From 4ef21c8cbd8310e9b0b77e2fa5b6457dec8ee19d Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Thu, 28 Dec 2023 15:00:28 +0000 Subject: [PATCH] Auto-Update: 2023-12-28T15:00:24.769192+00:00 --- CVE-2022/CVE-2022-467xx/CVE-2022-46705.json | 60 ++++- CVE-2023/CVE-2023-05xx/CVE-2023-0562.json | 7 +- CVE-2023/CVE-2023-05xx/CVE-2023-0563.json | 7 +- CVE-2023/CVE-2023-270xx/CVE-2023-27074.json | 9 +- CVE-2023/CVE-2023-291xx/CVE-2023-29102.json | 51 +++- CVE-2023/CVE-2023-293xx/CVE-2023-29384.json | 51 +++- CVE-2023/CVE-2023-312xx/CVE-2023-31215.json | 51 +++- CVE-2023/CVE-2023-332xx/CVE-2023-33222.json | 269 +++++++++++++++++++- CVE-2023/CVE-2023-333xx/CVE-2023-33318.json | 51 +++- CVE-2023/CVE-2023-339xx/CVE-2023-33951.json | 29 ++- CVE-2023/CVE-2023-339xx/CVE-2023-33952.json | 29 ++- CVE-2023/CVE-2023-340xx/CVE-2023-34007.json | 51 +++- CVE-2023/CVE-2023-349xx/CVE-2023-34968.json | 54 +++- CVE-2023/CVE-2023-369xx/CVE-2023-36942.json | 9 +- CVE-2023/CVE-2023-37xx/CVE-2023-3772.json | 29 ++- CVE-2023/CVE-2023-395xx/CVE-2023-39551.json | 20 +- CVE-2023/CVE-2023-41xx/CVE-2023-4132.json | 24 +- CVE-2023/CVE-2023-45xx/CVE-2023-4522.json | 10 +- CVE-2023/CVE-2023-461xx/CVE-2023-46149.json | 51 +++- CVE-2023/CVE-2023-472xx/CVE-2023-47265.json | 65 ++++- CVE-2023/CVE-2023-482xx/CVE-2023-48291.json | 64 ++++- CVE-2023/CVE-2023-499xx/CVE-2023-49920.json | 65 ++++- CVE-2023/CVE-2023-507xx/CVE-2023-50783.json | 64 ++++- CVE-2023/CVE-2023-70xx/CVE-2023-7051.json | 58 ++++- CVE-2023/CVE-2023-70xx/CVE-2023-7052.json | 58 ++++- CVE-2023/CVE-2023-70xx/CVE-2023-7053.json | 58 ++++- CVE-2023/CVE-2023-70xx/CVE-2023-7054.json | 70 ++++- CVE-2023/CVE-2023-70xx/CVE-2023-7055.json | 68 ++++- CVE-2023/CVE-2023-70xx/CVE-2023-7056.json | 58 ++++- CVE-2023/CVE-2023-70xx/CVE-2023-7057.json | 59 ++++- CVE-2023/CVE-2023-70xx/CVE-2023-7058.json | 57 ++++- CVE-2023/CVE-2023-70xx/CVE-2023-7059.json | 58 ++++- CVE-2023/CVE-2023-71xx/CVE-2023-7126.json | 88 +++++++ README.md | 54 ++-- 34 files changed, 1633 insertions(+), 173 deletions(-) create mode 100644 CVE-2023/CVE-2023-71xx/CVE-2023-7126.json diff --git a/CVE-2022/CVE-2022-467xx/CVE-2022-46705.json b/CVE-2022/CVE-2022-467xx/CVE-2022-46705.json index 0237c9b9199..e7bc55e1eb7 100644 --- a/CVE-2022/CVE-2022-467xx/CVE-2022-46705.json +++ b/CVE-2022/CVE-2022-467xx/CVE-2022-46705.json @@ -2,8 +2,8 @@ "id": "CVE-2022-46705", "sourceIdentifier": "product-security@apple.com", "published": "2023-02-27T20:15:12.820", - "lastModified": "2023-11-15T21:15:07.583", - "vulnStatus": "Modified", + "lastModified": "2023-12-28T14:48:17.850", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -62,20 +62,46 @@ { "vulnerable": true, "criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*", + "versionEndExcluding": "15.7.2", + "matchCriteriaId": "C5892A8E-3D71-4ED7-ABFC-973DE74C2AD7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*", + "versionStartIncluding": "16.0", "versionEndExcluding": "16.2", - "matchCriteriaId": "89495791-675B-413C-A86D-ECBADF4EDC4E" + "matchCriteriaId": "12BFE943-4D00-44E4-9F1E-138547AAC79D" }, { "vulnerable": true, "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", + "versionEndExcluding": "15.7.2", + "matchCriteriaId": "2B03CFDD-AC66-4B07-A8CB-E026FCB8A1AE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", + "versionStartIncluding": "16.0", "versionEndExcluding": "16.2", - "matchCriteriaId": "6B1B6657-43F5-4F0E-BE5C-5D828DEE066F" + "matchCriteriaId": "6B7ED32C-BCF6-4BE8-8013-43D46507722E" }, { "vulnerable": true, "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "versionEndExcluding": "13.1", "matchCriteriaId": "D7457023-5C4E-4935-826D-A411B0324092" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*", + "versionEndExcluding": "16.2", + "matchCriteriaId": "400AD564-BDEC-4C81-B650-56357BEBF0C7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*", + "versionEndExcluding": "9.2", + "matchCriteriaId": "7A9F3F63-6BF8-4DD5-97FD-D9C90A62ECB0" } ] } @@ -85,7 +111,11 @@ "references": [ { "url": "http://www.openwall.com/lists/oss-security/2023/11/15/1", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://support.apple.com/en-us/HT213530", @@ -113,19 +143,31 @@ }, { "url": "https://support.apple.com/kb/HT213531", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://support.apple.com/kb/HT213535", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://support.apple.com/kb/HT213536", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://support.apple.com/kb/HT213676", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-05xx/CVE-2023-0562.json b/CVE-2023/CVE-2023-05xx/CVE-2023-0562.json index 2cc4753ce2d..2ad3953616e 100644 --- a/CVE-2023/CVE-2023-05xx/CVE-2023-0562.json +++ b/CVE-2023/CVE-2023-05xx/CVE-2023-0562.json @@ -2,8 +2,8 @@ "id": "CVE-2023-0562", "sourceIdentifier": "cna@vuldb.com", "published": "2023-01-28T23:15:08.810", - "lastModified": "2023-11-14T22:28:17.220", - "vulnStatus": "Modified", + "lastModified": "2023-12-28T14:42:15.407", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -121,8 +121,7 @@ "url": "https://vuldb.com/?ctiid.219716", "source": "cna@vuldb.com", "tags": [ - "Permissions Required", - "Third Party Advisory" + "Permissions Required" ] }, { diff --git a/CVE-2023/CVE-2023-05xx/CVE-2023-0563.json b/CVE-2023/CVE-2023-05xx/CVE-2023-0563.json index a72cdb68f8a..957cf922c6a 100644 --- a/CVE-2023/CVE-2023-05xx/CVE-2023-0563.json +++ b/CVE-2023/CVE-2023-05xx/CVE-2023-0563.json @@ -2,8 +2,8 @@ "id": "CVE-2023-0563", "sourceIdentifier": "cna@vuldb.com", "published": "2023-01-28T23:15:08.897", - "lastModified": "2023-11-14T22:28:17.220", - "vulnStatus": "Modified", + "lastModified": "2023-12-28T14:43:54.757", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -121,8 +121,7 @@ "url": "https://vuldb.com/?ctiid.219717", "source": "cna@vuldb.com", "tags": [ - "Permissions Required", - "Third Party Advisory" + "Permissions Required" ] }, { diff --git a/CVE-2023/CVE-2023-270xx/CVE-2023-27074.json b/CVE-2023/CVE-2023-270xx/CVE-2023-27074.json index 2c65bbd1100..1914f7a0100 100644 --- a/CVE-2023/CVE-2023-270xx/CVE-2023-27074.json +++ b/CVE-2023/CVE-2023-270xx/CVE-2023-27074.json @@ -2,8 +2,8 @@ "id": "CVE-2023-27074", "sourceIdentifier": "cve@mitre.org", "published": "2023-03-14T15:15:12.377", - "lastModified": "2023-11-14T21:58:08.407", - "vulnStatus": "Modified", + "lastModified": "2023-12-28T14:48:38.350", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -66,7 +66,10 @@ "references": [ { "url": "https://github.com/bhaveshkush007/CVEs/blob/main/CVE-2023-27074.txt", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://phpgurukul.com/bp-monitoring-management-system-using-php-and-mysql/", diff --git a/CVE-2023/CVE-2023-291xx/CVE-2023-29102.json b/CVE-2023/CVE-2023-291xx/CVE-2023-29102.json index 7a64d2e63f7..d350c57997a 100644 --- a/CVE-2023/CVE-2023-291xx/CVE-2023-29102.json +++ b/CVE-2023/CVE-2023-291xx/CVE-2023-29102.json @@ -2,16 +2,40 @@ "id": "CVE-2023-29102", "sourceIdentifier": "audit@patchstack.com", "published": "2023-12-20T19:15:08.560", - "lastModified": "2023-12-20T19:52:34.443", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-28T13:44:22.587", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Unrestricted Upload of File with Dangerous Type vulnerability in Olive Themes Olive One Click Demo Import.This issue affects Olive One Click Demo Import: from n/a through 1.1.1.