diff --git a/CVE-2022/CVE-2022-416xx/CVE-2022-41640.json b/CVE-2022/CVE-2022-416xx/CVE-2022-41640.json index cbab0b0f778..9b47243807f 100644 --- a/CVE-2022/CVE-2022-416xx/CVE-2022-41640.json +++ b/CVE-2022/CVE-2022-416xx/CVE-2022-41640.json @@ -2,8 +2,8 @@ "id": "CVE-2022-41640", "sourceIdentifier": "audit@patchstack.com", "published": "2023-05-09T10:15:10.423", - "lastModified": "2023-05-09T12:46:35.530", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-12T09:28:35.857", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +66,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:rymera:wholesale_suite:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "2.1.5.1", + "matchCriteriaId": "F68C8C8F-1AB9-478A-AB03-EE8FA27E4EC1" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/woocommerce-wholesale-prices/wordpress-wholesale-suite-plugin-2-1-5-authenticated-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-428xx/CVE-2022-42853.json b/CVE-2022/CVE-2022-428xx/CVE-2022-42853.json index 2be439f3b5c..b8c1a0ca22f 100644 --- a/CVE-2022/CVE-2022-428xx/CVE-2022-42853.json +++ b/CVE-2022/CVE-2022-428xx/CVE-2022-42853.json @@ -2,8 +2,8 @@ "id": "CVE-2022-42853", "sourceIdentifier": "product-security@apple.com", "published": "2022-12-15T19:15:24.860", - "lastModified": "2023-01-09T16:56:53.943", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-12T09:15:09.530", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -80,6 +80,10 @@ "Release Notes", "Vendor Advisory" ] + }, + { + "url": "https://support.apple.com/kb/HT213533", + "source": "product-security@apple.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-428xx/CVE-2022-42865.json b/CVE-2022/CVE-2022-428xx/CVE-2022-42865.json index ccd3ecb6c42..ee7b8acd342 100644 --- a/CVE-2022/CVE-2022-428xx/CVE-2022-42865.json +++ b/CVE-2022/CVE-2022-428xx/CVE-2022-42865.json @@ -2,8 +2,8 @@ "id": "CVE-2022-42865", "sourceIdentifier": "product-security@apple.com", "published": "2022-12-15T19:15:25.470", - "lastModified": "2023-01-09T16:46:43.713", - "vulnStatus": "Analyzed", + "lastModified": "2023-05-12T09:15:09.997", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -113,6 +113,10 @@ "Third Party Advisory" ] }, + { + "url": "http://seclists.org/fulldisclosure/2022/Dec/27", + "source": "product-security@apple.com" + }, { "url": "https://support.apple.com/en-us/HT213530", "source": "product-security@apple.com", @@ -144,6 +148,10 @@ "Release Notes", "Vendor Advisory" ] + }, + { + "url": "https://support.apple.com/kb/HT213534", + "source": "product-security@apple.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-467xx/CVE-2022-46703.json b/CVE-2022/CVE-2022-467xx/CVE-2022-46703.json index 4d2f55dbca1..1eb4aef0ce6 100644 --- a/CVE-2022/CVE-2022-467xx/CVE-2022-46703.json +++ b/CVE-2022/CVE-2022-467xx/CVE-2022-46703.json @@ -2,7 +2,7 @@ "id": "CVE-2022-46703", "sourceIdentifier": "product-security@apple.com", "published": "2023-04-10T19:15:07.080", - "lastModified": "2023-05-08T20:15:15.497", + "lastModified": "2023-05-12T09:15:10.070", "vulnStatus": "Modified", "descriptions": [ { @@ -114,6 +114,10 @@ "Release Notes", "Vendor Advisory" ] + }, + { + "url": "https://support.apple.com/kb/HT213533", + "source": "product-security@apple.com" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-468xx/CVE-2022-46822.json b/CVE-2022/CVE-2022-468xx/CVE-2022-46822.json index 755f471640f..89806fef2ca 100644 --- a/CVE-2022/CVE-2022-468xx/CVE-2022-46822.json +++ b/CVE-2022/CVE-2022-468xx/CVE-2022-46822.json @@ -2,8 +2,8 @@ "id": "CVE-2022-46822", "sourceIdentifier": "audit@patchstack.com", "published": "2023-05-09T13:15:16.187", - "lastModified": "2023-05-09T14:30:54.950", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-12T09:26:02.197", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +66,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:jazzcash:woocommerce_jazzcash_gateway:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "2.0", + "matchCriteriaId": "46743973-FC0E-40F1-AB79-9F977BE8F4A6" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/jazzcash-woocommerce-gateway/wordpress-woocommerce-jazzcash-gateway-plugin-plugin-2-0-cross-site-scripting-xss?