admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-21 17:41:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-01-23T23:00:24.827181+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-01-23 23:00:28 +00:00
parent 009529a202
commit 4dadd299e7
52 changed files with 1589 additions and 76 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

69
CVE-2021/CVE-2021-244xx/CVE-2021-24433.json
View File

@ -2,19 +2,80 @@
"id": "CVE-2021-24433",
"sourceIdentifier": "contact@wpscan.com",
"published": "2024-01-16T16:15:08.897",
"lastModified": "2024-01-16T23:12:38.473",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-23T21:03:48.487",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The simple sort&search WordPress plugin through 0.0.3 does not make sure that the indexurl parameter of the shortcodes \"category_sims\", \"order_sims\", \"orderby_sims\", \"period_sims\", and \"tag_sims\" use allowed URL protocols, which can lead to stored cross-site scripting by users with a role as low as Contributor"
},
{
"lang": "es",
"value": "El complemento de WordPress simple sort&search hasta la versi\u00f3n 0.0.3 no garantiza que el par\u00e1metro indexurl de los c\u00f3digos cortos \"category_sims\", \"order_sims\", \"orderby_sims\", \"period_sims\" y \"tag_sims\" utilicen protocolos de URL permitidos, lo que puede conducir a cross site scripting almacenado por parte de usuarios con un rol tan bajo como Colaborador"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:yukimichi:simple_sort\\&search:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "0.0.3",
"matchCriteriaId": "A7F81F95-4DD9-4906-8A56-5DE6C564BDE8"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://wpscan.com/vulnerability/2ce8c786-ba82-427c-b5e7-e3b300a24c5f/",
"source": "contact@wpscan.com"
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

24
CVE-2021/CVE-2021-421xx/CVE-2021-42142.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2021-42142",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-23T22:15:16.270",
"lastModified": "2024-01-23T22:15:16.270",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Contiki-NG tinyDTLS through master branch 53a0d97. DTLS servers mishandle the early use of a large epoch number. This vulnerability allows remote attackers to cause a denial of service and false-positive packet drops."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/contiki-ng/tinydtls/issues/24",
"source": "cve@mitre.org"
},
{
"url": "https://seclists.org/fulldisclosure/2024/Jan/15",
"source": "cve@mitre.org"
}
]
}

51
CVE-2022/CVE-2022-416xx/CVE-2022-41619.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2022-41619",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-01-17T17:15:09.333",
"lastModified": "2024-01-17T17:35:02.713",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-23T21:42:44.163",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in SedLex Image Zoom.This issue affects Image Zoom: from n/a through 1.8.8.\n\n"
},
{
"lang": "es",
"value": "Vulnerabilidad de falta de autorizaci\u00f3n en SedLex Image Zoom. Este problema afecta a Image Zoom: desde n/a hasta 1.8.8."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sedlex:image_zoom:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.8.8",
"matchCriteriaId": "AB5B8592-43D7-4440-8F8C-85A1178F0A58"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/image-zoom/wordpress-image-zoom-plugin-1-8-8-multiple-broken-access-control-vulnerabilities?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

51
CVE-2022/CVE-2022-416xx/CVE-2022-41695.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2022-41695",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-01-17T17:15:09.550",
"lastModified": "2024-01-17T17:35:02.713",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-23T21:43:14.987",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization vulnerability in SedLex Traffic Manager.This issue affects Traffic Manager: from n/a through 1.4.5.\n\n"
},
{
"lang": "es",
"value": "Vulnerabilidad de autorizaci\u00f3n faltante en SedLex Traffic Manager. Este problema afecta a Traffic Manager: desde n/a hasta 1.4.5."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sedlex:traffic_manager:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.4.5",
"matchCriteriaId": "58F05724-987B-4F2C-8B42-4D9DE7CD0384"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/traffic-manager/wordpress-traffic-manager-plugin-1-4-5-multiple-vulnerabilities?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

24
CVE-2023/CVE-2023-316xx/CVE-2023-31654.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-31654",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-23T22:15:16.340",
"lastModified": "2024-01-23T22:15:16.340",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Redis raft master-1b8bd86 to master-7b46079 was discovered to contain an ODR violation via the component hiredisAllocFns at /opt/fs/redisraft/deps/hiredis/alloc.c."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/RedisLabs/redisraft/issues/600",
"source": "cve@mitre.org"
},
{
"url": "https://seclists.org/fulldisclosure/2024/Jan/13",
"source": "cve@mitre.org"
}
]
}

24
CVE-2023/CVE-2023-361xx/CVE-2023-36177.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-36177",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-23T22:15:16.390",
"lastModified": "2024-01-23T22:15:16.390",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in badaix Snapcast version 0.27.0, allows remote attackers to execute arbitrary code and gain sensitive information via crafted request in JSON-RPC-API."
}
],
"metrics": {},
"references": [
{
"url": "http://snapcast.com",
"source": "cve@mitre.org"
},
{
"url": "https://oxnan.com/posts/Snapcast_jsonrpc_rce",
"source": "cve@mitre.org"
}
]
}

24
CVE-2023/CVE-2023-386xx/CVE-2023-38624.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-38624",
"sourceIdentifier": "security@trendmicro.com",
"published": "2024-01-23T21:15:08.143",
"lastModified": "2024-01-23T21:15:08.143",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A post-authenticated server-side request forgery (SSRF) vulnerability in Trend Micro Apex Central 2019 (lower than build 6481) could allow an attacker to interact with internal or local services directly.\r\n\r\nPlease note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\r\n\r\nThis is a similar, but not identical vulnerability as CVE-2023-38625 through CVE-2023-38627."
}
],
"metrics": {},
"references": [
{
"url": "https://success.trendmicro.com/dcx/s/solution/000294176?language=en_US",
"source": "security@trendmicro.com"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-998/",
"source": "security@trendmicro.com"
}
]
}

