admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-19 17:31:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-01-16T21:00:25.815741+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-01-16 21:00:29 +00:00
parent 98aec40421
commit 507d99c8e6
60 changed files with 4611 additions and 315 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

62
CVE-2019/CVE-2019-115xx/CVE-2019-11509.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2019-11509",
"sourceIdentifier": "cve@mitre.org",
"published": "2019-06-03T20:29:00.517",
"lastModified": "2024-01-13T18:36:49.423",
"lastModified": "2024-01-16T19:18:25.610",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -412,6 +412,36 @@
"criteria": "cpe:2.3:a:ivanti:connect_secure:9.0:r3.1:*:*:*:*:*:*",
"matchCriteriaId": "F05DC11E-7C41-450B-A2BF-603E9252BB40"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DD00E2EC-B772-4FE8-8CC5-829BE45BE878"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r1:*:*:*:*:*:*",
"matchCriteriaId": "26B25B34-7BD0-471B-A396-45CE5420E963"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r2:*:*:*:*:*:*",
"matchCriteriaId": "AA514C05-2834-4C7B-B022-02B41C9AAD6A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r2.1:*:*:*:*:*:*",
"matchCriteriaId": "0929C645-DACB-4341-9032-7C79FFC8BCF0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r3:*:*:*:*:*:*",
"matchCriteriaId": "0D36CB5A-8389-4F2F-882A-4E8F30028799"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.0:r3.1:*:*:*:*:*:*",
"matchCriteriaId": "517DA74B-9D69-45E1-A707-A08A305A507C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pulsesecure:pulse_connect_secure:9.0:*:*:*:*:*:*:*",
@ -546,36 +576,6 @@
"vulnerable": true,
"criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:5.4:r7:*:*:*:*:*:*",
"matchCriteriaId": "B174CECC-9B31-4DC3-B3F7-04E76ACADE30"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "85B4B14D-F175-44E0-893C-EAD7F185B2B9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:9.0:r1:*:*:*:*:*:*",
"matchCriteriaId": "E689F7EB-4028-41D5-B503-35C83024E82B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:9.0:r2:*:*:*:*:*:*",
"matchCriteriaId": "82862414-F356-4A1C-BE4C-43AE128D8E95"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:9.0:r2.1:*:*:*:*:*:*",
"matchCriteriaId": "49BF6181-E138-4B76-906B-D41A4C7D1CD6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:9.0:r3:*:*:*:*:*:*",
"matchCriteriaId": "81409FF6-C93F-4B62-BA16-8EF92EB344FC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:9.0:r3.1:*:*:*:*:*:*",
"matchCriteriaId": "F1E2E823-46DD-49DD-A797-903D11670FAB"
}
]
}

12
CVE-2020/CVE-2020-82xx/CVE-2020-8204.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2020-8204",
"sourceIdentifier": "support@hackerone.com",
"published": "2020-07-30T13:15:11.470",
"lastModified": "2024-01-13T04:43:44.307",
"lastModified": "2024-01-16T19:18:25.610",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -163,6 +163,11 @@
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:-:*:*:*:*:*:*",
"matchCriteriaId": "6418A649-3A63-40CC-BD7C-309B3B0B2595"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r1:*:*:*:*:*:*",
@ -218,11 +223,6 @@
"criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:*:*:*:*:*:*:*:*",
"versionEndIncluding": "9.0",
"matchCriteriaId": "B031D2AE-70BE-48BB-A9E9-0A0DAAAFF55F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:9.1:-:*:*:*:*:*:*",
"matchCriteriaId": "937A242A-0134-47B2-802C-894AFDC20A48"
}
]
}

12
CVE-2020/CVE-2020-82xx/CVE-2020-8206.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2020-8206",
"sourceIdentifier": "support@hackerone.com",
"published": "2020-07-30T13:15:11.533",
"lastModified": "2024-01-13T04:43:44.307",
"lastModified": "2024-01-16T19:18:25.610",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -163,6 +163,11 @@
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:-:*:*:*:*:*:*",
"matchCriteriaId": "6418A649-3A63-40CC-BD7C-309B3B0B2595"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r1:*:*:*:*:*:*",
@ -218,11 +223,6 @@
"criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:*:*:*:*:*:*:*:*",
"versionEndIncluding": "9.0",
"matchCriteriaId": "B031D2AE-70BE-48BB-A9E9-0A0DAAAFF55F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:9.1:-:*:*:*:*:*:*",
"matchCriteriaId": "937A242A-0134-47B2-802C-894AFDC20A48"
}
]
}

12
CVE-2020/CVE-2020-82xx/CVE-2020-8216.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2020-8216",
"sourceIdentifier": "support@hackerone.com",
"published": "2020-07-30T13:15:11.707",
"lastModified": "2024-01-13T04:43:44.307",
"lastModified": "2024-01-16T19:18:25.610",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -163,6 +163,11 @@
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:-:*:*:*:*:*:*",
"matchCriteriaId": "6418A649-3A63-40CC-BD7C-309B3B0B2595"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r1:*:*:*:*:*:*",
@ -218,11 +223,6 @@
"criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:*:*:*:*:*:*:*:*",
"versionEndIncluding": "9.0",
"matchCriteriaId": "B031D2AE-70BE-48BB-A9E9-0A0DAAAFF55F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:9.1:-:*:*:*:*:*:*",
"matchCriteriaId": "937A242A-0134-47B2-802C-894AFDC20A48"
}
]
}

12
CVE-2020/CVE-2020-82xx/CVE-2020-8217.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2020-8217",
"sourceIdentifier": "support@hackerone.com",
"published": "2020-07-30T13:15:11.783",
"lastModified": "2024-01-13T04:43:44.307",
"lastModified": "2024-01-16T19:18:25.610",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -163,6 +163,11 @@
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:-:*:*:*:*:*:*",
"matchCriteriaId": "6418A649-3A63-40CC-BD7C-309B3B0B2595"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r1:*:*:*:*:*:*",
@ -218,11 +223,6 @@
"criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:*:*:*:*:*:*:*:*",
"versionEndIncluding": "9.0",
"matchCriteriaId": "B031D2AE-70BE-48BB-A9E9-0A0DAAAFF55F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:9.1:-:*:*:*:*:*:*",
"matchCriteriaId": "937A242A-0134-47B2-802C-894AFDC20A48"
}
]
}

12
CVE-2020/CVE-2020-82xx/CVE-2020-8218.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2020-8218",
"sourceIdentifier": "support@hackerone.com",
"published": "2020-07-30T13:15:11.847",
"lastModified": "2024-01-13T04:43:44.307",
"lastModified": "2024-01-16T19:18:25.610",
"vulnStatus": "Analyzed",
"cisaExploitAdd": "2022-03-07",
"cisaActionDue": "2022-09-07",
@ -167,6 +167,11 @@
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:-:*:*:*:*:*:*",
"matchCriteriaId": "6418A649-3A63-40CC-BD7C-309B3B0B2595"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r1:*:*:*:*:*:*",
@ -222,11 +227,6 @@
"criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:*:*:*:*:*:*:*:*",
"versionEndIncluding": "9.0",
"matchCriteriaId": "B031D2AE-70BE-48BB-A9E9-0A0DAAAFF55F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:9.1:-:*:*:*:*:*:*",
"matchCriteriaId": "937A242A-0134-47B2-802C-894AFDC20A48"
}
]
}

12
CVE-2020/CVE-2020-82xx/CVE-2020-8219.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2020-8219",
"sourceIdentifier": "support@hackerone.com",
"published": "2020-07-30T13:15:11.907",
"lastModified": "2024-01-13T04:43:44.307",
"lastModified": "2024-01-16T19:18:25.610",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -163,6 +163,11 @@
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:-:*:*:*:*:*:*",
"matchCriteriaId": "6418A649-3A63-40CC-BD7C-309B3B0B2595"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r1:*:*:*:*:*:*",
@ -218,11 +223,6 @@
"criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:*:*:*:*:*:*:*:*",
"versionEndIncluding": "9.0",
"matchCriteriaId": "B031D2AE-70BE-48BB-A9E9-0A0DAAAFF55F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:9.1:-:*:*:*:*:*:*",
"matchCriteriaId": "937A242A-0134-47B2-802C-894AFDC20A48"
}
]
}

12
CVE-2020/CVE-2020-82xx/CVE-2020-8220.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2020-8220",
"sourceIdentifier": "support@hackerone.com",
"published": "2020-07-30T13:15:11.987",
"lastModified": "2024-01-13T04:43:44.307",
"lastModified": "2024-01-16T19:18:25.610",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -163,6 +163,11 @@
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:-:*:*:*:*:*:*",
"matchCriteriaId": "6418A649-3A63-40CC-BD7C-309B3B0B2595"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r1:*:*:*:*:*:*",
@ -218,11 +223,6 @@
"criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:*:*:*:*:*:*:*:*",
"versionEndIncluding": "9.0",
"matchCriteriaId": "B031D2AE-70BE-48BB-A9E9-0A0DAAAFF55F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:9.1:-:*:*:*:*:*:*",
"matchCriteriaId": "937A242A-0134-47B2-802C-894AFDC20A48"
}
]
}

12
CVE-2020/CVE-2020-82xx/CVE-2020-8221.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2020-8221",
"sourceIdentifier": "support@hackerone.com",
"published": "2020-07-30T13:15:12.063",
"lastModified": "2024-01-13T04:43:44.307",
"lastModified": "2024-01-16T19:18:25.610",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -163,6 +163,11 @@
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:-:*:*:*:*:*:*",
"matchCriteriaId": "6418A649-3A63-40CC-BD7C-309B3B0B2595"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r1:*:*:*:*:*:*",
@ -218,11 +223,6 @@
"criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:*:*:*:*:*:*:*:*",
"versionEndIncluding": "9.0",
"matchCriteriaId": "B031D2AE-70BE-48BB-A9E9-0A0DAAAFF55F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:9.1:-:*:*:*:*:*:*",
"matchCriteriaId": "937A242A-0134-47B2-802C-894AFDC20A48"
}
]
}

12
CVE-2020/CVE-2020-82xx/CVE-2020-8222.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2020-8222",
"sourceIdentifier": "support@hackerone.com",
"published": "2020-07-30T13:15:12.157",
"lastModified": "2024-01-13T04:43:44.307",
"lastModified": "2024-01-16T19:18:25.610",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -163,6 +163,11 @@
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:-:*:*:*:*:*:*",
"matchCriteriaId": "6418A649-3A63-40CC-BD7C-309B3B0B2595"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r1:*:*:*:*:*:*",
@ -218,11 +223,6 @@
"criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:*:*:*:*:*:*:*:*",
"versionEndIncluding": "9.0",
"matchCriteriaId": "B031D2AE-70BE-48BB-A9E9-0A0DAAAFF55F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:9.1:-:*:*:*:*:*:*",
"matchCriteriaId": "937A242A-0134-47B2-802C-894AFDC20A48"
}
]
}

22
CVE-2020/CVE-2020-82xx/CVE-2020-8238.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2020-8238",
"sourceIdentifier": "support@hackerone.com",
"published": "2020-09-30T18:15:28.990",
"lastModified": "2024-01-13T04:43:44.307",
"lastModified": "2024-01-16T19:18:25.610",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -92,6 +92,11 @@
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:-:*:*:*:*:*:*",
"matchCriteriaId": "6418A649-3A63-40CC-BD7C-309B3B0B2595"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r1:*:*:*:*:*:*",
@ -122,6 +127,11 @@
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4.2:*:*:*:*:*:*",
"matchCriteriaId": "D55AB5F0-132F-4C40-BF4F-684E139B774B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4.3:*:*:*:*:*:*",
"matchCriteriaId": "26AEB02E-D2D0-4D7A-BB00-9E5112696B17"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r5:*:*:*:*:*:*",
@ -223,16 +233,6 @@
"criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:*:*:*:*:*:*:*:*",
"versionEndIncluding": "9.0",
"matchCriteriaId": "B031D2AE-70BE-48BB-A9E9-0A0DAAAFF55F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:9.1:-:*:*:*:*:*:*",
"matchCriteriaId": "937A242A-0134-47B2-802C-894AFDC20A48"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:9.1:r4.3:*:*:*:*:*:*",
"matchCriteriaId": "3573BE86-7BCE-41A4-92F7-C1A0DBEB2672"
}
]
}

22
CVE-2020/CVE-2020-82xx/CVE-2020-8243.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2020-8243",
"sourceIdentifier": "support@hackerone.com",
"published": "2020-09-30T18:15:29.070",
"lastModified": "2024-01-13T04:43:44.307",
"lastModified": "2024-01-16T19:18:25.610",
"vulnStatus": "Analyzed",
"cisaExploitAdd": "2021-11-03",
"cisaActionDue": "2021-04-23",
@ -96,6 +96,11 @@
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:-:*:*:*:*:*:*",
"matchCriteriaId": "6418A649-3A63-40CC-BD7C-309B3B0B2595"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r1:*:*:*:*:*:*",
@ -126,6 +131,11 @@
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4.2:*:*:*:*:*:*",
"matchCriteriaId": "D55AB5F0-132F-4C40-BF4F-684E139B774B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r4.3:*:*:*:*:*:*",
"matchCriteriaId": "26AEB02E-D2D0-4D7A-BB00-9E5112696B17"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r5:*:*:*:*:*:*",
@ -227,16 +237,6 @@
"criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:*:*:*:*:*:*:*:*",
"versionEndIncluding": "9.0",
"matchCriteriaId": "B031D2AE-70BE-48BB-A9E9-0A0DAAAFF55F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:9.1:-:*:*:*:*:*:*",
"matchCriteriaId": "937A242A-0134-47B2-802C-894AFDC20A48"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:9.1:r4.3:*:*:*:*:*:*",
"matchCriteriaId": "3573BE86-7BCE-41A4-92F7-C1A0DBEB2672"
}
]
}

40
CVE-2022/CVE-2022-287xx/CVE-2022-28734.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-28734",
"sourceIdentifier": "security@ubuntu.com",
"published": "2023-07-20T01:15:10.243",
"lastModified": "2023-08-25T23:15:09.470",
"vulnStatus": "Modified",
"lastModified": "2024-01-16T19:43:16.390",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -17,20 +17,20 @@
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
"baseScore": 7.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
"exploitabilityScore": 2.2,
"impactScore": 4.7
},
{
"source": "security@ubuntu.com",
@ -83,6 +83,21 @@
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "3A756737-1CC4-42C2-A4DF-E1C893B4E2D5"
}
]
}
]
}
],
"references": [
@ -95,7 +110,10 @@
},
{
"url": "https://security.netapp.com/advisory/ntap-20230825-0002/",
"source": "security@ubuntu.com"
"source": "security@ubuntu.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.openwall.com/lists/oss-security/2022/06/07/5",

