diff --git a/CVE-2022/CVE-2022-332xx/CVE-2022-33273.json b/CVE-2022/CVE-2022-332xx/CVE-2022-33273.json new file mode 100644 index 00000000000..521b552cb0a --- /dev/null +++ b/CVE-2022/CVE-2022-332xx/CVE-2022-33273.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2022-33273", + "sourceIdentifier": "product-security@qualcomm.com", + "published": "2023-05-02T08:15:08.763", + "lastModified": "2023-05-02T08:15:08.763", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Information disclosure due to buffer over-read in Trusted Execution Environment while QRKS report generation." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "product-security@qualcomm.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "LOW", + "baseScore": 7.3, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.0, + "impactScore": 4.7 + } + ] + }, + "references": [ + { + "url": "https://www.qualcomm.com/company/product-security/bulletins/may-2023-bulletin", + "source": "product-security@qualcomm.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-405xx/CVE-2022-40504.json b/CVE-2022/CVE-2022-405xx/CVE-2022-40504.json new file mode 100644 index 00000000000..c6555ce64f2 --- /dev/null +++ b/CVE-2022/CVE-2022-405xx/CVE-2022-40504.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2022-40504", + "sourceIdentifier": "product-security@qualcomm.com", + "published": "2023-05-02T08:15:09.437", + "lastModified": "2023-05-02T08:15:09.437", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Transient DOS due to reachable assertion in Modem when UE received Downlink Data Indication message from the network." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "product-security@qualcomm.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "references": [ + { + "url": "https://www.qualcomm.com/company/product-security/bulletins/may-2023-bulletin", + "source": "product-security@qualcomm.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-08xx/CVE-2023-0891.json b/CVE-2023/CVE-2023-08xx/CVE-2023-0891.json new file mode 100644 index 00000000000..b330cbb110e --- /dev/null +++ b/CVE-2023/CVE-2023-08xx/CVE-2023-0891.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2023-0891", + "sourceIdentifier": "contact@wpscan.com", + "published": "2023-05-02T08:15:09.513", + "lastModified": "2023-05-02T08:15:09.513", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The StagTools WordPress plugin before 2.3.7 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks." + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "contact@wpscan.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://wpscan.com/vulnerability/72397fee-9768-462b-933c-400181a5487c", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-09xx/CVE-2023-0924.json b/CVE-2023/CVE-2023-09xx/CVE-2023-0924.json new file mode 100644 index 00000000000..cdc940f9657 --- /dev/null +++ b/CVE-2023/CVE-2023-09xx/CVE-2023-0924.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2023-0924", + "sourceIdentifier": "contact@wpscan.com", + "published": "2023-05-02T08:15:09.620", + "lastModified": "2023-05-02T08:15:09.620", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The ZYREX POPUP WordPress plugin through 1.0 does not validate the type of files uploaded when creating a popup, allowing a high privileged user (such as an Administrator) to upload arbitrary files, even when modifying the file system is disallowed, such as in a multisite install." + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "contact@wpscan.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-434" + } + ] + } + ], + "references": [ + { + "url": "https://wpscan.com/vulnerability/0fd0d7a5-9263-43b6-9244-7880c3d3e6f4", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-10xx/CVE-2023-1021.json b/CVE-2023/CVE-2023-10xx/CVE-2023-1021.json new file mode 100644 index 00000000000..f98e1b797cb --- /dev/null +++ b/CVE-2023/CVE-2023-10xx/CVE-2023-1021.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2023-1021", + "sourceIdentifier": "contact@wpscan.com", + "published": "2023-05-02T08:15:09.693", + "lastModified": "2023-05-02T08:15:09.693", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The amr ical events lists WordPress plugin through 6.