24
CVE-2023/CVE-2023-386xx/CVE-2023-38625.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-38625",
"sourceIdentifier": "security@trendmicro.com",
"published": "2024-01-23T21:15:08.210",
"lastModified": "2024-01-23T21:15:08.210",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A post-authenticated server-side request forgery (SSRF) vulnerability in Trend Micro Apex Central 2019 (lower than build 6481) could allow an attacker to interact with internal or local services directly.\r\n\r\nPlease note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\r\n\r\nThis is a similar, but not identical vulnerability as CVE-2023-38624."
}
],
"metrics": {},
"references": [
{
"url": "https://success.trendmicro.com/dcx/s/solution/000294176?language=en_US",
"source": "security@trendmicro.com"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-999/",
"source": "security@trendmicro.com"
}
]
}

24
CVE-2023/CVE-2023-386xx/CVE-2023-38626.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-38626",
"sourceIdentifier": "security@trendmicro.com",
"published": "2024-01-23T21:15:08.253",
"lastModified": "2024-01-23T21:15:08.253",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A post-authenticated server-side request forgery (SSRF) vulnerability in Trend Micro Apex Central 2019 (lower than build 6481) could allow an attacker to interact with internal or local services directly.\r\n\r\nPlease note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\r\n\r\nThis is a similar, but not identical vulnerability as CVE-2023-38625."
}
],
"metrics": {},
"references": [
{
"url": "https://success.trendmicro.com/dcx/s/solution/000294176?language=en_US",
"source": "security@trendmicro.com"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1000/",
"source": "security@trendmicro.com"
}
]
}

24
CVE-2023/CVE-2023-386xx/CVE-2023-38627.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-38627",
"sourceIdentifier": "security@trendmicro.com",
"published": "2024-01-23T21:15:08.297",
"lastModified": "2024-01-23T21:15:08.297",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A post-authenticated server-side request forgery (SSRF) vulnerability in Trend Micro Apex Central 2019 (lower than build 6481) could allow an attacker to interact with internal or local services directly.\r\n\r\nPlease note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\r\n\r\nThis is a similar, but not identical vulnerability as CVE-2023-38626."
}
],
"metrics": {},
"references": [
{
"url": "https://success.trendmicro.com/dcx/s/solution/000294176?language=en_US",
"source": "security@trendmicro.com"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1001/",
"source": "security@trendmicro.com"
}
]
}

24
CVE-2023/CVE-2023-411xx/CVE-2023-41176.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-41176",
"sourceIdentifier": "security@trendmicro.com",
"published": "2024-01-23T21:15:08.343",
"lastModified": "2024-01-23T21:15:08.343",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Reflected cross-site scripting (XSS) vulnerabilities in Trend Micro Mobile Security (Enterprise) could allow an exploit against an authenticated victim that visits a malicious link provided by an attacker.\r\n\r\nPlease note, this vulnerability is similar to, but not identical to, CVE-2023-41177."
}
],
"metrics": {},
"references": [
{
"url": "https://success.trendmicro.com/dcx/s/solution/000294695?language=en_US",
"source": "security@trendmicro.com"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-078/",
"source": "security@trendmicro.com"
}
]
}

24
CVE-2023/CVE-2023-411xx/CVE-2023-41177.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-41177",
"sourceIdentifier": "security@trendmicro.com",
"published": "2024-01-23T21:15:08.387",
"lastModified": "2024-01-23T21:15:08.387",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Reflected cross-site scripting (XSS) vulnerabilities in Trend Micro Mobile Security (Enterprise) could allow an exploit against an authenticated victim that visits a malicious link provided by an attacker.\r\n\r\nPlease note, this vulnerability is similar to, but not identical to, CVE-2023-41178."
}
],
"metrics": {},
"references": [
{
"url": "https://success.trendmicro.com/dcx/s/solution/000294695?language=en_US",
"source": "security@trendmicro.com"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-079/",
"source": "security@trendmicro.com"
}
]
}

24
CVE-2023/CVE-2023-411xx/CVE-2023-41178.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-41178",
"sourceIdentifier": "security@trendmicro.com",
"published": "2024-01-23T21:15:08.430",
"lastModified": "2024-01-23T21:15:08.430",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Reflected cross-site scripting (XSS) vulnerabilities in Trend Micro Mobile Security (Enterprise) could allow an exploit against an authenticated victim that visits a malicious link provided by an attacker.\r\n\r\nPlease note, this vulnerability is similar to, but not identical to, CVE-2023-41176."
}
],
"metrics": {},
"references": [
{
"url": "https://success.trendmicro.com/dcx/s/solution/000294695?language=en_US",
"source": "security@trendmicro.com"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-080/",
"source": "security@trendmicro.com"
}
]
}

20
CVE-2023/CVE-2023-468xx/CVE-2023-46892.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-46892",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-23T21:15:08.473",
"lastModified": "2024-01-23T21:15:08.473",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The radio frequency communication protocol being used by Meross MSH30Q 4.5.23 is vulnerable to replay attacks, allowing attackers to record and replay previously captured communication to execute unauthorized commands or actions (e.g., thermostat's temperature)."
}
],
"metrics": {},
"references": [
{
"url": "https://www.kth.se/cs/nse/research/software-systems-architecture-and-security/projects/ethical-hacking-1.1279219",
"source": "cve@mitre.org"
}
]
}

74
CVE-2023/CVE-2023-469xx/CVE-2023-46952.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-46952",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-17T03:15:07.997",
"lastModified": "2024-01-17T14:01:41.410",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-23T21:44:21.433",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,19 +14,81 @@
"value": "La vulnerabilidad de cross site scripting en ABO.CMS v.5.9.3 permite a un atacante ejecutar c\u00f3digo arbitrario a trav\u00e9s de un payload manipulado en el encabezado Referer."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:abocms:abo.cms:5.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "68CBBD26-B5CE-4911-A44E-1025CC510418"
}
]
}
]
}
],
"references": [
{
"url": "http://abo.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Not Applicable"
]
},
{
"url": "http://abocms.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://github.com/SadFox/ABO.CMS-Blind-XSS",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

