diff --git a/CVE-2021/CVE-2021-373xx/CVE-2021-37386.json b/CVE-2021/CVE-2021-373xx/CVE-2021-37386.json index b1f34471c64..5c2921099d9 100644 --- a/CVE-2021/CVE-2021-373xx/CVE-2021-37386.json +++ b/CVE-2021/CVE-2021-373xx/CVE-2021-37386.json @@ -2,27 +2,185 @@ "id": "CVE-2021-37386", "sourceIdentifier": "cve@mitre.org", "published": "2023-07-17T17:15:09.377", - "lastModified": "2023-07-20T20:15:10.027", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-26T21:36:32.693", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Furukawa 423-41W/AC before v1.1.4 and LD421-21W before v1.3.3 were discovered to contain an HTML injection vulnerability via the serial number update function." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.7, + "impactScore": 5.3 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:furukawa:423-41w\\/ac_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.2.0", + "matchCriteriaId": "D96F6757-53C3-4330-B099-6FAB60225E9E" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:furukawa:423-41w\\/ac:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DFB812F0-EED1-4EE4-A86B-6F60CC6C0DFE" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:furukawa:ld421-21w_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.5.0", + "matchCriteriaId": "F24790A4-9406-4622-A6B1-0871307728F6" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:furukawa:ld421-21w:-:*:*:*:*:*:*:*", + "matchCriteriaId": "4C3407C3-5035-47D2-927A-FDFB4785014B" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:furukawa:ld420-10r_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.4.0", + "matchCriteriaId": "9EC28BBB-AB0B-4A9D-8896-10A745C990FF" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:furukawa:ld420-10r:-:*:*:*:*:*:*:*", + "matchCriteriaId": "525A4855-AB6B-4AAD-BC61-A0D4A855D725" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:furukawa:ld421-21wv_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.5.0", + "matchCriteriaId": "21E2D847-766F-4537-9B92-CA76CFDE0871" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:furukawa:ld421-21wv:-:*:*:*:*:*:*:*", + "matchCriteriaId": "32F65580-097F-45D3-AB80-9D633095F711" + } + ] + } + ] + } + ], "references": [ { "url": "https://cwe.mitre.org/data/definitions/79.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Not Applicable" + ] }, { "url": "https://gist.githubusercontent.com/LuigiPolidorio/ec78daac7c3d97966f2e3703ca5d1685/raw/d64a487407d6f9685d3907206954a6c84c6fa621/reference.txt", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://owasp.org/www-project-web-security-testing-guide/latest/4-Web_Application_Security_Testing/11-Client-side_Testing/03-Testing_for_HTML_Injection", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Not Applicable" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-308xx/CVE-2022-30858.json b/CVE-2022/CVE-2022-308xx/CVE-2022-30858.json index 91dc40b13ab..f3c04447ae8 100644 --- a/CVE-2022/CVE-2022-308xx/CVE-2022-30858.json +++ b/CVE-2022/CVE-2022-308xx/CVE-2022-30858.json @@ -2,23 +2,84 @@ "id": "CVE-2022-30858", "sourceIdentifier": "cve@mitre.org", "published": "2023-07-17T19:15:09.137", - "lastModified": "2023-07-18T12:59:10.100", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-26T21:29:02.400", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An issue was discovered in ngiflib 0.4. There is SEGV in SDL_LoadAnimatedGif when use SDLaffgif. poc : ./SDLaffgif CA_file2_0" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-400" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ngiflib_project:ngiflib:0.4:*:*:*:*:*:*:*", + "matchCriteriaId": "EEFD7EDE-41CD-4646-BBC8-6500AFC1985E" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/Marsman1996/pocs/blob/master/ngiflib/CVE-2022-30858/README.md", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://github.com/miniupnp/ngiflib/issues/22", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-314xx/CVE-2022-31455.json b/CVE-2022/CVE-2022-314xx/CVE-2022-31455.json new file mode 100644 index 00000000000..7ae930d00d3 --- /dev/null +++ b/CVE-2022/CVE-2022-314xx/CVE-2022-31455.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2022-31455", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-07-26T21:15:09.813", + "lastModified": "2023-07-26T21:40:11.047", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "* A cross-site scripting (XSS) vulnerability in Truedesk v1.2.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into a user chat box." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://medium.com/@rohitgautam26/cve-2022-31455-bc929f477446", + "source": "cve@mitre.org" + }, + { + "url": "https://www.acunetix.com/vulnerabilities/web/cross-site-scripting/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-314xx/CVE-2022-31456.json b/CVE-2022/CVE-2022-314xx/CVE-2022-31456.json new file mode 100644 index 00000000000..13aabeb0220 --- /dev/null +++ b/CVE-2022/CVE-2022-314xx/CVE-2022-31456.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2022-31456", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-07-26T20:15:12.380", + "lastModified": "2023-07-26T21:40:11.047", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "A cross-site scripting (XSS) vulnerability in Truedesk v1.2.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the team name parameter." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://medium.com/@rohitgautam26/cve-2022-31456-c8bbefba6cc1", + "source": "cve@mitre.org" + }, + { + "url": "https://www.acunetix.com/vulnerabilities/web/cross-site-scripting/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-408xx/CVE-2022-40896.json b/CVE-2022/CVE-2022-408xx/CVE-2022-40896.json index 3cc58225408..a8d1c946ebe 100644 --- a/CVE-2022/CVE-2022-408xx/CVE-2022-40896.json +++ b/CVE-2022/CVE-2022-408xx/CVE-2022-40896.json @@ -2,27 +2,91 @@ "id": "CVE-2022-40896", "sourceIdentifier": "cve@mitre.org", "published": "2023-07-19T15:15:10.007", - "lastModified": "2023-07-19T16:55:08.940", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-26T21:04:56.613", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A ReDoS issue was discovered in pygments/lexers/smithy.py in pygments through 2.15.0 via SmithyLexer." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-434" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:pygments:pygments:*:*:*:*:*:*:*:*", + "versionEndIncluding": "2.15.0", + "matchCriteriaId": "378BBD2A-4BD6-47BF-B7C1-9CAB83F653BD" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/pygments/pygments/blob/master/pygments/lexers/smithy.py#L61", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://pypi.org/project/Pygments/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Product" + ] }, { "url": "https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages-part-2/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Patch", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-235xx/CVE-2023-23522.json b/CVE-2023/CVE-2023-235xx/CVE-2023-23522.json index da5f3adbe38..02a4d785471 100644 --- a/CVE-2023/CVE-2023-235xx/CVE-2023-23522.json +++ b/CVE-2023/CVE-2023-235xx/CVE-2023-23522.json @@ -2,12 +2,12 @@ "id": "CVE-2023-23522", "sourceIdentifier": "product-security@apple.com", "published": "2023-02-27T20:15:14.580", - "lastModified": "2023-03-08T16:34:15.443", - "vulnStatus": "Analyzed", + "lastModified": "2023-07-26T21:15:09.893", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Ventura 13.2.1. An app may be able to observe unprotected user data.." + "value": "A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Ventura 13.2.1. An app may be able to observe unprotected user data." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-273xx/CVE-2023-27379.json b/CVE-2023/CVE-2023-273xx/CVE-2023-27379.json index ba3e3400048..5855482f886 100644 --- a/CVE-2023/CVE-2023-273xx/CVE-2023-27379.json +++ b/CVE-2023/CVE-2023-273xx/CVE-2023-27379.json @@ -2,8 +2,8 @@ "id": "CVE-2023-27379", "sourceIdentifier": "talos-cna@cisco.com", "published": "2023-07-19T14:15:10.000", - "lastModified": "2023-07-19T18:15:10.913", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-26T21:01:27.943", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "talos-cna@cisco.com", "type": "Secondary", @@ -46,10 +66,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:foxit:pdf_reader:12.1.2.15332:*:*:*:*:*:*:*", + "matchCriteriaId": "03BAF434-E618-4E4D-AABE-BE5A1298F877" + } + ] + } + ] + } + ], "references": [ { "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1756", - "source": "talos-cna@cisco.com" + "source": "talos-cna@cisco.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-287xx/CVE-2023-28744.json b/CVE-2023/CVE-2023-287xx/CVE-2023-28744.json index 1e5924233ad..c85b38ad267 100644 --- a/CVE-2023/CVE-2023-287xx/CVE-2023-28744.json +++ b/CVE-2023/CVE-2023-287xx/CVE-2023-28744.json @@ -2,8 +2,8 @@ "id": "CVE-2023-28744", "sourceIdentifier": "talos-cna@cisco.com", "published": "2023-07-19T14:15:10.117", - "lastModified": "2023-07-19T18:15:10.990", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-26T21:02:26.780", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "talos-cna@cisco.com", "type": "Secondary", @@ -46,10 +66,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:foxit:pdf_reader:12.1.1.15289:*:*:*:*:*:*:*", + "matchCriteriaId": "CD905E16-0A47-43A6-BEC8-95882986754C" + } + ] + } + ] + } + ], "references": [ { "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1739", - "source": "talos-cna@cisco.com" + "source": "talos-cna@cisco.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-287xx/CVE-2023-28767.json b/CVE-2023/CVE-2023-287xx/CVE-2023-28767.json index eb6cdeab71f..52eacd09dba 100644 --- a/CVE-2023/CVE-2023-287xx/CVE-2023-28767.json +++ b/CVE-2023/CVE-2023-287xx/CVE-2023-28767.json @@ -2,8 +2,8 @@ "id": "CVE-2023-28767", "sourceIdentifier": "security@zyxel.com.tw", "published": "2023-07-17T17:15:09.883", - "lastModified": "2023-07-17T17:31:42.010", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-26T21:36:06.313", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -35,6 +35,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-78" + } + ] + }, { "source": "security@zyxel.com.tw", "type": "Secondary", @@ -46,10 +56,653 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:usg_2200-vpn_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.00", + "versionEndExcluding": "5.37", + "matchCriteriaId": "369543A8-1D92-42AF-896D-30A38E02D8E5" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_2200-vpn:-:*:*:*:*:*:*:*", + "matchCriteriaId": "32F7F370-C585-45FE-A7F7-40BFF13928CF" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:usg_flex_100_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.00", + "versionEndExcluding": "5.37", + "matchCriteriaId": "3844EDBE-1FDA-48E0-9535-D81657E1820A" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2B30A4C0-9928-46AD-9210-C25656FB43FB" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:usg_flex_100w_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.00", + "versionEndExcluding": "5.37", + "matchCriteriaId": "61B89E2F-9A44-4A02-9279-158CDAA787D5" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D74ABA7E-AA78-4A13-A64E-C44021591B42" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:usg_flex_200_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.00", + "versionEndExcluding": "5.37", + "matchCriteriaId": "6081F154-4A1E-4630-99BB-846B68F5B818" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F93B6A06-2951-46D2-A7E1-103D7318D612" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:usg_flex_50_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.00", + "versionEndExcluding": "5.37", + "matchCriteriaId": "428D392F-2427-4510-9185-AD9C1FC839A1" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_50:-:*:*:*:*:*:*:*", + "matchCriteriaId": "646C1F07-B553-47B0-953B-DC7DE7FD0F8B" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:usg_flex_500_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.00", + "versionEndExcluding": "5.37", + "matchCriteriaId": "614F4C95-8835-4A0A-B965-51FBD0289DE5" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*", + "matchCriteriaId": "92C697A5-D1D3-4FF0-9C43-D27B18181958" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:usg_flex_50w_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.00", + "versionEndExcluding": "5.37", + "matchCriteriaId": "DD16BDCE-428C-40B2-BE9E-593ED4C59819" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_50w:-:*:*:*:*:*:*:*", + "matchCriteriaId": "110A1CA4-0170-4834-8281-0A3E14FC5584" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:usg_flex_700_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.00", + "versionEndExcluding": "5.37", + "matchCriteriaId": "F253FB99-B7E9-4809-9E3A-F9964B6B3BD8" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9D1396E3-731B-4D05-A3F8-F3ABB80D5C29" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zywall_vpn100_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.00", + "versionEndExcluding": "5.37", + "matchCriteriaId": "6362D1C8-DD85-45E6-B6F0-BB9882FA0F19" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:zywall_vpn100:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6762B13C-6FD5-49D7-B2D6-4986BAC3D425" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zywall_vpn2s_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.00", + "versionEndExcluding": "5.37", + "matchCriteriaId": "DCC7F9D7-2688-4848-9B3F-60C35E66423E" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:zywall_vpn2s:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3D3F001A-8790-463F-804B-CA5CAC610867" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zywall_vpn300_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.00", + "versionEndExcluding": "5.37", + "matchCriteriaId": "E19C1F04-1F67-4502-B6E2-B7DA771E1ACA" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:zywall_vpn300:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E7C35A94-304B-46FB-BAA0-4E0C4F34BEDD" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zywall_vpn50_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.00", + "versionEndExcluding": "5.37", + "matchCriteriaId": "54D49F68-BCE2-432F-AC2B-1975F7BDBCE7" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:zywall_vpn50:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D902D9D2-5215-4A70-9D16-F1C3BA10EE18" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zywall_vpn_100_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.00", + "versionEndExcluding": "5.37", + "matchCriteriaId": "C380259A-B524-41EC-A733-805F617BA3E1" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:zywall_vpn_100:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B1B81DDA-DDD5-4D9B-B631-815186E3839F" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zywall_vpn_300_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.00", + "versionEndExcluding": "5.37", + "matchCriteriaId": "DF3F62F3-0681-4150-8F89-B44708DE75ED" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:zywall_vpn_300:-:*:*:*:*:*:*:*", + "matchCriteriaId": "212C5E8E-774A-446E-B7C7-80C349160BC2" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zywall_vpn_50_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.00", + "versionEndExcluding": "5.37", + "matchCriteriaId": "11E3C89D-EEEC-449F-9783-91E0AE286223" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:zywall_vpn_50:-:*:*:*:*:*:*:*", + "matchCriteriaId": "FD872CA4-385D-49A9-B1DF-7C4467BD49AA" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:usg_20w-vpn_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.10", + "versionEndExcluding": "5.37", + "matchCriteriaId": "39637E53-C502-4377-BC9E-71E0962F7D6F" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_20w-vpn:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6BEA412F-3DA1-4E91-9C74-0666147DABCE" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zywall_atp100_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.10", + "versionEndExcluding": "5.37", + "matchCriteriaId": "9BD13DCF-7B56-423B-BA54-E2CC2288E12E" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:zywall_atp100:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A899D2DE-8C74-4EA1-BD87-B8BF37CBFB6D" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zywall_atp100w_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.10", + "versionEndExcluding": "5.37", + "matchCriteriaId": "EDDD5813-1215-4047-8AA6-A286571A0475" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:zywall_atp100w:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F7F65954-FF1A-46A4-A003-FF8B9666880A" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zywall_atp200_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.10", + "versionEndExcluding": "5.37", + "matchCriteriaId": "D8B5F6AE-537A-4FFB-92AB-28AE2E1741FB" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:zywall_atp200:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A4F6D0AA-CDD4-4F1C-98F1-1B381023B3F4" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zywall_atp500_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.10", + "versionEndExcluding": "5.37", + "matchCriteriaId": "9D73608C-EB5F-44B6-BB11-6F7E4742E71E" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:zywall_atp500:-:*:*:*:*:*:*:*", + "matchCriteriaId": "AA85BCA2-CEF5-44EF-BEFB-5DA2638F5F37" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zywall_atp700_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.10", + "versionEndExcluding": "5.37", + "matchCriteriaId": "B51FA0FC-7803-4ECB-BFFB-839E585CD9CA" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:zywall_atp700:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D50CC94B-4EAA-44A7-AEF1-415491572FB1" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zywall_atp800_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.10", + "versionEndExcluding": "5.37", + "matchCriteriaId": "CCC033D4-363E-4A00-AD9E-1D94D5060CB7" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:zywall_atp800:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3EC7EB91-65C4-45EA-9CB4-3B3961724DCB" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-wlan-controllers", - "source": "security@zyxel.com.tw" + "source": "security@zyxel.com.tw", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-303xx/CVE-2023-30367.json