From 5006fe390bb7aaef2bf0500959cc1a10ba1f06e6 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Sat, 4 Nov 2023 05:00:23 +0000 Subject: [PATCH] Auto-Update: 2023-11-04T05:00:19.449376+00:00 --- CVE-2022/CVE-2022-45xx/CVE-2022-4573.json | 74 +++++++++++++- CVE-2023/CVE-2023-213xx/CVE-2023-21350.json | 67 ++++++++++++- CVE-2023/CVE-2023-213xx/CVE-2023-21351.json | 67 ++++++++++++- CVE-2023/CVE-2023-213xx/CVE-2023-21352.json | 67 ++++++++++++- CVE-2023/CVE-2023-213xx/CVE-2023-21353.json | 67 ++++++++++++- CVE-2023/CVE-2023-213xx/CVE-2023-21354.json | 67 ++++++++++++- CVE-2023/CVE-2023-213xx/CVE-2023-21355.json | 67 ++++++++++++- CVE-2023/CVE-2023-213xx/CVE-2023-21356.json | 67 ++++++++++++- CVE-2023/CVE-2023-213xx/CVE-2023-21357.json | 67 ++++++++++++- CVE-2023/CVE-2023-213xx/CVE-2023-21358.json | 67 ++++++++++++- CVE-2023/CVE-2023-213xx/CVE-2023-21359.json | 67 ++++++++++++- CVE-2023/CVE-2023-213xx/CVE-2023-21360.json | 67 ++++++++++++- CVE-2023/CVE-2023-213xx/CVE-2023-21361.json | 67 ++++++++++++- CVE-2023/CVE-2023-213xx/CVE-2023-21373.json | 67 ++++++++++++- CVE-2023/CVE-2023-213xx/CVE-2023-21374.json | 67 ++++++++++++- CVE-2023/CVE-2023-424xx/CVE-2023-42456.json | 6 +- CVE-2023/CVE-2023-433xx/CVE-2023-43322.json | 104 +++++++++++++++++++- CVE-2023/CVE-2023-457xx/CVE-2023-45797.json | 64 +++++++++++- CVE-2023/CVE-2023-468xx/CVE-2023-46866.json | 76 +++++++++++++- CVE-2023/CVE-2023-468xx/CVE-2023-46867.json | 76 +++++++++++++- CVE-2023/CVE-2023-57xx/CVE-2023-5717.json | 94 +++++++++++++++++- CVE-2023/CVE-2023-58xx/CVE-2023-5810.json | 77 +++++++++++++-- README.md | 53 +++++----- 23 files changed, 1445 insertions(+), 117 deletions(-) diff --git a/CVE-2022/CVE-2022-45xx/CVE-2022-4573.json b/CVE-2022/CVE-2022-45xx/CVE-2022-4573.json index 3f1a388ee97..12566759a45 100644 --- a/CVE-2022/CVE-2022-45xx/CVE-2022-4573.json +++ b/CVE-2022/CVE-2022-45xx/CVE-2022-4573.json @@ -2,16 +2,40 @@ "id": "CVE-2022-4573", "sourceIdentifier": "psirt@lenovo.com", "published": "2023-10-30T15:15:39.653", - "lastModified": "2023-10-30T15:28:31.260", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-04T03:24:24.197", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "\nAn SMI handler input validation vulnerability in the ThinkPad X1 Fold Gen 1 could allow an attacker with local access and elevated privileges to execute arbitrary code.\n\n" + }, + { + "lang": "es", + "value": "Una vulnerabilidad de validaci\u00f3n de entrada del controlador SMI en ThinkPad X1 Fold Gen 1 podr\u00eda permitir que un atacante con acceso local y privilegios elevados ejecute c\u00f3digo arbitrario." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 6.7, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.8, + "impactScore": 5.9 + }, { "source": "psirt@lenovo.com", "type": "Secondary", @@ -36,8 +60,18 @@ }, "weaknesses": [ { - "source": "psirt@lenovo.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + }, + { + "source": "psirt@lenovo.com", + "type": "Secondary", "description": [ { "lang": "en", @@ -46,10 +80,42 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:lenovo:thinkpad_x1_fold_gen_1_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A78A313D-B3D2-42C5-B709-611FAB9EAE7C" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:lenovo:thinkpad_x1_fold_gen_1:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B6ACABAE-B074-4EE6-B969-ECD16CBB4224" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.lenovo.com/us/en/product_security/LEN-106014", - "source": "psirt@lenovo.com" + "source": "psirt@lenovo.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-213xx/CVE-2023-21350.json b/CVE-2023/CVE-2023-213xx/CVE-2023-21350.json index fb72b22f094..7f9ce280005 100644 --- a/CVE-2023/CVE-2023-213xx/CVE-2023-21350.json +++ b/CVE-2023/CVE-2023-213xx/CVE-2023-21350.json @@ -2,19 +2,78 @@ "id": "CVE-2023-21350", "sourceIdentifier": "security@android.com", "published": "2023-10-30T17:15:51.250", - "lastModified": "2023-10-30T17:20:42.887", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-04T03:22:37.570", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "In Media Projection, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation." + }, + { + "lang": "es", + "value": "En Media Projection, existe una forma posible de determinar si una aplicaci\u00f3n est\u00e1 instalada, sin permisos de consulta, debido a la divulgaci\u00f3n de informaci\u00f3n del canal lateral. Esto podr\u00eda dar lugar a la divulgaci\u00f3n de informaci\u00f3n local sin necesidad de privilegios de ejecuci\u00f3n adicionales. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-203" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:*", + "matchCriteriaId": "2700BCC5-634D-4EC6-AB67-5B678D5F951D" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://source.android.com/docs/security/bulletin/android-14", - "source": "security@android.com" + "source": "security@android.