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-236xx/CVE-2023-23664.json b/CVE-2023/CVE-2023-236xx/CVE-2023-23664.json index 96ba31f8a98..5760a3f86e8 100644 --- a/CVE-2023/CVE-2023-236xx/CVE-2023-23664.json +++ b/CVE-2023/CVE-2023-236xx/CVE-2023-23664.json @@ -2,8 +2,8 @@ "id": "CVE-2023-23664", "sourceIdentifier": "audit@patchstack.com", "published": "2023-05-09T10:15:10.567", - "lastModified": "2023-05-09T12:46:35.530", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-12T09:28:26.533", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +66,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:convertbox:convertbox_auto_embed:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "1.0.20", + "matchCriteriaId": "5A5BFD86-92D0-4F2E-910D-F74AADECC432" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/convertbox-auto-embed/wordpress-convertbox-auto-embed-wordpress-plugin-plugin-1-0-19-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-237xx/CVE-2023-23732.json b/CVE-2023/CVE-2023-237xx/CVE-2023-23732.json index 6f2d9efb5cc..6781e275267 100644 --- a/CVE-2023/CVE-2023-237xx/CVE-2023-23732.json +++ b/CVE-2023/CVE-2023-237xx/CVE-2023-23732.json @@ -2,8 +2,8 @@ "id": "CVE-2023-23732", "sourceIdentifier": "audit@patchstack.com", "published": "2023-05-09T11:15:09.193", - "lastModified": "2023-05-09T12:46:35.530", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-12T09:27:34.467", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +66,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:disqus_conditional_load_project:disqus_conditional_load:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "11.0.6", + "matchCriteriaId": "D351C735-8613-49AF-B8C8-3A46FD2AD18C" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/disqus-conditional-load/wordpress-disqus-conditional-load-plugin-11-0-6-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-237xx/CVE-2023-23733.json b/CVE-2023/CVE-2023-237xx/CVE-2023-23733.json index e3843a10e8e..6f952bde7d4 100644 --- a/CVE-2023/CVE-2023-237xx/CVE-2023-23733.json +++ b/CVE-2023/CVE-2023-237xx/CVE-2023-23733.json @@ -2,8 +2,8 @@ "id": "CVE-2023-23733", "sourceIdentifier": "audit@patchstack.com", "published": "2023-05-09T11:15:09.260", - "lastModified": "2023-05-09T12:46:35.530", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-12T09:27:24.587", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +66,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:lazy_social_comments_project:lazy_social_comments:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "2.0.4", + "matchCriteriaId": "6D95D96D-DFDA-42B6-A66B-7507EB7A0EB9" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/lazy-facebook-comments/wordpress-lazy-social-comments-plugin-2-0-4-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-237xx/CVE-2023-23734.json b/CVE-2023/CVE-2023-237xx/CVE-2023-23734.json index a27f0917c53..2716e0a8811 100644 --- a/CVE-2023/CVE-2023-237xx/CVE-2023-23734.json +++ b/CVE-2023/CVE-2023-237xx/CVE-2023-23734.json @@ -2,8 +2,8 @@ "id": "CVE-2023-23734", "sourceIdentifier": "audit@patchstack.com", "published": "2023-05-09T11:15:09.313", - "lastModified": "2023-05-09T12:46:35.530", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-12T09:26:58.983", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +66,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:userlike:userlike:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "2.3", + "matchCriteriaId": "037EBEB4-4100-4962-BCE7-2E1A43F2DBB9" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/userlike/wordpress-userlike-wordpress-live-chat-plugin-plugin-2-1-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-237xx/CVE-2023-23793.json b/CVE-2023/CVE-2023-237xx/CVE-2023-23793.json index 9dddbb31d8f..54cfcc34927 100644 --- a/CVE-2023/CVE-2023-237xx/CVE-2023-23793.json +++ b/CVE-2023/CVE-2023-237xx/CVE-2023-23793.json @@ -2,8 +2,8 @@ "id": "CVE-2023-23793", "sourceIdentifier": "audit@patchstack.com", "published": "2023-05-09T10:15:10.620", - "lastModified": "2023-05-09T12:46:35.530", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-12T09:28:18.280", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -36,7 +56,7 @@ }, "weaknesses": [ { - "source": "audit@patchstack.com", + "source": "nvd@nist.gov", "type": "Primary", "description": [ { @@ -44,12 +64,43 @@ "value": "CWE-79" } ] + }, + { + "source": "audit@patchstack.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:8web:read_more_without_refresh:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "3.2", + "matchCriteriaId": "8AE0CA2F-B9C0-4595-9609-39CFBCC897DA" + } + ] + } + ] } ], "references": [ { "url": "https://patchstack.com/database/vulnerability/read-more-without-refresh/wordpress-read-more-without-refresh-plugin-3-1-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-238xx/CVE-2023-23862.json b/CVE-2023/CVE-2023-238xx/CVE-2023-23862.json index dd5044f8a7f..9e76430e17b 100644 --- a/CVE-2023/CVE-2023-238xx/CVE-2023-23862.json +++ b/CVE-2023/CVE-2023-238xx/CVE-2023-23862.json @@ -2,8 +2,8 @@ "id": "CVE-2023-23862", "sourceIdentifier": "audit@patchstack.com", "published": "2023-05-09T11:15:09.377", - "lastModified": "2023-05-09T12:46:35.530", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-12T09:26:48.997", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +66,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:vertical_scroll_recent_post_project:vertical_scroll_recent_post:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "14.0", + "matchCriteriaId": "2CA989A2-35F4-46C8-B61E-0F41E2717593" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/vertical-scroll-recent-post/wordpress-vertical-scroll-recent-post-plugin-14-0-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-238xx/CVE-2023-23863.json b/CVE-2023/CVE-2023-238xx/CVE-2023-23863.json index 033e5ee943f..4b98af7a3d7 100644 --- a/CVE-2023/CVE-2023-238xx/CVE-2023-23863.json +++ b/CVE-2023/CVE-2023-238xx/CVE-2023-23863.json @@ -2,8 +2,8 @@ "id": "CVE-2023-23863", "sourceIdentifier": "audit@patchstack.com", "published": "2023-05-09T08:15:08.373", - "lastModified": "2023-05-09T12:46:35.530", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-12T09:28:43.237", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +66,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:blackandwhitedigital:treepress:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "3.0.0", + "matchCriteriaId": "F788DEE6-D316-4E90-AD52-325375C6FA81" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/treepress/wordpress-treepress-easy-family-trees-ancestor-profiles-plugin-2-0-22-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-238xx/CVE-2023-23883.json b/CVE-2023/CVE-2023-238xx/CVE-2023-23883.json index bef90064b56..f60c5985b01 100644 --- a/CVE-2023/CVE-2023-238xx/CVE-2023-23883.json +++ b/CVE-2023/CVE-2023-238xx/CVE-2023-23883.json @@ -2,8 +2,8 @@ "id": "CVE-2023-23883", "sourceIdentifier": "audit@patchstack.com", "published": "2023-05-09T11:15:09.433", - "lastModified": "2023-05-09T12:46:35.530", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-12T09:26:39.947", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +66,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:wp_content_filter_-_censor_all_offensive_content_from_your_site_project:wp_content_filter_-_censor_all_offensive_content_from_your_site:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "3.0.1", + "matchCriteriaId": "94746545-D9D6-415B-806C-DB6CDD63B1F9" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/wp-content-filter/wordpress-wp-content-filter-censor-all-offensive-content-from-your-site-plugin-3-0-1-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-238xx/CVE-2023-23884.json b/CVE-2023/CVE-2023-238xx/CVE-2023-23884.json index 83a085e588d..52683ece3a3 100644 --- a/CVE-2023/CVE-2023-238xx/CVE-2023-23884.json +++ b/CVE-2023/CVE-2023-238xx/CVE-2023-23884.json @@ -2,8 +2,8 @@ "id": "CVE-2023-23884", "sourceIdentifier": "audit@patchstack.com", "published": "2023-05-09T11:15:09.517", - "lastModified": "2023-05-09T12:46:35.530", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-12T09:26:27.187", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +66,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:kanbanwp:kanban_boards_for_wordpress:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "2.5.20", + "matchCriteriaId": "F5E93C78-DFC2-49B6-A795-2904CFF100FF" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/kanban/wordpress-kanban-boards-for-wordpress-plugin-2-5-20-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-243xx/CVE-2023-24372.json b/CVE-2023/CVE-2023-243xx/CVE-2023-24372.json index 0b94e5a2a40..e2f9b8d0198 100644 --- a/CVE-2023/CVE-2023-243xx/CVE-2023-24372.json +++ b/CVE-2023/CVE-2023-243xx/CVE-2023-24372.json @@ -2,8 +2,8 @@ "id": "CVE-2023-24372", "sourceIdentifier": "audit@patchstack.com", "published": "2023-05-09T11:15:09.603", - "lastModified": "2023-05-09T12:46:35.530", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-12T09:26:18.180", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -36,7 +56,7 @@ }, "weaknesses": [ { - "source": "audit@patchstack.com", + "source": "nvd@nist.gov", "type": "Primary", "description": [ { @@ -44,12 +64,43 @@ "value": "CWE-79" } ] + }, + { + "source": "audit@patchstack.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:usbmemorydirect:simple_custom_author_profiles:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "1.0.0", + "matchCriteriaId": "E4970F10-8F5F-4EEC-90EF-0A968B7ECDD5" + } + ] + } + ] } ], "references": [ { "url": "https://patchstack.com/database/vulnerability/simple-custom-author-profiles/wordpress-simple-custom-author-profiles-plugin-1-0-0-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-25xx/CVE-2023-2514.json b/CVE-2023/CVE-2023-25xx/CVE-2023-2514.json new file mode 100644 index 00000000000..59011033e70 --- /dev/null +++ b/CVE-2023/CVE-2023-25xx/CVE-2023-2514.