\n\n" + }, + { + "lang": "es", + "value": "Carga sin restricciones de archivos con vulnerabilidad de tipo peligroso en Olive Themes Olive One Click Demo Import. Este problema afecta a Olive One Click Demo Import: desde n/a hasta 1.1.1." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.9 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:olivethemes:olive_one_click_demo_import:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "1.1.1", + "matchCriteriaId": "9E59364C-B06F-408F-B78C-D266922DF4F6" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/olive-one-click-demo-import/wordpress-olive-one-click-demo-import-plugin-1-0-9-arbitrary-file-upload-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-293xx/CVE-2023-29384.json b/CVE-2023/CVE-2023-293xx/CVE-2023-29384.json index fdb12c7ca15..5a9fa9f57fb 100644 --- a/CVE-2023/CVE-2023-293xx/CVE-2023-29384.json +++ b/CVE-2023/CVE-2023-293xx/CVE-2023-29384.json @@ -2,16 +2,40 @@ "id": "CVE-2023-29384", "sourceIdentifier": "audit@patchstack.com", "published": "2023-12-20T19:15:08.740", - "lastModified": "2023-12-20T19:52:34.443", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-28T13:34:45.667", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Unrestricted Upload of File with Dangerous Type vulnerability in HM Plugin WordPress Job Board and Recruitment Plugin \u2013 JobWP.This issue affects WordPress Job Board and Recruitment Plugin \u2013 JobWP: from n/a through 2.0.\n\n" + }, + { + "lang": "es", + "value": "Carga sin restricciones de archivos con vulnerabilidad de tipo peligroso en HM Plugin WordPress Job Board and Recruitment Plugin \u2013 JobWP. Este problema afecta a WordPress Job Board y Recruitment Plugin \u2013 JobWP: desde n/a hasta 2.0." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:hmplugin:jobwp:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "2.0", + "matchCriteriaId": "86891660-B08C-4FAE-9FD4-99F5440D969E" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/jobwp/wordpress-job-board-and-recruitment-plugin-jobwp-plugin-2-0-arbitrary-file-upload-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-312xx/CVE-2023-31215.json b/CVE-2023/CVE-2023-312xx/CVE-2023-31215.json index 0439bd6bcc4..29cb271095a 100644 --- a/CVE-2023/CVE-2023-312xx/CVE-2023-31215.json +++ b/CVE-2023/CVE-2023-312xx/CVE-2023-31215.json @@ -2,16 +2,40 @@ "id": "CVE-2023-31215", "sourceIdentifier": "audit@patchstack.com", "published": "2023-12-20T19:15:08.930", - "lastModified": "2023-12-20T19:52:34.443", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-28T13:32:56.443", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Unrestricted Upload of File with Dangerous Type vulnerability in AmaderCode Lab Dropshipping & Affiliation with Amazon.This issue affects Dropshipping & Affiliation with Amazon: from n/a through 2.1.2.\n\n" + }, + { + "lang": "es", + "value": "Carga sin restricciones de archivos con vulnerabilidad de tipo peligroso en AmaderCode Lab Dropshipping & Affiliation with Amazon. Este problema afecta a Dropshipping & Affiliation with Amazon: desde n/a hasta 2.1.2." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:amadercode:dropshipping_\\&_affiliation_with_amazon:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "2.1.2", + "matchCriteriaId": "D95065AF-EF1B-4CB5-9DF1-095037381F1F" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/wp-amazon-shop/wordpress-dropshipping-affiliation-with-amazon-plugin-2-1-2-arbitrary-file-upload-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-332xx/CVE-2023-33222.json b/CVE-2023/CVE-2023-332xx/CVE-2023-33222.json index 0099a4c8541..042d2ccfc13 100644 --- a/CVE-2023/CVE-2023-332xx/CVE-2023-33222.json +++ b/CVE-2023/CVE-2023-332xx/CVE-2023-33222.json @@ -2,16 +2,40 @@ "id": "CVE-2023-33222", "sourceIdentifier": "a87f365f-9d39-4848-9b3a-58c7cae69cab", "published": "2023-12-15T12:15:44.130", - "lastModified": "2023-12-15T13:41:51.403", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-28T14:58:34.140", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "\n\n\n\n\n\n\n\n\nWhen handling contactless cards, usage of a specific function to get additional information from the card which doesn't \ncheck the boundary on the data received while reading. This allows a stack-based buffer overflow that could lead to a \npotential Remote Code Execution on the targeted device\n\n\n\n\n\n\n\n" + }, + { + "lang": "es", + "value": "Al manejar tarjetas sin contacto, se utiliza una funci\u00f3n espec\u00edfica para obtener informaci\u00f3n adicional de la tarjeta que no verifica el l\u00edmite de los datos recibidos durante la lectura. Esto permite un desbordamiento de b\u00fafer en la regi\u00f3n stack de la memoria que podr\u00eda provocar una posible ejecuci\u00f3n remota de c\u00f3digo en el dispositivo de destino." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "a87f365f-9d39-4848-9b3a-58c7cae69cab", "type": "Secondary", @@ -35,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + }, { "source": "a87f365f-9d39-4848-9b3a-58c7cae69cab", "type": "Secondary", @@ -46,10 +80,239 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:idemia:sigma_lite_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.15.5", + "matchCriteriaId": "983A7DAD-1995-4A8A-8714-D47D4E90ABF2" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:idemia:sigma_lite:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E2F8847F-E51A-4A64-A2D4-FCDD193E7AFA" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:idemia:sigma_lite\\+_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.15.5", + "matchCriteriaId": "A2582E12-D19F-4660-A98C-6941C8C9081D" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:idemia:sigma_lite\\+:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2BB49653-25EA-4F69-A1B7-0ACA58F85FF1" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:idemia:sigma_extreme_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.15.5", + "matchCriteriaId": "865DE0C9-5384-45BD-AF81-5C416FCB962A" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:idemia:sigma_extreme:-:*:*:*:*:*:*:*", + "matchCriteriaId": "4FB05B6D-7D4C-4148-A05A-751B272B0E25" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:idemia:sigma_wide_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.15.5", + "matchCriteriaId": "8E2D74C2-6C83-4111-B410-E81C7414309B" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:idemia:sigma_wide:-:*:*:*:*:*:*:*", + "matchCriteriaId": "BE86F813-6021-4FEB-86A9-B7013EEB4416" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:idemia:morphowave_compact_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.12.2", + "matchCriteriaId": "8BDA2ED3-4875-45EB-8489-8C6B8F44EF2A" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:idemia:morphowave_compact:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B36E662E-C713-47E5-B07E-F0D9F1C63E9D" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:idemia:morphowave_xp_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.12.2", + "matchCriteriaId": "AEAD097B-E5A8-492F-9ABB-75D5D15A8F9F" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:idemia:morphowave_xp:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2FA7252B-5871-4A13-B41D-752A5EA276F1" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:idemia:visionpass_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.12.2", + "matchCriteriaId": "1ED8DCF7-F85C-4513-BF69-5FE2D7185A96" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:idemia:visionpass:-:*:*:*:*:*:*:*", + "matchCriteriaId": "CDABE653-294E-478C-B458-F9A1206A0E7E" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:idemia:morphowave_sp_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.2.7", + "matchCriteriaId": "BF554F0F-8E5D-40A2-A676-8984AB685CEE" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:idemia:morphowave_sp:-:*:*:*:*:*:*:*", + "matchCriteriaId": "AFD369B0-119B-497B-9353-AB5E5E267FF9" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.idemia.com/wp-content/uploads/2023/11/Security-Advisory-SA-2023-05-2.pdf", - "source": "a87f365f-9d39-4848-9b3a-58c7cae69cab" + "source": "a87f365f-9d39-4848-9b3a-58c7cae69cab", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-333xx/CVE-2023-33318.json b/CVE-2023/CVE-2023-333xx/CVE-2023-33318.json index f8f22237fe7..482e5d4e0cb 100644 --- a/CVE-2023/CVE-2023-333xx/CVE-2023-33318.json +++ b/CVE-2023/CVE-2023-333xx/CVE-2023-33318.json @@ -2,16 +2,40 @@ "id": "CVE-2023-33318", "sourceIdentifier": "audit@patchstack.com", "published": "2023-12-20T19:15:09.337", - "lastModified": "2023-12-20T19:52:34.443", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-28T13:32:14.973", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Unrestricted Upload of File with Dangerous Type vulnerability in WooCommerce AutomateWoo.This issue affects AutomateWoo: from n/a through 4.9.40.\n\n" + }, + { + "lang": "es", + "value": "Carga sin restricciones de archivos con vulnerabilidad de tipo peligroso en WooCommerce AutomateWoo. Este problema afecta a AutomateWoo: desde n/a hasta 4.9.40." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:woocommerce:automatewoo:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "4.9.40", + "matchCriteriaId": "05155BDD-70A6-4927-A937-4D9BBC42961B" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/woocommerce-follow-up-emails/wordpress-woocommerce-follow-up-emails-plugin-4-9-40-arbitrary-file-upload-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-339xx/CVE-2023-33951.json b/CVE-2023/CVE-2023-339xx/CVE-2023-33951.json index e8134c33e9e..9eb1bfa2fc6 100644 --- a/CVE-2023/CVE-2023-339xx/CVE-2023-33951.json +++ b/CVE-2023/CVE-2023-339xx/CVE-2023-33951.json @@ -2,8 +2,8 @@ "id": "CVE-2023-33951", "sourceIdentifier": "secalert@redhat.com", "published": "2023-07-24T16:15:11.820", - "lastModified": "2023-11-14T21:15:09.050", - "vulnStatus": "Modified", + "lastModified": "2023-12-28T14:39:09.287", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -112,6 +112,16 @@ "vulnerable": true, "criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_real_time:8.0:*:*:*:*:*:*:*", + "matchCriteriaId": "5487EF77-D23A-4CC0-851C-E330B4485D8A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv:8.0:*:*:*:*:*:*:*", + "matchCriteriaId": "782C86CD-1B68-410A-A096-E5170AD24DA2" } ] } @@ -121,15 +131,24 @@ "references": [ { "url": "https://access.redhat.com/errata/RHSA-2023:6583", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://access.redhat.com/errata/RHSA-2023:6901", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://access.redhat.com/errata/RHSA-2023:7077", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://access.redhat.com/security/cve/CVE-2023-33951", diff --git a/CVE-2023/CVE-2023-339xx/CVE-2023-33952.json b/CVE-2023/CVE-2023-339xx/CVE-2023-33952.json index 99973c37e10..1293dbeeecf 100644 --- a/CVE-2023/CVE-2023-339xx/CVE-2023-33952.json +++ b/CVE-2023/CVE-2023-339xx/CVE-2023-33952.json @@ -2,8 +2,8 @@ "id": "CVE-2023-33952", "sourceIdentifier": "secalert@redhat.com", "published": "2023-07-24T16:15:11.893", - "lastModified": "2023-11-14T21:15:09.150", - "vulnStatus": "Modified", + "lastModified": "2023-12-28T14:39:16.187", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -108,6 +108,16 @@ "vulnerable": true, "criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_real_time:8.0:*:*:*:*:*:*:*", + "matchCriteriaId": "5487EF77-D23A-4CC0-851C-E330B4485D8A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv:8.0:*:*:*:*:*:*:*", + "matchCriteriaId": "782C86CD-1B68-410A-A096-E5170AD24DA2" } ] } @@ -117,15 +127,24 @@ "references": [ { "url": "https://access.redhat.com/errata/RHSA-2023:6583", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://access.redhat.com/errata/RHSA-2023:6901", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://access.redhat.com/errata/RHSA-2023:7077", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://access.redhat.com/security/cve/CVE-2023-33952", diff --git a/CVE-2023/CVE-2023-340xx/CVE-2023-34007.json b/CVE-2023/CVE-2023-340xx/CVE-2023-34007.json index dbf42e77799..6cae1ba9951 100644 --- a/CVE-2023/CVE-2023-340xx/CVE-2023-34007.json +++ b/CVE-2023/CVE-2023-340xx/CVE-2023-34007.json @@ -2,16 +2,40 @@ "id": "CVE-2023-34007", "sourceIdentifier": "audit@patchstack.com", "published": "2023-12-20T19:15:09.523", - "lastModified": "2023-12-20T19:52:34.443", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-28T13:31:11.177", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Unrestricted Upload of File with Dangerous Type vulnerability in WPChill Download Monitor.This issue affects Download Monitor: from n/a through 4.8.3.