admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-11 16:13:34 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-07-03T20:00:28.709051+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-07-03 20:00:32 +00:00
parent 2e0f7cea6a
commit 542e60c829
63 changed files with 4140 additions and 261 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

81
CVE-2022/CVE-2022-400xx/CVE-2022-40010.json
View File

@ -2,19 +2,88 @@
"id": "CVE-2022-40010", "id": "CVE-2022-40010",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-06-26T17:15:09.310", "published": "2023-06-26T17:15:09.310",
"lastModified": "2023-06-26T17:51:24.007", "lastModified": "2023-07-03T19:22:31.680",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Tenda AC6 AC1200 Smart Dual-Band WiFi Router 15.03.06.50_multi was discovered to contain a cross-site scripting (XSS) vulnerability via the deviceId parameter in the Parental Control module." "value": "Tenda AC6 AC1200 Smart Dual-Band WiFi Router 15.03.06.50_multi was discovered to contain a cross-site scripting (XSS) vulnerability via the deviceId parameter in the Parental Control module."
} }
], ],
"metrics": {}, "metrics": {
"references": [ "cvssMetricV31": [
{ {
"url": "http://packetstormsecurity.com/files/173029/Tenda-AC6-AC1200-15.03.06.50_multi-Cross-Site-Scripting.html", "source": "nvd@nist.gov",
"source": "cve@mitre.org" "type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tenda:ac6_firmware:15.03.06.50_multi:*:*:*:*:*:*:*",
"matchCriteriaId": "D3EC4D9E-D190-4037-A9DF-9A1575276E73"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tenda:ac6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00830EE1-D0BB-462E-9F15-4E59560C14B8"
}
]
}
]
}
],
"references": [
{
"url": "http://packetstormsecurity.com/files/173029/Tenda-AC6-AC1200-15.03.06.50_multi-Cross-Site-Scripting.html",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
} }
] ]
} }

69
CVE-2022/CVE-2022-483xx/CVE-2022-48331.json
View File

@ -2,19 +2,76 @@
"id": "CVE-2022-48331", "id": "CVE-2022-48331",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-06-26T16:15:09.480", "published": "2023-06-26T16:15:09.480",
"lastModified": "2023-06-26T17:51:24.007", "lastModified": "2023-07-03T19:18:02.213",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Widevine Trusted Application (TA) 5.0.0 through 5.1.1 has a drm_save_keys feature_name_len integer overflow and resultant buffer overflow." "value": "Widevine Trusted Application (TA) 5.0.0 through 5.1.1 has a drm_save_keys feature_name_len integer overflow and resultant buffer overflow."
} }
], ],
"metrics": {}, "metrics": {
"references": [ "cvssMetricV31": [
{ {
"url": "https://cyberintel.es/cve/CVE-2022-48331_Buffer_Overflow_in_Widevine_drm_save_keys_0x69b0/", "source": "nvd@nist.gov",
"source": "cve@mitre.org" "type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-190"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:widevine:trusted_application:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.0.0",
"versionEndIncluding": "5.1.1",
"matchCriteriaId": "6F480E2C-B345-4E99-A6FB-92E5A9B21417"
}
]
}
]
}
],
"references": [
{
"url": "https://cyberintel.es/cve/CVE-2022-48331_Buffer_Overflow_in_Widevine_drm_save_keys_0x69b0/",
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
} }
] ]
} }

69
CVE-2022/CVE-2022-483xx/CVE-2022-48332.json
View File

@ -2,19 +2,76 @@
"id": "CVE-2022-48332", "id": "CVE-2022-48332",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-06-26T17:15:09.637", "published": "2023-06-26T17:15:09.637",
"lastModified": "2023-06-26T17:51:24.007", "lastModified": "2023-07-03T19:17:53.413",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Widevine Trusted Application (TA) 5.0.0 through 5.1.1 has a drm_save_keys file_name_len integer overflow and resultant buffer overflow." "value": "Widevine Trusted Application (TA) 5.0.0 through 5.1.1 has a drm_save_keys file_name_len integer overflow and resultant buffer overflow."
} }
], ],
"metrics": {}, "metrics": {
"references": [ "cvssMetricV31": [
{ {
"url": "https://cyberintel.es/cve/CVE-2022-48332_Buffer_Overflow_in_Widevine_drm_save_keys_0x6a18/", "source": "nvd@nist.gov",
"source": "cve@mitre.org" "type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-190"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:widevine:trusted_application:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.0.0",
"versionEndIncluding": "5.1.1",
"matchCriteriaId": "6F480E2C-B345-4E99-A6FB-92E5A9B21417"
}
]
}
]
}
],
"references": [
{
"url": "https://cyberintel.es/cve/CVE-2022-48332_Buffer_Overflow_in_Widevine_drm_save_keys_0x6a18/",
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
} }
] ]
} }

69
CVE-2022/CVE-2022-483xx/CVE-2022-48333.json
View File

@ -2,19 +2,76 @@
"id": "CVE-2022-48333", "id": "CVE-2022-48333",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-06-26T17:15:09.923", "published": "2023-06-26T17:15:09.923",
"lastModified": "2023-06-26T17:51:24.007", "lastModified": "2023-07-03T19:17:41.140",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Widevine Trusted Application (TA) 5.0.0 through 5.1.1 has a drm_verify_keys prefix_len+feature_name_len integer overflow and resultant buffer overflow." "value": "Widevine Trusted Application (TA) 5.0.0 through 5.1.1 has a drm_verify_keys prefix_len+feature_name_len integer overflow and resultant buffer overflow."
} }
], ],
"metrics": {}, "metrics": {
"references": [ "cvssMetricV31": [
{ {
"url": "https://cyberintel.es/cve/CVE-2022-48333_Buffer_Overflow_in_Widevine_drm_verify_keys_0x730c/", "source": "nvd@nist.gov",
"source": "cve@mitre.org" "type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-190"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:widevine:trusted_application:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.0.0",
"versionEndIncluding": "5.1.1",
"matchCriteriaId": "6F480E2C-B345-4E99-A6FB-92E5A9B21417"
}
]
}
]
}
],
"references": [
{
"url": "https://cyberintel.es/cve/CVE-2022-48333_Buffer_Overflow_in_Widevine_drm_verify_keys_0x730c/",
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
} }
] ]
} }

69
CVE-2022/CVE-2022-483xx/CVE-2022-48334.json
View File

@ -2,19 +2,76 @@
"id": "CVE-2022-48334", "id": "CVE-2022-48334",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-06-26T17:15:10.127", "published": "2023-06-26T17:15:10.127",
"lastModified": "2023-06-26T17:51:24.007", "lastModified": "2023-07-03T19:22:09.900",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Widevine Trusted Application (TA) 5.0.0 through 5.1.1 has a drm_verify_keys total_len+file_name_len integer overflow and resultant buffer overflow." "value": "Widevine Trusted Application (TA) 5.0.0 through 5.1.1 has a drm_verify_keys total_len+file_name_len integer overflow and resultant buffer overflow."
} }
], ],
"metrics": {}, "metrics": {
"references": [ "cvssMetricV31": [
{ {
"url": "https://cyberintel.es/cve/CVE-2022-48334_Buffer_Overflow_in_Widevine_drm_verify_keys_0x7370/", "source": "nvd@nist.gov",
"source": "cve@mitre.org" "type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-190"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:widevine:trusted_application:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.0.0",
"versionEndIncluding": "5.1.1",
"matchCriteriaId": "6F480E2C-B345-4E99-A6FB-92E5A9B21417"
}
]
}
]
}
],
"references": [
{
"url": "https://cyberintel.es/cve/CVE-2022-48334_Buffer_Overflow_in_Widevine_drm_verify_keys_0x7370/",
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
} }
] ]
} }

69
CVE-2022/CVE-2022-483xx/CVE-2022-48335.json
View File

@ -2,19 +2,76 @@
"id": "CVE-2022-48335", "id": "CVE-2022-48335",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-06-26T17:15:10.347", "published": "2023-06-26T17:15:10.347",
"lastModified": "2023-06-26T17:51:24.007", "lastModified": "2023-07-03T19:22:00.730",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Widevine Trusted Application (TA) 5.0.0 through 7.1.1 has a PRDiagVerifyProvisioning integer overflow and resultant buffer overflow." "value": "Widevine Trusted Application (TA) 5.0.0 through 7.1.1 has a PRDiagVerifyProvisioning integer overflow and resultant buffer overflow."
} }
], ],
"metrics": {}, "metrics": {
"references": [ "cvssMetricV31": [
{ {
"url": "https://cyberintel.es/cve/CVE-2022-48335_Buffer_Overflow_in_Widevine_PRDiagVerifyProvisioning_0x5f90/", "source": "nvd@nist.gov",
"source": "cve@mitre.org" "type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-190"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:widevine:trusted_application:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.0.0",
"versionEndIncluding": "7.1.1",
"matchCriteriaId": "81C817C3-A881-4ABE-AE3F-4BD38C26F628"
}
]
}
]
}
],
"references": [
{
"url": "https://cyberintel.es/cve/CVE-2022-48335_Buffer_Overflow_in_Widevine_PRDiagVerifyProvisioning_0x5f90/",
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
} }
] ]
} }

69
CVE-2022/CVE-2022-483xx/CVE-2022-48336.json
View File

@ -2,19 +2,76 @@
"id": "CVE-2022-48336", "id": "CVE-2022-48336",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-06-26T17:15:12.433", "published": "2023-06-26T17:15:12.433",
"lastModified": "2023-06-26T17:51:24.007", "lastModified": "2023-07-03T19:21:55.147",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Widevine Trusted Application (TA) 5.0.0 through 7.1.1 has a PRDiagParseAndStoreData integer overflow and resultant buffer overflow." "value": "Widevine Trusted Application (TA) 5.0.0 through 7.1.1 has a PRDiagParseAndStoreData integer overflow and resultant buffer overflow."
} }
], ],
"metrics": {}, "metrics": {
"references": [ "cvssMetricV31": [
{ {
"url": "https://cyberintel.es/cve/CVE-2022-48336_Buffer_Overflow_in_Widevine_PRDiagParseAndStoreData_0x5cc8/", "source": "nvd@nist.gov",
"source": "cve@mitre.org" "type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-190"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:widevine:trusted_application:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.0.0",
"versionEndIncluding": "7.1.1",
"matchCriteriaId": "81C817C3-A881-4ABE-AE3F-4BD38C26F628"
}
]
}
]
}
],
"references": [
{
"url": "https://cyberintel.es/cve/CVE-2022-48336_Buffer_Overflow_in_Widevine_PRDiagParseAndStoreData_0x5cc8/",
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
} }
] ]
} }

63
CVE-2023/CVE-2023-233xx/CVE-2023-23343.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-23343", "id": "CVE-2023-23343",
"sourceIdentifier": "psirt@hcl.com", "sourceIdentifier": "psirt@hcl.com",
"published": "2023-06-22T22:15:09.110", "published": "2023-06-22T22:15:09.110",
"lastModified": "2023-06-23T13:03:31.027", "lastModified": "2023-07-03T19:03:11.543",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{ {
"source": "psirt@hcl.com", "source": "psirt@hcl.com",
"type": "Secondary", "type": "Secondary",
@ -34,10 +54,43 @@
} }
] ]
}, },
"references": [ "weaknesses": [
{ {
"url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0105601", "source": "nvd@nist.gov",
"source": "psirt@hcl.com" "type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-1021"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hcltech:bigfix_osd_bare_metal_server:*:*:*:*:*:*:*:*",
"versionEndIncluding": "311.12",
"matchCriteriaId": "9A0DB84E-0760-43CE-87D5-D6489E91EA06"
}
]
}
]
}
],
"references": [
{
"url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0105601",
"source": "psirt@hcl.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

62
CVE-2023/CVE-2023-233xx/CVE-2023-23344.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-23344", "id": "CVE-2023-23344",
"sourceIdentifier": "psirt@hcl.com", "sourceIdentifier": "psirt@hcl.com",
"published": "2023-06-23T06:15:09.707", "published": "2023-06-23T06:15:09.707",
"lastModified": "2023-06-23T13:03:31.027", "lastModified": "2023-07-03T19:16:21.420",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{ {
"source": "psirt@hcl.com", "source": "psirt@hcl.com",
"type": "Secondary", "type": "Secondary",
@ -34,10 +54,42 @@
} }
] ]
}, },
"references": [ "weaknesses": [
{ {
"url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0105705", "source": "nvd@nist.gov",
"source": "psirt@hcl.com" "type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-276"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hcltech:bigfix_webui_insights:14:*:*:*:*:*:*:*",
"matchCriteriaId": "F2E7A0F5-AAAC-4FA7-A4FF-304148F32D86"
}
]
}
]
}
],
"references": [
{
"url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0105705",
"source": "psirt@hcl.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