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-2514", + "sourceIdentifier": "responsibledisclosure@mattermost.com", + "published": "2023-05-12T09:15:10.267", + "lastModified": "2023-05-12T09:15:10.267", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Mattermost Sever fails to redact the DB username and password before emitting an application log during server initialization.\u00a0\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "responsibledisclosure@mattermost.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "LOW", + "baseScore": 6.7, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.5 + } + ] + }, + "weaknesses": [ + { + "source": "responsibledisclosure@mattermost.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-200" + } + ] + } + ], + "references": [ + { + "url": "https://mattermost.com/security-updates", + "source": "responsibledisclosure@mattermost.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-25xx/CVE-2023-2515.json b/CVE-2023/CVE-2023-25xx/CVE-2023-2515.json new file mode 100644 index 00000000000..79cbb8d1bb6 --- /dev/null +++ b/CVE-2023/CVE-2023-25xx/CVE-2023-2515.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-2515", + "sourceIdentifier": "responsibledisclosure@mattermost.com", + "published": "2023-05-12T09:15:10.373", + "lastModified": "2023-05-12T09:15:10.373", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Mattermost fails to restrict a user with permissions to edit other users and to create personal access tokens from elevating their privileges to system admin\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "responsibledisclosure@mattermost.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 4.7, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.2, + "impactScore": 3.4 + } + ] + }, + "weaknesses": [ + { + "source": "responsibledisclosure@mattermost.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-863" + } + ] + } + ], + "references": [ + { + "url": "https://mattermost.com/security-updates", + "source": "responsibledisclosure@mattermost.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-25xx/CVE-2023-2590.json b/CVE-2023/CVE-2023-25xx/CVE-2023-2590.json index 36c489a10db..d79118a43f2 100644 --- a/CVE-2023/CVE-2023-25xx/CVE-2023-2590.json +++ b/CVE-2023/CVE-2023-25xx/CVE-2023-2590.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2590", "sourceIdentifier": "security@huntr.dev", "published": "2023-05-09T06:15:08.890", - "lastModified": "2023-05-09T12:46:35.530", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-12T09:29:25.983", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 3.5, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 2.1, + "impactScore": 1.4 + } + ], "cvssMetricV30": [ { "source": "security@huntr.dev", @@ -46,14 +68,39 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:answer:answer:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.0.9", + "matchCriteriaId": "A987063C-F21D-43E3-A4C6-3AAE15C90593" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/answerdev/answer/commit/51ac1e6b76ae9ab3ca2008ca4819c0cc3bd2fcd3", - "source": "security@huntr.dev" + "source": "security@huntr.dev", + "tags": [ + "Patch" + ] }, { "url": "https://huntr.dev/bounties/a4238a30-3ddb-4415-9055-e179c3d4dea7", - "source": "security@huntr.dev" + "source": "security@huntr.dev", + "tags": [ + "Exploit", + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-25xx/CVE-2023-2591.json b/CVE-2023/CVE-2023-25xx/CVE-2023-2591.json index 6fc723156ca..fc26c632121 100644 --- a/CVE-2023/CVE-2023-25xx/CVE-2023-2591.json +++ b/CVE-2023/CVE-2023-25xx/CVE-2023-2591.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2591", "sourceIdentifier": "security@huntr.dev", "published": "2023-05-09T10:15:10.683", - "lastModified": "2023-05-09T12:46:35.530", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-12T09:28:07.090", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ], "cvssMetricV30": [ { "source": "security@huntr.dev", @@ -36,8 +58,18 @@ }, "weaknesses": [ { - "source": "security@huntr.dev", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + }, + { + "source": "security@huntr.dev", + "type": "Secondary", "description": [ { "lang": "en", @@ -46,14 +78,39 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:teampass:teampass:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.0.7", + "matchCriteriaId": "77E017F7-C597-4550-9520-9444D115C381" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/nilsteampassnet/teampass/commit/57a977c6323656e5dc06ab5c227e75c3465a1a4a", - "source": "security@huntr.dev" + "source": "security@huntr.dev", + "tags": [ + "Patch" + ] }, { "url": "https://huntr.dev/bounties/705f79f4-f5e3-41d7-82a5-f00441cd984b", - "source": "security@huntr.dev" + "source": "security@huntr.dev", + "tags": [ + "Exploit", + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-26xx/CVE-2023-2610.json b/CVE-2023/CVE-2023-26xx/CVE-2023-2610.json index ef41c1bd7e9..d6774c41448 100644 --- a/CVE-2023/CVE-2023-26xx/CVE-2023-2610.json +++ b/CVE-2023/CVE-2023-26xx/CVE-2023-2610.