b/CVE-2023/CVE-2023-303xx/CVE-2023-30367.json new file mode 100644 index 00000000000..61114b260ce --- /dev/null +++ b/CVE-2023/CVE-2023-303xx/CVE-2023-30367.json @@ -0,0 +1,28 @@ +{ + "id": "CVE-2023-30367", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-07-26T21:15:09.980", + "lastModified": "2023-07-26T21:40:11.047", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "mRemoteNG configuration files can be stored in an encrypted state on disk. mRemoteNG version <= v1.76.20 and <= 1.77.3-dev loads configuration files in plain text into memory at application start-up, even if no connection has been established yet. This allows attackers to access contents of configuration files in plain text through a memory dump and thus compromise user credentials when no custom password encryption key has been set. This also bypasses the connection configuration file encryption setting by dumping already decrypted configurations from memory." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/S1lkys/CVE-2023-30367-mRemoteNG-password-dumper", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/mRemoteNG/mRemoteNG/issues/2420", + "source": "cve@mitre.org" + }, + { + "url": "https://www.secuvera.de/advisories/secuvera-SA-2023-01.txt", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-309xx/CVE-2023-30988.json b/CVE-2023/CVE-2023-309xx/CVE-2023-30988.json index 9a4a0c1b205..11ffd1e2081 100644 --- a/CVE-2023/CVE-2023-309xx/CVE-2023-30988.json +++ b/CVE-2023/CVE-2023-309xx/CVE-2023-30988.json @@ -2,8 +2,8 @@ "id": "CVE-2023-30988", "sourceIdentifier": "psirt@us.ibm.com", "published": "2023-07-16T23:15:09.137", - "lastModified": "2023-07-17T13:02:37.237", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-26T20:35:14.287", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + }, { "source": "psirt@us.ibm.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + }, { "source": "psirt@us.ibm.com", "type": "Secondary", @@ -46,14 +76,54 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:i:7.2:*:*:*:*:*:*:*", + "matchCriteriaId": "5E41BD05-37B8-4494-9344-506D4BCF43C2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:i:7.3:*:*:*:*:*:*:*", + "matchCriteriaId": "DD4F4919-D935-4B81-B4E8-0E0F2DAC09B1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:i:7.4:*:*:*:*:*:*:*", + "matchCriteriaId": "AE2B298C-E1F6-43BD-A5EF-83964C6669CE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:i:7.5:*:*:*:*:*:*:*", + "matchCriteriaId": "88B74622-BDB2-43AE-A91F-FADEC4B64B4F" + } + ] + } + ] + } + ], "references": [ { "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/254016", - "source": "psirt@us.ibm.com" + "source": "psirt@us.ibm.com", + "tags": [ + "VDB Entry", + "Vendor Advisory" + ] }, { "url": "https://www.ibm.com/support/pages/node/7012355", - "source": "psirt@us.ibm.com" + "source": "psirt@us.ibm.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-309xx/CVE-2023-30989.json b/CVE-2023/CVE-2023-309xx/CVE-2023-30989.json index 3c2981c8f31..d5f6ca31789 100644 --- a/CVE-2023/CVE-2023-309xx/CVE-2023-30989.json +++ b/CVE-2023/CVE-2023-309xx/CVE-2023-30989.json @@ -2,8 +2,8 @@ "id": "CVE-2023-30989", "sourceIdentifier": "psirt@us.ibm.com", "published": "2023-07-16T23:15:09.227", - "lastModified": "2023-07-17T13:02:37.237", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-26T20:35:50.023", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + }, { "source": "psirt@us.ibm.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + }, { "source": "psirt@us.ibm.com", "type": "Secondary", @@ -46,14 +76,54 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:i:7.2:*:*:*:*:*:*:*", + "matchCriteriaId": "5E41BD05-37B8-4494-9344-506D4BCF43C2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:i:7.3:*:*:*:*:*:*:*", + "matchCriteriaId": "DD4F4919-D935-4B81-B4E8-0E0F2DAC09B1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:i:7.4:*:*:*:*:*:*:*", + "matchCriteriaId": "AE2B298C-E1F6-43BD-A5EF-83964C6669CE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:i:7.5:*:*:*:*:*:*:*", + "matchCriteriaId": "88B74622-BDB2-43AE-A91F-FADEC4B64B4F" + } + ] + } + ] + } + ], "references": [ { "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/254017", - "source": "psirt@us.ibm.com" + "source": "psirt@us.ibm.com", + "tags": [ + "VDB Entry", + "Vendor Advisory" + ] }, { "url": "https://www.ibm.com/support/pages/node/7012353", - "source": "psirt@us.ibm.com" + "source": "psirt@us.ibm.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-312xx/CVE-2023-31216.json b/CVE-2023/CVE-2023-312xx/CVE-2023-31216.json index 3623617296e..7929e9711a8 100644 --- a/CVE-2023/CVE-2023-312xx/CVE-2023-31216.json +++ b/CVE-2023/CVE-2023-312xx/CVE-2023-31216.json @@ -2,8 +2,8 @@ "id": "CVE-2023-31216", "sourceIdentifier": "audit@patchstack.com", "published": "2023-07-17T14:15:10.383", - "lastModified": "2023-07-17T14:22:52.003", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-26T20:05:14.587", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +66,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ultimatemember:ultimate_member:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "2.6.0", + "matchCriteriaId": "94A14B2A-4160-4265-AEF6-3E65A7808FBE" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/ultimate-member/wordpress-ultimate-member-plugin-2-6-0-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-314xx/CVE-2023-31465.json b/CVE-2023/CVE-2023-314xx/CVE-2023-31465.json new file mode 100644 index 00000000000..9511fed1eec --- /dev/null +++ b/CVE-2023/CVE-2023-314xx/CVE-2023-31465.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-31465", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-07-26T20:15:12.500", + "lastModified": "2023-07-26T21:40:11.047", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "An issue was discovered in FSMLabs TimeKeeper 8.0.17 through 8.0.28. By intercepting requests from various timekeeper streams, it is possible to find the getsamplebacklog call. Some query parameters are passed directly in the URL and named arg[x], with x an integer starting from 1; it is possible to modify arg[2] to insert Bash code that will be executed directly by the server." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://fsmlabs.com/fsmlabs-cybersecurity/", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/CapgeminiCisRedTeam/Disclosure/blob/main/CVE%20PoC/CVE-2023-31465.md", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-314xx/CVE-2023-31466.json b/CVE-2023/CVE-2023-314xx/CVE-2023-31466.json new file mode 100644 index 00000000000..7fcf1372626 --- /dev/null +++ b/CVE-2023/CVE-2023-314xx/CVE-2023-31466.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-31466", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-07-26T20:15:12.557", + "lastModified": "2023-07-26T21:40:11.047", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "An XSS issue was discovered in FSMLabs TimeKeeper 8.0.17. On the \"Configuration -> Compliance -> Add a new compliance report\" and \"Configuration -> Timekeeper Configuration -> Add a new source there\" screens, there are entry points to inject JavaScript code." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://fsmlabs.com/fsmlabs-cybersecurity/", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/CapgeminiCisRedTeam/Disclosure/blob/main/CVE%20PoC/CVE-2023-31466.md", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-320xx/CVE-2023-32001.json b/CVE-2023/CVE-2023-320xx/CVE-2023-32001.json new file mode 100644 index 00000000000..3651610ce79 --- /dev/null +++ b/CVE-2023/CVE-2023-320xx/CVE-2023-32001.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-32001", + "sourceIdentifier": "support@hackerone.com", + "published": "2023-07-26T21:15:10.037", + "lastModified": "2023-07-26T21:40:11.047", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "libcurl can be told to save cookie, HSTS and/or alt-svc data to files. When\ndoing this, it called `stat()` followed by `fopen()` in a way that made it\nvulnerable to a TOCTOU race condition problem.\n\nBy exploiting this flaw, an attacker could trick the victim to create or\noverwrite protected files holding this data in ways it was not intended to.\n" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://hackerone.com/reports/2039870", + "source": "support@hackerone.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32481.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32481.json index fd623f6070e..1087422d13a 100644 --- a/CVE-2023/CVE-2023-324xx/CVE-2023-32481.json +++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32481.json @@ -2,8 +2,8 @@ "id": "CVE-2023-32481", "sourceIdentifier": "security_alert@emc.com", "published": "2023-07-20T12:15:11.220", - "lastModified": "2023-07-20T16:45:55.920", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-26T21:05:55.530", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + }, { "source": "security_alert@emc.com", "type": "Secondary", @@ -46,10 +66,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:dell:wyse_management_suite:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.0", + "matchCriteriaId": "C475EF48-D554-4CB8-BCCF-0173A108456C" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.dell.com/support/kbdoc/en-us/000215351/dsa-2023-240-dell-wyse-management-suite", - "source": "security_alert@emc.com" + "source": "security_alert@emc.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32482.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32482.json index f38a0c916a9..0ef10844a48 100644 --- a/CVE-2023/CVE-2023-324xx/CVE-2023-32482.json +++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32482.json @@ -2,8 +2,8 @@ "id": "CVE-2023-32482", "sourceIdentifier": "security_alert@emc.com", "published": "2023-07-20T12:15:11.313", - "lastModified": "2023-07-20T16:45:55.920", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-26T21:16:34.357", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 4.9, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.2, + "impactScore": 3.6 + }, { "source": "security_alert@emc.com", "type": "Secondary", @@ -36,8 +56,18 @@ }, "weaknesses": [ { - "source": "security_alert@emc.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-863" + } + ] + }, + { + "source": "security_alert@emc.com", + "type": "Secondary", "description": [ { "lang": "en", @@ -46,10 +76,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:dell:wyse_management_suite:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.0", + "matchCriteriaId": "C475EF48-D554-4CB8-BCCF-0173A108456C" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.dell.com/support/kbdoc/en-us/000215351/dsa-2023-240-dell-wyse-management-suite", - "source": "security_alert@emc.com" + "source": "security_alert@emc.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32483.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32483.json index df5967997ba..eeafbfdf165 100644 --- a/CVE-2023/CVE-2023-324xx/CVE-2023-32483.json +++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32483.json @@ -2,8 +2,8 @@ "id": "CVE-2023-32483", "sourceIdentifier": "security_alert@emc.com", "published": "2023-07-20T12:15:11.413", - "lastModified": "2023-07-20T16:45:55.920", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-26T21:16:56.893", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 4.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.8, + "impactScore": 3.6 + }, { "source": "security_alert@emc.com", "type": "Secondary", @@ -46,10 +66,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:dell:wyse_management_suite:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.0", + "matchCriteriaId": "C475EF48-D554-4CB8-BCCF-0173A108456C" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.dell.com/support/kbdoc/en-us/000215351/dsa-2023-240-dell-wyse-management-suite", - "source": "security_alert@emc.com" + "source": "security_alert@emc.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-326xx/CVE-2023-32664.json b/CVE-2023/CVE-2023-326xx/CVE-2023-32664.json index 18deefd8dcc..00932eeef4c 100644 --- a/CVE-2023/CVE-2023-326xx/CVE-2023-32664.json +++ b/CVE-2023/CVE-2023-326xx/CVE-2023-32664.json @@ -2,8 +2,8 @@ "id": "CVE-2023-32664", "sourceIdentifier": "talos-cna@cisco.com", "published": "2023-07-19T14:15:10.207", - "lastModified": "2023-07-19T18:15:11.197", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-26T21:04:06.097", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + }, { "source": "talos-cna@cisco.com", "type": "Secondary", @@ -46,10 +66,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:foxit:pdf_reader:12.1.2.15332:*:*:*:*:*:*:*", + "matchCriteriaId": "03BAF434-E618-4E4D-AABE-BE5A1298F877" + } + ] + } + ] + } + ], "references": [ { "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1795", - "source": "talos-cna@cisco.com" + "source": "talos-cna@cisco.