adobe.com", "published": "2023-05-11T22:15:11.287", - "lastModified": "2023-05-11T22:15:11.287", - "vulnStatus": "Received", + "lastModified": "2023-05-17T13:01:12.327", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:substance_3d_painter:*:*:*:*:*:*:*:*", + "versionEndIncluding": "8.3.0", + "matchCriteriaId": "5A7EC29A-C862-41D3-A17F-9D7C1E53C8F6" + } + ] + } + ] + } + ], "references": [ { "url": "https://helpx.adobe.com/security/products/substance3d_painter/apsb23-29.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-292xx/CVE-2023-29286.json b/CVE-2023/CVE-2023-292xx/CVE-2023-29286.json index 3cf743ba442..4e0982cf350 100644 --- a/CVE-2023/CVE-2023-292xx/CVE-2023-29286.json +++ b/CVE-2023/CVE-2023-292xx/CVE-2023-29286.json @@ -2,8 +2,8 @@ "id": "CVE-2023-29286", "sourceIdentifier": "psirt@adobe.com", "published": "2023-05-11T22:15:11.377", - "lastModified": "2023-05-11T22:15:11.377", - "vulnStatus": "Received", + "lastModified": "2023-05-17T13:01:05.513", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -36,7 +36,7 @@ }, "weaknesses": [ { - "source": "psirt@adobe.com", + "source": "nvd@nist.gov", "type": "Primary", "description": [ { @@ -44,12 +44,43 @@ "value": "CWE-824" } ] + }, + { + "source": "psirt@adobe.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-824" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:adobe:substance_3d_painter:*:*:*:*:*:*:*:*", + "versionEndIncluding": "8.3.0", + "matchCriteriaId": "5A7EC29A-C862-41D3-A17F-9D7C1E53C8F6" + } + ] + } + ] } ], "references": [ { "url": "https://helpx.adobe.com/security/products/substance3d_painter/apsb23-29.html", - "source": "psirt@adobe.com" + "source": "psirt@adobe.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-297xx/CVE-2023-29791.json b/CVE-2023/CVE-2023-297xx/CVE-2023-29791.json index f207ea9e2ba..befd1055217 100644 --- a/CVE-2023/CVE-2023-297xx/CVE-2023-29791.json +++ b/CVE-2023/CVE-2023-297xx/CVE-2023-29791.json @@ -2,19 +2,75 @@ "id": "CVE-2023-29791", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-11T21:15:09.807", - "lastModified": "2023-05-11T21:15:09.807", - "vulnStatus": "Received", + "lastModified": "2023-05-17T12:54:44.870", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "kodbox <= 1.37 is vulnerable to Cross Site Scripting (XSS) via the debug information." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:kodcloud:kodbox:*:*:*:*:*:*:*:*", + "versionEndIncluding": "1.37", + "matchCriteriaId": "E59A2BF5-FDE8-43D6-AFAD-9A708BE1D007" + } + ] + } + ] + } + ], "references": [ { "url": "https://blog.mo60.cn/index.php/archives/kodbox-xss.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Permissions Required" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-299xx/CVE-2023-29927.json b/CVE-2023/CVE-2023-299xx/CVE-2023-29927.json index adb8d4c8256..e6f0dcdeaad 100644 --- a/CVE-2023/CVE-2023-299xx/CVE-2023-29927.json +++ b/CVE-2023/CVE-2023-299xx/CVE-2023-29927.json @@ -2,8 +2,8 @@ "id": "CVE-2023-29927", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-16T20:15:09.213", - "lastModified": "2023-05-16T20:15:09.213", - "vulnStatus": "Received", + "lastModified": "2023-05-17T12:46:50.773", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-301xx/CVE-2023-30189.json b/CVE-2023/CVE-2023-301xx/CVE-2023-30189.json index 49b3f8b5664..1a9255578b3 100644 --- a/CVE-2023/CVE-2023-301xx/CVE-2023-30189.json +++ b/CVE-2023/CVE-2023-301xx/CVE-2023-30189.json @@ -2,8 +2,8 @@ "id": "CVE-2023-30189", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-16T20:15:09.273", - "lastModified": "2023-05-16T20:15:09.273", - "vulnStatus": "Received", + "lastModified": "2023-05-17T12:46:50.773", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-302xx/CVE-2023-30281.json b/CVE-2023/CVE-2023-302xx/CVE-2023-30281.json index 9dd8678347b..50b2f7bf3c0 100644 --- a/CVE-2023/CVE-2023-302xx/CVE-2023-30281.json +++ b/CVE-2023/CVE-2023-302xx/CVE-2023-30281.json @@ -2,8 +2,8 @@ "id": "CVE-2023-30281", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-16T20:15:09.323", - "lastModified": "2023-05-16T20:15:09.323", - "vulnStatus": "Received", + "lastModified": "2023-05-17T12:46:50.773", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-304xx/CVE-2023-30438.json b/CVE-2023/CVE-2023-304xx/CVE-2023-30438.json new file mode 100644 index 00000000000..32d02547188 --- /dev/null +++ b/CVE-2023/CVE-2023-304xx/CVE-2023-30438.json @@ -0,0 +1,47 @@ +{ + "id": "CVE-2023-30438", + "sourceIdentifier": "psirt@us.ibm.com", + "published": "2023-05-17T13:15:09.380", + "lastModified": "2023-05-17T13:15:09.380", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An internally discovered vulnerability in PowerVM on IBM Power9 and Power10 systems could allow an attacker with privileged user access to a logical partition to perform an undetected violation of the isolation between logical partitions which could lead to data leakage or the execution of arbitrary code in other logical partitions on the same physical server. IBM X-Force ID: 252706." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@us.ibm.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.3, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 2.5, + "impactScore": 6.0 + } + ] + }, + "references": [ + { + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/252706", + "source": "psirt@us.ibm.com" + }, + { + "url": "https://www.ibm.com/support/pages/node/6993021", + "source": "psirt@us.ibm.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-304xx/CVE-2023-30452.json b/CVE-2023/CVE-2023-304xx/CVE-2023-30452.json index 3cc0cc04b29..65b6053a15a 100644 --- a/CVE-2023/CVE-2023-304xx/CVE-2023-30452.json +++ b/CVE-2023/CVE-2023-304xx/CVE-2023-30452.json @@ -2,8 +2,8 @@ "id": "CVE-2023-30452", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-17T00:15:09.107", - "lastModified": "2023-05-17T00:15:09.107", - "vulnStatus": "Received", + "lastModified": "2023-05-17T12:46:46.567", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-311xx/CVE-2023-31159.json b/CVE-2023/CVE-2023-311xx/CVE-2023-31159.json index af16952bde8..a2a7b300113 100644 --- a/CVE-2023/CVE-2023-311xx/CVE-2023-31159.json +++ b/CVE-2023/CVE-2023-311xx/CVE-2023-31159.json @@ -2,8 +2,8 @@ "id": "CVE-2023-31159", "sourceIdentifier": "security@selinc.com", "published": "2023-05-10T20:15:10.910", - "lastModified": "2023-05-11T13:36:30.643", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-17T12:46:02.257", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, { "source": "security@selinc.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + }, { "source": "security@selinc.com", "type": "Secondary", @@ -46,14 +76,312 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-2241_rtac_module_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r113-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "92EC2190-5E06-429E-A06A-76571E7ED430" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-2241_rtac_module:-:*:*:*:*:*:*:*", + "matchCriteriaId": "FE4A1AB9-1190-4620-BF97-4A5569E74310" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3350_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r148-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "490EC90A-C8C4-4AEA-90E8-DA1C6D11932C" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3350:-:*:*:*:*:*:*:*", + "matchCriteriaId": "FCA7F410-7F74-4EF1-913E-7B34674716DC" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3505_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r119-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "2161BCBC-6892-47E6-9A9F-0A82F0AA6A92" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3505:-:*:*:*:*:*:*:*", + "matchCriteriaId": "14D78E73-46F2-4D00-A75B-909752E36EB4" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3505-3_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r132-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "39E788ED-56DC-455E-B907-9DA7ED359CB9" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3505-3:-:*:*:*:*:*:*:*", + "matchCriteriaId": "8A479C2B-F691-4E04-B551-9F631E5A2A0F" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3530_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r100-