admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-06 18:52:58 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-08-02T02:00:31.995702+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-08-02 02:00:35 +00:00
parent 9c81f02373
commit 525ecb0f67
87 changed files with 3784 additions and 334 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
CVE-2021/CVE-2021-264xx/CVE-2021-26418.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2021-26418",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-05-11T19:15:08.793",
"lastModified": "2022-07-12T17:42:04.277",
"vulnStatus": "Analyzed",
"lastModified": "2023-08-02T00:15:10.887",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Microsoft SharePoint Spoofing Vulnerability This CVE ID is unique from CVE-2021-28478, CVE-2021-31172."
"value": "Microsoft SharePoint Server Spoofing Vulnerability"
},
{
"lang": "es",
@ -17,8 +17,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.1,
"impactScore": 2.5
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N",

26
CVE-2021/CVE-2021-264xx/CVE-2021-26419.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-26419",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-05-11T19:15:08.837",
"lastModified": "2022-05-03T16:04:40.443",
"vulnStatus": "Analyzed",
"lastModified": "2023-08-02T00:15:11.000",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -35,6 +35,26 @@
},
"exploitabilityScore": 1.6,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.6,
"impactScore": 5.9
}
],
"cvssMetricV2": [

26
CVE-2021/CVE-2021-264xx/CVE-2021-26421.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-26421",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-05-11T19:15:08.870",
"lastModified": "2021-05-18T18:38:04.353",
"vulnStatus": "Analyzed",
"lastModified": "2023-08-02T00:15:11.110",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -17,8 +17,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.3,
"impactScore": 4.7
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N",

26
CVE-2021/CVE-2021-264xx/CVE-2021-26422.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-26422",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-05-11T19:15:08.907",
"lastModified": "2022-06-28T14:11:45.273",
"vulnStatus": "Analyzed",
"lastModified": "2023-08-02T00:15:11.207",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -35,6 +35,26 @@
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
],
"cvssMetricV2": [

26
CVE-2021/CVE-2021-284xx/CVE-2021-28461.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-28461",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-05-11T19:15:09.023",
"lastModified": "2021-05-17T17:38:07.410",
"vulnStatus": "Analyzed",
"lastModified": "2023-08-02T00:15:11.300",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -17,8 +17,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 4.0
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",

26
CVE-2021/CVE-2021-284xx/CVE-2021-28465.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-28465",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-05-11T19:15:09.060",
"lastModified": "2022-06-28T14:11:45.273",
"vulnStatus": "Analyzed",
"lastModified": "2023-08-02T00:15:11.397",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -35,6 +35,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [

26
CVE-2021/CVE-2021-284xx/CVE-2021-28474.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-28474",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-05-11T19:15:09.093",
"lastModified": "2022-07-12T17:42:04.277",
"vulnStatus": "Analyzed",
"lastModified": "2023-08-02T00:15:11.487",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -35,6 +35,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [

28
CVE-2021/CVE-2021-284xx/CVE-2021-28476.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2021-28476",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-05-11T19:15:09.133",
"lastModified": "2022-04-29T16:19:50.250",
"vulnStatus": "Analyzed",
"lastModified": "2023-08-02T00:15:11.583",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Hyper-V Remote Code Execution Vulnerability"
"value": "Windows Hyper-V Remote Code Execution Vulnerability"
},
{
"lang": "es",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -35,6 +35,26 @@
},
"exploitabilityScore": 3.1,
"impactScore": 6.0
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.1,
"impactScore": 6.0
}
],
"cvssMetricV2": [

28
CVE-2021/CVE-2021-284xx/CVE-2021-28478.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2021-28478",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-05-11T19:15:09.177",
"lastModified": "2021-05-18T16:50:23.447",
"vulnStatus": "Analyzed",
"lastModified": "2023-08-02T00:15:11.687",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Microsoft SharePoint Spoofing Vulnerability This CVE ID is unique from CVE-2021-26418, CVE-2021-31172."
"value": "Microsoft SharePoint Server Spoofing Vulnerability"
},
{
"lang": "es",
@ -17,8 +17,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 7.6,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.3,
"impactScore": 4.7
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N",

26
CVE-2021/CVE-2021-284xx/CVE-2021-28479.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-28479",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-05-11T19:15:09.220",
"lastModified": "2022-06-28T14:11:45.273",
"vulnStatus": "Analyzed",
"lastModified": "2023-08-02T00:15:11.787",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -35,6 +35,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
],
"cvssMetricV2": [

28
CVE-2021/CVE-2021-311xx/CVE-2021-31165.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2021-31165",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-05-11T19:15:09.267",
"lastModified": "2022-05-03T16:04:40.443",
"vulnStatus": "Analyzed",
"lastModified": "2023-08-02T00:15:11.880",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Windows Container Manager Service Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-31167, CVE-2021-31168, CVE-2021-31169, CVE-2021-31208."
"value": "Windows Container Manager Service Elevation of Privilege Vulnerability"
},
{
"lang": "es",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -35,6 +35,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [

26
CVE-2021/CVE-2021-311xx/CVE-2021-31166.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-31166",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-05-11T19:15:09.300",
"lastModified": "2021-05-26T19:44:53.007",
"vulnStatus": "Analyzed",
"lastModified": "2023-08-02T00:15:11.973",
"vulnStatus": "Modified",
"cisaExploitAdd": "2022-04-06",
"cisaActionDue": "2022-04-27",
"cisaRequiredAction": "Apply updates per vendor instructions.",
@ -21,7 +21,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -39,6 +39,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV2": [

28
CVE-2021/CVE-2021-311xx/CVE-2021-31167.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2021-31167",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-05-11T19:15:09.337",
"lastModified": "2022-05-03T16:04:40.443",
"vulnStatus": "Analyzed",
"lastModified": "2023-08-02T00:15:12.070",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Windows Container Manager Service Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-31165, CVE-2021-31168, CVE-2021-31169, CVE-2021-31208."
"value": "Windows Container Manager Service Elevation of Privilege Vulnerability"
},
{
"lang": "es",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -35,6 +35,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [

28
CVE-2021/CVE-2021-311xx/CVE-2021-31168.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2021-31168",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-05-11T19:15:09.380",
"lastModified": "2021-05-14T15:05:24.883",
"vulnStatus": "Analyzed",
"lastModified": "2023-08-02T00:15:12.160",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Windows Container Manager Service Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-31165, CVE-2021-31167, CVE-2021-31169, CVE-2021-31208."
"value": "Windows Container Manager Service Elevation of Privilege Vulnerability"
},
{
"lang": "es",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -35,6 +35,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [

28
CVE-2021/CVE-2021-311xx/CVE-2021-31169.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2021-31169",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-05-11T19:15:09.423",
"lastModified": "2021-05-14T13:55:20.527",
"vulnStatus": "Analyzed",
"lastModified": "2023-08-02T00:15:12.263",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Windows Container Manager Service Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-31165, CVE-2021-31167, CVE-2021-31168, CVE-2021-31208."
"value": "Windows Container Manager Service Elevation of Privilege Vulnerability"
},
{
"lang": "es",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -35,6 +35,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [

28
CVE-2021/CVE-2021-311xx/CVE-2021-31170.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2021-31170",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-05-11T19:15:09.463",
"lastModified": "2022-05-03T16:04:40.443",
"vulnStatus": "Analyzed",
"lastModified": "2023-08-02T00:15:12.357",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Windows Graphics Component Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-31188."
"value": "Windows Graphics Component Elevation of Privilege Vulnerability"
},
{
"lang": "es",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -35,6 +35,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [

26
CVE-2021/CVE-2021-311xx/CVE-2021-31171.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-31171",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-05-11T19:15:09.497",
"lastModified": "2022-06-28T14:11:45.273",
"vulnStatus": "Analyzed",
"lastModified": "2023-08-02T00:15:12.447",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -17,8 +17,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.5,
"impactScore": 3.6
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",

28
CVE-2021/CVE-2021-311xx/CVE-2021-31172.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2021-31172",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-05-11T19:15:09.527",
"lastModified": "2021-05-18T16:38:49.863",
"vulnStatus": "Analyzed",
"lastModified": "2023-08-02T00:15:12.537",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Microsoft SharePoint Spoofing Vulnerability This CVE ID is unique from CVE-2021-26418, CVE-2021-28478."
"value": "Microsoft SharePoint Server Spoofing Vulnerability"
},
{
"lang": "es",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -35,6 +35,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 4.2
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 4.2
}
],
"cvssMetricV2": [