12
CVE-2022/CVE-2022-352xx/CVE-2022-35254.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-35254",
"sourceIdentifier": "support@hackerone.com",
"published": "2022-12-05T22:15:10.457",
"lastModified": "2024-01-13T04:43:44.307",
"lastModified": "2024-01-16T19:18:25.610",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -124,6 +124,11 @@
"versionEndExcluding": "9.1",
"matchCriteriaId": "368E8A56-50E4-4400-8C18-B7426B112FFC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:-:*:*:*:*:*:*",
"matchCriteriaId": "6418A649-3A63-40CC-BD7C-309B3B0B2595"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r1:*:*:*:*:*:*",
@ -443,11 +448,6 @@
"vulnerable": true,
"criteria": "cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r9.2:*:*:*:*:*:*",
"matchCriteriaId": "8DDFCAAC-B447-425E-967C-AA0A93860B9E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:9.1:-:*:*:*:*:*:*",
"matchCriteriaId": "937A242A-0134-47B2-802C-894AFDC20A48"
}
]
}

12
CVE-2022/CVE-2022-352xx/CVE-2022-35258.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-35258",
"sourceIdentifier": "support@hackerone.com",
"published": "2022-12-05T22:15:10.627",
"lastModified": "2024-01-13T04:43:44.307",
"lastModified": "2024-01-16T19:18:25.610",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -124,6 +124,11 @@
"versionEndExcluding": "9.1",
"matchCriteriaId": "368E8A56-50E4-4400-8C18-B7426B112FFC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:-:*:*:*:*:*:*",
"matchCriteriaId": "6418A649-3A63-40CC-BD7C-309B3B0B2595"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:policy_secure:9.1:r1:*:*:*:*:*:*",
@ -443,11 +448,6 @@
"vulnerable": true,
"criteria": "cpe:2.3:a:pulsesecure:pulse_connect_secure:9.1:r9.2:*:*:*:*:*:*",
"matchCriteriaId": "8DDFCAAC-B447-425E-967C-AA0A93860B9E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pulsesecure:pulse_policy_secure:9.1:-:*:*:*:*:*:*",
"matchCriteriaId": "937A242A-0134-47B2-802C-894AFDC20A48"
}
]
}

76
CVE-2023/CVE-2023-366xx/CVE-2023-36629.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36629",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-09T02:15:44.163",
"lastModified": "2024-01-09T14:01:44.900",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-16T19:13:33.347",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,19 +14,83 @@
"value": "El paquete ST ST54-android-packages-apps-Nfc anterior a 130-20230215-23W07p0 para Android tiene una lectura fuera de los l\u00edmites."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:st:st54-android-packages-apps-nfc:*:*:*:*:*:*:*:*",
"versionEndExcluding": "130-20230215-23w07p0",
"matchCriteriaId": "C9C3849E-4AAD-49D7-BCB1-72265403941F"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/STMicroelectronics/ST54-android-packages-apps-Nfc/releases/tag/130-20230215-23W07p0",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Release Notes"
]
},
{
"url": "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/hunting-for-android-privilege-escalation-with-a-32-line-fuzzer/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Press/Media Coverage"
]
},
{
"url": "https://www.trustwave.com/hubfs/Web/Library/Advisories_txt/TWSL2023-007_Xiaomi_Redmi_10sNote-1.txt",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

68
CVE-2023/CVE-2023-479xx/CVE-2023-47996.json
View File

@ -2,19 +2,79 @@
"id": "CVE-2023-47996",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-09T23:15:09.680",
"lastModified": "2024-01-10T01:21:28.543",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-16T20:59:05.917",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An integer overflow vulnerability in Exif.cpp::jpeg_read_exif_dir in FreeImage 3.18.0 allows attackers to obtain information and cause a denial of service."
},
{
"lang": "es",
"value": "Una vulnerabilidad de desbordamiento de enteros en Exif.cpp::jpeg_read_exif_dir en FreeImage 3.18.0 permite a los atacantes obtener informaci\u00f3n y provocar una denegaci\u00f3n de servicio."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-190"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:freeimage_project:freeimage:3.18.0:*:*:*:*:*:*:*",
"matchCriteriaId": "649CACB0-AD52-4217-9DF9-B692533ED990"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/thelastede/FreeImage-cve-poc/tree/master/CVE-2023-47996",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

68
CVE-2023/CVE-2023-479xx/CVE-2023-47997.json
View File

@ -2,19 +2,79 @@
"id": "CVE-2023-47997",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-10T00:15:45.463",
"lastModified": "2024-01-10T01:21:28.543",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-16T20:58:57.263",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue discovered in BitmapAccess.cpp::FreeImage_AllocateBitmap in FreeImage 3.18.0 leads to an infinite loop and allows attackers to cause a denial of service."
},
{
"lang": "es",
"value": "Un problema descubierto en BitmapAccess.cpp::FreeImage_AllocateBitmap en FreeImage 3.18.0 genera un bucle infinito y permite a los atacantes provocar una denegaci\u00f3n de servicio."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-835"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:freeimage_project:freeimage:3.18.0:*:*:*:*:*:*:*",
"matchCriteriaId": "649CACB0-AD52-4217-9DF9-B692533ED990"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/thelastede/FreeImage-cve-poc/tree/master/CVE-2023-47997",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

169
CVE-2023/CVE-2023-482xx/CVE-2023-48242.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-48242",
"sourceIdentifier": "psirt@bosch.com",
"published": "2024-01-10T11:15:08.237",
"lastModified": "2024-01-10T13:56:06.947",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-16T20:17:56.863",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The vulnerability allows an authenticated remote attacker to download arbitrary files in all paths of the system under the context of the application OS user (\u201croot\u201d) via a crafted HTTP request."
},
{
"lang": "es",
"value": "La vulnerabilidad permite a un atacante remoto autenticado descargar archivos arbitrarios en todas las rutas del sistema en el contexto del usuario del sistema operativo de la aplicaci\u00f3n (\"root\") a trav\u00e9s de una solicitud HTTP manipulada."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "psirt@bosch.com",
"type": "Secondary",
@ -35,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
},
{
"source": "psirt@bosch.com",
"type": "Secondary",
@ -46,10 +80,139 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:bosch:nexo-os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1000",
"versionEndIncluding": "1500-sp2",
"matchCriteriaId": "73D9F18A-94BD-4EC8-A39A-0A6E8E4315D8"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa011s-36v-b_\\(0608842012\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DC8C39A-F26D-4A5E-A502-5AA26651FD95"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa011s-36v_\\(0608842011\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "871F225C-EE0D-409E-98FF-CF8B2C83E877"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa015s-36v-b_\\(0608842006\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "D77B7A94-EB41-442E-9930-3372EFF0C469"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa015s-36v_\\(0608842001\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "6CF63477-0CE7-446C-9872-C186AB55ADEF"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa030s-36v-b_\\(0608842007\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "8703D886-1E08-40B1-9666-3D585A3CB52F"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa030s-36v_\\(0608842002\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "43D5973C-E4B3-4111-A710-FE48CFE5C1A5"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa050s-36v-b_\\(0608842008\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA7D4812-024D-432B-A526-0858427ED545"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa050s-36v_\\(0608842003\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "1614F6BA-E265-4344-A5B4-6DD0D3EC0BCF"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa065s-36v-b_\\(0608842014\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "206B990F-9ACD-408D-93BB-F43F25686862"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa065s-36v_\\(0608842013\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "E092DE8F-DB60-4D77-BCE5-8820B6190856"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxp012qd-36v-b_\\(0608842010\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "94D48DD5-DF3B-4D74-B8D8-E1E0468DE2DC"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxp012qd-36v_\\(0608842005\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "63746CB7-DBDF-4705-A771-CE9581742980"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxv012t-36v-b_\\(0608842016\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F974170-84B6-49FF-9988-7EFDA5964E1A"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxv012t-36v_\\(0608842015\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "87D757FC-2CBA-419F-84E8-518CBEB98646"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2272\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E3E3820-FF4C-4B75-9541-B807EF52E661"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2301\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B1B2908-2C42-4E6B-9953-30B2BE2E63F4"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2514\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "6A09E202-1E38-433B-A039-F7B62C275E40"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2515\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "206E809F-D1CA-437C-9C78-76E39F7A8D69"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2666\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF33E7B-B131-4A7C-8C4F-47906B8AEFC8"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2673\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "E14B2068-DEEE-4C3F-9FCE-108A3F5E83DB"
}
]
}
]
}
],
"references": [
{
"url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-711465.html",
"source": "psirt@bosch.com"
"source": "psirt@bosch.com",
"tags": [
"Vendor Advisory"
]
}
]
}

169
CVE-2023/CVE-2023-482xx/CVE-2023-48243.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-48243",
"sourceIdentifier": "psirt@bosch.com",
"published": "2024-01-10T11:15:08.777",
"lastModified": "2024-01-10T13:56:06.947",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-16T20:17:41.990",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The vulnerability allows a remote attacker to upload arbitrary files in all paths of the system under the context of the application OS user (\u201croot\u201d) via a crafted HTTP request.\r\nBy abusing this vulnerability, it is possible to obtain remote code execution (RCE) with root privileges on the device."
},
{
"lang": "es",
"value": "La vulnerabilidad permite a un atacante remoto cargar archivos arbitrarios en todas las rutas del sistema en el contexto del usuario del sistema operativo de la aplicaci\u00f3n (\"root\") a trav\u00e9s de una solicitud HTTP manipulada. Al abusar de esta vulnerabilidad, es posible obtener ejecuci\u00f3n remota de c\u00f3digo (RCE) con privilegios de root en el dispositivo."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "psirt@bosch.com",
"type": "Secondary",
@ -35,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
},
{
"source": "psirt@bosch.com",
"type": "Secondary",
@ -46,10 +80,139 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:bosch:nexo-os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1000",
"versionEndIncluding": "1500-sp2",
"matchCriteriaId": "73D9F18A-94BD-4EC8-A39A-0A6E8E4315D8"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa011s-36v-b_\\(0608842012\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DC8C39A-F26D-4A5E-A502-5AA26651FD95"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa011s-36v_\\(0608842011\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "871F225C-EE0D-409E-98FF-CF8B2C83E877"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa015s-36v-b_\\(0608842006\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "D77B7A94-EB41-442E-9930-3372EFF0C469"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa015s-36v_\\(0608842001\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "6CF63477-0CE7-446C-9872-C186AB55ADEF"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa030s-36v-b_\\(0608842007\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "8703D886-1E08-40B1-9666-3D585A3CB52F"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa030s-36v_\\(0608842002\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "43D5973C-E4B3-4111-A710-FE48CFE5C1A5"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa050s-36v-b_\\(0608842008\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA7D4812-024D-432B-A526-0858427ED545"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa050s-36v_\\(0608842003\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "1614F6BA-E265-4344-A5B4-6DD0D3EC0BCF"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa065s-36v-b_\\(0608842014\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "206B990F-9ACD-408D-93BB-F43F25686862"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa065s-36v_\\(0608842013\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "E092DE8F-DB60-4D77-BCE5-8820B6190856"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxp012qd-36v-b_\\(0608842010\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "94D48DD5-DF3B-4D74-B8D8-E1E0468DE2DC"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxp012qd-36v_\\(0608842005\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "63746CB7-DBDF-4705-A771-CE9581742980"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxv012t-36v-b_\\(0608842016\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F974170-84B6-49FF-9988-7EFDA5964E1A"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxv012t-36v_\\(0608842015\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "87D757FC-2CBA-419F-84E8-518CBEB98646"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2272\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E3E3820-FF4C-4B75-9541-B807EF52E661"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2301\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B1B2908-2C42-4E6B-9953-30B2BE2E63F4"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2514\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "6A09E202-1E38-433B-A039-F7B62C275E40"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2515\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "206E809F-D1CA-437C-9C78-76E39F7A8D69"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2666\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF33E7B-B131-4A7C-8C4F-47906B8AEFC8"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2673\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "E14B2068-DEEE-4C3F-9FCE-108A3F5E83DB"
}
]
}
]
}
],
"references": [
{
"url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-711465.html",
"source": "psirt@bosch.com"
"source": "psirt@bosch.com",
"tags": [
"Vendor Advisory"
]
}
]
}

169
CVE-2023/CVE-2023-482xx/CVE-2023-48244.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-48244",
"sourceIdentifier": "psirt@bosch.com",
"published": "2024-01-10T11:15:08.990",
"lastModified": "2024-01-10T13:56:06.947",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-16T20:17:17.953",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The vulnerability allows a remote attacker to inject and execute arbitrary client-side script code inside a victim\u2019s session via a crafted URL or HTTP request."
},
{
"lang": "es",
"value": "La vulnerabilidad permite a un atacante remoto inyectar y ejecutar c\u00f3digo script arbitrario del lado del cliente dentro de la sesi\u00f3n de una v\u00edctima a trav\u00e9s de una URL manipulada o una solicitud HTTP."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "psirt@bosch.com",
"type": "Secondary",
@ -35,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "psirt@bosch.com",
"type": "Secondary",
@ -46,10 +80,139 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:bosch:nexo-os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1000",
"versionEndIncluding": "1500-sp2",
"matchCriteriaId": "73D9F18A-94BD-4EC8-A39A-0A6E8E4315D8"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa011s-36v-b_\\(0608842012\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DC8C39A-F26D-4A5E-A502-5AA26651FD95"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa011s-36v_\\(0608842011\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "871F225C-EE0D-409E-98FF-CF8B2C83E877"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa015s-36v-b_\\(0608842006\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "D77B7A94-EB41-442E-9930-3372EFF0C469"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa015s-36v_\\(0608842001\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "6CF63477-0CE7-446C-9872-C186AB55ADEF"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa030s-36v-b_\\(0608842007\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "8703D886-1E08-40B1-9666-3D585A3CB52F"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa030s-36v_\\(0608842002\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "43D5973C-E4B3-4111-A710-FE48CFE5C1A5"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa050s-36v-b_\\(0608842008\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA7D4812-024D-432B-A526-0858427ED545"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa050s-36v_\\(0608842003\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "1614F6BA-E265-4344-A5B4-6DD0D3EC0BCF"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa065s-36v-b_\\(0608842014\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "206B990F-9ACD-408D-93BB-F43F25686862"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa065s-36v_\\(0608842013\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "E092DE8F-DB60-4D77-BCE5-8820B6190856"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxp012qd-36v-b_\\(0608842010\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "94D48DD5-DF3B-4D74-B8D8-E1E0468DE2DC"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxp012qd-36v_\\(0608842005\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "63746CB7-DBDF-4705-A771-CE9581742980"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxv012t-36v-b_\\(0608842016\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F974170-84B6-49FF-9988-7EFDA5964E1A"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxv012t-36v_\\(0608842015\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "87D757FC-2CBA-419F-84E8-518CBEB98646"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2272\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E3E3820-FF4C-4B75-9541-B807EF52E661"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2301\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B1B2908-2C42-4E6B-9953-30B2BE2E63F4"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2514\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "6A09E202-1E38-433B-A039-F7B62C275E40"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2515\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "206E809F-D1CA-437C-9C78-76E39F7A8D69"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2666\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF33E7B-B131-4A7C-8C4F-47906B8AEFC8"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2673\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "E14B2068-DEEE-4C3F-9FCE-108A3F5E83DB"
}
]
}
]
}
],
"references": [
{
"url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-711465.html",
"source": "psirt@bosch.com"
"source": "psirt@bosch.com",
"tags": [
"Vendor Advisory"
]
}
]
}