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)" + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "contact@wpscan.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://wpscan.com/vulnerability/91d04f96-11b2-46dc-860c-dc6c26360bf3", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-10xx/CVE-2023-1090.json b/CVE-2023/CVE-2023-10xx/CVE-2023-1090.json new file mode 100644 index 00000000000..3b6d8751d4a --- /dev/null +++ b/CVE-2023/CVE-2023-10xx/CVE-2023-1090.json @@ -0,0 +1,36 @@ +{ + "id": "CVE-2023-1090", + "sourceIdentifier": "contact@wpscan.com", + "published": "2023-05-02T08:15:09.753", + "lastModified": "2023-05-02T08:15:09.753", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The SMTP Mailing Queue WordPress plugin before 2.0.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)" + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "contact@wpscan.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/youki992/youki992.github.io/blob/master/others/apply.md", + "source": "contact@wpscan.com" + }, + { + "url": "https://wpscan.com/vulnerability/d470dd6c-dcac-4a3e-b42a-2489a31aca45", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-11xx/CVE-2023-1125.json b/CVE-2023/CVE-2023-11xx/CVE-2023-1125.json new file mode 100644 index 00000000000..ec5b32e8917 --- /dev/null +++ b/CVE-2023/CVE-2023-11xx/CVE-2023-1125.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2023-1125", + "sourceIdentifier": "contact@wpscan.com", + "published": "2023-05-02T08:15:09.823", + "lastModified": "2023-05-02T08:15:09.823", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Ruby Help Desk WordPress plugin before 1.3.4 does not ensure that the ticket being modified belongs to the user making the request, allowing an attacker to close and/or add files and replies to tickets other than their own." + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "contact@wpscan.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-639" + } + ] + } + ], + "references": [ + { + "url": "https://wpscan.com/vulnerability/e8a4b6ab-47f8-495d-a22c-dcf914dfb58c", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-11xx/CVE-2023-1196.json b/CVE-2023/CVE-2023-11xx/CVE-2023-1196.json new file mode 100644 index 00000000000..81093302400 --- /dev/null +++ b/CVE-2023/CVE-2023-11xx/CVE-2023-1196.json @@ -0,0 +1,36 @@ +{ + "id": "CVE-2023-1196", + "sourceIdentifier": "contact@wpscan.com", + "published": "2023-05-02T09:15:09.280", + "lastModified": "2023-05-02T09:15:09.280", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Advanced Custom Fields (ACF) Free and Pro WordPress plugins 6.x before 6.1.0 and 5.x before 5.12.5 unserialize user controllable data, which could allow users with a role of Contributor and above to perform PHP Object Injection when a suitable gadget is present." + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "contact@wpscan.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-502" + } + ] + } + ], + "references": [ + { + "url": "https://wpscan.com/vulnerability/8e5ec88e-0e66-44e4-bbf2-74155d849ede", + "source": "contact@wpscan.com" + }, + { + "url": "https://wpscan.com/vulnerability/cf376ca2-92f6-44ff-929a-ace809460a33", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-15xx/CVE-2023-1525.json b/CVE-2023/CVE-2023-15xx/CVE-2023-1525.json new file mode 100644 index 00000000000..37ac1755972 --- /dev/null +++ b/CVE-2023/CVE-2023-15xx/CVE-2023-1525.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2023-1525", + "sourceIdentifier": "contact@wpscan.com", + "published": "2023-05-02T08:15:09.893", + "lastModified": "2023-05-02T08:15:09.893", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Site Reviews WordPress plugin before 6.7.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)." + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "contact@wpscan.