26
CVE-2021/CVE-2021-311xx/CVE-2021-31173.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-31173",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-05-11T19:15:09.560",
"lastModified": "2022-06-28T14:11:45.273",
"vulnStatus": "Analyzed",
"lastModified": "2023-08-02T00:15:12.623",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -17,8 +17,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.6,
"impactScore": 3.6
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",

26
CVE-2021/CVE-2021-311xx/CVE-2021-31174.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-31174",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-05-11T19:15:09.597",
"lastModified": "2022-06-28T14:11:45.273",
"vulnStatus": "Analyzed",
"lastModified": "2023-08-02T00:15:12.713",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -35,6 +35,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
],
"cvssMetricV2": [

28
CVE-2021/CVE-2021-311xx/CVE-2021-31175.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2021-31175",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-05-11T19:15:09.633",
"lastModified": "2021-05-18T16:08:54.347",
"vulnStatus": "Analyzed",
"lastModified": "2023-08-02T00:15:12.807",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Office Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-31176, CVE-2021-31177, CVE-2021-31179."
"value": "Microsoft Office Remote Code Execution Vulnerability"
},
{
"lang": "es",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -35,6 +35,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [

28
CVE-2021/CVE-2021-311xx/CVE-2021-31176.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2021-31176",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-05-11T19:15:09.670",
"lastModified": "2021-05-17T16:24:59.887",
"vulnStatus": "Analyzed",
"lastModified": "2023-08-02T00:15:12.900",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Office Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-31175, CVE-2021-31177, CVE-2021-31179."
"value": "Microsoft Office Remote Code Execution Vulnerability"
},
{
"lang": "es",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -35,6 +35,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [

26
CVE-2021/CVE-2021-311xx/CVE-2021-31178.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-31178",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-05-11T19:15:09.737",
"lastModified": "2022-06-28T14:11:45.273",
"vulnStatus": "Analyzed",
"lastModified": "2023-08-02T00:15:12.993",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -35,6 +35,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
],
"cvssMetricV2": [

28
CVE-2021/CVE-2021-311xx/CVE-2021-31179.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2021-31179",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-05-11T19:15:09.767",
"lastModified": "2021-05-17T16:23:24.963",
"vulnStatus": "Analyzed",
"lastModified": "2023-08-02T00:15:13.087",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Office Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-31175, CVE-2021-31176, CVE-2021-31177."
"value": "Microsoft Office Remote Code Execution Vulnerability"
},
{
"lang": "es",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -35,6 +35,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [

26
CVE-2021/CVE-2021-311xx/CVE-2021-31181.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-31181",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-05-11T19:15:09.837",
"lastModified": "2022-04-29T16:24:20.793",
"vulnStatus": "Analyzed",
"lastModified": "2023-08-02T00:15:13.190",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -35,6 +35,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [

26
CVE-2021/CVE-2021-311xx/CVE-2021-31182.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-31182",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-05-11T19:15:09.870",
"lastModified": "2021-05-18T18:33:09.477",
"vulnStatus": "Analyzed",
"lastModified": "2023-08-02T00:15:13.277",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -35,6 +35,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 4.2
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 4.2
}
],
"cvssMetricV2": [

26
CVE-2021/CVE-2021-311xx/CVE-2021-31184.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-31184",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-05-11T19:15:09.910",
"lastModified": "2022-06-28T14:11:45.273",
"vulnStatus": "Analyzed",
"lastModified": "2023-08-02T00:15:13.370",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -35,6 +35,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
],
"cvssMetricV2": [

26
CVE-2021/CVE-2021-311xx/CVE-2021-31185.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-31185",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-05-11T19:15:09.947",
"lastModified": "2021-05-17T20:29:04.487",
"vulnStatus": "Analyzed",
"lastModified": "2023-08-02T00:15:13.463",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -35,6 +35,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
],
"cvssMetricV2": [

26
CVE-2021/CVE-2021-311xx/CVE-2021-31186.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-31186",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-05-11T19:15:09.980",
"lastModified": "2022-06-28T14:11:45.273",
"vulnStatus": "Analyzed",
"lastModified": "2023-08-02T00:15:13.547",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -17,8 +17,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 4.0
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",

26
CVE-2021/CVE-2021-311xx/CVE-2021-31187.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-31187",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-05-11T19:15:10.017",
"lastModified": "2022-05-03T16:04:40.443",
"vulnStatus": "Analyzed",
"lastModified": "2023-08-02T00:15:13.647",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -35,6 +35,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [

28
CVE-2021/CVE-2021-311xx/CVE-2021-31188.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2021-31188",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-05-11T19:15:10.050",
"lastModified": "2022-05-03T16:04:40.443",
"vulnStatus": "Analyzed",
"lastModified": "2023-08-02T00:15:13.743",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Windows Graphics Component Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-31170."
"value": "Windows Graphics Component Elevation of Privilege Vulnerability"
},
{
"lang": "es",
@ -17,8 +17,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",

26
CVE-2021/CVE-2021-311xx/CVE-2021-31190.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-31190",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-05-11T19:15:10.083",
"lastModified": "2022-05-03T16:04:40.443",
"vulnStatus": "Analyzed",
"lastModified": "2023-08-02T00:15:13.837",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -35,6 +35,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [

26
CVE-2021/CVE-2021-311xx/CVE-2021-31191.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-31191",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-05-11T19:15:10.113",
"lastModified": "2022-06-28T14:11:45.273",
"vulnStatus": "Analyzed",
"lastModified": "2023-08-02T00:15:13.933",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -35,6 +35,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
],
"cvssMetricV2": [

26
CVE-2021/CVE-2021-311xx/CVE-2021-31192.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-31192",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-05-11T19:15:10.143",
"lastModified": "2021-05-18T17:49:58.297",
"vulnStatus": "Analyzed",
"lastModified": "2023-08-02T00:15:14.037",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -17,8 +17,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.3,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",

26
CVE-2021/CVE-2021-311xx/CVE-2021-31193.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-31193",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-05-11T19:15:10.173",
"lastModified": "2022-05-03T16:04:40.443",
"vulnStatus": "Analyzed",
"lastModified": "2023-08-02T00:15:14.130",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -35,6 +35,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [

26
CVE-2021/CVE-2021-311xx/CVE-2021-31194.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-31194",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-05-11T19:15:10.200",
"lastModified": "2021-05-17T19:41:26.287",
"vulnStatus": "Analyzed",
"lastModified": "2023-08-02T00:15:14.223",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -35,6 +35,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [

28
CVE-2021/CVE-2021-311xx/CVE-2021-31195.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2021-31195",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-05-11T19:15:10.227",
"lastModified": "2021-05-17T19:28:31.383",
"vulnStatus": "Analyzed",
"lastModified": "2023-08-02T00:15:14.323",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-31198."
"value": "Microsoft Exchange Server Remote Code Execution Vulnerability"
},
{
"lang": "es",
@ -17,8 +17,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",

28
CVE-2021/CVE-2021-311xx/CVE-2021-31198.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2021-31198",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-05-11T19:15:10.257",
"lastModified": "2022-06-28T14:11:45.273",
"vulnStatus": "Analyzed",
"lastModified": "2023-08-02T00:15:14.423",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-31195."
"value": "Microsoft Exchange Server Remote Code Execution Vulnerability"
},
{
"lang": "es",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -35,6 +35,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [

26
CVE-2021/CVE-2021-312xx/CVE-2021-31200.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-31200",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-05-11T19:15:10.290",
"lastModified": "2021-05-18T19:34:02.727",
"vulnStatus": "Analyzed",
"lastModified": "2023-08-02T00:15:14.527",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -35,6 +35,26 @@
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
],
"cvssMetricV2": [

26
CVE-2021/CVE-2021-312xx/CVE-2021-31205.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-31205",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-05-11T19:15:10.363",
"lastModified": "2021-05-18T19:50:34.240",
"vulnStatus": "Analyzed",
"lastModified": "2023-08-02T00:15:14.637",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -17,8 +17,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",

26
CVE-2021/CVE-2021-312xx/CVE-2021-31207.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-31207",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-05-11T19:15:10.397",
"lastModified": "2022-07-12T17:42:04.277",
"vulnStatus": "Analyzed",
"lastModified": "2023-08-02T00:15:14.737",
"vulnStatus": "Modified",
"cisaExploitAdd": "2021-11-03",
"cisaActionDue": "2021-11-17",
"cisaRequiredAction": "Apply updates per vendor instructions.",
@ -21,8 +21,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.7,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",

