admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-08 19:47:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-07-26T20:00:28.200853+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-07-26 20:00:31 +00:00
parent c765879e7a
commit 543830d2be
44 changed files with 727 additions and 182 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
CVE-2022/CVE-2022-260xx/CVE-2022-26026.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-26026", "id": "CVE-2022-26026",
"sourceIdentifier": "talos-cna@cisco.com", "sourceIdentifier": "talos-cna@cisco.com",
"published": "2022-05-25T21:15:07.943", "published": "2022-05-25T21:15:07.943",
"lastModified": "2022-06-07T15:01:07.627", "lastModified": "2023-07-26T18:15:10.123",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -35,15 +35,13 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 3.6 "impactScore": 3.6
} },
],
"cvssMetricV30": [
{ {
"source": "talos-cna@cisco.com", "source": "talos-cna@cisco.com",
"type": "Secondary", "type": "Secondary",
"cvssData": { "cvssData": {
"version": "3.0", "version": "3.1",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK", "attackVector": "NETWORK",
"attackComplexity": "LOW", "attackComplexity": "LOW",
"privilegesRequired": "NONE", "privilegesRequired": "NONE",
@ -87,7 +85,7 @@
}, },
"weaknesses": [ "weaknesses": [
{ {
"source": "nvd@nist.gov", "source": "talos-cna@cisco.com",
"type": "Primary", "type": "Primary",
"description": [ "description": [
{ {
@ -97,7 +95,7 @@
] ]
}, },
{ {
"source": "talos-cna@cisco.com", "source": "nvd@nist.gov",
"type": "Secondary", "type": "Secondary",
"description": [ "description": [
{ {

16
CVE-2022/CVE-2022-260xx/CVE-2022-26043.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-26043", "id": "CVE-2022-26043",
"sourceIdentifier": "talos-cna@cisco.com", "sourceIdentifier": "talos-cna@cisco.com",
"published": "2022-05-25T21:15:07.997", "published": "2022-05-25T21:15:07.997",
"lastModified": "2022-06-07T15:00:27.347", "lastModified": "2023-07-26T18:15:10.243",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -35,15 +35,13 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 3.6 "impactScore": 3.6
} },
],
"cvssMetricV30": [
{ {
"source": "talos-cna@cisco.com", "source": "talos-cna@cisco.com",
"type": "Secondary", "type": "Secondary",
"cvssData": { "cvssData": {
"version": "3.0", "version": "3.1",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK", "attackVector": "NETWORK",
"attackComplexity": "LOW", "attackComplexity": "LOW",
"privilegesRequired": "NONE", "privilegesRequired": "NONE",
@ -87,7 +85,7 @@
}, },
"weaknesses": [ "weaknesses": [
{ {
"source": "nvd@nist.gov", "source": "talos-cna@cisco.com",
"type": "Primary", "type": "Primary",
"description": [ "description": [
{ {
@ -97,7 +95,7 @@
] ]
}, },
{ {
"source": "talos-cna@cisco.com", "source": "nvd@nist.gov",
"type": "Secondary", "type": "Secondary",
"description": [ "description": [
{ {

16
CVE-2022/CVE-2022-260xx/CVE-2022-26067.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-26067", "id": "CVE-2022-26067",
"sourceIdentifier": "talos-cna@cisco.com", "sourceIdentifier": "talos-cna@cisco.com",
"published": "2022-05-25T21:15:08.047", "published": "2022-05-25T21:15:08.047",
"lastModified": "2022-06-07T15:14:11.157", "lastModified": "2023-07-26T18:15:10.350",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -35,15 +35,13 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 3.6 "impactScore": 3.6
} },
],
"cvssMetricV30": [
{ {
"source": "talos-cna@cisco.com", "source": "talos-cna@cisco.com",
"type": "Secondary", "type": "Secondary",
"cvssData": { "cvssData": {
"version": "3.0", "version": "3.1",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK", "attackVector": "NETWORK",
"attackComplexity": "LOW", "attackComplexity": "LOW",
"privilegesRequired": "HIGH", "privilegesRequired": "HIGH",
@ -87,7 +85,7 @@
}, },
"weaknesses": [ "weaknesses": [
{ {
"source": "nvd@nist.gov", "source": "talos-cna@cisco.com",
"type": "Primary", "type": "Primary",
"description": [ "description": [
{ {
@ -97,7 +95,7 @@
] ]
}, },
{ {
"source": "talos-cna@cisco.com", "source": "nvd@nist.gov",
"type": "Secondary", "type": "Secondary",
"description": [ "description": [
{ {

16
CVE-2022/CVE-2022-260xx/CVE-2022-26077.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-26077", "id": "CVE-2022-26077",
"sourceIdentifier": "talos-cna@cisco.com", "sourceIdentifier": "talos-cna@cisco.com",
"published": "2022-05-25T21:15:08.097", "published": "2022-05-25T21:15:08.097",
"lastModified": "2022-06-07T15:14:31.883", "lastModified": "2023-07-26T18:15:10.450",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -35,15 +35,13 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 3.6 "impactScore": 3.6
} },
],
"cvssMetricV30": [
{ {
"source": "talos-cna@cisco.com", "source": "talos-cna@cisco.com",
"type": "Secondary", "type": "Secondary",
"cvssData": { "cvssData": {
"version": "3.0", "version": "3.1",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK", "attackVector": "NETWORK",
"attackComplexity": "LOW", "attackComplexity": "LOW",
"privilegesRequired": "NONE", "privilegesRequired": "NONE",
@ -87,7 +85,7 @@
}, },
"weaknesses": [ "weaknesses": [
{ {
"source": "nvd@nist.gov", "source": "talos-cna@cisco.com",
"type": "Primary", "type": "Primary",
"description": [ "description": [
{ {
@ -97,7 +95,7 @@
] ]
}, },
{ {
"source": "talos-cna@cisco.com", "source": "nvd@nist.gov",
"type": "Secondary", "type": "Secondary",
"description": [ "description": [
{ {