\n\n" + }, + { + "lang": "es", + "value": "Carga sin restricciones de archivos con vulnerabilidad de tipo peligroso en WPChill Download Monitor. Este problema afecta a Download Monitor: desde n/a hasta 4.8.3." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:wpchill:download_monitor:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "4.8.3", + "matchCriteriaId": "853950B1-BEEB-43E6-BF5B-9189816A4CB4" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/download-monitor/wordpress-download-monitor-plugin-4-8-3-arbitrary-file-upload-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-349xx/CVE-2023-34968.json b/CVE-2023/CVE-2023-349xx/CVE-2023-34968.json index 5e306afa96a..1e1a137a0ad 100644 --- a/CVE-2023/CVE-2023-349xx/CVE-2023-34968.json +++ b/CVE-2023/CVE-2023-349xx/CVE-2023-34968.json @@ -2,8 +2,8 @@ "id": "CVE-2023-34968", "sourceIdentifier": "secalert@redhat.com", "published": "2023-07-20T15:15:11.540", - "lastModified": "2023-11-14T21:15:09.513", - "vulnStatus": "Modified", + "lastModified": "2023-12-28T14:38:56.397", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -103,6 +103,11 @@ "operator": "OR", "negate": false, "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*", + "matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D" + }, { "vulnerable": true, "criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*", @@ -136,16 +141,42 @@ ] } ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", + "matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*", + "matchCriteriaId": "46D69DCC-AE4D-4EA5-861C-D60951444C6C" + } + ] + } + ] } ], "references": [ { "url": "https://access.redhat.com/errata/RHSA-2023:6667", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://access.redhat.com/errata/RHSA-2023:7139", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://access.redhat.com/security/cve/CVE-2023-34968", @@ -171,15 +202,24 @@ }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OT74M42E6C36W7PQVY3OS4ZM7DVYB64Z/", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Mailing List" + ] }, { "url": "https://security.netapp.com/advisory/ntap-20230731-0010/", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://www.debian.org/security/2023/dsa-5477", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://www.samba.org/samba/security/CVE-2023-34968.html", diff --git a/CVE-2023/CVE-2023-369xx/CVE-2023-36942.json b/CVE-2023/CVE-2023-369xx/CVE-2023-36942.json index a7eea6a56ee..b1cc00fdb57 100644 --- a/CVE-2023/CVE-2023-369xx/CVE-2023-36942.json +++ b/CVE-2023/CVE-2023-369xx/CVE-2023-36942.json @@ -2,8 +2,8 @@ "id": "CVE-2023-36942", "sourceIdentifier": "cve@mitre.org", "published": "2023-07-27T20:15:10.027", - "lastModified": "2023-11-14T21:06:31.947", - "vulnStatus": "Modified", + "lastModified": "2023-12-28T14:36:28.463", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -66,7 +66,10 @@ "references": [ { "url": "https://medium.com/%40ridheshgohil1092/cve-2023-36942-xss-on-online-fire-reporting-system-v-1-2-19357e54978c", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit" + ] }, { "url": "https://packetstormsecurity.com", diff --git a/CVE-2023/CVE-2023-37xx/CVE-2023-3772.json b/CVE-2023/CVE-2023-37xx/CVE-2023-3772.json index ef21d94d14c..6945bfd01d6 100644 --- a/CVE-2023/CVE-2023-37xx/CVE-2023-3772.json +++ b/CVE-2023/CVE-2023-37xx/CVE-2023-3772.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3772", "sourceIdentifier": "secalert@redhat.com", "published": "2023-07-25T16:15:11.660", - "lastModified": "2023-11-14T20:15:07.703", - "vulnStatus": "Modified", + "lastModified": "2023-12-28T14:35:56.913", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -92,6 +92,16 @@ "vulnerable": true, "criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_real_time:8.0:*:*:*:*:*:*:*", + "matchCriteriaId": "5487EF77-D23A-4CC0-851C-E330B4485D8A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv:8.0:*:*:*:*:*:*:*", + "matchCriteriaId": "782C86CD-1B68-410A-A096-E5170AD24DA2" } ] } @@ -168,15 +178,24 @@ }, { "url": "https://access.redhat.com/errata/RHSA-2023:6583", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://access.redhat.com/errata/RHSA-2023:6901", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://access.redhat.com/errata/RHSA-2023:7077", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://access.redhat.com/security/cve/CVE-2023-3772", diff --git a/CVE-2023/CVE-2023-395xx/CVE-2023-39551.json b/CVE-2023/CVE-2023-395xx/CVE-2023-39551.json index d660eeb0e99..e2e5fecdf2a 100644 --- a/CVE-2023/CVE-2023-395xx/CVE-2023-39551.json +++ b/CVE-2023/CVE-2023-395xx/CVE-2023-39551.json @@ -2,8 +2,8 @@ "id": "CVE-2023-39551", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-04T19:15:10.390", - "lastModified": "2023-11-14T22:21:38.423", - "vulnStatus": "Modified", + "lastModified": "2023-12-28T14:38:04.070", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -74,15 +74,25 @@ }, { "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39551", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory", + "US Government Resource" + ] }, { "url": "https://www.chtsecurity.com/news/0dbe8e1d-0a6c-4604-9cf1-778ddc86a8c1", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://www.chtsecurity.com/news/285b9375-ba65-4f61-a02a-a575337dc86c", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-41xx/CVE-2023-4132.json b/CVE-2023/CVE-2023-41xx/CVE-2023-4132.json index 6b60579d813..5e207d0a6f3 100644 --- a/CVE-2023/CVE-2023-41xx/CVE-2023-4132.json +++ b/CVE-2023/CVE-2023-41xx/CVE-2023-4132.json @@ -2,8 +2,8 @@ "id": "CVE-2023-4132", "sourceIdentifier": "secalert@redhat.com", "published": "2023-08-03T15:15:32.833", - "lastModified": "2023-11-14T20:15:09.050", - "vulnStatus": "Modified", + "lastModified": "2023-12-28T14:36:33.327", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -103,6 +103,16 @@ "vulnerable": true, "criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_real_time:8.0:*:*:*:*:*:*:*", + "matchCriteriaId": "5487EF77-D23A-4CC0-851C-E330B4485D8A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv:8.0:*:*:*:*:*:*:*", + "matchCriteriaId": "782C86CD-1B68-410A-A096-E5170AD24DA2" } ] } @@ -152,11 +162,17 @@ "references": [ { "url": "https://access.redhat.com/errata/RHSA-2023:6901", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://access.redhat.com/errata/RHSA-2023:7077", - "source": "secalert@redhat.com" + "source": "secalert@redhat.