28
CVE-2021/CVE-2021-312xx/CVE-2021-31208.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2021-31208",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-05-11T19:15:10.430",
"lastModified": "2022-05-03T16:04:40.443",
"vulnStatus": "Analyzed",
"lastModified": "2023-08-02T00:15:14.850",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Windows Container Manager Service Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-31165, CVE-2021-31167, CVE-2021-31168, CVE-2021-31169."
"value": "Windows Container Manager Service Elevation of Privilege Vulnerability"
},
{
"lang": "es",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -35,6 +35,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [

26
CVE-2021/CVE-2021-312xx/CVE-2021-31209.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-31209",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-05-11T19:15:10.467",
"lastModified": "2022-04-29T16:17:44.533",
"vulnStatus": "Analyzed",
"lastModified": "2023-08-02T00:15:14.957",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -17,8 +17,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.2,
"impactScore": 4.2
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",

28
CVE-2021/CVE-2021-312xx/CVE-2021-31211.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2021-31211",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-05-11T19:15:10.507",
"lastModified": "2021-05-19T02:35:22.653",
"vulnStatus": "Analyzed",
"lastModified": "2023-08-02T00:15:15.053",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Visual Studio Code Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-31214."
"value": "Visual Studio Code Remote Code Execution Vulnerability"
},
{
"lang": "es",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -35,6 +35,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [

26
CVE-2021/CVE-2021-312xx/CVE-2021-31213.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-31213",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-05-11T19:15:10.537",
"lastModified": "2021-05-18T20:56:48.483",
"vulnStatus": "Analyzed",
"lastModified": "2023-08-02T00:15:15.177",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -35,6 +35,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [

28
CVE-2021/CVE-2021-312xx/CVE-2021-31214.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2021-31214",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-05-11T19:15:10.567",
"lastModified": "2022-06-28T14:11:45.273",
"vulnStatus": "Analyzed",
"lastModified": "2023-08-02T00:15:15.387",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Visual Studio Code Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-31211."
"value": "Visual Studio Code Remote Code Execution Vulnerability"
},
{
"lang": "es",
@ -17,7 +17,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -35,6 +35,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [

26
CVE-2021/CVE-2021-319xx/CVE-2021-31936.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-31936",
"sourceIdentifier": "secure@microsoft.com",
"published": "2021-05-11T19:15:10.597",
"lastModified": "2021-05-19T20:15:04.053",
"vulnStatus": "Analyzed",
"lastModified": "2023-08-02T00:15:15.657",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -17,8 +17,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 4.0
},
{
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",

69
CVE-2022/CVE-2022-288xx/CVE-2022-28863.json
View File

@ -2,23 +2,82 @@
"id": "CVE-2022-28863",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-24T14:15:10.040",
"lastModified": "2023-07-25T13:01:13.730",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-02T01:15:53.020",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Nokia NetAct 22. A remote user, authenticated to the website, can visit the Site Configuration Tool section and arbitrarily upload potentially dangerous files without restrictions via the /netact/sct dir parameter in conjunction with the operation=upload value."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nokia:netact:22.0.0.62:*:*:*:*:*:*:*",
"matchCriteriaId": "62C61495-A220-476A-A995-2418DDF3EBFC"
}
]
}
]
}
],
"references": [
{
"url": "https://www.gruppotim.it/it/footer/red-team.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://www.telecomitalia.com/tit/it/innovazione/cybersecurity/red-team.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Not Applicable"
]
}
]
}

69
CVE-2022/CVE-2022-288xx/CVE-2022-28864.json
View File

@ -2,23 +2,82 @@
"id": "CVE-2022-28864",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-24T14:15:10.103",
"lastModified": "2023-07-25T13:01:13.730",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-02T01:15:43.183",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Nokia NetAct 22 through the Administration of Measurements website section. A malicious user can edit or add the templateName parameter in order to include malicious code, which is then downloaded as a .csv or .xlsx file and executed on a victim machine. Here, the /aom/html/EditTemplate.jsf and /aom/html/ViewAllTemplatesPage.jsf templateName parameter is used."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-1236"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nokia:netact:22.0.0.62:*:*:*:*:*:*:*",
"matchCriteriaId": "62C61495-A220-476A-A995-2418DDF3EBFC"
}
]
}
]
}
],
"references": [
{
"url": "https://www.gruppotim.it/it/footer/red-team.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://www.telecomitalia.com/tit/it/innovazione/cybersecurity/red-team.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Not Applicable"
]
}
]
}

69
CVE-2022/CVE-2022-288xx/CVE-2022-28865.json
View File

@ -2,23 +2,82 @@
"id": "CVE-2022-28865",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-24T14:15:10.157",
"lastModified": "2023-07-25T13:01:13.730",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-02T01:07:06.837",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Nokia NetAct 22 through the Site Configuration Tool website section. A malicious user can change a filename of an uploaded file to include JavaScript code, which is then stored and executed by a victim's web browser. The most common mechanism for delivering malicious content is to include it as a parameter in a URL that is posted publicly or e-mailed directly to victims. Here, the /netact/sct filename parameter is used."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nokia:netact:22.0.0.62:*:*:*:*:*:*:*",
"matchCriteriaId": "62C61495-A220-476A-A995-2418DDF3EBFC"
}
]
}
]
}
],
"references": [
{
"url": "https://www.gruppotim.it/it/footer/red-team.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://www.telecomitalia.com/tit/it/innovazione/cybersecurity/red-team.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Not Applicable"
]
}
]
}

69
CVE-2022/CVE-2022-288xx/CVE-2022-28867.json
View File

@ -2,23 +2,82 @@
"id": "CVE-2022-28867",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-24T14:15:10.210",
"lastModified": "2023-07-25T13:01:13.730",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-02T01:05:10.263",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Nokia NetAct 22 through the Administration of Measurements website section. A malicious user can edit or add the templateName parameter in order to include JavaScript code, which is then stored and executed by a victim's web browser. The most common mechanism for delivering malicious content is to include it as a parameter in a URL that is posted publicly or e-mailed directly to victims. Here, the /aom/html/EditTemplate.jsf and /aom/html/ViewAllTemplatesPage.jsf templateName parameter is used."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nokia:netact:22.0.0.62:*:*:*:*:*:*:*",
"matchCriteriaId": "62C61495-A220-476A-A995-2418DDF3EBFC"
}
]
}
]
}
],
"references": [
{
"url": "https://www.gruppotim.it/it/footer/red-team.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://www.telecomitalia.com/tit/it/innovazione/cybersecurity/red-team.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Not Applicable"
]
}
]
}

69
CVE-2022/CVE-2022-302xx/CVE-2022-30280.json
View File

@ -2,23 +2,82 @@
"id": "CVE-2022-30280",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-24T14:15:10.267",
"lastModified": "2023-07-25T13:01:13.730",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-02T01:01:05.877",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "/SecurityManagement/html/createuser.jsf in Nokia NetAct 22 allows CSRF. A remote attacker is able to create users with arbitrary privileges, even administrative privileges. The application (even if it implements a CSRF token for the random GET request) does not ever verify a CSRF token. With a little help of social engineering/phishing (such as sending a link via email or chat), an attacker may trick the users of a web application into executing actions of the attacker's choosing. If the victim is a normal user, a successful CSRF attack can force the user to perform state changing requests like transferring funds, changing their email address, and so forth. If the victim is an administrative account, CSRF can compromise the entire web application."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nokia:netact:22.0.0.62:*:*:*:*:*:*:*",
"matchCriteriaId": "62C61495-A220-476A-A995-2418DDF3EBFC"
}
]
}
]
}
],
"references": [
{
"url": "https://www.gruppotim.it/it/footer/red-team.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://www.telecomitalia.com/tit/it/innovazione/cybersecurity/red-team.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Not Applicable"
]
}
]
}

8
CVE-2022/CVE-2022-324xx/CVE-2022-32449.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-32449",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-07-07T19:15:08.350",
"lastModified": "2022-07-15T03:08:36.010",
"vulnStatus": "Analyzed",
"lastModified": "2023-08-02T00:15:15.913",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -112,6 +112,10 @@
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://github.com/winmt/my-vuls/tree/main/TOTOLINK%20EX300_V2",
"source": "cve@mitre.org"
}
]
}

59
CVE-2023/CVE-2023-06xx/CVE-2023-0632.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-0632",
"sourceIdentifier": "cve@gitlab.com",
"published": "2023-08-02T00:15:16.163",
"lastModified": "2023-08-02T00:15:16.163",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An issue has been discovered in GitLab affecting all versions starting from 15.2 before 16.0.8, all versions starting from 16.1 before 16.1.3, all versions starting from 16.2 before 16.2.2. A Regular Expression Denial of Service was possible by using crafted payloads to search Harbor Registry."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@gitlab.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "cve@gitlab.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
}
],
"references": [
{
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/390148",
"source": "cve@gitlab.com"
},
{
"url": "https://hackerone.com/reports/1852677",
"source": "cve@gitlab.com"
}
]
}