16
CVE-2022/CVE-2022-260xx/CVE-2022-26082.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-26082", "id": "CVE-2022-26082",
"sourceIdentifier": "talos-cna@cisco.com", "sourceIdentifier": "talos-cna@cisco.com",
"published": "2022-05-25T21:15:08.147", "published": "2022-05-25T21:15:08.147",
"lastModified": "2022-06-03T12:17:55.380", "lastModified": "2023-07-26T18:15:10.557",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -35,15 +35,13 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 5.9 "impactScore": 5.9
} },
],
"cvssMetricV30": [
{ {
"source": "talos-cna@cisco.com", "source": "talos-cna@cisco.com",
"type": "Secondary", "type": "Secondary",
"cvssData": { "cvssData": {
"version": "3.0", "version": "3.1",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK", "attackVector": "NETWORK",
"attackComplexity": "LOW", "attackComplexity": "LOW",
"privilegesRequired": "HIGH", "privilegesRequired": "HIGH",
@ -87,7 +85,7 @@
}, },
"weaknesses": [ "weaknesses": [
{ {
"source": "nvd@nist.gov", "source": "talos-cna@cisco.com",
"type": "Primary", "type": "Primary",
"description": [ "description": [
{ {
@ -97,7 +95,7 @@
] ]
}, },
{ {
"source": "talos-cna@cisco.com", "source": "nvd@nist.gov",
"type": "Secondary", "type": "Secondary",
"description": [ "description": [
{ {

16
CVE-2022/CVE-2022-263xx/CVE-2022-26303.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-26303", "id": "CVE-2022-26303",
"sourceIdentifier": "talos-cna@cisco.com", "sourceIdentifier": "talos-cna@cisco.com",
"published": "2022-05-25T21:15:08.197", "published": "2022-05-25T21:15:08.197",
"lastModified": "2022-06-03T12:02:52.810", "lastModified": "2023-07-26T18:15:10.663",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -35,15 +35,13 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 3.6 "impactScore": 3.6
} },
],
"cvssMetricV30": [
{ {
"source": "talos-cna@cisco.com", "source": "talos-cna@cisco.com",
"type": "Secondary", "type": "Secondary",
"cvssData": { "cvssData": {
"version": "3.0", "version": "3.1",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK", "attackVector": "NETWORK",
"attackComplexity": "LOW", "attackComplexity": "LOW",
"privilegesRequired": "NONE", "privilegesRequired": "NONE",
@ -87,7 +85,7 @@
}, },
"weaknesses": [ "weaknesses": [
{ {
"source": "nvd@nist.gov", "source": "talos-cna@cisco.com",
"type": "Primary", "type": "Primary",
"description": [ "description": [
{ {
@ -97,7 +95,7 @@
] ]
}, },
{ {
"source": "talos-cna@cisco.com", "source": "nvd@nist.gov",
"type": "Secondary", "type": "Secondary",
"description": [ "description": [
{ {

16
CVE-2022/CVE-2022-268xx/CVE-2022-26833.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-26833", "id": "CVE-2022-26833",
"sourceIdentifier": "talos-cna@cisco.com", "sourceIdentifier": "talos-cna@cisco.com",
"published": "2022-05-25T21:15:08.250", "published": "2022-05-25T21:15:08.250",
"lastModified": "2022-06-03T03:27:43.147", "lastModified": "2023-07-26T18:15:10.767",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -35,15 +35,13 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 5.9 "impactScore": 5.9
} },
],
"cvssMetricV30": [
{ {
"source": "talos-cna@cisco.com", "source": "talos-cna@cisco.com",
"type": "Secondary", "type": "Secondary",
"cvssData": { "cvssData": {
"version": "3.0", "version": "3.1",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H",
"attackVector": "NETWORK", "attackVector": "NETWORK",
"attackComplexity": "LOW", "attackComplexity": "LOW",
"privilegesRequired": "NONE", "privilegesRequired": "NONE",
@ -87,7 +85,7 @@
}, },
"weaknesses": [ "weaknesses": [
{ {
"source": "nvd@nist.gov", "source": "talos-cna@cisco.com",
"type": "Primary", "type": "Primary",
"description": [ "description": [
{ {
@ -97,7 +95,7 @@
] ]
}, },
{ {
"source": "talos-cna@cisco.com", "source": "nvd@nist.gov",
"type": "Secondary", "type": "Secondary",
"description": [ "description": [
{ {

16
CVE-2022/CVE-2022-271xx/CVE-2022-27169.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-27169", "id": "CVE-2022-27169",
"sourceIdentifier": "talos-cna@cisco.com", "sourceIdentifier": "talos-cna@cisco.com",
"published": "2022-05-25T21:15:08.300", "published": "2022-05-25T21:15:08.300",
"lastModified": "2022-06-03T03:22:39.307", "lastModified": "2023-07-26T18:15:10.873",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -35,15 +35,13 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 3.6 "impactScore": 3.6
} },
],
"cvssMetricV30": [
{ {
"source": "talos-cna@cisco.com", "source": "talos-cna@cisco.com",
"type": "Secondary", "type": "Secondary",
"cvssData": { "cvssData": {
"version": "3.0", "version": "3.1",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK", "attackVector": "NETWORK",
"attackComplexity": "LOW", "attackComplexity": "LOW",
"privilegesRequired": "NONE", "privilegesRequired": "NONE",
@ -87,7 +85,7 @@
}, },
"weaknesses": [ "weaknesses": [
{ {
"source": "nvd@nist.gov", "source": "talos-cna@cisco.com",
"type": "Primary", "type": "Primary",
"description": [ "description": [
{ {
@ -97,7 +95,7 @@
] ]
}, },
{ {
"source": "talos-cna@cisco.com", "source": "nvd@nist.gov",
"type": "Secondary", "type": "Secondary",
"description": [ "description": [
{ {