24
CVE-2023/CVE-2023-471xx/CVE-2023-47192.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-47192",
"sourceIdentifier": "security@trendmicro.com",
"published": "2024-01-23T21:15:08.520",
"lastModified": "2024-01-23T21:15:08.520",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An agent link vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations.\r\n\r\nPlease note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability."
}
],
"metrics": {},
"references": [
{
"url": "https://success.trendmicro.com/dcx/s/solution/000295652?language=en_US",
"source": "security@trendmicro.com"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1611/",
"source": "security@trendmicro.com"
}
]
}

24
CVE-2023/CVE-2023-471xx/CVE-2023-47193.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-47193",
"sourceIdentifier": "security@trendmicro.com",
"published": "2024-01-23T21:15:08.563",
"lastModified": "2024-01-23T21:15:08.563",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations.\r\n\r\nPlease note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\r\n\r\nThis vulnerability is similar to, but not identical to, CVE-2023-47194."
}
],
"metrics": {},
"references": [
{
"url": "https://success.trendmicro.com/dcx/s/solution/000295652?language=en_US",
"source": "security@trendmicro.com"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1612/",
"source": "security@trendmicro.com"
}
]
}

24
CVE-2023/CVE-2023-471xx/CVE-2023-47194.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-47194",
"sourceIdentifier": "security@trendmicro.com",
"published": "2024-01-23T21:15:08.607",
"lastModified": "2024-01-23T21:15:08.607",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations.\r\n\r\nPlease note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\r\n\r\nThis vulnerability is similar to, but not identical to, CVE-2023-47195."
}
],
"metrics": {},
"references": [
{
"url": "https://success.trendmicro.com/dcx/s/solution/000295652?language=en_US",
"source": "security@trendmicro.com"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1614/",
"source": "security@trendmicro.com"
}
]
}

24
CVE-2023/CVE-2023-471xx/CVE-2023-47195.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-47195",
"sourceIdentifier": "security@trendmicro.com",
"published": "2024-01-23T21:15:08.647",
"lastModified": "2024-01-23T21:15:08.647",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations.\r\n\r\nPlease note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\r\n\r\nThis vulnerability is similar to, but not identical to, CVE-2023-47196."
}
],
"metrics": {},
"references": [
{
"url": "https://success.trendmicro.com/dcx/s/solution/000295652?language=en_US",
"source": "security@trendmicro.com"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1615/",
"source": "security@trendmicro.com"
}
]
}

24
CVE-2023/CVE-2023-471xx/CVE-2023-47196.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-47196",
"sourceIdentifier": "security@trendmicro.com",
"published": "2024-01-23T21:15:08.690",
"lastModified": "2024-01-23T21:15:08.690",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations.\r\n\r\nPlease note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\r\n\r\nThis vulnerability is similar to, but not identical to, CVE-2023-47197."
}
],
"metrics": {},
"references": [
{
"url": "https://success.trendmicro.com/dcx/s/solution/000295652?language=en_US",
"source": "security@trendmicro.com"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1617/",
"source": "security@trendmicro.com"
}
]
}

24
CVE-2023/CVE-2023-471xx/CVE-2023-47197.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-47197",
"sourceIdentifier": "security@trendmicro.com",
"published": "2024-01-23T21:15:08.730",
"lastModified": "2024-01-23T21:15:08.730",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations.\r\n\r\nPlease note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\r\n\r\nThis vulnerability is similar to, but not identical to, CVE-2023-47198."
}
],
"metrics": {},
"references": [
{
"url": "https://success.trendmicro.com/dcx/s/solution/000295652?language=en_US",
"source": "security@trendmicro.com"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1616/",
"source": "security@trendmicro.com"
}
]
}

24
CVE-2023/CVE-2023-471xx/CVE-2023-47198.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-47198",
"sourceIdentifier": "security@trendmicro.com",
"published": "2024-01-23T21:15:08.773",
"lastModified": "2024-01-23T21:15:08.773",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations.\r\n\r\nPlease note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\r\n\r\nThis vulnerability is similar to, but not identical to, CVE-2023-47199."
}
],
"metrics": {},
"references": [
{
"url": "https://success.trendmicro.com/dcx/s/solution/000295652?language=en_US",
"source": "security@trendmicro.com"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1619/",
"source": "security@trendmicro.com"
}
]
}

24
CVE-2023/CVE-2023-471xx/CVE-2023-47199.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-47199",
"sourceIdentifier": "security@trendmicro.com",
"published": "2024-01-23T21:15:08.820",
"lastModified": "2024-01-23T21:15:08.820",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations.\r\n\r\nPlease note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\r\n\r\nThis vulnerability is similar to, but not identical to, CVE-2023-47193."
}
],
"metrics": {},
"references": [
{
"url": "https://success.trendmicro.com/dcx/s/solution/000295652?language=en_US",
"source": "security@trendmicro.com"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1620/",
"source": "security@trendmicro.com"
}
]
}

24
CVE-2023/CVE-2023-472xx/CVE-2023-47200.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-47200",
"sourceIdentifier": "security@trendmicro.com",
"published": "2024-01-23T21:15:08.863",
"lastModified": "2024-01-23T21:15:08.863",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A plug-in manager origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations.\r\n\r\nPlease note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\r\n\r\nThis vulnerability is similar to, but not identical to, CVE-2023-47201."
}
],
"metrics": {},
"references": [
{
"url": "https://success.trendmicro.com/dcx/s/solution/000295652?language=en_US",
"source": "security@trendmicro.com"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1618/",
"source": "security@trendmicro.com"
}
]
}

24
CVE-2023/CVE-2023-472xx/CVE-2023-47201.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-47201",
"sourceIdentifier": "security@trendmicro.com",
"published": "2024-01-23T21:15:08.910",
"lastModified": "2024-01-23T21:15:08.910",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A plug-in manager origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations.\r\n\r\nPlease note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\r\n\r\nThis vulnerability is similar to, but not identical to, CVE-2023-47200."
}
],
"metrics": {},
"references": [
{
"url": "https://success.trendmicro.com/dcx/s/solution/000295652?language=en_US",
"source": "security@trendmicro.com"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1613/",
"source": "security@trendmicro.com"
}
]
}