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-213xx/CVE-2023-21351.json b/CVE-2023/CVE-2023-213xx/CVE-2023-21351.json index 3bc41796ef5..d18c35306ad 100644 --- a/CVE-2023/CVE-2023-213xx/CVE-2023-21351.json +++ b/CVE-2023/CVE-2023-213xx/CVE-2023-21351.json @@ -2,19 +2,78 @@ "id": "CVE-2023-21351", "sourceIdentifier": "security@android.com", "published": "2023-10-30T17:15:51.303", - "lastModified": "2023-10-30T17:20:42.887", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-04T03:22:15.930", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "In Activity Manager, there is a possible background activity launch due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation." + }, + { + "lang": "es", + "value": "En Activity Manager, existe un posible inicio de actividad en segundo plano debido a un error l\u00f3gico en el c\u00f3digo. Esto podr\u00eda conducir a una escalada local de privilegios sin necesidad de permisos de ejecuci\u00f3n adicionales. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:*", + "matchCriteriaId": "2700BCC5-634D-4EC6-AB67-5B678D5F951D" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://source.android.com/docs/security/bulletin/android-14", - "source": "security@android.com" + "source": "security@android.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-213xx/CVE-2023-21352.json b/CVE-2023/CVE-2023-213xx/CVE-2023-21352.json index 7f8a1f80435..531d28a4ee1 100644 --- a/CVE-2023/CVE-2023-213xx/CVE-2023-21352.json +++ b/CVE-2023/CVE-2023-213xx/CVE-2023-21352.json @@ -2,19 +2,78 @@ "id": "CVE-2023-21352", "sourceIdentifier": "security@android.com", "published": "2023-10-30T17:15:51.353", - "lastModified": "2023-10-30T17:20:42.887", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-04T03:22:08.317", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "In NFA, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation." + }, + { + "lang": "es", + "value": "En NFA, existe una posible lectura fuera de los l\u00edmites debido a una verificaci\u00f3n de los l\u00edmites faltantes. Esto podr\u00eda dar lugar a la divulgaci\u00f3n de informaci\u00f3n local sin necesidad de privilegios de ejecuci\u00f3n adicionales. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:*", + "matchCriteriaId": "2700BCC5-634D-4EC6-AB67-5B678D5F951D" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://source.android.com/docs/security/bulletin/android-14", - "source": "security@android.com" + "source": "security@android.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-213xx/CVE-2023-21353.json b/CVE-2023/CVE-2023-213xx/CVE-2023-21353.json index f52b4e4a0da..45f0d846587 100644 --- a/CVE-2023/CVE-2023-213xx/CVE-2023-21353.json +++ b/CVE-2023/CVE-2023-213xx/CVE-2023-21353.json @@ -2,19 +2,78 @@ "id": "CVE-2023-21353", "sourceIdentifier": "security@android.com", "published": "2023-10-30T17:15:51.410", - "lastModified": "2023-10-30T17:20:42.887", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-04T03:22:00.393", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "In NFA, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation." + }, + { + "lang": "es", + "value": "En NFA, existe una posible lectura fuera de los l\u00edmites debido a una verificaci\u00f3n de los l\u00edmites faltantes. Esto podr\u00eda conducir a la divulgaci\u00f3n remota de informaci\u00f3n sin necesidad de privilegios de ejecuci\u00f3n adicionales. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:*", + "matchCriteriaId": "2700BCC5-634D-4EC6-AB67-5B678D5F951D" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://source.android.com/docs/security/bulletin/android-14", - "source": "security@android.com" + "source": "security@android.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-213xx/CVE-2023-21354.json b/CVE-2023/CVE-2023-213xx/CVE-2023-21354.json index a5108de7f30..4d4a90b9e77 100644 --- a/CVE-2023/CVE-2023-213xx/CVE-2023-21354.json +++ b/CVE-2023/CVE-2023-213xx/CVE-2023-21354.json @@ -2,19 +2,78 @@ "id": "CVE-2023-21354", "sourceIdentifier": "security@android.com", "published": "2023-10-30T17:15:51.460", - "lastModified": "2023-10-30T17:20:42.887", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-04T03:21:47.663", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "In Package Manager Service, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation." + }, + { + "lang": "es", + "value": "En Package Manager Service, existe una forma posible de determinar si una aplicaci\u00f3n est\u00e1 instalada, sin permisos de consulta, debido a la divulgaci\u00f3n de informaci\u00f3n del canal lateral. Esto podr\u00eda dar lugar a la divulgaci\u00f3n de informaci\u00f3n local sin necesidad de privilegios de ejecuci\u00f3n adicionales. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-203" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:*", + "matchCriteriaId": "2700BCC5-634D-4EC6-AB67-5B678D5F951D" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://source.android.com/docs/security/bulletin/android-14", - "source": "security@android.com" + "source": "security@android.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-213xx/CVE-2023-21355.json b/CVE-2023/CVE-2023-213xx/CVE-2023-21355.json index 5ac2bf1edbf..2e1e1083631 100644 --- a/CVE-2023/CVE-2023-213xx/CVE-2023-21355.json +++ b/CVE-2023/CVE-2023-213xx/CVE-2023-21355.json @@ -2,19 +2,78 @@ "id": "CVE-2023-21355", "sourceIdentifier": "security@android.com", "published": "2023-10-30T17:15:51.510", - "lastModified": "2023-10-30T17:20:42.887", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-04T03:21:12.813", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "In libaudioclient, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation." + }, + { + "lang": "es", + "value": "En libaudioclient, existe una posible escritura fuera de los l\u00edmites debido a un use after free. Esto podr\u00eda conducir a una escalada local de privilegios sin necesidad de permisos de ejecuci\u00f3n adicionales. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:*", + "matchCriteriaId": "2700BCC5-634D-4EC6-AB67-5B678D5F951D" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://source.android.com/docs/security/bulletin/android-14", - "source": "security@android.com" + "source": "security@android.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-213xx/CVE-2023-21356.json b/CVE-2023/CVE-2023-213xx/CVE-2023-21356.json index aec322b950d..2cb08e3eed5 100644 --- a/CVE-2023/CVE-2023-213xx/CVE-2023-21356.json +++ b/CVE-2023/CVE-2023-213xx/CVE-2023-21356.json @@ -2,19 +2,78 @@ "id": "CVE-2023-21356", "sourceIdentifier": "security@android.com", "published": "2023-10-30T17:15:51.557", - "lastModified": "2023-10-30T17:20:42.887", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-04T03:21:06.440", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation." + }, + { + "lang": "es", + "value": "En Bluetooth, existe una posible escritura fuera de los l\u00edmites debido a una comprobaci\u00f3n de los l\u00edmites faltantes. Esto podr\u00eda conducir a la ejecuci\u00f3n remota de c\u00f3digo (pr\u00f3ximo/adyacente) sin necesidad de privilegios de ejecuci\u00f3n adicionales. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:*", + "matchCriteriaId": "2700BCC5-634D-4EC6-AB67-5B678D5F951D" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://source.android.com/docs/security/bulletin/android-14", - "source": "security@android.com" + "source": "security@android.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-213xx/CVE-2023-21357.json b/CVE-2023/CVE-2023-213xx/CVE-2023-21357.json index 50b53772c6f..56b3c643947 100644 --- a/CVE-2023/CVE-2023-213xx/CVE-2023-21357.json +++ b/CVE-2023/CVE-2023-213xx/CVE-2023-21357.json @@ -2,19 +2,78 @@ "id": "CVE-2023-21357", "sourceIdentifier": "security@android.com", "published": "2023-10-30T17:15:51.607", - "lastModified": "2023-10-30T17:20:42.887", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-04T03:20:55.207", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "In NFC, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation." + }, + { + "lang": "es", + "value": "En NFC, existe una posible lectura fuera de los l\u00edmites debido a una verificaci\u00f3n de los l\u00edmites faltantes. Esto podr\u00eda conducir a la divulgaci\u00f3n de informaci\u00f3n local con privilegios de ejecuci\u00f3n del System necesarios. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 4.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:*", + "matchCriteriaId": "2700BCC5-634D-4EC6-AB67-5B678D5F951D" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://source.android.com/docs/security/bulletin/android-14", - "source": "security@android.com" + "source": "security@android.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-213xx/CVE-2023-21358.json b/CVE-2023/CVE-2023-213xx/CVE-2023-21358.json index 444073039f7..f0c399e9133 100644 --- a/CVE-2023/CVE-2023-213xx/CVE-2023-21358.json +++ b/CVE-2023/CVE-2023-213xx/CVE-2023-21358.json @@ -2,19 +2,78 @@ "id": "CVE-2023-21358", "sourceIdentifier": "security@android.com", "published": "2023-10-30T17:15:51.653", - "lastModified": "2023-10-30T17:20:42.887", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-04T03:20:47.623", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "In UWB Google, there is a possible way for a malicious app to masquerade as system app com.android.uwb.resources due to improperly used crypto. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation." + }, + { + "lang": "es", + "value": "En UWB Google, existe una forma posible de que una aplicaci\u00f3n maliciosa se haga pasar por la aplicaci\u00f3n del sistema com.android.uwb.resources debido a un uso incorrecto de las criptomonedas. Esto podr\u00eda conducir a una escalada local de privilegios sin necesidad de permisos de ejecuci\u00f3n adicionales. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:*", + "matchCriteriaId": "2700BCC5-634D-4EC6-AB67-5B678D5F951D" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://source.android.com/docs/security/bulletin/android-14", - "source": "security@android.com" + "source": "security@android.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-213xx/CVE-2023-21359.json b/CVE-2023/CVE-2023-213xx/CVE-2023-21359.json index 9680af28442..4b66d4da0f0 100644 --- a/CVE-2023/CVE-2023-213xx/CVE-2023-21359.json +++ b/CVE-2023/CVE-2023-213xx/CVE-2023-21359.json @@ -2,19 +2,78 @@ "id": "CVE-2023-21359", "sourceIdentifier": "security@android.com", "published": "2023-10-30T17:15:51.697", - "lastModified": "2023-10-30T17:20:42.887", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-04T03:20:39.810", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the Bluetooth server with System execution privileges needed. User interaction is not needed for exploitation." + }, + { + "lang": "es", + "value": "En Bluetooth, existe una posible lectura fuera de los l\u00edmites debido a una verificaci\u00f3n de los l\u00edmites faltantes. Esto podr\u00eda provocar la divulgaci\u00f3n de informaci\u00f3n local en el servidor Bluetooth con los privilegios de ejecuci\u00f3n del System necesarios. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 4.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:*", + "matchCriteriaId": "2700BCC5-634D-4EC6-AB67-5B678D5F951D" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://source.android.com/docs/security/bulletin/android-14", - "source": "security@android.com" + "source": "security@android.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-213xx/CVE-2023-21360.json b/CVE-2023/CVE-2023-213xx/CVE-2023-21360.json index 25b80b5881e..b17ea2bc332 100644 --- a/CVE-2023/CVE-2023-213xx/CVE-2023-21360.json +++ b/CVE-2023/CVE-2023-213xx/CVE-2023-21360.json @@ -2,19 +2,78 @@ "id": "CVE-2023-21360", "sourceIdentifier": "security@android.com", "published": "2023-10-30T17:15:51.753", - "lastModified": "2023-10-30T17:20:42.887", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-04T03:20:32.843", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "In Bluetooth, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation." + }, + { + "lang": "es", + "value": "En Bluetooth, existe una posible escritura fuera de los l\u00edmites debido a una validaci\u00f3n de entrada incorrecta. Esto podr\u00eda conducir a una escalada local de privilegios con permisos de ejecuci\u00f3n del System necesarios. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 6.7, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:*", + "matchCriteriaId": "2700BCC5-634D-4EC6-AB67-5B678D5F951D" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://source.android.com/docs/security/bulletin/android-14", - "source": "security@android.com" + "source": "security@android.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-213xx/CVE-2023-21361.json b/CVE-2023/CVE-2023-213xx/CVE-2023-21361.json index 868be36733a..6933e9aea16 100644 --- a/CVE-2023/CVE-2023-213xx/CVE-2023-21361.json +++ b/CVE-2023/CVE-2023-213xx/CVE-2023-21361.json @@ -2,19 +2,78 @@ "id": "CVE-2023-21361", "sourceIdentifier": "security@android.com", "published": "2023-10-30T17:15:51.800", - "lastModified": "2023-10-30T17:20:42.887", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-04T03:20:22.903", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "In Bluetooth, there is a possibility of code-execution due to a use after free. This could lead to paired device escalation of privilege in the privileged Bluetooth process with no additional execution privileges needed. User interaction is not needed for exploitation." + }, + { + "lang": "es", + "value": "En Bluetooth existe la posibilidad de ejecuci\u00f3n de c\u00f3digo debido a un use after free. Esto podr\u00eda llevar a una escalada de privilegios del dispositivo emparejado en el proceso de Bluetooth privilegiado sin necesidad de permisos de ejecuci\u00f3n adicionales. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:*", + "matchCriteriaId": "2700BCC5-634D-4EC6-AB67-5B678D5F951D" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://source.android.com/docs/security/bulletin/android-14", - "source": "security@android.com" + "source": "security@android.