169
CVE-2023/CVE-2023-482xx/CVE-2023-48245.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-48245",
"sourceIdentifier": "psirt@bosch.com",
"published": "2024-01-10T11:15:09.190",
"lastModified": "2024-01-10T13:56:06.947",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-16T20:17:01.697",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The vulnerability allows an unauthenticated remote attacker to upload arbitrary files under the context of the application OS user (\u201croot\u201d) via a crafted HTTP request."
},
{
"lang": "es",
"value": "La vulnerabilidad permite a un atacante remoto no autenticado cargar archivos arbitrarios en el contexto del usuario del sistema operativo de la aplicaci\u00f3n (\"root\") a trav\u00e9s de una solicitud HTTP manipulada."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "psirt@bosch.com",
"type": "Secondary",
@ -35,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
},
{
"source": "psirt@bosch.com",
"type": "Secondary",
@ -46,10 +80,139 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:bosch:nexo-os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1000",
"versionEndIncluding": "1500-sp2",
"matchCriteriaId": "73D9F18A-94BD-4EC8-A39A-0A6E8E4315D8"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa011s-36v-b_\\(0608842012\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DC8C39A-F26D-4A5E-A502-5AA26651FD95"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa011s-36v_\\(0608842011\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "871F225C-EE0D-409E-98FF-CF8B2C83E877"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa015s-36v-b_\\(0608842006\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "D77B7A94-EB41-442E-9930-3372EFF0C469"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa015s-36v_\\(0608842001\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "6CF63477-0CE7-446C-9872-C186AB55ADEF"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa030s-36v-b_\\(0608842007\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "8703D886-1E08-40B1-9666-3D585A3CB52F"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa030s-36v_\\(0608842002\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "43D5973C-E4B3-4111-A710-FE48CFE5C1A5"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa050s-36v-b_\\(0608842008\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA7D4812-024D-432B-A526-0858427ED545"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa050s-36v_\\(0608842003\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "1614F6BA-E265-4344-A5B4-6DD0D3EC0BCF"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa065s-36v-b_\\(0608842014\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "206B990F-9ACD-408D-93BB-F43F25686862"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa065s-36v_\\(0608842013\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "E092DE8F-DB60-4D77-BCE5-8820B6190856"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxp012qd-36v-b_\\(0608842010\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "94D48DD5-DF3B-4D74-B8D8-E1E0468DE2DC"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxp012qd-36v_\\(0608842005\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "63746CB7-DBDF-4705-A771-CE9581742980"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxv012t-36v-b_\\(0608842016\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F974170-84B6-49FF-9988-7EFDA5964E1A"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxv012t-36v_\\(0608842015\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "87D757FC-2CBA-419F-84E8-518CBEB98646"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2272\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E3E3820-FF4C-4B75-9541-B807EF52E661"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2301\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B1B2908-2C42-4E6B-9953-30B2BE2E63F4"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2514\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "6A09E202-1E38-433B-A039-F7B62C275E40"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2515\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "206E809F-D1CA-437C-9C78-76E39F7A8D69"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2666\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF33E7B-B131-4A7C-8C4F-47906B8AEFC8"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2673\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "E14B2068-DEEE-4C3F-9FCE-108A3F5E83DB"
}
]
}
]
}
],
"references": [
{
"url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-711465.html",
"source": "psirt@bosch.com"
"source": "psirt@bosch.com",
"tags": [
"Vendor Advisory"
]
}
]
}

169
CVE-2023/CVE-2023-482xx/CVE-2023-48246.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-48246",
"sourceIdentifier": "psirt@bosch.com",
"published": "2024-01-10T11:15:09.410",
"lastModified": "2024-01-10T13:56:06.947",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-16T19:47:37.680",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The vulnerability allows a remote attacker to download arbitrary files in all paths of the system under the context of the application OS user (\u201croot\u201d) via a crafted HTTP request."
},
{
"lang": "es",
"value": "La vulnerabilidad permite a un atacante remoto descargar archivos arbitrarios en todas las rutas del sistema en el contexto del usuario del sistema operativo de la aplicaci\u00f3n (\"root\") a trav\u00e9s de una solicitud HTTP manipulada."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "psirt@bosch.com",
"type": "Secondary",
@ -35,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
},
{
"source": "psirt@bosch.com",
"type": "Secondary",
@ -46,10 +80,139 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:bosch:nexo-os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1000",
"versionEndIncluding": "1500-sp2",
"matchCriteriaId": "73D9F18A-94BD-4EC8-A39A-0A6E8E4315D8"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa011s-36v-b_\\(0608842012\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DC8C39A-F26D-4A5E-A502-5AA26651FD95"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa011s-36v_\\(0608842011\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "871F225C-EE0D-409E-98FF-CF8B2C83E877"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa015s-36v-b_\\(0608842006\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "D77B7A94-EB41-442E-9930-3372EFF0C469"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa015s-36v_\\(0608842001\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "6CF63477-0CE7-446C-9872-C186AB55ADEF"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa030s-36v-b_\\(0608842007\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "8703D886-1E08-40B1-9666-3D585A3CB52F"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa030s-36v_\\(0608842002\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "43D5973C-E4B3-4111-A710-FE48CFE5C1A5"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa050s-36v-b_\\(0608842008\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA7D4812-024D-432B-A526-0858427ED545"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa050s-36v_\\(0608842003\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "1614F6BA-E265-4344-A5B4-6DD0D3EC0BCF"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa065s-36v-b_\\(0608842014\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "206B990F-9ACD-408D-93BB-F43F25686862"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa065s-36v_\\(0608842013\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "E092DE8F-DB60-4D77-BCE5-8820B6190856"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxp012qd-36v-b_\\(0608842010\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "94D48DD5-DF3B-4D74-B8D8-E1E0468DE2DC"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxp012qd-36v_\\(0608842005\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "63746CB7-DBDF-4705-A771-CE9581742980"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxv012t-36v-b_\\(0608842016\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F974170-84B6-49FF-9988-7EFDA5964E1A"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxv012t-36v_\\(0608842015\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "87D757FC-2CBA-419F-84E8-518CBEB98646"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2272\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E3E3820-FF4C-4B75-9541-B807EF52E661"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2301\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B1B2908-2C42-4E6B-9953-30B2BE2E63F4"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2514\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "6A09E202-1E38-433B-A039-F7B62C275E40"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2515\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "206E809F-D1CA-437C-9C78-76E39F7A8D69"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2666\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF33E7B-B131-4A7C-8C4F-47906B8AEFC8"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2673\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "E14B2068-DEEE-4C3F-9FCE-108A3F5E83DB"
}
]
}
]
}
],
"references": [
{
"url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-711465.html",
"source": "psirt@bosch.com"
"source": "psirt@bosch.com",
"tags": [
"Vendor Advisory"
]
}
]
}

169
CVE-2023/CVE-2023-482xx/CVE-2023-48247.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-48247",
"sourceIdentifier": "psirt@bosch.com",
"published": "2024-01-10T11:15:09.647",
"lastModified": "2024-01-10T13:56:06.947",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-16T19:53:35.707",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The vulnerability allows an unauthenticated remote attacker to read arbitrary files under the context of the application OS user (\u201croot\u201d) via a crafted HTTP request."
},
{
"lang": "es",
"value": "La vulnerabilidad permite a un atacante remoto no autenticado leer archivos arbitrarios en el contexto del usuario del sistema operativo de la aplicaci\u00f3n (\"root\") a trav\u00e9s de una solicitud HTTP manipulada."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "psirt@bosch.com",
"type": "Secondary",
@ -35,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
},
{
"source": "psirt@bosch.com",
"type": "Secondary",
@ -46,10 +80,139 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:bosch:nexo-os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1000",
"versionEndIncluding": "1500-sp2",
"matchCriteriaId": "73D9F18A-94BD-4EC8-A39A-0A6E8E4315D8"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa011s-36v-b_\\(0608842012\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DC8C39A-F26D-4A5E-A502-5AA26651FD95"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa011s-36v_\\(0608842011\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "871F225C-EE0D-409E-98FF-CF8B2C83E877"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa015s-36v-b_\\(0608842006\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "D77B7A94-EB41-442E-9930-3372EFF0C469"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa015s-36v_\\(0608842001\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "6CF63477-0CE7-446C-9872-C186AB55ADEF"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa030s-36v-b_\\(0608842007\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "8703D886-1E08-40B1-9666-3D585A3CB52F"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa030s-36v_\\(0608842002\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "43D5973C-E4B3-4111-A710-FE48CFE5C1A5"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa050s-36v-b_\\(0608842008\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA7D4812-024D-432B-A526-0858427ED545"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa050s-36v_\\(0608842003\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "1614F6BA-E265-4344-A5B4-6DD0D3EC0BCF"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa065s-36v-b_\\(0608842014\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "206B990F-9ACD-408D-93BB-F43F25686862"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa065s-36v_\\(0608842013\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "E092DE8F-DB60-4D77-BCE5-8820B6190856"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxp012qd-36v-b_\\(0608842010\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "94D48DD5-DF3B-4D74-B8D8-E1E0468DE2DC"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxp012qd-36v_\\(0608842005\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "63746CB7-DBDF-4705-A771-CE9581742980"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxv012t-36v-b_\\(0608842016\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F974170-84B6-49FF-9988-7EFDA5964E1A"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxv012t-36v_\\(0608842015\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "87D757FC-2CBA-419F-84E8-518CBEB98646"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2272\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E3E3820-FF4C-4B75-9541-B807EF52E661"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2301\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B1B2908-2C42-4E6B-9953-30B2BE2E63F4"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2514\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "6A09E202-1E38-433B-A039-F7B62C275E40"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2515\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "206E809F-D1CA-437C-9C78-76E39F7A8D69"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2666\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF33E7B-B131-4A7C-8C4F-47906B8AEFC8"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2673\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "E14B2068-DEEE-4C3F-9FCE-108A3F5E83DB"
}
]
}
]
}
],
"references": [
{
"url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-711465.html",
"source": "psirt@bosch.com"
"source": "psirt@bosch.com",
"tags": [
"Vendor Advisory"
]
}
]
}

169
CVE-2023/CVE-2023-482xx/CVE-2023-48249.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-48249",
"sourceIdentifier": "psirt@bosch.com",
"published": "2024-01-10T11:15:10.090",
"lastModified": "2024-01-10T13:56:06.947",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-16T19:59:39.203",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The vulnerability allows an authenticated remote attacker to list arbitrary folders in all paths of the system under the context of the application OS user (\u201croot\u201d) via a crafted HTTP request.\r\n\r\nBy abusing this vulnerability, it is possible to steal session cookies of other active users."
},
{
"lang": "es",
"value": "La vulnerabilidad permite a un atacante remoto autenticado enumerar carpetas arbitrarias en todas las rutas del sistema en el contexto del usuario del sistema operativo de la aplicaci\u00f3n (\"root\") a trav\u00e9s de una solicitud HTTP manipulada. Al abusar de esta vulnerabilidad, es posible robar cookies de sesi\u00f3n de otros usuarios activos."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "psirt@bosch.com",
"type": "Secondary",
@ -35,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
},
{
"source": "psirt@bosch.com",
"type": "Secondary",
@ -46,10 +80,139 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:bosch:nexo-os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1000",
"versionEndIncluding": "1500-sp2",
"matchCriteriaId": "73D9F18A-94BD-4EC8-A39A-0A6E8E4315D8"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa011s-36v-b_\\(0608842012\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DC8C39A-F26D-4A5E-A502-5AA26651FD95"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa011s-36v_\\(0608842011\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "871F225C-EE0D-409E-98FF-CF8B2C83E877"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa015s-36v-b_\\(0608842006\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "D77B7A94-EB41-442E-9930-3372EFF0C469"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa015s-36v_\\(0608842001\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "6CF63477-0CE7-446C-9872-C186AB55ADEF"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa030s-36v-b_\\(0608842007\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "8703D886-1E08-40B1-9666-3D585A3CB52F"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa030s-36v_\\(0608842002\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "43D5973C-E4B3-4111-A710-FE48CFE5C1A5"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa050s-36v-b_\\(0608842008\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA7D4812-024D-432B-A526-0858427ED545"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa050s-36v_\\(0608842003\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "1614F6BA-E265-4344-A5B4-6DD0D3EC0BCF"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa065s-36v-b_\\(0608842014\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "206B990F-9ACD-408D-93BB-F43F25686862"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa065s-36v_\\(0608842013\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "E092DE8F-DB60-4D77-BCE5-8820B6190856"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxp012qd-36v-b_\\(0608842010\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "94D48DD5-DF3B-4D74-B8D8-E1E0468DE2DC"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxp012qd-36v_\\(0608842005\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "63746CB7-DBDF-4705-A771-CE9581742980"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxv012t-36v-b_\\(0608842016\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F974170-84B6-49FF-9988-7EFDA5964E1A"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxv012t-36v_\\(0608842015\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "87D757FC-2CBA-419F-84E8-518CBEB98646"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2272\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E3E3820-FF4C-4B75-9541-B807EF52E661"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2301\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B1B2908-2C42-4E6B-9953-30B2BE2E63F4"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2514\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "6A09E202-1E38-433B-A039-F7B62C275E40"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2515\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "206E809F-D1CA-437C-9C78-76E39F7A8D69"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2666\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF33E7B-B131-4A7C-8C4F-47906B8AEFC8"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2673\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "E14B2068-DEEE-4C3F-9FCE-108A3F5E83DB"
}
]
}
]
}
],
"references": [
{
"url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-711465.html",
"source": "psirt@bosch.com"
"source": "psirt@bosch.com",
"tags": [
"Vendor Advisory"
]
}
]
}

