admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-08 03:27:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-05-12T10:00:23.171949+00:00

Browse Source
This commit is contained in:
René Helmke 2023-05-12 12:00:26 +02:00
parent 80805e9c86
commit 4cf7a6da83
34 changed files with 1647 additions and 79 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

47
CVE-2022/CVE-2022-416xx/CVE-2022-41640.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-41640",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-09T10:15:10.423",
"lastModified": "2023-05-09T12:46:35.530",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-12T09:28:35.857",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rymera:wholesale_suite:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.1.5.1",
"matchCriteriaId": "F68C8C8F-1AB9-478A-AB03-EE8FA27E4EC1"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/woocommerce-wholesale-prices/wordpress-wholesale-suite-plugin-2-1-5-authenticated-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

8
CVE-2022/CVE-2022-428xx/CVE-2022-42853.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-42853",
"sourceIdentifier": "product-security@apple.com",
"published": "2022-12-15T19:15:24.860",
"lastModified": "2023-01-09T16:56:53.943",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-12T09:15:09.530",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -80,6 +80,10 @@
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT213533",
"source": "product-security@apple.com"
}
]
}

12
CVE-2022/CVE-2022-428xx/CVE-2022-42865.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-42865",
"sourceIdentifier": "product-security@apple.com",
"published": "2022-12-15T19:15:25.470",
"lastModified": "2023-01-09T16:46:43.713",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-12T09:15:09.997",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -113,6 +113,10 @@
"Third Party Advisory"
]
},
{
"url": "http://seclists.org/fulldisclosure/2022/Dec/27",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213530",
"source": "product-security@apple.com",
@ -144,6 +148,10 @@
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT213534",
"source": "product-security@apple.com"
}
]
}

6
CVE-2022/CVE-2022-467xx/CVE-2022-46703.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-46703",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-04-10T19:15:07.080",
"lastModified": "2023-05-08T20:15:15.497",
"lastModified": "2023-05-12T09:15:10.070",
"vulnStatus": "Modified",
"descriptions": [
{
@ -114,6 +114,10 @@
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT213533",
"source": "product-security@apple.com"
}
]
}

47
CVE-2022/CVE-2022-468xx/CVE-2022-46822.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-46822",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-09T13:15:16.187",
"lastModified": "2023-05-09T14:30:54.950",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-12T09:26:02.197",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:jazzcash:woocommerce_jazzcash_gateway:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.0",
"matchCriteriaId": "46743973-FC0E-40F1-AB79-9F977BE8F4A6"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/jazzcash-woocommerce-gateway/wordpress-woocommerce-jazzcash-gateway-plugin-plugin-2-0-cross-site-scripting-xss?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-236xx/CVE-2023-23664.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-23664",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-09T10:15:10.567",
"lastModified": "2023-05-09T12:46:35.530",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-12T09:28:26.533",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:convertbox:convertbox_auto_embed:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.0.20",
"matchCriteriaId": "5A5BFD86-92D0-4F2E-910D-F74AADECC432"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/convertbox-auto-embed/wordpress-convertbox-auto-embed-wordpress-plugin-plugin-1-0-19-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-237xx/CVE-2023-23732.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-23732",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-09T11:15:09.193",
"lastModified": "2023-05-09T12:46:35.530",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-12T09:27:34.467",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:disqus_conditional_load_project:disqus_conditional_load:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "11.0.6",
"matchCriteriaId": "D351C735-8613-49AF-B8C8-3A46FD2AD18C"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/disqus-conditional-load/wordpress-disqus-conditional-load-plugin-11-0-6-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-237xx/CVE-2023-23733.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-23733",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-09T11:15:09.260",
"lastModified": "2023-05-09T12:46:35.530",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-12T09:27:24.587",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lazy_social_comments_project:lazy_social_comments:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.0.4",
"matchCriteriaId": "6D95D96D-DFDA-42B6-A66B-7507EB7A0EB9"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/lazy-facebook-comments/wordpress-lazy-social-comments-plugin-2-0-4-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-237xx/CVE-2023-23734.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-23734",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-09T11:15:09.313",
"lastModified": "2023-05-09T12:46:35.530",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-12T09:26:58.983",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:userlike:userlike:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.3",
"matchCriteriaId": "037EBEB4-4100-4962-BCE7-2E1A43F2DBB9"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/userlike/wordpress-userlike-wordpress-live-chat-plugin-plugin-2-1-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

