mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-07-09 16:05:11 +00:00
Auto-Update: 2023-07-18T12:01:11.195601+00:00
This commit is contained in:
parent
2b5a347814
commit
4bf5186d9f
@ -2,15 +2,38 @@
|
||||
"id": "CVE-2023-3118",
|
||||
"sourceIdentifier": "contact@wpscan.com",
|
||||
"published": "2023-07-10T16:15:54.970",
|
||||
"lastModified": "2023-07-10T16:27:17.833",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"lastModified": "2023-07-18T11:50:22.380",
|
||||
"vulnStatus": "Analyzed",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "The Export All URLs WordPress plugin before 4.6 does not sanitise and escape a parameter before outputting them back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin"
|
||||
}
|
||||
],
|
||||
"metrics": {},
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "nvd@nist.gov",
|
||||
"type": "Primary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "NONE",
|
||||
"userInteraction": "REQUIRED",
|
||||
"scope": "CHANGED",
|
||||
"confidentialityImpact": "LOW",
|
||||
"integrityImpact": "LOW",
|
||||
"availabilityImpact": "NONE",
|
||||
"baseScore": 6.1,
|
||||
"baseSeverity": "MEDIUM"
|
||||
},
|
||||
"exploitabilityScore": 2.8,
|
||||
"impactScore": 2.7
|
||||
}
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "contact@wpscan.com",
|
||||
@ -23,10 +46,32 @@
|
||||
]
|
||||
}
|
||||
],
|
||||
"configurations": [
|
||||
{
|
||||
"nodes": [
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:atlasgondal:export_all_urls:*:*:*:*:*:wordpress:*:*",
|
||||
"versionEndExcluding": "4.6",
|
||||
"matchCriteriaId": "ACF253A0-E004-45A0-8173-739030F6CE8C"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://wpscan.com/vulnerability/8a9efc8d-561a-42c6-8e61-ae5c3be581ea",
|
||||
"source": "contact@wpscan.com"
|
||||
"source": "contact@wpscan.com",
|
||||
"tags": [
|
||||
"Exploit",
|
||||
"Third Party Advisory"
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
@ -2,8 +2,8 @@
|
||||
"id": "CVE-2023-35698",
|
||||
"sourceIdentifier": "psirt@sick.de",
|
||||
"published": "2023-07-10T16:15:52.937",
|
||||
"lastModified": "2023-07-10T16:27:17.833",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"lastModified": "2023-07-18T11:44:50.397",
|
||||
"vulnStatus": "Analyzed",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
@ -12,6 +12,26 @@
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "nvd@nist.gov",
|
||||
"type": "Primary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "NONE",
|
||||
"userInteraction": "NONE",
|
||||
"scope": "UNCHANGED",
|
||||
"confidentialityImpact": "LOW",
|
||||
"integrityImpact": "NONE",
|
||||
"availabilityImpact": "NONE",
|
||||
"baseScore": 5.3,
|
||||
"baseSeverity": "MEDIUM"
|
||||
},
|
||||
"exploitabilityScore": 3.9,
|
||||
"impactScore": 1.4
|
||||
},
|
||||
{
|
||||
"source": "psirt@sick.de",
|
||||
"type": "Secondary",
|
||||
@ -35,6 +55,16 @@
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "nvd@nist.gov",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-203"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"source": "psirt@sick.de",
|
||||
"type": "Secondary",
|
||||
@ -46,18 +76,57 @@
|
||||
]
|
||||
}
|
||||
],
|
||||
"configurations": [
|
||||
{
|
||||
"operator": "AND",
|
||||
"nodes": [
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:o:sick:icr890-4_firmware:*:*:*:*:*:*:*:*",
|
||||
"versionEndExcluding": "2.5.0",
|
||||