69
CVE-2023/CVE-2023-253xx/CVE-2023-25306.json
View File

@ -2,19 +2,76 @@
"id": "CVE-2023-25306", "id": "CVE-2023-25306",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-06-26T15:15:09.653", "published": "2023-06-26T15:15:09.653",
"lastModified": "2023-06-26T17:51:24.007", "lastModified": "2023-07-03T18:19:57.507",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "MultiMC Launcher <= 0.6.16 is vulnerable to Directory Traversal." "value": "MultiMC Launcher <= 0.6.16 is vulnerable to Directory Traversal."
} }
], ],
"metrics": {}, "metrics": {
"references": [ "cvssMetricV31": [
{ {
"url": "https://quiltmc.org/en/blog/2023-02-04-five-installer-vulnerabilities/", "source": "nvd@nist.gov",
"source": "cve@mitre.org" "type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:multimc:multimc:*:*:*:*:*:*:*:*",
"versionEndExcluding": "0.7.0",
"matchCriteriaId": "8C680236-5AF8-4A5C-B33E-81E41D6121FB"
}
]
}
]
}
],
"references": [
{
"url": "https://quiltmc.org/en/blog/2023-02-04-five-installer-vulnerabilities/",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

75
CVE-2023/CVE-2023-253xx/CVE-2023-25307.json
View File

@ -2,23 +2,82 @@
"id": "CVE-2023-25307", "id": "CVE-2023-25307",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-06-26T15:15:09.703", "published": "2023-06-26T15:15:09.703",
"lastModified": "2023-06-26T17:51:24.007", "lastModified": "2023-07-03T19:19:20.030",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "nothub mrpack-install <= v0.16.2 is vulnerable to Directory Traversal." "value": "nothub mrpack-install <= v0.16.2 is vulnerable to Directory Traversal."
} }
], ],
"metrics": {}, "metrics": {
"references": [ "cvssMetricV31": [
{ {
"url": "https://github.com/nothub/mrpack-install/security/advisories/GHSA-r887-gfxh-m9rr", "source": "nvd@nist.gov",
"source": "cve@mitre.org" "type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
}, },
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{ {
"url": "https://quiltmc.org/en/blog/2023-02-04-five-installer-vulnerabilities/", "source": "nvd@nist.gov",
"source": "cve@mitre.org" "type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mrpack-install_project:mrpack-install:*:*:*:*:*:*:*:*",
"versionEndExcluding": "0.16.3",
"matchCriteriaId": "0C28D8D9-F1B8-49A7-A7AE-12C244A0F2E0"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/nothub/mrpack-install/security/advisories/GHSA-r887-gfxh-m9rr",
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://quiltmc.org/en/blog/2023-02-04-five-installer-vulnerabilities/",
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
} }
] ]
} }

392
CVE-2023/CVE-2023-255xx/CVE-2023-25515.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-25515", "id": "CVE-2023-25515",
"sourceIdentifier": "psirt@nvidia.com", "sourceIdentifier": "psirt@nvidia.com",
"published": "2023-06-23T18:15:10.887", "published": "2023-06-23T18:15:10.887",
"lastModified": "2023-06-23T19:24:47.997", "lastModified": "2023-07-03T19:15:31.923",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.6,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 0.9,
"impactScore": 6.0
},
{ {
"source": "psirt@nvidia.com", "source": "psirt@nvidia.com",
"type": "Secondary", "type": "Secondary",
@ -35,6 +55,16 @@
] ]
}, },
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
},
{ {
"source": "psirt@nvidia.com", "source": "psirt@nvidia.com",
"type": "Secondary", "type": "Secondary",
@ -46,10 +76,362 @@
] ]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://https://nvidia.custhelp.com/app/answers/detail/a_id/5466", "operator": "AND",
"source": "psirt@nvidia.com" "nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"versionStartIncluding": "470",
"versionEndExcluding": "474.44",
"matchCriteriaId": "BE5B7AC6-3A49-46AB-A466-216515A2E7D6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"versionStartIncluding": "530",
"versionEndExcluding": "536.23",
"matchCriteriaId": "FE08BF6D-C3C1-4905-85FD-3D1A4CB612F4"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:a:nvidia:geforce:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24DE5CC2-3787-4605-8EFA-77590E36E960"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"versionStartIncluding": "530",
"versionEndExcluding": "536.40",
"matchCriteriaId": "0F7FEA94-AA4F-46ED-9CA7-E0811E354637"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:a:nvidia:studio:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C1ED5DE2-7677-4F38-8177-3BF0B3D03A09"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"versionStartIncluding": "470",
"versionEndExcluding": "474.44",
"matchCriteriaId": "BE5B7AC6-3A49-46AB-A466-216515A2E7D6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"versionStartIncluding": "525",
"versionEndExcluding": "529.11",
"matchCriteriaId": "4F7E5174-40CB-46BA-BA7B-363D5949C99B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"versionStartIncluding": "530",
"versionEndExcluding": "536.25",
"matchCriteriaId": "092849D3-A62C-43E5-BDD7-5A4D7CA45794"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:a:nvidia:nvs:-:*:*:*:*:*:*:*",
"matchCriteriaId": "333646B0-AAD5-4DD7-8940-6334D0A8E77C"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:a:nvidia:quadro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1DB9FB5-E115-4E96-98F8-3FAFAC120E98"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:a:nvidia:rtx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "08C63EA1-8719-4F5C-922A-C77ED4CEF7C7"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"versionStartIncluding": "450",
"versionEndExcluding": "454.23",
"matchCriteriaId": "AFDAA231-118A-4246-A53E-C3F144BD027A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"versionStartIncluding": "470",
"versionEndExcluding": "474.44",
"matchCriteriaId": "BE5B7AC6-3A49-46AB-A466-216515A2E7D6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"versionStartIncluding": "525",
"versionEndExcluding": "529.11",
"matchCriteriaId": "4F7E5174-40CB-46BA-BA7B-363D5949C99B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:windows:*:*",
"versionStartIncluding": "530",
"versionEndExcluding": "536.25",
"matchCriteriaId": "092849D3-A62C-43E5-BDD7-5A4D7CA45794"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:a:nvidia:tesla:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D135086F-CA5E-4242-ACBA-C3AC82F4BE03"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*",
"versionStartIncluding": "470",
"versionEndExcluding": "470.199.02",
"matchCriteriaId": "F74C5712-6BF6-486E-8B72-BBAD45F428CB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*",
"versionStartIncluding": "525",
"versionEndExcluding": "525.125.06",
"matchCriteriaId": "23955A71-2DD7-4A63-BA9E-05967C40E49B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*",
"versionStartIncluding": "530",
"versionEndExcluding": "535.54.03",
"matchCriteriaId": "D069A217-D9A2-4B07-91CA-424852FD4A85"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:a:nvidia:geforce:-:*:*:*:*:*:*:*",
"matchCriteriaId": "24DE5CC2-3787-4605-8EFA-77590E36E960"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:a:nvidia:nvs:-:*:*:*:*:*:*:*",
"matchCriteriaId": "333646B0-AAD5-4DD7-8940-6334D0A8E77C"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:a:nvidia:quadro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1DB9FB5-E115-4E96-98F8-3FAFAC120E98"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:a:nvidia:rtx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "08C63EA1-8719-4F5C-922A-C77ED4CEF7C7"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*",
"versionStartIncluding": "450",
"versionEndExcluding": "450.248.02",
"matchCriteriaId": "613588B1-1B4C-43E3-8327-528D512F3A76"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*",
"versionStartIncluding": "470",
"versionEndExcluding": "470.199.02",
"matchCriteriaId": "F74C5712-6BF6-486E-8B72-BBAD45F428CB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*",
"versionStartIncluding": "525",
"versionEndExcluding": "525.125.06",
"matchCriteriaId": "23955A71-2DD7-4A63-BA9E-05967C40E49B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nvidia:gpu_display_driver:*:*:*:*:*:linux:*:*",
"versionStartIncluding": "530",
"versionEndExcluding": "535.54.03",
"matchCriteriaId": "D069A217-D9A2-4B07-91CA-424852FD4A85"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:a:nvidia:tesla:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D135086F-CA5E-4242-ACBA-C3AC82F4BE03"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*",
"versionEndExcluding": "11.12",
"matchCriteriaId": "81A64668-3B60-402B-B0EF-919079700FB9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.7",
"matchCriteriaId": "65AFFB06-AC6E-426A-97D0-768F34853D6A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nvidia:virtual_gpu:*:*:*:*:*:*:*:*",
"versionStartIncluding": "15.0",
"versionEndExcluding": "15.2",
"matchCriteriaId": "41388772-0B7C-4238-8021-590D0F1C0CE8"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nvidia:cloud_gaming:*:*:*:*:*:*:*:*",
"versionEndExcluding": "531.79",
"matchCriteriaId": "A8D1ABE1-A024-4BD1-832A-AB459D85227D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://https://nvidia.custhelp.com/app/answers/detail/a_id/5466",
"source": "psirt@nvidia.com",
"tags": [
"Patch",
"Vendor Advisory"
]
} }
] ]
} }

88
CVE-2023/CVE-2023-255xx/CVE-2023-25520.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-25520", "id": "CVE-2023-25520",
"sourceIdentifier": "psirt@nvidia.com", "sourceIdentifier": "psirt@nvidia.com",
"published": "2023-06-23T18:15:11.033", "published": "2023-06-23T18:15:11.033",
"lastModified": "2023-06-23T19:24:43.457", "lastModified": "2023-07-03T19:27:23.943",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{ {
"source": "psirt@nvidia.com", "source": "psirt@nvidia.com",
"type": "Secondary", "type": "Secondary",
@ -35,6 +55,16 @@
] ]
}, },
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
},
{ {
"source": "psirt@nvidia.com", "source": "psirt@nvidia.com",
"type": "Secondary", "type": "Secondary",
@ -46,10 +76,58 @@
] ]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5466", "operator": "AND",
"source": "psirt@nvidia.com" "nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:nvidia:jetson_linux:*:*:*:*:*:*:*:*",
"versionEndExcluding": "32.7.4",
"matchCriteriaId": "4F98866A-11A7-4529-B67F-106637A95767"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nvidia:jetson_agx_xavier:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5DD3D2AA-2A9F-470D-BB0F-A7B7C2EC2490"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nvidia:jetson_tx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE9D4A55-A232-4AF2-B7E9-CD58D7D17479"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nvidia:jetson_tx2_nx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64C3FB58-08AA-4FE4-97BE-21B254BA229F"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:nvidia:jetson_xavier_nx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0AA5976-FD71-4A53-BD4F-D342E871FEB0"
}
]
}
]
}
],
"references": [
{
"url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5466",
"source": "psirt@nvidia.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

73
CVE-2023/CVE-2023-25xx/CVE-2023-2533.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2533", "id": "CVE-2023-2533",
"sourceIdentifier": "help@fluidattacks.com", "sourceIdentifier": "help@fluidattacks.com",
"published": "2023-06-20T15:15:11.560", "published": "2023-06-20T15:15:11.560",
"lastModified": "2023-06-20T15:49:08.960", "lastModified": "2023-07-03T19:19:40.983",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{ {
"source": "help@fluidattacks.com", "source": "help@fluidattacks.com",
"type": "Secondary", "type": "Secondary",
@ -35,6 +55,16 @@
] ]
}, },
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
},
{ {
"source": "help@fluidattacks.com", "source": "help@fluidattacks.com",
"type": "Secondary", "type": "Secondary",
@ -46,14 +76,43 @@
] ]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://fluidattacks.com/advisories/arcangel/", "nodes": [
"source": "help@fluidattacks.com" {
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:papercut:papercut_mf:22.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "17E90E69-B5B5-4F51-B478-CC4CF7B9440D"
}, },
{ {
"url": "https://www.papercut.com/", "vulnerable": true,
"source": "help@fluidattacks.com" "criteria": "cpe:2.3:a:papercut:papercut_ng:22.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "5F1E8F89-A578-499F-92BF-F3E71C5FDA4D"
}
]
}
]
}
],
"references": [
{
"url": "https://fluidattacks.com/advisories/arcangel/",
"source": "help@fluidattacks.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://www.papercut.com/",
"source": "help@fluidattacks.com",
"tags": [
"Product"
]
} }
] ]
} }

69
CVE-2023/CVE-2023-25xx/CVE-2023-2592.json
View File

@ -2,18 +2,41 @@
"id": "CVE-2023-2592", "id": "CVE-2023-2592",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-06-27T14:15:10.790", "published": "2023-06-27T14:15:10.790",
"lastModified": "2023-06-27T16:15:38.897", "lastModified": "2023-07-03T19:12:26.697",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "The FormCraft WordPress plugin before 3.9.7 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin." "value": "The FormCraft WordPress plugin before 3.9.7 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
"weaknesses": [ "weaknesses": [
{ {
"source": "contact@wpscan.com", "source": "nvd@nist.gov",
"type": "Primary", "type": "Primary",
"description": [ "description": [
{ {
@ -21,12 +44,44 @@
"value": "CWE-89" "value": "CWE-89"
} }
] ]
},
{
"source": "contact@wpscan.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://wpscan.com/vulnerability/d4298960-eaba-4185-a730-3e621d9680e1", "nodes": [
"source": "contact@wpscan.com" {
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ncrafts:formcraft:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "3.9.7",
"matchCriteriaId": "FEE01EF2-6BC9-4A21-AF31-92C4D031F895"
}
]
}
]
}
],
"references": [
{
"url": "https://wpscan.com/vulnerability/d4298960-eaba-4185-a730-3e621d9680e1",
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