24
CVE-2023/CVE-2023-472xx/CVE-2023-47202.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-47202",
"sourceIdentifier": "security@trendmicro.com",
"published": "2024-01-23T21:15:08.957",
"lastModified": "2024-01-23T21:15:08.957",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A local file inclusion vulnerability on the Trend Micro Apex One management server could allow a local attacker to escalate privileges on affected installations.\r\n\r\nPlease note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability."
}
],
"metrics": {},
"references": [
{
"url": "https://success.trendmicro.com/dcx/s/solution/000295652?language=en_US",
"source": "security@trendmicro.com"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1621/",
"source": "security@trendmicro.com"
}
]
}

6
CVE-2023/CVE-2023-496xx/CVE-2023-49657.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-49657",
"sourceIdentifier": "security@apache.org",
"published": "2024-01-23T15:15:11.667",
"lastModified": "2024-01-23T15:47:28.250",
"lastModified": "2024-01-23T21:15:09.000",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -47,6 +47,10 @@
}
],
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2024/01/23/5",
"source": "security@apache.org"
},
{
"url": "https://lists.apache.org/thread/wjyvz8om9nwd396lh0bt156mtwjxpsvx",
"source": "security@apache.org"

20
CVE-2023/CVE-2023-511xx/CVE-2023-51199.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-51199",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-23T22:15:16.437",
"lastModified": "2024-01-23T22:15:16.437",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Buffer Overflow vulnerability in ROS2 Foxy Fitzroy ROS_VERSION=2 and ROS_PYTHON_VERSION=3 allows attackers to run arbitrary code or cause a denial of service via improper handling of arrays or strings."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/16yashpatel/CVE-2023-51199",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-512xx/CVE-2023-51200.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-51200",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-23T21:15:09.080",
"lastModified": "2024-01-23T21:15:09.080",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An issue in the default configurations of ROS2 Foxy Fitzroy ROS_VERSION=2 and ROS_PYTHON_VERSION=3 allows unauthenticated attackers to authenticate using default credentials."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/16yashpatel/CVE-2023-51200",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-512xx/CVE-2023-51201.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-51201",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-23T22:15:16.480",
"lastModified": "2024-01-23T22:15:16.480",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Cleartext Transmission issue in ROS2 (Robot Operating System 2) Foxy Fitzroy, with ROS_VERSION=2 and ROS_PYTHON_VERSION=3 allows attackers to access sensitive information via a man-in-the-middle attack."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/16yashpatel/CVE-2023-51201",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-512xx/CVE-2023-51208.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-51208",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-23T22:15:16.533",
"lastModified": "2024-01-23T22:15:16.533",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An Arbitrary File Upload vulnerability in ROS2 Foxy Fitzroy ROS_VERSION=2 and ROS_PYTHON_VERSION=3 allows attackers to run arbitrary code and cause other impacts via upload of crafted file."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/16yashpatel/CVE-2023-51208",
"source": "cve@mitre.org"
}
]
}

68
CVE-2023/CVE-2023-520xx/CVE-2023-52069.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-52069",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-17T03:15:08.043",
"lastModified": "2024-01-17T14:01:41.410",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-23T21:41:02.097",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,15 +14,73 @@
"value": "Se descubri\u00f3 que kodbox v1.49.04 conten\u00eda una vulnerabilidad de cross site scripting (XSS) a trav\u00e9s del par\u00e1metro URL."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:kodcloud:kodbox:1.49.04:*:*:*:*:*:*:*",
"matchCriteriaId": "1937E5C0-6E32-47AC-B9A1-879E61295537"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.mo60.cn/index.php/archives/Kodbox_Stored_Xss_2.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Permissions Required"
]
},
{
"url": "https://blog.mo60.cn/index.php/archives/Kodbox_Stored_Xss_2.html_Password_Xss_2",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
}
]
}

24
CVE-2023/CVE-2023-520xx/CVE-2023-52090.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-52090",
"sourceIdentifier": "security@trendmicro.com",
"published": "2024-01-23T21:15:09.123",
"lastModified": "2024-01-23T21:15:09.123",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A security agent link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations.\r\n\r\nPlease note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability."
}
],
"metrics": {},
"references": [
{
"url": "https://success.trendmicro.com/dcx/s/solution/000296151?language=en_US",
"source": "security@trendmicro.com"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-026/",
"source": "security@trendmicro.com"
}
]
}

24
CVE-2023/CVE-2023-520xx/CVE-2023-52091.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-52091",
"sourceIdentifier": "security@trendmicro.com",
"published": "2024-01-23T21:15:09.170",
"lastModified": "2024-01-23T21:15:09.170",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An anti-spyware engine link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations.\r\n\r\nPlease note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability."
}
],
"metrics": {},
"references": [
{
"url": "https://success.trendmicro.com/dcx/s/solution/000296151?language=en_US",
"source": "security@trendmicro.com"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-027/",
"source": "security@trendmicro.com"
}
]
}

24
CVE-2023/CVE-2023-520xx/CVE-2023-52092.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-52092",
"sourceIdentifier": "security@trendmicro.com",
"published": "2024-01-23T21:15:09.210",
"lastModified": "2024-01-23T21:15:09.210",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A security agent link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations.\r\n\r\nPlease note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability."
}
],
"metrics": {},
"references": [
{
"url": "https://success.trendmicro.com/dcx/s/solution/000296151?language=en_US",
"source": "security@trendmicro.com"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-025/",
"source": "security@trendmicro.com"
}
]
}

24
CVE-2023/CVE-2023-520xx/CVE-2023-52093.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-52093",
"sourceIdentifier": "security@trendmicro.com",
"published": "2024-01-23T21:15:09.253",
"lastModified": "2024-01-23T21:15:09.253",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An exposed dangerous function vulnerability in the Trend Micro Apex One agent could allow a local attacker to escalate privileges on affected installations.\r\n\r\nPlease note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability."
}
],
"metrics": {},
"references": [
{
"url": "https://success.trendmicro.com/dcx/s/solution/000296151?language=en_US",
"source": "security@trendmicro.com"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-029/",
"source": "security@trendmicro.com"
}
]
}