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-330xx/CVE-2023-33011.json b/CVE-2023/CVE-2023-330xx/CVE-2023-33011.json index 09c3e550db8..9210944d31a 100644 --- a/CVE-2023/CVE-2023-330xx/CVE-2023-33011.json +++ b/CVE-2023/CVE-2023-330xx/CVE-2023-33011.json @@ -2,8 +2,8 @@ "id": "CVE-2023-33011", "sourceIdentifier": "security@zyxel.com.tw", "published": "2023-07-17T18:15:09.397", - "lastModified": "2023-07-17T18:58:33.633", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-26T21:35:45.000", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -35,6 +35,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-134" + } + ] + }, { "source": "security@zyxel.com.tw", "type": "Secondary", @@ -46,10 +56,653 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:usg_2200-vpn_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.00", + "versionEndExcluding": "5.37", + "matchCriteriaId": "369543A8-1D92-42AF-896D-30A38E02D8E5" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_2200-vpn:-:*:*:*:*:*:*:*", + "matchCriteriaId": "32F7F370-C585-45FE-A7F7-40BFF13928CF" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:usg_flex_100_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.00", + "versionEndExcluding": "5.37", + "matchCriteriaId": "3844EDBE-1FDA-48E0-9535-D81657E1820A" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2B30A4C0-9928-46AD-9210-C25656FB43FB" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:usg_flex_100w_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.00", + "versionEndExcluding": "5.37", + "matchCriteriaId": "61B89E2F-9A44-4A02-9279-158CDAA787D5" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D74ABA7E-AA78-4A13-A64E-C44021591B42" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:usg_flex_200_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.00", + "versionEndExcluding": "5.37", + "matchCriteriaId": "6081F154-4A1E-4630-99BB-846B68F5B818" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F93B6A06-2951-46D2-A7E1-103D7318D612" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:usg_flex_50_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.00", + "versionEndExcluding": "5.37", + "matchCriteriaId": "428D392F-2427-4510-9185-AD9C1FC839A1" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_50:-:*:*:*:*:*:*:*", + "matchCriteriaId": "646C1F07-B553-47B0-953B-DC7DE7FD0F8B" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:usg_flex_500_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.00", + "versionEndExcluding": "5.37", + "matchCriteriaId": "614F4C95-8835-4A0A-B965-51FBD0289DE5" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*", + "matchCriteriaId": "92C697A5-D1D3-4FF0-9C43-D27B18181958" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:usg_flex_50w_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.00", + "versionEndExcluding": "5.37", + "matchCriteriaId": "DD16BDCE-428C-40B2-BE9E-593ED4C59819" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_50w:-:*:*:*:*:*:*:*", + "matchCriteriaId": "110A1CA4-0170-4834-8281-0A3E14FC5584" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:usg_flex_700_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.00", + "versionEndExcluding": "5.37", + "matchCriteriaId": "F253FB99-B7E9-4809-9E3A-F9964B6B3BD8" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9D1396E3-731B-4D05-A3F8-F3ABB80D5C29" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zywall_vpn100_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.00", + "versionEndExcluding": "5.37", + "matchCriteriaId": "6362D1C8-DD85-45E6-B6F0-BB9882FA0F19" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:zywall_vpn100:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6762B13C-6FD5-49D7-B2D6-4986BAC3D425" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zywall_vpn2s_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.00", + "versionEndExcluding": "5.37", + "matchCriteriaId": "DCC7F9D7-2688-4848-9B3F-60C35E66423E" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:zywall_vpn2s:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3D3F001A-8790-463F-804B-CA5CAC610867" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zywall_vpn300_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.00", + "versionEndExcluding": "5.37", + "matchCriteriaId": "E19C1F04-1F67-4502-B6E2-B7DA771E1ACA" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:zywall_vpn300:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E7C35A94-304B-46FB-BAA0-4E0C4F34BEDD" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zywall_vpn50_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.00", + "versionEndExcluding": "5.37", + "matchCriteriaId": "54D49F68-BCE2-432F-AC2B-1975F7BDBCE7" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:zywall_vpn50:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D902D9D2-5215-4A70-9D16-F1C3BA10EE18" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zywall_vpn_100_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.00", + "versionEndExcluding": "5.37", + "matchCriteriaId": "C380259A-B524-41EC-A733-805F617BA3E1" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:zywall_vpn_100:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B1B81DDA-DDD5-4D9B-B631-815186E3839F" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zywall_vpn_300_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.00", + "versionEndExcluding": "5.37", + "matchCriteriaId": "DF3F62F3-0681-4150-8F89-B44708DE75ED" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:zywall_vpn_300:-:*:*:*:*:*:*:*", + "matchCriteriaId": "212C5E8E-774A-446E-B7C7-80C349160BC2" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zywall_vpn_50_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.00", + "versionEndExcluding": "5.37", + "matchCriteriaId": "11E3C89D-EEEC-449F-9783-91E0AE286223" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:zywall_vpn_50:-:*:*:*:*:*:*:*", + "matchCriteriaId": "FD872CA4-385D-49A9-B1DF-7C4467BD49AA" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:usg_20w-vpn_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.10", + "versionEndExcluding": "5.37", + "matchCriteriaId": "39637E53-C502-4377-BC9E-71E0962F7D6F" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_20w-vpn:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6BEA412F-3DA1-4E91-9C74-0666147DABCE" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zywall_atp100_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.10", + "versionEndExcluding": "5.37", + "matchCriteriaId": "9BD13DCF-7B56-423B-BA54-E2CC2288E12E" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:zywall_atp100:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A899D2DE-8C74-4EA1-BD87-B8BF37CBFB6D" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zywall_atp100w_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.10", + "versionEndExcluding": "5.37", + "matchCriteriaId": "EDDD5813-1215-4047-8AA6-A286571A0475" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:zywall_atp100w:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F7F65954-FF1A-46A4-A003-FF8B9666880A" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zywall_atp200_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.10", + "versionEndExcluding": "5.37", + "matchCriteriaId": "D8B5F6AE-537A-4FFB-92AB-28AE2E1741FB" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:zywall_atp200:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A4F6D0AA-CDD4-4F1C-98F1-1B381023B3F4" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zywall_atp500_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.10", + "versionEndExcluding": "5.37", + "matchCriteriaId": "9D73608C-EB5F-44B6-BB11-6F7E4742E71E" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:zywall_atp500:-:*:*:*:*:*:*:*", + "matchCriteriaId": "AA85BCA2-CEF5-44EF-BEFB-5DA2638F5F37" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zywall_atp700_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.10", + "versionEndExcluding": "5.37", + "matchCriteriaId": "B51FA0FC-7803-4ECB-BFFB-839E585CD9CA" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:zywall_atp700:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D50CC94B-4EAA-44A7-AEF1-415491572FB1" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zywall_atp800_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.10", + "versionEndExcluding": "5.37", + "matchCriteriaId": "CCC033D4-363E-4A00-AD9E-1D94D5060CB7" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:zywall_atp800:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3EC7EB91-65C4-45EA-9CB4-3B3961724DCB" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-wlan-controllers", - "source": "security@zyxel.com.tw" + "source": "security@zyxel.com.tw", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-330xx/CVE-2023-33012.json b/CVE-2023/CVE-2023-330xx/CVE-2023-33012.json index 34bc0e6bb8c..db92c7ca884 100644 --- a/CVE-2023/CVE-2023-330xx/CVE-2023-33012.json +++ b/CVE-2023/CVE-2023-330xx/CVE-2023-33012.json @@ -2,8 +2,8 @@ "id": "CVE-2023-33012", "sourceIdentifier": "security@zyxel.com.tw", "published": "2023-07-17T18:15:09.473", - "lastModified": "2023-07-17T18:58:33.633", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-26T21:35:28.507", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -35,6 +35,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-78" + } + ] + }, { "source": "security@zyxel.com.tw", "type": "Secondary", @@ -46,10 +56,653 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:usg_20w-vpn_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.10", + "versionEndExcluding": "5.37", + "matchCriteriaId": "39637E53-C502-4377-BC9E-71E0962F7D6F" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_20w-vpn:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6BEA412F-3DA1-4E91-9C74-0666147DABCE" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:usg_2200-vpn_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.00", + "versionEndExcluding": "5.37", + "matchCriteriaId": "369543A8-1D92-42AF-896D-30A38E02D8E5" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_2200-vpn:-:*:*:*:*:*:*:*", + "matchCriteriaId": "32F7F370-C585-45FE-A7F7-40BFF13928CF" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:usg_flex_100_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.00", + "versionEndExcluding": "5.37", + "matchCriteriaId": "3844EDBE-1FDA-48E0-9535-D81657E1820A" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2B30A4C0-9928-46AD-9210-C25656FB43FB" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:usg_flex_100w_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.00", + "versionEndExcluding": "5.37", + "matchCriteriaId": "61B89E2F-9A44-4A02-9279-158CDAA787D5" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D74ABA7E-AA78-4A13-A64E-C44021591B42" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:usg_flex_200_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.00", + "versionEndExcluding": "5.37", + "matchCriteriaId": "6081F154-4A1E-4630-99BB-846B68F5B818" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F93B6A06-2951-46D2-A7E1-103D7318D612" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:usg_flex_50_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.00", + "versionEndExcluding": "5.37", + "matchCriteriaId": "428D392F-2427-4510-9185-AD9C1FC839A1" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_50:-:*:*:*:*:*:*:*", + "matchCriteriaId": "646C1F07-B553-47B0-953B-DC7DE7FD0F8B" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:usg_flex_500_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.00", + "versionEndExcluding": "5.37", + "matchCriteriaId": "614F4C95-8835-4A0A-B965-51FBD0289DE5" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*", + "matchCriteriaId": "92C697A5-D1D3-4FF0-9C43-D27B18181958" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:usg_flex_50w_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.00", + "versionEndExcluding": "5.37", + "matchCriteriaId": "DD16BDCE-428C-40B2-BE9E-593ED4C59819" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_50w:-:*:*:*:*:*:*:*", + "matchCriteriaId": "110A1CA4-0170-4834-8281-0A3E14FC5584" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:usg_flex_700_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.00", + "versionEndExcluding": "5.37", + "matchCriteriaId": "F253FB99-B7E9-4809-9E3A-F9964B6B3BD8" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9D1396E3-731B-4D05-A3F8-F3ABB80D5C29" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zywall_atp100_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.10", + "versionEndExcluding": "5.37", + "matchCriteriaId": "9BD13DCF-7B56-423B-BA54-E2CC2288E12E" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:zywall_atp100:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A899D2DE-8C74-4EA1-BD87-B8BF37CBFB6D" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zywall_atp100w_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.10", + "versionEndExcluding": "5.37", + "matchCriteriaId": "EDDD5813-1215-4047-8AA6-A286571A0475" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:zywall_atp100w:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F7F65954-FF1A-46A4-A003-FF8B9666880A" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zywall_atp200_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.10", + "versionEndExcluding": "5.37", + "matchCriteriaId": "D8B5F6AE-537A-4FFB-92AB-28AE2E1741FB" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:zywall_atp200:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A4F6D0AA-CDD4-4F1C-98F1-1B381023B3F4" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zywall_atp500_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.10", + "versionEndExcluding": "5.37", + "matchCriteriaId": "9D73608C-EB5F-44B6-BB11-6F7E4742E71E" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:zywall_atp500:-:*:*:*:*:*:*:*", + "matchCriteriaId": "AA85BCA2-CEF5-44EF-BEFB-5DA2638F5F37" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zywall_atp700_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.10", + "versionEndExcluding": "5.37", + "matchCriteriaId": "B51FA0FC-7803-4ECB-BFFB-839E585CD9CA" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:zywall_atp700:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D50CC94B-4EAA-44A7-AEF1-415491572FB1" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zywall_atp800_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.10", + "versionEndExcluding": "5.37", + "matchCriteriaId": "CCC033D4-363E-4A00-AD9E-1D94D5060CB7" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:zywall_atp800:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3EC7EB91-65C4-45EA-9CB4-3B3961724DCB" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zywall_vpn100_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.00", + "versionEndExcluding": "5.37", + "matchCriteriaId": "6362D1C8-DD85-45E6-B6F0-BB9882FA0F19" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:zywall_vpn100:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6762B13C-6FD5-49D7-B2D6-4986BAC3D425" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zywall_vpn2s_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.00", + "versionEndExcluding": "5.37", + "matchCriteriaId": "DCC7F9D7-2688-4848-9B3F-60C35E66423E" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:zywall_vpn2s:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3D3F001A-8790-463F-804B-CA5CAC610867" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zywall_vpn300_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.00", + "versionEndExcluding": "5.37", + "matchCriteriaId": "E19C1F04-1F67-4502-B6E2-B7DA771E1ACA" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:zywall_vpn300:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E7C35A94-304B-46FB-BAA0-4E0C4F34BEDD" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zywall_vpn50_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.00", + "versionEndExcluding": "5.37", + "matchCriteriaId": "54D49F68-BCE2-432F-AC2B-1975F7BDBCE7" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:zywall_vpn50:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D902D9D2-5215-4A70-9D16-F1C3BA10EE18" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zywall_vpn_100_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.00", + "versionEndExcluding": "5.37", + "matchCriteriaId": "C380259A-B524-41EC-A733-805F617BA3E1" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:zywall_vpn_100:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B1B81DDA-DDD5-4D9B-B631-815186E3839F" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zywall_vpn_300_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.00", + "versionEndExcluding": "5.37", + "matchCriteriaId": "DF3F62F3-0681-4150-8F89-B44708DE75ED" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:zywall_vpn_300:-:*:*:*:*:*:*:*", + "matchCriteriaId": "212C5E8E-774A-446E-B7C7-80C349160BC2" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zywall_vpn_50_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.00", + "versionEndExcluding": "5.37", + "matchCriteriaId": "11E3C89D-EEEC-449F-9783-91E0AE286223" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:zywall_vpn_50:-:*:*:*:*:*:*:*", + "matchCriteriaId": "FD872CA4-385D-49A9-B1DF-7C4467BD49AA" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-wlan-controllers", - "source": "security@zyxel.com.tw" + "source": "security@zyxel.com.tw", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-338xx/CVE-2023-33802.json b/CVE-2023/CVE-2023-338xx/CVE-2023-33802.json new file mode 100644 index 00000000000..87a9bc2fcfb --- /dev/null +++ b/CVE-2023/CVE-2023-338xx/CVE-2023-33802.