4
CVE-2023/CVE-2023-262xx/CVE-2023-26258.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-26258", "id": "CVE-2023-26258",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-07-03T15:15:10.377", "published": "2023-07-03T15:15:10.377",
"lastModified": "2023-07-03T15:15:10.377", "lastModified": "2023-07-03T18:33:32.153",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

4
CVE-2023/CVE-2023-265xx/CVE-2023-26509.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-26509", "id": "CVE-2023-26509",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-07-03T15:15:10.437", "published": "2023-07-03T15:15:10.437",
"lastModified": "2023-07-03T15:15:10.437", "lastModified": "2023-07-03T18:33:32.153",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

57
CVE-2023/CVE-2023-27xx/CVE-2023-2795.json
View File

@ -2,15 +2,38 @@
"id": "CVE-2023-2795", "id": "CVE-2023-2795",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-06-27T14:15:11.493", "published": "2023-06-27T14:15:11.493",
"lastModified": "2023-06-27T16:15:35.267", "lastModified": "2023-07-03T19:28:20.887",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "The CodeColorer WordPress plugin before 0.10.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)" "value": "The CodeColorer WordPress plugin before 0.10.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)"
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},
"weaknesses": [ "weaknesses": [
{ {
"source": "contact@wpscan.com", "source": "contact@wpscan.com",
@ -23,10 +46,32 @@
] ]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://wpscan.com/vulnerability/2d6ecd21-3dd4-423d-80e7-277c45080a9f", "nodes": [
"source": "contact@wpscan.com" {
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:codecolorer_project:codecolorer:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "0.10.1",
"matchCriteriaId": "99AE3195-3A8E-43E3-A836-D916BA373271"
}
]
}
]
}
],
"references": [
{
"url": "https://wpscan.com/vulnerability/2d6ecd21-3dd4-423d-80e7-277c45080a9f",
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

63
CVE-2023/CVE-2023-280xx/CVE-2023-28006.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28006", "id": "CVE-2023-28006",
"sourceIdentifier": "psirt@hcl.com", "sourceIdentifier": "psirt@hcl.com",
"published": "2023-06-22T23:15:09.277", "published": "2023-06-22T23:15:09.277",
"lastModified": "2023-06-23T13:03:31.027", "lastModified": "2023-07-03T19:01:40.560",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{ {
"source": "psirt@hcl.com", "source": "psirt@hcl.com",
"type": "Secondary", "type": "Secondary",
@ -34,10 +54,43 @@
} }
] ]
}, },
"references": [ "weaknesses": [
{ {
"url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0105601", "source": "nvd@nist.gov",
"source": "psirt@hcl.com" "type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-327"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hcltech:bigfix_osd_bare_metal_server:*:*:*:*:*:*:*:*",
"versionEndIncluding": "311.12",
"matchCriteriaId": "9A0DB84E-0760-43CE-87D5-D6489E91EA06"
}
]
}
]
}
],
"references": [
{
"url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0105601",
"source": "psirt@hcl.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

63
CVE-2023/CVE-2023-280xx/CVE-2023-28016.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28016", "id": "CVE-2023-28016",
"sourceIdentifier": "psirt@hcl.com", "sourceIdentifier": "psirt@hcl.com",
"published": "2023-06-22T23:15:09.343", "published": "2023-06-22T23:15:09.343",
"lastModified": "2023-06-23T13:03:31.027", "lastModified": "2023-07-03T19:17:06.243",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{ {
"source": "psirt@hcl.com", "source": "psirt@hcl.com",
"type": "Secondary", "type": "Secondary",
@ -34,10 +54,43 @@
} }
] ]
}, },
"references": [ "weaknesses": [
{ {
"url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0105601", "source": "nvd@nist.gov",
"source": "psirt@hcl.com" "type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-74"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hcltech:bigfix_osd_bare_metal_server:*:*:*:*:*:*:*:*",
"versionEndIncluding": "311.12",
"matchCriteriaId": "9A0DB84E-0760-43CE-87D5-D6489E91EA06"
}
]
}
]
}
],
"references": [
{
"url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0105601",
"source": "psirt@hcl.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

64
CVE-2023/CVE-2023-280xx/CVE-2023-28094.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28094", "id": "CVE-2023-28094",
"sourceIdentifier": "security@pega.com", "sourceIdentifier": "security@pega.com",
"published": "2023-06-22T21:15:09.163", "published": "2023-06-22T21:15:09.163",
"lastModified": "2023-06-23T13:03:39.067", "lastModified": "2023-07-03T19:06:04.897",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -11,6 +11,28 @@
} }
], ],
"metrics": { "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV30": [ "cvssMetricV30": [
{ {
"source": "security@pega.com", "source": "security@pega.com",
@ -35,6 +57,16 @@
] ]
}, },
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
},
{ {
"source": "security@pega.com", "source": "security@pega.com",
"type": "Secondary", "type": "Secondary",
@ -46,10 +78,32 @@
] ]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://support.pega.com/support-doc/pega-security-advisory-%E2%80%93-c23-vulnerability-default-operators?", "nodes": [
"source": "security@pega.com" {
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pega:pega_platform:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.1",
"versionEndIncluding": "8.8.3",
"matchCriteriaId": "6C36507F-B90C-481F-9E47-9C5F8B33966D"
}
]
}
]
}
],
"references": [
{
"url": "https://support.pega.com/support-doc/pega-security-advisory-%E2%80%93-c23-vulnerability-default-operators?",
"source": "security@pega.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

8
CVE-2023/CVE-2023-281xx/CVE-2023-28121.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28121", "id": "CVE-2023-28121",
"sourceIdentifier": "support@hackerone.com", "sourceIdentifier": "support@hackerone.com",
"published": "2023-04-12T21:15:28.057", "published": "2023-04-12T21:15:28.057",
"lastModified": "2023-04-21T15:10:02.147", "lastModified": "2023-07-03T18:15:09.533",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -132,6 +132,10 @@
"tags": [ "tags": [
"Vendor Advisory" "Vendor Advisory"
] ]
},
{
"url": "https://www.rcesecurity.com/2023/07/patch-diffing-cve-2023-28121-to-compromise-a-woocommerce/",
"source": "support@hackerone.com"
} }
] ]
} }

87
CVE-2023/CVE-2023-284xx/CVE-2023-28485.json
View File

@ -2,27 +2,92 @@
"id": "CVE-2023-28485", "id": "CVE-2023-28485",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-06-26T16:15:09.537", "published": "2023-06-26T16:15:09.537",
"lastModified": "2023-06-26T17:51:24.007", "lastModified": "2023-07-03T19:22:57.320",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "A stored cross-site scripting (Stored XSS) vulnerability in file preview in WeKan before 6.75 allows remote authenticated users to inject arbitrary web script or HTML via names of file attachments. Any user can obtain the privilege to rename within their own board (where they have BoardAdmin access), and renameAttachment does not block XSS payloads." "value": "A stored cross-site scripting (Stored XSS) vulnerability in file preview in WeKan before 6.75 allows remote authenticated users to inject arbitrary web script or HTML via names of file attachments. Any user can obtain the privilege to rename within their own board (where they have BoardAdmin access), and renameAttachment does not block XSS payloads."
} }
], ],
"metrics": {}, "metrics": {
"references": [ "cvssMetricV31": [
{ {
"url": "http://packetstormsecurity.com/files/172649/Wekan-6.74-Cross-Site-Scripting.html", "source": "nvd@nist.gov",
"source": "cve@mitre.org" "type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
}, },
{ "exploitabilityScore": 2.3,
"url": "https://wekan.github.io/", "impactScore": 2.7
"source": "cve@mitre.org" }
]
}, },
"weaknesses": [
{ {
"url": "https://wekan.github.io/hall-of-fame/filebleed/", "source": "nvd@nist.gov",
"source": "cve@mitre.org" "type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wekan_project:wekan:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.75",
"matchCriteriaId": "5811ACF9-EA77-4434-9012-022410D2BCD5"
}
]
}
]
}
],
"references": [
{
"url": "http://packetstormsecurity.com/files/172649/Wekan-6.74-Cross-Site-Scripting.html",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://wekan.github.io/",
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://wekan.github.io/hall-of-fame/filebleed/",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
]
} }
] ]
} }

323
CVE-2023/CVE-2023-28xx/CVE-2023-2828.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2828", "id": "CVE-2023-2828",
"sourceIdentifier": "security-officer@isc.org", "sourceIdentifier": "security-officer@isc.org",
"published": "2023-06-21T17:15:47.703", "published": "2023-06-21T17:15:47.703",
"lastModified": "2023-07-03T16:15:09.807", "lastModified": "2023-07-03T19:11:56.183",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -34,30 +34,305 @@
} }
] ]
}, },
"references": [ "weaknesses": [
{ {
"url": "http://www.openwall.com/lists/oss-security/2023/06/21/6", "source": "nvd@nist.gov",
"source": "security-officer@isc.org" "type": "Primary",
}, "description": [
{ {
"url": "https://kb.isc.org/docs/cve-2023-2828", "lang": "en",
"source": "security-officer@isc.org" "value": "CWE-770"
}, }
{ ]
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SEFCEVCTYEMKTWA7V7EYPI5YQQ4JWDLI/", }
"source": "security-officer@isc.org" ],
}, "configurations": [
{ {
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U3K6AJK7RRSR53HRF5GGKPA6PDUDWOD2/", "operator": "AND",
"source": "security-officer@isc.org" "nodes": [
}, {
{ "operator": "OR",
"url": "https://security.netapp.com/advisory/ntap-20230703-0010/", "negate": false,
"source": "security-officer@isc.org" "cpeMatch": [
}, {
{ "vulnerable": true,
"url": "https://www.debian.org/security/2023/dsa-5439", "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:-:*:*:*",
"source": "security-officer@isc.org" "versionStartIncluding": "9.11.0",
"versionEndIncluding": "9.16.41",
"matchCriteriaId": "D07C6BAA-C1AB-46BA-8C43-2CAD9A56F9F7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:isc:bind:*:*:*:*:supported_preview:*:*:*",
"versionStartIncluding": "9.11.3",
"versionEndIncluding": "9.16.41",
"matchCriteriaId": "1C89B14A-F275-41A5-993D-AC024C6395B5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:isc:bind:*:*:*:*:-:*:*:*",
"versionStartIncluding": "9.18.0",
"versionEndIncluding": "9.18.15",
"matchCriteriaId": "BB0EF8A8-398F-424C-8284-2F96E4569E64"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:isc:bind:*:*:*:*:supported_preview:*:*:*",
"versionStartIncluding": "9.18.11",
"versionEndIncluding": "9.18.15",
"matchCriteriaId": "41E493D6-D811-47ED-9227-CC2AA1837FE4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:isc:bind:*:*:*:*:-:*:*:*",
"versionStartIncluding": "9.19.0",
"versionEndIncluding": "9.19.13",
"matchCriteriaId": "C3D5078D-5783-4D4A-A24F-84FB9BB9F8AC"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "46D69DCC-AE4D-4EA5-861C-D60951444C6C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
"matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "3A756737-1CC4-42C2-A4DF-E1C893B4E2D5"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FFF7106-ED78-49BA-9EC5-B889E3685D53"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E63D8B0F-006E-4801-BF9D-1C001BBFB4F9"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56409CEC-5A1E-4450-AA42-641E459CC2AF"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B06F4839-D16A-4A61-9BB5-55B13F41E47F"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0B4AD8A-F172-4558-AEC6-FF424BA2D912"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8497A4C9-8474-4A62-8331-3FE862ED4098"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "234DEFE0-5CE5-4B0A-96B8-5D227CB8ED31"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CDDF61B7-EC5C-467C-B710-B89F502CD04F"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6770B6C3-732E-4E22-BF1C-2D2FD610061C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F9C8C20-42EB-4AB5-BD97-212DEB070C43"
}
]
}
]
}
],
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2023/06/21/6",
"source": "security-officer@isc.org",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
]
},
{
"url": "https://kb.isc.org/docs/cve-2023-2828",
"source": "security-officer@isc.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SEFCEVCTYEMKTWA7V7EYPI5YQQ4JWDLI/",
"source": "security-officer@isc.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U3K6AJK7RRSR53HRF5GGKPA6PDUDWOD2/",
"source": "security-officer@isc.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20230703-0010/",
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.debian.org/security/2023/dsa-5439",
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