24
CVE-2023/CVE-2023-520xx/CVE-2023-52094.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-52094",
"sourceIdentifier": "security@trendmicro.com",
"published": "2024-01-23T21:15:09.293",
"lastModified": "2024-01-23T21:15:09.293",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An updater link following vulnerability in the Trend Micro Apex One agent could allow a local attacker to abuse the updater to delete an arbitrary folder, leading for a local privilege escalation on affected installations.\r\n\r\nPlease note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability."
}
],
"metrics": {},
"references": [
{
"url": "https://success.trendmicro.com/dcx/s/solution/000296151?language=en_US",
"source": "security@trendmicro.com"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-028/",
"source": "security@trendmicro.com"
}
]
}

24
CVE-2023/CVE-2023-523xx/CVE-2023-52324.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-52324",
"sourceIdentifier": "security@trendmicro.com",
"published": "2024-01-23T21:15:09.337",
"lastModified": "2024-01-23T21:15:09.337",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An unrestricted file upload vulnerability in Trend Micro Apex Central could allow a remote attacker to create arbitrary files on affected installations.\r\n\r\nPlease note: although authentication is required to exploit this vulnerability, this vulnerability could be exploited when the attacker has any valid set of credentials. Also, this vulnerability could be potentially used in combination with another vulnerability to execute arbitrary code."
}
],
"metrics": {},
"references": [
{
"url": "https://success.trendmicro.com/dcx/s/solution/000296153?language=en_US",
"source": "security@trendmicro.com"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-077/",
"source": "security@trendmicro.com"
}
]
}

24
CVE-2023/CVE-2023-523xx/CVE-2023-52325.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-52325",
"sourceIdentifier": "security@trendmicro.com",
"published": "2024-01-23T21:15:09.383",
"lastModified": "2024-01-23T21:15:09.383",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A local file inclusion vulnerability in one of Trend Micro Apex Central's widgets could allow a remote attacker to execute arbitrary code on affected installations.\r\n\r\nPlease note: this vulnerability must be used in conjunction with another one to exploit an affected system. In addition, an attacker must first obtain a valid set of credentials on target system in order to exploit this vulnerability."
}
],
"metrics": {},
"references": [
{
"url": "https://success.trendmicro.com/dcx/s/solution/000296153?language=en_US",
"source": "security@trendmicro.com"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-024/",
"source": "security@trendmicro.com"
}
]
}

24
CVE-2023/CVE-2023-523xx/CVE-2023-52326.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-52326",
"sourceIdentifier": "security@trendmicro.com",
"published": "2024-01-23T21:15:09.427",
"lastModified": "2024-01-23T21:15:09.427",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may allow an attacker to achieve remote code execution on affected servers.\r\n\r\nPlease note this vulnerability is similar, but not identical to CVE-2023-52327."
}
],
"metrics": {},
"references": [
{
"url": "https://success.trendmicro.com/dcx/s/solution/000296153?language=en_US",
"source": "security@trendmicro.com"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-023/",
"source": "security@trendmicro.com"
}
]
}

24
CVE-2023/CVE-2023-523xx/CVE-2023-52327.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-52327",
"sourceIdentifier": "security@trendmicro.com",
"published": "2024-01-23T21:15:09.467",
"lastModified": "2024-01-23T21:15:09.467",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may allow an attacker to achieve remote code execution on affected servers.\r\n\r\nPlease note this vulnerability is similar, but not identical to CVE-2023-52328."
}
],
"metrics": {},
"references": [
{
"url": "https://success.trendmicro.com/dcx/s/solution/000296153?language=en_US",
"source": "security@trendmicro.com"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-022/",
"source": "security@trendmicro.com"
}
]
}

24
CVE-2023/CVE-2023-523xx/CVE-2023-52328.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-52328",
"sourceIdentifier": "security@trendmicro.com",
"published": "2024-01-23T21:15:09.507",
"lastModified": "2024-01-23T21:15:09.507",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may allow an attacker to achieve remote code execution on affected servers.\r\n\r\nPlease note this vulnerability is similar, but not identical to CVE-2023-52329."
}
],
"metrics": {},
"references": [
{
"url": "https://success.trendmicro.com/dcx/s/solution/000296153?language=en_US",
"source": "security@trendmicro.com"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-021/",
"source": "security@trendmicro.com"
}
]
}

24
CVE-2023/CVE-2023-523xx/CVE-2023-52329.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-52329",
"sourceIdentifier": "security@trendmicro.com",
"published": "2024-01-23T21:15:09.550",
"lastModified": "2024-01-23T21:15:09.550",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may allow an attacker to achieve remote code execution on affected servers.\r\n\r\nPlease note this vulnerability is similar, but not identical to CVE-2023-52326."
}
],
"metrics": {},
"references": [
{
"url": "https://success.trendmicro.com/dcx/s/solution/000296153?language=en_US",
"source": "security@trendmicro.com"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-074/",
"source": "security@trendmicro.com"
}
]
}

24
CVE-2023/CVE-2023-523xx/CVE-2023-52330.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-52330",
"sourceIdentifier": "security@trendmicro.com",
"published": "2024-01-23T21:15:09.593",
"lastModified": "2024-01-23T21:15:09.593",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A cross-site scripting vulnerability in Trend Micro Apex Central could allow a remote attacker to execute arbitrary code on affected installations of Trend Micro Apex Central.\r\n\r\nPlease note: user interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file."
}
],
"metrics": {},
"references": [
{
"url": "https://success.trendmicro.com/dcx/s/solution/000296153?language=en_US",
"source": "security@trendmicro.com"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-051/",
"source": "security@trendmicro.com"
}
]
}

24
CVE-2023/CVE-2023-523xx/CVE-2023-52331.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-52331",
"sourceIdentifier": "security@trendmicro.com",
"published": "2024-01-23T21:15:09.633",
"lastModified": "2024-01-23T21:15:09.633",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A post-authenticated server-side request forgery (SSRF) vulnerability in Trend Micro Apex Central could allow an attacker to interact with internal or local services directly.\r\n\r\nPlease note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability."
}
],
"metrics": {},
"references": [
{
"url": "https://success.trendmicro.com/dcx/s/solution/000296153?language=en_US",
"source": "security@trendmicro.com"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-052/",
"source": "security@trendmicro.com"
}
]
}