59
CVE-2023/CVE-2023-237xx/CVE-2023-23793.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-23793",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-09T10:15:10.620",
"lastModified": "2023-05-09T12:46:35.530",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-12T09:28:18.280",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -36,7 +56,7 @@
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
@ -44,12 +64,43 @@
"value": "CWE-79"
}
]
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:8web:read_more_without_refresh:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "3.2",
"matchCriteriaId": "8AE0CA2F-B9C0-4595-9609-39CFBCC897DA"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/read-more-without-refresh/wordpress-read-more-without-refresh-plugin-3-1-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-238xx/CVE-2023-23862.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-23862",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-09T11:15:09.377",
"lastModified": "2023-05-09T12:46:35.530",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-12T09:26:48.997",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vertical_scroll_recent_post_project:vertical_scroll_recent_post:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "14.0",
"matchCriteriaId": "2CA989A2-35F4-46C8-B61E-0F41E2717593"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/vertical-scroll-recent-post/wordpress-vertical-scroll-recent-post-plugin-14-0-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-238xx/CVE-2023-23863.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-23863",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-09T08:15:08.373",
"lastModified": "2023-05-09T12:46:35.530",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-12T09:28:43.237",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:blackandwhitedigital:treepress:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "3.0.0",
"matchCriteriaId": "F788DEE6-D316-4E90-AD52-325375C6FA81"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/treepress/wordpress-treepress-easy-family-trees-ancestor-profiles-plugin-2-0-22-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-238xx/CVE-2023-23883.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-23883",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-09T11:15:09.433",
"lastModified": "2023-05-09T12:46:35.530",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-12T09:26:39.947",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wp_content_filter_-_censor_all_offensive_content_from_your_site_project:wp_content_filter_-_censor_all_offensive_content_from_your_site:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "3.0.1",
"matchCriteriaId": "94746545-D9D6-415B-806C-DB6CDD63B1F9"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wp-content-filter/wordpress-wp-content-filter-censor-all-offensive-content-from-your-site-plugin-3-0-1-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-238xx/CVE-2023-23884.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-23884",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-09T11:15:09.517",
"lastModified": "2023-05-09T12:46:35.530",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-12T09:26:27.187",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:kanbanwp:kanban_boards_for_wordpress:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.5.20",
"matchCriteriaId": "F5E93C78-DFC2-49B6-A795-2904CFF100FF"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/kanban/wordpress-kanban-boards-for-wordpress-plugin-2-5-20-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

59
CVE-2023/CVE-2023-243xx/CVE-2023-24372.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-24372",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-09T11:15:09.603",
"lastModified": "2023-05-09T12:46:35.530",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-12T09:26:18.180",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -36,7 +56,7 @@
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
@ -44,12 +64,43 @@
"value": "CWE-79"
}
]
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:usbmemorydirect:simple_custom_author_profiles:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.0.0",
"matchCriteriaId": "E4970F10-8F5F-4EEC-90EF-0A968B7ECDD5"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/simple-custom-author-profiles/wordpress-simple-custom-author-profiles-plugin-1-0-0-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

55
CVE-2023/CVE-2023-25xx/CVE-2023-2514.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-2514",
"sourceIdentifier": "responsibledisclosure@mattermost.com",
"published": "2023-05-12T09:15:10.267",
"lastModified": "2023-05-12T09:15:10.267",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Mattermost Sever fails to redact the DB username and password before emitting an application log during server initialization.\u00a0\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "responsibledisclosure@mattermost.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "LOW",
"baseScore": 6.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 5.5
}
]
},
"weaknesses": [
{
"source": "responsibledisclosure@mattermost.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"references": [
{
"url": "https://mattermost.com/security-updates",
"source": "responsibledisclosure@mattermost.com"
}
]
}

55
CVE-2023/CVE-2023-25xx/CVE-2023-2515.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-2515",
"sourceIdentifier": "responsibledisclosure@mattermost.com",
"published": "2023-05-12T09:15:10.373",
"lastModified": "2023-05-12T09:15:10.373",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Mattermost fails to restrict a user with permissions to edit other users and to create personal access tokens from elevating their privileges to system admin\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "responsibledisclosure@mattermost.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 4.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 3.4
}
]
},
"weaknesses": [
{
"source": "responsibledisclosure@mattermost.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
}
],
"references": [
{
"url": "https://mattermost.com/security-updates",
"source": "responsibledisclosure@mattermost.com"
}
]
}