59
CVE-2023/CVE-2023-12xx/CVE-2023-1210.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-1210",
"sourceIdentifier": "cve@gitlab.com",
"published": "2023-08-02T00:15:16.430",
"lastModified": "2023-08-02T00:15:16.430",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An issue has been discovered in GitLab affecting all versions starting from 12.9 before 16.0.8, all versions starting from 16.1 before 16.1.3, all versions starting from 16.2 before 16.2.2. It was possible to leak a user's email via an error message for groups that restrict membership by email domain."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@gitlab.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.6,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "cve@gitlab.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"references": [
{
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/394775",
"source": "cve@gitlab.com"
},
{
"url": "https://hackerone.com/reports/1884672",
"source": "cve@gitlab.com"
}
]
}

59
CVE-2023/CVE-2023-21xx/CVE-2023-2164.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-2164",
"sourceIdentifier": "cve@gitlab.com",
"published": "2023-08-02T00:15:16.683",
"lastModified": "2023-08-02T00:15:16.683",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An issue has been discovered in GitLab affecting all versions starting from 15.9 before 16.0.8, all versions starting from 16.1 before 16.1.3, all versions starting from 16.2 before 16.2.2. It was possible for an attacker to trigger a stored XSS vulnerability via user interaction with a crafted URL in the WebIDE beta."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@gitlab.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "cve@gitlab.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/407783",
"source": "cve@gitlab.com"
},
{
"url": "https://hackerone.com/reports/1940598",
"source": "cve@gitlab.com"
}
]
}

89
CVE-2023/CVE-2023-30xx/CVE-2023-3019.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3019",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-07-24T16:15:12.253",
"lastModified": "2023-07-25T13:01:09.337",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-02T01:00:46.400",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.0,
"impactScore": 4.0
},
{
"source": "secalert@redhat.com",
"type": "Secondary",
@ -34,14 +54,75 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qemu:qemu:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6D9E0C78-9678-4CEE-9389-962CF618A51F"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:-:*:*:*",
"matchCriteriaId": "053C1B35-3869-41C2-9551-044182DE0A64"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:advanced_virtualization:*:*:*",
"matchCriteriaId": "3AA08768-75AF-4791-B229-AE938C780959"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D"
}
]
}
]
}
],
"references": [
{
"url": "https://access.redhat.com/security/cve/CVE-2023-3019",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2222351",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
]
}
]
}

55
CVE-2023/CVE-2023-314xx/CVE-2023-31428.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-31428",
"sourceIdentifier": "sirt@brocade.com",
"published": "2023-08-02T00:15:16.977",
"lastModified": "2023-08-02T00:15:16.977",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Brocade Fabric OS before Brocade Fabric OS v9.1.1c, v9.2.0 contains a vulnerability in the command line that could allow a local user to dump files under user's home directory using grep.\n\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "sirt@brocade.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "sirt@brocade.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"references": [
{
"url": "https://support.broadcom.com/external/content/SecurityAdvisories/0/22380",
"source": "sirt@brocade.com"
}
]
}

55
CVE-2023/CVE-2023-314xx/CVE-2023-31430.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-31430",
"sourceIdentifier": "sirt@brocade.com",
"published": "2023-08-02T00:15:17.187",
"lastModified": "2023-08-02T00:15:17.187",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow vulnerability in \u201csecpolicydelete\u201d command in Brocade Fabric OS before Brocade Fabric OS v9.1.1c and v9.2.0 could allow an authenticated privileged user to crash the Brocade Fabric OS switch leading to a denial of service.\n\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "sirt@brocade.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "sirt@brocade.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"references": [
{
"url": "https://support.broadcom.com/external/content/SecurityAdvisories/0/22381",
"source": "sirt@brocade.com"
}
]
}

55
CVE-2023/CVE-2023-314xx/CVE-2023-31431.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-31431",
"sourceIdentifier": "sirt@brocade.com",
"published": "2023-08-02T00:15:17.410",
"lastModified": "2023-08-02T00:15:17.410",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow vulnerability in \u201cdiagstatus\u201d command in Brocade Fabric OS before Brocade Fabric v9.2.0 and v9.1.1c could allow an authenticated user to crash the Brocade Fabric OS switch leading to a denial of service.\n\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "sirt@brocade.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "sirt@brocade.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"references": [
{
"url": "https://support.broadcom.com/external/content/SecurityAdvisories/0/22384",
"source": "sirt@brocade.com"
}
]
}

55
CVE-2023/CVE-2023-314xx/CVE-2023-31432.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-31432",
"sourceIdentifier": "sirt@brocade.com",
"published": "2023-08-02T00:15:17.587",
"lastModified": "2023-08-02T00:15:17.587",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Through manipulation of passwords or other variables, using commands such as portcfgupload, configupload, license, myid, a non-privileged user could obtain root privileges in Brocade Fabric OS versions before Brocade Fabric OS v9.1.1c and v9.2.0.\n\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "sirt@brocade.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "sirt@brocade.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-269"
}
]
}
],
"references": [
{
"url": "https://support.broadcom.com/external/content/SecurityAdvisories/0/22385",
"source": "sirt@brocade.com"
}
]
}

59
CVE-2023/CVE-2023-319xx/CVE-2023-31926.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-31926",
"sourceIdentifier": "sirt@brocade.com",
"published": "2023-08-02T01:15:09.343",
"lastModified": "2023-08-02T01:15:09.343",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "System files could be overwritten using the less command in Brocade Fabric OS before Brocade Fabric OS v9.1.1c and v9.2.0.\n\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "sirt@brocade.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "sirt@brocade.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-281"
},
{
"lang": "en",
"value": "CWE-665"
}
]
}
],
"references": [
{
"url": "https://support.broadcom.com/external/content/SecurityAdvisories/0/22388",
"source": "sirt@brocade.com"
}
]
}

55
CVE-2023/CVE-2023-319xx/CVE-2023-31927.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-31927",
"sourceIdentifier": "sirt@brocade.com",
"published": "2023-08-02T01:15:09.437",
"lastModified": "2023-08-02T01:15:09.437",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An information disclosure in the web interface of Brocade Fabric OS versions before Brocade Fabric OS v9.2.0 and v9.1.1c, could allow a remote unauthenticated attacker to get technical details about the web interface.\n\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "sirt@brocade.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "sirt@brocade.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"references": [
{
"url": "https://support.broadcom.com/external/content/SecurityAdvisories/0/22389",
"source": "sirt@brocade.com"
}
]
}

55
CVE-2023/CVE-2023-319xx/CVE-2023-31928.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-31928",
"sourceIdentifier": "sirt@brocade.com",
"published": "2023-08-02T00:15:17.800",
"lastModified": "2023-08-02T00:15:17.800",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\nA reflected cross-site scripting (XSS) vulnerability exists in Brocade Webtools PortSetting.html of Brocade Fabric OS version before Brocade Fabric OS v9.2.0 that could allow a remote unauthenticated attacker to execute arbitrary JavaScript code in a target user\u2019s session with the Brocade Webtools application.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "sirt@brocade.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
]
},
"weaknesses": [
{
"source": "sirt@brocade.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://support.broadcom.com/external/content/SecurityAdvisories/0/22390",
"source": "sirt@brocade.com"
}
]
}

134
CVE-2023/CVE-2023-323xx/CVE-2023-32381.json
View File

@ -2,39 +2,155 @@
"id": "CVE-2023-32381",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-07-27T00:15:14.397",
"lastModified": "2023-07-27T12:13:19.517",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-02T00:42:34.140",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.6.8, iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Big Sur 11.7.9, macOS Ventura 13.5, watchOS 9.6. An app may be able to execute arbitrary code with kernel privileges."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.6",
"matchCriteriaId": "F362BEC4-90C7-4305-BFF9-645FE6C52DFE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.6",
"matchCriteriaId": "DB63BAC2-C756-428C-8BAC-BAD39FBE5EF4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "11.0",
"versionEndExcluding": "11.7.9",
"matchCriteriaId": "FB5312D6-AEEA-4548-B3EF-B07B46168475"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "12.0.0",
"versionEndExcluding": "12.6.8",
"matchCriteriaId": "A47C992E-C336-403A-A534-E1A33C7338DE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.5",
"matchCriteriaId": "3D701507-146E-4E5B-8C32-60E797E46627"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.6",
"matchCriteriaId": "339039D5-7AAC-4252-B4F6-BFCEBB48D92A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "9.6",
"matchCriteriaId": "90DFD981-D950-40B0-A699-4878B653A20D"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/HT213841",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213843",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213844",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213845",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213846",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213848",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