24
CVE-2023/CVE-2023-523xx/CVE-2023-52337.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-52337",
"sourceIdentifier": "security@trendmicro.com",
"published": "2024-01-23T21:15:09.677",
"lastModified": "2024-01-23T21:15:09.677",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An improper access control vulnerability in Trend Micro Deep Security 20.0 and Trend Micro Cloud One - Endpoint and Workload Security Agent could allow a local attacker to escalate privileges on affected installations.\r\n\r\nPlease note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability."
}
],
"metrics": {},
"references": [
{
"url": "https://success.trendmicro.com/dcx/s/solution/000296337?language=en_US",
"source": "security@trendmicro.com"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-075/",
"source": "security@trendmicro.com"
}
]
}

24
CVE-2023/CVE-2023-523xx/CVE-2023-52338.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-52338",
"sourceIdentifier": "security@trendmicro.com",
"published": "2024-01-23T21:15:09.717",
"lastModified": "2024-01-23T21:15:09.717",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A link following vulnerability in the Trend Micro Deep Security 20.0 and Trend Micro Cloud One - Endpoint and Workload Security Agent could allow a local attacker to escalate privileges on affected installations.\r\n\r\nPlease note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability."
}
],
"metrics": {},
"references": [
{
"url": "https://success.trendmicro.com/dcx/s/solution/000296337?language=en_US",
"source": "security@trendmicro.com"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-076/",
"source": "security@trendmicro.com"
}
]
}

92
CVE-2023/CVE-2023-61xx/CVE-2023-6129.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6129",
"sourceIdentifier": "openssl-security@openssl.org",
"published": "2024-01-09T17:15:12.147",
"lastModified": "2024-01-15T12:15:43.400",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-23T21:32:01.973",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,23 +14,101 @@
"value": "Resumen del problema: la implementaci\u00f3n POLY1305 MAC (c\u00f3digo de autenticaci\u00f3n de mensajes) contiene un error que podr\u00eda da\u00f1ar el estado interno de las aplicaciones que se ejecutan en plataformas basadas en CPU PowerPC si la CPU proporciona instrucciones vectoriales. Resumen del impacto: si un atacante puede influir en el uso del algoritmo MAC POLY1305, el estado de la aplicaci\u00f3n podr\u00eda corromperse con varias consecuencias dependientes de la aplicaci\u00f3n. La implementaci\u00f3n POLY1305 MAC (c\u00f3digo de autenticaci\u00f3n de mensajes) en OpenSSL para CPU PowerPC restaura el contenido de los registros vectoriales en un orden diferente al que se guardan. Por lo tanto, el contenido de algunos de estos registros vectoriales se corrompe cuando regresa al llamante. El c\u00f3digo vulnerable se utiliza s\u00f3lo en procesadores PowerPC m\u00e1s nuevos que admiten las instrucciones PowerISA 2.07. Las consecuencias de este tipo de corrupci\u00f3n del estado de la aplicaci\u00f3n interna pueden ser diversas: desde ninguna consecuencia, si la aplicaci\u00f3n que llama no depende en absoluto del contenido de los registros XMM no vol\u00e1tiles, hasta las peores consecuencias, donde el atacante podr\u00eda obtener el control total de el proceso de solicitud. Sin embargo, a menos que el compilador utilice registros vectoriales para almacenar punteros, la consecuencia m\u00e1s probable, si la hubiera, ser\u00eda un resultado incorrecto de algunos c\u00e1lculos dependientes de la aplicaci\u00f3n o una falla que provocar\u00eda una denegaci\u00f3n de servicio. El algoritmo POLY1305 MAC se utiliza con mayor frecuencia como parte del algoritmo CHACHA20-POLY1305 AEAD (cifrado autenticado con datos asociados). El uso m\u00e1s com\u00fan de este cifrado AEAD es con las versiones 1.2 y 1.3 del protocolo TLS. Si este cifrado est\u00e1 habilitado en el servidor, un cliente malicioso puede influir en si se utiliza este cifrado AEAD. Esto implica que las aplicaciones del servidor TLS que utilizan OpenSSL pueden verse potencialmente afectadas. Sin embargo, actualmente no conocemos ninguna aplicaci\u00f3n concreta que pueda verse afectada por este problema, por lo que lo consideramos un problema de seguridad de gravedad baja."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.2,
"impactScore": 4.2
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.0.0",
"versionEndIncluding": "3.0.12",
"matchCriteriaId": "E74FD809-31DE-4F31-82D6-6D71DF453A03"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.1.0",
"versionEndIncluding": "3.1.4",
"matchCriteriaId": "28DDD110-1559-46F9-A62B-1B4648F83933"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openssl:openssl:3.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "92B2CAA8-D3C8-4789-8B6A-D6FC6C294842"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/openssl/openssl/commit/050d26383d4e264966fb83428e72d5d48f402d35",
"source": "openssl-security@openssl.org"
"source": "openssl-security@openssl.org",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/openssl/openssl/commit/5b139f95c9a47a55a0c54100f3837b1eee942b04",
"source": "openssl-security@openssl.org"
"source": "openssl-security@openssl.org",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/openssl/openssl/commit/f3fc5808fe9ff74042d639839610d03b8fdcc015",
"source": "openssl-security@openssl.org"
"source": "openssl-security@openssl.org",
"tags": [
"Patch"
]
},
{
"url": "https://www.openssl.org/news/secadv/20240109.txt",
"source": "openssl-security@openssl.org"
"source": "openssl-security@openssl.org",
"tags": [
"Vendor Advisory"
]
}
]
}

59
CVE-2023/CVE-2023-72xx/CVE-2023-7237.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-7237",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2024-01-23T22:15:16.587",
"lastModified": "2024-01-23T22:15:16.587",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\nLantronix XPort sends weakly encoded credentials within web request headers.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.1,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-261"
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-023-05",
"source": "ics-cert@hq.dhs.gov"
},
{
"url": "https://www.lantronix.com/products/xport-edge/",
"source": "ics-cert@hq.dhs.gov"
}
]
}