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-33802", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-07-26T20:15:12.613", + "lastModified": "2023-07-26T21:40:11.047", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "A buffer overflow in SumatraPDF Reader v3.4.6 allows attackers to cause a Denial of Service (DoS) via a crafted text file." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/CDACesec/CVE-2023-33802", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-338xx/CVE-2023-33857.json b/CVE-2023/CVE-2023-338xx/CVE-2023-33857.json index 802ee70b35e..e8b57815e40 100644 --- a/CVE-2023/CVE-2023-338xx/CVE-2023-33857.json +++ b/CVE-2023/CVE-2023-338xx/CVE-2023-33857.json @@ -2,8 +2,8 @@ "id": "CVE-2023-33857", "sourceIdentifier": "psirt@us.ibm.com", "published": "2023-07-17T00:15:09.463", - "lastModified": "2023-07-17T13:02:37.237", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-26T20:04:15.373", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + }, { "source": "psirt@us.ibm.com", "type": "Secondary", @@ -39,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + }, { "source": "psirt@us.ibm.com", "type": "Secondary", @@ -50,14 +80,61 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:infosphere_information_server:11.7:*:*:*:*:*:*:*", + "matchCriteriaId": "4CED2F00-89E3-4BA9-A8FB-D43B308A59A8" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E492C463-D76E-49B7-A4D4-3B499E422D89" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", + "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" + } + ] + } + ] + } + ], "references": [ { "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/257695", - "source": "psirt@us.ibm.com" + "source": "psirt@us.ibm.com", + "tags": [ + "VDB Entry", + "Vendor Advisory" + ] }, { "url": "https://www.ibm.com/support/pages/node/7007059", - "source": "psirt@us.ibm.com" + "source": "psirt@us.ibm.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-338xx/CVE-2023-33866.json b/CVE-2023/CVE-2023-338xx/CVE-2023-33866.json index 04aca05ed9c..fd2a42a81ea 100644 --- a/CVE-2023/CVE-2023-338xx/CVE-2023-33866.json +++ b/CVE-2023/CVE-2023-338xx/CVE-2023-33866.json @@ -2,8 +2,8 @@ "id": "CVE-2023-33866", "sourceIdentifier": "talos-cna@cisco.com", "published": "2023-07-19T14:15:10.297", - "lastModified": "2023-07-19T18:15:11.360", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-26T21:04:23.070", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "talos-cna@cisco.com", "type": "Secondary", @@ -36,7 +56,7 @@ }, "weaknesses": [ { - "source": "talos-cna@cisco.com", + "source": "nvd@nist.gov", "type": "Primary", "description": [ { @@ -44,12 +64,43 @@ "value": "CWE-416" } ] + }, + { + "source": "talos-cna@cisco.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:foxit:pdf_reader:12.1.2.15332:*:*:*:*:*:*:*", + "matchCriteriaId": "03BAF434-E618-4E4D-AABE-BE5A1298F877" + } + ] + } + ] } ], "references": [ { "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1757", - "source": "talos-cna@cisco.com" + "source": "talos-cna@cisco.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-338xx/CVE-2023-33876.json b/CVE-2023/CVE-2023-338xx/CVE-2023-33876.json index a0c7cc9c6f8..813c5e3d742 100644 --- a/CVE-2023/CVE-2023-338xx/CVE-2023-33876.json +++ b/CVE-2023/CVE-2023-338xx/CVE-2023-33876.json @@ -2,8 +2,8 @@ "id": "CVE-2023-33876", "sourceIdentifier": "talos-cna@cisco.com", "published": "2023-07-19T14:15:10.393", - "lastModified": "2023-07-19T17:15:22.243", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-26T21:04:42.287", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "talos-cna@cisco.com", "type": "Secondary", @@ -46,10 +66,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:foxit:pdf_reader:12.1.2.15332:*:*:*:*:*:*:*", + "matchCriteriaId": "03BAF434-E618-4E4D-AABE-BE5A1298F877" + } + ] + } + ] + } + ], "references": [ { "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1796", - "source": "talos-cna@cisco.com" + "source": "talos-cna@cisco.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-341xx/CVE-2023-34138.json b/CVE-2023/CVE-2023-341xx/CVE-2023-34138.json index 63cfa13ce60..3308882f623 100644 --- a/CVE-2023/CVE-2023-341xx/CVE-2023-34138.json +++ b/CVE-2023/CVE-2023-341xx/CVE-2023-34138.json @@ -2,8 +2,8 @@ "id": "CVE-2023-34138", "sourceIdentifier": "security@zyxel.com.tw", "published": "2023-07-17T18:15:09.540", - "lastModified": "2023-07-17T19:15:09.370", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-26T21:35:02.520", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -35,6 +35,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-78" + } + ] + }, { "source": "security@zyxel.com.tw", "type": "Secondary", @@ -46,10 +56,653 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:usg_20w-vpn_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.60", + "versionEndExcluding": "5.37", + "matchCriteriaId": "84E6FEEA-862C-4DCC-A96A-5525EC29CC39" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_20w-vpn:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6BEA412F-3DA1-4E91-9C74-0666147DABCE" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:usg_2200-vpn_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.60", + "versionEndExcluding": "5.37", + "matchCriteriaId": "025EF97A-491B-49BB-ACBF-AEF6660C5245" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_2200-vpn:-:*:*:*:*:*:*:*", + "matchCriteriaId": "32F7F370-C585-45FE-A7F7-40BFF13928CF" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:usg_flex_100_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.60", + "versionEndExcluding": "5.37", + "matchCriteriaId": "0B4C4323-E045-4DEB-9E03-E85EFD3DE2B2" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2B30A4C0-9928-46AD-9210-C25656FB43FB" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:usg_flex_100w_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.60", + "versionEndExcluding": "5.37", + "matchCriteriaId": "14F8731E-714C-48E7-9C3E-4CBF1238E930" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D74ABA7E-AA78-4A13-A64E-C44021591B42" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:usg_flex_200_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.60", + "versionEndExcluding": "5.37", + "matchCriteriaId": "8C4CCF83-32E5-456C-8560-1AD374FB008D" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F93B6A06-2951-46D2-A7E1-103D7318D612" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:usg_flex_50_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.60", + "versionEndExcluding": "5.37", + "matchCriteriaId": "87A3357C-B246-4C50-9B82-B02DFCE5A124" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_50:-:*:*:*:*:*:*:*", + "matchCriteriaId": "646C1F07-B553-47B0-953B-DC7DE7FD0F8B" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:usg_flex_500_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.60", + "versionEndExcluding": "5.37", + "matchCriteriaId": "47323C1C-3C23-490F-839F-C171FE2B8605" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*", + "matchCriteriaId": "92C697A5-D1D3-4FF0-9C43-D27B18181958" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:usg_flex_50w_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.60", + "versionEndExcluding": "5.37", + "matchCriteriaId": "12FF6DF5-A9C5-4208-8A19-950FAB691EB3" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_50w:-:*:*:*:*:*:*:*", + "matchCriteriaId": "110A1CA4-0170-4834-8281-0A3E14FC5584" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:usg_flex_700_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.60", + "versionEndExcluding": "5.37", + "matchCriteriaId": "3045EBE1-0307-4CAA-8C76-78F1798C50DE" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9D1396E3-731B-4D05-A3F8-F3ABB80D5C29" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zywall_atp100_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.60", + "versionEndExcluding": "5.37", + "matchCriteriaId": "8B89B813-A851-4B33-ADA2-3392DB4DA76E" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:zywall_atp100:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A899D2DE-8C74-4EA1-BD87-B8BF37CBFB6D" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zywall_atp100w_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.60", + "versionEndExcluding": "5.37", + "matchCriteriaId": "B3FE7904-1F19-4D67-88F1-7F4383851BEC" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:zywall_atp100w:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F7F65954-FF1A-46A4-A003-FF8B9666880A" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zywall_atp200_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.60", + "versionEndExcluding": "5.37", + "matchCriteriaId": "30150C71-D390-4E66-9DED-4F864A44242A" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:zywall_atp200:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A4F6D0AA-CDD4-4F1C-98F1-1B381023B3F4" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zywall_atp500_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.60", + "versionEndExcluding": "5.37", + "matchCriteriaId": "CFB78232-7354-44FB-BE44-C66B2274D640" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:zywall_atp500:-:*:*:*:*:*:*:*", + "matchCriteriaId": "AA85BCA2-CEF5-44EF-BEFB-5DA2638F5F37" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zywall_atp700_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.60", + "versionEndExcluding": "5.37", + "matchCriteriaId": "95D3591D-221B-4F16-B43D-D4645CA5B882" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:zywall_atp700:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D50CC94B-4EAA-44A7-AEF1-415491572FB1" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zywall_atp800_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.60", + "versionEndExcluding": "5.37", + "matchCriteriaId": "72E87CE3-1E3E-4CC0-86F1-BD8B28D5B808" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:zywall_atp800:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3EC7EB91-65C4-45EA-9CB4-3B3961724DCB" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zywall_vpn100_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.60", + "versionEndExcluding": "5.37", + "matchCriteriaId": "A2C20159-55E5-4E47-A315-B871AC0E0DA6" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:zywall_vpn100:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6762B13C-6FD5-49D7-B2D6-4986BAC3D425" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zywall_vpn2s_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.60", + "versionEndExcluding": "5.37", + "matchCriteriaId": "DD47CB7C-EDE1-48B4-A217-1383C2AE523D" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:zywall_vpn2s:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3D3F001A-8790-463F-804B-CA5CAC610867" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zywall_vpn300_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.60", + "versionEndExcluding": "5.37", + "matchCriteriaId": "97523A00-823A-482F-8BF3-05CFB3D560EC" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:zywall_vpn300:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E7C35A94-304B-46FB-BAA0-4E0C4F34BEDD" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zywall_vpn50_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.60", + "versionEndExcluding": "5.37", + "matchCriteriaId": "20F94EA9-55C2-4E65-8811-227FC7F6F31E" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:zywall_vpn50:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D902D9D2-5215-4A70-9D16-F1C3BA10EE18" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zywall_vpn_100_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.60", + "versionEndExcluding": "5.37", + "matchCriteriaId": "36EB91C1-B78A-4844-9794-C0D9DB6113E4" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:zywall_vpn_100:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B1B81DDA-DDD5-4D9B-B631-815186E3839F" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zywall_vpn_300_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.60", + "versionEndExcluding": "5.37", + "matchCriteriaId": "8ACECEB8-939A-4CDF-AF3D-77090C38638F" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:zywall_vpn_300:-:*:*:*:*:*:*:*", + "matchCriteriaId": "212C5E8E-774A-446E-B7C7-80C349160BC2" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zywall_vpn_50_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.60", + "versionEndExcluding": "5.37", + "matchCriteriaId": "AD0DFC8F-B4DC-4272-A3C4-BD4D8E77137C" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:zywall_vpn_50:-:*:*:*:*:*:*:*", + "matchCriteriaId": "FD872CA4-385D-49A9-B1DF-7C4467BD49AA" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-wlan-controllers", - "source": "security@zyxel.com.tw" + "source": "security@zyxel.com.tw", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-341xx/CVE-2023-34139.json b/CVE-2023/CVE-2023-341xx/CVE-2023-34139.json index ee134adcca8..0312cdd38bd 100644 --- a/CVE-2023/CVE-2023-341xx/CVE-2023-34139.json +++ b/CVE-2023/CVE-2023-341xx/CVE-2023-34139.json @@ -2,8 +2,8 @@ "id": "CVE-2023-34139", "sourceIdentifier": "security@zyxel.com.tw", "published": "2023-07-17T18:15:09.607", - "lastModified": "2023-07-18T03:15:55.260", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-26T21:30:22.970", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -13,7 +13,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "security@zyxel.com.tw", + "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "3.1", @@ -31,10 +31,40 @@ }, "exploitabilityScore": 2.8, "impactScore": 5.9 + }, + { + "source": "security@zyxel.com.tw", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 } ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-78" + } + ] + }, { "source": "security@zyxel.com.tw", "type": "Secondary", @@ -46,10 +76,450 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:usg_2200-vpn_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.20", + "versionEndExcluding": "5.37", + "matchCriteriaId": "48A4A637-C466-4F24-AAA6-CE57AF2EF1A4" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_2200-vpn:-:*:*:*:*:*:*:*", + "matchCriteriaId": "32F7F370-C585-45FE-A7F7-40BFF13928CF" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:usg_flex_100_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.50", + "versionEndExcluding": "5.37", + "matchCriteriaId": "0D66CA5F-C85F-4D69-8F82-BDCF6FCB905C" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2B30A4C0-9928-46AD-9210-C25656FB43FB" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:usg_flex_100w_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.50", + "versionEndExcluding": "5.37", + "matchCriteriaId": "E5E31FC3-E2EC-4909-BF8D-86775AF4D4B5" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D74ABA7E-AA78-4A13-A64E-C44021591B42" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:usg_flex_200_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.50", + "versionEndExcluding": "5.37", + "matchCriteriaId": "D6EF9AA9-65D5-4D7B-A2BF-9150C6339282" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F93B6A06-2951-46D2-A7E1-103D7318D612" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:usg_flex_50_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.50", + "versionEndExcluding": "5.37", + "matchCriteriaId": "16DE9EA8-98AB-4EAA-AA98-122F64F8D4D2" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_50:-:*:*:*:*:*:*:*", + "matchCriteriaId": "646C1F07-B553-47B0-953B-DC7DE7FD0F8B" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:usg_flex_500_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.50", + "versionEndExcluding": "5.37", + "matchCriteriaId": "B221F5CD-C0C6-4917-AC15-FF1BA3904915" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*", + "matchCriteriaId": "92C697A5-D1D3-4FF0-9C43-D27B18181958" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:usg_flex_50w_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.50", + "versionEndExcluding": "5.37", + "matchCriteriaId": "338384D8-1585-4AA7-90FB-E56F641E5A14" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_50w:-:*:*:*:*:*:*:*", + "matchCriteriaId": "110A1CA4-0170-4834-8281-0A3E14FC5584" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:usg_flex_700_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.50", + "versionEndExcluding": "5.37", + "matchCriteriaId": "0FA43EB7-3F72-4250-BE9A-7449B8AEF90F" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9D1396E3-731B-4D05-A3F8-F3ABB80D5C29" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zywall_vpn100_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