154
CVE-2023/CVE-2023-324xx/CVE-2023-32433.json
View File

@ -2,43 +2,177 @@
"id": "CVE-2023-32433",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-07-27T00:15:14.877",
"lastModified": "2023-07-27T12:13:19.517",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-02T00:43:07.483",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.6.8, iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Big Sur 11.7.9, macOS Ventura 13.5, watchOS 9.6. An app may be able to execute arbitrary code with kernel privileges."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.7.8",
"matchCriteriaId": "5E276423-4032-4E12-AB11-88F7047E35EA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0",
"versionEndExcluding": "16.6",
"matchCriteriaId": "33013784-1828-4402-81CF-2794D94A7C48"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.7.8",
"matchCriteriaId": "8635FA0F-1876-4E3A-B02D-31AEA459C38E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0",
"versionEndExcluding": "16.6",
"matchCriteriaId": "4C67BFEB-764A-4C07-A02A-117C6AFAAC6A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "11.0",
"versionEndExcluding": "11.7.9",
"matchCriteriaId": "FB5312D6-AEEA-4548-B3EF-B07B46168475"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "12.0.0",
"versionEndExcluding": "12.6.8",
"matchCriteriaId": "A47C992E-C336-403A-A534-E1A33C7338DE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.5",
"matchCriteriaId": "3D701507-146E-4E5B-8C32-60E797E46627"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.6",
"matchCriteriaId": "339039D5-7AAC-4252-B4F6-BFCEBB48D92A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "9.6",
"matchCriteriaId": "90DFD981-D950-40B0-A699-4878B653A20D"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/HT213841",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213842",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213843",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213844",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213845",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213846",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213848",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

71
CVE-2023/CVE-2023-324xx/CVE-2023-32437.json
View File

@ -2,19 +2,82 @@
"id": "CVE-2023-32437",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-07-27T00:15:15.013",
"lastModified": "2023-07-27T12:13:19.517",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-02T00:43:20.510",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The issue was addressed with improvements to the file handling protocol. This issue is fixed in iOS 16.6 and iPadOS 16.6. An app may be able to break out of its sandbox."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.6",
"matchCriteriaId": "F362BEC4-90C7-4305-BFF9-645FE6C52DFE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.6",
"matchCriteriaId": "DB63BAC2-C756-428C-8BAC-BAD39FBE5EF4"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/HT213841",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

59
CVE-2023/CVE-2023-33xx/CVE-2023-3364.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-3364",
"sourceIdentifier": "cve@gitlab.com",
"published": "2023-08-02T00:15:18.467",
"lastModified": "2023-08-02T00:15:18.467",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An issue has been discovered in GitLab CE/EE affecting all versions starting from 8.14 before 16.0.8, all versions starting from 16.1 before 16.1.3, all versions starting from 16.2 before 16.2.2. A Regular Expression Denial of Service was possible via sending crafted payloads which use AutolinkFilter to the preview_markdown endpoint."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@gitlab.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "cve@gitlab.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
}
],
"references": [
{
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/415995",
"source": "cve@gitlab.com"
},
{
"url": "https://hackerone.com/reports/1959727",
"source": "cve@gitlab.com"
}
]
}

59
CVE-2023/CVE-2023-33xx/CVE-2023-3385.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-3385",
"sourceIdentifier": "cve@gitlab.com",
"published": "2023-08-02T00:15:18.690",
"lastModified": "2023-08-02T00:15:18.690",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An issue has been discovered in GitLab affecting all versions starting from 8.10 before 16.0.8, all versions starting from 16.1 before 16.1.3, all versions starting from 16.2 before 16.2.2. Under specific circumstances, a user importing a project 'from export' could access and read unrelated files via uploading a specially crafted file. This was due to a bug in `tar`, fixed in [`tar-1.35`](https://lists.gnu.org/archive/html/info-gnu/2023-07/msg00005.html)."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@gitlab.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 4.0
}
]
},
"weaknesses": [
{
"source": "cve@gitlab.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"references": [
{
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/416161",
"source": "cve@gitlab.com"
},
{
"url": "https://hackerone.com/reports/2032730",
"source": "cve@gitlab.com"
}
]
}

92
CVE-2023/CVE-2023-359xx/CVE-2023-35983.json
View File

@ -2,27 +2,107 @@
"id": "CVE-2023-35983",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-07-27T00:15:15.133",
"lastModified": "2023-07-27T12:13:15.833",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-02T00:46:23.367",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "This issue was addressed with improved data protection. This issue is fixed in macOS Monterey 12.6.8, macOS Ventura 13.5, macOS Big Sur 11.7.9. An app may be able to modify protected parts of the file system."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "11.0",
"versionEndExcluding": "11.7.9",
"matchCriteriaId": "FB5312D6-AEEA-4548-B3EF-B07B46168475"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "12.0.0",
"versionEndExcluding": "12.6.8",
"matchCriteriaId": "A47C992E-C336-403A-A534-E1A33C7338DE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.5",
"matchCriteriaId": "3D701507-146E-4E5B-8C32-60E797E46627"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/HT213843",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213844",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213845",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

59
CVE-2023/CVE-2023-35xx/CVE-2023-3500.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-3500",
"sourceIdentifier": "cve@gitlab.com",
"published": "2023-08-02T01:15:09.520",
"lastModified": "2023-08-02T01:15:09.520",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An issue has been discovered in GitLab CE/EE affecting all versions starting from 10.0 before 16.0.8, all versions starting from 16.1 before 16.1.3, all versions starting from 16.2 before 16.2.2. A reflected XSS was possible when creating specific PlantUML diagrams that allowed the attacker to perform arbitrary actions on behalf of victims."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@gitlab.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.2,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "cve@gitlab.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/416902",
"source": "cve@gitlab.com"
},
{
"url": "https://hackerone.com/reports/2010926",
"source": "cve@gitlab.com"
}
]
}

121
CVE-2023/CVE-2023-35xx/CVE-2023-3567.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3567",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-07-24T16:15:12.990",
"lastModified": "2023-07-25T13:01:09.337",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-02T00:59:52.037",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2
},
{
"source": "secalert@redhat.com",
"type": "Secondary",
@ -34,18 +54,109 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.2.0",
"matchCriteriaId": "2538208F-B820-4423-9F94-E95AF713227F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.2.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "5283F553-3742-412C-8FBF-5C48E60E7F73"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.2.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "BDDE77B0-4959-484D-B7B5-815682FA0EA0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.2.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "7AA287BA-AA71-4071-814E-FDBA6EAA3B8D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.2.0:rc4:*:*:*:*:*:*",
"matchCriteriaId": "8939DBFF-1DFD-4F1D-B01F-75E0F10493A0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.2.0:rc5:*:*:*:*:*:*",
"matchCriteriaId": "410F4BA6-C7AA-4235-BDF2-D9DDC3C155D1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.2.0:rc6:*:*:*:*:*:*",
"matchCriteriaId": "5403B74F-D6F6-4B8E-8F5A-4468D15A47CA"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D"
}
]
}
]
}
],
"references": [
{
"url": "https://access.redhat.com/security/cve/CVE-2023-3567",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2221463",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
]
},
{
"url": "https://www.spinics.net/lists/stable-commits/msg285184.html",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Patch"
]
}
]
}

32
CVE-2023/CVE-2023-361xx/CVE-2023-36121.json Normal file
View File

@ -0,0 +1,32 @@
{
"id": "CVE-2023-36121",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-02T00:15:18.030",
"lastModified": "2023-08-02T00:15:18.030",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Cross Site Scripting vulnerability in e107 v.2.3.2 allows a remote attacker to execute arbitrary code via the description function in the SEO project."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/Trinity-SYT-SECURITY/XSS_vuln_issue/blob/main/e107%20v2.3.2.md",
"source": "cve@mitre.org"
},
{
"url": "https://www.chtsecurity.com/news/0a4743a5-491e-4685-95ee-df8316ab5284",
"source": "cve@mitre.org"
},
{
"url": "https://www.chtsecurity.com/news/6c6675d4-3254-46ce-a16d-26523ff80540",
"source": "cve@mitre.org"
},
{
"url": "https://www.exploit-db.com/exploits/51449",
"source": "cve@mitre.org"
}
]
}