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2610", "sourceIdentifier": "security@huntr.dev", "published": "2023-05-09T22:15:10.197", - "lastModified": "2023-05-10T02:29:55.237", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-12T09:24:13.633", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "security@huntr.dev", @@ -46,14 +68,39 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:vim:vim:*:*:*:*:*:*:*:*", + "versionEndExcluding": "9.0.1532", + "matchCriteriaId": "2D2C26EC-72A8-44BC-BD3D-B2878B8C3EBA" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/vim/vim/commit/ab9a2d884b3a4abe319606ea95a5a6d6b01cd73a", - "source": "security@huntr.dev" + "source": "security@huntr.dev", + "tags": [ + "Patch" + ] }, { "url": "https://huntr.dev/bounties/31e67340-935b-4f6c-a923-f7246bc29c7d", - "source": "security@huntr.dev" + "source": "security@huntr.dev", + "tags": [ + "Exploit", + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-26xx/CVE-2023-2619.json b/CVE-2023/CVE-2023-26xx/CVE-2023-2619.json index 297ed12de89..e714be1ba9c 100644 --- a/CVE-2023/CVE-2023-26xx/CVE-2023-2619.json +++ b/CVE-2023/CVE-2023-26xx/CVE-2023-2619.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2619", "sourceIdentifier": "cna@vuldb.com", "published": "2023-05-10T06:15:17.990", - "lastModified": "2023-05-10T13:06:16.563", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-12T09:23:38.700", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "cna@vuldb.com", @@ -71,18 +93,44 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:online_tours_\\&_travels_management_system_project:online_tours_\\&_travels_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "E5468F32-0596-4448-BE96-F06564FC0831" + } + ] + } + ] + } + ], "references": [ { "url": "https://blog.csdn.net/weixin_43864034/article/details/130596916", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit" + ] }, { "url": "https://vuldb.com/?ctiid.228549", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?id.228549", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-26xx/CVE-2023-2669.json b/CVE-2023/CVE-2023-26xx/CVE-2023-2669.json new file mode 100644 index 00000000000..3d69510be95 --- /dev/null +++ b/CVE-2023/CVE-2023-26xx/CVE-2023-2669.json @@ -0,0 +1,84 @@ +{ + "id": "CVE-2023-2669", + "sourceIdentifier": "cna@vuldb.com", + "published": "2023-05-12T08:15:09.063", + "lastModified": "2023-05-12T08:15:09.063", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in SourceCodester Lost and Found Information System 1.0. It has been classified as critical. This affects an unknown part of the file admin/?page=categories/view_category of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The identifier VDB-228885 was assigned to this vulnerability." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL", + "baseScore": 6.5 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://vuldb.com/?ctiid.228885", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.228885", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-26xx/CVE-2023-2670.json b/CVE-2023/CVE-2023-26xx/CVE-2023-2670.json new file mode 100644 index 00000000000..34e4bb8dff8 --- /dev/null +++ b/CVE-2023/CVE-2023-26xx/CVE-2023-2670.json @@ -0,0 +1,84 @@ +{ + "id": "CVE-2023-2670", + "sourceIdentifier": "cna@vuldb.com", + "published": "2023-05-12T08:15:09.130", + "lastModified": "2023-05-12T08:15:09.130", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in SourceCodester Lost and Found Information System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file admin/?page=user/manage_user. The manipulation leads to improper access controls. The attack can be initiated remotely. VDB-228886 is the identifier assigned to this vulnerability." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL", + "baseScore": 6.5 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-284" + } + ] + } + ], + "references": [ + { + "url": "https://vuldb.com/?ctiid.228886", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.228886", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-26xx/CVE-2023-2671.json b/CVE-2023/CVE-2023-26xx/CVE-2023-2671.json new file mode 100644 index 00000000000..0729b0b72ea --- /dev/null +++ b/CVE-2023/CVE-2023-26xx/CVE-2023-2671.json @@ -0,0 +1,84 @@ +{ + "id": "CVE-2023-2671", + "sourceIdentifier": "cna@vuldb.com", + "published": "2023-05-12T09:15:10.447", + "lastModified": "2023-05-12T09:15:10.447", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in SourceCodester Lost and Found Information System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file classes/Master.php?f=save_inquiry of the component Contact Form. The manipulation of the argument fullname/contact/message leads to cross site scripting. The attack may be initiated remotely. The associated identifier of this vulnerability is VDB-228887." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 3.5, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 2.1, + "impactScore": 1.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "NONE", + "integrityImpact": "PARTIAL", + "availabilityImpact": "NONE", + "baseScore": 4.0 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 2.9, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://vuldb.com/?ctiid.228887", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.228887", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-26xx/CVE-2023-2672.json b/CVE-2023/CVE-2023-26xx/CVE-2023-2672.json new file mode 100644 index 00000000000..869cce33974 --- /dev/null +++ b/CVE-2023/CVE-2023-26xx/CVE-2023-2672.json @@ -0,0 +1,84 @@ +{ + "id": "CVE-2023-2672", + "sourceIdentifier": "cna@vuldb.com", + "published": "2023-05-12T09:15:10.520", + "lastModified": "2023-05-12T09:15:10.520", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability classified as critical has been found in SourceCodester Lost and Found Information System 1.0. Affected is an unknown function of the file items/view.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The identifier of this vulnerability is VDB-228888." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL", + "baseScore": 6.5 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://vuldb.com/?ctiid.228888", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.228888", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-26xx/CVE-2023-2674.json b/CVE-2023/CVE-2023-26xx/CVE-2023-2674.json new file mode 100644 index 00000000000..7e2d1de2281 --- /dev/null +++ b/CVE-2023/CVE-2023-26xx/CVE-2023-2674.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2023-2674", + "sourceIdentifier": "security@huntr.dev", + "published": "2023-05-12T08:15:09.200", + "lastModified": "2023-05-12T08:15:09.200", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Access Control in GitHub repository openemr/openemr prior to 7.0.1." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "security@huntr.dev", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "security@huntr.dev", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-284" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/openemr/openemr/commit/bb4244c83a74628faafabc0598366f49863914a9", + "source": "security@huntr.dev" + }, + { + "url": "https://huntr.dev/bounties/af73e913-730c-4245-88ce-26fc908d3644", + "source": "security@huntr.dev" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-26xx/CVE-2023-2676.json b/CVE-2023/CVE-2023-26xx/CVE-2023-2676.json new file mode 100644 index 00000000000..fa8a809f220 --- /dev/null +++ b/CVE-2023/CVE-2023-26xx/CVE-2023-2676.json @@ -0,0 +1,88 @@ +{ + "id": "CVE-2023-2676", + "sourceIdentifier": "cna@vuldb.com", + "published": "2023-05-12T09:15:10.610", + "lastModified": "2023-05-12T09:15:10.610", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability, which was classified as critical, has been found in H3C R160 V1004004. Affected by this issue is some unknown functionality of the file /goForm/aspForm. The manipulation of the argument go leads to stack-based buffer overflow. The exploit has been disclosed to the public and may be used. VDB-228890 is the identifier assigned to this vulnerability." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.1, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P", + "accessVector": "ADJACENT_NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL", + "baseScore": 5.2 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 5.1, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-121" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/xinzhihen06/dxq-cve/blob/main/h3cr160.md", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.228890", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.228890", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27931.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27931.json index d8ffa5346d9..82a1248450e 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27931.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27931.json @@ -2,8 +2,8 @@ "id": "CVE-2023-27931", "sourceIdentifier": "product-security@apple.com", "published": "2023-05-08T20:15:17.197", - "lastModified": "2023-05-09T12:47:05.663", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-12T09:15:10.157", + "vulnStatus": "Undergoing Analysis", "descriptions": [ { "lang": "en", @@ -27,6 +27,14 @@ { "url": "https://support.apple.com/en-us/HT213678", "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/kb/HT213603", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/kb/HT213604", + "source": "product-security@apple.