4
CVE-2022/CVE-2022-437xx/CVE-2022-43710.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-43710", "id": "CVE-2022-43710",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-07-26T14:15:09.767", "published": "2023-07-26T14:15:09.767",
"lastModified": "2023-07-26T14:15:09.767", "lastModified": "2023-07-26T19:28:30.213",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

4
CVE-2022/CVE-2022-437xx/CVE-2022-43711.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-43711", "id": "CVE-2022-43711",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-07-26T14:15:09.823", "published": "2023-07-26T14:15:09.823",
"lastModified": "2023-07-26T14:15:09.823", "lastModified": "2023-07-26T19:28:30.213",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

4
CVE-2022/CVE-2022-437xx/CVE-2022-43712.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-43712", "id": "CVE-2022-43712",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-07-26T14:15:09.880", "published": "2023-07-26T14:15:09.880",
"lastModified": "2023-07-26T14:15:09.880", "lastModified": "2023-07-26T19:28:30.213",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

4
CVE-2022/CVE-2022-437xx/CVE-2022-43713.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-43713", "id": "CVE-2022-43713",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-07-26T14:15:09.930", "published": "2023-07-26T14:15:09.930",
"lastModified": "2023-07-26T14:15:09.930", "lastModified": "2023-07-26T19:28:30.213",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

79
CVE-2023/CVE-2023-18xx/CVE-2023-1893.json
View File

@ -2,18 +2,41 @@
"id": "CVE-2023-1893", "id": "CVE-2023-1893",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-07-17T14:15:09.617", "published": "2023-07-17T14:15:09.617",
"lastModified": "2023-07-25T17:15:10.827", "lastModified": "2023-07-26T19:24:48.870",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "The Login Configurator WordPress plugin through 2.1 does not properly escape a URL parameter before outputting it to the page, leading to a reflected cross-site scripting vulnerability targeting site administrators." "value": "The Login Configurator WordPress plugin through 2.1 does not properly escape a URL parameter before outputting it to the page, leading to a reflected cross-site scripting vulnerability targeting site administrators."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [ "weaknesses": [
{ {
"source": "contact@wpscan.com", "source": "nvd@nist.gov",
"type": "Primary", "type": "Primary",
"description": [ "description": [
{ {
@ -21,16 +44,52 @@
"value": "CWE-79" "value": "CWE-79"
} }
] ]
},
{
"source": "contact@wpscan.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
} }
], ],
"references": [ "configurations": [
{ {
"url": "http://packetstormsecurity.com/files/173723/WordPress-Login-Configurator-2.1-Cross-Site-Scripting.html", "nodes": [
"source": "contact@wpscan.com"
},
{ {
"url": "https://wpscan.com/vulnerability/dbe6cf09-971f-42e9-b744-9339454168c7", "operator": "OR",
"source": "contact@wpscan.com" "negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:login_configurator_project:login_configurator:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.1",
"matchCriteriaId": "4D1F3C1F-E34A-467B-8939-DBB7C01CC574"
}
]
}
]
}
],
"references": [
{
"url": "http://packetstormsecurity.com/files/173723/WordPress-Login-Configurator-2.1-Cross-Site-Scripting.html",
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://wpscan.com/vulnerability/dbe6cf09-971f-42e9-b744-9339454168c7",
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

6
CVE-2023/CVE-2023-205xx/CVE-2023-20593.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-20593", "id": "CVE-2023-20593",
"sourceIdentifier": "psirt@amd.com", "sourceIdentifier": "psirt@amd.com",
"published": "2023-07-24T20:15:10.237", "published": "2023-07-24T20:15:10.237",
"lastModified": "2023-07-26T15:15:10.097", "lastModified": "2023-07-26T19:15:09.687",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
@ -60,6 +60,10 @@
"url": "http://www.openwall.com/lists/oss-security/2023/07/26/1", "url": "http://www.openwall.com/lists/oss-security/2023/07/26/1",
"source": "psirt@amd.com" "source": "psirt@amd.com"
}, },
{
"url": "http://xenbits.xen.org/xsa/advisory-433.html",
"source": "psirt@amd.com"
},
{ {
"url": "https://cmpxchg8b.com/zenbleed.html", "url": "https://cmpxchg8b.com/zenbleed.html",
"source": "psirt@amd.com" "source": "psirt@amd.com"

56
CVE-2023/CVE-2023-21xx/CVE-2023-2143.json
View File

@ -2,15 +2,38 @@
"id": "CVE-2023-2143", "id": "CVE-2023-2143",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-07-17T14:15:09.787", "published": "2023-07-17T14:15:09.787",
"lastModified": "2023-07-17T14:22:59.283", "lastModified": "2023-07-26T19:23:23.973",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "The Enable SVG, WebP & ICO Upload WordPress plugin through 1.0.3 does not sanitize SVG file contents, leading to a Cross-Site Scripting vulnerability." "value": "The Enable SVG, WebP & ICO Upload WordPress plugin through 1.0.3 does not sanitize SVG file contents, leading to a Cross-Site Scripting vulnerability."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [ "weaknesses": [
{ {
"source": "contact@wpscan.com", "source": "contact@wpscan.com",
@ -23,10 +46,31 @@
] ]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://wpscan.com/vulnerability/91898762-aa7d-4fbc-a016-3de48901e5de", "nodes": [
"source": "contact@wpscan.com" {
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ideastocode:enable_svg\\,_webp_\\&_ico_upload:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.0.3",
"matchCriteriaId": "DBC62C2D-1BF2-436E-B3C9-F24A6F38623B"
}
]
}
]
}
],
"references": [
{
"url": "https://wpscan.com/vulnerability/91898762-aa7d-4fbc-a016-3de48901e5de",
"source": "contact@wpscan.com",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