92
CVE-2023/CVE-2023-368xx/CVE-2023-36854.json
View File

@ -2,27 +2,107 @@
"id": "CVE-2023-36854",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-07-27T00:15:15.247",
"lastModified": "2023-07-27T12:13:15.833",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-02T00:48:51.350",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.6.8, macOS Ventura 13.5, macOS Big Sur 11.7.9. Processing a file may lead to unexpected app termination or arbitrary code execution."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "11.0",
"versionEndExcluding": "11.7.9",
"matchCriteriaId": "FB5312D6-AEEA-4548-B3EF-B07B46168475"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "12.0.0",
"versionEndExcluding": "12.6.8",
"matchCriteriaId": "A47C992E-C336-403A-A534-E1A33C7338DE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.5",
"matchCriteriaId": "3D701507-146E-4E5B-8C32-60E797E46627"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/HT213843",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213844",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213845",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

66
CVE-2023/CVE-2023-368xx/CVE-2023-36862.json
View File

@ -2,19 +2,77 @@
"id": "CVE-2023-36862",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-07-27T00:15:15.367",
"lastModified": "2023-07-27T12:13:15.833",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-02T00:51:50.443",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions. This issue is fixed in macOS Ventura 13.5. An app may be able to determine a user\u2019s current location."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.5",
"matchCriteriaId": "3D701507-146E-4E5B-8C32-60E797E46627"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/HT213843",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

120
CVE-2023/CVE-2023-374xx/CVE-2023-37450.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-37450",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-07-27T00:15:15.497",
"lastModified": "2023-07-27T12:13:15.833",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-02T00:54:49.737",
"vulnStatus": "Analyzed",
"cisaExploitAdd": "2023-07-13",
"cisaActionDue": "2023-08-03",
"cisaRequiredAction": "Apply updates per vendor instructions or discontinue use of the product if updates are unavailable.",
@ -14,27 +14,131 @@
"value": "The issue was addressed with improved checks. This issue is fixed in iOS 16.6 and iPadOS 16.6, Safari 16.5.2, tvOS 16.6, macOS Ventura 13.5, watchOS 9.6. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.5.2",
"matchCriteriaId": "7B0824AC-450A-4DC8-8BA6-E59530160953"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.6",
"matchCriteriaId": "F362BEC4-90C7-4305-BFF9-645FE6C52DFE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.6",
"matchCriteriaId": "DB63BAC2-C756-428C-8BAC-BAD39FBE5EF4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.5",
"matchCriteriaId": "3D701507-146E-4E5B-8C32-60E797E46627"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.6",
"matchCriteriaId": "339039D5-7AAC-4252-B4F6-BFCEBB48D92A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "9.6",
"matchCriteriaId": "90DFD981-D950-40B0-A699-4878B653A20D"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/HT213826",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213841",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213843",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213846",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213848",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

79
CVE-2023/CVE-2023-376xx/CVE-2023-37623.json
View File

@ -2,31 +2,96 @@
"id": "CVE-2023-37623",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-26T20:15:12.670",
"lastModified": "2023-07-26T21:40:11.047",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-02T00:30:17.953",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Netdisco before v2.063000 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /Web/TypeAhead.pm."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netdisco:netdisco:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.063000",
"matchCriteriaId": "49A130E0-9B38-4DA0-82CD-4B2B3376A38F"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/benjaminpsinclair/Netdisco-2023-Advisory",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
},
{
"url": "https://github.com/benjaminpsinclair/Netdisco-CVE",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
},
{
"url": "https://github.com/netdisco/netdisco/commit/39562e0633a2472d50f7f33e69c36da4ad1fbfa3",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/netdisco/netdisco/commit/9f4401f2fb00c84210cd551b97c8ad60e78c71e0",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Patch"
]
}
]
}

74
CVE-2023/CVE-2023-376xx/CVE-2023-37624.json
View File

@ -2,27 +2,89 @@
"id": "CVE-2023-37624",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-26T20:15:12.727",
"lastModified": "2023-07-26T21:40:11.047",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-02T00:35:41.437",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Netdisco before v2.063000 was discovered to contain an open redirect vulnerability. An attacker may exploit this vulnerability to redirect users to arbitrary web URLs by tricking the victim users to click on crafted links."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-601"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netdisco:netdisco:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.063000",
"matchCriteriaId": "49A130E0-9B38-4DA0-82CD-4B2B3376A38F"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/benjaminpsinclair/Netdisco-2023-Advisory",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
},
{
"url": "https://github.com/benjaminpsinclair/Netdisco-CVE",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
},
{
"url": "https://github.com/netdisco/netdisco/commit/a2da6a7a046c1c0fd41072dd6991eec7614293f8",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Patch"
]
}
]
}

64
CVE-2023/CVE-2023-376xx/CVE-2023-37692.json
View File

@ -2,19 +2,75 @@
"id": "CVE-2023-37692",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-26T21:15:10.097",
"lastModified": "2023-07-26T21:40:11.047",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-02T00:38:53.690",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An arbitrary file upload vulnerability in October CMS v3.4.4 allows attackers to execute arbitrary code via a crafted file."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:octobercms:october:3.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9F837681-220D-49C8-BC9A-AC2D13204220"
}
]
}
]
}
],
"references": [
{
"url": "https://okankurtulus.com.tr/2023/07/24/october-cms-v3-4-4-stored-cross-site-scripting-xss-authenticated/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

68
CVE-2023/CVE-2023-377xx/CVE-2023-37732.json
View File

@ -2,23 +2,81 @@
"id": "CVE-2023-37732",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-26T21:15:10.153",
"lastModified": "2023-07-26T21:40:11.047",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-02T00:39:04.113",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Yasm v1.3.0.78 was found prone to NULL Pointer Dereference in /libyasm/intnum.c and /elf/elf.c, which allows the attacker to cause a denial of service via a crafted file."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:yasm_project:yasm:1.3.0.78.g4dc8:*:*:*:*:*:*:*",
"matchCriteriaId": "0D988178-CCB8-439D-A35D-AF759EC16189"
}
]
}
]
}
],
"references": [
{
"url": "https://gist.github.com/ChanStormstout/02eea9cf5c002b42b2ff3de5ca939520",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://github.com/yasm/yasm/issues/233",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
}
]
}

140
CVE-2023/CVE-2023-381xx/CVE-2023-38133.json
View File

@ -2,39 +2,161 @@
"id": "CVE-2023-38133",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-07-27T00:15:15.620",
"lastModified": "2023-07-27T12:13:15.833",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-02T00:55:00.387",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The issue was addressed with improved checks. This issue is fixed in iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Ventura 13.5, Safari 16.6, watchOS 9.6. Processing web content may disclose sensitive information."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.6",
"matchCriteriaId": "DB91291B-DB98-4E2A-BDA6-F9B5C48CDC6F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.7.8",
"matchCriteriaId": "5E276423-4032-4E12-AB11-88F7047E35EA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0",
"versionEndExcluding": "16.6",
"matchCriteriaId": "33013784-1828-4402-81CF-2794D94A7C48"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.7.8",
"matchCriteriaId": "8635FA0F-1876-4E3A-B02D-31AEA459C38E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0",
"versionEndExcluding": "16.6",
"matchCriteriaId": "4C67BFEB-764A-4C07-A02A-117C6AFAAC6A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.5",
"matchCriteriaId": "3D701507-146E-4E5B-8C32-60E797E46627"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.6",
"matchCriteriaId": "339039D5-7AAC-4252-B4F6-BFCEBB48D92A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "9.6",
"matchCriteriaId": "90DFD981-D950-40B0-A699-4878B653A20D"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/HT213841",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213842",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213843",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213846",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213847",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213848",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

70
CVE-2023/CVE-2023-382xx/CVE-2023-38285.json
View File

@ -2,23 +2,83 @@
"id": "CVE-2023-38285",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-26T21:15:10.207",
"lastModified": "2023-07-26T21:40:11.047",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-02T00:39:37.267",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Trustwave ModSecurity 3.x before 3.0.10 has Inefficient Algorithmic Complexity."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-407"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:trustwave:modsecurity:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.0.0",
"versionEndExcluding": "3.0.10",
"matchCriteriaId": "314D5544-E20D-482F-9F39-DE5AA72B1972"
}
]
}
]
}
],
"references": [
{
"url": "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/modsecurity-v3-dos-vulnerability-in-four-transformations-cve-2023-38285/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.trustwave.com/en-us/resources/security-resources/software-updates/end-of-sale-and-trustwave-support-for-modsecurity-web-application-firewall/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
}
]
}