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-289xx/CVE-2023-28936.json b/CVE-2023/CVE-2023-289xx/CVE-2023-28936.json new file mode 100644 index 00000000000..ecdb0e7ac06 --- /dev/null +++ b/CVE-2023/CVE-2023-289xx/CVE-2023-28936.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2023-28936", + "sourceIdentifier": "security@apache.org", + "published": "2023-05-12T08:15:08.857", + "lastModified": "2023-05-12T08:15:08.857", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Attacker can access arbitrary recording/room\n\nVendor: The Apache Software Foundation\n\nVersions\u00a0Affected: Apache OpenMeetings from 2.0.0 before 7.1.0\n" + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "security@apache.org", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-697" + } + ] + } + ], + "references": [ + { + "url": "https://lists.apache.org/thread/y6vng44c22ll221rtvsv208x1pbjmdoc", + "source": "security@apache.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-290xx/CVE-2023-29032.json b/CVE-2023/CVE-2023-290xx/CVE-2023-29032.json new file mode 100644 index 00000000000..c5bdd126836 --- /dev/null +++ b/CVE-2023/CVE-2023-290xx/CVE-2023-29032.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2023-29032", + "sourceIdentifier": "security@apache.org", + "published": "2023-05-12T08:15:08.930", + "lastModified": "2023-05-12T08:15:08.930", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An attacker that has gained access to certain private information can use this to act as other user.\n\nVendor: The Apache Software Foundation\n\nVersions Affected: Apache OpenMeetings from 3.1.3 before 7.1.0" + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "security@apache.org", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-287" + } + ] + } + ], + "references": [ + { + "url": "https://lists.apache.org/thread/j2d6mg3rzcphfd8vvvk09d8p4o9lvnqp", + "source": "security@apache.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-292xx/CVE-2023-29246.json b/CVE-2023/CVE-2023-292xx/CVE-2023-29246.json new file mode 100644 index 00000000000..464ffc368ba --- /dev/null +++ b/CVE-2023/CVE-2023-292xx/CVE-2023-29246.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2023-29246", + "sourceIdentifier": "security@apache.org", + "published": "2023-05-12T08:15:08.997", + "lastModified": "2023-05-12T08:15:08.997", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An attacker who has gained access to an admin account can perform RCE via null-byte injection\n\nVendor: The Apache Software Foundation\n\nVersions Affected: Apache OpenMeetings from 2.0.0 before 7.1.0" + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "security@apache.org", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-20" + } + ] + } + ], + "references": [ + { + "url": "https://lists.apache.org/thread/230plvhbdx26m43b0sy942wlwt6kkmmr", + "source": "security@apache.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-318xx/CVE-2023-31807.json b/CVE-2023/CVE-2023-318xx/CVE-2023-31807.json index 65be856894e..9fe21646176 100644 --- a/CVE-2023/CVE-2023-318xx/CVE-2023-31807.json +++ b/CVE-2023/CVE-2023-318xx/CVE-2023-31807.json @@ -2,23 +2,81 @@ "id": "CVE-2023-31807", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-09T16:15:15.123", - "lastModified": "2023-05-09T17:36:56.357", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-12T09:25:00.920", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local attacker to execute arbitrary code via a crafted payload to the personal notes function." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:chamilo:chamilo_lms:1.11.18:*:*:*:*:*:*:*", + "matchCriteriaId": "CC036024-F684-4567-86BD-6F4AA9433A01" + } + ] + } + ] + } + ], "references": [ { "url": "http://chamilo.com", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] }, { "url": "https://support.chamilo.org/projects/chamilo-18/wiki/Security_issues#Issue-101-2023-04-11-Low-impact-Low-risk-XSS-in-personal-notes-and-teacher-notes", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-322xx/CVE-2023-32243.json b/CVE-2023/CVE-2023-322xx/CVE-2023-32243.json new file mode 100644 index 00000000000..9c0576f9d4b --- /dev/null +++ b/CVE-2023/CVE-2023-322xx/CVE-2023-32243.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2023-32243", + "sourceIdentifier": "audit@patchstack.com", + "published": "2023-05-12T08:15:09.280", + "lastModified": "2023-05-12T08:15:09.280", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Authentication vulnerability in WPDeveloper Essential Addons for Elementor allows Privilege Escalation.\u00a0This issue affects Essential Addons for Elementor: from 5.4.0 through 5.7.