169
CVE-2023/CVE-2023-482xx/CVE-2023-48259.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-48259",
"sourceIdentifier": "psirt@bosch.com",
"published": "2024-01-10T13:15:46.990",
"lastModified": "2024-01-10T13:56:00.697",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-16T20:16:25.587",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The vulnerability allows a remote unauthenticated attacker to read arbitrary content of the results database via a crafted HTTP request."
},
{
"lang": "es",
"value": "La vulnerabilidad permite a un atacante remoto no autenticado leer contenido arbitrario de la base de datos de resultados a trav\u00e9s de una solicitud HTTP manipulada."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "psirt@bosch.com",
"type": "Secondary",
@ -35,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
},
{
"source": "psirt@bosch.com",
"type": "Secondary",
@ -46,10 +80,139 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:bosch:nexo-os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1000",
"versionEndIncluding": "1500-sp2",
"matchCriteriaId": "73D9F18A-94BD-4EC8-A39A-0A6E8E4315D8"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa011s-36v-b_\\(0608842012\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DC8C39A-F26D-4A5E-A502-5AA26651FD95"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa011s-36v_\\(0608842011\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "871F225C-EE0D-409E-98FF-CF8B2C83E877"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa015s-36v-b_\\(0608842006\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "D77B7A94-EB41-442E-9930-3372EFF0C469"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa015s-36v_\\(0608842001\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "6CF63477-0CE7-446C-9872-C186AB55ADEF"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa030s-36v-b_\\(0608842007\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "8703D886-1E08-40B1-9666-3D585A3CB52F"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa030s-36v_\\(0608842002\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "43D5973C-E4B3-4111-A710-FE48CFE5C1A5"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa050s-36v-b_\\(0608842008\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA7D4812-024D-432B-A526-0858427ED545"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa050s-36v_\\(0608842003\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "1614F6BA-E265-4344-A5B4-6DD0D3EC0BCF"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa065s-36v-b_\\(0608842014\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "206B990F-9ACD-408D-93BB-F43F25686862"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa065s-36v_\\(0608842013\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "E092DE8F-DB60-4D77-BCE5-8820B6190856"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxp012qd-36v-b_\\(0608842010\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "94D48DD5-DF3B-4D74-B8D8-E1E0468DE2DC"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxp012qd-36v_\\(0608842005\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "63746CB7-DBDF-4705-A771-CE9581742980"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxv012t-36v-b_\\(0608842016\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F974170-84B6-49FF-9988-7EFDA5964E1A"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxv012t-36v_\\(0608842015\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "87D757FC-2CBA-419F-84E8-518CBEB98646"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2272\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E3E3820-FF4C-4B75-9541-B807EF52E661"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2301\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B1B2908-2C42-4E6B-9953-30B2BE2E63F4"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2514\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "6A09E202-1E38-433B-A039-F7B62C275E40"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2515\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "206E809F-D1CA-437C-9C78-76E39F7A8D69"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2666\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF33E7B-B131-4A7C-8C4F-47906B8AEFC8"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2673\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "E14B2068-DEEE-4C3F-9FCE-108A3F5E83DB"
}
]
}
]
}
],
"references": [
{
"url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-711465.html",
"source": "psirt@bosch.com"
"source": "psirt@bosch.com",
"tags": [
"Vendor Advisory"
]
}
]
}

169
CVE-2023/CVE-2023-482xx/CVE-2023-48260.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-48260",
"sourceIdentifier": "psirt@bosch.com",
"published": "2024-01-10T13:15:47.187",
"lastModified": "2024-01-10T13:56:00.697",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-16T20:16:05.787",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The vulnerability allows a remote unauthenticated attacker to read arbitrary content of the results database via a crafted HTTP request."
},
{
"lang": "es",
"value": "La vulnerabilidad permite a un atacante remoto no autenticado leer contenido arbitrario de la base de datos de resultados a trav\u00e9s de una solicitud HTTP manipulada."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "psirt@bosch.com",
"type": "Secondary",
@ -35,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
},
{
"source": "psirt@bosch.com",
"type": "Secondary",
@ -46,10 +80,139 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:bosch:nexo-os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1000",
"versionEndIncluding": "1500-sp2",
"matchCriteriaId": "73D9F18A-94BD-4EC8-A39A-0A6E8E4315D8"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa011s-36v-b_\\(0608842012\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DC8C39A-F26D-4A5E-A502-5AA26651FD95"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa011s-36v_\\(0608842011\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "871F225C-EE0D-409E-98FF-CF8B2C83E877"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa015s-36v-b_\\(0608842006\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "D77B7A94-EB41-442E-9930-3372EFF0C469"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa015s-36v_\\(0608842001\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "6CF63477-0CE7-446C-9872-C186AB55ADEF"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa030s-36v-b_\\(0608842007\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "8703D886-1E08-40B1-9666-3D585A3CB52F"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa030s-36v_\\(0608842002\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "43D5973C-E4B3-4111-A710-FE48CFE5C1A5"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa050s-36v-b_\\(0608842008\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA7D4812-024D-432B-A526-0858427ED545"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa050s-36v_\\(0608842003\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "1614F6BA-E265-4344-A5B4-6DD0D3EC0BCF"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa065s-36v-b_\\(0608842014\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "206B990F-9ACD-408D-93BB-F43F25686862"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa065s-36v_\\(0608842013\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "E092DE8F-DB60-4D77-BCE5-8820B6190856"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxp012qd-36v-b_\\(0608842010\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "94D48DD5-DF3B-4D74-B8D8-E1E0468DE2DC"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxp012qd-36v_\\(0608842005\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "63746CB7-DBDF-4705-A771-CE9581742980"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxv012t-36v-b_\\(0608842016\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F974170-84B6-49FF-9988-7EFDA5964E1A"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxv012t-36v_\\(0608842015\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "87D757FC-2CBA-419F-84E8-518CBEB98646"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2272\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E3E3820-FF4C-4B75-9541-B807EF52E661"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2301\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B1B2908-2C42-4E6B-9953-30B2BE2E63F4"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2514\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "6A09E202-1E38-433B-A039-F7B62C275E40"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2515\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "206E809F-D1CA-437C-9C78-76E39F7A8D69"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2666\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF33E7B-B131-4A7C-8C4F-47906B8AEFC8"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2673\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "E14B2068-DEEE-4C3F-9FCE-108A3F5E83DB"
}
]
}
]
}
],
"references": [
{
"url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-711465.html",
"source": "psirt@bosch.com"
"source": "psirt@bosch.com",
"tags": [
"Vendor Advisory"
]
}
]
}

169
CVE-2023/CVE-2023-482xx/CVE-2023-48261.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-48261",
"sourceIdentifier": "psirt@bosch.com",
"published": "2024-01-10T13:15:47.383",
"lastModified": "2024-01-10T13:56:00.697",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-16T20:15:31.977",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The vulnerability allows a remote unauthenticated attacker to read arbitrary content of the results database via a crafted HTTP request."
},
{
"lang": "es",
"value": "La vulnerabilidad permite a un atacante remoto no autenticado leer contenido arbitrario de la base de datos de resultados a trav\u00e9s de una solicitud HTTP manipulada."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "psirt@bosch.com",
"type": "Secondary",
@ -35,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
},
{
"source": "psirt@bosch.com",
"type": "Secondary",
@ -46,10 +80,139 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:bosch:nexo-os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1000",
"versionEndIncluding": "1500-sp2",
"matchCriteriaId": "73D9F18A-94BD-4EC8-A39A-0A6E8E4315D8"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa011s-36v-b_\\(0608842012\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DC8C39A-F26D-4A5E-A502-5AA26651FD95"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa011s-36v_\\(0608842011\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "871F225C-EE0D-409E-98FF-CF8B2C83E877"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa015s-36v-b_\\(0608842006\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "D77B7A94-EB41-442E-9930-3372EFF0C469"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa015s-36v_\\(0608842001\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "6CF63477-0CE7-446C-9872-C186AB55ADEF"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa030s-36v-b_\\(0608842007\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "8703D886-1E08-40B1-9666-3D585A3CB52F"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa030s-36v_\\(0608842002\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "43D5973C-E4B3-4111-A710-FE48CFE5C1A5"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa050s-36v-b_\\(0608842008\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA7D4812-024D-432B-A526-0858427ED545"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa050s-36v_\\(0608842003\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "1614F6BA-E265-4344-A5B4-6DD0D3EC0BCF"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa065s-36v-b_\\(0608842014\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "206B990F-9ACD-408D-93BB-F43F25686862"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa065s-36v_\\(0608842013\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "E092DE8F-DB60-4D77-BCE5-8820B6190856"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxp012qd-36v-b_\\(0608842010\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "94D48DD5-DF3B-4D74-B8D8-E1E0468DE2DC"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxp012qd-36v_\\(0608842005\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "63746CB7-DBDF-4705-A771-CE9581742980"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxv012t-36v-b_\\(0608842016\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F974170-84B6-49FF-9988-7EFDA5964E1A"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxv012t-36v_\\(0608842015\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "87D757FC-2CBA-419F-84E8-518CBEB98646"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2272\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E3E3820-FF4C-4B75-9541-B807EF52E661"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2301\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B1B2908-2C42-4E6B-9953-30B2BE2E63F4"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2514\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "6A09E202-1E38-433B-A039-F7B62C275E40"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2515\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "206E809F-D1CA-437C-9C78-76E39F7A8D69"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2666\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF33E7B-B131-4A7C-8C4F-47906B8AEFC8"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2673\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "E14B2068-DEEE-4C3F-9FCE-108A3F5E83DB"
}
]
}
]
}
],
"references": [
{
"url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-711465.html",
"source": "psirt@bosch.com"
"source": "psirt@bosch.com",
"tags": [
"Vendor Advisory"
]
}
]
}

169
CVE-2023/CVE-2023-482xx/CVE-2023-48262.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-48262",
"sourceIdentifier": "psirt@bosch.com",
"published": "2024-01-10T13:15:47.600",
"lastModified": "2024-01-10T13:56:00.697",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-16T20:30:28.287",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The vulnerability allows an unauthenticated remote attacker to perform a Denial-of-Service (DoS) attack or, possibly, obtain Remote Code Execution (RCE) via a crafted network request."
},
{
"lang": "es",
"value": "La vulnerabilidad permite a un atacante remoto no autenticado realizar un ataque de denegaci\u00f3n de servicio (DoS) o, posiblemente, obtener ejecuci\u00f3n remota de c\u00f3digo (RCE) a trav\u00e9s de una solicitud de red manipulada."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "psirt@bosch.com",
"type": "Secondary",
@ -35,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "psirt@bosch.com",
"type": "Secondary",
@ -46,10 +80,139 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:bosch:nexo-os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1000",
"versionEndIncluding": "1500-sp2",
"matchCriteriaId": "73D9F18A-94BD-4EC8-A39A-0A6E8E4315D8"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa011s-36v-b_\\(0608842012\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DC8C39A-F26D-4A5E-A502-5AA26651FD95"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa011s-36v_\\(0608842011\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "871F225C-EE0D-409E-98FF-CF8B2C83E877"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa015s-36v-b_\\(0608842006\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "D77B7A94-EB41-442E-9930-3372EFF0C469"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa015s-36v_\\(0608842001\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "6CF63477-0CE7-446C-9872-C186AB55ADEF"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa030s-36v-b_\\(0608842007\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "8703D886-1E08-40B1-9666-3D585A3CB52F"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa030s-36v_\\(0608842002\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "43D5973C-E4B3-4111-A710-FE48CFE5C1A5"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa050s-36v-b_\\(0608842008\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA7D4812-024D-432B-A526-0858427ED545"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa050s-36v_\\(0608842003\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "1614F6BA-E265-4344-A5B4-6DD0D3EC0BCF"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa065s-36v-b_\\(0608842014\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "206B990F-9ACD-408D-93BB-F43F25686862"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa065s-36v_\\(0608842013\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "E092DE8F-DB60-4D77-BCE5-8820B6190856"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxp012qd-36v-b_\\(0608842010\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "94D48DD5-DF3B-4D74-B8D8-E1E0468DE2DC"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxp012qd-36v_\\(0608842005\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "63746CB7-DBDF-4705-A771-CE9581742980"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxv012t-36v-b_\\(0608842016\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F974170-84B6-49FF-9988-7EFDA5964E1A"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxv012t-36v_\\(0608842015\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "87D757FC-2CBA-419F-84E8-518CBEB98646"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2272\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E3E3820-FF4C-4B75-9541-B807EF52E661"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2301\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B1B2908-2C42-4E6B-9953-30B2BE2E63F4"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2514\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "6A09E202-1E38-433B-A039-F7B62C275E40"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2515\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "206E809F-D1CA-437C-9C78-76E39F7A8D69"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2666\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF33E7B-B131-4A7C-8C4F-47906B8AEFC8"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2673\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "E14B2068-DEEE-4C3F-9FCE-108A3F5E83DB"
}
]
}
]
}
],
"references": [
{
"url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-711465.html",
"source": "psirt@bosch.com"
"source": "psirt@bosch.com",
"tags": [
"Vendor Advisory"
]
}
]
}