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "4A438B8C-AD18-47F5-94BF-2484D778EA75" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3530:-:*:*:*:*:*:*:*", + "matchCriteriaId": "8E56BC08-9C49-4614-8F52-3413B804A128" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3530-4_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r108-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "C48D1C36-0F34-4A95-88E2-B69DE8803AF7" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3530-4:-:*:*:*:*:*:*:*", + "matchCriteriaId": "BB424E1B-2AE3-449E-9AA1-2AF48C1920FB" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3532_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r132-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "A9982B6A-2CED-4EF4-946D-E4B8A8CE3935" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3532:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E573857F-C6DC-4E59-8F5B-4C51ED4D69DB" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3555_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r134-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "9333068D-CE59-4644-879F-A1B29D07C26B" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3555:-:*:*:*:*:*:*:*", + "matchCriteriaId": "282F6DB1-4B0F-424F-B5E4-0827F1E7EE6F" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3560e_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r144-v2", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "9BF86940-89E4-4D3C-B51D-CF189B8B20A3" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3560e:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A3EB8694-DC56-4E35-9659-B2787F872E08" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3560s_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r144-v2", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "28EAFD3D-1697-42BA-941E-2970A1177302" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3560s:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F9D2A4A4-B81E-4034-863D-900D95166543" + } + ] + } + ] + } + ], "references": [ { "url": "https://selinc.com/support/security-notifications/external-reports/", - "source": "security@selinc.com" + "source": "security@selinc.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://www.nozominetworks.com/blog/", - "source": "security@selinc.com" + "source": "security@selinc.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-311xx/CVE-2023-31160.json b/CVE-2023/CVE-2023-311xx/CVE-2023-31160.json index f2745da4b8d..1bd94f441e9 100644 --- a/CVE-2023/CVE-2023-311xx/CVE-2023-31160.json +++ b/CVE-2023/CVE-2023-311xx/CVE-2023-31160.json @@ -2,8 +2,8 @@ "id": "CVE-2023-31160", "sourceIdentifier": "security@selinc.com", "published": "2023-05-10T20:15:11.003", - "lastModified": "2023-05-11T13:36:30.643", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-17T12:45:26.067", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, { "source": "security@selinc.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + }, { "source": "security@selinc.com", "type": "Secondary", @@ -46,14 +76,312 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-2241_rtac_module_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r113-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "92EC2190-5E06-429E-A06A-76571E7ED430" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-2241_rtac_module:-:*:*:*:*:*:*:*", + "matchCriteriaId": "FE4A1AB9-1190-4620-BF97-4A5569E74310" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3350_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r148-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "490EC90A-C8C4-4AEA-90E8-DA1C6D11932C" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3350:-:*:*:*:*:*:*:*", + "matchCriteriaId": "FCA7F410-7F74-4EF1-913E-7B34674716DC" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3505_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r119-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "2161BCBC-6892-47E6-9A9F-0A82F0AA6A92" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3505:-:*:*:*:*:*:*:*", + "matchCriteriaId": "14D78E73-46F2-4D00-A75