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://wpscan.com/vulnerability/4ae6bf90-b100-4bb5-bdd7-8acdbd950596", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-15xx/CVE-2023-1546.json b/CVE-2023/CVE-2023-15xx/CVE-2023-1546.json new file mode 100644 index 00000000000..c3a26c09a94 --- /dev/null +++ b/CVE-2023/CVE-2023-15xx/CVE-2023-1546.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2023-1546", + "sourceIdentifier": "contact@wpscan.com", + "published": "2023-05-02T08:15:09.957", + "lastModified": "2023-05-02T08:15:09.957", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The MyCryptoCheckout WordPress plugin before 2.124 does not escape some URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting" + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "contact@wpscan.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://wpscan.com/vulnerability/bb065397-370f-4ee1-a2c8-20e4dc4415a0", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-15xx/CVE-2023-1554.json b/CVE-2023/CVE-2023-15xx/CVE-2023-1554.json new file mode 100644 index 00000000000..95316b1390e --- /dev/null +++ b/CVE-2023/CVE-2023-15xx/CVE-2023-1554.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2023-1554", + "sourceIdentifier": "contact@wpscan.com", + "published": "2023-05-02T08:15:10.023", + "lastModified": "2023-05-02T08:15:10.023", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Quick Paypal Payments WordPress plugin before 5.7.26.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)" + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "contact@wpscan.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://wpscan.com/vulnerability/0d247a3d-154e-4da7-a147-c1c7e1b5e87e", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-16xx/CVE-2023-1614.json b/CVE-2023/CVE-2023-16xx/CVE-2023-1614.json new file mode 100644 index 00000000000..4d972a2797e --- /dev/null +++ b/CVE-2023/CVE-2023-16xx/CVE-2023-1614.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2023-1614", + "sourceIdentifier": "contact@wpscan.com", + "published": "2023-05-02T08:15:10.097", + "lastModified": "2023-05-02T08:15:10.097", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The WP Custom Author URL WordPress plugin before 1.0.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)." + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "contact@wpscan.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://wpscan.com/vulnerability/56abd1e2-0ea9-47f7-9a1b-2093ac15d39c", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-16xx/CVE-2023-1669.json b/CVE-2023/CVE-2023-16xx/CVE-2023-1669.json new file mode 100644 index 00000000000..56b3b9fb58b --- /dev/null +++ b/CVE-2023/CVE-2023-16xx/CVE-2023-1669.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2023-1669", + "sourceIdentifier": "contact@wpscan.com", + "published": "2023-05-02T08:15:10.180", + "lastModified": "2023-05-02T08:15:10.180", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The SEOPress WordPress plugin before 6.5.0.3 unserializes user input provided via the settings, which could allow high-privilege users such as admin to perform PHP Object Injection when a suitable gadget is present." + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "contact@wpscan.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-502" + } + ] + } + ], + "references": [ + { + "url": "https://wpscan.com/vulnerability/fb8791f5-2879-431e-9afc-06d5839e4b9d", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-17xx/CVE-2023-1730.json b/CVE-2023/CVE-2023-17xx/CVE-2023-1730.json new file mode 100644 index 00000000000..b328e80a53b --- /dev/null +++ b/CVE-2023/CVE-2023-17xx/CVE-2023-1730.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2023-1730", + "sourceIdentifier": "contact@wpscan.com", + "published": "2023-05-02T08:15:10.267", + "lastModified": "2023-05-02T08:15:10.267", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The SupportCandy WordPress plugin before 3.1.5 does not validate and escape user input before using it in an SQL statement, which could allow unauthenticated attackers to perform SQL injection attacks" + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "contact@wpscan.