.20", + "versionEndExcluding": "5.37", + "matchCriteriaId": "241523CE-2712-4840-A672-E87564B40DE1" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:zywall_vpn100:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6762B13C-6FD5-49D7-B2D6-4986BAC3D425" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zywall_vpn2s_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.20", + "versionEndExcluding": "5.37", + "matchCriteriaId": "39AE79D4-ABE1-4FAF-9A15-942AF05B6749" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:zywall_vpn2s:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3D3F001A-8790-463F-804B-CA5CAC610867" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zywall_vpn300_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.20", + "versionEndExcluding": "5.37", + "matchCriteriaId": "2C429AFE-477E-4243-BAE8-2AB17BB5D9D8" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:zywall_vpn300:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E7C35A94-304B-46FB-BAA0-4E0C4F34BEDD" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zywall_vpn50_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.20", + "versionEndExcluding": "5.37", + "matchCriteriaId": "7FC97DF9-7A02-4DA8-AA9F-0D4CE826E224" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:zywall_vpn50:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D902D9D2-5215-4A70-9D16-F1C3BA10EE18" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zywall_vpn_100_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.20", + "versionEndExcluding": "5.37", + "matchCriteriaId": "8FD857E4-B5C7-416B-AF9D-9E8A772E227E" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:zywall_vpn_100:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B1B81DDA-DDD5-4D9B-B631-815186E3839F" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zywall_vpn_300_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.20", + "versionEndExcluding": "5.37", + "matchCriteriaId": "4894CE6D-BE11-4249-830C-E10141C83D05" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:zywall_vpn_300:-:*:*:*:*:*:*:*", + "matchCriteriaId": "212C5E8E-774A-446E-B7C7-80C349160BC2" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zywall_vpn_50_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.20", + "versionEndExcluding": "5.37", + "matchCriteriaId": "B5107841-343E-4776-9F84-90C13BBB736E" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:zywall_vpn_50:-:*:*:*:*:*:*:*", + "matchCriteriaId": "FD872CA4-385D-49A9-B1DF-7C4467BD49AA" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-wlan-controllers", - "source": "security@zyxel.com.tw" + "source": "security@zyxel.com.tw", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-341xx/CVE-2023-34140.json b/CVE-2023/CVE-2023-341xx/CVE-2023-34140.json index 28c47dbeea7..0452d917d68 100644 --- a/CVE-2023/CVE-2023-341xx/CVE-2023-34140.json +++ b/CVE-2023/CVE-2023-341xx/CVE-2023-34140.json @@ -2,8 +2,8 @@ "id": "CVE-2023-34140", "sourceIdentifier": "security@zyxel.com.tw", "published": "2023-07-17T18:15:09.667", - "lastModified": "2023-07-17T18:58:33.633", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-26T21:29:58.263", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -35,6 +35,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-120" + } + ] + }, { "source": "security@zyxel.com.tw", "type": "Secondary", @@ -46,10 +56,711 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:usg_20w-vpn_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.16", + "versionEndExcluding": "5.37", + "matchCriteriaId": "4043DC00-98EF-4E09-9A39-D9739E6E521F" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_20w-vpn:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6BEA412F-3DA1-4E91-9C74-0666147DABCE" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:usg_2200-vpn_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.30", + "versionEndExcluding": "5.37", + "matchCriteriaId": "50222136-295B-434C-B5D1-A96A16386EEE" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_2200-vpn:-:*:*:*:*:*:*:*", + "matchCriteriaId": "32F7F370-C585-45FE-A7F7-40BFF13928CF" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:usg_flex_100_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.50", + "versionEndExcluding": "5.37", + "matchCriteriaId": "0D66CA5F-C85F-4D69-8F82-BDCF6FCB905C" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2B30A4C0-9928-46AD-9210-C25656FB43FB" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:usg_flex_100w_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.50", + "versionEndExcluding": "5.37", + "matchCriteriaId": "E5E31FC3-E2EC-4909-BF8D-86775AF4D4B5" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D74ABA7E-AA78-4A13-A64E-C44021591B42" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:usg_flex_200_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.50", + "versionEndExcluding": "5.37", + "matchCriteriaId": "D6EF9AA9-65D5-4D7B-A2BF-9150C6339282" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F93B6A06-2951-46D2-A7E1-103D7318D612" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:usg_flex_50_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.50", + "versionEndExcluding": "5.37", + "matchCriteriaId": "16DE9EA8-98AB-4EAA-AA98-122F64F8D4D2" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_50:-:*:*:*:*:*:*:*", + "matchCriteriaId": "646C1F07-B553-47B0-953B-DC7DE7FD0F8B" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:usg_flex_500_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.50", + "versionEndExcluding": "5.37", + "matchCriteriaId": "B221F5CD-C0C6-4917-AC15-FF1BA3904915" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*", + "matchCriteriaId": "92C697A5-D1D3-4FF0-9C43-D27B18181958" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:usg_flex_50w_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.50", + "versionEndExcluding": "5.37", + "matchCriteriaId": "338384D8-1585-4AA7-90FB-E56F641E5A14" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_50w:-:*:*:*:*:*:*:*", + "matchCriteriaId": "110A1CA4-0170-4834-8281-0A3E14FC5584" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:usg_flex_700_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.50", + "versionEndExcluding": "5.37", + "matchCriteriaId": "0FA43EB7-3F72-4250-BE9A-7449B8AEF90F" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9D1396E3-731B-4D05-A3F8-F3ABB80D5C29" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zywall_atp100_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.32", + "versionEndExcluding": "5.37", + "matchCriteriaId": "23441FD0-F61A-4421-9F4D-E29565D3A83F" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:zywall_atp100:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A899D2DE-8C74-4EA1-BD87-B8BF37CBFB6D" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zywall_atp100w_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.32", + "versionEndExcluding": "5.37", + "matchCriteriaId": "91CE19A7-74FC-4ACE-9048-8CECE8B26FDA" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:zywall_atp100w:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F7F65954-FF1A-46A4-A003-FF8B9666880A" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zywall_atp200_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.32", + "versionEndExcluding": "5.37", + "matchCriteriaId": "6DA7E90A-3449-4227-AFFC-8795391B5A03" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:zywall_atp200:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A4F6D0AA-CDD4-4F1C-98F1-1B381023B3F4" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zywall_atp500_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.32", + "versionEndExcluding": "5.37", + "matchCriteriaId": "A2B0B676-B7EA-46A0-810D-952F0DA19529" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:zywall_atp500:-:*:*:*:*:*:*:*", + "matchCriteriaId": "AA85BCA2-CEF5-44EF-BEFB-5DA2638F5F37" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zywall_atp700_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.32", + "versionEndExcluding": "5.37", + "matchCriteriaId": "5B8C4466-2347-44B8-B203-464F8A019B74" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:zywall_atp700:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D50CC94B-4EAA-44A7-AEF1-415491572FB1" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zywall_atp800_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.32", + "versionEndExcluding": "5.37", + "matchCriteriaId": "900FD6A2-3B4A-45FF-8C19-1CD23F79C631" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:zywall_atp800:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3EC7EB91-65C4-45EA-9CB4-3B3961724DCB" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zywall_vpn100_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.30", + "versionEndExcluding": "5.37", + "matchCriteriaId": "90DDFD00-8BF4-457C-946C-0BA94C505082" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:zywall_vpn100:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6762B13C-6FD5-49D7-B2D6-4986BAC3D425" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zywall_vpn2s_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.30", + "versionEndExcluding": "5.37", + "matchCriteriaId": "83846539-9C22-4697-AC89-3910B8526B55" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:zywall_vpn2s:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3D3F001A-8790-463F-804B-CA5CAC610867" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zywall_vpn300_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.30", + "versionEndExcluding": "5.37", + "matchCriteriaId": "6F8AAB27-285D-407C-9177-BA1FB6B1D689" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:zywall_vpn300:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E7C35A94-304B-46FB-BAA0-4E0C4F34BEDD" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zywall_vpn50_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.30", + "versionEndExcluding": "5.37", + "matchCriteriaId": "ECE9337E-37DC-416B-B311-C79B0315AE87" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:zywall_vpn50:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D902D9D2-5215-4A70-9D16-F1C3BA10EE18" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zywall_vpn_100_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.30", + "versionEndExcluding": "5.37", + "matchCriteriaId": "77E31983-F7D5-4577-BFB1-64CD17D3DDAF" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:zywall_vpn_100:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B1B81DDA-DDD5-4D9B-B631-815186E3839F" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zywall_vpn_300_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.30", + "versionEndExcluding": "5.37", + "matchCriteriaId": "DFADD089-824D-43AA-8AE0-C571C7DE29B1" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:zywall_vpn_300:-:*:*:*:*:*:*:*", + "matchCriteriaId": "212C5E8E-774A-446E-B7C7-80C349160BC2" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zywall_vpn_50_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.30", + "versionEndExcluding": "5.37", + "matchCriteriaId": "48F7450B-74ED-423D-B5C9-CD08DE85C72D" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:zywall_vpn_50:-:*:*:*:*:*:*:*", + "matchCriteriaId": "FD872CA4-385D-49A9-B1DF-7C4467BD49AA" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:nxc2500_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.10\\(aaig.0\\)", + "versionEndIncluding": "6.10\\(aaig.3\\)", + "matchCriteriaId": "075CD289-4377-4E6F-AE41-671DFBB2DEB4" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:nxc2500:-:*:*:*:*:*:*:*", + "matchCriteriaId": "BADED427-DEFF-4213-836B-C8EF0531C39A" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:nxc5500_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.10\\(aaos.0\\)", + "versionEndIncluding": "6.10\\(aaos.4\\)", + "matchCriteriaId": "5296D40F-B269-43D6-9D3B-D9FC18921FBA" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:nxc5500:-:*:*:*:*:*:*:*", + "matchCriteriaId": "5A334B8B-8750-4519-B485-0AB0CECD212B" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-wlan-controllers", - "source": "security@zyxel.com.tw" + "source": "security@zyxel.com.tw", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-341xx/CVE-2023-34141.json b/CVE-2023/CVE-2023-341xx/CVE-2023-34141.json index 7892645345b..3fee8501cc2 100644 --- a/CVE-2023/CVE-2023-341xx/CVE-2023-34141.json +++ b/CVE-2023/CVE-2023-341xx/CVE-2023-34141.json @@ -2,8 +2,8 @@ "id": "CVE-2023-34141", "sourceIdentifier": "security@zyxel.com.tw", "published": "2023-07-17T18:15:09.770", - "lastModified": "2023-07-17T18:58:33.633", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-26T21:29:39.207", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -35,6 +35,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-78" + } + ] + }, { "source": "security@zyxel.com.tw", "type": "Secondary", @@ -46,10 +56,711 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:usg_20w-vpn_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.00", + "versionEndExcluding": "5.37", + "matchCriteriaId": "72763DA5-0150-49FB-A91C-688141B40510" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_20w-vpn:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6BEA412F-3DA1-4E91-9C74-0666147DABCE" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:usg_2200-vpn_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.00", + "versionEndExcluding": "5.37", + "matchCriteriaId": "369543A8-1D92-42AF-896D-30A38E02D8E5" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_2200-vpn:-:*:*:*:*:*:*:*", + "matchCriteriaId": "32F7F370-C585-45FE-A7F7-40BFF13928CF" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:usg_flex_100_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.00", + "versionEndExcluding": "5.37", + "matchCriteriaId": "3844EDBE-1FDA-48E0-9535-D81657E1820A" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2B30A4C0-9928-46AD-9210-C25656FB43FB" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:usg_flex_100w_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.00", + "versionEndExcluding": "5.37", + "matchCriteriaId": "61B89E2F-9A44-4A02-9279-158CDAA787D5" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D74ABA7E-AA78-4A13-A64E-C44021591B42" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:usg_flex_200_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.00", + "versionEndExcluding": "5.37", + "matchCriteriaId": "6081F154-4A1E-4630-99BB-846B68F5B818" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F93B6A06-2951-46D2-A7E1-103D7318D612" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:usg_flex_50_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.00", + "versionEndExcluding": "5.37", + "matchCriteriaId": "428D392F-2427-4510-9185-AD9C1FC839A1" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_50:-:*:*:*:*:*:*:*", + "matchCriteriaId": "646C1F07-B553-47B0-953B-DC7DE7FD0F8B" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:usg_flex_500_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.00", + "versionEndExcluding": "5.37", + "matchCriteriaId": "614F4C95-8835-4A0A-B965-51FBD0289DE5" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*", + "matchCriteriaId": "92C697A5-D1D3-4FF0-9C43-D27B18181958" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:usg_flex_50w_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.00", + "versionEndExcluding": "5.37", + "matchCriteriaId": "DD16BDCE-428C-40B2-BE9E-593ED4C59819" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_50w:-:*:*:*:*:*:*:*", + "matchCriteriaId": "110A1CA4-0170-4834-8281-0A3E14FC5584" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:usg_flex_700_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.00", + "versionEndExcluding": "5.37", + "matchCriteriaId": "F253FB99-B7E9-4809-9E3A-F9964B6B3BD8" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9D1396E3-731B-4D05-A3F8-F3ABB80D5C29" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zywall_atp100_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.00", + "versionEndExcluding": "5.37", + "matchCriteriaId": "7934D2B0-6F47-4621-B837-93F103C09BEF" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:zywall_atp100:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A899D2DE-8C74-4EA1-BD87-B8BF37CBFB6D" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zywall_atp100w_