169
CVE-2023/CVE-2023-482xx/CVE-2023-48263.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-48263",
"sourceIdentifier": "psirt@bosch.com",
"published": "2024-01-10T13:15:47.793",
"lastModified": "2024-01-10T13:56:00.697",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-16T20:30:41.677",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The vulnerability allows an unauthenticated remote attacker to perform a Denial-of-Service (DoS) attack or, possibly, obtain Remote Code Execution (RCE) via a crafted network request."
},
{
"lang": "es",
"value": "La vulnerabilidad permite a un atacante remoto no autenticado realizar un ataque de denegaci\u00f3n de servicio (DoS) o, posiblemente, obtener ejecuci\u00f3n remota de c\u00f3digo (RCE) a trav\u00e9s de una solicitud de red manipulada."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "psirt@bosch.com",
"type": "Secondary",
@ -35,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "psirt@bosch.com",
"type": "Secondary",
@ -46,10 +80,139 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:bosch:nexo-os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1000",
"versionEndIncluding": "1500-sp2",
"matchCriteriaId": "73D9F18A-94BD-4EC8-A39A-0A6E8E4315D8"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa011s-36v-b_\\(0608842012\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DC8C39A-F26D-4A5E-A502-5AA26651FD95"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa011s-36v_\\(0608842011\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "871F225C-EE0D-409E-98FF-CF8B2C83E877"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa015s-36v-b_\\(0608842006\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "D77B7A94-EB41-442E-9930-3372EFF0C469"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa015s-36v_\\(0608842001\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "6CF63477-0CE7-446C-9872-C186AB55ADEF"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa030s-36v-b_\\(0608842007\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "8703D886-1E08-40B1-9666-3D585A3CB52F"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa030s-36v_\\(0608842002\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "43D5973C-E4B3-4111-A710-FE48CFE5C1A5"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa050s-36v-b_\\(0608842008\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA7D4812-024D-432B-A526-0858427ED545"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa050s-36v_\\(0608842003\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "1614F6BA-E265-4344-A5B4-6DD0D3EC0BCF"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa065s-36v-b_\\(0608842014\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "206B990F-9ACD-408D-93BB-F43F25686862"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa065s-36v_\\(0608842013\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "E092DE8F-DB60-4D77-BCE5-8820B6190856"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxp012qd-36v-b_\\(0608842010\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "94D48DD5-DF3B-4D74-B8D8-E1E0468DE2DC"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxp012qd-36v_\\(0608842005\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "63746CB7-DBDF-4705-A771-CE9581742980"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxv012t-36v-b_\\(0608842016\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F974170-84B6-49FF-9988-7EFDA5964E1A"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxv012t-36v_\\(0608842015\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "87D757FC-2CBA-419F-84E8-518CBEB98646"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2272\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E3E3820-FF4C-4B75-9541-B807EF52E661"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2301\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B1B2908-2C42-4E6B-9953-30B2BE2E63F4"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2514\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "6A09E202-1E38-433B-A039-F7B62C275E40"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2515\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "206E809F-D1CA-437C-9C78-76E39F7A8D69"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2666\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF33E7B-B131-4A7C-8C4F-47906B8AEFC8"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2673\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "E14B2068-DEEE-4C3F-9FCE-108A3F5E83DB"
}
]
}
]
}
],
"references": [
{
"url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-711465.html",
"source": "psirt@bosch.com"
"source": "psirt@bosch.com",
"tags": [
"Vendor Advisory"
]
}
]
}

169
CVE-2023/CVE-2023-482xx/CVE-2023-48264.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-48264",
"sourceIdentifier": "psirt@bosch.com",
"published": "2024-01-10T13:15:47.987",
"lastModified": "2024-01-10T13:56:00.697",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-16T20:30:58.470",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The vulnerability allows an unauthenticated remote attacker to perform a Denial-of-Service (DoS) attack or, possibly, obtain Remote Code Execution (RCE) via a crafted network request."
},
{
"lang": "es",
"value": "La vulnerabilidad permite a un atacante remoto no autenticado realizar un ataque de denegaci\u00f3n de servicio (DoS) o, posiblemente, obtener ejecuci\u00f3n remota de c\u00f3digo (RCE) a trav\u00e9s de una solicitud de red manipulada."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "psirt@bosch.com",
"type": "Secondary",
@ -35,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "psirt@bosch.com",
"type": "Secondary",
@ -46,10 +80,139 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:bosch:nexo-os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1000",
"versionEndIncluding": "1500-sp2",
"matchCriteriaId": "73D9F18A-94BD-4EC8-A39A-0A6E8E4315D8"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa011s-36v-b_\\(0608842012\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DC8C39A-F26D-4A5E-A502-5AA26651FD95"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa011s-36v_\\(0608842011\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "871F225C-EE0D-409E-98FF-CF8B2C83E877"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa015s-36v-b_\\(0608842006\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "D77B7A94-EB41-442E-9930-3372EFF0C469"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa015s-36v_\\(0608842001\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "6CF63477-0CE7-446C-9872-C186AB55ADEF"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa030s-36v-b_\\(0608842007\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "8703D886-1E08-40B1-9666-3D585A3CB52F"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa030s-36v_\\(0608842002\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "43D5973C-E4B3-4111-A710-FE48CFE5C1A5"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa050s-36v-b_\\(0608842008\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA7D4812-024D-432B-A526-0858427ED545"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa050s-36v_\\(0608842003\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "1614F6BA-E265-4344-A5B4-6DD0D3EC0BCF"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa065s-36v-b_\\(0608842014\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "206B990F-9ACD-408D-93BB-F43F25686862"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa065s-36v_\\(0608842013\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "E092DE8F-DB60-4D77-BCE5-8820B6190856"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxp012qd-36v-b_\\(0608842010\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "94D48DD5-DF3B-4D74-B8D8-E1E0468DE2DC"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxp012qd-36v_\\(0608842005\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "63746CB7-DBDF-4705-A771-CE9581742980"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxv012t-36v-b_\\(0608842016\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F974170-84B6-49FF-9988-7EFDA5964E1A"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxv012t-36v_\\(0608842015\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "87D757FC-2CBA-419F-84E8-518CBEB98646"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2272\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E3E3820-FF4C-4B75-9541-B807EF52E661"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2301\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B1B2908-2C42-4E6B-9953-30B2BE2E63F4"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2514\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "6A09E202-1E38-433B-A039-F7B62C275E40"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2515\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "206E809F-D1CA-437C-9C78-76E39F7A8D69"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2666\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF33E7B-B131-4A7C-8C4F-47906B8AEFC8"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2673\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "E14B2068-DEEE-4C3F-9FCE-108A3F5E83DB"
}
]
}
]
}
],
"references": [
{
"url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-711465.html",
"source": "psirt@bosch.com"
"source": "psirt@bosch.com",
"tags": [
"Vendor Advisory"
]
}
]
}

169
CVE-2023/CVE-2023-482xx/CVE-2023-48265.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-48265",
"sourceIdentifier": "psirt@bosch.com",
"published": "2024-01-10T13:15:48.173",
"lastModified": "2024-01-10T13:56:00.697",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-16T20:31:20.220",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The vulnerability allows an unauthenticated remote attacker to perform a Denial-of-Service (DoS) attack or, possibly, obtain Remote Code Execution (RCE) via a crafted network request."
},
{
"lang": "es",
"value": "La vulnerabilidad permite a un atacante remoto no autenticado realizar un ataque de denegaci\u00f3n de servicio (DoS) o, posiblemente, obtener ejecuci\u00f3n remota de c\u00f3digo (RCE) a trav\u00e9s de una solicitud de red manipulada."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "psirt@bosch.com",
"type": "Secondary",
@ -35,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "psirt@bosch.com",
"type": "Secondary",
@ -46,10 +80,139 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:bosch:nexo-os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1000",
"versionEndIncluding": "1500-sp2",
"matchCriteriaId": "73D9F18A-94BD-4EC8-A39A-0A6E8E4315D8"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa011s-36v-b_\\(0608842012\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DC8C39A-F26D-4A5E-A502-5AA26651FD95"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa011s-36v_\\(0608842011\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "871F225C-EE0D-409E-98FF-CF8B2C83E877"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa015s-36v-b_\\(0608842006\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "D77B7A94-EB41-442E-9930-3372EFF0C469"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa015s-36v_\\(0608842001\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "6CF63477-0CE7-446C-9872-C186AB55ADEF"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa030s-36v-b_\\(0608842007\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "8703D886-1E08-40B1-9666-3D585A3CB52F"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa030s-36v_\\(0608842002\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "43D5973C-E4B3-4111-A710-FE48CFE5C1A5"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa050s-36v-b_\\(0608842008\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA7D4812-024D-432B-A526-0858427ED545"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa050s-36v_\\(0608842003\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "1614F6BA-E265-4344-A5B4-6DD0D3EC0BCF"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa065s-36v-b_\\(0608842014\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "206B990F-9ACD-408D-93BB-F43F25686862"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa065s-36v_\\(0608842013\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "E092DE8F-DB60-4D77-BCE5-8820B6190856"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxp012qd-36v-b_\\(0608842010\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "94D48DD5-DF3B-4D74-B8D8-E1E0468DE2DC"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxp012qd-36v_\\(0608842005\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "63746CB7-DBDF-4705-A771-CE9581742980"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxv012t-36v-b_\\(0608842016\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F974170-84B6-49FF-9988-7EFDA5964E1A"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxv012t-36v_\\(0608842015\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "87D757FC-2CBA-419F-84E8-518CBEB98646"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2272\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E3E3820-FF4C-4B75-9541-B807EF52E661"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2301\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B1B2908-2C42-4E6B-9953-30B2BE2E63F4"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2514\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "6A09E202-1E38-433B-A039-F7B62C275E40"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2515\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "206E809F-D1CA-437C-9C78-76E39F7A8D69"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2666\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF33E7B-B131-4A7C-8C4F-47906B8AEFC8"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2673\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "E14B2068-DEEE-4C3F-9FCE-108A3F5E83DB"
}
]
}
]
}
],
"references": [
{
"url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-711465.html",
"source": "psirt@bosch.com"
"source": "psirt@bosch.com",
"tags": [
"Vendor Advisory"
]
}
]
}

169
CVE-2023/CVE-2023-482xx/CVE-2023-48266.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-48266",
"sourceIdentifier": "psirt@bosch.com",
"published": "2024-01-10T13:15:48.360",
"lastModified": "2024-01-10T13:56:00.697",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-16T20:31:40.710",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The vulnerability allows an unauthenticated remote attacker to perform a Denial-of-Service (DoS) attack or, possibly, obtain Remote Code Execution (RCE) via a crafted network request."
},
{
"lang": "es",
"value": "La vulnerabilidad permite a un atacante remoto no autenticado realizar un ataque de denegaci\u00f3n de servicio (DoS) o, posiblemente, obtener ejecuci\u00f3n remota de c\u00f3digo (RCE) a trav\u00e9s de una solicitud de red manipulada."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "psirt@bosch.com",
"type": "Secondary",
@ -35,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "psirt@bosch.com",
"type": "Secondary",
@ -46,10 +80,139 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:bosch:nexo-os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1000",
"versionEndIncluding": "1500-sp2",
"matchCriteriaId": "73D9F18A-94BD-4EC8-A39A-0A6E8E4315D8"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa011s-36v-b_\\(0608842012\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DC8C39A-F26D-4A5E-A502-5AA26651FD95"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa011s-36v_\\(0608842011\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "871F225C-EE0D-409E-98FF-CF8B2C83E877"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa015s-36v-b_\\(0608842006\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "D77B7A94-EB41-442E-9930-3372EFF0C469"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa015s-36v_\\(0608842001\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "6CF63477-0CE7-446C-9872-C186AB55ADEF"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa030s-36v-b_\\(0608842007\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "8703D886-1E08-40B1-9666-3D585A3CB52F"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa030s-36v_\\(0608842002\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "43D5973C-E4B3-4111-A710-FE48CFE5C1A5"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa050s-36v-b_\\(0608842008\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA7D4812-024D-432B-A526-0858427ED545"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa050s-36v_\\(0608842003\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "1614F6BA-E265-4344-A5B4-6DD0D3EC0BCF"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa065s-36v-b_\\(0608842014\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "206B990F-9ACD-408D-93BB-F43F25686862"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxa065s-36v_\\(0608842013\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "E092DE8F-DB60-4D77-BCE5-8820B6190856"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxp012qd-36v-b_\\(0608842010\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "94D48DD5-DF3B-4D74-B8D8-E1E0468DE2DC"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxp012qd-36v_\\(0608842005\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "63746CB7-DBDF-4705-A771-CE9581742980"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxv012t-36v-b_\\(0608842016\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F974170-84B6-49FF-9988-7EFDA5964E1A"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_cordless_nutrunner_nxv012t-36v_\\(0608842015\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "87D757FC-2CBA-419F-84E8-518CBEB98646"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2272\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E3E3820-FF4C-4B75-9541-B807EF52E661"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2301\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B1B2908-2C42-4E6B-9953-30B2BE2E63F4"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2514\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "6A09E202-1E38-433B-A039-F7B62C275E40"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2515\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "206E809F-D1CA-437C-9C78-76E39F7A8D69"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2666\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "7BF33E7B-B131-4A7C-8C4F-47906B8AEFC8"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:nexo_special_cordless_nutrunner_\\(0608pe2673\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "E14B2068-DEEE-4C3F-9FCE-108A3F5E83DB"
}
]
}
]
}
],
"references": [
{
"url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-711465.html",
"source": "psirt@bosch.com"
"source": "psirt@bosch.com",
"tags": [
"Vendor Advisory"
]
}
]
}

20
CVE-2023/CVE-2023-493xx/CVE-2023-49351.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-49351",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-16T19:15:08.120",
"lastModified": "2024-01-16T19:15:08.120",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A stack-based buffer overflow vulnerability in /bin/webs binary in Edimax BR6478AC V2 firmware veraion v1.23 allows attackers to overwrite other values located on the stack due to an incorrect use of the strcpy() function."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/countfatcode/temp/blob/main/formUSBAccount/formUSBAccount.md",
"source": "cve@mitre.org"
}
]
}

55
CVE-2023/CVE-2023-50xx/CVE-2023-5097.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-5097",
"sourceIdentifier": "security@hypr.com",
"published": "2024-01-16T20:15:45.107",
"lastModified": "2024-01-16T20:15:45.107",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Improper Input Validation vulnerability in HYPR Workforce Access on Windows allows Path Traversal.This issue affects Workforce Access: before 8.7.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@hypr.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security@hypr.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"references": [
{
"url": "https://www.hypr.com/security-advisories",
"source": "security@hypr.com"
}
]
}