20
CVE-2023/CVE-2023-389xx/CVE-2023-38990.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-38990",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-02T00:15:18.293",
"lastModified": "2023-08-02T00:15:18.293",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An issue in the delete function in the MenuController class of jeesite v1.2.6 allows authenticated attackers to arbitrarily delete menus created by the Administrator."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/thinkgem/jeesite/issues/519",
"source": "cve@mitre.org"
}
]
}

59
CVE-2023/CVE-2023-39xx/CVE-2023-3900.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-3900",
"sourceIdentifier": "cve@gitlab.com",
"published": "2023-08-02T01:15:09.607",
"lastModified": "2023-08-02T01:15:09.607",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.1 before 16.1.3, all versions starting from 16.2 before 16.2.2. An invalid 'start_sha' value on merge requests page may lead to Denial of Service as Changes tab would not load."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@gitlab.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "cve@gitlab.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"references": [
{
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/418770",
"source": "cve@gitlab.com"
},
{
"url": "https://hackerone.com/reports/2058514",
"source": "cve@gitlab.com"
}
]
}

55
CVE-2023/CVE-2023-39xx/CVE-2023-3993.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-3993",
"sourceIdentifier": "cve@gitlab.com",
"published": "2023-08-02T01:15:09.690",
"lastModified": "2023-08-02T01:15:09.690",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An issue has been discovered in GitLab EE affecting all versions starting from 14.3 before 16.0.8, all versions starting from 16.1 before 16.1.3, all versions starting from 16.2 before 16.2.2. Access tokens may have been logged when a query was made to a specific endpoint."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@gitlab.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "cve@gitlab.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"references": [
{
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/409570",
"source": "cve@gitlab.com"
}
]
}

59
CVE-2023/CVE-2023-39xx/CVE-2023-3994.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-3994",
"sourceIdentifier": "cve@gitlab.com",
"published": "2023-08-02T01:15:09.773",
"lastModified": "2023-08-02T01:15:09.773",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An issue has been discovered in GitLab CE/EE affecting all versions starting from 9.3 before 16.0.8, all versions starting from 16.1 before 16.1.3, all versions starting from 16.2 before 16.2.2. A Regular Expression Denial of Service was possible via sending crafted payloads which use ProjectReferenceFilter to the preview_markdown endpoint."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@gitlab.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "cve@gitlab.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
}
],
"references": [
{
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/416225",
"source": "cve@gitlab.com"
},
{
"url": "https://hackerone.com/reports/1963255",
"source": "cve@gitlab.com"
}
]
}

