admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-10-02T12:00:25.054241+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-10-02 12:00:28 +00:00
parent 05f28328de
commit 4b88959f5c
15 changed files with 812 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

55
CVE-2023/CVE-2023-37xx/CVE-2023-3768.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-3768",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2023-10-02T11:15:50.213",
"lastModified": "2023-10-02T11:15:50.213",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Incorrect data input validation vulnerability, which could allow an attacker with access to the network to implement fuzzing techniques that would allow him to gain knowledge about specially crafted packets that would create a DoS condition through the MMS protocol when initiating communication, achieving a complete system reboot of the device and its services."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0
}
]
},
"weaknesses": [
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso-sci/multiple-vulnerabilities-ingeteam-products",
"source": "cve-coordination@incibe.es"
}
]
}

59
CVE-2023/CVE-2023-441xx/CVE-2023-44144.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-44144",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-10-02T10:15:12.577",
"lastModified": "2023-10-02T10:15:12.577",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Dreamfox Payment gateway per Product for WooCommerce plugin <=\u00a03.2.7 versions."
},
{
"lang": "es",
"value": "Vulnerabilidad de Cross-Site Scripting (XSS) Reflejada No Autenticada en la pasarela Dreamfox Payment per Product para el complemento WooCommerce en versiones &lt;= 3.2.7."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/woocommerce-product-payments/wordpress-payment-gateway-per-product-for-woocommerce-plugin-3-2-7-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

59
CVE-2023/CVE-2023-441xx/CVE-2023-44145.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-44145",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-10-02T10:15:12.800",
"lastModified": "2023-10-02T10:15:12.800",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in jesweb.Dev Anchor Episodes Index (Spotify for Podcasters) plugin <=\u00a02.1.7 versions."
},
{
"lang": "es",
"value": "Vulnerabilidad de Coss-Site Scripting (XSS) autenticada (con permisos de admin o superiores) almacenada en el complemento jesweb.Dev Anchor Episodes Index (Spotify for Podcasters) en versiones &lt;= 2.1.7."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/anchor-episodes-index/wordpress-anchor-episodes-index-spotify-for-podcasters-plugin-2-1-7-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2023/CVE-2023-442xx/CVE-2023-44228.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-44228",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-10-02T11:15:50.317",
"lastModified": "2023-10-02T11:15:50.317",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gopi Ramasamy Onclick show popup plugin <=\u00a08.1 versions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/onclick-show-popup/wordpress-onclick-show-popup-plugin-8-1-cross-site-scripting-xss?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2023/CVE-2023-442xx/CVE-2023-44230.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-44230",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-10-02T11:15:50.393",
"lastModified": "2023-10-02T11:15:50.393",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gopi Ramasamy Popup contact form plugin <=\u00a07.1 versions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/popup-contact-form/wordpress-popup-contact-form-plugin-7-1-cross-site-scripting-xss-2?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

59
CVE-2023/CVE-2023-442xx/CVE-2023-44239.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-44239",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-10-02T10:15:12.877",
"lastModified": "2023-10-02T10:15:12.877",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Jobin Jose WWM Social Share On Image Hover plugin <=\u00a02.2 versions."
},
{
"lang": "es",
"value": "Vulnerabilidad de Coss-Site Scripting (XSS) autenticada (con permisos de admin o superiores) almacenada en el complemento Jobin Jose WWM Social Share On Image Hover en versiones &lt;= 2.2."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wwm-social-share-on-image-hover/wordpress-wwm-social-share-on-image-hover-plugin-2-2-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2023/CVE-2023-442xx/CVE-2023-44242.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-44242",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-10-02T11:15:50.470",
"lastModified": "2023-10-02T11:15:50.470",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in 2J Slideshow Team Slideshow, Image Slider by 2J plugin <=\u00a01.3.54 versions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/2j-slideshow/wordpress-slideshow-image-slider-by-2j-plugin-1-3-54-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

59
CVE-2023/CVE-2023-442xx/CVE-2023-44245.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-44245",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-10-02T10:15:12.953",
"lastModified": "2023-10-02T10:15:12.953",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Leap Contractor Contact Form Website to Workflow Tool plugin <=\u00a04.0.0 versions."
},
{
"lang": "es",
"value": "Vulnerabilidad de Cross-Site Scripting (XSS) Reflejada No Autenticada en el complemento Workflow Tool de Leap Contractor Contact Form Website en versiones &lt;= 4.0.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/contractor-contact-form-website-to-workflow-tool/wordpress-contractor-contact-form-website-to-workflow-tool-plugin-4-0-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