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.00", + "versionEndExcluding": "5.37", + "matchCriteriaId": "6A6F6563-A53C-4910-AE9C-281C711264C8" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:zywall_atp100w:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F7F65954-FF1A-46A4-A003-FF8B9666880A" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zywall_atp200_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.00", + "versionEndExcluding": "5.37", + "matchCriteriaId": "73256990-7CFC-42A3-9F60-7D6696C9CF83" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:zywall_atp200:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A4F6D0AA-CDD4-4F1C-98F1-1B381023B3F4" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zywall_atp500_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.00", + "versionEndExcluding": "5.37", + "matchCriteriaId": "F3CA4209-A74D-4BEA-BDB0-759F22766466" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:zywall_atp500:-:*:*:*:*:*:*:*", + "matchCriteriaId": "AA85BCA2-CEF5-44EF-BEFB-5DA2638F5F37" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zywall_atp700_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.00", + "versionEndExcluding": "5.37", + "matchCriteriaId": "6BF969BF-9E27-476A-B9B8-6AD726F7F66B" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:zywall_atp700:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D50CC94B-4EAA-44A7-AEF1-415491572FB1" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zywall_atp800_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.00", + "versionEndExcluding": "5.37", + "matchCriteriaId": "3BE49691-6313-4A82-BA93-5C7FE49E4E6E" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:zywall_atp800:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3EC7EB91-65C4-45EA-9CB4-3B3961724DCB" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zywall_vpn100_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.00", + "versionEndExcluding": "5.37", + "matchCriteriaId": "6362D1C8-DD85-45E6-B6F0-BB9882FA0F19" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:zywall_vpn100:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6762B13C-6FD5-49D7-B2D6-4986BAC3D425" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zywall_vpn2s_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.00", + "versionEndExcluding": "5.37", + "matchCriteriaId": "DCC7F9D7-2688-4848-9B3F-60C35E66423E" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:zywall_vpn2s:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3D3F001A-8790-463F-804B-CA5CAC610867" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zywall_vpn300_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.00", + "versionEndExcluding": "5.37", + "matchCriteriaId": "E19C1F04-1F67-4502-B6E2-B7DA771E1ACA" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:zywall_vpn300:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E7C35A94-304B-46FB-BAA0-4E0C4F34BEDD" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zywall_vpn50_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.00", + "versionEndExcluding": "5.37", + "matchCriteriaId": "54D49F68-BCE2-432F-AC2B-1975F7BDBCE7" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:zywall_vpn50:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D902D9D2-5215-4A70-9D16-F1C3BA10EE18" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zywall_vpn_100_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.00", + "versionEndExcluding": "5.37", + "matchCriteriaId": "C380259A-B524-41EC-A733-805F617BA3E1" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:zywall_vpn_100:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B1B81DDA-DDD5-4D9B-B631-815186E3839F" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zywall_vpn_300_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.00", + "versionEndExcluding": "5.37", + "matchCriteriaId": "DF3F62F3-0681-4150-8F89-B44708DE75ED" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:zywall_vpn_300:-:*:*:*:*:*:*:*", + "matchCriteriaId": "212C5E8E-774A-446E-B7C7-80C349160BC2" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:zywall_vpn_50_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.00", + "versionEndExcluding": "5.37", + "matchCriteriaId": "11E3C89D-EEEC-449F-9783-91E0AE286223" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:zywall_vpn_50:-:*:*:*:*:*:*:*", + "matchCriteriaId": "FD872CA4-385D-49A9-B1DF-7C4467BD49AA" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:nxc2500_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.10\\(aaig.0\\)", + "versionEndIncluding": "6.10\\(aaig.3\\)", + "matchCriteriaId": "075CD289-4377-4E6F-AE41-671DFBB2DEB4" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:nxc2500:-:*:*:*:*:*:*:*", + "matchCriteriaId": "BADED427-DEFF-4213-836B-C8EF0531C39A" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:zyxel:nxc5500_firmware:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.10\\(aaos.0\\)", + "versionEndIncluding": "6.10\\(aaos.4\\)", + "matchCriteriaId": "5296D40F-B269-43D6-9D3B-D9FC18921FBA" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:zyxel:nxc5500:-:*:*:*:*:*:*:*", + "matchCriteriaId": "5A334B8B-8750-4519-B485-0AB0CECD212B" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-firewalls-and-wlan-controllers", - "source": "security@zyxel.com.tw" + "source": "security@zyxel.com.tw", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-358xx/CVE-2023-35802.json b/CVE-2023/CVE-2023-358xx/CVE-2023-35802.json index 0da3b9f3625..802f3e33070 100644 --- a/CVE-2023/CVE-2023-358xx/CVE-2023-35802.json +++ b/CVE-2023/CVE-2023-358xx/CVE-2023-35802.json @@ -2,19 +2,245 @@ "id": "CVE-2023-35802", "sourceIdentifier": "cve@mitre.org", "published": "2023-07-15T02:15:08.803", - "lastModified": "2023-07-17T13:02:46.340", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-26T21:39:28.837", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "IQ Engine before 10.6r1 on Extreme Network AP devices has a Buffer Overflow in the implementation of the CAPWAP protocol that may be exploited to obtain elevated privileges to conduct remote code execution. Access to the internal management interface/subnet is required to conduct the exploit." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-120" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:extremenetworks:iq_engine:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.6r1", + "matchCriteriaId": "0492F4F6-AF0B-478C-8D7C-68DCE2AB1989" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:extremenetworks:ap122:-:*:*:*:*:*:*:*", + "matchCriteriaId": "60779E2E-9C16-430C-AAD5-51410B5894E5" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:extremenetworks:ap130:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A0BA56D5-E3C8-402F-8852-F7F9864C3A7F" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:extremenetworks:ap150w:-:*:*:*:*:*:*:*", + "matchCriteriaId": "95B91235-8FB7-4BB2-99BC-D53074ECEEE3" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:extremenetworks:ap250:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2831D50B-3BCE-4166-BDD6-E38317B92E2C" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:extremenetworks:ap30:-:*:*:*:*:*:*:*", + "matchCriteriaId": "27CCA45A-C187-46AE-825C-0DF85824CD3E" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:extremenetworks:ap3000:-:*:*:*:*:*:*:*", + "matchCriteriaId": "96D3DFF3-8C35-4860-B904-DDEEA6C68827" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:extremenetworks:ap3000x:-:*:*:*:*:*:*:*", + "matchCriteriaId": "4303FD05-94B4-4D42-BBB9-1E5725DC89C6" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:extremenetworks:ap302w:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3B393FA2-8528-4977-B2F3-D42FF4A78E5B" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:extremenetworks:ap305c:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F9384ECB-2EAF-4049-A644-481E9BE00FA9" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:extremenetworks:ap305c-1:-:*:*:*:*:*:*:*", + "matchCriteriaId": "BE2C4A69-7A54-45E9-9940-99272E41FC21" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:extremenetworks:ap305cx:-:*:*:*:*:*:*:*", + "matchCriteriaId": "001C25E7-F884-4AFD-80DB-40FB6742292B" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:extremenetworks:ap4000:-:*:*:*:*:*:*:*", + "matchCriteriaId": "CCDCBF18-E614-4F63-8C0A-BF28E47B4D6C" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:extremenetworks:ap4000-1:-:*:*:*:*:*:*:*", + "matchCriteriaId": "CBA85B9D-5D40-44CA-B345-A9B33E2854D6" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:extremenetworks:ap410c:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E5F69587-452F-474A-9389-F9AFE439285C" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:extremenetworks:ap410c-1:-:*:*:*:*:*:*:*", + "matchCriteriaId": "56CA142E-9947-4854-9F56-1D24F45F7A2D" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:extremenetworks:ap460c:-:*:*:*:*:*:*:*", + "matchCriteriaId": "0E0E816A-C583-4985-94D2-E97B8B87A818" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:extremenetworks:ap460s12c:-:*:*:*:*:*:*:*", + "matchCriteriaId": "36189326-1798-4312-B61B-BB9DEFB94028" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:extremenetworks:ap460s6c:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F4207CD0-E7DF-4DAB-BEE6-93387D5C29BB" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:extremenetworks:ap5010:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9E2A0429-3DCB-4E33-9145-D80005B85150" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:extremenetworks:ap5050d:-:*:*:*:*:*:*:*", + "matchCriteriaId": "EF2B1AB3-EB5D-46B3-B5E0-6A7A8151403E" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:extremenetworks:ap5050u:-:*:*:*:*:*:*:*", + "matchCriteriaId": "5E8E2F84-964A-49CB-B00C-080669298FB6" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:extremenetworks:ap510c:-:*:*:*:*:*:*:*", + "matchCriteriaId": "8123B7E3-28A2-4786-95B5-804B8FBF0E53" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:extremenetworks:ap510cx:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9D76938F-9812-4E8D-9C37-1A05FAE27CD7" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:extremenetworks:ap630:-:*:*:*:*:*:*:*", + "matchCriteriaId": "98AFB5E8-BBBB-401C-AEEC-CF36DBB1D07E" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:extremenetworks:ap650:-:*:*:*:*:*:*:*", + "matchCriteriaId": "1053DDC0-0385-4A86-80E1-D4424274F550" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:extremenetworks:ap650x:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E838B1A4-542F-421E-967C-7437C449E465" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:extremenetworks:iq_engine:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.6r5", + "matchCriteriaId": "B79A1496-89B4-4871-90B1-D8CB936EFB7C" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:extremenetworks:ap1130:-:*:*:*:*:*:*:*", + "matchCriteriaId": "06EE00F8-1B3C-4686-BC66-1015E4C62CAD" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:extremenetworks:ap550:-:*:*:*:*:*:*:*", + "matchCriteriaId": "4BF23B23-0DC0-4C65-BFB1-B09F03902369" + } + ] + } + ] + } + ], "references": [ { "url": "https://extremeportal.force.com/ExtrArticleDetail?an=000112741", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-359xx/CVE-2023-35901.json b/CVE-2023/CVE-2023-359xx/CVE-2023-35901.json index ad3f2dd6df0..aa08590650c 100644 --- a/CVE-2023/CVE-2023-359xx/CVE-2023-35901.json +++ b/CVE-2023/CVE-2023-359xx/CVE-2023-35901.json @@ -2,8 +2,8 @@ "id": "CVE-2023-35901", "sourceIdentifier": "psirt@us.ibm.com", "published": "2023-07-17T00:15:09.547", - "lastModified": "2023-07-17T13:02:37.237", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-26T20:03:16.797", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + }, { "source": "psirt@us.ibm.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-287" + } + ] + }, { "source": "psirt@us.ibm.com", "type": "Secondary", @@ -46,14 +76,86 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:robotic_process_automation:*:*:*:*:*:*:*:*", + "versionStartIncluding": "21.0.0", + "versionEndIncluding": "21.0.7.6", + "matchCriteriaId": "C57E2C04-308A-42DE-B945-9CAD07C04128" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:robotic_process_automation:*:*:*:*:*:*:*:*", + "versionStartIncluding": "23.0.0", + "versionEndIncluding": "23.0.6", + "matchCriteriaId": "BF74B5C0-FD77-43F9-8476-ABC00BEB21D0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:robotic_process_automation_as_a_service:*:*:*:*:*:*:*:*", + "versionStartIncluding": "21.0.0", + "versionEndIncluding": "21.0.7.6", + "matchCriteriaId": "6288FF16-4A1E-4CB5-9774-43B11A9B4628" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:robotic_process_automation_for_cloud_pak:*:*:*:*:*:*:*:*", + "versionStartIncluding": "21.0.0", + "versionEndIncluding": "21.0.7.6", + "matchCriteriaId": "477F2A15-C146-464B-8E41-B7BAEEE54604" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:robotic_process_automation_for_cloud_pak:*:*:*:*:*:*:*:*", + "versionStartIncluding": "23.0.0", + "versionEndIncluding": "23.0.6", + "matchCriteriaId": "8F1B94FF-5A9A-46A0-B504-B22ABA675D22" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:a:redhat:openshift:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F08E234C-BDCF-4B41-87B9-96BD5578CBBF" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" + } + ] + } + ] + } + ], "references": [ { "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/259380", - "source": "psirt@us.ibm.com" + "source": "psirt@us.ibm.com", + "tags": [ + "VDB Entry", + "Vendor Advisory" + ] }, { "url": "https://www.ibm.com/support/pages/node/7012317", - "source": "psirt@us.ibm.com" + "source": "psirt@us.ibm.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-36xx/CVE-2023-3613.json b/CVE-2023/CVE-2023-36xx/CVE-2023-3613.json index e247d124257..b066cd279d5 100644 --- a/CVE-2023/CVE-2023-36xx/CVE-2023-3613.json +++ b/CVE-2023/CVE-2023-36xx/CVE-2023-3613.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3613", "sourceIdentifier": "responsibledisclosure@mattermost.com", "published": "2023-07-17T16:15:11.107", - "lastModified": "2023-07-17T17:31:42.010", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-26T21:38:28.147", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 3.5, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 2.1, + "impactScore": 1.4 + }, { "source": "responsibledisclosure@mattermost.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-863" + } + ] + }, { "source": "responsibledisclosure@mattermost.com", "type": "Secondary", @@ -46,10 +76,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*", + "versionEndExcluding": "7.8.6", + "matchCriteriaId": "5EF06AD9-9108-4E29-9341-A0ABE8504ECA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.9.0", + "versionEndExcluding": "7.10.3", + "matchCriteriaId": "FF521020-FD9F-43BB-8EF7-F676DFA893C5" + } + ] + } + ] + } + ], "references": [ { "url": "https://mattermost.com/security-updates", - "source": "responsibledisclosure@mattermost.com" + "source": "responsibledisclosure@mattermost.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-36xx/CVE-2023-3614.json b/CVE-2023/CVE-2023-36xx/CVE-2023-3614.json index bb0ccb864b0..6485d7c50d9 100644 --- a/CVE-2023/CVE-2023-36xx/CVE-2023-3614.json +++ b/CVE-2023/CVE-2023-36xx/CVE-2023-3614.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3614", "sourceIdentifier": "responsibledisclosure@mattermost.com", "published": "2023-07-17T16:15:11.173", - "lastModified": "2023-07-17T17:31:42.010", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-26T21:37:38.407", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "LOW", + "baseScore": 3.3, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 1.8, + "impactScore": 1.4 + }, { "source": "responsibledisclosure@mattermost.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-400" + } + ] + }, { "source": "responsibledisclosure@mattermost.com", "type": "Secondary", @@ -46,10 +76,45 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*", + "versionEndExcluding": "7.8.7", + "matchCriteriaId": "5CE365D7-09E6-424C-A8FE-B7BDCC76B749" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.9.0", + "versionEndExcluding": "7.9.5", + "matchCriteriaId": "B0D66512-A095-4557-A9AD-B02E306FC1C9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mattermost:mattermost_server:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.10.0", + "versionEndExcluding": "7.10.3", + "matchCriteriaId": "401CC11A-1059-44A2-87BA-601024BD178E" + } + ] + } + ] + } + ], "references": [ { "url": "https://mattermost.com/security-updates", - "source": "responsibledisclosure@mattermost.com" + "source": "responsibledisclosure@mattermost.