4
CVE-2023/CVE-2023-238xx/CVE-2023-23842.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-23842", "id": "CVE-2023-23842",
"sourceIdentifier": "psirt@solarwinds.com", "sourceIdentifier": "psirt@solarwinds.com",
"published": "2023-07-26T15:15:10.167", "published": "2023-07-26T15:15:10.167",
"lastModified": "2023-07-26T15:15:10.167", "lastModified": "2023-07-26T19:28:23.967",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

4
CVE-2023/CVE-2023-238xx/CVE-2023-23843.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-23843", "id": "CVE-2023-23843",
"sourceIdentifier": "psirt@solarwinds.com", "sourceIdentifier": "psirt@solarwinds.com",
"published": "2023-07-26T14:15:10.070", "published": "2023-07-26T14:15:10.070",
"lastModified": "2023-07-26T14:15:10.070", "lastModified": "2023-07-26T19:28:30.213",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

4
CVE-2023/CVE-2023-238xx/CVE-2023-23844.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-23844", "id": "CVE-2023-23844",
"sourceIdentifier": "psirt@solarwinds.com", "sourceIdentifier": "psirt@solarwinds.com",
"published": "2023-07-26T14:15:10.150", "published": "2023-07-26T14:15:10.150",
"lastModified": "2023-07-26T14:15:10.150", "lastModified": "2023-07-26T19:28:23.967",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

57
CVE-2023/CVE-2023-23xx/CVE-2023-2329.json
View File

@ -2,15 +2,38 @@
"id": "CVE-2023-2329", "id": "CVE-2023-2329",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-07-17T14:15:09.847", "published": "2023-07-17T14:15:09.847",
"lastModified": "2023-07-17T14:22:59.283", "lastModified": "2023-07-26T19:22:20.497",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "The WooCommerce Google Sheet Connector WordPress plugin through 1.3.4 does not have CSRF check when updating its Access Code, which could allow attackers to make logged in admin change the access code to an arbitrary one via a CSRF attack" "value": "The WooCommerce Google Sheet Connector WordPress plugin through 1.3.4 does not have CSRF check when updating its Access Code, which could allow attackers to make logged in admin change the access code to an arbitrary one via a CSRF attack"
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [ "weaknesses": [
{ {
"source": "contact@wpscan.com", "source": "contact@wpscan.com",
@ -23,10 +46,32 @@
] ]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://wpscan.com/vulnerability/6e58f099-e8d6-49e4-9f02-d6a556c5b1d2", "nodes": [
"source": "contact@wpscan.com" {
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gsheetconnector:woocommerce_google_sheet_connector:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.3.4",
"matchCriteriaId": "AB20ACD2-0FC6-47FF-A25E-5E93E063D69C"
}
]
}
]
}
],
"references": [
{
"url": "https://wpscan.com/vulnerability/6e58f099-e8d6-49e4-9f02-d6a556c5b1d2",
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

57
CVE-2023/CVE-2023-23xx/CVE-2023-2330.json
View File

@ -2,15 +2,38 @@
"id": "CVE-2023-2330", "id": "CVE-2023-2330",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-07-17T14:15:09.910", "published": "2023-07-17T14:15:09.910",
"lastModified": "2023-07-17T14:22:52.003", "lastModified": "2023-07-26T19:22:00.453",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "The Caldera Forms Google Sheets Connector WordPress plugin through 1.2 does not have CSRF check when updating its Access Code, which could allow attackers to make logged in admin change the access code to an arbitrary one via a CSRF attack" "value": "The Caldera Forms Google Sheets Connector WordPress plugin through 1.2 does not have CSRF check when updating its Access Code, which could allow attackers to make logged in admin change the access code to an arbitrary one via a CSRF attack"
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [ "weaknesses": [
{ {
"source": "contact@wpscan.com", "source": "contact@wpscan.com",
@ -23,10 +46,32 @@
] ]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://wpscan.com/vulnerability/fa8ccdd0-7b23-4b12-9aa9-4b29d47256b8", "nodes": [
"source": "contact@wpscan.com" {
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gsheetconnector:caldera_forms_google_sheets_connector:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.2",
"matchCriteriaId": "35576842-045C-4A4C-A876-DEC733839489"
}
]
}
]
}
],
"references": [
{
"url": "https://wpscan.com/vulnerability/fa8ccdd0-7b23-4b12-9aa9-4b29d47256b8",
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