212
CVE-2023/CVE-2023-28xx/CVE-2023-2829.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2829", "id": "CVE-2023-2829",
"sourceIdentifier": "security-officer@isc.org", "sourceIdentifier": "security-officer@isc.org",
"published": "2023-06-21T17:15:47.770", "published": "2023-06-21T17:15:47.770",
"lastModified": "2023-07-03T16:15:09.897", "lastModified": "2023-07-03T19:11:00.110",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -34,14 +34,210 @@
} }
] ]
}, },
"references": [ "weaknesses": [
{ {
"url": "https://kb.isc.org/docs/cve-2023-2829", "source": "nvd@nist.gov",
"source": "security-officer@isc.org" "type": "Primary",
}, "description": [
{ {
"url": "https://security.netapp.com/advisory/ntap-20230703-0010/", "lang": "en",
"source": "security-officer@isc.org" "value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:isc:bind:*:*:*:*:supported_preview:*:*:*",
"versionStartIncluding": "9.16.8",
"versionEndIncluding": "9.16.41",
"matchCriteriaId": "4ECB8B5E-F1D6-455C-8E50-87BFF2311465"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:isc:bind:*:*:*:*:supported_preview:*:*:*",
"versionStartIncluding": "9.18.11",
"versionEndIncluding": "9.18.15",
"matchCriteriaId": "41E493D6-D811-47ED-9227-CC2AA1837FE4"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "3A756737-1CC4-42C2-A4DF-E1C893B4E2D5"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FFF7106-ED78-49BA-9EC5-B889E3685D53"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E63D8B0F-006E-4801-BF9D-1C001BBFB4F9"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56409CEC-5A1E-4450-AA42-641E459CC2AF"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B06F4839-D16A-4A61-9BB5-55B13F41E47F"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0B4AD8A-F172-4558-AEC6-FF424BA2D912"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8497A4C9-8474-4A62-8331-3FE862ED4098"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "234DEFE0-5CE5-4B0A-96B8-5D227CB8ED31"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CDDF61B7-EC5C-467C-B710-B89F502CD04F"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6770B6C3-732E-4E22-BF1C-2D2FD610061C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F9C8C20-42EB-4AB5-BD97-212DEB070C43"
}
]
}
]
}
],
"references": [
{
"url": "https://kb.isc.org/docs/cve-2023-2829",
"source": "security-officer@isc.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20230703-0010/",
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

57
CVE-2023/CVE-2023-28xx/CVE-2023-2842.json
View File

@ -2,15 +2,38 @@
"id": "CVE-2023-2842", "id": "CVE-2023-2842",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-06-27T14:15:11.567", "published": "2023-06-27T14:15:11.567",
"lastModified": "2023-06-27T16:15:35.267", "lastModified": "2023-07-03T19:27:16.967",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "The WP Inventory Manager WordPress plugin before 2.1.0.14 does not have CSRF checks, which could allow attackers to make logged-in admins delete Inventory Items via a CSRF attack" "value": "The WP Inventory Manager WordPress plugin before 2.1.0.14 does not have CSRF checks, which could allow attackers to make logged-in admins delete Inventory Items via a CSRF attack"
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2
}
]
},
"weaknesses": [ "weaknesses": [
{ {
"source": "contact@wpscan.com", "source": "contact@wpscan.com",
@ -23,10 +46,32 @@
] ]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://wpscan.com/vulnerability/0357ecc7-56f5-4843-a928-bf2d3ce75596", "nodes": [
"source": "contact@wpscan.com" {
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpinventory:wp_inventory_manager:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.1.0.14",
"matchCriteriaId": "8660BB5E-CF41-430F-8179-2C0372318B37"
}
]
}
]
}
],
"references": [
{
"url": "https://wpscan.com/vulnerability/0357ecc7-56f5-4843-a928-bf2d3ce75596",
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

57
CVE-2023/CVE-2023-28xx/CVE-2023-2877.json
View File

@ -2,15 +2,38 @@
"id": "CVE-2023-2877", "id": "CVE-2023-2877",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-06-27T14:15:11.633", "published": "2023-06-27T14:15:11.633",
"lastModified": "2023-06-27T16:15:35.267", "lastModified": "2023-07-03T19:26:43.103",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "The Formidable Forms WordPress plugin before 6.3.1 does not adequately authorize the user or validate the plugin URL in its functionality for installing add-ons. This allows a user with a role as low as Subscriber to install and activate arbitrary plugins of arbitrary versions from the WordPress.org plugin repository onto the site, leading to Remote Code Execution." "value": "The Formidable Forms WordPress plugin before 6.3.1 does not adequately authorize the user or validate the plugin URL in its functionality for installing add-ons. This allows a user with a role as low as Subscriber to install and activate arbitrary plugins of arbitrary versions from the WordPress.org plugin repository onto the site, leading to Remote Code Execution."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [ "weaknesses": [
{ {
"source": "contact@wpscan.com", "source": "contact@wpscan.com",
@ -23,10 +46,32 @@
] ]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://wpscan.com/vulnerability/33765da5-c56e-42c1-83dd-fcaad976b402", "nodes": [
"source": "contact@wpscan.com" {
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:strategy11:formidable_forms:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "6.3.1",
"matchCriteriaId": "078E6764-A4DF-4992-AE5D-F623E6B8E94C"
}
]
}
]
}
],
"references": [
{
"url": "https://wpscan.com/vulnerability/33765da5-c56e-42c1-83dd-fcaad976b402",
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

51
CVE-2023/CVE-2023-290xx/CVE-2023-29093.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-29093", "id": "CVE-2023-29093",
"sourceIdentifier": "audit@patchstack.com", "sourceIdentifier": "audit@patchstack.com",
"published": "2023-06-26T06:15:10.773", "published": "2023-06-26T06:15:10.773",
"lastModified": "2023-06-26T13:02:32.107", "lastModified": "2023-07-03T19:19:55.117",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{ {
"source": "audit@patchstack.com", "source": "audit@patchstack.com",
"type": "Secondary", "type": "Secondary",
@ -46,10 +66,31 @@
] ]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://patchstack.com/database/vulnerability/conditional-extra-fees-for-woocommerce/wordpress-conditional-extra-fees-for-woocommerce-plugin-1-0-96-cross-site-scripting-xss-vulnerability?_s_id=cve", "nodes": [
"source": "audit@patchstack.com" {
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:piwebsolution:conditional_cart_fee_\\/_extra_charge_rule_for_woocommerce_extra_fees:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.0.96",
"matchCriteriaId": "8F83895C-DE14-4852-A6B7-6D44203AB0E2"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/conditional-extra-fees-for-woocommerce/wordpress-conditional-extra-fees-for-woocommerce-plugin-1-0-96-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

51
CVE-2023/CVE-2023-294xx/CVE-2023-29423.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-29423", "id": "CVE-2023-29423",
"sourceIdentifier": "audit@patchstack.com", "sourceIdentifier": "audit@patchstack.com",
"published": "2023-06-26T08:15:09.050", "published": "2023-06-26T08:15:09.050",
"lastModified": "2023-06-26T13:02:32.107", "lastModified": "2023-07-03T19:19:39.733",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{ {
"source": "audit@patchstack.com", "source": "audit@patchstack.com",
"type": "Secondary", "type": "Secondary",
@ -46,10 +66,31 @@
] ]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://patchstack.com/database/vulnerability/cancel-order-request-woocommerce/wordpress-cancel-order-request-woocommerce-plugin-1-3-2-cross-site-scripting-xss-vulnerability?_s_id=cve", "nodes": [
"source": "audit@patchstack.com" {
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:piwebsolution:cancel_order_request_\\/_return_order_\\/_repeat_order_\\/_reorder_for_woocommerce:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.3.2",
"matchCriteriaId": "A42EB328-3F88-443C-970C-30F98C661796"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/cancel-order-request-woocommerce/wordpress-cancel-order-request-woocommerce-plugin-1-3-2-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

51
CVE-2023/CVE-2023-294xx/CVE-2023-29438.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-29438", "id": "CVE-2023-29438",
"sourceIdentifier": "audit@patchstack.com", "sourceIdentifier": "audit@patchstack.com",
"published": "2023-06-26T13:15:09.560", "published": "2023-06-26T13:15:09.560",
"lastModified": "2023-06-26T15:02:18.713", "lastModified": "2023-07-03T18:04:26.617",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{ {
"source": "audit@patchstack.com", "source": "audit@patchstack.com",
"type": "Secondary", "type": "Secondary",
@ -46,10 +66,31 @@
] ]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://patchstack.com/database/vulnerability/simplemodal-contact-form-smcf/wordpress-simplemodal-contact-form-smcf-plugin-1-2-9-cross-site-scripting-xss-vulnerability?_s_id=cve", "nodes": [
"source": "audit@patchstack.com" {
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:simplemodal_contact_form_project:simplemodal_contact_form:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.2.9",
"matchCriteriaId": "48D16A22-39A5-4073-9ADD-70751AE45381"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/simplemodal-contact-form-smcf/wordpress-simplemodal-contact-form-smcf-plugin-1-2-9-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

326
CVE-2023/CVE-2023-29xx/CVE-2023-2911.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2911", "id": "CVE-2023-2911",
"sourceIdentifier": "security-officer@isc.org", "sourceIdentifier": "security-officer@isc.org",
"published": "2023-06-21T17:15:47.827", "published": "2023-06-21T17:15:47.827",
"lastModified": "2023-07-03T16:15:09.983", "lastModified": "2023-07-03T19:09:45.463",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -34,30 +34,308 @@
} }
] ]
}, },
"references": [ "weaknesses": [
{ {
"url": "http://www.openwall.com/lists/oss-security/2023/06/21/6", "source": "nvd@nist.gov",
"source": "security-officer@isc.org" "type": "Primary",
}, "description": [
{ {
"url": "https://kb.isc.org/docs/cve-2023-2911", "lang": "en",
"source": "security-officer@isc.org" "value": "CWE-787"
}, }
{ ]
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SEFCEVCTYEMKTWA7V7EYPI5YQQ4JWDLI/", }
"source": "security-officer@isc.org" ],
}, "configurations": [
{ {
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U3K6AJK7RRSR53HRF5GGKPA6PDUDWOD2/", "operator": "AND",
"source": "security-officer@isc.org" "nodes": [
}, {
{ "operator": "OR",
"url": "https://security.netapp.com/advisory/ntap-20230703-0010/", "negate": false,
"source": "security-officer@isc.org" "cpeMatch": [
}, {
{ "vulnerable": true,
"url": "https://www.debian.org/security/2023/dsa-5439", "criteria": "cpe:2.3:a:isc:bind:*:*:*:*:-:*:*:*",
"source": "security-officer@isc.org" "versionStartIncluding": "9.16.33",
"versionEndIncluding": "9.16.41",
"matchCriteriaId": "2E225B5E-5D4E-4D7D-8E8E-BDAF69386072"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:isc:bind:*:*:*:*:supported_preview:*:*:*",
"versionStartIncluding": "9.16.33",
"versionEndIncluding": "9.16.41",
"matchCriteriaId": "B44AC868-4E58-4D76-BE4A-AB47E3FFA134"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:isc:bind:*:*:*:*:-:*:*:*",
"versionStartIncluding": "9.18.7",
"versionEndIncluding": "9.18.15",
"matchCriteriaId": "DFFF05A7-1826-4485-BEE4-DB3A5B25B49A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:isc:bind:*:*:*:*:supported_preview:*:*:*",
"versionStartIncluding": "9.18.11",
"versionEndIncluding": "9.18.15",
"matchCriteriaId": "41E493D6-D811-47ED-9227-CC2AA1837FE4"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "46D69DCC-AE4D-4EA5-861C-D60951444C6C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
"matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "46D69DCC-AE4D-4EA5-861C-D60951444C6C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*",
"matchCriteriaId": "3A756737-1CC4-42C2-A4DF-E1C893B4E2D5"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56409CEC-5A1E-4450-AA42-641E459CC2AF"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B06F4839-D16A-4A61-9BB5-55B13F41E47F"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6770B6C3-732E-4E22-BF1C-2D2FD610061C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9F9C8C20-42EB-4AB5-BD97-212DEB070C43"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "234DEFE0-5CE5-4B0A-96B8-5D227CB8ED31"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CDDF61B7-EC5C-467C-B710-B89F502CD04F"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0B4AD8A-F172-4558-AEC6-FF424BA2D912"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8497A4C9-8474-4A62-8331-3FE862ED4098"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FFF7106-ED78-49BA-9EC5-B889E3685D53"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E63D8B0F-006E-4801-BF9D-1C001BBFB4F9"
}
]
}
]
}
],
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2023/06/21/6",
"source": "security-officer@isc.org",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
]
},
{
"url": "https://kb.isc.org/docs/cve-2023-2911",
"source": "security-officer@isc.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SEFCEVCTYEMKTWA7V7EYPI5YQQ4JWDLI/",
"source": "security-officer@isc.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U3K6AJK7RRSR53HRF5GGKPA6PDUDWOD2/",
"source": "security-officer@isc.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20230703-0010/",
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.debian.org/security/2023/dsa-5439",
"source": "security-officer@isc.org",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