55
CVE-2023/CVE-2023-25xx/CVE-2023-2590.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2590",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-05-09T06:15:08.890",
"lastModified": "2023-05-09T12:46:35.530",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-12T09:29:25.983",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW"
},
"exploitabilityScore": 2.1,
"impactScore": 1.4
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -46,14 +68,39 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:answer:answer:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.0.9",
"matchCriteriaId": "A987063C-F21D-43E3-A4C6-3AAE15C90593"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/answerdev/answer/commit/51ac1e6b76ae9ab3ca2008ca4819c0cc3bd2fcd3",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Patch"
]
},
{
"url": "https://huntr.dev/bounties/a4238a30-3ddb-4415-9055-e179c3d4dea7",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Exploit",
"Patch"
]
}
]
}

67
CVE-2023/CVE-2023-25xx/CVE-2023-2591.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2591",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-05-09T10:15:10.683",
"lastModified": "2023-05-09T12:46:35.530",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-12T09:28:07.090",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -36,8 +58,18 @@
},
"weaknesses": [
{
"source": "security@huntr.dev",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "security@huntr.dev",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -46,14 +78,39 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:teampass:teampass:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.0.7",
"matchCriteriaId": "77E017F7-C597-4550-9520-9444D115C381"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/nilsteampassnet/teampass/commit/57a977c6323656e5dc06ab5c227e75c3465a1a4a",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Patch"
]
},
{
"url": "https://huntr.dev/bounties/705f79f4-f5e3-41d7-82a5-f00441cd984b",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Exploit",
"Patch"
]
}
]
}

55
CVE-2023/CVE-2023-26xx/CVE-2023-2610.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2610",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-05-09T22:15:10.197",
"lastModified": "2023-05-10T02:29:55.237",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-12T09:24:13.633",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -46,14 +68,39 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vim:vim:*:*:*:*:*:*:*:*",
"versionEndExcluding": "9.0.1532",
"matchCriteriaId": "2D2C26EC-72A8-44BC-BD3D-B2878B8C3EBA"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/vim/vim/commit/ab9a2d884b3a4abe319606ea95a5a6d6b01cd73a",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Patch"
]
},
{
"url": "https://huntr.dev/bounties/31e67340-935b-4f6c-a923-f7246bc29c7d",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Exploit",
"Patch"
]
}
]
}

58
CVE-2023/CVE-2023-26xx/CVE-2023-2619.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2619",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-05-10T06:15:17.990",
"lastModified": "2023-05-10T13:06:16.563",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-12T09:23:38.700",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,18 +93,44 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:online_tours_\\&_travels_management_system_project:online_tours_\\&_travels_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5468F32-0596-4448-BE96-F06564FC0831"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.csdn.net/weixin_43864034/article/details/130596916",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
},
{
"url": "https://vuldb.com/?ctiid.228549",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.228549",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

84
CVE-2023/CVE-2023-26xx/CVE-2023-2669.json Normal file
View File

@ -0,0 +1,84 @@
{
"id": "CVE-2023-2669",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-05-12T08:15:09.063",
"lastModified": "2023-05-12T08:15:09.063",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in SourceCodester Lost and Found Information System 1.0. It has been classified as critical. This affects an unknown part of the file admin/?page=categories/view_category of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The identifier VDB-228885 was assigned to this vulnerability."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?ctiid.228885",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.228885",
"source": "cna@vuldb.com"
}
]
}

84
CVE-2023/CVE-2023-26xx/CVE-2023-2670.json Normal file
View File

@ -0,0 +1,84 @@
{
"id": "CVE-2023-2670",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-05-12T08:15:09.130",
"lastModified": "2023-05-12T08:15:09.130",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in SourceCodester Lost and Found Information System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file admin/?page=user/manage_user. The manipulation leads to improper access controls. The attack can be initiated remotely. VDB-228886 is the identifier assigned to this vulnerability."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?ctiid.228886",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.228886",
"source": "cna@vuldb.com"
}
]
}

84
CVE-2023/CVE-2023-26xx/CVE-2023-2671.json Normal file
View File

@ -0,0 +1,84 @@
{
"id": "CVE-2023-2671",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-05-12T09:15:10.447",
"lastModified": "2023-05-12T09:15:10.447",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in SourceCodester Lost and Found Information System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file classes/Master.php?f=save_inquiry of the component Contact Form. The manipulation of the argument fullname/contact/message leads to cross site scripting. The attack may be initiated remotely. The associated identifier of this vulnerability is VDB-228887."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW"
},
"exploitabilityScore": 2.1,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE",
"baseScore": 4.0
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?ctiid.228887",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.228887",
"source": "cna@vuldb.com"
}
]
}