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-287" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/articles/critical-privilege-escalation-in-essential-addons-for-elementor-plugin-affecting-1-million-sites?_s_id=cve", + "source": "audit@patchstack.com" + }, + { + "url": "https://patchstack.com/database/vulnerability/essential-addons-for-elementor-lite/wordpress-essential-addons-for-elementor-plugin-5-4-0-5-7-1-unauthenticated-privilege-escalation-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index fff9bc86782..045795e3715 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-05-12T08:00:24.619237+00:00 +2023-05-12T10:00:23.171949+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-05-12T07:15:08.733000+00:00 +2023-05-12T09:29:25.983000+00:00 ``` ### Last Data Feed Release @@ -29,25 +29,52 @@ Download and Changelog: [Click](releases/latest) ### Total Number of included CVEs ```plain -215100 +215112 ``` ### CVEs added in the last Commit -Recently added CVEs: `2` +Recently added CVEs: `12` -* [CVE-2023-2667](CVE-2023/CVE-2023-26xx/CVE-2023-2667.json) (`2023-05-12T07:15:08.627`) -* [CVE-2023-2668](CVE-2023/CVE-2023-26xx/CVE-2023-2668.json) (`2023-05-12T07:15:08.733`) +* [CVE-2023-2514](CVE-2023/CVE-2023-25xx/CVE-2023-2514.json) (`2023-05-12T09:15:10.267`) +* [CVE-2023-2515](CVE-2023/CVE-2023-25xx/CVE-2023-2515.json) (`2023-05-12T09:15:10.373`) +* [CVE-2023-2669](CVE-2023/CVE-2023-26xx/CVE-2023-2669.json) (`2023-05-12T08:15:09.063`) +* [CVE-2023-2670](CVE-2023/CVE-2023-26xx/CVE-2023-2670.json) (`2023-05-12T08:15:09.130`) +* [CVE-2023-2671](CVE-2023/CVE-2023-26xx/CVE-2023-2671.json) (`2023-05-12T09:15:10.447`) +* [CVE-2023-2672](CVE-2023/CVE-2023-26xx/CVE-2023-2672.json) (`2023-05-12T09:15:10.520`) +* [CVE-2023-2674](CVE-2023/CVE-2023-26xx/CVE-2023-2674.json) (`2023-05-12T08:15:09.200`) +* [CVE-2023-2676](CVE-2023/CVE-2023-26xx/CVE-2023-2676.json) (`2023-05-12T09:15:10.610`) +* [CVE-2023-28936](CVE-2023/CVE-2023-289xx/CVE-2023-28936.json) (`2023-05-12T08:15:08.857`) +* [CVE-2023-29032](CVE-2023/CVE-2023-290xx/CVE-2023-29032.json) (`2023-05-12T08:15:08.930`) +* [CVE-2023-29246](CVE-2023/CVE-2023-292xx/CVE-2023-29246.json) (`2023-05-12T08:15:08.997`) +* [CVE-2023-32243](CVE-2023/CVE-2023-322xx/CVE-2023-32243.json) (`2023-05-12T08:15:09.280`) ### CVEs modified in the last Commit -Recently modified CVEs: `4` +Recently modified CVEs: `21` -* [CVE-2023-2573](CVE-2023/CVE-2023-25xx/CVE-2023-2573.json) (`2023-05-12T06:15:08.807`) -* [CVE-2023-2574](CVE-2023/CVE-2023-25xx/CVE-2023-2574.json) (`2023-05-12T06:15:09.497`) -* [CVE-2023-2575](CVE-2023/CVE-2023-25xx/CVE-2023-2575.json) (`2023-05-12T06:15:09.793`) -* [CVE-2023-2616](CVE-2023/CVE-2023-26xx/CVE-2023-2616.json) (`2023-05-12T06:38:11.657`) +* [CVE-2022-41640](CVE-2022/CVE-2022-416xx/CVE-2022-41640.json) (`2023-05-12T09:28:35.857`) +* [CVE-2022-42853](CVE-2022/CVE-2022-428xx/CVE-2022-42853.json) (`2023-05-12T09:15:09.530`) +* [CVE-2022-42865](CVE-2022/CVE-2022-428xx/CVE-2022-42865.json) (`2023-05-12T09:15:09.997`) +* [CVE-2022-46703](CVE-2022/CVE-2022-467xx/CVE-2022-46703.json) (`2023-05-12T09:15:10.070`) +* [CVE-2022-46822](CVE-2022/CVE-2022-468xx/CVE-2022-46822.json) (`2023-05-12T09:26:02.197`) +* [CVE-2023-23664](CVE-2023/CVE-2023-236xx/CVE-2023-23664.json) (`2023-05-12T09:28:26.533`) +* [CVE-2023-23732](CVE-2023/CVE-2023-237xx/CVE-2023-23732.json) (`2023-05-12T09:27:34.467`) +* [CVE-2023-23733](CVE-2023/CVE-2023-237xx/CVE-2023-23733.json) (`2023-05-12T09:27:24.587`) +* [CVE-2023-23734](CVE-2023/CVE-2023-237xx/CVE-2023-23734.json) (`2023-05-12T09:26:58.983`) +* [CVE-2023-23793](CVE-2023/CVE-2023-237xx/CVE-2023-23793.json) (`2023-05-12T09:28:18.280`) +* [CVE-2023-23862](CVE-2023/CVE-2023-238xx/CVE-2023-23862.json) (`2023-05-12T09:26:48.997`) +* [CVE-2023-23863](CVE-2023/CVE-2023-238xx/CVE-2023-23863.json) (`2023-05-12T09:28:43.237`) +* [CVE-2023-23883](CVE-2023/CVE-2023-238xx/CVE-2023-23883.json) (`2023-05-12T09:26:39.947`) +* [CVE-2023-23884](CVE-2023/CVE-2023-238xx/CVE-2023-23884.json) (`2023-05-12T09:26:27.187`) +* [CVE-2023-24372](CVE-2023/CVE-2023-243xx/CVE-2023-24372.json) (`2023-05-12T09:26:18.180`) +* [CVE-2023-2590](CVE-2023/CVE-2023-25xx/CVE-2023-2590.json) (`2023-05-12T09:29:25.983`) +* [CVE-2023-2591](CVE-2023/CVE-2023-25xx/CVE-2023-2591.json) (`2023-05-12T09:28:07.090`) +* [CVE-2023-2610](CVE-2023/CVE-2023-26xx/CVE-2023-2610.json) (`2023-05-12T09:24:13.633`) +* [CVE-2023-2619](CVE-2023/CVE-2023-26xx/CVE-2023-2619.json) (`2023-05-12T09:23:38.700`) +* [CVE-2023-27931](CVE-2023/CVE-2023-279xx/CVE-2023-27931.json) (`2023-05-12T09:15:10.157`) +* [CVE-2023-31807](CVE-2023/CVE-2023-318xx/CVE-2023-31807.json) (`2023-05-12T09:25:00.920`) ## Download and Usage