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-36xx/CVE-2023-3615.json b/CVE-2023/CVE-2023-36xx/CVE-2023-3615.json index e45f381a70b..d4626f29489 100644 --- a/CVE-2023/CVE-2023-36xx/CVE-2023-3615.json +++ b/CVE-2023/CVE-2023-36xx/CVE-2023-3615.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3615", "sourceIdentifier": "responsibledisclosure@mattermost.com", "published": "2023-07-17T16:15:11.237", - "lastModified": "2023-07-17T17:31:42.010", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-26T21:37:18.587", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.2, + "impactScore": 5.9 + }, { "source": "responsibledisclosure@mattermost.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-295" + } + ] + }, { "source": "responsibledisclosure@mattermost.com", "type": "Secondary", @@ -46,10 +76,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:iphone_os:*:*", + "versionEndExcluding": "2.5.1", + "matchCriteriaId": "70210603-287D-4662-9ABE-D1F6312B9AC8" + } + ] + } + ] + } + ], "references": [ { "url": "https://mattermost.com/security-updates", - "source": "responsibledisclosure@mattermost.com" + "source": "responsibledisclosure@mattermost.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-36xx/CVE-2023-3693.json b/CVE-2023/CVE-2023-36xx/CVE-2023-3693.json index a00c18a1b41..9ae23992d31 100644 --- a/CVE-2023/CVE-2023-36xx/CVE-2023-3693.json +++ b/CVE-2023/CVE-2023-36xx/CVE-2023-3693.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3693", "sourceIdentifier": "cna@vuldb.com", "published": "2023-07-16T22:15:09.397", - "lastModified": "2023-07-17T13:02:37.237", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-26T20:20:21.957", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -15,6 +15,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "cna@vuldb.com", @@ -75,18 +97,47 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:life_insurance_management_system_project:life_insurance_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "F62AFE90-B9EE-49C4-B46D-54A738A49E36" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/tangyi19/Life-Insurance-Management-System/blob/main/Life%20Insurance%20Management%20System%20login.php%20has%20Sqlinjection.pdf", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.234244", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?id.234244", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-36xx/CVE-2023-3694.json b/CVE-2023/CVE-2023-36xx/CVE-2023-3694.json index 61df1781d6a..4d7cd3834c7 100644 --- a/CVE-2023/CVE-2023-36xx/CVE-2023-3694.json +++ b/CVE-2023/CVE-2023-36xx/CVE-2023-3694.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3694", "sourceIdentifier": "cna@vuldb.com", "published": "2023-07-17T00:15:09.623", - "lastModified": "2023-07-17T13:02:37.237", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-26T20:20:40.987", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -15,6 +15,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "cna@vuldb.com", @@ -75,18 +97,46 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:sourcecodester_house_rental_and_property_listing_project:house_rental_and_property_listing:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "82906A7D-57F1-4BCE-AC7B-C21DC068C8CE" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/safetom6/House-Rental-and-Property-Listing-System/blob/main/House%20Rental%20and%20Property%20Listing%20System%20index.php%20has%20Sqlinjection.pdf", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.234245", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?id.234245", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-36xx/CVE-2023-3695.json b/CVE-2023/CVE-2023-36xx/CVE-2023-3695.json index cf5823b810c..28a2c77ab72 100644 --- a/CVE-2023/CVE-2023-36xx/CVE-2023-3695.json +++ b/CVE-2023/CVE-2023-36xx/CVE-2023-3695.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3695", "sourceIdentifier": "cna@vuldb.com", "published": "2023-07-17T01:15:08.780", - "lastModified": "2023-07-17T13:02:37.237", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-26T20:34:19.223", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -15,6 +15,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "cna@vuldb.com", @@ -75,18 +97,45 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:beauty_salon_management_system_project:beauty_salon_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "B1742C85-2AC1-4224-B87A-C58998D8D92E" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/E1CHO/cve_hub/blob/main/Beauty%20Salon%20Management%20System%20-%20vuln%201.pdf", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.234252", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?id.234252", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-374xx/CVE-2023-37475.json b/CVE-2023/CVE-2023-374xx/CVE-2023-37475.json index 16e1b8e792a..fe6a9711e61 100644 --- a/CVE-2023/CVE-2023-374xx/CVE-2023-37475.json +++ b/CVE-2023/CVE-2023-374xx/CVE-2023-37475.json @@ -2,8 +2,8 @@ "id": "CVE-2023-37475", "sourceIdentifier": "security-advisories@github.com", "published": "2023-07-17T17:15:10.127", - "lastModified": "2023-07-17T17:31:42.010", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-26T21:35:57.197", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + }, { "source": "security-advisories@github.com", "type": "Secondary", @@ -46,14 +66,39 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:avro_project:avro:*:*:*:*:*:go:*:*", + "versionEndExcluding": "2.13.0", + "matchCriteriaId": "5AC3910F-0EB5-45EE-B590-FE81DEE4ED39" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/hamba/avro/commit/b4a402f41cf44b6094b5131286830ba9bb1eb290", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/hamba/avro/security/advisories/GHSA-9x44-9pgq-cf45", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Exploit", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-376xx/CVE-2023-37623.json b/CVE-2023/CVE-2023-376xx/CVE-2023-37623.json new file mode 100644 index 00000000000..8cd08412adf --- /dev/null +++ b/CVE-2023/CVE-2023-376xx/CVE-2023-37623.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2023-37623", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-07-26T20:15:12.670", + "lastModified": "2023-07-26T21:40:11.047", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Netdisco before v2.063000 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /Web/TypeAhead.pm." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/benjaminpsinclair/Netdisco-2023-Advisory", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/benjaminpsinclair/Netdisco-CVE", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/netdisco/netdisco/commit/39562e0633a2472d50f7f33e69c36da4ad1fbfa3", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/netdisco/netdisco/commit/9f4401f2fb00c84210cd551b97c8ad60e78c71e0", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-376xx/CVE-2023-37624.json b/CVE-2023/CVE-2023-376xx/CVE-2023-37624.json new file mode 100644 index 00000000000..3499b39ecfa --- /dev/null +++ b/CVE-2023/CVE-2023-376xx/CVE-2023-37624.json @@ -0,0 +1,28 @@ +{ + "id": "CVE-2023-37624", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-07-26T20:15:12.727", + "lastModified": "2023-07-26T21:40:11.047", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Netdisco before v2.063000 was discovered to contain an open redirect vulnerability. An attacker may exploit this vulnerability to redirect users to arbitrary web URLs by tricking the victim users to click on crafted links." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/benjaminpsinclair/Netdisco-2023-Advisory", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/benjaminpsinclair/Netdisco-CVE", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/netdisco/netdisco/commit/a2da6a7a046c1c0fd41072dd6991eec7614293f8", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-376xx/CVE-2023-37692.json b/CVE-2023/CVE-2023-376xx/CVE-2023-37692.json new file mode 100644 index 00000000000..854fb84349c --- /dev/null +++ b/CVE-2023/CVE-2023-376xx/CVE-2023-37692.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-37692", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-07-26T21:15:10.097", + "lastModified": "2023-07-26T21:40:11.047", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "An arbitrary file upload vulnerability in October CMS v3.4.4 allows attackers to execute arbitrary code via a crafted file." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://okankurtulus.com.tr/2023/07/24/october-cms-v3-4-4-stored-cross-site-scripting-xss-authenticated/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-377xx/CVE-2023-37732.json b/CVE-2023/CVE-2023-377xx/CVE-2023-37732.json new file mode 100644 index 00000000000..b6b0ee2c39a --- /dev/null +++ b/CVE-2023/CVE-2023-377xx/CVE-2023-37732.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-37732", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-07-26T21:15:10.153", + "lastModified": "2023-07-26T21:40:11.047", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Yasm v1.3.0.78 was found prone to NULL Pointer Dereference in /libyasm/intnum.c and /elf/elf.c, which allows the attacker to cause a denial of service via a crafted file." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://gist.github.com/ChanStormstout/02eea9cf5c002b42b2ff3de5ca939520", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/yasm/yasm/issues/233", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-377xx/CVE-2023-37733.json b/CVE-2023/CVE-2023-377xx/CVE-2023-37733.json index 6d9ef087693..fe254607776 100644 --- a/CVE-2023/CVE-2023-377xx/CVE-2023-37733.json +++ b/CVE-2023/CVE-2023-377xx/CVE-2023-37733.json @@ -2,27 +2,90 @@ "id": "CVE-2023-37733", "sourceIdentifier": "cve@mitre.org", "published": "2023-07-19T19:15:11.947", - "lastModified": "2023-07-20T11:19:25.143", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-26T21:05:38.297", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An arbitrary file upload vulnerability in tduck-platform v4.0 allows attackers to execute arbitrary code via a crafted HTML file." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tduckcloud:tduck-platform:4.0:*:*:*:*:*:*:*", + "matchCriteriaId": "BB4EF1A5-DC74-4333-B8F8-92B85275839C" + } + ] + } + ] + } + ], "references": [ { "url": "http://v40.com", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link", + "Not Applicable" + ] }, { "url": "https://github.com/TDuckCloud/tduck-platform", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Product" + ] }, { "url": "https://github.com/TDuckCloud/tduck-platform/issues/17", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-377xx/CVE-2023-37793.json b/CVE-2023/CVE-2023-377xx/CVE-2023-37793.json index 1af829d78dc..4803c581f24 100644 --- a/CVE-2023/CVE-2023-377xx/CVE-2023-37793.json +++ b/CVE-2023/CVE-2023-377xx/CVE-2023-37793.json @@ -2,19 +2,86 @@ "id": "CVE-2023-37793", "sourceIdentifier": "cve@mitre.org", "published": "2023-07-14T23:15:08.970", - "lastModified": "2023-07-17T13:02:46.340", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-26T21:39:06.437", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "WAYOS FBM-291W 19.09.11V was discovered to contain a buffer overflow via the component /upgrade_filter.asp." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-120" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:wayos:fbm-291w_firmware:19.09.11v:*:*:*:*:*:*:*", + "matchCriteriaId": "4447BFAF-E61E-4B71-80BA-2F6EBDAE63DC" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:wayos:fbm-291w:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F9373FFB-B5E8-4761-8946-9E8FC27FC38A" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/PwnYouLin/IOT_vul/blob/main/wayos/2/readme.md", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-377xx/CVE-2023-37794.json b/CVE-2023/CVE-2023-377xx/CVE-2023-37794.json index b8f36c540b1..72cc0abc706 100644 --- a/CVE-2023/CVE-2023-377xx/CVE-2023-37794.json +++ b/CVE-2023/CVE-2023-377xx/CVE-2023-37794.json @@ -2,19 +2,86 @@ "id": "CVE-2023-37794", "sourceIdentifier": "cve@mitre.org", "published": "2023-07-14T23:15:09.020", - "lastModified": "2023-07-17T13:02:46.340", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-26T21:39:14.513", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "WAYOS FBM-291W 19.09.11V was discovered to contain a command injection vulnerability via the component /upgrade_filter.asp." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-77" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:wayos:fbm-291w_firmware:19.09.11v:*:*:*:*:*:*:*", + "matchCriteriaId": "4447BFAF-E61E-4B71-80BA-2F6EBDAE63DC" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:wayos:fbm-291w:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F9373FFB-B5E8-4761-8946-9E8FC27FC38A" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/PwnYouLin/IOT_vul/tree/main/wayos/1", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-382xx/CVE-2023-38285.json b/CVE-2023/CVE-2023-382xx/CVE-2023-38285.json new file mode 100644 index 00000000000..0eebdd7e1d5 --- /dev/null +++ b/CVE-2023/CVE-2023-382xx/CVE-2023-38285.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-38285", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-07-26T21:15:10.207", + "lastModified": "2023-07-26T21:40:11.047", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Trustwave ModSecurity 3.x before 3.0.10 has Inefficient Algorithmic Complexity." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/modsecurity-v3-dos-vulnerability-in-four-transformations-cve-2023-38285/", + "source": "cve@mitre.org" + }, + { + "url": "https://www.trustwave.com/en-us/resources/security-resources/software-updates/end-of-sale-and-trustwave-support-for-modsecurity-web-application-firewall/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-383xx/CVE-2023-38349.json b/CVE-2023/CVE-2023-383xx/CVE-2023-38349.json index 56f8fdb430c..b472b7a736e 100644 --- a/CVE-2023/CVE-2023-383xx/CVE-2023-38349.json +++ b/CVE-2023/CVE-2023-383xx/CVE-2023-38349.json @@ -2,19 +2,74 @@ "id": "CVE-2023-38349", "sourceIdentifier": "cve@mitre.org", "published": "2023-07-15T02:15:08.857", - "lastModified": "2023-07-17T13:02:46.340", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-26T21:39:44.207", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "PNP4Nagios through 81ebfc5 lacks CSRF protection in the AJAX controller. This affects 0.6.26." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:pnp4nagios:pnp4nagios:0.6.26:*:*:*:*:*:*:*", + "matchCriteriaId": "FDE5ACEE-3F74-4CCF-AA4A-A72D19E7B5E3" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/pnp4nagios/pnp4nagios/pull/17", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Issue Tracking" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-383xx/CVE-2023-38350.json b/CVE-2023/CVE-2023-383xx/CVE-2023-38350.json index 65f4776a9d7..07370a37d36 100644 --- a/CVE-2023/CVE-2023-383xx/CVE-2023-38350.json +++ b/CVE-2023/CVE-2023-383xx/CVE-2023-38350.json @@ -2,19 +2,74 @@ "id": "CVE-2023-38350", "sourceIdentifier": "cve@mitre.org", "published": "2023-07-15T02:15:08.900", - "lastModified": "2023-07-17T13:02:46.340", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-26T21:39:52.863", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "PNP4Nagios through 81ebfc5 has stored XSS in the AJAX controller via the basket API and filters. This affects 0.6.26." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:pnp4nagios:pnp4nagios:0.6.26:*:*:*:*:*:*:*", + "matchCriteriaId": "FDE5ACEE-3F74-4CCF-AA4A-A72D19E7B5E3" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/pnp4nagios/pnp4nagios/pull/16", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-38xx/CVE-2023-3807.json b/CVE-2023/CVE-2023-38xx/CVE-2023-3807.json index 9289cadf2ca..e6fa79f45a2 100644 --- a/CVE-2023/CVE-2023-38xx/CVE-2023-3807.json +++ b/CVE-2023/CVE-2023-38xx/CVE-2023-3807.