84
CVE-2023/CVE-2023-26xx/CVE-2023-2672.json Normal file
View File

@ -0,0 +1,84 @@
{
"id": "CVE-2023-2672",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-05-12T09:15:10.520",
"lastModified": "2023-05-12T09:15:10.520",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical has been found in SourceCodester Lost and Found Information System 1.0. Affected is an unknown function of the file items/view.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The identifier of this vulnerability is VDB-228888."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?ctiid.228888",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.228888",
"source": "cna@vuldb.com"
}
]
}

59
CVE-2023/CVE-2023-26xx/CVE-2023-2674.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-2674",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-05-12T08:15:09.200",
"lastModified": "2023-05-12T08:15:09.200",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Improper Access Control in GitHub repository openemr/openemr prior to 7.0.1."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"references": [
{
"url": "https://github.com/openemr/openemr/commit/bb4244c83a74628faafabc0598366f49863914a9",
"source": "security@huntr.dev"
},
{
"url": "https://huntr.dev/bounties/af73e913-730c-4245-88ce-26fc908d3644",
"source": "security@huntr.dev"
}
]
}

88
CVE-2023/CVE-2023-26xx/CVE-2023-2676.json Normal file
View File

@ -0,0 +1,88 @@
{
"id": "CVE-2023-2676",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-05-12T09:15:10.610",
"lastModified": "2023-05-12T09:15:10.610",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, has been found in H3C R160 V1004004. Affected by this issue is some unknown functionality of the file /goForm/aspForm. The manipulation of the argument go leads to stack-based buffer overflow. The exploit has been disclosed to the public and may be used. VDB-228890 is the identifier assigned to this vulnerability."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.1,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"accessVector": "ADJACENT_NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 5.2
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 5.1,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-121"
}
]
}
],
"references": [
{
"url": "https://github.com/xinzhihen06/dxq-cve/blob/main/h3cr160.md",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.228890",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.228890",
"source": "cna@vuldb.com"
}
]
}

12
CVE-2023/CVE-2023-279xx/CVE-2023-27931.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-27931",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-05-08T20:15:17.197",
"lastModified": "2023-05-09T12:47:05.663",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-12T09:15:10.157",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
"lang": "en",
@ -27,6 +27,14 @@
{
"url": "https://support.apple.com/en-us/HT213678",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/kb/HT213603",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/kb/HT213604",
"source": "product-security@apple.com"
}
]
}

32
CVE-2023/CVE-2023-289xx/CVE-2023-28936.json Normal file
View File

@ -0,0 +1,32 @@
{
"id": "CVE-2023-28936",
"sourceIdentifier": "security@apache.org",
"published": "2023-05-12T08:15:08.857",
"lastModified": "2023-05-12T08:15:08.857",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Attacker can access arbitrary recording/room\n\nVendor: The Apache Software Foundation\n\nVersions\u00a0Affected: Apache OpenMeetings from 2.0.0 before 7.1.0\n"
}
],
"metrics": {},
"weaknesses": [
{
"source": "security@apache.org",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-697"
}
]
}
],
"references": [
{
"url": "https://lists.apache.org/thread/y6vng44c22ll221rtvsv208x1pbjmdoc",
"source": "security@apache.org"
}
]
}

32
CVE-2023/CVE-2023-290xx/CVE-2023-29032.json Normal file
View File

@ -0,0 +1,32 @@
{
"id": "CVE-2023-29032",
"sourceIdentifier": "security@apache.org",
"published": "2023-05-12T08:15:08.930",
"lastModified": "2023-05-12T08:15:08.930",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An attacker that has gained access to certain private information can use this to act as other user.\n\nVendor: The Apache Software Foundation\n\nVersions Affected: Apache OpenMeetings from 3.1.3 before 7.1.0"
}
],
"metrics": {},
"weaknesses": [
{
"source": "security@apache.org",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
}
],
"references": [
{
"url": "https://lists.apache.org/thread/j2d6mg3rzcphfd8vvvk09d8p4o9lvnqp",
"source": "security@apache.org"
}
]
}