56
CVE-2024/CVE-2024-05xx/CVE-2024-0558.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-0558",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-15T17:15:10.023",
"lastModified": "2024-01-16T13:56:05.467",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-23T21:32:49.297",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -75,18 +95,44 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dedebiz:dedebiz:6.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9DFDC21D-6CC8-4EA7-A41D-E9D7F1B667DA"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/JTZ-a/SRC/blob/master/DedeBIZ/DedeBIZ%20-%20sqli%201/README.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
},
{
"url": "https://vuldb.com/?ctiid.250726",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.250726",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

99
CVE-2024/CVE-2024-05xx/CVE-2024-0562.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-0562",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-01-15T19:15:08.120",
"lastModified": "2024-01-16T13:56:05.467",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-23T21:00:27.900",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "secalert@redhat.com",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
},
{
"source": "secalert@redhat.com",
"type": "Secondary",
@ -50,18 +80,77 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.0",
"matchCriteriaId": "87B81C9D-7173-4FFB-97BC-9C41AB20A53C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "E8BD11A3-8643-49B6-BADE-5029A0117325"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "5F0AD220-F6A9-4012-8636-155F1B841FAD"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D"
}
]
}
]
}
],
"references": [
{
"url": "https://access.redhat.com/security/cve/CVE-2024-0562",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258475",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
]
},
{
"url": "https://patchwork.kernel.org/project/linux-mm/patch/20220801155034.3772543-1-khazhy@google.com/",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Patch"
]
}
]
}