59
CVE-2023/CVE-2023-442xx/CVE-2023-44262.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-44262",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-10-02T10:15:13.027",
"lastModified": "2023-10-02T10:15:13.027",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Renzo Johnson Blocks plugin <=\u00a01.6.41 versions."
},
{
"lang": "es",
"value": "Vulnerabilidad de Coss-Site Scripting (XSS) autenticada (con permisos de admin o superiores) almacenada en el complemento Renzo Johnson Blocks en versiones &lt;= 1.6.41."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/blocks/wordpress-blocks-plugin-1-6-41-cross-site-scripting-xss?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

59
CVE-2023/CVE-2023-442xx/CVE-2023-44263.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-44263",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-10-02T10:15:13.107",
"lastModified": "2023-10-02T10:15:13.107",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Riyaz Social Metrics plugin <=\u00a02.2 versions."
},
{
"lang": "es",
"value": "Vulnerabilidad de Coss-Site Scripting (XSS) autenticada (con permisos de admin o superiores) almacenada en el complemento Riyaz Social Metrics en versiones &lt;= 2.2."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/social-metrics/wordpress-social-metrics-plugin-2-2-cross-site-scripting-xss?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2023/CVE-2023-442xx/CVE-2023-44264.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-44264",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-10-02T11:15:50.547",
"lastModified": "2023-10-02T11:15:50.547",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Arrow Plugins The Awesome Feed \u2013 Custom Feed plugin <=\u00a02.2.5 versions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wp-facebook-feed/wordpress-the-awesome-feed-custom-feed-plugin-2-2-5-cross-site-scripting-xss?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2023/CVE-2023-442xx/CVE-2023-44265.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-44265",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-10-02T11:15:50.627",
"lastModified": "2023-10-02T11:15:50.627",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gopi Ramasamy Popup contact form plugin <=\u00a07.1 versions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/popup-contact-form/wordpress-popup-contact-form-plugin-7-1-cross-site-scripting-xss?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2023/CVE-2023-442xx/CVE-2023-44266.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-44266",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-10-02T11:15:50.700",
"lastModified": "2023-10-02T11:15:50.700",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Jewel Theme WP Adminify plugin <=\u00a03.1.6 versions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/adminify/wordpress-wp-adminify-custom-login-admin-dashboard-admin-columns-plugin-3-1-6-cross-site-scripting-xss?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2023/CVE-2023-51xx/CVE-2023-5160.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-5160",
"sourceIdentifier": "responsibledisclosure@mattermost.com",
"published": "2023-10-02T11:15:50.813",
"lastModified": "2023-10-02T11:15:50.813",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Mattermost fails to check the Show Full Name option at the /api/v4/teams/TEAM_ID/top/team_members endpoint allowing\u00a0a member to get the full name of another user even if the Show Full Name option was disabled\n\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "responsibledisclosure@mattermost.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "responsibledisclosure@mattermost.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"references": [
{
"url": "https://mattermost.com/security-updates",
"source": "responsibledisclosure@mattermost.com"
}
]
}