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-213xx/CVE-2023-21373.json b/CVE-2023/CVE-2023-213xx/CVE-2023-21373.json index ff40bb4a29e..01640d3ce2b 100644 --- a/CVE-2023/CVE-2023-213xx/CVE-2023-21373.json +++ b/CVE-2023/CVE-2023-213xx/CVE-2023-21373.json @@ -2,19 +2,78 @@ "id": "CVE-2023-21373", "sourceIdentifier": "security@android.com", "published": "2023-10-30T18:15:08.973", - "lastModified": "2023-10-30T18:21:38.740", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-04T03:22:52.047", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "In Telephony, there is a possible way for a guest user to change the preferred SIM due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation." + }, + { + "lang": "es", + "value": "En Telephony, existe una forma posible para que un usuario invitado cambie la SIM preferida debido a que falta una verificaci\u00f3n de permiso. Esto podr\u00eda conducir a una escalada local de privilegios sin necesidad de permisos de ejecuci\u00f3n adicionales. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:*", + "matchCriteriaId": "2700BCC5-634D-4EC6-AB67-5B678D5F951D" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://source.android.com/docs/security/bulletin/android-14", - "source": "security@android.com" + "source": "security@android.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-213xx/CVE-2023-21374.json b/CVE-2023/CVE-2023-213xx/CVE-2023-21374.json index 5696c2c923d..b117554864e 100644 --- a/CVE-2023/CVE-2023-213xx/CVE-2023-21374.json +++ b/CVE-2023/CVE-2023-213xx/CVE-2023-21374.json @@ -2,19 +2,78 @@ "id": "CVE-2023-21374", "sourceIdentifier": "security@android.com", "published": "2023-10-30T18:15:09.017", - "lastModified": "2023-10-30T18:21:38.740", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-04T03:22:45.327", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "In System UI, there is a possible factory reset protection bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation." + }, + { + "lang": "es", + "value": "En System UI, existe una posible omisi\u00f3n de protecci\u00f3n de restablecimiento de f\u00e1brica debido a un error l\u00f3gico en el c\u00f3digo. Esto podr\u00eda conducir a una escalada local de privilegios sin necesidad de permisos de ejecuci\u00f3n adicionales. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:*", + "matchCriteriaId": "2700BCC5-634D-4EC6-AB67-5B678D5F951D" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://source.android.com/docs/security/bulletin/android-14", - "source": "security@android.com" + "source": "security@android.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-424xx/CVE-2023-42456.json b/CVE-2023/CVE-2023-424xx/CVE-2023-42456.json index 2958567e572..cc844caa3dd 100644 --- a/CVE-2023/CVE-2023-424xx/CVE-2023-42456.json +++ b/CVE-2023/CVE-2023-424xx/CVE-2023-42456.json @@ -2,7 +2,7 @@ "id": "CVE-2023-42456", "sourceIdentifier": "security-advisories@github.com", "published": "2023-09-21T16:15:09.980", - "lastModified": "2023-11-02T21:15:09.803", + "lastModified": "2023-11-04T03:15:07.827", "vulnStatus": "Modified", "descriptions": [ { @@ -107,6 +107,10 @@ "url": "http://www.openwall.com/lists/oss-security/2023/11/02/1", "source": "security-advisories@github.com" }, + { + "url": "https://ferrous-systems.com/blog/sudo-rs-audit/", + "source": "security-advisories@github.com" + }, { "url": "https://github.com/memorysafety/sudo-rs/commit/bfdbda22968e3de43fa8246cab1681cfd5d5493d", "source": "security-advisories@github.com", diff --git a/CVE-2023/CVE-2023-433xx/CVE-2023-43322.json b/CVE-2023/CVE-2023-433xx/CVE-2023-43322.json index 0907922054c..1d5cfac90ce 100644 --- a/CVE-2023/CVE-2023-433xx/CVE-2023-43322.json +++ b/CVE-2023/CVE-2023-433xx/CVE-2023-43322.json @@ -2,19 +2,115 @@ "id": "CVE-2023-43322", "sourceIdentifier": "cve@mitre.org", "published": "2023-10-28T01:15:51.657", - "lastModified": "2023-10-29T01:44:12.570", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-04T03:24:38.690", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "ZPE Systems, Inc Nodegrid OS v5.0.0 to v5.0.17, v5.2.0 to v5.2.19, v5.4.0 to v5.4.16, v5.6.0 to v5.6.13, v5.8.0 to v5.8.10, and v5.10.0 to v5.10.3 was discovered to contain a command injection vulnerability via the endpoint /v1/system/toolkit/files/." + }, + { + "lang": "es", + "value": "ZPE Systems, Inc Nodegrid OS v5.0.0 a v5.0.17, v5.2.0 a v5.2.19, v5.4.0 a v5.4.16, v5.6.0 a v5.6.13, v5.8.0 a v5.8.10 y v5.10.0 a v5.10.3 conten\u00eda una vulnerabilidad de inyecci\u00f3n de comandos a trav\u00e9s del endpoint /v1/system/toolkit/files/." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-77" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zpesystems:nodegrid_os:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.0.0", + "versionEndExcluding": "5.0.18", + "matchCriteriaId": "2DEBAF10-CDD9-4D8C-8FCF-02D94F8DADD2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zpesystems:nodegrid_os:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.2.0", + "versionEndExcluding": "5.2.20", + "matchCriteriaId": "CC4C1C62-4AB4-4480-9CDE-DDBB214E64F1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zpesystems:nodegrid_os:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.4.0", + "versionEndExcluding": "5.4.17", + "matchCriteriaId": "A9F1A206-128C-4DA5-B52B-0BC4FCB3E703" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zpesystems:nodegrid_os:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.6.0", + "versionEndExcluding": "5.6.14", + "matchCriteriaId": "32E319BE-0252-4AD5-8704-9953F10FF0B4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zpesystems:nodegrid_os:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.8.0", + "versionEndExcluding": "5.8.11", + "matchCriteriaId": "612A53BC-0736-49AA-8C24-7E903133584D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zpesystems:nodegrid_os:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.10.0", + "versionEndExcluding": "5.10.4", + "matchCriteriaId": "A17C5873-0ABD-4433-8CF5-6B786E5427AF" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://psirt.zpesystems.com/portal/en/kb/articles/security-advisory-zpe-ng-2023-001-12-10-2023", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-457xx/CVE-2023-45797.json b/CVE-2023/CVE-2023-457xx/CVE-2023-45797.json index 59f3779e0ea..7606368a85f 100644 --- a/CVE-2023/CVE-2023-457xx/CVE-2023-45797.json +++ b/CVE-2023/CVE-2023-457xx/CVE-2023-45797.json @@ -2,16 +2,40 @@ "id": "CVE-2023-45797", "sourceIdentifier": "vuln@krcert.or.kr", "published": "2023-10-30T07:15:12.677", - "lastModified": "2023-10-30T11:54:30.703", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-04T03:23:18.037", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", - "value": "\bA Buffer overflow vulnerability in DreamSecurity MagicLine4NX versions 1.0.0.1 to 1.0.0.26 allows an attacker to remotely execute code." + "value": "A Buffer overflow vulnerability in DreamSecurity MagicLine4NX versions 1.0.0.1 to 1.0.0.26 allows an attacker to remotely execute code." + }, + { + "lang": "es", + "value": "Una vulnerabilidad de desbordamiento de b\u00fafer en DreamSecurity MagicLine4NX versiones 1.0.0.1 a 1.0.0.26 permite a un atacante ejecutar c\u00f3digo de forma remota." } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "vuln@krcert.or.kr", "type": "Secondary", @@ -35,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-120" + } + ] + }, { "source": "vuln@krcert.or.kr", "type": "Secondary", @@ -46,10 +80,32 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:dreamsecurity:magicline_4.0:*:*:*:*:*:*:*:*", + "versionStartIncluding": "1.0.0.1", + "versionEndIncluding": "1.0.0.26", + "matchCriteriaId": "6C2A0BC8-7E2A-42C9-93E6-EAE37103B0E5" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.boho.or.kr/kr/bbs/view.do?bbsId=B0000133&nttId=71023&menuNo=205020", - "source": "vuln@krcert.or.kr" + "source": "vuln@krcert.or.kr", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-468xx/CVE-2023-46866.json b/CVE-2023/CVE-2023-468xx/CVE-2023-46866.json index ac123c2ed3e..b1d416bc672 100644 --- a/CVE-2023/CVE-2023-468xx/CVE-2023-46866.json +++ b/CVE-2023/CVE-2023-468xx/CVE-2023-46866.json @@ -2,23 +2,89 @@ "id": "CVE-2023-46866", "sourceIdentifier": "cve@mitre.org", "published": "2023-10-30T03:15:07.783", - "lastModified": "2023-10-30T11:54:30.703", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-04T03:23:43.990", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "In International Color Consortium DemoIccMAX 79ecb74, CIccCLUT::Interp3d in IccProfLib/IccTagLut.cpp in libSampleICC.a attempts to access array elements at out-of-bounds indexes." + }, + { + "lang": "es", + "value": "En International Color Consortium DemoIccMAX 79ecb74, CIccCLUT::Interp3d en IccProfLib/IccTagLut.cpp en libSampleICC.a intenta acceder a elementos de matriz en \u00edndices fuera de los l\u00edmites." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:color:demoiccmax:2022-06-21:*:*:*:*:*:*:*", + "matchCriteriaId": "10975878-B3F5-48A0-80B1-2AC1EBD0298D" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://github.com/InternationalColorConsortium/DemoIccMAX/issues/54", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking", + "Third Party Advisory" + ] }, { "url": "https://github.com/InternationalColorConsortium/DemoIccMAX/pull/53", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-468xx/CVE-2023-46867.json b/CVE-2023/CVE-2023-468xx/CVE-2023-46867.json index e560f451e21..5746b768d5f 100644 --- a/CVE-2023/CVE-2023-468xx/CVE-2023-46867.json +++ b/CVE-2023/CVE-2023-468xx/CVE-2023-46867.json @@ -2,23 +2,89 @@ "id": "CVE-2023-46867", "sourceIdentifier": "cve@mitre.org", "published": "2023-10-30T03:15:07.830", - "lastModified": "2023-10-30T11:54:30.703", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-04T03:23:36.290", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "In International Color Consortium DemoIccMAX 79ecb74, CIccXformMatrixTRC::GetCurve in IccCmm.cpp in libSampleICC.a has a NULL pointer dereference." + }, + { + "lang": "es", + "value": "En International Color Consortium DemoIccMAX 79ecb74, CIccXformMatrixTRC::GetCurve en IccCmm.cpp en libSampleICC.a tiene una desreferencia de puntero NULL." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:color:demoiccmax:2022-06-21:*:*:*:*:*:*:*", + "matchCriteriaId": "10975878-B3F5-48A0-80B1-2AC1EBD0298D" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://github.com/InternationalColorConsortium/DemoIccMAX/issues/54", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking", + "Third Party Advisory" + ] }, { "url": "https://github.com/InternationalColorConsortium/DemoIccMAX/pull/53", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-57xx/CVE-2023-5717.json b/CVE-2023/CVE-2023-57xx/CVE-2023-5717.json index 96f0aac1e7d..cd2b08787c9 100644 --- a/CVE-2023/CVE-2023-57xx/CVE-2023-5717.json +++ b/CVE-2023/CVE-2023-57xx/CVE-2023-5717.json @@ -2,8 +2,8 @@ "id": "CVE-2023-5717", "sourceIdentifier": "cve-coordination@google.com", "published": "2023-10-25T18:17:43.913", - "lastModified": "2023-10-25T20:31:55.900", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-04T03:24:15.637", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + }, { "source": "cve-coordination@google.com", "type": "Secondary", @@ -39,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + }, { "source": "cve-coordination@google.com", "type": "Secondary", @@ -50,14 +80,70 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.4", + "versionEndExcluding": "6.6", + "matchCriteriaId": "D8D8B90C-7358-42DF-8965-F1D7AD355A57" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.6:rc1:*:*:*:*:*:*", + "matchCriteriaId": "84267A4F-DBC2-444F-B41D-69E15E1BEC97" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.6:rc2:*:*:*:*:*:*", + "matchCriteriaId": "FB440208-241C-4246-9A83-C1715C0DAA6C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.6:rc3:*:*:*:*:*:*", + "matchCriteriaId": "0DC421F1-3D5A-4BEF-BF76-4E468985D20B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.6:rc4:*:*:*:*:*:*", + "matchCriteriaId": "00AB783B-BE05-40E8-9A55-6AA457D95031" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.6:rc5:*:*:*:*:*:*", + "matchCriteriaId": "E7C78D0A-C4A2-4D41-B726-8979E33AD0F9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:6.6:rc6:*:*:*:*:*:*", + "matchCriteriaId": "E114E9DD-F7E1-40CC-AAD5-F14E586CB2E6" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/kernel/events?id=32671e3799ca2e4590773fd0e63aaa4229e50c06", - "source": "cve-coordination@google.com" + "source": "cve-coordination@google.com", + "tags": [ + "Mailing List", + "Patch" + ] }, { "url": "https://kernel.dance/32671e3799ca2e4590773fd0e63aaa4229e50c06", - "source": "cve-coordination@google.com" + "source": "cve-coordination@google.com", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-58xx/CVE-2023-5810.json b/CVE-2023/CVE-2023-58xx/CVE-2023-5810.json index 57aba28ec62..f31d7feb135 100644 --- a/CVE-2023/CVE-2023-58xx/CVE-2023-5810.json +++ b/CVE-2023/CVE-2023-58xx/CVE-2023-5810.json @@ -2,8 +2,8 @@ "id": "CVE-2023-5810", "sourceIdentifier": "cna@vuldb.com", "published": "2023-10-27T01:15:32.317", - "lastModified": "2023-10-27T12:41:08.827", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-11-04T03:23:57.180", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -15,6 +15,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + } + ], "cvssMetricV30": [ { "source": "cna@vuldb.com", @@ -64,6 +86,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + }, { "source": "cna@vuldb.com", "type": "Secondary", @@ -75,22 +107,55 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:flusity:flusity:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023-10-24", + "matchCriteriaId": "9989CEDF-D8FF-40B5-8E62-E4ABECFDBADC" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/flusity/flusity-CMS/commit/6943991c62ed87c7a57989a0cb7077316127def8", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/flusity/flusity-CMS/issues/2", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Issue Tracking", + "Mitigation", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.243641", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?id.243641", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/README.md b/README.md index