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://wpscan.com/vulnerability/44b51a56-ff05-4d50-9327-fc9bab74d4b7", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-18xx/CVE-2023-1804.json b/CVE-2023/CVE-2023-18xx/CVE-2023-1804.json new file mode 100644 index 00000000000..44fe65aef5e --- /dev/null +++ b/CVE-2023/CVE-2023-18xx/CVE-2023-1804.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2023-1804", + "sourceIdentifier": "contact@wpscan.com", + "published": "2023-05-02T08:15:10.337", + "lastModified": "2023-05-02T08:15:10.337", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Product Catalog Feed by PixelYourSite WordPress plugin before 2.1.1 does not sanitise and escape the edit parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin" + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "contact@wpscan.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://wpscan.com/vulnerability/55b28fa6-a54f-4365-9d59-f9e331c1e11b", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-18xx/CVE-2023-1805.json b/CVE-2023/CVE-2023-18xx/CVE-2023-1805.json new file mode 100644 index 00000000000..ad55ebd8021 --- /dev/null +++ b/CVE-2023/CVE-2023-18xx/CVE-2023-1805.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2023-1805", + "sourceIdentifier": "contact@wpscan.com", + "published": "2023-05-02T08:15:10.393", + "lastModified": "2023-05-02T08:15:10.393", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Product Catalog Feed by PixelYourSite WordPress plugin before 2.1.1 does not sanitise and escape the page parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin" + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "contact@wpscan.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://wpscan.com/vulnerability/46b4582f-7651-4b74-a00b-1788587ecfa8", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-18xx/CVE-2023-1809.json b/CVE-2023/CVE-2023-18xx/CVE-2023-1809.json new file mode 100644 index 00000000000..e4ec5235fcc --- /dev/null +++ b/CVE-2023/CVE-2023-18xx/CVE-2023-1809.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2023-1809", + "sourceIdentifier": "contact@wpscan.com", + "published": "2023-05-02T08:15:10.453", + "lastModified": "2023-05-02T08:15:10.453", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Download Manager WordPress plugin before 6.3.0 leaks master key information without the need for a password, allowing attackers to download arbitrary password-protected package files." + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "contact@wpscan.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-200" + } + ] + } + ], + "references": [ + { + "url": "https://wpscan.com/vulnerability/57f0a078-fbeb-4b05-8892-e6d99edb82c1", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-18xx/CVE-2023-1861.json b/CVE-2023/CVE-2023-18xx/CVE-2023-1861.json new file mode 100644 index 00000000000..aa711f25876 --- /dev/null +++ b/CVE-2023/CVE-2023-18xx/CVE-2023-1861.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2023-1861", + "sourceIdentifier": "contact@wpscan.com", + "published": "2023-05-02T08:15:10.517", + "lastModified": "2023-05-02T08:15:10.517", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Limit Login Attempts WordPress plugin through 1.7.2 does not sanitize and escape usernames when outputting them back in the logs dashboard, which could allow any authenticated users, such as subscriber to perform Stored Cross-Site Scripting attacks" + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "contact@wpscan.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://wpscan.com/vulnerability/461cbcca-aed7-4c92-ba35-ebabf4fcd810", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-19xx/CVE-2023-1911.json b/CVE-2023/CVE-2023-19xx/CVE-2023-1911.json new file mode 100644 index 00000000000..af5eb508a1b --- /dev/null +++ b/CVE-2023/CVE-2023-19xx/CVE-2023-1911.