66
CVE-2023/CVE-2023-29xx/CVE-2023-2996.json
View File

@ -2,15 +2,38 @@
"id": "CVE-2023-2996", "id": "CVE-2023-2996",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-06-27T14:15:11.723", "published": "2023-06-27T14:15:11.723",
"lastModified": "2023-06-27T16:15:35.267", "lastModified": "2023-07-03T19:26:05.237",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "The Jetpack WordPress plugin before 12.1.1 does not validate uploaded files, allowing users with author roles or above to manipulate existing files on the site, deleting arbitrary files, and in rare cases achieve Remote Code Execution via phar deserialization." "value": "The Jetpack WordPress plugin before 12.1.1 does not validate uploaded files, allowing users with author roles or above to manipulate existing files on the site, deleting arbitrary files, and in rare cases achieve Remote Code Execution via phar deserialization."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [ "weaknesses": [
{ {
"source": "contact@wpscan.com", "source": "contact@wpscan.com",
@ -23,14 +46,39 @@
] ]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://jetpack.com/blog/jetpack-12-1-1-critical-security-update/", "nodes": [
"source": "contact@wpscan.com"
},
{ {
"url": "https://wpscan.com/vulnerability/52d221bd-ae42-435d-a90a-60a5ae530663", "operator": "OR",
"source": "contact@wpscan.com" "negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:automattic:jetpack:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "12.1.1",
"matchCriteriaId": "F5E11109-F3B9-4201-9C0B-94D8FDD0ECE4"
}
]
}
]
}
],
"references": [
{
"url": "https://jetpack.com/blog/jetpack-12-1-1-critical-security-update/",
"source": "contact@wpscan.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://wpscan.com/vulnerability/52d221bd-ae42-435d-a90a-60a5ae530663",
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

93
CVE-2023/CVE-2023-302xx/CVE-2023-30261.json
View File

@ -2,27 +2,98 @@
"id": "CVE-2023-30261", "id": "CVE-2023-30261",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-06-26T14:15:10.223", "published": "2023-06-26T14:15:10.223",
"lastModified": "2023-06-26T15:02:18.713", "lastModified": "2023-07-03T18:35:15.703",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Command Injection vulnerability in OpenWB 1.6 and 1.7 allows remote attackers to run arbitrary commands via crafted GET request." "value": "Command Injection vulnerability in OpenWB 1.6 and 1.7 allows remote attackers to run arbitrary commands via crafted GET request."
} }
], ],
"metrics": {}, "metrics": {
"references": [ "cvssMetricV31": [
{ {
"url": "https://eldstal.se/advisories/230329-openwb.html", "source": "nvd@nist.gov",
"source": "cve@mitre.org" "type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
}, },
{ "exploitabilityScore": 3.9,
"url": "https://github.com/snaptec/openWB/issues/2672", "impactScore": 5.9
"source": "cve@mitre.org" }
]
}, },
"weaknesses": [
{ {
"url": "https://github.com/snaptec/openWB/pull/2673", "source": "nvd@nist.gov",
"source": "cve@mitre.org" "type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openwb:openwb:1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9B16EC80-37A7-45E2-8F68-DE9C60C18B44"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openwb:openwb:1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2E3B3C05-CEF6-4982-B3FC-C531C79D66DA"
}
]
}
]
}
],
"references": [
{
"url": "https://eldstal.se/advisories/230329-openwb.html",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Mitigation",
"Third Party Advisory"
]
},
{
"url": "https://github.com/snaptec/openWB/issues/2672",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Mitigation",
"Third Party Advisory"
]
},
{
"url": "https://github.com/snaptec/openWB/pull/2673",
"source": "cve@mitre.org",
"tags": [
"Patch"
]
} }
] ]
} }

62
CVE-2023/CVE-2023-31xx/CVE-2023-3114.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3114", "id": "CVE-2023-3114",
"sourceIdentifier": "security@hashicorp.com", "sourceIdentifier": "security@hashicorp.com",
"published": "2023-06-22T22:15:09.197", "published": "2023-06-22T22:15:09.197",
"lastModified": "2023-06-23T13:03:31.027", "lastModified": "2023-07-03T19:02:38.127",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.1,
"impactScore": 4.0
},
{ {
"source": "security@hashicorp.com", "source": "security@hashicorp.com",
"type": "Secondary", "type": "Secondary",
@ -35,6 +55,16 @@
] ]
}, },
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
},
{ {
"source": "security@hashicorp.com", "source": "security@hashicorp.com",
"type": "Secondary", "type": "Secondary",
@ -46,10 +76,32 @@
] ]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://discuss.hashicorp.com/t/hcsec-2023-18-terraform-enterprise-agent-pool-controls-allowed-unauthorized-workspaces-to-target-an-agent-pool/55329", "nodes": [
"source": "security@hashicorp.com" {
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hashicorp:terraform_enterprise:*:*:*:*:*:*:*:*",
"versionStartIncluding": "202207-1",
"versionEndExcluding": "202306-1",
"matchCriteriaId": "2FD92957-F413-4189-B026-C7CB7CF7348B"
}
]
}
]
}
],
"references": [
{
"url": "https://discuss.hashicorp.com/t/hcsec-2023-18-terraform-enterprise-agent-pool-controls-allowed-unauthorized-workspaces-to-target-an-agent-pool/55329",
"source": "security@hashicorp.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

76
CVE-2023/CVE-2023-325xx/CVE-2023-32571.json
View File

@ -2,23 +2,83 @@
"id": "CVE-2023-32571", "id": "CVE-2023-32571",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-06-22T20:15:09.640", "published": "2023-06-22T20:15:09.640",
"lastModified": "2023-06-23T13:03:39.067", "lastModified": "2023-07-03T19:07:26.647",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Dynamic Linq 1.0.7.10 through 1.2.25 before 1.3.0 allows attackers to execute arbitrary code and commands when untrusted input to methods including Where, Select, OrderBy is parsed." "value": "Dynamic Linq 1.0.7.10 through 1.2.25 before 1.3.0 allows attackers to execute arbitrary code and commands when untrusted input to methods including Where, Select, OrderBy is parsed."
} }
], ],
"metrics": {}, "metrics": {
"references": [ "cvssMetricV31": [
{ {
"url": "https://github.com/zzzprojects/System.Linq.Dynamic.Core", "source": "nvd@nist.gov",
"source": "cve@mitre.org" "type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
}, },
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{ {
"url": "https://research.nccgroup.com/2023/06/13/dynamic-linq-injection-remote-code-execution-vulnerability-cve-2023-32571/", "source": "nvd@nist.gov",
"source": "cve@mitre.org" "type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-697"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dynamic-linq:linq:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.0.7.10",
"versionEndIncluding": "1.2.25",
"matchCriteriaId": "508EE55E-ED69-462D-B1FD-6C0F2E5AD558"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/zzzprojects/System.Linq.Dynamic.Core",
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://research.nccgroup.com/2023/06/13/dynamic-linq-injection-remote-code-execution-vulnerability-cve-2023-32571/",
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
} }
] ]
} }

129
CVE-2023/CVE-2023-332xx/CVE-2023-33299.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-33299", "id": "CVE-2023-33299",
"sourceIdentifier": "psirt@fortinet.com", "sourceIdentifier": "psirt@fortinet.com",
"published": "2023-06-23T08:15:09.483", "published": "2023-06-23T08:15:09.483",
"lastModified": "2023-06-23T13:03:31.027", "lastModified": "2023-07-03T18:59:42.443",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{ {
"source": "psirt@fortinet.com", "source": "psirt@fortinet.com",
"type": "Secondary", "type": "Secondary",
@ -34,10 +54,109 @@
} }
] ]
}, },
"references": [ "weaknesses": [
{ {
"url": "https://fortiguard.com/psirt/FG-IR-23-074", "source": "nvd@nist.gov",
"source": "psirt@fortinet.com" "type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-502"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortinac:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.5.0",
"versionEndIncluding": "8.5.4",
"matchCriteriaId": "8292B841-851C-42C2-AF13-17AB2FA894CD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortinac:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.6.0",
"versionEndIncluding": "8.6.5",
"matchCriteriaId": "95E75B88-1750-4FB6-BCE4-74B69D93C918"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortinac:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.7.0",
"versionEndIncluding": "8.7.6",
"matchCriteriaId": "3BD32B25-76B4-4D6E-BB5C-065070297058"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortinac:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.8.0",
"versionEndIncluding": "8.8.11",
"matchCriteriaId": "46929BE3-0396-4B8A-9889-9F6CA73FAD4E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortinac:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.1.0",
"versionEndIncluding": "9.1.9",
"matchCriteriaId": "D101F116-0C73-401E-9882-8BA2F403FA4E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortinac:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.2.0",
"versionEndIncluding": "9.2.7",
"matchCriteriaId": "B341AE7E-48F1-4ABE-891F-F9D543D19E29"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortinac:7.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EFF5B4CF-5BF9-4852-BD4F-5A27FD17EDC2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortinac:7.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4C3107FF-B414-4C7C-BD97-AC102A744B1A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortinac:8.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "952F266E-0E48-4D69-81E0-9F813B60AC3E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortinac:9.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E12E11B0-E21A-4124-9DF9-FF268BB19813"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortinac:9.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4648F862-AB8C-4B8D-8F2D-5D2641F08845"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortinac:9.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6B0251A8-1E8B-4B4A-962F-3E5950601814"
}
]
}
]
}
],
"references": [
{
"url": "https://fortiguard.com/psirt/FG-IR-23-074",
"source": "psirt@fortinet.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

80
CVE-2023/CVE-2023-341xx/CVE-2023-34110.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34110", "id": "CVE-2023-34110",
"sourceIdentifier": "security-advisories@github.com", "sourceIdentifier": "security-advisories@github.com",
"published": "2023-06-22T23:15:09.410", "published": "2023-06-22T23:15:09.410",
"lastModified": "2023-06-23T13:03:31.027", "lastModified": "2023-07-03T19:00:56.767",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.7,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.2,
"impactScore": 1.4
},
{ {
"source": "security-advisories@github.com", "source": "security-advisories@github.com",
"type": "Secondary", "type": "Secondary",
@ -46,22 +66,52 @@
] ]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://github.com/dpgaspar/Flask-AppBuilder/commit/ae25ad4c87a9051ebe4a4e8f02aee73232642626", "nodes": [
"source": "security-advisories@github.com"
},
{ {
"url": "https://github.com/dpgaspar/Flask-AppBuilder/pull/2045", "operator": "OR",
"source": "security-advisories@github.com" "negate": false,
}, "cpeMatch": [
{ {
"url": "https://github.com/dpgaspar/Flask-AppBuilder/releases/tag/v4.3.2", "vulnerable": true,
"source": "security-advisories@github.com" "criteria": "cpe:2.3:a:flask-appbuilder_project:flask-appbuilder:*:*:*:*:*:*:*:*",
}, "versionEndExcluding": "4.3.2",
{ "matchCriteriaId": "89D84C58-58FA-4CEE-804D-F114CD419E72"
"url": "https://github.com/dpgaspar/Flask-AppBuilder/security/advisories/GHSA-jhpr-j7cq-3jp3", }
"source": "security-advisories@github.com" ]
}
]
}
],
"references": [
{
"url": "https://github.com/dpgaspar/Flask-AppBuilder/commit/ae25ad4c87a9051ebe4a4e8f02aee73232642626",
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/dpgaspar/Flask-AppBuilder/pull/2045",
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/dpgaspar/Flask-AppBuilder/releases/tag/v4.3.2",
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/dpgaspar/Flask-AppBuilder/security/advisories/GHSA-jhpr-j7cq-3jp3",
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