67
CVE-2023/CVE-2023-513xx/CVE-2023-51381.json Normal file
View File

@ -0,0 +1,67 @@
{
"id": "CVE-2023-51381",
"sourceIdentifier": "product-cna@github.com",
"published": "2024-01-16T19:15:08.183",
"lastModified": "2024-01-16T19:15:08.183",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Cross-site Scripting in the\u00a0tag name pattern field in the tag protections UI in GitHub Enterprise Server\u00a03.8.12, 3.9.7, 3.10.4, 3.11.2\u00a0allows a malicious website that requires user interaction and social engineering to make changes to a user account via CSP bypass with created\u00a0CSRF tokens. This vulnerability affected all versions of GitHub Enterprise Server and was fixed in all versions of 3.11.3, 3.10.5, 3.9.8, and 3.8.13. This vulnerability was reported via the GitHub Bug Bounty program.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "product-cna@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.2,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "product-cna@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://docs.github.com/en/enterprise-server@3.10/admin/release-notes#3.10.5",
"source": "product-cna@github.com"
},
{
"url": "https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.11.3",
"source": "product-cna@github.com"
},
{
"url": "https://docs.github.com/en/enterprise-server@3.8/admin/release-notes#3.8.13",
"source": "product-cna@github.com"
},
{
"url": "https://docs.github.com/en/enterprise-server@3.9/admin/release-notes#3.9.8",
"source": "product-cna@github.com"
}
]
}

95
CVE-2023/CVE-2023-51xx/CVE-2023-5178.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-5178",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-11-01T17:15:11.920",
"lastModified": "2024-01-15T17:15:08.590",
"vulnStatus": "Modified",
"lastModified": "2024-01-16T19:43:20.573",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -21,19 +21,19 @@
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 2.8,
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
@ -146,44 +146,96 @@
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "3A756737-1CC4-42C2-A4DF-E1C893B4E2D5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:solidfire_\\&_hci_management_node:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D6D700C5-F67F-4FFB-BE69-D524592A3D2E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:solidfire_\\&_hci_storage_node:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D452B464-1200-4B72-9A89-42DC58486191"
}
]
}
]
}
],
"references": [
{
"url": "https://access.redhat.com/errata/RHSA-2023:7370",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:7379",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:7418",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:7548",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:7549",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:7551",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:7554",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:7557",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:7559",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-5178",
@ -202,7 +254,11 @@
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00005.html",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lore.kernel.org/linux-nvme/20231002105428.226515-1-sagi@grimberg.me/",
@ -214,7 +270,10 @@
},
{
"url": "https://security.netapp.com/advisory/ntap-20231208-0004/",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
}
]
}

20
CVE-2023/CVE-2023-520xx/CVE-2023-52041.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-52041",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-16T19:15:08.410",
"lastModified": "2024-01-16T19:15:08.410",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An issue discovered in TOTOLINK X6000R V9.4.0cu.852_B20230719 allows attackers to run arbitrary code via the sub_410118 function of the shttpd program."
}
],
"metrics": {},
"references": [
{
"url": "https://kee02p.github.io/2024/01/13/CVE-2023-52041/",
"source": "cve@mitre.org"
}
]
}

23
CVE-2023/CVE-2023-60xx/CVE-2023-6004.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6004",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-01-03T17:15:11.623",
"lastModified": "2024-01-16T12:15:45.247",
"vulnStatus": "Modified",
"lastModified": "2024-01-16T19:43:11.933",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -21,20 +21,20 @@
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
"exploitabilityScore": 1.3,
"impactScore": 3.4
},
{
"source": "secalert@redhat.com",
@ -150,6 +150,7 @@
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/",
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Vendor Advisory"
]
},

55
CVE-2023/CVE-2023-63xx/CVE-2023-6334.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-6334",
"sourceIdentifier": "security@hypr.com",
"published": "2024-01-16T20:15:45.303",
"lastModified": "2024-01-16T20:15:45.303",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in HYPR Workforce Access on Windows allows Overflow Buffers.This issue affects Workforce Access: before 8.7.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@hypr.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "HIGH",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.0,
"impactScore": 4.2
}
]
},
"weaknesses": [
{
"source": "security@hypr.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-119"
}
]
}
],
"references": [
{
"url": "https://www.hypr.com/security-advisories",
"source": "security@hypr.com"
}
]
}

55
CVE-2023/CVE-2023-63xx/CVE-2023-6335.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-6335",
"sourceIdentifier": "security@hypr.com",
"published": "2024-01-16T20:15:45.493",
"lastModified": "2024-01-16T20:15:45.493",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Improper Link Resolution Before File Access ('Link Following') vulnerability in HYPR Workforce Access on Windows allows User-Controlled Filename.This issue affects Workforce Access: before 8.7.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@hypr.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:H/A:L",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "LOW",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.1,
"impactScore": 4.7
}
]
},
"weaknesses": [
{
"source": "security@hypr.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-59"
}
]
}
],
"references": [
{
"url": "https://www.hypr.com/security-advisories",
"source": "security@hypr.com"
}
]
}

55
CVE-2023/CVE-2023-63xx/CVE-2023-6336.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-6336",
"sourceIdentifier": "security@hypr.com",
"published": "2024-01-16T20:15:45.667",
"lastModified": "2024-01-16T20:15:45.667",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Improper Link Resolution Before File Access ('Link Following') vulnerability in HYPR Workforce Access on MacOS allows User-Controlled Filename.This issue affects Workforce Access: before 8.7.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@hypr.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 0.8,
"impactScore": 5.8
}
]
},
"weaknesses": [
{
"source": "security@hypr.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-59"
}
]
}
],
"references": [
{
"url": "https://www.hypr.com/security-advisories",
"source": "security@hypr.com"
}
]
}

51
CVE-2023/CVE-2023-70xx/CVE-2023-7032.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-7032",
"sourceIdentifier": "cybersecurity@se.com",
"published": "2024-01-09T20:15:42.967",
"lastModified": "2024-01-10T01:21:28.543",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-16T19:43:07.787",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "\nA CWE-502: Deserialization of untrusted data vulnerability exists that could allow an attacker\nlogged in with a user level account to gain higher privileges by providing a harmful serialized\nobject.\n\n"
},
{
"lang": "es",
"value": "Existe una vulnerabilidad CWE-502: deserializaci\u00f3n de datos no confiables que podr\u00eda permitir que un atacante que haya iniciado sesi\u00f3n con una cuenta de nivel de usuario obtenga mayores privilegios al proporcionar un objeto serializado da\u00f1ino."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "cybersecurity@se.com",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:schneider-electric:easergy_studio:*:*:*:*:*:*:*:*",
"versionEndIncluding": "9.3.5",
"matchCriteriaId": "97EFDB27-39E0-4D76-BAB7-20D59CB364B8"
}
]
}
]
}
],
"references": [
{
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-009-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2024-009-02.pdf",
"source": "cybersecurity@se.com"
"source": "cybersecurity@se.com",
"tags": [
"Vendor Advisory"
]
}
]
}

59
CVE-2023/CVE-2023-72xx/CVE-2023-7234.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-7234",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2024-01-16T19:15:08.460",
"lastModified": "2024-01-16T19:15:08.460",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\nOPCUAServerToolkit will write a log message once an OPC UA client has successfully connected containing the client's self-defined description field.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-117"
}
]
}
],
"references": [
{
"url": "https://integrationobjects.com//ask-a-question/",
"source": "ics-cert@hq.dhs.gov"
},
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-016-02",
"source": "ics-cert@hq.dhs.gov"
}
]
}

67
CVE-2024/CVE-2024-02xx/CVE-2024-0200.json Normal file
View File

@ -0,0 +1,67 @@
{
"id": "CVE-2024-0200",
"sourceIdentifier": "product-cna@github.com",
"published": "2024-01-16T19:15:08.667",
"lastModified": "2024-01-16T19:15:08.667",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An unsafe reflection vulnerability was identified in GitHub Enterprise Server that could lead to reflection injection. This vulnerability\u00a0could lead to the execution of user-controlled methods and remote code execution. To\u00a0exploit this bug, an actor would need to be logged into an account on the GHES instance with the organization owner role.\u00a0This vulnerability affected all versions of GitHub Enterprise Server prior to 3.12 and was fixed in versions 3.8.13, 3.9.8, 3.10.5, and 3.11.3. This vulnerability was reported via the GitHub Bug Bounty program.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "product-cna@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.3,
"impactScore": 5.3
}
]
},
"weaknesses": [
{
"source": "product-cna@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-470"
}
]
}
],
"references": [
{
"url": "https://docs.github.com/en/enterprise-server@3.10/admin/release-notes#3.10.5",
"source": "product-cna@github.com"
},
{
"url": "https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.11.3",
"source": "product-cna@github.com"
},
{
"url": "https://docs.github.com/en/enterprise-server@3.8/admin/release-notes#3.8.13",
"source": "product-cna@github.com"
},
{
"url": "https://docs.github.com/en/enterprise-server@3.9/admin/release-notes#3.9.8",
"source": "product-cna@github.com"
}
]
}

74
CVE-2024/CVE-2024-03xx/CVE-2024-0341.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2024-0341",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-09T19:15:11.023",
"lastModified": "2024-01-09T19:56:14.023",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-16T19:49:56.160",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Inis up to 2.0.1. It has been rated as problematic. This issue affects some unknown processing of the file /app/api/controller/default/File.php of the component GET Request Handler. The manipulation of the argument path leads to path traversal: '../filedir'. The exploit has been disclosed to the public and may be used. The identifier VDB-250109 was assigned to this vulnerability."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una vulnerabilidad en Inis hasta 2.0.1. Ha sido calificada como problem\u00e1tica. Este problema afecta un procesamiento desconocido del archivo /app/api/controller/default/File.php del componente GET Request Handler. La manipulaci\u00f3n de la ruta del argumento conduce a path traversal: '../filedir'. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. A esta vulnerabilidad se le asign\u00f3 el identificador VDB-250109."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -61,8 +85,18 @@
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -71,18 +105,46 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:inis_project:inis:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2.0.1",
"matchCriteriaId": "BF3BA3A1-37C8-4CA7-824D-43F337B28185"
}
]
}
]
}
],
"references": [
{
"url": "https://note.zhaoj.in/share/VYx8H9u8gyHw",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Broken Link"
]
},
{
"url": "https://vuldb.com/?ctiid.250109",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.250109",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

62
CVE-2024/CVE-2024-03xx/CVE-2024-0342.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2024-0342",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-09T20:15:43.190",
"lastModified": "2024-01-10T01:21:28.543",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-16T19:33:17.373",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical has been found in Inis up to 2.0.1. Affected is an unknown function of the file /app/api/controller/default/Sqlite.php. The manipulation of the argument sql leads to sql injection. The exploit has been disclosed to the public and may be used. VDB-250110 is the identifier assigned to this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad ha sido encontrada en Inis hasta 2.0.1 y clasificada como cr\u00edtica. Una funci\u00f3n desconocida del archivo /app/api/controller/default/Sqlite.php es afectada por esta vulnerabilidad. La manipulaci\u00f3n del argumento sql conduce a la inyecci\u00f3n de sql. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. VDB-250110 es el identificador asignado a esta vulnerabilidad."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -71,18 +95,46 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:inis_project:inis:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2.0.1",
"matchCriteriaId": "BF3BA3A1-37C8-4CA7-824D-43F337B28185"
}
]
}
]
}
],
"references": [
{
"url": "https://note.zhaoj.in/share/nWYJHrmUqv7i",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Broken Link"
]
},
{
"url": "https://vuldb.com/?ctiid.250110",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.250110",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

62
CVE-2024/CVE-2024-03xx/CVE-2024-0344.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2024-0344",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-09T21:15:08.123",
"lastModified": "2024-01-10T01:21:28.543",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-16T19:29:05.160",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, has been found in soxft TimeMail up to 1.1. Affected by this issue is some unknown functionality of the file check.php. The manipulation of the argument c leads to sql injection. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-250112."
},
{
"lang": "es",
"value": "Una vulnerabilidad fue encontrada en soxft TimeMail hasta 1.1 y clasificada como cr\u00edtica. Una funci\u00f3n desconocida del archivo check.php es afectada por esta vulnerabilidad. La manipulaci\u00f3n del argumento c conduce a la inyecci\u00f3n de SQL. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. El identificador de esta vulnerabilidad es VDB-250112."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -71,18 +95,46 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:soxft:timemail:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.1",
"matchCriteriaId": "5CEA3B3F-FAB5-44F4-8E1E-2327162523D7"
}
]
}
]
}
],
"references": [
{
"url": "https://note.zhaoj.in/share/VSutvlpgCJkD",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Broken Link"
]
},
{
"url": "https://vuldb.com/?ctiid.250112",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.250112",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

63
CVE-2024/CVE-2024-03xx/CVE-2024-0345.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2024-0345",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-09T21:15:08.347",
"lastModified": "2024-01-10T01:21:28.543",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-16T19:05:59.090",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as problematic, was found in CodeAstro Vehicle Booking System 1.0. This affects an unknown part of the file usr/usr-register.php of the component User Registration. The manipulation of the argument Full_Name/Last_Name/Address with the input <script>alert(document.cookie)</script> leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-250113 was assigned to this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad fue encontrada en CodeAstro Vehicle Booking System 1.0 y clasificada como problem\u00e1tica. Una parte desconocida del archivo usr/usr-register.php del componente User Registration afecta a una parte desconocida. La manipulaci\u00f3n del argumento Full_Name/Last_Name/Address con la entrada conduce a Cross-Site Scripting. Es posible iniciar el ataque de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. A esta vulnerabilidad se le asign\u00f3 el identificador VDB-250113."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -71,18 +95,47 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vehicle_booking_system_project:vehicle_booking_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C3F62C29-699D-4E88-AC40-4B55B67AC085"
}
]
}
]
}
],
"references": [
{
"url": "https://drive.google.com/file/d/1ihxLw4kzbAbDhHtca3UnTaB-iMWHi5DJ/view?usp=sharing",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.250113",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.250113",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
}
]
}

71
CVE-2024/CVE-2024-03xx/CVE-2024-0346.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2024-0346",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-09T22:15:43.800",
"lastModified": "2024-01-10T01:21:28.543",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-16T20:54:15.903",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in CodeAstro Vehicle Booking System 1.0 and classified as problematic. This vulnerability affects unknown code of the file usr/user-give-feedback.php of the component Feedback Page. The manipulation of the argument My Testemonial leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-250114 is the identifier assigned to this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad fue encontrada en CodeAstro Vehicle Booking System 1.0 y clasificada como problem\u00e1tica. Esta vulnerabilidad afecta a un c\u00f3digo desconocido del archivo usr/user-give-feedback.php del componente Feedback Page. La manipulaci\u00f3n del argumento My Testemonial conduce a Cross-Site Scripting. El ataque se puede iniciar de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. VDB-250114 es el identificador asignado a esta vulnerabilidad."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -60,6 +84,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -71,18 +105,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vehicle_booking_system_project:vehicle_booking_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C3F62C29-699D-4E88-AC40-4B55B67AC085"
}
]
}
]
}
],
"references": [
{
"url": "https://drive.google.com/file/d/1bao4YK4GwvAvCdCrsW5UpJZdvREdc_Yj/view?usp=sharing",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
},
{
"url": "https://vuldb.com/?ctiid.250114",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.250114",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