ee679e60297..edf4dea3998 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-11-04T03:00:21.767020+00:00 +2023-11-04T05:00:19.449376+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-11-04T02:56:51.387000+00:00 +2023-11-04T03:24:38.690000+00:00 ``` ### Last Data Feed Release @@ -40,33 +40,30 @@ Recently added CVEs: `0` ### CVEs modified in the last Commit -Recently modified CVEs: `46` +Recently modified CVEs: `22` -* [CVE-2022-4933](CVE-2022/CVE-2022-49xx/CVE-2022-4933.json) (`2023-11-04T02:32:44.100`) -* [CVE-2022-46945](CVE-2022/CVE-2022-469xx/CVE-2022-46945.json) (`2023-11-04T02:40:41.110`) -* [CVE-2023-5784](CVE-2023/CVE-2023-57xx/CVE-2023-5784.json) (`2023-11-04T01:41:52.020`) -* [CVE-2023-5785](CVE-2023/CVE-2023-57xx/CVE-2023-5785.json) (`2023-11-04T01:43:44.800`) -* [CVE-2023-43208](CVE-2023/CVE-2023-432xx/CVE-2023-43208.json) (`2023-11-04T01:50:43.173`) -* [CVE-2023-4490](CVE-2023/CVE-2023-44xx/CVE-2023-4490.json) (`2023-11-04T01:52:01.003`) -* [CVE-2023-4178](CVE-2023/CVE-2023-41xx/CVE-2023-4178.json) (`2023-11-04T01:52:20.423`) -* [CVE-2023-4972](CVE-2023/CVE-2023-49xx/CVE-2023-4972.json) (`2023-11-04T01:56:59.300`) -* [CVE-2023-42439](CVE-2023/CVE-2023-424xx/CVE-2023-42439.json) (`2023-11-04T02:00:21.290`) -* [CVE-2023-39320](CVE-2023/CVE-2023-393xx/CVE-2023-39320.json) (`2023-11-04T02:05:28.337`) -* [CVE-2023-39321](CVE-2023/CVE-2023-393xx/CVE-2023-39321.json) (`2023-11-04T02:07:17.913`) -* [CVE-2023-39322](CVE-2023/CVE-2023-393xx/CVE-2023-39322.json) (`2023-11-04T02:08:08.063`) -* [CVE-2023-3255](CVE-2023/CVE-2023-32xx/CVE-2023-3255.json) (`2023-11-04T02:13:59.980`) -* [CVE-2023-3301](CVE-2023/CVE-2023-33xx/CVE-2023-3301.json) (`2023-11-04T02:19:16.943`) -* [CVE-2023-0673](CVE-2023/CVE-2023-06xx/CVE-2023-0673.json) (`2023-11-04T02:33:39.607`) -* [CVE-2023-1112](CVE-2023/CVE-2023-11xx/CVE-2023-1112.json) (`2023-11-04T02:35:37.830`) -* [CVE-2023-1003](CVE-2023/CVE-2023-10xx/CVE-2023-1003.json) (`2023-11-04T02:36:27.860`) -* [CVE-2023-1004](CVE-2023/CVE-2023-10xx/CVE-2023-1004.json) (`2023-11-04T02:37:19.860`) -* [CVE-2023-4157](CVE-2023/CVE-2023-41xx/CVE-2023-4157.json) (`2023-11-04T02:39:05.593`) -* [CVE-2023-4569](CVE-2023/CVE-2023-45xx/CVE-2023-4569.json) (`2023-11-04T02:39:33.400`) -* [CVE-2023-2995](CVE-2023/CVE-2023-29xx/CVE-2023-2995.json) (`2023-11-04T02:44:32.017`) -* [CVE-2023-27530](CVE-2023/CVE-2023-275xx/CVE-2023-27530.json) (`2023-11-04T02:46:04.243`) -* [CVE-2023-1495](CVE-2023/CVE-2023-14xx/CVE-2023-1495.json) (`2023-11-04T02:46:36.823`) -* [CVE-2023-2246](CVE-2023/CVE-2023-22xx/CVE-2023-2246.json) (`2023-11-04T02:48:45.587`) -* [CVE-2023-22812](CVE-2023/CVE-2023-228xx/CVE-2023-22812.json) (`2023-11-04T02:51:17.437`) +* [CVE-2022-4573](CVE-2022/CVE-2022-45xx/CVE-2022-4573.json) (`2023-11-04T03:24:24.197`) +* [CVE-2023-42456](CVE-2023/CVE-2023-424xx/CVE-2023-42456.json) (`2023-11-04T03:15:07.827`) +* [CVE-2023-21361](CVE-2023/CVE-2023-213xx/CVE-2023-21361.json) (`2023-11-04T03:20:22.903`) +* [CVE-2023-21360](CVE-2023/CVE-2023-213xx/CVE-2023-21360.json) (`2023-11-04T03:20:32.843`) +* [CVE-2023-21359](CVE-2023/CVE-2023-213xx/CVE-2023-21359.json) (`2023-11-04T03:20:39.810`) +* [CVE-2023-21358](CVE-2023/CVE-2023-213xx/CVE-2023-21358.json) (`2023-11-04T03:20:47.623`) +* [CVE-2023-21357](CVE-2023/CVE-2023-213xx/CVE-2023-21357.json) (`2023-11-04T03:20:55.207`) +* [CVE-2023-21356](CVE-2023/CVE-2023-213xx/CVE-2023-21356.json) (`2023-11-04T03:21:06.440`) +* [CVE-2023-21355](CVE-2023/CVE-2023-213xx/CVE-2023-21355.json) (`2023-11-04T03:21:12.813`) +* [CVE-2023-21354](CVE-2023/CVE-2023-213xx/CVE-2023-21354.json) (`2023-11-04T03:21:47.663`) +* [CVE-2023-21353](CVE-2023/CVE-2023-213xx/CVE-2023-21353.json) (`2023-11-04T03:22:00.393`) +* [CVE-2023-21352](CVE-2023/CVE-2023-213xx/CVE-2023-21352.json) (`2023-11-04T03:22:08.317`) +* [CVE-2023-21351](CVE-2023/CVE-2023-213xx/CVE-2023-21351.json) (`2023-11-04T03:22:15.930`) +* [CVE-2023-21350](CVE-2023/CVE-2023-213xx/CVE-2023-21350.json) (`2023-11-04T03:22:37.570`) +* [CVE-2023-21374](CVE-2023/CVE-2023-213xx/CVE-2023-21374.json) (`2023-11-04T03:22:45.327`) +* [CVE-2023-21373](CVE-2023/CVE-2023-213xx/CVE-2023-21373.json) (`2023-11-04T03:22:52.047`) +* [CVE-2023-45797](CVE-2023/CVE-2023-457xx/CVE-2023-45797.json) (`2023-11-04T03:23:18.037`) +* [CVE-2023-46867](CVE-2023/CVE-2023-468xx/CVE-2023-46867.json) (`2023-11-04T03:23:36.290`) +* [CVE-2023-46866](CVE-2023/CVE-2023-468xx/CVE-2023-46866.json) (`2023-11-04T03:23:43.990`) +* [CVE-2023-5810](CVE-2023/CVE-2023-58xx/CVE-2023-5810.json) (`2023-11-04T03:23:57.180`) +* [CVE-2023-5717](CVE-2023/CVE-2023-57xx/CVE-2023-5717.json) (`2023-11-04T03:24:15.637`) +* [CVE-2023-43322](CVE-2023/CVE-2023-433xx/CVE-2023-43322.json) (`2023-11-04T03:24:38.690`) ## Download and Usage