40
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-10-02T10:00:24.784552+00:00
2023-10-02T12:00:25.054241+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-10-02T09:15:12.513000+00:00
2023-10-02T11:15:50.813000+00:00
```
### Last Data Feed Release
@ -29,31 +29,27 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
226733
226747
```
### CVEs added in the last Commit
Recently added CVEs: `18`
Recently added CVEs: `14`
* [CVE-2023-41692](CVE-2023/CVE-2023-416xx/CVE-2023-41692.json) (`2023-10-02T08:15:38.273`)
* [CVE-2023-41728](CVE-2023/CVE-2023-417xx/CVE-2023-41728.json) (`2023-10-02T08:15:38.580`)
* [CVE-2023-41729](CVE-2023/CVE-2023-417xx/CVE-2023-41729.json) (`2023-10-02T08:15:38.660`)
* [CVE-2023-41731](CVE-2023/CVE-2023-417xx/CVE-2023-41731.json) (`2023-10-02T08:15:38.733`)
* [CVE-2023-41733](CVE-2023/CVE-2023-417xx/CVE-2023-41733.json) (`2023-10-02T08:15:38.803`)
* [CVE-2023-41734](CVE-2023/CVE-2023-417xx/CVE-2023-41734.json) (`2023-10-02T08:15:38.880`)
* [CVE-2023-41736](CVE-2023/CVE-2023-417xx/CVE-2023-41736.json) (`2023-10-02T08:15:38.957`)
* [CVE-2023-41737](CVE-2023/CVE-2023-417xx/CVE-2023-41737.json) (`2023-10-02T09:15:11.717`)
* [CVE-2023-41797](CVE-2023/CVE-2023-417xx/CVE-2023-41797.json) (`2023-10-02T09:15:11.813`)
* [CVE-2023-41800](CVE-2023/CVE-2023-418xx/CVE-2023-41800.json) (`2023-10-02T09:15:11.890`)
* [CVE-2023-41847](CVE-2023/CVE-2023-418xx/CVE-2023-41847.json) (`2023-10-02T09:15:11.967`)
* [CVE-2023-41855](CVE-2023/CVE-2023-418xx/CVE-2023-41855.json) (`2023-10-02T09:15:12.043`)
* [CVE-2023-41856](CVE-2023/CVE-2023-418xx/CVE-2023-41856.json) (`2023-10-02T09:15:12.117`)
* [CVE-2023-41859](CVE-2023/CVE-2023-418xx/CVE-2023-41859.json) (`2023-10-02T09:15:12.203`)
* [CVE-2023-44244](CVE-2023/CVE-2023-442xx/CVE-2023-44244.json) (`2023-10-02T09:15:12.277`)
* [CVE-2023-44474](CVE-2023/CVE-2023-444xx/CVE-2023-44474.json) (`2023-10-02T09:15:12.357`)
* [CVE-2023-44477](CVE-2023/CVE-2023-444xx/CVE-2023-44477.json) (`2023-10-02T09:15:12.437`)
* [CVE-2023-44479](CVE-2023/CVE-2023-444xx/CVE-2023-44479.json) (`2023-10-02T09:15:12.513`)
* [CVE-2023-44144](CVE-2023/CVE-2023-441xx/CVE-2023-44144.json) (`2023-10-02T10:15:12.577`)
* [CVE-2023-44145](CVE-2023/CVE-2023-441xx/CVE-2023-44145.json) (`2023-10-02T10:15:12.800`)
* [CVE-2023-44239](CVE-2023/CVE-2023-442xx/CVE-2023-44239.json) (`2023-10-02T10:15:12.877`)
* [CVE-2023-44245](CVE-2023/CVE-2023-442xx/CVE-2023-44245.json) (`2023-10-02T10:15:12.953`)
* [CVE-2023-44262](CVE-2023/CVE-2023-442xx/CVE-2023-44262.json) (`2023-10-02T10:15:13.027`)
* [CVE-2023-44263](CVE-2023/CVE-2023-442xx/CVE-2023-44263.json) (`2023-10-02T10:15:13.107`)
* [CVE-2023-3768](CVE-2023/CVE-2023-37xx/CVE-2023-3768.json) (`2023-10-02T11:15:50.213`)
* [CVE-2023-44228](CVE-2023/CVE-2023-442xx/CVE-2023-44228.json) (`2023-10-02T11:15:50.317`)
* [CVE-2023-44230](CVE-2023/CVE-2023-442xx/CVE-2023-44230.json) (`2023-10-02T11:15:50.393`)
* [CVE-2023-44242](CVE-2023/CVE-2023-442xx/CVE-2023-44242.json) (`2023-10-02T11:15:50.470`)
* [CVE-2023-44264](CVE-2023/CVE-2023-442xx/CVE-2023-44264.json) (`2023-10-02T11:15:50.547`)
* [CVE-2023-44265](CVE-2023/CVE-2023-442xx/CVE-2023-44265.json) (`2023-10-02T11:15:50.627`)
* [CVE-2023-44266](CVE-2023/CVE-2023-442xx/CVE-2023-44266.json) (`2023-10-02T11:15:50.700`)
* [CVE-2023-5160](CVE-2023/CVE-2023-51xx/CVE-2023-5160.json) (`2023-10-02T11:15:50.813`)
### CVEs modified in the last Commit