67
CVE-2024/CVE-2024-05xx/CVE-2024-0507.json Normal file
View File

@ -0,0 +1,67 @@
{
"id": "CVE-2024-0507",
"sourceIdentifier": "product-cna@github.com",
"published": "2024-01-16T19:15:08.870",
"lastModified": "2024-01-16T19:15:08.870",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An attacker with access to a Management Console user account with the editor role could escalate privileges through a command injection vulnerability in the Management Console. This vulnerability affected all versions of GitHub Enterprise Server and was fixed in versions 3.11.3, 3.10.5, 3.9.8, and 3.8.13 This vulnerability was reported via the GitHub Bug Bounty program."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "product-cna@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "product-cna@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"references": [
{
"url": "https://docs.github.com/en/enterprise-server@3.10/admin/release-notes#3.10.5",
"source": "product-cna@github.com"
},
{
"url": "https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.11.3",
"source": "product-cna@github.com"
},
{
"url": "https://docs.github.com/en/enterprise-server@3.8/admin/release-notes#3.8.13",
"source": "product-cna@github.com"
},
{
"url": "https://docs.github.com/en/enterprise-server@3.9/admin/release-notes#3.9.8",
"source": "product-cna@github.com"
}
]
}

88
CVE-2024/CVE-2024-05xx/CVE-2024-0599.json Normal file
View File

@ -0,0 +1,88 @@
{
"id": "CVE-2024-0599",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-16T20:15:45.840",
"lastModified": "2024-01-16T20:15:45.840",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Jspxcms 10.2.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file src\\main\\java\\com\\jspxcms\\core\\web\\back\\InfoController.java of the component Document Management Page. The manipulation of the argument title leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-250837 was assigned to this vulnerability."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW"
},
"exploitabilityScore": 2.1,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE",
"baseScore": 4.0
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/sweatxi/BugHub/blob/main/Jspxcms.pdf",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.250837",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.250837",
"source": "cna@vuldb.com"
}
]
}

209
CVE-2024/CVE-2024-206xx/CVE-2024-20652.json
View File

@ -2,19 +2,43 @@
"id": "CVE-2024-20652",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-01-09T18:15:47.733",
"lastModified": "2024-01-09T19:56:14.023",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-16T19:53:51.473",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Windows HTML Platforms Security Feature Bypass Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de omisi\u00f3n de caracter\u00edstica de seguridad de plataformas HTML de Windows"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9
},
{
"source": "secure@microsoft.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
@ -34,10 +58,187 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.10240.20402",
"matchCriteriaId": "46ABD897-272E-49BD-BCD1-79EA0908349D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.10240.20402",
"matchCriteriaId": "B85886E7-0E67-4BBD-9E42-4507DF422BCF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.14393.6614",
"matchCriteriaId": "1301CF7B-D772-4AAA-BFF2-88BF493A324E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.14393.6614",
"matchCriteriaId": "DDEB129C-34A6-47E5-A652-51FCE0A3A880"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.17763.5329",
"matchCriteriaId": "F0470D92-707F-4073-886A-ECDC4F2E1CAC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.17763.5329",
"matchCriteriaId": "9C150F7E-8967-4AB8-8DF8-EBC89A10D554"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.17763.5329",
"matchCriteriaId": "A7997F10-4040-4664-B55E-0039E25B4F79"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.19044.3930",
"matchCriteriaId": "C541A6B6-7D07-4EA9-89FF-81D815A9476F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.19044.3930",
"matchCriteriaId": "5BFCE595-C6A9-4F10-9EC7-58C1D66BB436"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.19044.3930",
"matchCriteriaId": "A49993E0-2369-48E3-A925-6405722F1A19"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.19045.3930",
"matchCriteriaId": "5D738639-84ED-4215-82F1-7D94D68D3396"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.19045.3930",
"matchCriteriaId": "047947E7-B85E-4D6A-9B92-E39E4828206E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.19045.3930",
"matchCriteriaId": "45296209-531C-48D1-84DA-FAD9E28E7999"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.22000.2713",
"matchCriteriaId": "6FA472E2-4501-4597-9979-796258111DA5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.22000.2713",
"matchCriteriaId": "0F377DD9-2DBF-4202-AF3F-6AC6A809F4E2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.22621.3007",
"matchCriteriaId": "C48178EC-BDEE-4F78-BCFB-B125F5CA0A9E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.22621.3007",
"matchCriteriaId": "04C81079-1855-4F8C-A9E2-3E2CC796C4F0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.22631.3007",
"matchCriteriaId": "91F6049F-03C1-494C-8AA1-6DE27D335139"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.22631.3007",
"matchCriteriaId": "A00CE59A-0762-4AA4-99DA-5C9545F85666"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*",
"matchCriteriaId": "2127D10C-B6F3-4C1D-B9AA-5D78513CC996"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*",
"matchCriteriaId": "AB425562-C0A0-452E-AABE-F70522F15E1A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20652",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

187
CVE-2024/CVE-2024-206xx/CVE-2024-20654.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-20654",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-01-09T18:15:48.130",
"lastModified": "2024-01-09T19:56:14.023",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-16T20:46:14.413",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Microsoft ODBC Driver Remote Code Execution Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo del controlador ODBC de Microsoft"
}
],
"metrics": {
@ -34,10 +38,187 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.10240.20402",
"matchCriteriaId": "46ABD897-272E-49BD-BCD1-79EA0908349D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.10240.20402",
"matchCriteriaId": "B85886E7-0E67-4BBD-9E42-4507DF422BCF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.14393.6614",
"matchCriteriaId": "1301CF7B-D772-4AAA-BFF2-88BF493A324E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.14393.6614",
"matchCriteriaId": "DDEB129C-34A6-47E5-A652-51FCE0A3A880"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.17763.5329",
"matchCriteriaId": "F0470D92-707F-4073-886A-ECDC4F2E1CAC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.17763.5329",
"matchCriteriaId": "9C150F7E-8967-4AB8-8DF8-EBC89A10D554"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.17763.5329",
"matchCriteriaId": "A7997F10-4040-4664-B55E-0039E25B4F79"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.19044.3930",
"matchCriteriaId": "C541A6B6-7D07-4EA9-89FF-81D815A9476F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.19044.3930",
"matchCriteriaId": "5BFCE595-C6A9-4F10-9EC7-58C1D66BB436"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.19044.3930",
"matchCriteriaId": "A49993E0-2369-48E3-A925-6405722F1A19"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.19045.3930",
"matchCriteriaId": "5D738639-84ED-4215-82F1-7D94D68D3396"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.19045.3930",
"matchCriteriaId": "047947E7-B85E-4D6A-9B92-E39E4828206E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.19045.3930",
"matchCriteriaId": "45296209-531C-48D1-84DA-FAD9E28E7999"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.22000.2713",
"matchCriteriaId": "6FA472E2-4501-4597-9979-796258111DA5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.22000.2713",
"matchCriteriaId": "0F377DD9-2DBF-4202-AF3F-6AC6A809F4E2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.22621.3007",
"matchCriteriaId": "C48178EC-BDEE-4F78-BCFB-B125F5CA0A9E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.22621.3007",
"matchCriteriaId": "04C81079-1855-4F8C-A9E2-3E2CC796C4F0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.22631.3007",
"matchCriteriaId": "91F6049F-03C1-494C-8AA1-6DE27D335139"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.22631.3007",
"matchCriteriaId": "A00CE59A-0762-4AA4-99DA-5C9545F85666"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*",
"matchCriteriaId": "2127D10C-B6F3-4C1D-B9AA-5D78513CC996"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*",
"matchCriteriaId": "AB425562-C0A0-452E-AABE-F70522F15E1A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20654",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

58
CVE-2024/CVE-2024-206xx/CVE-2024-20677.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-20677",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-01-09T18:15:50.887",
"lastModified": "2024-01-09T19:56:14.023",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-16T20:02:24.243",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "<p>A security vulnerability exists in FBX that could lead to remote code execution. To mitigate this vulnerability, the ability to insert FBX files has been disabled in Word, Excel, PowerPoint and Outlook for Windows and Mac. Versions of Office that had this feature enabled will no longer have access to it. This includes Office 2019, Office 2021, Office LTSC for Mac 2021, and Microsoft 365.</p>\n<p>3D models in Office documents that were previously inserted from a FBX file will continue to work as expected unless the Link to File option was chosen at insert time.</p>\n<p>This change is effective as of the January 9, 2024 security update.</p>\n"
},
{
"lang": "es",
"value": "<p>Existe una vulnerabilidad de seguridad en FBX que podr\u00eda provocar la ejecuci\u00f3n remota de c\u00f3digo. Para mitigar esta vulnerabilidad, se deshabilit\u00f3 la capacidad de insertar archivos FBX en Word, Excel, PowerPoint y Outlook para Windows y Mac. Las versiones de Office que ten\u00edan esta funci\u00f3n habilitada ya no tendr\u00e1n acceso a ella. Esto incluye Office 2019, Office 2021, Office LTSC para Mac 2021 y Microsoft 365.</p> <p>Los modelos 3D en documentos de Office que se insertaron previamente desde un archivo FBX seguir\u00e1n funcionando como se espera a menos que se active la opci\u00f3n Vincular a Archivo. se eligi\u00f3 en el momento de la inserci\u00f3n.</p> <p>Este cambio entra en vigor a partir de la actualizaci\u00f3n de seguridad del 9 de enero de 2024.</p>"
}
],
"metrics": {
@ -34,10 +38,58 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:*:*",
"matchCriteriaId": "40C15EDD-98D4-4D06-BA06-21AE0F33C72D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*",
"matchCriteriaId": "FF177984-A906-43FA-BF60-298133FBBD6B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:-:*:*",
"matchCriteriaId": "6C9D7C93-E8CB-4A8A-BA15-093B03ACC62F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:macos:*:*",
"matchCriteriaId": "BF0E8112-5B6F-4E55-8E40-38ADCF6FC654"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20677",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

108
CVE-2024/CVE-2024-213xx/CVE-2024-21319.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2024-21319",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-01-09T19:15:12.070",
"lastModified": "2024-01-09T19:56:14.023",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-16T20:48:19.723",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Identity Denial of service vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de denegaci\u00f3n de servicio de identidad de Microsoft"
}
],
"metrics": {
@ -34,10 +38,108 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.0.0",
"versionEndExcluding": "6.0.26",
"matchCriteriaId": "498DF6C9-EC7C-4A4F-A188-B22E82FD6540"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.0.0",
"versionEndIncluding": "7.0.15",
"matchCriteriaId": "77C53F4F-8B33-4FF6-9AFE-155FEF1F972A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.0.0",
"versionEndExcluding": "8.0.1",
"matchCriteriaId": "8583992E-20C5-4437-ACFE-22FEBD539E4C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:identity_model:*:*:*:*:*:.net:*:*",
"versionStartIncluding": "5.0.0",
"versionEndExcluding": "5.7.0",
"matchCriteriaId": "F39C475D-FDCE-4DE1-B936-01D268FD7645"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:identity_model:*:*:*:*:*:.net:*:*",
"versionStartIncluding": "6.0.0",
"versionEndExcluding": "6.34.0",
"matchCriteriaId": "A286ABF0-E7B7-44E0-9EF1-0226BDD5338A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:identity_model:*:*:*:*:*:.net:*:*",
"versionStartIncluding": "7.0.0",
"versionEndExcluding": "7.1.2",
"matchCriteriaId": "B12074D2-B6C2-4797-BCE8-27A5E6314FB1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*",
"versionStartIncluding": "17.2.0",
"versionEndExcluding": "17.2.23",
"matchCriteriaId": "42B33777-27CB-45CC-A95A-3F4369DBB31D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*",
"versionStartIncluding": "17.4.0",
"versionEndExcluding": "17.4.15",
"matchCriteriaId": "E578915C-4563-4767-A1F9-7C0ADF58BDA6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*",
"versionStartIncluding": "17.6.0",
"versionEndExcluding": "17.6.11",
"matchCriteriaId": "AB1E1DB4-BE9A-48E9-808D-E239CFDB26BA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*",
"versionStartIncluding": "17.8.0",
"versionEndExcluding": "17.8.4",
"matchCriteriaId": "1A6D3ECE-ED4D-4778-900F-4D4E1D05F00E"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21319",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

62
CVE-2024/CVE-2024-216xx/CVE-2024-21664.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2024-21664",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-01-09T20:15:43.740",
"lastModified": "2024-01-10T01:21:28.543",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-16T19:30:49.207",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "jwx is a Go module implementing various JWx (JWA/JWE/JWK/JWS/JWT, otherwise known as JOSE) technologies. Calling `jws.Parse` with a JSON serialized payload where the `signature` field is present while `protected` is absent can lead to a nil pointer dereference. The vulnerability can be used to crash/DOS a system doing JWS verification. This vulnerability has been patched in version 2.0.19.\n"
},
{
"lang": "es",
"value": "jwx es un m\u00f3dulo Go que implementa varias tecnolog\u00edas JWx (JWA/JWE/JWK/JWS/JWT, tambi\u00e9n conocidas como JOSE). Llamar a `jws.Parse` con un payload serializado JSON donde el campo `signature` est\u00e1 presente mientras que `protected` est\u00e1 ausente puede provocar una desreferencia del puntero nulo. La vulnerabilidad se puede utilizar para bloquear/DOS un sistema que realiza la verificaci\u00f3n JWS. Esta vulnerabilidad ha sido parcheada en la versi\u00f3n 2.0.19."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,18 +70,46 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lestrrat-go:jwx:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.0.19",
"matchCriteriaId": "5BC42760-3661-434C-8568-AF4B49498561"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/lestrrat-go/jwx/commit/0e8802ce6842625845d651456493e7c87625601f",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/lestrrat-go/jwx/commit/d69a721931a5c48b9850a42404f18e143704adcd",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/lestrrat-go/jwx/security/advisories/GHSA-pvcr-v8j8-j5q3",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
]
}
]
}