B-909752E36EB4" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3505-3_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r132-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "39E788ED-56DC-455E-B907-9DA7ED359CB9" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3505-3:-:*:*:*:*:*:*:*", + "matchCriteriaId": "8A479C2B-F691-4E04-B551-9F631E5A2A0F" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3530_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r100-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "4A438B8C-AD18-47F5-94BF-2484D778EA75" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3530:-:*:*:*:*:*:*:*", + "matchCriteriaId": "8E56BC08-9C49-4614-8F52-3413B804A128" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3530-4_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r108-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "C48D1C36-0F34-4A95-88E2-B69DE8803AF7" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3530-4:-:*:*:*:*:*:*:*", + "matchCriteriaId": "BB424E1B-2AE3-449E-9AA1-2AF48C1920FB" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3532_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r132-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "A9982B6A-2CED-4EF4-946D-E4B8A8CE3935" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3532:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E573857F-C6DC-4E59-8F5B-4C51ED4D69DB" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3555_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r134-v0", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "9333068D-CE59-4644-879F-A1B29D07C26B" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3555:-:*:*:*:*:*:*:*", + "matchCriteriaId": "282F6DB1-4B0F-424F-B5E4-0827F1E7EE6F" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3560e_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r144-v2", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "9BF86940-89E4-4D3C-B51D-CF189B8B20A3" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3560e:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A3EB8694-DC56-4E35-9659-B2787F872E08" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:selinc:sel-3560s_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "r144-v2", + "versionEndExcluding": "r150-v2", + "matchCriteriaId": "28EAFD3D-1697-42BA-941E-2970A1177302" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:selinc:sel-3560s:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F9D2A4A4-B81E-4034-863D-900D95166543" + } + ] + } + ] + } + ], "references": [ { "url": "https://selinc.com/support/security-notifications/external-reports/", - "source": "security@selinc.com" + "source": "security@selinc.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://www.nozominetworks.com/blog/", - "source": "security@selinc.com" + "source": "security@selinc.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-312xx/CVE-2023-31208.json b/CVE-2023/CVE-2023-312xx/CVE-2023-31208.json index 0ee027d6e46..054d081ea58 100644 --- a/CVE-2023/CVE-2023-312xx/CVE-2023-31208.json +++ b/CVE-2023/CVE-2023-312xx/CVE-2023-31208.json @@ -2,8 +2,8 @@ "id": "CVE-2023-31208", "sourceIdentifier": "security@checkmk.com", "published": "2023-05-17T09:15:10.473", - "lastModified": "2023-05-17T09:15:10.473", - "vulnStatus": "Received", + "lastModified": "2023-05-17T12:46:46.567", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-315xx/CVE-2023-31544.json b/CVE-2023/CVE-2023-315xx/CVE-2023-31544.json index bebd1231b32..4a78988d213 100644 --- a/CVE-2023/CVE-2023-315xx/CVE-2023-31544.json +++ b/CVE-2023/CVE-2023-315xx/CVE-2023-31544.json @@ -2,8 +2,8 @@ "id": "CVE-2023-31544", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-16T21:15:09.027", - "lastModified": "2023-05-16T21:15:09.027", - "vulnStatus": "Received", + "lastModified": "2023-05-17T12:46:50.773", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-316xx/CVE-2023-31677.json b/CVE-2023/CVE-2023-316xx/CVE-2023-31677.json index 1d5f6f58d2e..c62d18a48b1 100644 --- a/CVE-2023/CVE-2023-316xx/CVE-2023-31677.json +++ b/CVE-2023/CVE-2023-316xx/CVE-2023-31677.json @@ -2,8 +2,8 @@ "id": "CVE-2023-31677", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-16T22:15:13.913", - "lastModified": "2023-05-16T22:15:13.913", - "vulnStatus": "Received", + "lastModified": "2023-05-17T12:46:50.773", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-316xx/CVE-2023-31678.json b/CVE-2023/CVE-2023-316xx/CVE-2023-31678.json index 2cfa5d950a1..5a6ac17aa96 100644 --- a/CVE-2023/CVE-2023-316xx/CVE-2023-31678.json +++ b/CVE-2023/CVE-2023-316xx/CVE-2023-31678.json @@ -2,8 +2,8 @@ "id": "CVE-2023-31678", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-16T22:15:13.957", - "lastModified": "2023-05-16T22:15:13.957", - "vulnStatus": "Received", + "lastModified": "2023-05-17T12:46:50.773", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-316xx/CVE-2023-31679.json b/CVE-2023/CVE-2023-316xx/CVE-2023-31679.json index c2c1a7e97f1..a94710e5b7c 100644 --- a/CVE-2023/CVE-2023-316xx/CVE-2023-31679.json +++ b/CVE-2023/CVE-2023-316xx/CVE-2023-31679.json @@ -2,8 +2,8 @@ "id": "CVE-2023-31679", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-16T22:15:14.003", - "lastModified": "2023-05-16T22:15:14.003", - "vulnStatus": "Received", + "lastModified": "2023-05-17T12:46:46.567", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-316xx/CVE-2023-31698.json b/CVE-2023/CVE-2023-316xx/CVE-2023-31698.json new file mode 100644 index 00000000000..87ab6e4aa53 --- /dev/null +++ b/CVE-2023/CVE-2023-316xx/CVE-2023-31698.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-31698", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-05-17T13:15:09.463", + "lastModified": "2023-05-17T13:15:09.463", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Bludit v3.14.1 is vulnerable to Stored Cross Site Scripting (XSS) via SVG file on site logo." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/bludit/bludit/issues/1509", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-316xx/CVE-2023-31699.json b/CVE-2023/CVE-2023-316xx/CVE-2023-31699.json new file mode 100644 index 00000000000..e7d24a88d34 --- /dev/null +++ b/CVE-2023/CVE-2023-316xx/CVE-2023-31699.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-31699", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-05-17T13:15:09.517", + "lastModified": "2023-05-17T13:15:09.517", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "ChurchCRM v4.5.4 is vulnerable to Reflected Cross-Site Scripting (XSS) via image file." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/ChurchCRM/CRM/issues/6471", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-317xx/CVE-2023-31702.json b/CVE-2023/CVE-2023-317xx/CVE-2023-31702.json new file mode 100644 index 00000000000..36a4ebdb673 --- /dev/null +++ b/CVE-2023/CVE-2023-317xx/CVE-2023-31702.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-31702", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-05-17T13:15:09.567", + "lastModified": "2023-05-17T13:15:09.567", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "SQL injection in the View User Profile in MicroWorld eScan Management Console 14.0.1400.2281 allows remote attacker to dump entire database and gain windows XP command shell to perform code execution on database server via GetUserCurrentPwd?UsrId=1." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/sahiloj/CVE-2023-31702/blob/main/README.md", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-317xx/CVE-2023-31703.json b/CVE-2023/CVE-2023-317xx/CVE-2023-31703.json new file mode 100644 index 00000000000..1eeac190de0 --- /dev/null +++ b/CVE-2023/CVE-2023-317xx/CVE-2023-31703.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-31703", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-05-17T13:15:09.617", + "lastModified": "2023-05-17T13:15:09.617", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Cross Site Scripting (XSS) in the edit user form in Microworld Technologies eScan management console 14.0.1400.2281 allows remote attacker to inject arbitrary code via the from parameter." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/sahiloj/CVE-2023-31703/blob/main/README.md", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-318xx/CVE-2023-31847.json b/CVE-2023/CVE-2023-318xx/CVE-2023-31847.json index e6fd61ca5c7..ccf3e514e89 100644 --- a/CVE-2023/CVE-2023-318xx/CVE-2023-31847.json +++ b/CVE-2023/CVE-2023-318xx/CVE-2023-31847.json @@ -2,8 +2,8 @@ "id": "CVE-2023-31847", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-17T01:15:10.013", - "lastModified": "2023-05-17T01:15:10.013", - "vulnStatus": "Received", + "lastModified": "2023-05-17T12:46:46.567", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-318xx/CVE-2023-31848.json b/CVE-2023/CVE-2023-318xx/CVE-2023-31848.json index 49e9fce320c..da5819f53a1 100644 --- a/CVE-2023/CVE-2023-318xx/CVE-2023-31848.json +++ b/CVE-2023/CVE-2023-318xx/CVE-2023-31848.json @@ -2,8 +2,8 @@ "id": "CVE-2023-31848", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-17T00:15:09.150", - "lastModified": "2023-05-17T00:15:09.150", - "vulnStatus": "Received", + "lastModified": "2023-05-17T12:46:46.567", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-319xx/CVE-2023-31902.json b/CVE-2023/CVE-2023-319xx/CVE-2023-31902.json new file mode 100644 index 00000000000..54cec958a74 --- /dev/null +++ b/CVE-2023/CVE-2023-319xx/CVE-2023-31902.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-31902", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-05-17T13:15:09.667", + "lastModified": "2023-05-17T13:15:09.667", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "RPA Technology Mobile Mouse 3.6.0.4 is vulnerable to Remote Code Execution (RCE)." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://www.exploit-db.com/exploits/51010", + "source": "cve@mitre.org" + }, + { + "url": "https://www.redpacketsecurity.com/mobile-mouse-code-execution/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-319xx/CVE-2023-31903.json b/CVE-2023/CVE-2023-319xx/CVE-2023-31903.json new file mode 100644 index 00000000000..e4b0c3b1286 --- /dev/null +++ b/CVE-2023/CVE-2023-319xx/CVE-2023-31903.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-31903", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-05-17T13:15:09.720", + "lastModified": "2023-05-17T13:15:09.720", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "GuppY CMS 6.00.10 is vulnerable to Unrestricted File Upload which allows remote attackers to execute arbitrary code by uploading a php file." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/blue0x1/GuppY-exploit-rce", + "source": "cve@mitre.org" + }, + { + "url": "https://www.exploit-db.com/exploits/51052", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-319xx/CVE-2023-31904.json b/CVE-2023/CVE-2023-319xx/CVE-2023-31904.json new file mode 100644 index 00000000000..74d43b7e0e1 --- /dev/null +++ b/CVE-2023/CVE-2023-319xx/CVE-2023-31904.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-31904", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-05-17T13:15:09.777", + "lastModified": "2023-05-17T13:15:09.777", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "savysoda Wifi HD Wireless Disk Drive 11 is vulnerable to Local File Inclusion." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://www.exploit-db.com/exploits/51015", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-320xx/CVE-2023-32066.json b/CVE-2023/CVE-2023-320xx/CVE-2023-32066.json index 129f5424a65..8d02f494647 100644 --- a/CVE-2023/CVE-2023-320xx/CVE-2023-32066.json +++ b/CVE-2023/CVE-2023-320xx/CVE-2023-32066.json @@ -2,8 +2,8 @@ "id": "CVE-2023-32066", "sourceIdentifier": "security-advisories@github.com", "published": "2023-05-09T16:15:15.160", - "lastModified": "2023-05-09T17:36:56.357", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-17T13:57:44.233", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, { "source": "security-advisories@github.com", "type": "Secondary", @@ -46,14 +66,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:anuko:time_tracker:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.22.12.5783", + "matchCriteriaId": "144881B4-9A01-4919-BACC-8364C75FBF1C" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/anuko/timetracker/commit/093cfe158099704ffd4a1624be217f9935e914eb", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/anuko/timetracker/security/advisories/GHSA-jw2g-8wvp-9frw", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/README.md b/README.md index 9854b4b849e..c99c992339a 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-05-17T12:00:30.166624+00:00 +2023-05-17T14:00:41.300725+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-05-17T11:15:09.113000+00:00 +2023-05-17T13:57:44.233000+00:00 ``` ### Last Data Feed Release @@ -29,20 +29,53 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -215515 +215524 ``` ### CVEs added in the last Commit -Recently added CVEs: `1` +Recently added CVEs: `9` -* [CVE-2023-2756](CVE-2023/CVE-2023-27xx/CVE-2023-2756.json) (`2023-05-17T11:15:09.113`) +* [CVE-2023-2679](CVE-2023/CVE-2023-26xx/CVE-2023-2679.json) (`2023-05-17T13:15:09.283`) +* [CVE-2023-30438](CVE-2023/CVE-2023-304xx/CVE-2023-30438.json) (`2023-05-17T13:15:09.380`) +* [CVE-2023-31698](CVE-2023/CVE-2023-316xx/CVE-2023-31698.json) (`2023-05-17T13:15:09.463`) +* [CVE-2023-31699](CVE-2023/CVE-2023-316xx/CVE-2023-31699.json) (`2023-05-17T13:15:09.517`) +* [CVE-2023-31702](CVE-2023/CVE-2023-317xx/CVE-2023-31702.json) (`2023-05-17T13:15:09.567`) +* [CVE-2023-31703](CVE-2023/CVE-2023-317xx/CVE-2023-31703.json) (`2023-05-17T13:15:09.617`) +* [CVE-2023-31902](CVE-2023/CVE-2023-319xx/CVE-2023-31902.json) (`2023-05-17T13:15:09.667`) +* [CVE-2023-31903](CVE-2023/CVE-2023-319xx/CVE-2023-31903.json) (`2023-05-17T13:15:09.720`) +* [CVE-2023-31904](CVE-2023/CVE-2023-319xx/CVE-2023-31904.json) (`2023-05-17T13:15:09.777`) ### CVEs modified in the last Commit -Recently modified CVEs: `0` +Recently modified CVEs: `59` +* [CVE-2023-29280](CVE-2023/CVE-2023-292xx/CVE-2023-29280.json) (`2023-05-17T12:49:06.630`) +* [CVE-2023-29279](CVE-2023/CVE-2023-292xx/CVE-2023-29279.json) (`2023-05-17T12:49:18.707`) +* [CVE-2023-29277](CVE-2023/CVE-2023-292xx/CVE-2023-29277.json) (`2023-05-17T12:49:25.880`) +* [CVE-2023-29278](CVE-2023/CVE-2023-292xx/CVE-2023-29278.json) (`2023-05-17T12:49:36.830`) +* [CVE-2023-27385](CVE-2023/CVE-2023-273xx/CVE-2023-27385.json) (`2023-05-17T12:49:42.820`) +* [CVE-2023-29276](CVE-2023/CVE-2023-292xx/CVE-2023-29276.json) (`2023-05-17T12:49:50.070`) +* [CVE-2023-29275](CVE-2023/CVE-2023-292xx/CVE-2023-29275.json) (`2023-05-17T12:50:00.397`) +* [CVE-2023-29274](CVE-2023/CVE-2023-292xx/CVE-2023-29274.json) (`2023-05-17T12:50:06.257`) +* [CVE-2023-29273](CVE-2023/CVE-2023-292xx/CVE-2023-29273.json) (`2023-05-17T12:50:17.923`) +* [CVE-2023-2662](CVE-2023/CVE-2023-26xx/CVE-2023-2662.json) (`2023-05-17T12:53:16.877`) +* [CVE-2023-27889](CVE-2023/CVE-2023-278xx/CVE-2023-27889.json) (`2023-05-17T12:54:41.750`) +* [CVE-2023-29791](CVE-2023/CVE-2023-297xx/CVE-2023-29791.json) (`2023-05-17T12:54:44.870`) +* [CVE-2023-2661](CVE-2023/CVE-2023-26xx/CVE-2023-2661.json) (`2023-05-17T12:56:37.437`) +* [CVE-2023-27918](CVE-2023/CVE-2023-279xx/CVE-2023-27918.json) (`2023-05-17T12:56:58.967`) +* [CVE-2023-2660](CVE-2023/CVE-2023-26xx/CVE-2023-2660.json) (`2023-05-17T12:57:04.227`) +* [CVE-2023-2659](CVE-2023/CVE-2023-26xx/CVE-2023-2659.json) (`2023-05-17T12:57:38.140`) +* [CVE-2023-22720](CVE-2023/CVE-2023-227xx/CVE-2023-22720.json) (`2023-05-17T12:58:27.107`) +* [CVE-2023-2658](CVE-2023/CVE-2023-26xx/CVE-2023-2658.json) (`2023-05-17T12:58:56.517`) +* [CVE-2023-2657](CVE-2023/CVE-2023-26xx/CVE-2023-2657.json) (`2023-05-17T12:59:22.743`) +* [CVE-2023-29286](CVE-2023/CVE-2023-292xx/CVE-2023-29286.json) (`2023-05-17T13:01:05.513`) +* [CVE-2023-29285](CVE-2023/CVE-2023-292xx/CVE-2023-29285.json) (`2023-05-17T13:01:12.327`) +* [CVE-2023-29284](CVE-2023/CVE-2023-292xx/CVE-2023-29284.json) (`2023-05-17T13:01:17.987`) +* [CVE-2023-2656](CVE-2023/CVE-2023-26xx/CVE-2023-2656.json) (`2023-05-17T13:02:41.120`) +* [CVE-2023-2630](CVE-2023/CVE-2023-26xx/CVE-2023-2630.json) (`2023-05-17T13:16:52.083`) +* [CVE-2023-32066](CVE-2023/CVE-2023-320xx/CVE-2023-32066.json) (`2023-05-17T13:57:44.233`) ## Download and Usage