"matchCriteriaId": "C9781FA2-2446-4587-8BBA-1AC342BC5A0F"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": false,
|
||||
"criteria": "cpe:2.3:h:sick:icr890-4:-:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "8E1AF1D7-8380-4B5C-8258-214F00638CC2"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0006.json",
|
||||
"source": "psirt@sick.de"
|
||||
"source": "psirt@sick.de",
|
||||
"tags": [
|
||||
"Vendor Advisory"
|
||||
]
|
||||
},
|
||||
{
|
||||
"url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0006.pdf",
|
||||
"source": "psirt@sick.de"
|
||||
"source": "psirt@sick.de",
|
||||
"tags": [
|
||||
"Vendor Advisory"
|
||||
]
|
||||
},
|
||||
{
|
||||
"url": "https://sick.com/psirt",
|
||||
"source": "psirt@sick.de"
|
||||
"source": "psirt@sick.de",
|
||||
"tags": [
|
||||
"Product"
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
@ -2,8 +2,8 @@
|
||||
"id": "CVE-2023-35699",
|
||||
"sourceIdentifier": "psirt@sick.de",
|
||||
"published": "2023-07-10T16:15:52.993",
|
||||
"lastModified": "2023-07-10T16:27:17.833",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"lastModified": "2023-07-18T11:46:43.907",
|
||||
"vulnStatus": "Analyzed",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
@ -12,6 +12,26 @@
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "nvd@nist.gov",
|
||||
"type": "Primary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
|
||||
"attackVector": "PHYSICAL",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "NONE",
|
||||
"userInteraction": "NONE",
|
||||
"scope": "UNCHANGED",
|
||||
"confidentialityImpact": "HIGH",
|
||||
"integrityImpact": "NONE",
|
||||
"availabilityImpact": "NONE",
|
||||
"baseScore": 4.6,
|
||||
"baseSeverity": "MEDIUM"
|
||||
},
|
||||
"exploitabilityScore": 0.9,
|
||||
"impactScore": 3.6
|
||||
},
|
||||
{
|
||||
"source": "psirt@sick.de",
|
||||
"type": "Secondary",
|
||||
@ -35,6 +55,16 @@
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "nvd@nist.gov",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-312"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"source": "psirt@sick.de",
|
||||
"type": "Secondary",
|
||||
@ -46,18 +76,57 @@
|
||||
]
|
||||
}
|
||||
],
|
||||
"configurations": [
|
||||
{
|
||||
"operator": "AND",
|
||||
"nodes": [
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:o:sick:icr890-4_firmware:*:*:*:*:*:*:*:*",
|
||||
"versionEndExcluding": "2.5.0",
|
||||
"matchCriteriaId": "C9781FA2-2446-4587-8BBA-1AC342BC5A0F"
|
||||
}
|
||||
]
|
||||
},
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": false,
|
||||
"criteria": "cpe:2.3:h:sick:icr890-4:-:*:*:*:*:*:*:*",
|
||||
"matchCriteriaId": "8E1AF1D7-8380-4B5C-8258-214F00638CC2"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0006.json",
|
||||
"source": "psirt@sick.de"
|
||||
"source": "psirt@sick.de",
|
||||
"tags": [
|
||||
"Vendor Advisory"
|
||||
]
|
||||
},
|
||||
{
|
||||
"url": "https://sick.com/.well-known/csaf/white/2023/sca-2023-0006.pdf",
|
||||
"source": "psirt@sick.de"
|
||||
"source": "psirt@sick.de",
|
||||
"tags": [
|
||||
"Vendor Advisory"
|
||||
]
|
||||
},
|
||||
{
|
||||
"url": "https://sick.com/psirt",
|
||||
"source": "psirt@sick.de"
|
||||
"source": "psirt@sick.de",
|
||||
"tags": [
|
||||
"Product"
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
@ -2,8 +2,8 @@
|
||||
"id": "CVE-2023-37392",
|
||||
"sourceIdentifier": "audit@patchstack.com",
|
||||
"published": "2023-07-10T16:15:53.947",
|
||||
"lastModified": "2023-07-10T16:27:17.833",
|
||||