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2023-1911", + "sourceIdentifier": "contact@wpscan.com", + "published": "2023-05-02T08:15:10.570", + "lastModified": "2023-05-02T08:15:10.570", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The Blocksy Companion WordPress plugin before 1.8.82 does not ensure that posts to be accessed via a shortcode are already public and can be viewed, allowing any authenticated users, such as subscriber to access draft posts for example" + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "contact@wpscan.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-639" + } + ] + } + ], + "references": [ + { + "url": "https://wpscan.com/vulnerability/e7c52af0-b210-4e7d-a5e0-ee0645ddc08c", + "source": "contact@wpscan.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-20xx/CVE-2023-2000.json b/CVE-2023/CVE-2023-20xx/CVE-2023-2000.json new file mode 100644 index 00000000000..2cb7890de39 --- /dev/null +++ b/CVE-2023/CVE-2023-20xx/CVE-2023-2000.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-2000", + "sourceIdentifier": "responsibledisclosure@mattermost.com", + "published": "2023-05-02T09:15:10.013", + "lastModified": "2023-05-02T09:15:10.013", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Mattermost Desktop App fails to validate a mattermost server redirection and navigates\u00a0to an arbitrary website\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "responsibledisclosure@mattermost.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "responsibledisclosure@mattermost.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-601" + } + ] + } + ], + "references": [ + { + "url": "https://mattermost.com/security-updates", + "source": "responsibledisclosure@mattermost.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-312xx/CVE-2023-31207.json b/CVE-2023/CVE-2023-312xx/CVE-2023-31207.json new file mode 100644 index 00000000000..a81c927a51d --- /dev/null +++ b/CVE-2023/CVE-2023-312xx/CVE-2023-31207.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-31207", + "sourceIdentifier": "security@checkmk.com", + "published": "2023-05-02T09:15:10.120", + "lastModified": "2023-05-02T09:15:10.120", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Transmission of credentials within query parameters in Checkmk <= 2.1.0p26, <= 2.0.0p35, and <= 2.2.0b6 (beta) may cause the automation user's secret to be written to the site Apache access log." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@checkmk.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 4.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "security@checkmk.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-532" + } + ] + } + ], + "references": [ + { + "url": "https://checkmk.com/werk/15189", + "source": "security@checkmk.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-320xx/CVE-2023-32007.json b/CVE-2023/CVE-2023-320xx/CVE-2023-32007.json new file mode 100644 index 00000000000..7aa1b92e6c6 --- /dev/null +++ b/CVE-2023/CVE-2023-320xx/CVE-2023-32007.json @@ -0,0 +1,40 @@ +{ + "id": "CVE-2023-32007", + "sourceIdentifier": "security@apache.org", + "published": "2023-05-02T09:15:10.207", + "lastModified": "2023-05-02T09:15:10.207", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "** UNSUPPORTED WHEN ASSIGNED ** The Apache Spark UI offers the possibility to enable ACLs via the configuration option spark.acls.enable. With an authentication filter, this checks whether a user has access permissions to view or modify the application. If ACLs are enabled, a code path in HttpSecurityFilter can allow someone to perform impersonation by providing an arbitrary user name. A malicious user might then be able to reach a permission check function that will ultimately build a Unix shell command based on their input, and execute it. This will result in arbitrary shell command execution as the user Spark is currently running as. This issue was disclosed earlier as CVE-2022-33891, but incorrectly claimed version 3.1.3 (which has since gone EOL) would not be affected.\n\nNOTE: This vulnerability only affects products that are no longer supported by the maintainer.\n\nUsers are recommended to upgrade to a supported version of Apache Spark, such as version 3.4.0.