32
CVE-2023/CVE-2023-292xx/CVE-2023-29246.json Normal file
View File

@ -0,0 +1,32 @@
{
"id": "CVE-2023-29246",
"sourceIdentifier": "security@apache.org",
"published": "2023-05-12T08:15:08.997",
"lastModified": "2023-05-12T08:15:08.997",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An attacker who has gained access to an admin account can perform RCE via null-byte injection\n\nVendor: The Apache Software Foundation\n\nVersions Affected: Apache OpenMeetings from 2.0.0 before 7.1.0"
}
],
"metrics": {},
"weaknesses": [
{
"source": "security@apache.org",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"references": [
{
"url": "https://lists.apache.org/thread/230plvhbdx26m43b0sy942wlwt6kkmmr",
"source": "security@apache.org"
}
]
}

68
CVE-2023/CVE-2023-318xx/CVE-2023-31807.json
View File

@ -2,23 +2,81 @@
"id": "CVE-2023-31807",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-09T16:15:15.123",
"lastModified": "2023-05-09T17:36:56.357",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-12T09:25:00.920",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local attacker to execute arbitrary code via a crafted payload to the personal notes function."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:chamilo:chamilo_lms:1.11.18:*:*:*:*:*:*:*",
"matchCriteriaId": "CC036024-F684-4567-86BD-6F4AA9433A01"
}
]
}
]
}
],
"references": [
{
"url": "http://chamilo.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
},
{
"url": "https://support.chamilo.org/projects/chamilo-18/wiki/Security_issues#Issue-101-2023-04-11-Low-impact-Low-risk-XSS-in-personal-notes-and-teacher-notes",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
}
]
}

59
CVE-2023/CVE-2023-322xx/CVE-2023-32243.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-32243",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-12T08:15:09.280",
"lastModified": "2023-05-12T08:15:09.280",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Improper Authentication vulnerability in WPDeveloper Essential Addons for Elementor allows Privilege Escalation.\u00a0This issue affects Essential Addons for Elementor: from 5.4.0 through 5.7.1."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/articles/critical-privilege-escalation-in-essential-addons-for-elementor-plugin-affecting-1-million-sites?_s_id=cve",
"source": "audit@patchstack.com"
},
{
"url": "https://patchstack.com/database/vulnerability/essential-addons-for-elementor-lite/wordpress-essential-addons-for-elementor-plugin-5-4-0-5-7-1-unauthenticated-privilege-escalation-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