"vulnStatus": "Awaiting Analysis",
|
||||
"lastModified": "2023-07-18T11:54:08.147",
|
||||
"vulnStatus": "Analyzed",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
@ -12,6 +12,26 @@
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "nvd@nist.gov",
|
||||
"type": "Primary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "NONE",
|
||||
"userInteraction": "REQUIRED",
|
||||
"scope": "UNCHANGED",
|
||||
"confidentialityImpact": "HIGH",
|
||||
"integrityImpact": "HIGH",
|
||||
"availabilityImpact": "HIGH",
|
||||
"baseScore": 8.8,
|
||||
"baseSeverity": "HIGH"
|
||||
},
|
||||
"exploitabilityScore": 2.8,
|
||||
"impactScore": 5.9
|
||||
},
|
||||
{
|
||||
"source": "audit@patchstack.com",
|
||||
"type": "Secondary",
|
||||
@ -46,10 +66,31 @@
|
||||
]
|
||||
}
|
||||
],
|
||||
"configurations": [
|
||||
{
|
||||
"nodes": [
|
||||
{
|
||||
"operator": "OR",
|
||||
"negate": false,
|
||||
"cpeMatch": [
|
||||
{
|
||||
"vulnerable": true,
|
||||
"criteria": "cpe:2.3:a:wp_dummy_content_generator_project:wp_dummy_content_generator:*:*:*:*:*:wordpress:*:*",
|
||||
"versionEndExcluding": "3.0.0",
|
||||
"matchCriteriaId": "DE5765EB-63F0-44DF-BD0A-C528EFA144A9"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://patchstack.com/database/vulnerability/wp-dummy-content-generator/wordpress-wp-dummy-content-generator-plugin-2-3-0-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
|
||||
"source": "audit@patchstack.com"
|
||||
"source": "audit@patchstack.com",
|
||||
"tags": [
|
||||
"Third Party Advisory"
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
18
README.md
18
README.md
@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
|
||||
### Last Repository Update
|
||||
|
||||
```plain
|
||||
2023-07-18T10:01:32.797377+00:00
|
||||
2023-07-18T12:01:11.195601+00:00
|
||||
```
|
||||
|
||||
### Most recent CVE Modification Timestamp synchronized with NVD
|
||||
|
||||
```plain
|
||||
2023-07-18T09:15:11.067000+00:00
|
||||
2023-07-18T11:54:08.147000+00:00
|
||||
```
|
||||
|
||||
### Last Data Feed Release
|
||||
@ -34,20 +34,18 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
|
||||
|
||||
### CVEs added in the last Commit
|
||||
|
||||
Recently added CVEs: `1`
|
||||
Recently added CVEs: `0`
|
||||
|
||||
* [CVE-2023-2433](CVE-2023/CVE-2023-24xx/CVE-2023-2433.json) (`2023-07-18T09:15:11.067`)
|
||||
|
||||
|
||||
### CVEs modified in the last Commit
|
||||
|
||||
Recently modified CVEs: `5`
|
||||
Recently modified CVEs: `4`
|
||||
|
||||
* [CVE-2023-0045](CVE-2023/CVE-2023-00xx/CVE-2023-0045.json) (`2023-07-18T08:15:09.580`)
|
||||
* [CVE-2023-34981](CVE-2023/CVE-2023-349xx/CVE-2023-34981.json) (`2023-07-18T08:15:10.020`)
|
||||
* [CVE-2023-35788](CVE-2023/CVE-2023-357xx/CVE-2023-35788.json) (`2023-07-18T08:15:10.113`)
|
||||
* [CVE-2023-3128](CVE-2023/CVE-2023-31xx/CVE-2023-3128.json) (`2023-07-18T08:15:10.410`)
|
||||
* [CVE-2023-3326](CVE-2023/CVE-2023-33xx/CVE-2023-3326.json) (`2023-07-18T08:15:10.613`)
|
||||
* [CVE-2023-35698](CVE-2023/CVE-2023-356xx/CVE-2023-35698.json) (`2023-07-18T11:44:50.397`)
|
||||
* [CVE-2023-35699](CVE-2023/CVE-2023-356xx/CVE-2023-35699.json) (`2023-07-18T11:46:43.907`)
|
||||
* [CVE-2023-3118](CVE-2023/CVE-2023-31xx/CVE-2023-3118.json) (`2023-07-18T11:50:22.380`)
|
||||
* [CVE-2023-37392](CVE-2023/CVE-2023-373xx/CVE-2023-37392.json) (`2023-07-18T11:54:08.147`)
|
||||
|
||||
|
||||
## Download and Usage
|
||||
|
Loading…
x
Reference in New Issue
Block a user