64
CVE-2023/CVE-2023-342xx/CVE-2023-34242.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-34242", "id": "CVE-2023-34242",
"sourceIdentifier": "security-advisories@github.com", "sourceIdentifier": "security-advisories@github.com",
"published": "2023-06-15T20:15:09.473", "published": "2023-06-15T20:15:09.473",
"lastModified": "2023-06-15T20:46:39.603", "lastModified": "2023-07-03T19:12:59.533",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to version 1.13.4, when Gateway API is enabled in Cilium, the absence of a check on the namespace in which a ReferenceGrant is created could result in Cilium unintentionally gaining visibility of secrets (including certificates) and services across namespaces. An attacker on an affected cluster can leverage this issue to use cluster secrets that should not be visible to them, or communicate with services that they should not have access to. Gateway API functionality is disabled by default. This vulnerability is fixed in Cilium release 1.13.4. As a workaround, restrict the creation of `ReferenceGrant` resources to admin users by using Kubernetes RBAC." "value": "Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to version 1.13.4, when Gateway API is enabled in Cilium, the absence of a check on the namespace in which a ReferenceGrant is created could result in Cilium unintentionally gaining visibility of secrets (including certificates) and services across namespaces. An attacker on an affected cluster can leverage this issue to use cluster secrets that should not be visible to them, or communicate with services that they should not have access to. Gateway API functionality is disabled by default. This vulnerability is fixed in Cilium release 1.13.4. As a workaround, restrict the creation of `ReferenceGrant` resources to admin users by using Kubernetes RBAC."
},
{
"lang": "es",
"value": "Cilium es una soluci\u00f3n de red, observabilidad y seguridad con un plano de datos basado en eBPF. Antes de la versi\u00f3n 1.13.4, cuando la API de puerta de enlace est\u00e1 habilitada en Cilium, la ausencia de una comprobaci\u00f3n en el espacio de nombres en el que se crea una \"ReferenceGrant\" podr\u00eda dar lugar a que Cilium obtuviera involuntariamente visibilidad de secretos (incluidos certificados) y servicios a trav\u00e9s de espacios de nombres. Un atacante en un cl\u00faster afectado puede aprovechar este problema para utilizar secretos de cl\u00faster que no deber\u00edan ser visibles para \u00e9l, o comunicarse con servicios a los que no deber\u00eda tener acceso. La funcionalidad \"Gateway API\" est\u00e1 desactivada por defecto. Esta vulnerabilidad se ha corregido en la versi\u00f3n 1.13.4 de Cilium. Como soluci\u00f3n, restrinja la creaci\u00f3n de recursos \"ReferenceGrant\" a los usuarios administradores mediante Kubernetes RBAC. "
} }
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{ {
"source": "security-advisories@github.com", "source": "security-advisories@github.com",
"type": "Secondary", "type": "Secondary",
@ -46,14 +70,38 @@
] ]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://github.com/cilium/cilium/releases/tag/v1.13.4", "nodes": [
"source": "security-advisories@github.com"
},
{ {
"url": "https://github.com/cilium/cilium/security/advisories/GHSA-r7wr-4w5q-55m6", "operator": "OR",
"source": "security-advisories@github.com" "negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cilium:cilium:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.13.4",
"matchCriteriaId": "4CCCAA75-0B30-4621-99DA-48D617D3A9B5"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/cilium/cilium/releases/tag/v1.13.4",
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/cilium/cilium/security/advisories/GHSA-r7wr-4w5q-55m6",
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

4
CVE-2023/CVE-2023-344xx/CVE-2023-34450.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34450", "id": "CVE-2023-34450",
"sourceIdentifier": "security-advisories@github.com", "sourceIdentifier": "security-advisories@github.com",
"published": "2023-07-03T17:15:09.147", "published": "2023-07-03T17:15:09.147",
"lastModified": "2023-07-03T17:15:09.147", "lastModified": "2023-07-03T18:33:32.153",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

4
CVE-2023/CVE-2023-344xx/CVE-2023-34451.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34451", "id": "CVE-2023-34451",
"sourceIdentifier": "security-advisories@github.com", "sourceIdentifier": "security-advisories@github.com",
"published": "2023-07-03T17:15:09.240", "published": "2023-07-03T17:15:09.240",
"lastModified": "2023-07-03T17:15:09.240", "lastModified": "2023-07-03T18:33:32.153",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

79
CVE-2023/CVE-2023-345xx/CVE-2023-34553.json
View File

@ -2,19 +2,86 @@
"id": "CVE-2023-34553", "id": "CVE-2023-34553",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-06-22T21:15:09.367", "published": "2023-06-22T21:15:09.367",
"lastModified": "2023-06-23T13:03:39.067", "lastModified": "2023-07-03T19:04:02.807",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "An issue was discovered in WAFU Keyless Smart Lock v1.0 allows attackers to unlock a device via code replay attack." "value": "An issue was discovered in WAFU Keyless Smart Lock v1.0 allows attackers to unlock a device via code replay attack."
} }
], ],
"metrics": {}, "metrics": {
"references": [ "cvssMetricV31": [
{ {
"url": "https://ashallen.net/wireless-smart-lock-vulnerability-disclosure", "source": "nvd@nist.gov",
"source": "cve@mitre.org" "type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-294"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:wafucn:wafu_keyless_smart_lock_firmware:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "68B7D499-05DC-4BC5-8AA7-0DF9A7C8E645"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:wafucn:wafu_keyless_smart_lock:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E25A352-FE93-4042-BD32-917169B76AA9"
}
]
}
]
}
],
"references": [
{
"url": "https://ashallen.net/wireless-smart-lock-vulnerability-disclosure",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

68
CVE-2023/CVE-2023-348xx/CVE-2023-34835.json
View File

@ -2,19 +2,75 @@
"id": "CVE-2023-34835", "id": "CVE-2023-34835",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-06-27T18:15:13.557", "published": "2023-06-27T18:15:13.557",
"lastModified": "2023-06-27T18:34:43.840", "lastModified": "2023-07-03T19:30:38.090",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "A Cross Site Scripting vulnerability in Microworld Technologies eScan Management console v.14.0.1400.2281 allows a remote attacker to execute arbitrary JavaScript code via a vulnerable delete_file parameter." "value": "A Cross Site Scripting vulnerability in Microworld Technologies eScan Management console v.14.0.1400.2281 allows a remote attacker to execute arbitrary JavaScript code via a vulnerable delete_file parameter."
} }
], ],
"metrics": {}, "metrics": {
"references": [ "cvssMetricV31": [
{ {
"url": "https://github.com/sahiloj/CVE-2023-34835/blob/main/README.md", "source": "nvd@nist.gov",
"source": "cve@mitre.org" "type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:escanav:escan_management_console:14.0.1400.2281:*:*:*:*:*:*:*",
"matchCriteriaId": "5C9D13C7-6948-4E3A-946C-B291CFBD4D70"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/sahiloj/CVE-2023-34835/blob/main/README.md",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

68
CVE-2023/CVE-2023-348xx/CVE-2023-34836.json
View File

@ -2,19 +2,75 @@
"id": "CVE-2023-34836", "id": "CVE-2023-34836",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-06-27T18:15:13.603", "published": "2023-06-27T18:15:13.603",
"lastModified": "2023-06-27T18:34:43.840", "lastModified": "2023-07-03T19:30:27.440",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "A Cross Site Scripting vulnerability in Microworld Technologies eScan Management console v.14.0.1400.2281 allows a remote attacker to execute arbitrary code via a crafted script to the Dtltyp and ListName parameters." "value": "A Cross Site Scripting vulnerability in Microworld Technologies eScan Management console v.14.0.1400.2281 allows a remote attacker to execute arbitrary code via a crafted script to the Dtltyp and ListName parameters."
} }
], ],
"metrics": {}, "metrics": {
"references": [ "cvssMetricV31": [
{ {
"url": "https://github.com/sahiloj/CVE-2023-34836/blob/main/README.md", "source": "nvd@nist.gov",
"source": "cve@mitre.org" "type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:escanav:escan_management_console:14.0.1400.2281:*:*:*:*:*:*:*",
"matchCriteriaId": "5C9D13C7-6948-4E3A-946C-B291CFBD4D70"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/sahiloj/CVE-2023-34836/blob/main/README.md",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

68
CVE-2023/CVE-2023-348xx/CVE-2023-34837.json
View File

@ -2,19 +2,75 @@
"id": "CVE-2023-34837", "id": "CVE-2023-34837",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-06-27T18:15:13.653", "published": "2023-06-27T18:15:13.653",
"lastModified": "2023-06-27T18:34:43.840", "lastModified": "2023-07-03T19:30:12.097",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "A Cross Site Scripting vulnerability in Microworld Technologies eScan Management console v.14.0.1400.2281 allows a remote attacker to execute arbitrary code via a vulnerable parameter GrpPath." "value": "A Cross Site Scripting vulnerability in Microworld Technologies eScan Management console v.14.0.1400.2281 allows a remote attacker to execute arbitrary code via a vulnerable parameter GrpPath."
} }
], ],
"metrics": {}, "metrics": {
"references": [ "cvssMetricV31": [
{ {
"url": "https://github.com/sahiloj/CVE-2023-34837/blob/main/README.md", "source": "nvd@nist.gov",
"source": "cve@mitre.org" "type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:escanav:escan_management_console:14.0.1400.2281:*:*:*:*:*:*:*",
"matchCriteriaId": "5C9D13C7-6948-4E3A-946C-B291CFBD4D70"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/sahiloj/CVE-2023-34837/blob/main/README.md",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

68
CVE-2023/CVE-2023-348xx/CVE-2023-34838.json
View File

@ -2,19 +2,75 @@
"id": "CVE-2023-34838", "id": "CVE-2023-34838",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-06-27T18:15:13.700", "published": "2023-06-27T18:15:13.700",
"lastModified": "2023-06-27T18:34:43.840", "lastModified": "2023-07-03T19:30:00.057",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "A Cross Site Scripting vulnerability in Microworld Technologies eScan Management console v.14.0.1400.2281 allows a remote attacker to execute arbitrary code via a crafted script to the Description parameter." "value": "A Cross Site Scripting vulnerability in Microworld Technologies eScan Management console v.14.0.1400.2281 allows a remote attacker to execute arbitrary code via a crafted script to the Description parameter."
} }
], ],
"metrics": {}, "metrics": {
"references": [ "cvssMetricV31": [
{ {
"url": "https://github.com/sahiloj/CVE-2023-34838/blob/main/README.md", "source": "nvd@nist.gov",
"source": "cve@mitre.org" "type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:escanav:escan_management_console:14.0.1400.2281:*:*:*:*:*:*:*",
"matchCriteriaId": "5C9D13C7-6948-4E3A-946C-B291CFBD4D70"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/sahiloj/CVE-2023-34838/blob/main/README.md",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

68
CVE-2023/CVE-2023-348xx/CVE-2023-34839.json
View File

@ -2,19 +2,75 @@
"id": "CVE-2023-34839", "id": "CVE-2023-34839",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-06-27T18:15:13.747", "published": "2023-06-27T18:15:13.747",
"lastModified": "2023-06-27T18:34:43.840", "lastModified": "2023-07-03T19:29:43.347",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "A Cross Site Request Forgery (CSRF) vulnerability in Issabel issabel-pbx v.4.0.0-6 allows a remote attacker to gain privileges via a Custom CSRF exploit to create new user function in the application." "value": "A Cross Site Request Forgery (CSRF) vulnerability in Issabel issabel-pbx v.4.0.0-6 allows a remote attacker to gain privileges via a Custom CSRF exploit to create new user function in the application."
} }
], ],
"metrics": {}, "metrics": {
"references": [ "cvssMetricV31": [
{ {
"url": "https://github.com/sahiloj/CVE-2023-34839/blob/main/README.md", "source": "nvd@nist.gov",
"source": "cve@mitre.org" "type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:issabel:pbx:4.0.0-6:*:*:*:*:*:*:*",
"matchCriteriaId": "D1A5E56B-4B74-4BF7-ACF5-1D9F3C0FC0FF"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/sahiloj/CVE-2023-34839/blob/main/README.md",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

76
CVE-2023/CVE-2023-34xx/CVE-2023-3431.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3431", "id": "CVE-2023-3431",
"sourceIdentifier": "security@huntr.dev", "sourceIdentifier": "security@huntr.dev",
"published": "2023-06-27T15:15:11.743", "published": "2023-06-27T15:15:11.743",
"lastModified": "2023-06-27T16:15:35.267", "lastModified": "2023-07-03T19:24:51.337",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -11,6 +11,28 @@
} }
], ],
"metrics": { "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
],
"cvssMetricV30": [ "cvssMetricV30": [
{ {
"source": "security@huntr.dev", "source": "security@huntr.dev",
@ -36,8 +58,18 @@
}, },
"weaknesses": [ "weaknesses": [
{ {
"source": "security@huntr.dev", "source": "nvd@nist.gov",
"type": "Primary", "type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
},
{
"source": "security@huntr.dev",
"type": "Secondary",
"description": [ "description": [
{ {
"lang": "en", "lang": "en",
@ -46,14 +78,40 @@
] ]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://github.com/plantuml/plantuml/commit/fbe7fa3b25b4c887d83927cffb1009ec6cb8ab1e", "nodes": [
"source": "security@huntr.dev"
},
{ {
"url": "https://huntr.dev/bounties/fa741f95-b53c-4ed7-b157-e32c5145164c", "operator": "OR",
"source": "security@huntr.dev" "negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:plantuml:plantuml:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.2023.9",
"matchCriteriaId": "389D4A80-A72D-42CC-885E-818A52175C8A"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/plantuml/plantuml/commit/fbe7fa3b25b4c887d83927cffb1009ec6cb8ab1e",
"source": "security@huntr.dev",
"tags": [
"Patch"
]
},
{
"url": "https://huntr.dev/bounties/fa741f95-b53c-4ed7-b157-e32c5145164c",
"source": "security@huntr.dev",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
]
} }
] ]
} }