67
CVE-2023/CVE-2023-25xx/CVE-2023-2579.json
View File

@ -2,15 +2,38 @@
"id": "CVE-2023-2579", "id": "CVE-2023-2579",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-07-17T14:15:09.970", "published": "2023-07-17T14:15:09.970",
"lastModified": "2023-07-17T14:22:52.003", "lastModified": "2023-07-26T19:27:16.713",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "The InventoryPress WordPress plugin through 1.7 does not sanitise and escape some of its settings, which could allow users with the role of author and above to perform Stored Cross-Site Scripting attacks." "value": "The InventoryPress WordPress plugin through 1.7 does not sanitise and escape some of its settings, which could allow users with the role of author and above to perform Stored Cross-Site Scripting attacks."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [ "weaknesses": [
{ {
"source": "contact@wpscan.com", "source": "contact@wpscan.com",
@ -23,14 +46,40 @@
] ]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://github.com/daniloalbuqrque/poc-cve-xss-inventory-press-plugin", "nodes": [
"source": "contact@wpscan.com"
},
{ {
"url": "https://wpscan.com/vulnerability/3cfcb8cc-9c4f-409c-934f-9f3f043de6fe", "operator": "OR",
"source": "contact@wpscan.com" "negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:inventorypress_project:inventorypress:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.7",
"matchCriteriaId": "DF1163A9-BBCF-4AB3-9994-922F80FC779A"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/daniloalbuqrque/poc-cve-xss-inventory-press-plugin",
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://wpscan.com/vulnerability/3cfcb8cc-9c4f-409c-934f-9f3f043de6fe",
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

4
CVE-2023/CVE-2023-268xx/CVE-2023-26859.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-26859", "id": "CVE-2023-26859",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-07-26T14:15:10.230", "published": "2023-07-26T14:15:10.230",
"lastModified": "2023-07-26T14:15:10.230", "lastModified": "2023-07-26T19:28:23.967",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

4
CVE-2023/CVE-2023-269xx/CVE-2023-26911.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-26911", "id": "CVE-2023-26911",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-07-26T14:15:10.283", "published": "2023-07-26T14:15:10.283",
"lastModified": "2023-07-26T14:15:10.283", "lastModified": "2023-07-26T19:28:23.967",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

69
CVE-2023/CVE-2023-26xx/CVE-2023-2636.json
View File

@ -2,18 +2,41 @@
"id": "CVE-2023-2636", "id": "CVE-2023-2636",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-07-17T14:15:10.030", "published": "2023-07-17T14:15:10.030",
"lastModified": "2023-07-17T14:22:52.003", "lastModified": "2023-07-26T19:27:56.537",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "The AN_GradeBook WordPress plugin through 5.0.1 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as subscriber" "value": "The AN_GradeBook WordPress plugin through 5.0.1 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as subscriber"
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [ "weaknesses": [
{ {
"source": "contact@wpscan.com", "source": "nvd@nist.gov",
"type": "Primary", "type": "Primary",
"description": [ "description": [
{ {
@ -21,12 +44,44 @@
"value": "CWE-89" "value": "CWE-89"
} }
] ]
},
{
"source": "contact@wpscan.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://wpscan.com/vulnerability/6a3bfd88-1251-4d40-b26f-62950a3ce0b5", "nodes": [
"source": "contact@wpscan.com" {
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:an_gradebook_project:an_gradebook:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "5.0.1",
"matchCriteriaId": "0ABB1A7A-1106-41ED-A317-A97260C2ED08"
}
]
}
]
}
],
"references": [
{
"url": "https://wpscan.com/vulnerability/6a3bfd88-1251-4d40-b26f-62950a3ce0b5",
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

57
CVE-2023/CVE-2023-27xx/CVE-2023-2701.json
View File

@ -2,15 +2,38 @@
"id": "CVE-2023-2701", "id": "CVE-2023-2701",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-07-17T14:15:10.097", "published": "2023-07-17T14:15:10.097",
"lastModified": "2023-07-17T14:22:52.003", "lastModified": "2023-07-26T19:29:30.563",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "The Gravity Forms WordPress plugin before 2.7.5 does not escape generated URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting which could be used against high-privileged users such as admin." "value": "The Gravity Forms WordPress plugin before 2.7.5 does not escape generated URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting which could be used against high-privileged users such as admin."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [ "weaknesses": [
{ {
"source": "contact@wpscan.com", "source": "contact@wpscan.com",
@ -23,10 +46,32 @@
] ]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://wpscan.com/vulnerability/298fbe34-62c2-4e56-9bdb-90da570c5bbe", "nodes": [
"source": "contact@wpscan.com" {
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mediaburst:gravity_forms:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.7.5",
"matchCriteriaId": "D763A6B4-68D4-4F13-81F4-54856E5EA387"
}
]
}
]
}
],
"references": [
{
"url": "https://wpscan.com/vulnerability/298fbe34-62c2-4e56-9bdb-90da570c5bbe",
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

4
CVE-2023/CVE-2023-305xx/CVE-2023-30577.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30577", "id": "CVE-2023-30577",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-07-26T17:15:10.227", "published": "2023-07-26T17:15:10.227",
"lastModified": "2023-07-26T17:15:10.227", "lastModified": "2023-07-26T19:28:23.967",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

43
CVE-2023/CVE-2023-309xx/CVE-2023-30949.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-30949",
"sourceIdentifier": "cve-coordination@palantir.com",
"published": "2023-07-26T18:15:11.007",
"lastModified": "2023-07-26T19:28:23.967",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A missing origin validation in Slate sandbox could be exploited by a malicious user to modify the page's content, which could lead to phishing attacks."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve-coordination@palantir.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://palantir.safebase.us/?tcuUid=bbc1772c-e10a-45cc-b89f-48cc1a8b2cfc",
"source": "cve-coordination@palantir.com"
}
]
}