61
CVE-2024/CVE-2024-216xx/CVE-2024-21668.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2024-21668",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-01-09T19:15:12.330",
"lastModified": "2024-01-09T19:56:14.023",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-16T20:37:23.550",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "react-native-mmkv is a library that allows easy use of MMKV inside React Native applications. Before version 2.11.0, the react-native-mmkv logged the optional encryption key for the MMKV database into the Android system log. The key can be obtained by anyone with access to the Android Debugging Bridge (ADB) if it is enabled in the phone settings. This bug is not present on iOS devices. By logging the encryption secret to the system logs, attackers can trivially recover the secret by enabling ADB and undermining an app's thread model. This issue has been patched in version 2.11.0."
},
{
"lang": "es",
"value": "react-native-mmkv es una librer\u00eda que permite el uso sencillo de MMKV dentro de aplicaciones React Native. Antes de la versi\u00f3n 2.11.0, react-native-mmkv registraba la clave de cifrado opcional para la base de datos MMKV en el registro del sistema Android. Cualquier persona con acceso al Android Debugging Bridge (ADB) puede obtener la clave si est\u00e1 habilitado en la configuraci\u00f3n del tel\u00e9fono. Este error no est\u00e1 presente en dispositivos iOS. Al registrar el secreto de cifrado en los registros del sistema, los atacantes pueden recuperar trivialmente el secreto habilitando ADB y socavando el modelo de subprocesos de una aplicaci\u00f3n. Este problema se solucion\u00f3 en la versi\u00f3n 2.11.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,18 +70,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mrousavy:react-native-mmkv:*:*:*:*:*:node.js:*:*",
"versionEndExcluding": "2.11.0",
"matchCriteriaId": "2F0F4C50-CDEB-4A18-A8BC-E087D59E6D75"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/mrousavy/react-native-mmkv/commit/a8995ccb7184281f7d168bad3e9987c9bd05f00d",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/mrousavy/react-native-mmkv/releases/tag/v2.11.0",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/mrousavy/react-native-mmkv/security/advisories/GHSA-4jh3-6jhv-2mgp",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
}
]
}

20
CVE-2024/CVE-2024-224xx/CVE-2024-22491.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2024-22491",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-16T19:15:09.080",
"lastModified": "2024-01-16T19:15:09.080",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A Stored Cross Site Scripting (XSS) vulnerability in beetl-bbs 2.0 allows attackers to run arbitrary code via the post/save content parameter."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/cui2shark/security/blob/main/A%20stored%20cross-site%20scripting%20%28XSS%29%20vulnerability%20was%20discovered%20in%20beetl-bbs%20post%20save.md",
"source": "cve@mitre.org"
}
]
}

87
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-01-16T19:00:24.664971+00:00
2024-01-16T21:00:25.815741+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-01-16T18:57:56.167000+00:00
2024-01-16T20:59:05.917000+00:00
```
### Last Data Feed Release
@ -29,59 +29,56 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
236096
236108
```
### CVEs added in the last Commit
Recently added CVEs: `15`
Recently added CVEs: `12`
* [CVE-2023-22502](CVE-2023/CVE-2023-225xx/CVE-2023-22502.json) (`2024-01-16T18:15:08.957`)
* [CVE-2023-22507](CVE-2023/CVE-2023-225xx/CVE-2023-22507.json) (`2024-01-16T18:15:09.037`)
* [CVE-2023-22510](CVE-2023/CVE-2023-225xx/CVE-2023-22510.json) (`2024-01-16T18:15:09.080`)
* [CVE-2023-22512](CVE-2023/CVE-2023-225xx/CVE-2023-22512.json) (`2024-01-16T18:15:09.130`)
* [CVE-2023-22514](CVE-2023/CVE-2023-225xx/CVE-2023-22514.json) (`2024-01-16T18:15:09.170`)
* [CVE-2023-22520](CVE-2023/CVE-2023-225xx/CVE-2023-22520.json) (`2024-01-16T18:15:09.217`)
* [CVE-2023-22525](CVE-2023/CVE-2023-225xx/CVE-2023-22525.json) (`2024-01-16T18:15:09.257`)
* [CVE-2023-37523](CVE-2023/CVE-2023-375xx/CVE-2023-37523.json) (`2024-01-16T18:15:09.407`)
* [CVE-2023-4969](CVE-2023/CVE-2023-49xx/CVE-2023-4969.json) (`2024-01-16T17:15:08.083`)
* [CVE-2024-0579](CVE-2024/CVE-2024-05xx/CVE-2024-0579.json) (`2024-01-16T17:15:08.280`)
* [CVE-2024-22625](CVE-2024/CVE-2024-226xx/CVE-2024-22625.json) (`2024-01-16T18:15:11.077`)
* [CVE-2024-22626](CVE-2024/CVE-2024-226xx/CVE-2024-22626.json) (`2024-01-16T18:15:11.120`)
* [CVE-2024-22627](CVE-2024/CVE-2024-226xx/CVE-2024-22627.json) (`2024-01-16T18:15:11.167`)
* [CVE-2024-22628](CVE-2024/CVE-2024-226xx/CVE-2024-22628.json) (`2024-01-16T18:15:11.220`)
* [CVE-2024-23347](CVE-2024/CVE-2024-233xx/CVE-2024-23347.json) (`2024-01-16T18:15:11.267`)
* [CVE-2023-49351](CVE-2023/CVE-2023-493xx/CVE-2023-49351.json) (`2024-01-16T19:15:08.120`)
* [CVE-2023-51381](CVE-2023/CVE-2023-513xx/CVE-2023-51381.json) (`2024-01-16T19:15:08.183`)
* [CVE-2023-52041](CVE-2023/CVE-2023-520xx/CVE-2023-52041.json) (`2024-01-16T19:15:08.410`)
* [CVE-2023-7234](CVE-2023/CVE-2023-72xx/CVE-2023-7234.json) (`2024-01-16T19:15:08.460`)
* [CVE-2023-5097](CVE-2023/CVE-2023-50xx/CVE-2023-5097.json) (`2024-01-16T20:15:45.107`)
* [CVE-2023-6334](CVE-2023/CVE-2023-63xx/CVE-2023-6334.json) (`2024-01-16T20:15:45.303`)
* [CVE-2023-6335](CVE-2023/CVE-2023-63xx/CVE-2023-6335.json) (`2024-01-16T20:15:45.493`)
* [CVE-2023-6336](CVE-2023/CVE-2023-63xx/CVE-2023-6336.json) (`2024-01-16T20:15:45.667`)
* [CVE-2024-0200](CVE-2024/CVE-2024-02xx/CVE-2024-0200.json) (`2024-01-16T19:15:08.667`)
* [CVE-2024-0507](CVE-2024/CVE-2024-05xx/CVE-2024-0507.json) (`2024-01-16T19:15:08.870`)
* [CVE-2024-22491](CVE-2024/CVE-2024-224xx/CVE-2024-22491.json) (`2024-01-16T19:15:09.080`)
* [CVE-2024-0599](CVE-2024/CVE-2024-05xx/CVE-2024-0599.json) (`2024-01-16T20:15:45.840`)
### CVEs modified in the last Commit
Recently modified CVEs: `38`
Recently modified CVEs: `47`
* [CVE-2023-35702](CVE-2023/CVE-2023-357xx/CVE-2023-35702.json) (`2024-01-16T17:33:44.477`)
* [CVE-2023-35703](CVE-2023/CVE-2023-357xx/CVE-2023-35703.json) (`2024-01-16T17:34:14.000`)
* [CVE-2023-35704](CVE-2023/CVE-2023-357xx/CVE-2023-35704.json) (`2024-01-16T17:34:22.723`)
* [CVE-2023-35969](CVE-2023/CVE-2023-359xx/CVE-2023-35969.json) (`2024-01-16T17:34:36.490`)
* [CVE-2023-35970](CVE-2023/CVE-2023-359xx/CVE-2023-35970.json) (`2024-01-16T17:34:44.180`)
* [CVE-2023-35994](CVE-2023/CVE-2023-359xx/CVE-2023-35994.json) (`2024-01-16T17:34:53.610`)
* [CVE-2023-22527](CVE-2023/CVE-2023-225xx/CVE-2023-22527.json) (`2024-01-16T18:15:09.327`)
* [CVE-2023-45229](CVE-2023/CVE-2023-452xx/CVE-2023-45229.json) (`2024-01-16T18:15:09.620`)
* [CVE-2023-45230](CVE-2023/CVE-2023-452xx/CVE-2023-45230.json) (`2024-01-16T18:15:09.687`)
* [CVE-2023-45231](CVE-2023/CVE-2023-452xx/CVE-2023-45231.json) (`2024-01-16T18:15:09.750`)
* [CVE-2023-45232](CVE-2023/CVE-2023-452xx/CVE-2023-45232.json) (`2024-01-16T18:15:09.813`)
* [CVE-2023-45233](CVE-2023/CVE-2023-452xx/CVE-2023-45233.json) (`2024-01-16T18:15:09.877`)
* [CVE-2023-45234](CVE-2023/CVE-2023-452xx/CVE-2023-45234.json) (`2024-01-16T18:15:09.940`)
* [CVE-2023-45235](CVE-2023/CVE-2023-452xx/CVE-2023-45235.json) (`2024-01-16T18:15:10.013`)
* [CVE-2023-45236](CVE-2023/CVE-2023-452xx/CVE-2023-45236.json) (`2024-01-16T18:15:10.080`)
* [CVE-2023-45237](CVE-2023/CVE-2023-452xx/CVE-2023-45237.json) (`2024-01-16T18:15:10.187`)
* [CVE-2023-6395](CVE-2023/CVE-2023-63xx/CVE-2023-6395.json) (`2024-01-16T18:15:10.303`)
* [CVE-2023-50136](CVE-2023/CVE-2023-501xx/CVE-2023-50136.json) (`2024-01-16T18:51:33.887`)
* [CVE-2023-38827](CVE-2023/CVE-2023-388xx/CVE-2023-38827.json) (`2024-01-16T18:57:56.167`)
* [CVE-2024-22164](CVE-2024/CVE-2024-221xx/CVE-2024-22164.json) (`2024-01-16T17:40:17.057`)
* [CVE-2024-21737](CVE-2024/CVE-2024-217xx/CVE-2024-21737.json) (`2024-01-16T17:45:47.083`)
* [CVE-2024-22165](CVE-2024/CVE-2024-221xx/CVE-2024-22165.json) (`2024-01-16T18:30:58.893`)
* [CVE-2024-0056](CVE-2024/CVE-2024-00xx/CVE-2024-0056.json) (`2024-01-16T18:42:08.580`)
* [CVE-2024-0057](CVE-2024/CVE-2024-00xx/CVE-2024-0057.json) (`2024-01-16T18:47:36.267`)
* [CVE-2024-0340](CVE-2024/CVE-2024-03xx/CVE-2024-0340.json) (`2024-01-16T18:49:46.600`)
* [CVE-2023-48261](CVE-2023/CVE-2023-482xx/CVE-2023-48261.json) (`2024-01-16T20:15:31.977`)
* [CVE-2023-48260](CVE-2023/CVE-2023-482xx/CVE-2023-48260.json) (`2024-01-16T20:16:05.787`)
* [CVE-2023-48259](CVE-2023/CVE-2023-482xx/CVE-2023-48259.json) (`2024-01-16T20:16:25.587`)
* [CVE-2023-48245](CVE-2023/CVE-2023-482xx/CVE-2023-48245.json) (`2024-01-16T20:17:01.697`)
* [CVE-2023-48244](CVE-2023/CVE-2023-482xx/CVE-2023-48244.json) (`2024-01-16T20:17:17.953`)
* [CVE-2023-48243](CVE-2023/CVE-2023-482xx/CVE-2023-48243.json) (`2024-01-16T20:17:41.990`)
* [CVE-2023-48242](CVE-2023/CVE-2023-482xx/CVE-2023-48242.json) (`2024-01-16T20:17:56.863`)
* [CVE-2023-48262](CVE-2023/CVE-2023-482xx/CVE-2023-48262.json) (`2024-01-16T20:30:28.287`)
* [CVE-2023-48263](CVE-2023/CVE-2023-482xx/CVE-2023-48263.json) (`2024-01-16T20:30:41.677`)
* [CVE-2023-48264](CVE-2023/CVE-2023-482xx/CVE-2023-48264.json) (`2024-01-16T20:30:58.470`)
* [CVE-2023-48265](CVE-2023/CVE-2023-482xx/CVE-2023-48265.json) (`2024-01-16T20:31:20.220`)
* [CVE-2023-48266](CVE-2023/CVE-2023-482xx/CVE-2023-48266.json) (`2024-01-16T20:31:40.710`)
* [CVE-2023-47997](CVE-2023/CVE-2023-479xx/CVE-2023-47997.json) (`2024-01-16T20:58:57.263`)
* [CVE-2023-47996](CVE-2023/CVE-2023-479xx/CVE-2023-47996.json) (`2024-01-16T20:59:05.917`)
* [CVE-2024-0345](CVE-2024/CVE-2024-03xx/CVE-2024-0345.json) (`2024-01-16T19:05:59.090`)
* [CVE-2024-0344](CVE-2024/CVE-2024-03xx/CVE-2024-0344.json) (`2024-01-16T19:29:05.160`)
* [CVE-2024-21664](CVE-2024/CVE-2024-216xx/CVE-2024-21664.json) (`2024-01-16T19:30:49.207`)
* [CVE-2024-0342](CVE-2024/CVE-2024-03xx/CVE-2024-0342.json) (`2024-01-16T19:33:17.373`)
* [CVE-2024-0341](CVE-2024/CVE-2024-03xx/CVE-2024-0341.json) (`2024-01-16T19:49:56.160`)
* [CVE-2024-20652](CVE-2024/CVE-2024-206xx/CVE-2024-20652.json) (`2024-01-16T19:53:51.473`)
* [CVE-2024-20677](CVE-2024/CVE-2024-206xx/CVE-2024-20677.json) (`2024-01-16T20:02:24.243`)
* [CVE-2024-21668](CVE-2024/CVE-2024-216xx/CVE-2024-21668.json) (`2024-01-16T20:37:23.550`)
* [CVE-2024-20654](CVE-2024/CVE-2024-206xx/CVE-2024-20654.json) (`2024-01-16T20:46:14.413`)
* [CVE-2024-21319](CVE-2024/CVE-2024-213xx/CVE-2024-21319.json) (`2024-01-16T20:48:19.723`)
* [CVE-2024-0346](CVE-2024/CVE-2024-03xx/CVE-2024-0346.json) (`2024-01-16T20:54:15.903`)
## Download and Usage