49
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-05-12T08:00:24.619237+00:00
2023-05-12T10:00:23.171949+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-05-12T07:15:08.733000+00:00
2023-05-12T09:29:25.983000+00:00
```
### Last Data Feed Release
@ -29,25 +29,52 @@ Download and Changelog: [Click](releases/latest)
### Total Number of included CVEs
```plain
215100
215112
```
### CVEs added in the last Commit
Recently added CVEs: `2`
Recently added CVEs: `12`
* [CVE-2023-2667](CVE-2023/CVE-2023-26xx/CVE-2023-2667.json) (`2023-05-12T07:15:08.627`)
* [CVE-2023-2668](CVE-2023/CVE-2023-26xx/CVE-2023-2668.json) (`2023-05-12T07:15:08.733`)
* [CVE-2023-2514](CVE-2023/CVE-2023-25xx/CVE-2023-2514.json) (`2023-05-12T09:15:10.267`)
* [CVE-2023-2515](CVE-2023/CVE-2023-25xx/CVE-2023-2515.json) (`2023-05-12T09:15:10.373`)
* [CVE-2023-2669](CVE-2023/CVE-2023-26xx/CVE-2023-2669.json) (`2023-05-12T08:15:09.063`)
* [CVE-2023-2670](CVE-2023/CVE-2023-26xx/CVE-2023-2670.json) (`2023-05-12T08:15:09.130`)
* [CVE-2023-2671](CVE-2023/CVE-2023-26xx/CVE-2023-2671.json) (`2023-05-12T09:15:10.447`)
* [CVE-2023-2672](CVE-2023/CVE-2023-26xx/CVE-2023-2672.json) (`2023-05-12T09:15:10.520`)
* [CVE-2023-2674](CVE-2023/CVE-2023-26xx/CVE-2023-2674.json) (`2023-05-12T08:15:09.200`)
* [CVE-2023-2676](CVE-2023/CVE-2023-26xx/CVE-2023-2676.json) (`2023-05-12T09:15:10.610`)
* [CVE-2023-28936](CVE-2023/CVE-2023-289xx/CVE-2023-28936.json) (`2023-05-12T08:15:08.857`)
* [CVE-2023-29032](CVE-2023/CVE-2023-290xx/CVE-2023-29032.json) (`2023-05-12T08:15:08.930`)
* [CVE-2023-29246](CVE-2023/CVE-2023-292xx/CVE-2023-29246.json) (`2023-05-12T08:15:08.997`)
* [CVE-2023-32243](CVE-2023/CVE-2023-322xx/CVE-2023-32243.json) (`2023-05-12T08:15:09.280`)
### CVEs modified in the last Commit
Recently modified CVEs: `4`
Recently modified CVEs: `21`
* [CVE-2023-2573](CVE-2023/CVE-2023-25xx/CVE-2023-2573.json) (`2023-05-12T06:15:08.807`)
* [CVE-2023-2574](CVE-2023/CVE-2023-25xx/CVE-2023-2574.json) (`2023-05-12T06:15:09.497`)
* [CVE-2023-2575](CVE-2023/CVE-2023-25xx/CVE-2023-2575.json) (`2023-05-12T06:15:09.793`)
* [CVE-2023-2616](CVE-2023/CVE-2023-26xx/CVE-2023-2616.json) (`2023-05-12T06:38:11.657`)
* [CVE-2022-41640](CVE-2022/CVE-2022-416xx/CVE-2022-41640.json) (`2023-05-12T09:28:35.857`)
* [CVE-2022-42853](CVE-2022/CVE-2022-428xx/CVE-2022-42853.json) (`2023-05-12T09:15:09.530`)
* [CVE-2022-42865](CVE-2022/CVE-2022-428xx/CVE-2022-42865.json) (`2023-05-12T09:15:09.997`)
* [CVE-2022-46703](CVE-2022/CVE-2022-467xx/CVE-2022-46703.json) (`2023-05-12T09:15:10.070`)
* [CVE-2022-46822](CVE-2022/CVE-2022-468xx/CVE-2022-46822.json) (`2023-05-12T09:26:02.197`)
* [CVE-2023-23664](CVE-2023/CVE-2023-236xx/CVE-2023-23664.json) (`2023-05-12T09:28:26.533`)
* [CVE-2023-23732](CVE-2023/CVE-2023-237xx/CVE-2023-23732.json) (`2023-05-12T09:27:34.467`)
* [CVE-2023-23733](CVE-2023/CVE-2023-237xx/CVE-2023-23733.json) (`2023-05-12T09:27:24.587`)
* [CVE-2023-23734](CVE-2023/CVE-2023-237xx/CVE-2023-23734.json) (`2023-05-12T09:26:58.983`)
* [CVE-2023-23793](CVE-2023/CVE-2023-237xx/CVE-2023-23793.json) (`2023-05-12T09:28:18.280`)
* [CVE-2023-23862](CVE-2023/CVE-2023-238xx/CVE-2023-23862.json) (`2023-05-12T09:26:48.997`)
* [CVE-2023-23863](CVE-2023/CVE-2023-238xx/CVE-2023-23863.json) (`2023-05-12T09:28:43.237`)
* [CVE-2023-23883](CVE-2023/CVE-2023-238xx/CVE-2023-23883.json) (`2023-05-12T09:26:39.947`)
* [CVE-2023-23884](CVE-2023/CVE-2023-238xx/CVE-2023-23884.json) (`2023-05-12T09:26:27.187`)
* [CVE-2023-24372](CVE-2023/CVE-2023-243xx/CVE-2023-24372.json) (`2023-05-12T09:26:18.180`)
* [CVE-2023-2590](CVE-2023/CVE-2023-25xx/CVE-2023-2590.json) (`2023-05-12T09:29:25.983`)
* [CVE-2023-2591](CVE-2023/CVE-2023-25xx/CVE-2023-2591.json) (`2023-05-12T09:28:07.090`)
* [CVE-2023-2610](CVE-2023/CVE-2023-26xx/CVE-2023-2610.json) (`2023-05-12T09:24:13.633`)
* [CVE-2023-2619](CVE-2023/CVE-2023-26xx/CVE-2023-2619.json) (`2023-05-12T09:23:38.700`)
* [CVE-2023-27931](CVE-2023/CVE-2023-279xx/CVE-2023-27931.json) (`2023-05-12T09:15:10.157`)
* [CVE-2023-31807](CVE-2023/CVE-2023-318xx/CVE-2023-31807.json) (`2023-05-12T09:25:00.920`)
## Download and Usage