59
CVE-2023/CVE-2023-32xx/CVE-2023-3242.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-3242",
"sourceIdentifier": "cybersecurity@ch.abb.com",
"published": "2023-07-26T18:15:11.147",
"lastModified": "2023-07-26T19:28:23.967",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Allocation of Resources Without Limits or Throttling, Improper Initialization vulnerability in B&R Industrial Automation B&R Automation Runtime allows Flooding, Leveraging Race Conditions.This issue affects B&R Automation Runtime: <G4.93.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cybersecurity@ch.abb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0
}
]
},
"weaknesses": [
{
"source": "cybersecurity@ch.abb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-665"
},
{
"lang": "en",
"value": "CWE-770"
}
]
}
],
"references": [
{
"url": "https://www.br-automation.com/downloads_br_productcatalogue/assets/1689787619746-en-original-1.0.pdf",
"source": "cybersecurity@ch.abb.com"
}
]
}

4
CVE-2023/CVE-2023-332xx/CVE-2023-33224.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-33224", "id": "CVE-2023-33224",
"sourceIdentifier": "psirt@solarwinds.com", "sourceIdentifier": "psirt@solarwinds.com",
"published": "2023-07-26T14:15:10.340", "published": "2023-07-26T14:15:10.340",
"lastModified": "2023-07-26T14:15:10.340", "lastModified": "2023-07-26T19:28:23.967",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

4
CVE-2023/CVE-2023-332xx/CVE-2023-33225.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-33225", "id": "CVE-2023-33225",
"sourceIdentifier": "psirt@solarwinds.com", "sourceIdentifier": "psirt@solarwinds.com",
"published": "2023-07-26T14:15:10.417", "published": "2023-07-26T14:15:10.417",
"lastModified": "2023-07-26T14:15:10.417", "lastModified": "2023-07-26T19:28:23.967",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

4
CVE-2023/CVE-2023-332xx/CVE-2023-33229.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-33229", "id": "CVE-2023-33229",
"sourceIdentifier": "psirt@solarwinds.com", "sourceIdentifier": "psirt@solarwinds.com",
"published": "2023-07-26T15:15:10.257", "published": "2023-07-26T15:15:10.257",
"lastModified": "2023-07-26T15:15:10.257", "lastModified": "2023-07-26T19:28:23.967",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

4
CVE-2023/CVE-2023-333xx/CVE-2023-33308.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-33308", "id": "CVE-2023-33308",
"sourceIdentifier": "psirt@fortinet.com", "sourceIdentifier": "psirt@fortinet.com",
"published": "2023-07-26T15:15:10.347", "published": "2023-07-26T15:15:10.347",
"lastModified": "2023-07-26T15:15:10.347", "lastModified": "2023-07-26T19:28:23.967",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

55
CVE-2023/CVE-2023-34xx/CVE-2023-3414.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-3414",
"sourceIdentifier": "psirt@servicenow.com",
"published": "2023-07-26T19:15:09.797",
"lastModified": "2023-07-26T19:28:23.967",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A cross-site request forgery vulnerability exists in versions of the Jenkins Plug-in for ServiceNow DevOps prior to 1.38.1 that, if exploited successfully, could cause the unwanted exposure of sensitive information.\u00a0To address this issue, apply the 1.38.1 version of the Jenkins plug-in for ServiceNow DevOps on your Jenkins server. No changes are required on your instances of the Now Platform. \n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@servicenow.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.6,
"impactScore": 4.0
}
]
},
"weaknesses": [
{
"source": "psirt@servicenow.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1434118",
"source": "psirt@servicenow.com"
}
]
}

55
CVE-2023/CVE-2023-34xx/CVE-2023-3442.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-3442",
"sourceIdentifier": "psirt@servicenow.com",
"published": "2023-07-26T19:15:09.873",
"lastModified": "2023-07-26T19:28:23.967",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A missing authorization vulnerability exists in versions of the Jenkins Plug-in for ServiceNow DevOps prior to 1.38.1 that, if exploited successfully, could cause the unwanted exposure of sensitive information.\u00a0To address this issue, apply the 1.38.1 version of the Jenkins plug-in for ServiceNow DevOps on your Jenkins server. No changes are required on your instances of the Now Platform. \n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@servicenow.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.1,
"impactScore": 4.0
}
]
},
"weaknesses": [
{
"source": "psirt@servicenow.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1434119",
"source": "psirt@servicenow.com"
}
]
}

4
CVE-2023/CVE-2023-36xx/CVE-2023-3622.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3622", "id": "CVE-2023-3622",
"sourceIdentifier": "psirt@solarwinds.com", "sourceIdentifier": "psirt@solarwinds.com",
"published": "2023-07-26T15:15:10.803", "published": "2023-07-26T15:15:10.803",
"lastModified": "2023-07-26T15:15:10.803", "lastModified": "2023-07-26T19:28:23.967",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

4
CVE-2023/CVE-2023-370xx/CVE-2023-37049.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-37049", "id": "CVE-2023-37049",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-07-26T13:15:10.173", "published": "2023-07-26T13:15:10.173",
"lastModified": "2023-07-26T13:15:10.173", "lastModified": "2023-07-26T19:28:30.213",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

4
CVE-2023/CVE-2023-391xx/CVE-2023-39151.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-39151", "id": "CVE-2023-39151",
"sourceIdentifier": "jenkinsci-cert@googlegroups.com", "sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"published": "2023-07-26T14:15:10.493", "published": "2023-07-26T14:15:10.493",
"lastModified": "2023-07-26T15:15:10.437", "lastModified": "2023-07-26T19:28:23.967",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

4
CVE-2023/CVE-2023-391xx/CVE-2023-39152.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-39152", "id": "CVE-2023-39152",
"sourceIdentifier": "jenkinsci-cert@googlegroups.com", "sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"published": "2023-07-26T14:15:10.550", "published": "2023-07-26T14:15:10.550",
"lastModified": "2023-07-26T15:15:10.507", "lastModified": "2023-07-26T19:28:23.967",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