\n\n\n" + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "security@apache.org", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-77" + } + ] + } + ], + "references": [ + { + "url": "https://lists.apache.org/thread/poxgnxhhnzz735kr1wos366l5vdbb0nv", + "source": "security@apache.org" + }, + { + "url": "https://spark.apache.org/security.html", + "source": "security@apache.org" + }, + { + "url": "https://www.cve.org/CVERecord?id=CVE-2022-33891", + "source": "security@apache.org" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 8752c910221..14eab049da1 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-05-02T08:00:28.719397+00:00 +2023-05-02T10:00:24.586602+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-05-02T06:15:10.510000+00:00 +2023-05-02T09:15:10.207000+00:00 ``` ### Last Data Feed Release @@ -29,24 +29,35 @@ Download and Changelog: [Click](releases/latest) ### Total Number of included CVEs ```plain -213892 +213914 ``` ### CVEs added in the last Commit -Recently added CVEs: `11` +Recently added CVEs: `22` -* [CVE-2022-25713](CVE-2022/CVE-2022-257xx/CVE-2022-25713.json) (`2023-05-02T06:15:08.500`) -* [CVE-2022-33281](CVE-2022/CVE-2022-332xx/CVE-2022-33281.json) (`2023-05-02T06:15:09.507`) -* [CVE-2022-33292](CVE-2022/CVE-2022-332xx/CVE-2022-33292.json) (`2023-05-02T06:15:09.757`) -* [CVE-2022-33304](CVE-2022/CVE-2022-333xx/CVE-2022-33304.json) (`2023-05-02T06:15:09.910`) -* [CVE-2022-33305](CVE-2022/CVE-2022-333xx/CVE-2022-33305.json) (`2023-05-02T06:15:09.997`) -* [CVE-2022-34144](CVE-2022/CVE-2022-341xx/CVE-2022-34144.json) (`2023-05-02T06:15:10.077`) -* [CVE-2022-40505](CVE-2022/CVE-2022-405xx/CVE-2022-40505.json) (`2023-05-02T06:15:10.173`) -* [CVE-2022-40508](CVE-2022/CVE-2022-405xx/CVE-2022-40508.json) (`2023-05-02T06:15:10.263`) -* [CVE-2023-21642](CVE-2023/CVE-2023-216xx/CVE-2023-21642.json) (`2023-05-02T06:15:10.347`) -* [CVE-2023-21665](CVE-2023/CVE-2023-216xx/CVE-2023-21665.json) (`2023-05-02T06:15:10.433`) -* [CVE-2023-21666](CVE-2023/CVE-2023-216xx/CVE-2023-21666.json) (`2023-05-02T06:15:10.510`) +* [CVE-2022-33273](CVE-2022/CVE-2022-332xx/CVE-2022-33273.json) (`2023-05-02T08:15:08.763`) +* [CVE-2022-40504](CVE-2022/CVE-2022-405xx/CVE-2022-40504.json) (`2023-05-02T08:15:09.437`) +* [CVE-2023-0891](CVE-2023/CVE-2023-08xx/CVE-2023-0891.json) (`2023-05-02T08:15:09.513`) +* [CVE-2023-0924](CVE-2023/CVE-2023-09xx/CVE-2023-0924.json) (`2023-05-02T08:15:09.620`) +* [CVE-2023-1021](CVE-2023/CVE-2023-10xx/CVE-2023-1021.json) (`2023-05-02T08:15:09.693`) +* [CVE-2023-1090](CVE-2023/CVE-2023-10xx/CVE-2023-1090.json) (`2023-05-02T08:15:09.753`) +* [CVE-2023-1125](CVE-2023/CVE-2023-11xx/CVE-2023-1125.json) (`2023-05-02T08:15:09.823`) +* [CVE-2023-1196](CVE-2023/CVE-2023-11xx/CVE-2023-1196.json) (`2023-05-02T09:15:09.280`) +* [CVE-2023-1525](CVE-2023/CVE-2023-15xx/CVE-2023-1525.json) (`2023-05-02T08:15:09.893`) +* [CVE-2023-1546](CVE-2023/CVE-2023-15xx/CVE-2023-1546.json) (`2023-05-02T08:15:09.957`) +* [CVE-2023-1554](CVE-2023/CVE-2023-15xx/CVE-2023-1554.json) (`2023-05-02T08:15:10.023`) +* [CVE-2023-1614](CVE-2023/CVE-2023-16xx/CVE-2023-1614.json) (`2023-05-02T08:15:10.097`) +* [CVE-2023-1669](CVE-2023/CVE-2023-16xx/CVE-2023-1669.json) (`2023-05-02T08:15:10.180`) +* [CVE-2023-1730](CVE-2023/CVE-2023-17xx/CVE-2023-1730.json) (`2023-05-02T08:15:10.267`) +* [CVE-2023-1804](CVE-2023/CVE-2023-18xx/CVE-2023-1804.json) (`2023-05-02T08:15:10.337`) +* [CVE-2023-1805](CVE-2023/CVE-2023-18xx/CVE-2023-1805.json) (`2023-05-02T08:15:10.393`) +* [CVE-2023-1809](CVE-2023/CVE-2023-18xx/CVE-2023-1809.json) (`2023-05-02T08:15:10.453`) +* [CVE-2023-1861](CVE-2023/CVE-2023-18xx/CVE-2023-1861.json) (`2023-05-02T08:15:10.517`) +* [CVE-2023-1911](CVE-2023/CVE-2023-19xx/CVE-2023-1911.json) (`2023-05-02T08:15:10.570`) +* [CVE-2023-2000](CVE-2023/CVE-2023-20xx/CVE-2023-2000.json) (`2023-05-02T09:15:10.013`) +* [CVE-2023-31207](CVE-2023/CVE-2023-312xx/CVE-2023-31207.json) (`2023-05-02T09:15:10.120`) +* [CVE-2023-32007](CVE-2023/CVE-2023-320xx/CVE-2023-32007.json) (`2023-05-02T09:15:10.207`) ### CVEs modified in the last Commit