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://access.redhat.com/security/cve/CVE-2023-4132", diff --git a/CVE-2023/CVE-2023-45xx/CVE-2023-4522.json b/CVE-2023/CVE-2023-45xx/CVE-2023-4522.json index 3133834430c..a81660337c1 100644 --- a/CVE-2023/CVE-2023-45xx/CVE-2023-4522.json +++ b/CVE-2023/CVE-2023-45xx/CVE-2023-4522.json @@ -2,8 +2,8 @@ "id": "CVE-2023-4522", "sourceIdentifier": "cve@gitlab.com", "published": "2023-08-30T08:15:52.673", - "lastModified": "2023-11-15T12:15:06.860", - "vulnStatus": "Modified", + "lastModified": "2023-12-28T14:50:15.647", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -86,8 +86,8 @@ { "vulnerable": true, "criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*", - "versionStartIncluding": "16.2.0", - "matchCriteriaId": "32A94716-6633-4771-820E-C405D5FC9B45" + "versionEndExcluding": "16.2.0", + "matchCriteriaId": "9083DA3B-05EC-402A-9942-0C83766A1AEB" } ] } @@ -99,7 +99,7 @@ "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/406817", "source": "cve@gitlab.com", "tags": [ - "Broken Link" + "Exploit" ] }, { diff --git a/CVE-2023/CVE-2023-461xx/CVE-2023-46149.json b/CVE-2023/CVE-2023-461xx/CVE-2023-46149.json index 0040f505134..ae06d5c64f2 100644 --- a/CVE-2023/CVE-2023-461xx/CVE-2023-46149.json +++ b/CVE-2023/CVE-2023-461xx/CVE-2023-46149.json @@ -2,16 +2,40 @@ "id": "CVE-2023-46149", "sourceIdentifier": "audit@patchstack.com", "published": "2023-12-20T19:15:10.310", - "lastModified": "2023-12-20T19:52:34.443", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-28T13:44:32.593", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Unrestricted Upload of File with Dangerous Type vulnerability in Themify Themify Ultra.This issue affects Themify Ultra: from n/a through 7.3.5.\n\n" + }, + { + "lang": "es", + "value": "Carga sin restricciones de archivos con vulnerabilidad de tipo peligroso en Themify Themify Ultra. Este problema afecta a Themify Ultra: desde n/a hasta 7.3.5." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +70,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:themify:ultra:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "7.3.5", + "matchCriteriaId": "58FACD73-47B0-46DE-B1EE-6D8DC7C0949E" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/themify-ultra/wordpress-themify-ultra-theme-7-3-3-authenticated-unrestricted-zip-extraction-lead-to-rce-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-472xx/CVE-2023-47265.json b/CVE-2023/CVE-2023-472xx/CVE-2023-47265.json index 57774c71c66..851c7f9c507 100644 --- a/CVE-2023/CVE-2023-472xx/CVE-2023-47265.json +++ b/CVE-2023/CVE-2023-472xx/CVE-2023-47265.json @@ -2,8 +2,8 @@ "id": "CVE-2023-47265", "sourceIdentifier": "security@apache.org", "published": "2023-12-21T10:15:35.713", - "lastModified": "2023-12-21T15:15:09.020", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-28T14:00:15.887", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -14,7 +14,30 @@ "value": "Apache Airflow, desde versiones 2.6.0 a 2.7.3, tiene una vulnerabilidad de XSS almacenado que permite a un autor de DAG agregar un javascript ilimitado y no sanitizado en el campo de descripci\u00f3n de par\u00e1metros del DAG. Este Javascript se puede ejecutar en el lado del cliente de cualquiera de los usuarios que mira las tareas en la sandbox del navegador. Si bien este problema no permite salir de la sandbox del navegador ni manipular los datos del lado del servidor (m\u00e1s de los que el autor del DAG ya tiene, permite modificar lo que el usuario que mira los detalles del DAG ve en el navegador), lo que abre todo tipo de problemas de posibilidades de enga\u00f1ar a otros usuarios. Se recomienda a los usuarios de Apache Airflow actualizar a la versi\u00f3n 2.8.0 o posterior para mitigar el riesgo asociado con esta vulnerabilidad." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, "weaknesses": [ { "source": "security@apache.org", @@ -27,18 +50,48 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:apache:airflow:*:*:*:*:*:*:*:*", + "versionStartIncluding": "2.6.0", + "versionEndIncluding": "2.7.3", + "matchCriteriaId": "0A643237-EF0F-402D-9188-307B0C74FC37" + } + ] + } + ] + } + ], "references": [ { "url": "http://www.openwall.com/lists/oss-security/2023/12/21/2", - "source": "security@apache.org" + "source": "security@apache.org", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://github.com/apache/airflow/pull/35460", - "source": "security@apache.org" + "source": "security@apache.org", + "tags": [ + "Patch" + ] }, { "url": "https://lists.apache.org/thread/128f3zl375vb1qv93k82zhnwkpl233pr", - "source": "security@apache.org" + "source": "security@apache.org", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-482xx/CVE-2023-48291.json b/CVE-2023/CVE-2023-482xx/CVE-2023-48291.json index 668525d8254..d719ff9a976 100644 --- a/CVE-2023/CVE-2023-482xx/CVE-2023-48291.json +++ b/CVE-2023/CVE-2023-482xx/CVE-2023-48291.json @@ -2,8 +2,8 @@ "id": "CVE-2023-48291", "sourceIdentifier": "security@apache.org", "published": "2023-12-21T10:15:36.043", - "lastModified": "2023-12-21T15:15:09.747", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-28T13:52:59.233", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -14,7 +14,30 @@ "value": "Apache Airflow, en versiones anteriores a la 2.8.0, contiene una vulnerabilidad de seguridad que permite a un usuario autenticado con acceso limitado a algunos DAG crear una solicitud que podr\u00eda darle al usuario acceso de escritura a varios recursos de DAG para los DAG a los que el usuario no ten\u00eda acceso. para, por lo tanto, permitir al usuario borrar DAG que no deber\u00eda. Esta es una soluci\u00f3n que falta para CVE-2023-42792 en Apache Airflow 2.7.2. Se recomienda encarecidamente a los usuarios de Apache Airflow que actualicen a la versi\u00f3n 2.8.0 o posterior para mitigar el riesgo asociado con esta vulnerabilidad." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, "weaknesses": [ { "source": "security@apache.org", @@ -27,18 +50,47 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:apache:airflow:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.8.0", + "matchCriteriaId": "4677EF1A-E179-48BF-98C7-EACB269B0BDD" + } + ] + } + ] + } + ], "references": [ { "url": "http://www.openwall.com/lists/oss-security/2023/12/21/1", - "source": "security@apache.org" + "source": "security@apache.org", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://github.com/apache/airflow/pull/34366", - "source": "security@apache.org" + "source": "security@apache.org", + "tags": [ + "Patch" + ] }, { "url": "https://lists.apache.org/thread/3nl0h014274yjlt1hd02z0q78ftyz0z3", - "source": "security@apache.org" + "source": "security@apache.org", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-499xx/CVE-2023-49920.json b/CVE-2023/CVE-2023-499xx/CVE-2023-49920.json index 4bed2d5e507..3b66e3cdab7 100644 --- a/CVE-2023/CVE-2023-499xx/CVE-2023-49920.json +++ b/CVE-2023/CVE-2023-499xx/CVE-2023-49920.json @@ -2,8 +2,8 @@ "id": "CVE-2023-49920", "sourceIdentifier": "security@apache.org", "published": "2023-12-21T10:15:36.330", - "lastModified": "2023-12-21T15:15:09.817", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-28T13:49:22.483", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -14,7 +14,30 @@ "value": "Apache Airflow, desde versi\u00f3n 2.7.0 a 2.7.3, tiene una vulnerabilidad que permite a un atacante activar un DAG en una solicitud GET sin validaci\u00f3n CSRF. Como resultado, era posible que un sitio web malicioso abierto en el mismo navegador (por el usuario que tambi\u00e9n ten\u00eda abierta la interfaz de usuario de Airflow) desencadenara la ejecuci\u00f3n de DAG sin el consentimiento del usuario. Se recomienda a los usuarios que actualicen a la versi\u00f3n 2.8.0 o posterior, que no se ve afectada." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, "weaknesses": [ { "source": "security@apache.org", @@ -27,18 +50,48 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:apache:airflow:*:*:*:*:*:*:*:*", + "versionStartIncluding": "2.7.0", + "versionEndIncluding": "2.7.3", + "matchCriteriaId": "122817C2-2AA2-4D75-85C1-CDC07B9531A8" + } + ] + } + ] + } + ], "references": [ { "url": "http://www.openwall.com/lists/oss-security/2023/12/21/3", - "source": "security@apache.org" + "source": "security@apache.org", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://github.com/apache/airflow/pull/36026", - "source": "security@apache.org" + "source": "security@apache.org", + "tags": [ + "Patch" + ] }, { "url": "https://lists.apache.org/thread/mnwd2vcfw3gms6ft6kl951vfbqrxsnjq", - "source": "security@apache.org" + "source": "security@apache.org", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-507xx/CVE-2023-50783.json b/CVE-2023/CVE-2023-507xx/CVE-2023-50783.json index 72160ed0015..e0c6f3255d9 100644 --- a/CVE-2023/CVE-2023-507xx/CVE-2023-50783.json +++ b/CVE-2023/CVE-2023-507xx/CVE-2023-50783.json @@ -2,8 +2,8 @@ "id": "CVE-2023-50783", "sourceIdentifier": "security@apache.org", "published": "2023-12-21T10:15:36.607", - "lastModified": "2023-12-21T15:15:10.860", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-28T13:45:11.130", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -14,7 +14,30 @@ "value": "Apache Airflow, en versiones anteriores a 2.8.0, se ve afectado por una vulnerabilidad que permite a un usuario autenticado sin el permiso de edici\u00f3n de variables actualizar una variable. Este fallo compromete la integridad de la gesti\u00f3n de variables, lo que podr\u00eda provocar modificaciones de datos no autorizadas. Se recomienda a los usuarios actualizar a 2.8.0, que soluciona este problema" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, "weaknesses": [ { "source": "security@apache.org", @@ -27,18 +50,47 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:apache:airflow:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.8.0", + "matchCriteriaId": "4677EF1A-E179-48BF-98C7-EACB269B0BDD" + } + ] + } + ] + } + ], "references": [ { "url": "http://www.openwall.com/lists/oss-security/2023/12/21/4", - "source": "security@apache.org" + "source": "security@apache.org", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://github.com/apache/airflow/pull/33932", - "source": "security@apache.org" + "source": "security@apache.org", + "tags": [ + "Patch" + ] }, { "url": "https://lists.apache.org/thread/rs7cr3yp726mb89s1m844hy9pq7frgcn", - "source": "security@apache.org" + "source": "security@apache.org", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-70xx/CVE-2023-7051.json b/CVE-2023/CVE-2023-70xx/CVE-2023-7051.json index 1ca087b4449..72f03934fd0 100644 --- a/CVE-2023/CVE-2023-70xx/CVE-2023-7051.json +++ b/CVE-2023/CVE-2023-70xx/CVE-2023-7051.json @@ -2,8 +2,8 @@ "id": "CVE-2023-7051", "sourceIdentifier": "cna@vuldb.com", "published": "2023-12-21T22:15:15.773", - "lastModified": "2023-12-22T12:18:32.690", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-28T14:01:04.813", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -75,18 +95,46 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:phpgurukul:online_notes_sharing_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "2F13021B-DBB9-4471-BD20-7DAA03BB1981" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/dhabaleshwar/Open-Source-Vulnerabilities/blob/main/csrf_delete_notes.md", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.248738", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?id.248738", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-70xx/CVE-2023-7052.json b/CVE-2023/CVE-2023-70xx/CVE-2023-7052.json index 9a2f47ddf4e..21db037ccb6 100644 --- a/CVE-2023/CVE-2023-70xx/CVE-2023-7052.json +++ b/CVE-2023/CVE-2023-70xx/CVE-2023-7052.json @@ -2,8 +2,8 @@ "id": "CVE-2023-7052", "sourceIdentifier": "cna@vuldb.com", "published": "2023-12-22T01:15:12.323", - "lastModified": "2023-12-22T12:18:32.690", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-28T14:01:27.227", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -75,18 +95,46 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:phpgurukul:online_notes_sharing_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "2F13021B-DBB9-4471-BD20-7DAA03BB1981" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/dhabaleshwar/Open-Source-Vulnerabilities/blob/main/csrf_profile_notes.md", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.248739", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?id.248739", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-70xx/CVE-2023-7053.json b/CVE-2023/CVE-2023-70xx/CVE-2023-7053.json index d05a32f1304..fa2283a539e 100644 --- a/CVE-2023/CVE-2023-70xx/CVE-2023-7053.json +++ b/CVE-2023/CVE-2023-70xx/CVE-2023-7053.json @@ -2,8 +2,8 @@ "id": "CVE-2023-7053", "sourceIdentifier": "cna@vuldb.com", "published": "2023-12-22T02:15:43.213", - "lastModified": "2023-12-22T12:18:32.690", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-28T14:02:30.227", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -75,18 +95,46 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:phpgurukul:online_notes_sharing_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "2F13021B-DBB9-4471-BD20-7DAA03BB1981" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/dhabaleshwar/Open-Source-Vulnerabilities/blob/main/note_weakpass.md", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.248740", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?id.248740", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-70xx/CVE-2023-7054.json b/CVE-2023/CVE-2023-70xx/CVE-2023-7054.json index d0274ac38ab..a797adaf820 100644 --- a/CVE-2023/CVE-2023-70xx/CVE-2023-7054.json +++ b/CVE-2023/CVE-2023-70xx/CVE-2023-7054.json @@ -2,8 +2,8 @@ "id": "CVE-2023-7054", "sourceIdentifier": "cna@vuldb.com", "published": "2023-12-22T02:15:43.453", - "lastModified": "2023-12-22T12:18:32.690", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-28T14:09:37.753", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -65,8 +85,18 @@ }, "weaknesses": [ { - "source": "cna@vuldb.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + }, + { + "source": "cna@vuldb.com", + "type": "Secondary", "description": [ { "lang": "en", @@ -75,18 +105,46 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:phpgurukul:online_notes_sharing_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "2F13021B-DBB9-4471-BD20-7DAA03BB1981" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/dhabaleshwar/Open-Source-Vulnerabilities/blob/main/notes_malicious_fileupload.md", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.248741", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?id.248741", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-70xx/CVE-2023-7055.json b/CVE-2023/CVE-2023-70xx/CVE-2023-7055.json index 188438b13aa..eb94e308ab7 100644 --- a/CVE-2023/CVE-2023-70xx/CVE-2023-7055.json +++ b/CVE-2023/CVE-2023-70xx/CVE-2023-7055.json @@ -2,8 +2,8 @@ "id": "CVE-2023-7055", "sourceIdentifier": "cna@vuldb.com", "published": "2023-12-22T03:15:09.790", - "lastModified": "2023-12-22T12:18:32.690", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-28T14:11:05.570", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.5 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -64,6 +84,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-732" + } + ] + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -75,18 +105,46 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:phpgurukul:online_notes_sharing_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "2F13021B-DBB9-4471-BD20-7DAA03BB1981" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/dhabaleshwar/Open-Source-Vulnerabilities/blob/main/notes_parameter_tampering.md", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.248742", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?id.248742", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-70xx/CVE-2023-7056.json b/CVE-2023/CVE-2023-70xx/CVE-2023-7056.json index 82646b0b256..bbeacc4b28c 100644 --- a/CVE-2023/CVE-2023-70xx/CVE-2023-7056.json +++ b/CVE-2023/CVE-2023-70xx/CVE-2023-7056.json @@ -2,8 +2,8 @@ "id": "CVE-2023-7056", "sourceIdentifier": "cna@vuldb.com", "published": "2023-12-22T03:15:10.020", - "lastModified": "2023-12-22T12:18:32.690", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-28T14:14:49.117", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -75,18 +95,46 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:carmelogarcia:faculty_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "4EA917DA-4616-4066-91A4-AB48022B2D78" + } + ] + } + ] + } + ], "references": [ { "url": "https://drive.google.com/file/d/1XDGcSRytGV11YWuhIuW_4GvD7kEpgjZT/view?usp=sharing", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.248743", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?id.248743", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-70xx/CVE-2023-7057.json b/CVE-2023/CVE-2023-70xx/CVE-2023-7057.json index 67e15e5b32b..c9107a1e718 100644 --- a/CVE-2023/CVE-2023-70xx/CVE-2023-7057.json +++ b/CVE-2023/CVE-2023-70xx/CVE-2023-7057.json @@ -2,8 +2,8 @@ "id": "CVE-2023-7057", "sourceIdentifier": "cna@vuldb.com", "published": "2023-12-22T04:15:09.443", - "lastModified": "2023-12-22T12:18:32.690", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-28T14:14:38.083", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -75,18 +95,47 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:carmelogarcia:faculty_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "4EA917DA-4616-4066-91A4-AB48022B2D78" + } + ] + } + ] + } + ], "references": [ { "url": "https://drive.google.com/file/d/1s2kLMjnUvlrD_XocoDl3-ABrWYTo5Azd/view?usp=sharing", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.248744", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?id.248744", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-70xx/CVE-2023-7058.json b/CVE-2023/CVE-2023-70xx/CVE-2023-7058.json index ba81c4b4b89..d552bfec240 100644 --- a/CVE-2023/CVE-2023-70xx/CVE-2023-7058.json +++ b/CVE-2023/CVE-2023-70xx/CVE-2023-7058.json @@ -2,8 +2,8 @@ "id": "CVE-2023-7058", "sourceIdentifier": "cna@vuldb.com", "published": "2023-12-22T05:15:13.860", - "lastModified": "2023-12-22T12:18:32.690", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-28T14:15:04.563", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -75,18 +95,45 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:oretnom23:simple_student_attendance_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "0907D49A-D649-42A3-BE96-A1EB234C6859" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/laoquanshi/Simple-Student-Attendance-System", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.248749", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?id.248749", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-70xx/CVE-2023-7059.json b/CVE-2023/CVE-2023-70xx/CVE-2023-7059.json index 4f1b564932f..594a7280873 100644 --- a/CVE-2023/CVE-2023-70xx/CVE-2023-7059.json +++ b/CVE-2023/CVE-2023-70xx/CVE-2023-7059.json @@ -2,8 +2,8 @@ "id": "CVE-2023-7059", "sourceIdentifier": "cna@vuldb.com", "published": "2023-12-22T05:15:14.323", - "lastModified": "2023-12-22T12:18:32.690", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-12-28T14:15:58.007", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -75,18 +95,46 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:remyandrade:school_visitor_log_e-book:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "71208704-0CD7-4C0B-B373-FA62E9AB9AB3" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/will121351/wenqin.webray.com.cn/blob/main/CVE-project/school-visitors-log-e-book.md", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.248750", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?id.248750", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-71xx/CVE-2023-7126.json b/CVE-2023/CVE-2023-71xx/CVE-2023-7126.json new file mode 100644 index 00000000000..7199d2327aa --- /dev/null +++ b/CVE-2023/CVE-2023-71xx/CVE-2023-7126.json @@ -0,0 +1,88 @@ +{ + "id": "CVE-2023-7126", + "sourceIdentifier": "cna@vuldb.com", + "published": "2023-12-28T14:15:44.660", + "lastModified": "2023-12-28T14:15:44.660", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability classified as critical has been found in code-projects Automated Voting System 1.0. This affects an unknown part of the file /admin/ of the component Admin Login. The manipulation of the argument username leads to sql injection. The exploit has been disclosed to the public and may be used. The identifier VDB-249129 was assigned to this vulnerability." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P", + "accessVector": "ADJACENT_NETWORK", + "accessComplexity": "LOW", + "authentication": "NONE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL", + "baseScore": 5.8 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 6.5, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/h4md153v63n/CVEs/blob/main/Automated_Voting_System/Automated_Voting_System-SQL_Injection-1.md", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.249129", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.249129", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 1b4984bec6b..b2605c5976a 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-12-28T13:00:24.256310+00:00 +2023-12-28T15:00:24.769192+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-12-28T12:15:43.953000+00:00 +2023-12-28T14:58:34.140000+00:00 ``` ### Last Data Feed Release @@ -29,37 +29,45 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -234340 +234341 ``` ### CVEs added in the last Commit -Recently added CVEs: `18` +Recently added CVEs: `1` -* [CVE-2023-27447](CVE-2023/CVE-2023-274xx/CVE-2023-27447.json) (`2023-12-28T11:15:07.973`) -* [CVE-2023-32513](CVE-2023/CVE-2023-325xx/CVE-2023-32513.json) (`2023-12-28T11:15:08.590`) -* [CVE-2023-32795](CVE-2023/CVE-2023-327xx/CVE-2023-32795.json) (`2023-12-28T11:15:08.833`) -* [CVE-2023-36381](CVE-2023/CVE-2023-363xx/CVE-2023-36381.json) (`2023-12-28T11:15:09.067`) -* [CVE-2023-50836](CVE-2023/CVE-2023-508xx/CVE-2023-50836.json) (`2023-12-28T11:15:09.333`) -* [CVE-2023-50856](CVE-2023/CVE-2023-508xx/CVE-2023-50856.json) (`2023-12-28T11:15:09.560`) -* [CVE-2023-50857](CVE-2023/CVE-2023-508xx/CVE-2023-50857.json) (`2023-12-28T11:15:09.900`) -* [CVE-2023-50858](CVE-2023/CVE-2023-508xx/CVE-2023-50858.json) (`2023-12-28T11:15:10.120`) -* [CVE-2023-50859](CVE-2023/CVE-2023-508xx/CVE-2023-50859.json) (`2023-12-28T11:15:10.357`) -* [CVE-2023-50860](CVE-2023/CVE-2023-508xx/CVE-2023-50860.json) (`2023-12-28T11:15:10.573`) -* [CVE-2023-50873](CVE-2023/CVE-2023-508xx/CVE-2023-50873.json) (`2023-12-28T11:15:10.797`) -* [CVE-2023-50848](CVE-2023/CVE-2023-508xx/CVE-2023-50848.json) (`2023-12-28T12:15:42.750`) -* [CVE-2023-50849](CVE-2023/CVE-2023-508xx/CVE-2023-50849.json) (`2023-12-28T12:15:42.997`) -* [CVE-2023-50851](CVE-2023/CVE-2023-508xx/CVE-2023-50851.json) (`2023-12-28T12:15:43.193`) -* [CVE-2023-50852](CVE-2023/CVE-2023-508xx/CVE-2023-50852.json) (`2023-12-28T12:15:43.390`) -* [CVE-2023-50853](CVE-2023/CVE-2023-508xx/CVE-2023-50853.json) (`2023-12-28T12:15:43.577`) -* [CVE-2023-50854](CVE-2023/CVE-2023-508xx/CVE-2023-50854.json) (`2023-12-28T12:15:43.767`) -* [CVE-2023-50855](CVE-2023/CVE-2023-508xx/CVE-2023-50855.json) (`2023-12-28T12:15:43.953`) +* [CVE-2023-7126](CVE-2023/CVE-2023-71xx/CVE-2023-7126.json) (`2023-12-28T14:15:44.660`) ### CVEs modified in the last Commit -Recently modified CVEs: `0` +Recently modified CVEs: `32` +* [CVE-2023-50783](CVE-2023/CVE-2023-507xx/CVE-2023-50783.json) (`2023-12-28T13:45:11.130`) +* [CVE-2023-49920](CVE-2023/CVE-2023-499xx/CVE-2023-49920.json) (`2023-12-28T13:49:22.483`) +* [CVE-2023-48291](CVE-2023/CVE-2023-482xx/CVE-2023-48291.json) (`2023-12-28T13:52:59.233`) +* [CVE-2023-47265](CVE-2023/CVE-2023-472xx/CVE-2023-47265.json) (`2023-12-28T14:00:15.887`) +* [CVE-2023-7051](CVE-2023/CVE-2023-70xx/CVE-2023-7051.json) (`2023-12-28T14:01:04.813`) +* [CVE-2023-7052](CVE-2023/CVE-2023-70xx/CVE-2023-7052.json) (`2023-12-28T14:01:27.227`) +* [CVE-2023-7053](CVE-2023/CVE-2023-70xx/CVE-2023-7053.json) (`2023-12-28T14:02:30.227`) +* [CVE-2023-7054](CVE-2023/CVE-2023-70xx/CVE-2023-7054.json) (`2023-12-28T14:09:37.753`) +* [CVE-2023-7055](CVE-2023/CVE-2023-70xx/CVE-2023-7055.json) (`2023-12-28T14:11:05.570`) +* [CVE-2023-7057](CVE-2023/CVE-2023-70xx/CVE-2023-7057.json) (`2023-12-28T14:14:38.083`) +* [CVE-2023-7056](CVE-2023/CVE-2023-70xx/CVE-2023-7056.json) (`2023-12-28T14:14:49.117`) +* [CVE-2023-7058](CVE-2023/CVE-2023-70xx/CVE-2023-7058.json) (`2023-12-28T14:15:04.563`) +* [CVE-2023-7059](CVE-2023/CVE-2023-70xx/CVE-2023-7059.json) (`2023-12-28T14:15:58.007`) +* [CVE-2023-3772](CVE-2023/CVE-2023-37xx/CVE-2023-3772.json) (`2023-12-28T14:35:56.913`) +* [CVE-2023-36942](CVE-2023/CVE-2023-369xx/CVE-2023-36942.json) (`2023-12-28T14:36:28.463`) +* [CVE-2023-4132](CVE-2023/CVE-2023-41xx/CVE-2023-4132.json) (`2023-12-28T14:36:33.327`) +* [CVE-2023-39551](CVE-2023/CVE-2023-395xx/CVE-2023-39551.json) (`2023-12-28T14:38:04.070`) +* [CVE-2023-34968](CVE-2023/CVE-2023-349xx/CVE-2023-34968.json) (`2023-12-28T14:38:56.397`) +* [CVE-2023-33951](CVE-2023/CVE-2023-339xx/CVE-2023-33951.json) (`2023-12-28T14:39:09.287`) +* [CVE-2023-33952](CVE-2023/CVE-2023-339xx/CVE-2023-33952.json) (`2023-12-28T14:39:16.187`) +* [CVE-2023-0562](CVE-2023/CVE-2023-05xx/CVE-2023-0562.json) (`2023-12-28T14:42:15.407`) +* [CVE-2023-0563](CVE-2023/CVE-2023-05xx/CVE-2023-0563.json) (`2023-12-28T14:43:54.757`) +* [CVE-2023-27074](CVE-2023/CVE-2023-270xx/CVE-2023-27074.json) (`2023-12-28T14:48:38.350`) +* [CVE-2023-4522](CVE-2023/CVE-2023-45xx/CVE-2023-4522.json) (`2023-12-28T14:50:15.647`) +* [CVE-2023-33222](CVE-2023/CVE-2023-332xx/CVE-2023-33222.json) (`2023-12-28T14:58:34.140`) ## Download and Usage