4
CVE-2023/CVE-2023-391xx/CVE-2023-39153.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-39153", "id": "CVE-2023-39153",
"sourceIdentifier": "jenkinsci-cert@googlegroups.com", "sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"published": "2023-07-26T14:15:10.597", "published": "2023-07-26T14:15:10.597",
"lastModified": "2023-07-26T15:15:10.567", "lastModified": "2023-07-26T19:28:23.967",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

4
CVE-2023/CVE-2023-391xx/CVE-2023-39154.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-39154", "id": "CVE-2023-39154",
"sourceIdentifier": "jenkinsci-cert@googlegroups.com", "sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"published": "2023-07-26T14:15:10.647", "published": "2023-07-26T14:15:10.647",
"lastModified": "2023-07-26T15:15:10.623", "lastModified": "2023-07-26T19:28:23.967",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

4
CVE-2023/CVE-2023-391xx/CVE-2023-39155.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-39155", "id": "CVE-2023-39155",
"sourceIdentifier": "jenkinsci-cert@googlegroups.com", "sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"published": "2023-07-26T14:15:10.700", "published": "2023-07-26T14:15:10.700",
"lastModified": "2023-07-26T15:15:10.683", "lastModified": "2023-07-26T19:28:23.967",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

4
CVE-2023/CVE-2023-391xx/CVE-2023-39156.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-39156", "id": "CVE-2023-39156",
"sourceIdentifier": "jenkinsci-cert@googlegroups.com", "sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"published": "2023-07-26T14:15:10.750", "published": "2023-07-26T14:15:10.750",
"lastModified": "2023-07-26T15:15:10.743", "lastModified": "2023-07-26T19:28:23.967",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

4
CVE-2023/CVE-2023-392xx/CVE-2023-39261.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-39261", "id": "CVE-2023-39261",
"sourceIdentifier": "security@jetbrains.com", "sourceIdentifier": "security@jetbrains.com",
"published": "2023-07-26T13:15:10.233", "published": "2023-07-26T13:15:10.233",
"lastModified": "2023-07-26T13:15:10.233", "lastModified": "2023-07-26T19:28:30.213",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