64
CVE-2023/CVE-2023-34xx/CVE-2023-3432.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3432", "id": "CVE-2023-3432",
"sourceIdentifier": "security@huntr.dev", "sourceIdentifier": "security@huntr.dev",
"published": "2023-06-27T15:15:11.980", "published": "2023-06-27T15:15:11.980",
"lastModified": "2023-06-27T16:15:35.267", "lastModified": "2023-07-03T19:24:13.527",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -11,6 +11,28 @@
} }
], ],
"metrics": { "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 10.0,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.8
}
],
"cvssMetricV30": [ "cvssMetricV30": [
{ {
"source": "security@huntr.dev", "source": "security@huntr.dev",
@ -46,14 +68,40 @@
] ]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://github.com/plantuml/plantuml/commit/b32500bb61ae617bb312496d6d832e4be8190797", "nodes": [
"source": "security@huntr.dev"
},
{ {
"url": "https://huntr.dev/bounties/8ac3316f-431c-468d-87e4-3dafff2ecf51", "operator": "OR",
"source": "security@huntr.dev" "negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:plantuml:plantuml:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.2023.9",
"matchCriteriaId": "389D4A80-A72D-42CC-885E-818A52175C8A"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/plantuml/plantuml/commit/b32500bb61ae617bb312496d6d832e4be8190797",
"source": "security@huntr.dev",
"tags": [
"Patch"
]
},
{
"url": "https://huntr.dev/bounties/8ac3316f-431c-468d-87e4-3dafff2ecf51",
"source": "security@huntr.dev",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
]
} }
] ]
} }

4
CVE-2023/CVE-2023-34xx/CVE-2023-3497.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3497", "id": "CVE-2023-3497",
"sourceIdentifier": "chrome-cve-admin@google.com", "sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-07-03T17:15:09.540", "published": "2023-07-03T17:15:09.540",
"lastModified": "2023-07-03T17:15:09.540", "lastModified": "2023-07-03T18:33:32.153",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

52
CVE-2023/CVE-2023-351xx/CVE-2023-35154.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35154", "id": "CVE-2023-35154",
"sourceIdentifier": "security-advisories@github.com", "sourceIdentifier": "security-advisories@github.com",
"published": "2023-06-23T21:15:09.400", "published": "2023-06-23T21:15:09.400",
"lastModified": "2023-06-24T12:41:30.800", "lastModified": "2023-07-03T18:47:34.727",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
},
{ {
"source": "security-advisories@github.com", "source": "security-advisories@github.com",
"type": "Secondary", "type": "Secondary",
@ -46,10 +66,32 @@
] ]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://github.com/KnowageLabs/Knowage-Server/security/advisories/GHSA-48hp-jvv8-cf62", "nodes": [
"source": "security-advisories@github.com" {
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:eng:knowage:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.1.0",
"versionEndExcluding": "8.1.8",
"matchCriteriaId": "97741C80-7124-493C-B642-25BC547AA137"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/KnowageLabs/Knowage-Server/security/advisories/GHSA-48hp-jvv8-cf62",
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

95
CVE-2023/CVE-2023-351xx/CVE-2023-35171.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35171", "id": "CVE-2023-35171",
"sourceIdentifier": "security-advisories@github.com", "sourceIdentifier": "security-advisories@github.com",
"published": "2023-06-23T21:15:09.703", "published": "2023-06-23T21:15:09.703",
"lastModified": "2023-06-24T12:41:30.800", "lastModified": "2023-07-03T19:38:57.370",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{ {
"source": "security-advisories@github.com", "source": "security-advisories@github.com",
"type": "Secondary", "type": "Secondary",
@ -36,7 +56,7 @@
}, },
"weaknesses": [ "weaknesses": [
{ {
"source": "security-advisories@github.com", "source": "nvd@nist.gov",
"type": "Primary", "type": "Primary",
"description": [ "description": [
{ {
@ -44,20 +64,71 @@
"value": "CWE-601" "value": "CWE-601"
} }
] ]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-601"
}
]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-h353-vvwv-j2r4", "nodes": [
"source": "security-advisories@github.com" {
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:-:*:*:*",
"versionStartIncluding": "26.0.0",
"versionEndExcluding": "26.0.2",
"matchCriteriaId": "CB3473C7-E5B9-44B1-AC74-F7224D9AB78B"
}, },
{ {
"url": "https://github.com/nextcloud/server/pull/38194", "vulnerable": true,
"source": "security-advisories@github.com" "criteria": "cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:enterprise:*:*:*",
}, "versionStartIncluding": "26.0.0",
{ "versionEndExcluding": "26.0.2",
"url": "https://hackerone.com/reports/1977222", "matchCriteriaId": "AE95CF9F-D964-4857-8805-2CE4CF2F6328"
"source": "security-advisories@github.com" }
]
}
]
}
],
"references": [
{
"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-h353-vvwv-j2r4",
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
]
},
{
"url": "https://github.com/nextcloud/server/pull/38194",
"source": "security-advisories@github.com",
"tags": [
"Issue Tracking",
"Patch"
]
},
{
"url": "https://hackerone.com/reports/1977222",
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Issue Tracking",
"Mitigation",
"Third Party Advisory"
]
} }
] ]
} }

4
CVE-2023/CVE-2023-359xx/CVE-2023-35935.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35935", "id": "CVE-2023-35935",
"sourceIdentifier": "security-advisories@github.com", "sourceIdentifier": "security-advisories@github.com",
"published": "2023-07-03T17:15:09.317", "published": "2023-07-03T17:15:09.317",
"lastModified": "2023-07-03T17:15:09.317", "lastModified": "2023-07-03T18:33:32.153",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

4
CVE-2023/CVE-2023-360xx/CVE-2023-36053.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36053", "id": "CVE-2023-36053",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-07-03T13:15:09.737", "published": "2023-07-03T13:15:09.737",
"lastModified": "2023-07-03T13:15:09.737", "lastModified": "2023-07-03T18:33:32.153",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

68
CVE-2023/CVE-2023-363xx/CVE-2023-36301.json
View File

@ -2,19 +2,75 @@
"id": "CVE-2023-36301", "id": "CVE-2023-36301",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-06-26T15:15:09.853", "published": "2023-06-26T15:15:09.853",
"lastModified": "2023-06-26T17:51:24.007", "lastModified": "2023-07-03T19:18:49.437",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Talend Data Catalog before 8.0-20230221 contain a directory traversal vulnerability in HeaderImageServlet." "value": "Talend Data Catalog before 8.0-20230221 contain a directory traversal vulnerability in HeaderImageServlet."
} }
], ],
"metrics": {}, "metrics": {
"references": [ "cvssMetricV31": [
{ {
"url": "https://help.talend.com/r/en-US/Talend-Products-CVEs/Talend-Products-CVEs", "source": "nvd@nist.gov",
"source": "cve@mitre.org" "type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:talend:data_catalog:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.0-20230221",
"matchCriteriaId": "3A24F7E5-1BF9-4623-95F9-93CCC98F3CCA"
}
]
}
]
}
],
"references": [
{
"url": "https://help.talend.com/r/en-US/Talend-Products-CVEs/Talend-Products-CVEs",
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

84
CVE-2023/CVE-2023-366xx/CVE-2023-36660.json
View File

@ -2,27 +2,89 @@
"id": "CVE-2023-36660", "id": "CVE-2023-36660",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-06-25T22:15:21.337", "published": "2023-06-25T22:15:21.337",
"lastModified": "2023-06-26T13:02:36.297", "lastModified": "2023-07-03T19:20:47.360",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "The OCB feature in libnettle in Nettle 3.9 before 3.9.1 allows memory corruption." "value": "The OCB feature in libnettle in Nettle 3.9 before 3.9.1 allows memory corruption."
} }
], ],
"metrics": {}, "metrics": {
"references": [ "cvssMetricV31": [
{ {
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1212112", "source": "nvd@nist.gov",
"source": "cve@mitre.org" "type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
}, },
{ "exploitabilityScore": 3.9,
"url": "https://git.lysator.liu.se/nettle/nettle/-/commit/867a4548b95705291a3afdd66d76e7f17ba2618f", "impactScore": 5.9
"source": "cve@mitre.org" }
]
}, },
"weaknesses": [
{ {
"url": "https://git.lysator.liu.se/nettle/nettle/-/compare/nettle_3.9_release_20230514...nettle_3.9.1_release_20230601", "source": "nvd@nist.gov",
"source": "cve@mitre.org" "type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nettle_project:nettle:3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "315BCEC0-1D36-4DAC-99D3-652EB144BC13"
}
]
}
]
}
],
"references": [
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1212112",
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch"
]
},
{
"url": "https://git.lysator.liu.se/nettle/nettle/-/commit/867a4548b95705291a3afdd66d76e7f17ba2618f",
"source": "cve@mitre.org",
"tags": [
"Patch"
]
},
{
"url": "https://git.lysator.liu.se/nettle/nettle/-/compare/nettle_3.9_release_20230514...nettle_3.9.1_release_20230601",
"source": "cve@mitre.org",
"tags": [
"Patch"
]
} }
] ]
} }

75
CVE-2023/CVE-2023-366xx/CVE-2023-36666.json
View File

@ -2,23 +2,82 @@
"id": "CVE-2023-36666", "id": "CVE-2023-36666",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-06-25T22:15:21.527", "published": "2023-06-25T22:15:21.527",
"lastModified": "2023-06-26T13:02:32.107", "lastModified": "2023-07-03T19:07:18.410",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "INEX IXP-Manager before 6.3.1 allows XSS. list-preamble.foil.php, page-header-preamble.foil.php, edit-form.foil.php, page-header-preamble.foil.php, overview.foil.php, cust.foil.php, and view.foil.php may be affected." "value": "INEX IXP-Manager before 6.3.1 allows XSS. list-preamble.foil.php, page-header-preamble.foil.php, edit-form.foil.php, page-header-preamble.foil.php, overview.foil.php, cust.foil.php, and view.foil.php may be affected."
} }
], ],
"metrics": {}, "metrics": {
"references": [ "cvssMetricV31": [
{ {
"url": "https://github.com/inex/IXP-Manager/commit/fddbc38adb477c9cd46a462655ffed96d3d42229", "source": "nvd@nist.gov",
"source": "cve@mitre.org" "type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
}, },
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{ {
"url": "https://github.com/inex/IXP-Manager/compare/v6.3.0...v6.3.1", "source": "nvd@nist.gov",
"source": "cve@mitre.org" "type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:inex:ixp_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.3.1",
"matchCriteriaId": "50ECE4A6-8FD8-416A-9D29-DB4B190314ED"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/inex/IXP-Manager/commit/fddbc38adb477c9cd46a462655ffed96d3d42229",
"source": "cve@mitre.org",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/inex/IXP-Manager/compare/v6.3.0...v6.3.1",
"source": "cve@mitre.org",
"tags": [
"Patch"
]
} }
] ]
} }

90
CVE-2023/CVE-2023-366xx/CVE-2023-36675.json
View File

@ -2,19 +2,97 @@
"id": "CVE-2023-36675", "id": "CVE-2023-36675",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-06-26T01:15:09.203", "published": "2023-06-26T01:15:09.203",
"lastModified": "2023-06-26T13:02:32.107", "lastModified": "2023-07-03T19:20:19.150",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "An issue was discovered in MediaWiki before 1.35.11, 1.36.x through 1.38.x before 1.38.7, 1.39.x before 1.39.4, and 1.40.x before 1.40.1. BlockLogFormatter.php in BlockLogFormatter allows XSS in the partial blocks feature." "value": "An issue was discovered in MediaWiki before 1.35.11, 1.36.x through 1.38.x before 1.38.7, 1.39.x before 1.39.4, and 1.40.x before 1.40.1. BlockLogFormatter.php in BlockLogFormatter allows XSS in the partial blocks feature."
} }
], ],
"metrics": {}, "metrics": {
"references": [ "cvssMetricV31": [
{ {
"url": "https://phabricator.wikimedia.org/T332889", "source": "nvd@nist.gov",
"source": "cve@mitre.org" "type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.35.11",
"matchCriteriaId": "FB8FFF65-64E2-4995-9D76-4A76E9165631"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.36.0",
"versionEndExcluding": "1.38.7",
"matchCriteriaId": "604E0A5B-4554-46AA-98AF-608A2CCDBF4F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.39.0",
"versionEndExcluding": "1.39.4",
"matchCriteriaId": "8B25814F-6A96-432B-9E6B-458E8FAA8B32"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.40.0",
"versionEndExcluding": "1.40.1",
"matchCriteriaId": "1AD12042-7940-4775-AD0E-DB4B55438E43"
}
]
}
]
}
],
"references": [
{
"url": "https://phabricator.wikimedia.org/T332889",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking"
]
} }
] ]
} }