76
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-01-23T21:00:24.899047+00:00
2024-01-23T23:00:24.827181+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-01-23T20:59:09.030000+00:00
2024-01-23T22:15:16.587000+00:00
```
### Last Data Feed Release
@ -29,51 +29,53 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
236634
236676
```
### CVEs added in the last Commit
Recently added CVEs: `7`
Recently added CVEs: `42`
* [CVE-2023-51210](CVE-2023/CVE-2023-512xx/CVE-2023-51210.json) (`2024-01-23T19:15:08.230`)
* [CVE-2023-42143](CVE-2023/CVE-2023-421xx/CVE-2023-42143.json) (`2024-01-23T20:15:45.097`)
* [CVE-2023-42144](CVE-2023/CVE-2023-421xx/CVE-2023-42144.json) (`2024-01-23T20:15:45.150`)
* [CVE-2023-46889](CVE-2023/CVE-2023-468xx/CVE-2023-46889.json) (`2024-01-23T20:15:45.190`)
* [CVE-2023-6926](CVE-2023/CVE-2023-69xx/CVE-2023-6926.json) (`2024-01-23T20:15:45.233`)
* [CVE-2023-7238](CVE-2023/CVE-2023-72xx/CVE-2023-7238.json) (`2024-01-23T20:15:45.413`)
* [CVE-2024-22497](CVE-2024/CVE-2024-224xx/CVE-2024-22497.json) (`2024-01-23T19:15:08.480`)
* [CVE-2023-47200](CVE-2023/CVE-2023-472xx/CVE-2023-47200.json) (`2024-01-23T21:15:08.863`)
* [CVE-2023-47201](CVE-2023/CVE-2023-472xx/CVE-2023-47201.json) (`2024-01-23T21:15:08.910`)
* [CVE-2023-47202](CVE-2023/CVE-2023-472xx/CVE-2023-47202.json) (`2024-01-23T21:15:08.957`)
* [CVE-2023-51200](CVE-2023/CVE-2023-512xx/CVE-2023-51200.json) (`2024-01-23T21:15:09.080`)
* [CVE-2023-52090](CVE-2023/CVE-2023-520xx/CVE-2023-52090.json) (`2024-01-23T21:15:09.123`)
* [CVE-2023-52091](CVE-2023/CVE-2023-520xx/CVE-2023-52091.json) (`2024-01-23T21:15:09.170`)
* [CVE-2023-52092](CVE-2023/CVE-2023-520xx/CVE-2023-52092.json) (`2024-01-23T21:15:09.210`)
* [CVE-2023-52093](CVE-2023/CVE-2023-520xx/CVE-2023-52093.json) (`2024-01-23T21:15:09.253`)
* [CVE-2023-52094](CVE-2023/CVE-2023-520xx/CVE-2023-52094.json) (`2024-01-23T21:15:09.293`)
* [CVE-2023-52324](CVE-2023/CVE-2023-523xx/CVE-2023-52324.json) (`2024-01-23T21:15:09.337`)
* [CVE-2023-52325](CVE-2023/CVE-2023-523xx/CVE-2023-52325.json) (`2024-01-23T21:15:09.383`)
* [CVE-2023-52326](CVE-2023/CVE-2023-523xx/CVE-2023-52326.json) (`2024-01-23T21:15:09.427`)
* [CVE-2023-52327](CVE-2023/CVE-2023-523xx/CVE-2023-52327.json) (`2024-01-23T21:15:09.467`)
* [CVE-2023-52328](CVE-2023/CVE-2023-523xx/CVE-2023-52328.json) (`2024-01-23T21:15:09.507`)
* [CVE-2023-52329](CVE-2023/CVE-2023-523xx/CVE-2023-52329.json) (`2024-01-23T21:15:09.550`)
* [CVE-2023-52330](CVE-2023/CVE-2023-523xx/CVE-2023-52330.json) (`2024-01-23T21:15:09.593`)
* [CVE-2023-52331](CVE-2023/CVE-2023-523xx/CVE-2023-52331.json) (`2024-01-23T21:15:09.633`)
* [CVE-2023-52337](CVE-2023/CVE-2023-523xx/CVE-2023-52337.json) (`2024-01-23T21:15:09.677`)
* [CVE-2023-52338](CVE-2023/CVE-2023-523xx/CVE-2023-52338.json) (`2024-01-23T21:15:09.717`)
* [CVE-2023-31654](CVE-2023/CVE-2023-316xx/CVE-2023-31654.json) (`2024-01-23T22:15:16.340`)
* [CVE-2023-36177](CVE-2023/CVE-2023-361xx/CVE-2023-36177.json) (`2024-01-23T22:15:16.390`)
* [CVE-2023-51199](CVE-2023/CVE-2023-511xx/CVE-2023-51199.json) (`2024-01-23T22:15:16.437`)
* [CVE-2023-51201](CVE-2023/CVE-2023-512xx/CVE-2023-51201.json) (`2024-01-23T22:15:16.480`)
* [CVE-2023-51208](CVE-2023/CVE-2023-512xx/CVE-2023-51208.json) (`2024-01-23T22:15:16.533`)
* [CVE-2023-7237](CVE-2023/CVE-2023-72xx/CVE-2023-7237.json) (`2024-01-23T22:15:16.587`)
### CVEs modified in the last Commit
Recently modified CVEs: `59`
Recently modified CVEs: `9`
* [CVE-2024-22490](CVE-2024/CVE-2024-224xx/CVE-2024-22490.json) (`2024-01-23T19:40:11.110`)
* [CVE-2024-22496](CVE-2024/CVE-2024-224xx/CVE-2024-22496.json) (`2024-01-23T19:40:11.110`)
* [CVE-2024-22203](CVE-2024/CVE-2024-222xx/CVE-2024-22203.json) (`2024-01-23T19:40:11.110`)
* [CVE-2024-22204](CVE-2024/CVE-2024-222xx/CVE-2024-22204.json) (`2024-01-23T19:40:11.110`)
* [CVE-2024-22205](CVE-2024/CVE-2024-222xx/CVE-2024-22205.json) (`2024-01-23T19:40:11.110`)
* [CVE-2024-22417](CVE-2024/CVE-2024-224xx/CVE-2024-22417.json) (`2024-01-23T19:40:11.110`)
* [CVE-2024-23330](CVE-2024/CVE-2024-233xx/CVE-2024-23330.json) (`2024-01-23T19:40:11.110`)
* [CVE-2024-23341](CVE-2024/CVE-2024-233xx/CVE-2024-23341.json) (`2024-01-23T19:40:11.110`)
* [CVE-2024-23636](CVE-2024/CVE-2024-236xx/CVE-2024-23636.json) (`2024-01-23T19:40:11.110`)
* [CVE-2024-22207](CVE-2024/CVE-2024-222xx/CVE-2024-22207.json) (`2024-01-23T19:40:46.420`)
* [CVE-2024-20926](CVE-2024/CVE-2024-209xx/CVE-2024-20926.json) (`2024-01-23T19:41:44.100`)
* [CVE-2024-20924](CVE-2024/CVE-2024-209xx/CVE-2024-20924.json) (`2024-01-23T19:41:50.120`)
* [CVE-2024-20918](CVE-2024/CVE-2024-209xx/CVE-2024-20918.json) (`2024-01-23T19:41:57.467`)
* [CVE-2024-20922](CVE-2024/CVE-2024-209xx/CVE-2024-20922.json) (`2024-01-23T19:42:03.873`)
* [CVE-2024-20912](CVE-2024/CVE-2024-209xx/CVE-2024-20912.json) (`2024-01-23T19:42:12.067`)
* [CVE-2024-20910](CVE-2024/CVE-2024-209xx/CVE-2024-20910.json) (`2024-01-23T19:42:19.473`)
* [CVE-2024-20955](CVE-2024/CVE-2024-209xx/CVE-2024-20955.json) (`2024-01-23T19:42:41.163`)
* [CVE-2024-20932](CVE-2024/CVE-2024-209xx/CVE-2024-20932.json) (`2024-01-23T19:42:46.783`)
* [CVE-2024-20952](CVE-2024/CVE-2024-209xx/CVE-2024-20952.json) (`2024-01-23T19:42:52.877`)
* [CVE-2024-0556](CVE-2024/CVE-2024-05xx/CVE-2024-0556.json) (`2024-01-23T19:44:47.387`)
* [CVE-2024-0581](CVE-2024/CVE-2024-05xx/CVE-2024-0581.json) (`2024-01-23T19:51:19.543`)
* [CVE-2024-0200](CVE-2024/CVE-2024-02xx/CVE-2024-0200.json) (`2024-01-23T19:52:46.093`)
* [CVE-2024-0555](CVE-2024/CVE-2024-05xx/CVE-2024-0555.json) (`2024-01-23T19:57:48.237`)
* [CVE-2024-0584](CVE-2024/CVE-2024-05xx/CVE-2024-0584.json) (`2024-01-23T20:18:49.657`)
* [CVE-2024-0565](CVE-2024/CVE-2024-05xx/CVE-2024-0565.json) (`2024-01-23T20:31:54.850`)
* [CVE-2021-24433](CVE-2021/CVE-2021-244xx/CVE-2021-24433.json) (`2024-01-23T21:03:48.487`)
* [CVE-2022-41619](CVE-2022/CVE-2022-416xx/CVE-2022-41619.json) (`2024-01-23T21:42:44.163`)
* [CVE-2022-41695](CVE-2022/CVE-2022-416xx/CVE-2022-41695.json) (`2024-01-23T21:43:14.987`)
* [CVE-2023-49657](CVE-2023/CVE-2023-496xx/CVE-2023-49657.json) (`2024-01-23T21:15:09.000`)
* [CVE-2023-6129](CVE-2023/CVE-2023-61xx/CVE-2023-6129.json) (`2024-01-23T21:32:01.973`)
* [CVE-2023-52069](CVE-2023/CVE-2023-520xx/CVE-2023-52069.json) (`2024-01-23T21:41:02.097`)
* [CVE-2023-46952](CVE-2023/CVE-2023-469xx/CVE-2023-46952.json) (`2024-01-23T21:44:21.433`)
* [CVE-2024-0562](CVE-2024/CVE-2024-05xx/CVE-2024-0562.json) (`2024-01-23T21:00:27.900`)
* [CVE-2024-0558](CVE-2024/CVE-2024-05xx/CVE-2024-0558.json) (`2024-01-23T21:32:49.297`)
## Download and Usage