65
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update ### Last Repository Update
```plain ```plain
2023-07-26T18:00:35.636136+00:00 2023-07-26T20:00:28.200853+00:00
``` ```
### Most recent CVE Modification Timestamp synchronized with NVD ### Most recent CVE Modification Timestamp synchronized with NVD
```plain ```plain
2023-07-26T17:37:56.217000+00:00 2023-07-26T19:29:30.563000+00:00
``` ```
### Last Data Feed Release ### Last Data Feed Release
@ -29,45 +29,48 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs ### Total Number of included CVEs
```plain ```plain
221075 221079
``` ```
### CVEs added in the last Commit ### CVEs added in the last Commit
Recently added CVEs: `1` Recently added CVEs: `4`
* [CVE-2023-30577](CVE-2023/CVE-2023-305xx/CVE-2023-30577.json) (`2023-07-26T17:15:10.227`) * [CVE-2023-30949](CVE-2023/CVE-2023-309xx/CVE-2023-30949.json) (`2023-07-26T18:15:11.007`)
* [CVE-2023-3242](CVE-2023/CVE-2023-32xx/CVE-2023-3242.json) (`2023-07-26T18:15:11.147`)
* [CVE-2023-3414](CVE-2023/CVE-2023-34xx/CVE-2023-3414.json) (`2023-07-26T19:15:09.797`)
* [CVE-2023-3442](CVE-2023/CVE-2023-34xx/CVE-2023-3442.json) (`2023-07-26T19:15:09.873`)
### CVEs modified in the last Commit ### CVEs modified in the last Commit
Recently modified CVEs: `25` Recently modified CVEs: `39`
* [CVE-2023-32657](CVE-2023/CVE-2023-326xx/CVE-2023-32657.json) (`2023-07-26T16:17:06.170`) * [CVE-2023-2329](CVE-2023/CVE-2023-23xx/CVE-2023-2329.json) (`2023-07-26T19:22:20.497`)
* [CVE-2023-34429](CVE-2023/CVE-2023-344xx/CVE-2023-34429.json) (`2023-07-26T16:17:36.467`) * [CVE-2023-2143](CVE-2023/CVE-2023-21xx/CVE-2023-2143.json) (`2023-07-26T19:23:23.973`)
* [CVE-2023-35134](CVE-2023/CVE-2023-351xx/CVE-2023-35134.json) (`2023-07-26T16:18:03.730`) * [CVE-2023-1893](CVE-2023/CVE-2023-18xx/CVE-2023-1893.json) (`2023-07-26T19:24:48.870`)
* [CVE-2023-37650](CVE-2023/CVE-2023-376xx/CVE-2023-37650.json) (`2023-07-26T16:18:15.067`) * [CVE-2023-2579](CVE-2023/CVE-2023-25xx/CVE-2023-2579.json) (`2023-07-26T19:27:16.713`)
* [CVE-2023-37649](CVE-2023/CVE-2023-376xx/CVE-2023-37649.json) (`2023-07-26T16:18:27.370`) * [CVE-2023-2636](CVE-2023/CVE-2023-26xx/CVE-2023-2636.json) (`2023-07-26T19:27:56.537`)
* [CVE-2023-37362](CVE-2023/CVE-2023-373xx/CVE-2023-37362.json) (`2023-07-26T16:18:40.663`) * [CVE-2023-23844](CVE-2023/CVE-2023-238xx/CVE-2023-23844.json) (`2023-07-26T19:28:23.967`)
* [CVE-2023-26563](CVE-2023/CVE-2023-265xx/CVE-2023-26563.json) (`2023-07-26T16:23:15.603`) * [CVE-2023-26859](CVE-2023/CVE-2023-268xx/CVE-2023-26859.json) (`2023-07-26T19:28:23.967`)
* [CVE-2023-3635](CVE-2023/CVE-2023-36xx/CVE-2023-3635.json) (`2023-07-26T16:24:46.917`) * [CVE-2023-26911](CVE-2023/CVE-2023-269xx/CVE-2023-26911.json) (`2023-07-26T19:28:23.967`)
* [CVE-2023-37946](CVE-2023/CVE-2023-379xx/CVE-2023-37946.json) (`2023-07-26T16:26:02.550`) * [CVE-2023-33224](CVE-2023/CVE-2023-332xx/CVE-2023-33224.json) (`2023-07-26T19:28:23.967`)
* [CVE-2023-36888](CVE-2023/CVE-2023-368xx/CVE-2023-36888.json) (`2023-07-26T16:53:23.367`) * [CVE-2023-33225](CVE-2023/CVE-2023-332xx/CVE-2023-33225.json) (`2023-07-26T19:28:23.967`)
* [CVE-2023-36887](CVE-2023/CVE-2023-368xx/CVE-2023-36887.json) (`2023-07-26T16:54:12.993`) * [CVE-2023-39151](CVE-2023/CVE-2023-391xx/CVE-2023-39151.json) (`2023-07-26T19:28:23.967`)
* [CVE-2023-36883](CVE-2023/CVE-2023-368xx/CVE-2023-36883.json) (`2023-07-26T16:54:25.230`) * [CVE-2023-39152](CVE-2023/CVE-2023-391xx/CVE-2023-39152.json) (`2023-07-26T19:28:23.967`)
* [CVE-2023-38252](CVE-2023/CVE-2023-382xx/CVE-2023-38252.json) (`2023-07-26T17:10:12.897`) * [CVE-2023-39153](CVE-2023/CVE-2023-391xx/CVE-2023-39153.json) (`2023-07-26T19:28:23.967`)
* [CVE-2023-38253](CVE-2023/CVE-2023-382xx/CVE-2023-38253.json) (`2023-07-26T17:14:50.187`) * [CVE-2023-39154](CVE-2023/CVE-2023-391xx/CVE-2023-39154.json) (`2023-07-26T19:28:23.967`)
* [CVE-2023-1380](CVE-2023/CVE-2023-13xx/CVE-2023-1380.json) (`2023-07-26T17:15:09.893`) * [CVE-2023-39155](CVE-2023/CVE-2023-391xx/CVE-2023-39155.json) (`2023-07-26T19:28:23.967`)
* [CVE-2023-20887](CVE-2023/CVE-2023-208xx/CVE-2023-20887.json) (`2023-07-26T17:15:10.050`) * [CVE-2023-39156](CVE-2023/CVE-2023-391xx/CVE-2023-39156.json) (`2023-07-26T19:28:23.967`)
* [CVE-2023-30456](CVE-2023/CVE-2023-304xx/CVE-2023-30456.json) (`2023-07-26T17:15:10.140`) * [CVE-2023-23842](CVE-2023/CVE-2023-238xx/CVE-2023-23842.json) (`2023-07-26T19:28:23.967`)
* [CVE-2023-31248](CVE-2023/CVE-2023-312xx/CVE-2023-31248.json) (`2023-07-26T17:15:10.327`) * [CVE-2023-33229](CVE-2023/CVE-2023-332xx/CVE-2023-33229.json) (`2023-07-26T19:28:23.967`)
* [CVE-2023-31436](CVE-2023/CVE-2023-314xx/CVE-2023-31436.json) (`2023-07-26T17:15:10.570`) * [CVE-2023-33308](CVE-2023/CVE-2023-333xx/CVE-2023-33308.json) (`2023-07-26T19:28:23.967`)
* [CVE-2023-35001](CVE-2023/CVE-2023-350xx/CVE-2023-35001.json) (`2023-07-26T17:15:10.780`) * [CVE-2023-3622](CVE-2023/CVE-2023-36xx/CVE-2023-3622.json) (`2023-07-26T19:28:23.967`)
* [CVE-2023-35116](CVE-2023/CVE-2023-351xx/CVE-2023-35116.json) (`2023-07-26T17:15:12.867`) * [CVE-2023-30577](CVE-2023/CVE-2023-305xx/CVE-2023-30577.json) (`2023-07-26T19:28:23.967`)
* [CVE-2023-37224](CVE-2023/CVE-2023-372xx/CVE-2023-37224.json) (`2023-07-26T17:19:57.800`) * [CVE-2023-37049](CVE-2023/CVE-2023-370xx/CVE-2023-37049.json) (`2023-07-26T19:28:30.213`)
* [CVE-2023-37223](CVE-2023/CVE-2023-372xx/CVE-2023-37223.json) (`2023-07-26T17:31:44.957`) * [CVE-2023-39261](CVE-2023/CVE-2023-392xx/CVE-2023-39261.json) (`2023-07-26T19:28:30.213`)
* [CVE-2023-2960](CVE-2023/CVE-2023-29xx/CVE-2023-2960.json) (`2023-07-26T17:32:26.167`) * [CVE-2023-23843](CVE-2023/CVE-2023-238xx/CVE-2023-23843.json) (`2023-07-26T19:28:30.213`)
* [CVE-2023-2963](CVE-2023/CVE-2023-29xx/CVE-2023-2963.json) (`2023-07-26T17:37:56.217`) * [CVE-2023-2701](CVE-2023/CVE-2023-27xx/CVE-2023-2701.json) (`2023-07-26T19:29:30.563`)
## Download and Usage ## Download and Usage