4
CVE-2023/CVE-2023-368xx/CVE-2023-36814.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36814", "id": "CVE-2023-36814",
"sourceIdentifier": "security-advisories@github.com", "sourceIdentifier": "security-advisories@github.com",
"published": "2023-07-03T17:15:09.393", "published": "2023-07-03T17:15:09.393",
"lastModified": "2023-07-03T17:15:09.393", "lastModified": "2023-07-03T18:33:32.153",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

55
CVE-2023/CVE-2023-368xx/CVE-2023-36815.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-36815",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-07-03T18:15:09.653",
"lastModified": "2023-07-03T18:33:32.153",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Sealos is a Cloud Operating System designed for managing cloud-native applications. In version 4.2.0 and prior, there is a permission flaw in the Sealos billing system, which allows users to control the recharge resource account `sealos[.] io/v1/Payment`, resulting in the ability to recharge any amount of 1 renminbi (RMB). The charging interface may expose resource information. The namespace of this custom resource would be user's control and may have permission to correct it. It is not clear whether a fix exists."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.1,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://github.com/labring/sealos/security/advisories/GHSA-vpxf-q44g-w34w",
"source": "security-advisories@github.com"
}
]
}

4
CVE-2023/CVE-2023-368xx/CVE-2023-36816.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36816", "id": "CVE-2023-36816",
"sourceIdentifier": "security-advisories@github.com", "sourceIdentifier": "security-advisories@github.com",
"published": "2023-07-03T17:15:09.463", "published": "2023-07-03T17:15:09.463",
"lastModified": "2023-07-03T17:15:09.463", "lastModified": "2023-07-03T18:33:32.153",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

59
CVE-2023/CVE-2023-368xx/CVE-2023-36817.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-36817",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-07-03T18:15:09.733",
"lastModified": "2023-07-03T18:33:32.153",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "`tktchurch/website` contains the codebase for The King's Temple Church website. In version 0.1.0, a Stripe API key was found in the public code repository of the church's project. This sensitive information was unintentionally committed and subsequently exposed in the codebase. If an unauthorized party gains access to this key, they could potentially carry out transactions on behalf of the organization, leading to financial losses. Additionally, they could access sensitive customer information, leading to privacy violations and potential legal implications. The affected component is the codebase of our project, specifically the file(s) where the Stripe API key is embedded. The key should have been stored securely, and not committed to the codebase. The maintainers plan to revoke the leaked Stripe API key immediately, generate a new one, and not commit the key to the codebase."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-200"
},
{
"lang": "en",
"value": "CWE-798"
}
]
}
],
"references": [
{
"url": "https://github.com/tktchurch/website/security/advisories/GHSA-x3m6-5hmf-5x3w",
"source": "security-advisories@github.com"
}
]
}

55
CVE-2023/CVE-2023-368xx/CVE-2023-36819.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-36819",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-07-03T19:15:09.183",
"lastModified": "2023-07-03T19:15:09.183",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Knowage is the professional open source suite for modern business analytics over traditional sources and big data systems. The endpoint `_/knowage/restful-services/dossier/importTemplateFile_` allows authenticated users to download template hosted on the server. However, starting in the 6.x.x branch and prior to version 8.1.8, the application does not sanitize the `_templateName_ `parameter allowing an attacker to use `*../*` in it, and escaping the directory the template are normally placed and download any file from the system. This vulnerability allows a low privileged attacker to exfiltrate sensitive configuration file. This issue has been patched in Knowage version 8.1.8."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"references": [
{
"url": "https://github.com/KnowageLabs/Knowage-Server/security/advisories/GHSA-jw99-hxxj-75g2",
"source": "security-advisories@github.com"
}
]
}

67
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update ### Last Repository Update
```plain ```plain
2023-07-03T18:00:30.019834+00:00 2023-07-03T20:00:28.709051+00:00
``` ```
### Most recent CVE Modification Timestamp synchronized with NVD ### Most recent CVE Modification Timestamp synchronized with NVD
```plain ```plain
2023-07-03T17:53:58.230000+00:00 2023-07-03T19:38:57.370000+00:00
``` ```
### Last Data Feed Release ### Last Data Feed Release
@ -29,48 +29,47 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs ### Total Number of included CVEs
```plain ```plain
219064 219067
``` ```
### CVEs added in the last Commit ### CVEs added in the last Commit
Recently added CVEs: `6` Recently added CVEs: `3`
* [CVE-2023-34450](CVE-2023/CVE-2023-344xx/CVE-2023-34450.json) (`2023-07-03T17:15:09.147`) * [CVE-2023-36815](CVE-2023/CVE-2023-368xx/CVE-2023-36815.json) (`2023-07-03T18:15:09.653`)
* [CVE-2023-34451](CVE-2023/CVE-2023-344xx/CVE-2023-34451.json) (`2023-07-03T17:15:09.240`) * [CVE-2023-36817](CVE-2023/CVE-2023-368xx/CVE-2023-36817.json) (`2023-07-03T18:15:09.733`)
* [CVE-2023-35935](CVE-2023/CVE-2023-359xx/CVE-2023-35935.json) (`2023-07-03T17:15:09.317`) * [CVE-2023-36819](CVE-2023/CVE-2023-368xx/CVE-2023-36819.json) (`2023-07-03T19:15:09.183`)
* [CVE-2023-36814](CVE-2023/CVE-2023-368xx/CVE-2023-36814.json) (`2023-07-03T17:15:09.393`)
* [CVE-2023-36816](CVE-2023/CVE-2023-368xx/CVE-2023-36816.json) (`2023-07-03T17:15:09.463`)
* [CVE-2023-3497](CVE-2023/CVE-2023-34xx/CVE-2023-3497.json) (`2023-07-03T17:15:09.540`)
### CVEs modified in the last Commit ### CVEs modified in the last Commit
Recently modified CVEs: `23` Recently modified CVEs: `59`
* [CVE-2015-20108](CVE-2015/CVE-2015-201xx/CVE-2015-20108.json) (`2023-07-03T16:15:09.237`) * [CVE-2023-34242](CVE-2023/CVE-2023-342xx/CVE-2023-34242.json) (`2023-07-03T19:12:59.533`)
* [CVE-2022-48502](CVE-2022/CVE-2022-485xx/CVE-2022-48502.json) (`2023-07-03T16:15:09.393`) * [CVE-2023-25515](CVE-2023/CVE-2023-255xx/CVE-2023-25515.json) (`2023-07-03T19:15:31.923`)
* [CVE-2023-1891](CVE-2023/CVE-2023-18xx/CVE-2023-1891.json) (`2023-07-03T16:06:07.267`) * [CVE-2023-23344](CVE-2023/CVE-2023-233xx/CVE-2023-23344.json) (`2023-07-03T19:16:21.420`)
* [CVE-2023-20883](CVE-2023/CVE-2023-208xx/CVE-2023-20883.json) (`2023-07-03T16:15:09.470`) * [CVE-2023-28016](CVE-2023/CVE-2023-280xx/CVE-2023-28016.json) (`2023-07-03T19:17:06.243`)
* [CVE-2023-2598](CVE-2023/CVE-2023-25xx/CVE-2023-2598.json) (`2023-07-03T16:15:09.547`) * [CVE-2023-36301](CVE-2023/CVE-2023-363xx/CVE-2023-36301.json) (`2023-07-03T19:18:49.437`)
* [CVE-2023-2650](CVE-2023/CVE-2023-26xx/CVE-2023-2650.json) (`2023-07-03T16:15:09.623`) * [CVE-2023-25307](CVE-2023/CVE-2023-253xx/CVE-2023-25307.json) (`2023-07-03T19:19:20.030`)
* [CVE-2023-2731](CVE-2023/CVE-2023-27xx/CVE-2023-2731.json) (`2023-07-03T16:15:09.727`) * [CVE-2023-29423](CVE-2023/CVE-2023-294xx/CVE-2023-29423.json) (`2023-07-03T19:19:39.733`)
* [CVE-2023-2828](CVE-2023/CVE-2023-28xx/CVE-2023-2828.json) (`2023-07-03T16:15:09.807`) * [CVE-2023-2533](CVE-2023/CVE-2023-25xx/CVE-2023-2533.json) (`2023-07-03T19:19:40.983`)
* [CVE-2023-2829](CVE-2023/CVE-2023-28xx/CVE-2023-2829.json) (`2023-07-03T16:15:09.897`) * [CVE-2023-29093](CVE-2023/CVE-2023-290xx/CVE-2023-29093.json) (`2023-07-03T19:19:55.117`)
* [CVE-2023-2911](CVE-2023/CVE-2023-29xx/CVE-2023-2911.json) (`2023-07-03T16:15:09.983`) * [CVE-2023-36675](CVE-2023/CVE-2023-366xx/CVE-2023-36675.json) (`2023-07-03T19:20:19.150`)
* [CVE-2023-2953](CVE-2023/CVE-2023-29xx/CVE-2023-2953.json) (`2023-07-03T16:15:10.070`) * [CVE-2023-36660](CVE-2023/CVE-2023-366xx/CVE-2023-36660.json) (`2023-07-03T19:20:47.360`)
* [CVE-2023-30774](CVE-2023/CVE-2023-307xx/CVE-2023-30774.json) (`2023-07-03T16:15:10.150`) * [CVE-2023-28485](CVE-2023/CVE-2023-284xx/CVE-2023-28485.json) (`2023-07-03T19:22:57.320`)
* [CVE-2023-30775](CVE-2023/CVE-2023-307xx/CVE-2023-30775.json) (`2023-07-03T16:15:10.230`) * [CVE-2023-3432](CVE-2023/CVE-2023-34xx/CVE-2023-3432.json) (`2023-07-03T19:24:13.527`)
* [CVE-2023-3111](CVE-2023/CVE-2023-31xx/CVE-2023-3111.json) (`2023-07-03T16:15:10.300`) * [CVE-2023-3431](CVE-2023/CVE-2023-34xx/CVE-2023-3431.json) (`2023-07-03T19:24:51.337`)
* [CVE-2023-3212](CVE-2023/CVE-2023-32xx/CVE-2023-3212.json) (`2023-07-03T16:16:09.447`) * [CVE-2023-2996](CVE-2023/CVE-2023-29xx/CVE-2023-2996.json) (`2023-07-03T19:26:05.237`)
* [CVE-2023-35759](CVE-2023/CVE-2023-357xx/CVE-2023-35759.json) (`2023-07-03T16:24:39.053`) * [CVE-2023-2877](CVE-2023/CVE-2023-28xx/CVE-2023-2877.json) (`2023-07-03T19:26:43.103`)
* [CVE-2023-1166](CVE-2023/CVE-2023-11xx/CVE-2023-1166.json) (`2023-07-03T16:32:54.863`) * [CVE-2023-2842](CVE-2023/CVE-2023-28xx/CVE-2023-2842.json) (`2023-07-03T19:27:16.967`)
* [CVE-2023-3316](CVE-2023/CVE-2023-33xx/CVE-2023-3316.json) (`2023-07-03T16:43:32.603`) * [CVE-2023-25520](CVE-2023/CVE-2023-255xx/CVE-2023-25520.json) (`2023-07-03T19:27:23.943`)
* [CVE-2023-0873](CVE-2023/CVE-2023-08xx/CVE-2023-0873.json) (`2023-07-03T16:48:44.673`) * [CVE-2023-2795](CVE-2023/CVE-2023-27xx/CVE-2023-2795.json) (`2023-07-03T19:28:20.887`)
* [CVE-2023-22359](CVE-2023/CVE-2023-223xx/CVE-2023-22359.json) (`2023-07-03T16:53:40.840`) * [CVE-2023-34839](CVE-2023/CVE-2023-348xx/CVE-2023-34839.json) (`2023-07-03T19:29:43.347`)
* [CVE-2023-33243](CVE-2023/CVE-2023-332xx/CVE-2023-33243.json) (`2023-07-03T17:30:11.167`) * [CVE-2023-34838](CVE-2023/CVE-2023-348xx/CVE-2023-34838.json) (`2023-07-03T19:30:00.057`)
* [CVE-2023-32752](CVE-2023/CVE-2023-327xx/CVE-2023-32752.json) (`2023-07-03T17:37:32.993`) * [CVE-2023-34837](CVE-2023/CVE-2023-348xx/CVE-2023-34837.json) (`2023-07-03T19:30:12.097`)
* [CVE-2023-32339](CVE-2023/CVE-2023-323xx/CVE-2023-32339.json) (`2023-07-03T17:53:58.230`) * [CVE-2023-34836](CVE-2023/CVE-2023-348xx/CVE-2023-34836.json) (`2023-07-03T19:30:27.440`)
* [CVE-2023-34835](CVE-2023/CVE-2023-348xx/CVE-2023-34835.json) (`2023-07-03T19:30:38.090`)
* [CVE-2023-35171](CVE-2023/CVE-2023-351xx/CVE-2023-35171.json) (`2023-07-03T19:38:57.370`)
## Download and Usage ## Download and Usage