105
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-08-01T23:55:28.044540+00:00
2023-08-02T02:00:31.995702+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-08-01T23:15:33.793000+00:00
2023-08-02T01:15:53.020000+00:00
```
### Last Data Feed Release
@ -23,75 +23,68 @@ Repository synchronizes with the NVD every 2 hours.
Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/releases/latest)
```plain
2023-08-01T00:00:13.547072+00:00
2023-08-02T00:00:13.564856+00:00
```
### Total Number of included CVEs
```plain
221418
221436
```
### CVEs added in the last Commit
Recently added CVEs: `26`
Recently added CVEs: `18`
* [CVE-2023-31427](CVE-2023/CVE-2023-314xx/CVE-2023-31427.json) (`2023-08-01T23:15:28.770`)
* [CVE-2023-33560](CVE-2023/CVE-2023-335xx/CVE-2023-33560.json) (`2023-08-01T23:15:28.970`)
* [CVE-2023-33561](CVE-2023/CVE-2023-335xx/CVE-2023-33561.json) (`2023-08-01T23:15:29.140`)
* [CVE-2023-33562](CVE-2023/CVE-2023-335xx/CVE-2023-33562.json) (`2023-08-01T23:15:29.293`)
* [CVE-2023-33563](CVE-2023/CVE-2023-335xx/CVE-2023-33563.json) (`2023-08-01T23:15:29.480`)
* [CVE-2023-33564](CVE-2023/CVE-2023-335xx/CVE-2023-33564.json) (`2023-08-01T23:15:29.747`)
* [CVE-2023-34869](CVE-2023/CVE-2023-348xx/CVE-2023-34869.json) (`2023-08-01T23:15:30.017`)
* [CVE-2023-36118](CVE-2023/CVE-2023-361xx/CVE-2023-36118.json) (`2023-08-01T23:15:30.217`)
* [CVE-2023-36351](CVE-2023/CVE-2023-363xx/CVE-2023-36351.json) (`2023-08-01T23:15:30.370`)
* [CVE-2023-3107](CVE-2023/CVE-2023-31xx/CVE-2023-3107.json) (`2023-08-01T23:15:30.580`)
* [CVE-2023-3494](CVE-2023/CVE-2023-34xx/CVE-2023-3494.json) (`2023-08-01T23:15:31.053`)
* [CVE-2023-3727](CVE-2023/CVE-2023-37xx/CVE-2023-3727.json) (`2023-08-01T23:15:31.320`)
* [CVE-2023-3728](CVE-2023/CVE-2023-37xx/CVE-2023-3728.json) (`2023-08-01T23:15:31.490`)
* [CVE-2023-3729](CVE-2023/CVE-2023-37xx/CVE-2023-3729.json) (`2023-08-01T23:15:31.673`)
* [CVE-2023-3730](CVE-2023/CVE-2023-37xx/CVE-2023-3730.json) (`2023-08-01T23:15:31.857`)
* [CVE-2023-3731](CVE-2023/CVE-2023-37xx/CVE-2023-3731.json) (`2023-08-01T23:15:32.047`)
* [CVE-2023-3732](CVE-2023/CVE-2023-37xx/CVE-2023-3732.json) (`2023-08-01T23:15:32.247`)
* [CVE-2023-3733](CVE-2023/CVE-2023-37xx/CVE-2023-3733.json) (`2023-08-01T23:15:32.443`)
* [CVE-2023-3734](CVE-2023/CVE-2023-37xx/CVE-2023-3734.json) (`2023-08-01T23:15:32.607`)
* [CVE-2023-3735](CVE-2023/CVE-2023-37xx/CVE-2023-3735.json) (`2023-08-01T23:15:32.773`)
* [CVE-2023-3736](CVE-2023/CVE-2023-37xx/CVE-2023-3736.json) (`2023-08-01T23:15:33.013`)
* [CVE-2023-3737](CVE-2023/CVE-2023-37xx/CVE-2023-3737.json) (`2023-08-01T23:15:33.177`)
* [CVE-2023-3738](CVE-2023/CVE-2023-37xx/CVE-2023-3738.json) (`2023-08-01T23:15:33.427`)
* [CVE-2023-3739](CVE-2023/CVE-2023-37xx/CVE-2023-3739.json) (`2023-08-01T23:15:33.633`)
* [CVE-2023-3740](CVE-2023/CVE-2023-37xx/CVE-2023-3740.json) (`2023-08-01T23:15:33.793`)
* [CVE-2023-0632](CVE-2023/CVE-2023-06xx/CVE-2023-0632.json) (`2023-08-02T00:15:16.163`)
* [CVE-2023-1210](CVE-2023/CVE-2023-12xx/CVE-2023-1210.json) (`2023-08-02T00:15:16.430`)
* [CVE-2023-2164](CVE-2023/CVE-2023-21xx/CVE-2023-2164.json) (`2023-08-02T00:15:16.683`)
* [CVE-2023-31428](CVE-2023/CVE-2023-314xx/CVE-2023-31428.json) (`2023-08-02T00:15:16.977`)
* [CVE-2023-31430](CVE-2023/CVE-2023-314xx/CVE-2023-31430.json) (`2023-08-02T00:15:17.187`)
* [CVE-2023-31431](CVE-2023/CVE-2023-314xx/CVE-2023-31431.json) (`2023-08-02T00:15:17.410`)
* [CVE-2023-31432](CVE-2023/CVE-2023-314xx/CVE-2023-31432.json) (`2023-08-02T00:15:17.587`)
* [CVE-2023-31928](CVE-2023/CVE-2023-319xx/CVE-2023-31928.json) (`2023-08-02T00:15:17.800`)
* [CVE-2023-36121](CVE-2023/CVE-2023-361xx/CVE-2023-36121.json) (`2023-08-02T00:15:18.030`)
* [CVE-2023-38990](CVE-2023/CVE-2023-389xx/CVE-2023-38990.json) (`2023-08-02T00:15:18.293`)
* [CVE-2023-3364](CVE-2023/CVE-2023-33xx/CVE-2023-3364.json) (`2023-08-02T00:15:18.467`)
* [CVE-2023-3385](CVE-2023/CVE-2023-33xx/CVE-2023-3385.json) (`2023-08-02T00:15:18.690`)
* [CVE-2023-31926](CVE-2023/CVE-2023-319xx/CVE-2023-31926.json) (`2023-08-02T01:15:09.343`)
* [CVE-2023-31927](CVE-2023/CVE-2023-319xx/CVE-2023-31927.json) (`2023-08-02T01:15:09.437`)
* [CVE-2023-3500](CVE-2023/CVE-2023-35xx/CVE-2023-3500.json) (`2023-08-02T01:15:09.520`)
* [CVE-2023-3900](CVE-2023/CVE-2023-39xx/CVE-2023-3900.json) (`2023-08-02T01:15:09.607`)
* [CVE-2023-3993](CVE-2023/CVE-2023-39xx/CVE-2023-3993.json) (`2023-08-02T01:15:09.690`)
* [CVE-2023-3994](CVE-2023/CVE-2023-39xx/CVE-2023-3994.json) (`2023-08-02T01:15:09.773`)
### CVEs modified in the last Commit
Recently modified CVEs: `117`
Recently modified CVEs: `68`
* [CVE-2021-41332](CVE-2021/CVE-2021-413xx/CVE-2021-41332.json) (`2023-08-01T23:15:22.883`)
* [CVE-2021-41334](CVE-2021/CVE-2021-413xx/CVE-2021-41334.json) (`2023-08-01T23:15:23.110`)
* [CVE-2021-41335](CVE-2021/CVE-2021-413xx/CVE-2021-41335.json) (`2023-08-01T23:15:23.330`)
* [CVE-2021-41336](CVE-2021/CVE-2021-413xx/CVE-2021-41336.json) (`2023-08-01T23:15:23.550`)
* [CVE-2021-41337](CVE-2021/CVE-2021-413xx/CVE-2021-41337.json) (`2023-08-01T23:15:23.773`)
* [CVE-2021-41338](CVE-2021/CVE-2021-413xx/CVE-2021-41338.json) (`2023-08-01T23:15:23.917`)
* [CVE-2021-41339](CVE-2021/CVE-2021-413xx/CVE-2021-41339.json) (`2023-08-01T23:15:24.077`)
* [CVE-2021-41340](CVE-2021/CVE-2021-413xx/CVE-2021-41340.json) (`2023-08-01T23:15:24.237`)
* [CVE-2021-41343](CVE-2021/CVE-2021-413xx/CVE-2021-41343.json) (`2023-08-01T23:15:24.397`)
* [CVE-2021-41344](CVE-2021/CVE-2021-413xx/CVE-2021-41344.json) (`2023-08-01T23:15:24.577`)
* [CVE-2021-41345](CVE-2021/CVE-2021-413xx/CVE-2021-41345.json) (`2023-08-01T23:15:24.847`)
* [CVE-2021-41346](CVE-2021/CVE-2021-413xx/CVE-2021-41346.json) (`2023-08-01T23:15:25.023`)
* [CVE-2021-41347](CVE-2021/CVE-2021-413xx/CVE-2021-41347.json) (`2023-08-01T23:15:25.287`)
* [CVE-2021-41348](CVE-2021/CVE-2021-413xx/CVE-2021-41348.json) (`2023-08-01T23:15:25.577`)
* [CVE-2021-41350](CVE-2021/CVE-2021-413xx/CVE-2021-41350.json) (`2023-08-01T23:15:25.887`)
* [CVE-2021-41353](CVE-2021/CVE-2021-413xx/CVE-2021-41353.json) (`2023-08-01T23:15:26.223`)
* [CVE-2021-41354](CVE-2021/CVE-2021-413xx/CVE-2021-41354.json) (`2023-08-01T23:15:26.510`)
* [CVE-2021-41355](CVE-2021/CVE-2021-413xx/CVE-2021-41355.json) (`2023-08-01T23:15:26.790`)
* [CVE-2021-41357](CVE-2021/CVE-2021-413xx/CVE-2021-41357.json) (`2023-08-01T23:15:27.057`)
* [CVE-2021-41361](CVE-2021/CVE-2021-413xx/CVE-2021-41361.json) (`2023-08-01T23:15:27.420`)
* [CVE-2021-42299](CVE-2021/CVE-2021-422xx/CVE-2021-42299.json) (`2023-08-01T23:15:27.730`)
* [CVE-2022-23259](CVE-2022/CVE-2022-232xx/CVE-2022-23259.json) (`2023-08-01T23:15:28.157`)
* [CVE-2022-29144](CVE-2022/CVE-2022-291xx/CVE-2022-29144.json) (`2023-08-01T23:15:28.457`)
* [CVE-2023-28261](CVE-2023/CVE-2023-282xx/CVE-2023-28261.json) (`2023-08-01T22:15:13.187`)
* [CVE-2023-3326](CVE-2023/CVE-2023-33xx/CVE-2023-3326.json) (`2023-08-01T23:15:30.827`)
* [CVE-2021-31211](CVE-2021/CVE-2021-312xx/CVE-2021-31211.json) (`2023-08-02T00:15:15.053`)
* [CVE-2021-31213](CVE-2021/CVE-2021-312xx/CVE-2021-31213.json) (`2023-08-02T00:15:15.177`)
* [CVE-2021-31214](CVE-2021/CVE-2021-312xx/CVE-2021-31214.json) (`2023-08-02T00:15:15.387`)
* [CVE-2021-31936](CVE-2021/CVE-2021-319xx/CVE-2021-31936.json) (`2023-08-02T00:15:15.657`)
* [CVE-2022-32449](CVE-2022/CVE-2022-324xx/CVE-2022-32449.json) (`2023-08-02T00:15:15.913`)
* [CVE-2022-30280](CVE-2022/CVE-2022-302xx/CVE-2022-30280.json) (`2023-08-02T01:01:05.877`)
* [CVE-2022-28867](CVE-2022/CVE-2022-288xx/CVE-2022-28867.json) (`2023-08-02T01:05:10.263`)
* [CVE-2022-28865](CVE-2022/CVE-2022-288xx/CVE-2022-28865.json) (`2023-08-02T01:07:06.837`)
* [CVE-2022-28864](CVE-2022/CVE-2022-288xx/CVE-2022-28864.json) (`2023-08-02T01:15:43.183`)
* [CVE-2022-28863](CVE-2022/CVE-2022-288xx/CVE-2022-28863.json) (`2023-08-02T01:15:53.020`)
* [CVE-2023-37623](CVE-2023/CVE-2023-376xx/CVE-2023-37623.json) (`2023-08-02T00:30:17.953`)
* [CVE-2023-37624](CVE-2023/CVE-2023-376xx/CVE-2023-37624.json) (`2023-08-02T00:35:41.437`)
* [CVE-2023-37692](CVE-2023/CVE-2023-376xx/CVE-2023-37692.json) (`2023-08-02T00:38:53.690`)
* [CVE-2023-37732](CVE-2023/CVE-2023-377xx/CVE-2023-37732.json) (`2023-08-02T00:39:04.113`)
* [CVE-2023-38285](CVE-2023/CVE-2023-382xx/CVE-2023-38285.json) (`2023-08-02T00:39:37.267`)
* [CVE-2023-32381](CVE-2023/CVE-2023-323xx/CVE-2023-32381.json) (`2023-08-02T00:42:34.140`)
* [CVE-2023-32433](CVE-2023/CVE-2023-324xx/CVE-2023-32433.json) (`2023-08-02T00:43:07.483`)
* [CVE-2023-32437](CVE-2023/CVE-2023-324xx/CVE-2023-32437.json) (`2023-08-02T00:43:20.510`)
* [CVE-2023-35983](CVE-2023/CVE-2023-359xx/CVE-2023-35983.json) (`2023-08-02T00:46:23.367`)
* [CVE-2023-36854](CVE-2023/CVE-2023-368xx/CVE-2023-36854.json) (`2023-08-02T00:48:51.350`)
* [CVE-2023-36862](CVE-2023/CVE-2023-368xx/CVE-2023-36862.json) (`2023-08-02T00:51:50.443`)
* [CVE-2023-37450](CVE-2023/CVE-2023-374xx/CVE-2023-37450.json) (`2023-08-02T00:54:49.737`)
* [CVE-2023-38133](CVE-2023/CVE-2023-381xx/CVE-2023-38133.json) (`2023-08-02T00:55:00.387`)
* [CVE-2023-3567](CVE-2023/CVE-2023-35xx/CVE-2023-3567.json) (`2023-08-02T00:59:52.037`)
* [CVE-2023-3019](CVE-2023/CVE-2023-30xx/CVE-2023-3019.json) (`2023-08-02T01:00:46.400`)
## Download and Usage