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3807", "sourceIdentifier": "cna@vuldb.com", "published": "2023-07-21T03:15:10.230", - "lastModified": "2023-07-21T12:52:26.790", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-26T21:18:43.007", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -15,6 +15,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "cna@vuldb.com", @@ -75,18 +97,47 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:beauty_salon_management_system_project:beauty_salon_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "B1742C85-2AC1-4224-B87A-C58998D8D92E" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/E1CHO/cve_hub/blob/main/Beauty%20Salon%20Management%20System%20-%20vuln%202.pdf", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.235075", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?id.235075", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-38xx/CVE-2023-3808.json b/CVE-2023/CVE-2023-38xx/CVE-2023-3808.json index 8bba768f7f3..68964f10980 100644 --- a/CVE-2023/CVE-2023-38xx/CVE-2023-3808.json +++ b/CVE-2023/CVE-2023-38xx/CVE-2023-3808.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3808", "sourceIdentifier": "cna@vuldb.com", "published": "2023-07-21T03:15:10.317", - "lastModified": "2023-07-21T12:52:26.790", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-26T21:18:50.153", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "cna@vuldb.com", @@ -71,18 +93,47 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:hospital_management_system_project:hospital_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "36653204-5E38-44E3-B8FD-580F2D27E958" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/GZRsecurity/Cve-System/blob/main/Hospital%20Management%20System%20patientforgotpassword.php%20has%20Sqlinjection.pdf", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.235076", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?id.235076", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-38xx/CVE-2023-3809.json b/CVE-2023/CVE-2023-38xx/CVE-2023-3809.json index fc164ba97c7..3c8465a184d 100644 --- a/CVE-2023/CVE-2023-38xx/CVE-2023-3809.json +++ b/CVE-2023/CVE-2023-38xx/CVE-2023-3809.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3809", "sourceIdentifier": "cna@vuldb.com", "published": "2023-07-21T04:15:15.560", - "lastModified": "2023-07-21T12:52:26.787", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-26T21:19:07.793", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -15,6 +15,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "cna@vuldb.com", @@ -75,18 +97,47 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:hospital_management_system_project:hospital_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "36653204-5E38-44E3-B8FD-580F2D27E958" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/GZRsecurity/Cve-System/blob/main/Hospital%20Management%20System%20patient.php%20has%20Sqlinjection.pdf", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.235077", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?id.235077", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-38xx/CVE-2023-3810.json b/CVE-2023/CVE-2023-38xx/CVE-2023-3810.json index 2cd189da8ed..df13f3eab90 100644 --- a/CVE-2023/CVE-2023-38xx/CVE-2023-3810.json +++ b/CVE-2023/CVE-2023-38xx/CVE-2023-3810.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3810", "sourceIdentifier": "cna@vuldb.com", "published": "2023-07-21T04:15:16.070", - "lastModified": "2023-07-21T12:52:26.787", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-26T21:19:18.027", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -15,6 +15,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "cna@vuldb.com", @@ -75,18 +97,47 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:hospital_management_system_project:hospital_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "36653204-5E38-44E3-B8FD-580F2D27E958" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/GZRsecurity/Cve-System/blob/main/Hospital%20Management%20System%20patientappointment.php%20has%20Sqlinjection.pdf", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.235078", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?id.235078", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-38xx/CVE-2023-3811.json b/CVE-2023/CVE-2023-38xx/CVE-2023-3811.json index d510e8799b4..5be48cbfde2 100644 --- a/CVE-2023/CVE-2023-38xx/CVE-2023-3811.json +++ b/CVE-2023/CVE-2023-38xx/CVE-2023-3811.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3811", "sourceIdentifier": "cna@vuldb.com", "published": "2023-07-21T05:15:15.507", - "lastModified": "2023-07-21T12:52:26.787", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-26T21:26:18.003", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "cna@vuldb.com", @@ -71,18 +93,47 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:hospital_management_system_project:hospital_management_system:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "36653204-5E38-44E3-B8FD-580F2D27E958" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/GZRsecurity/Cve-System/blob/main/Hospital%20Management%20System%20patientprofile.php%20has%20Sqlinjection.pdf", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.235079", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?id.235079", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-38xx/CVE-2023-3813.json b/CVE-2023/CVE-2023-38xx/CVE-2023-3813.json index 14be915b462..01eb335189a 100644 --- a/CVE-2023/CVE-2023-38xx/CVE-2023-3813.json +++ b/CVE-2023/CVE-2023-38xx/CVE-2023-3813.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3813", "sourceIdentifier": "security@wordfence.com", "published": "2023-07-21T03:15:10.397", - "lastModified": "2023-07-21T12:52:26.790", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-26T21:19:00.340", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -40,7 +40,7 @@ }, "weaknesses": [ { - "source": "security@wordfence.com", + "source": "nvd@nist.gov", "type": "Primary", "description": [ { @@ -48,16 +48,50 @@ "value": "CWE-22" } ] + }, + { + "source": "security@wordfence.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:artbees:jupiter_x_core:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "2.5.0", + "matchCriteriaId": "80AC2A99-9EE2-456B-B2DD-7B56BF4D5888" + } + ] + } + ] } ], "references": [ { "url": "https://plugins.trac.wordpress.org/browser/jupiterx-core/trunk/includes/extensions/raven/includes/utils.php?rev=2777235#L425", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Exploit" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f767d94b-fe92-4b69-9d81-96de51e12983?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-38xx/CVE-2023-3819.json b/CVE-2023/CVE-2023-38xx/CVE-2023-3819.json index 6ed2fded8ed..99f6056867f 100644 --- a/CVE-2023/CVE-2023-38xx/CVE-2023-3819.json +++ b/CVE-2023/CVE-2023-38xx/CVE-2023-3819.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3819", "sourceIdentifier": "security@huntr.dev", "published": "2023-07-21T15:15:10.070", - "lastModified": "2023-07-24T13:09:06.887", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-26T21:27:06.947", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ], "cvssMetricV30": [ { "source": "security@huntr.dev", @@ -46,14 +68,40 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:pimcore:pimcore:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.6.4", + "matchCriteriaId": "E3D96DF5-A6F7-47ED-965B-AA5D6600071F" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/pimcore/pimcore/commit/0237527b3244d251fa5ecd4912dfe4f8b2125c54", - "source": "security@huntr.dev" + "source": "security@huntr.dev", + "tags": [ + "Patch" + ] }, { "url": "https://huntr.dev/bounties/be5e4d4c-1b0b-4c01-a1fc-00533135817c", - "source": "security@huntr.dev" + "source": "security@huntr.dev", + "tags": [ + "Exploit", + "Patch", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-38xx/CVE-2023-3820.json b/CVE-2023/CVE-2023-38xx/CVE-2023-3820.json index 8597a94654f..8526474c941 100644 --- a/CVE-2023/CVE-2023-38xx/CVE-2023-3820.json +++ b/CVE-2023/CVE-2023-38xx/CVE-2023-3820.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3820", "sourceIdentifier": "security@huntr.dev", "published": "2023-07-21T15:15:10.160", - "lastModified": "2023-07-24T13:09:06.887", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-26T21:27:15.650", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "security@huntr.dev", @@ -46,14 +68,40 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:pimcore:pimcore:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.6.4", + "matchCriteriaId": "E3D96DF5-A6F7-47ED-965B-AA5D6600071F" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/pimcore/pimcore/commit/e641968979d4a2377bbea5e2a76bdede040d0b97", - "source": "security@huntr.dev" + "source": "security@huntr.dev", + "tags": [ + "Patch" + ] }, { "url": "https://huntr.dev/bounties/b00a38b6-d040-494d-bf46-38f46ac1a1db", - "source": "security@huntr.dev" + "source": "security@huntr.dev", + "tags": [ + "Exploit", + "Patch", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-38xx/CVE-2023-3821.json b/CVE-2023/CVE-2023-38xx/CVE-2023-3821.json index e2e503370da..8fa46f95b72 100644 --- a/CVE-2023/CVE-2023-38xx/CVE-2023-3821.json +++ b/CVE-2023/CVE-2023-38xx/CVE-2023-3821.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3821", "sourceIdentifier": "security@huntr.dev", "published": "2023-07-21T15:15:10.243", - "lastModified": "2023-07-24T13:09:06.887", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-26T21:27:23.860", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ], "cvssMetricV30": [ { "source": "security@huntr.dev", @@ -46,14 +68,40 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:pimcore:pimcore:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.6.4", + "matchCriteriaId": "E3D96DF5-A6F7-47ED-965B-AA5D6600071F" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/pimcore/pimcore/commit/92811f07d39e4ad95c92003868f5f7309489d79c", - "source": "security@huntr.dev" + "source": "security@huntr.dev", + "tags": [ + "Patch" + ] }, { "url": "https://huntr.dev/bounties/599ba4f6-c900-4161-9127-f1e6a6e29aaa", - "source": "security@huntr.dev" + "source": "security@huntr.dev", + "tags": [ + "Exploit", + "Patch", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-38xx/CVE-2023-3822.json b/CVE-2023/CVE-2023-38xx/CVE-2023-3822.json index 268b2ac238b..01e09aae540 100644 --- a/CVE-2023/CVE-2023-38xx/CVE-2023-3822.json +++ b/CVE-2023/CVE-2023-38xx/CVE-2023-3822.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3822", "sourceIdentifier": "security@huntr.dev", "published": "2023-07-21T15:15:10.327", - "lastModified": "2023-07-24T13:09:06.887", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-26T21:27:32.790", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ], "cvssMetricV30": [ { "source": "security@huntr.dev", @@ -46,14 +68,40 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:pimcore:pimcore:*:*:*:*:*:*:*:*", + "versionEndExcluding": "10.6.4", + "matchCriteriaId": "E3D96DF5-A6F7-47ED-965B-AA5D6600071F" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/pimcore/pimcore/commit/d75888a9b14baaad591548463cca09dfd1395236", - "source": "security@huntr.dev" + "source": "security@huntr.dev", + "tags": [ + "Patch" + ] }, { "url": "https://huntr.dev/bounties/2a3a13fe-2a9a-4d1a-8814-fd8ed1e3b1d5", - "source": "security@huntr.dev" + "source": "security@huntr.dev", + "tags": [ + "Exploit", + "Patch", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/README.md b/README.md index 1a87f68a0db..536e9d3c3b5 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-07-26T20:00:28.200853+00:00 +2023-07-26T22:00:27.133648+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-07-26T19:29:30.563000+00:00 +2023-07-26T21:40:11.047000+00:00 ``` ### Last Data Feed Release @@ -29,48 +29,56 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -221079 +221091 ``` ### CVEs added in the last Commit -Recently added CVEs: `4` +Recently added CVEs: `12` -* [CVE-2023-30949](CVE-2023/CVE-2023-309xx/CVE-2023-30949.json) (`2023-07-26T18:15:11.007`) -* [CVE-2023-3242](CVE-2023/CVE-2023-32xx/CVE-2023-3242.json) (`2023-07-26T18:15:11.147`) -* [CVE-2023-3414](CVE-2023/CVE-2023-34xx/CVE-2023-3414.json) (`2023-07-26T19:15:09.797`) -* [CVE-2023-3442](CVE-2023/CVE-2023-34xx/CVE-2023-3442.json) (`2023-07-26T19:15:09.873`) +* [CVE-2022-31456](CVE-2022/CVE-2022-314xx/CVE-2022-31456.json) (`2023-07-26T20:15:12.380`) +* [CVE-2022-31455](CVE-2022/CVE-2022-314xx/CVE-2022-31455.json) (`2023-07-26T21:15:09.813`) +* [CVE-2023-31465](CVE-2023/CVE-2023-314xx/CVE-2023-31465.json) (`2023-07-26T20:15:12.500`) +* [CVE-2023-31466](CVE-2023/CVE-2023-314xx/CVE-2023-31466.json) (`2023-07-26T20:15:12.557`) +* [CVE-2023-33802](CVE-2023/CVE-2023-338xx/CVE-2023-33802.json) (`2023-07-26T20:15:12.613`) +* [CVE-2023-37623](CVE-2023/CVE-2023-376xx/CVE-2023-37623.json) (`2023-07-26T20:15:12.670`) +* [CVE-2023-37624](CVE-2023/CVE-2023-376xx/CVE-2023-37624.json) (`2023-07-26T20:15:12.727`) +* [CVE-2023-30367](CVE-2023/CVE-2023-303xx/CVE-2023-30367.json) (`2023-07-26T21:15:09.980`) +* [CVE-2023-32001](CVE-2023/CVE-2023-320xx/CVE-2023-32001.json) (`2023-07-26T21:15:10.037`) +* [CVE-2023-37692](CVE-2023/CVE-2023-376xx/CVE-2023-37692.json) (`2023-07-26T21:15:10.097`) +* [CVE-2023-37732](CVE-2023/CVE-2023-377xx/CVE-2023-37732.json) (`2023-07-26T21:15:10.153`) +* [CVE-2023-38285](CVE-2023/CVE-2023-382xx/CVE-2023-38285.json) (`2023-07-26T21:15:10.207`) ### CVEs modified in the last Commit -Recently modified CVEs: `39` +Recently modified CVEs: `47` -* [CVE-2023-2329](CVE-2023/CVE-2023-23xx/CVE-2023-2329.json) (`2023-07-26T19:22:20.497`) -* [CVE-2023-2143](CVE-2023/CVE-2023-21xx/CVE-2023-2143.json) (`2023-07-26T19:23:23.973`) -* [CVE-2023-1893](CVE-2023/CVE-2023-18xx/CVE-2023-1893.json) (`2023-07-26T19:24:48.870`) -* [CVE-2023-2579](CVE-2023/CVE-2023-25xx/CVE-2023-2579.json) (`2023-07-26T19:27:16.713`) -* [CVE-2023-2636](CVE-2023/CVE-2023-26xx/CVE-2023-2636.json) (`2023-07-26T19:27:56.537`) -* [CVE-2023-23844](CVE-2023/CVE-2023-238xx/CVE-2023-23844.json) (`2023-07-26T19:28:23.967`) -* [CVE-2023-26859](CVE-2023/CVE-2023-268xx/CVE-2023-26859.json) (`2023-07-26T19:28:23.967`) -* [CVE-2023-26911](CVE-2023/CVE-2023-269xx/CVE-2023-26911.json) (`2023-07-26T19:28:23.967`) -* [CVE-2023-33224](CVE-2023/CVE-2023-332xx/CVE-2023-33224.json) (`2023-07-26T19:28:23.967`) -* [CVE-2023-33225](CVE-2023/CVE-2023-332xx/CVE-2023-33225.json) (`2023-07-26T19:28:23.967`) -* [CVE-2023-39151](CVE-2023/CVE-2023-391xx/CVE-2023-39151.json) (`2023-07-26T19:28:23.967`) -* [CVE-2023-39152](CVE-2023/CVE-2023-391xx/CVE-2023-39152.json) (`2023-07-26T19:28:23.967`) -* [CVE-2023-39153](CVE-2023/CVE-2023-391xx/CVE-2023-39153.json) (`2023-07-26T19:28:23.967`) -* [CVE-2023-39154](CVE-2023/CVE-2023-391xx/CVE-2023-39154.json) (`2023-07-26T19:28:23.967`) -* [CVE-2023-39155](CVE-2023/CVE-2023-391xx/CVE-2023-39155.json) (`2023-07-26T19:28:23.967`) -* [CVE-2023-39156](CVE-2023/CVE-2023-391xx/CVE-2023-39156.json) (`2023-07-26T19:28:23.967`) -* [CVE-2023-23842](CVE-2023/CVE-2023-238xx/CVE-2023-23842.json) (`2023-07-26T19:28:23.967`) -* [CVE-2023-33229](CVE-2023/CVE-2023-332xx/CVE-2023-33229.json) (`2023-07-26T19:28:23.967`) -* [CVE-2023-33308](CVE-2023/CVE-2023-333xx/CVE-2023-33308.json) (`2023-07-26T19:28:23.967`) -* [CVE-2023-3622](CVE-2023/CVE-2023-36xx/CVE-2023-3622.json) (`2023-07-26T19:28:23.967`) -* [CVE-2023-30577](CVE-2023/CVE-2023-305xx/CVE-2023-30577.json) (`2023-07-26T19:28:23.967`) -* [CVE-2023-37049](CVE-2023/CVE-2023-370xx/CVE-2023-37049.json) (`2023-07-26T19:28:30.213`) -* [CVE-2023-39261](CVE-2023/CVE-2023-392xx/CVE-2023-39261.json) (`2023-07-26T19:28:30.213`) -* [CVE-2023-23843](CVE-2023/CVE-2023-238xx/CVE-2023-23843.json) (`2023-07-26T19:28:30.213`) -* [CVE-2023-2701](CVE-2023/CVE-2023-27xx/CVE-2023-2701.json) (`2023-07-26T19:29:30.563`) +* [CVE-2023-3808](CVE-2023/CVE-2023-38xx/CVE-2023-3808.json) (`2023-07-26T21:18:50.153`) +* [CVE-2023-3813](CVE-2023/CVE-2023-38xx/CVE-2023-3813.json) (`2023-07-26T21:19:00.340`) +* [CVE-2023-3809](CVE-2023/CVE-2023-38xx/CVE-2023-3809.json) (`2023-07-26T21:19:07.793`) +* [CVE-2023-3810](CVE-2023/CVE-2023-38xx/CVE-2023-3810.json) (`2023-07-26T21:19:18.027`) +* [CVE-2023-3811](CVE-2023/CVE-2023-38xx/CVE-2023-3811.json) (`2023-07-26T21:26:18.003`) +* [CVE-2023-3819](CVE-2023/CVE-2023-38xx/CVE-2023-3819.json) (`2023-07-26T21:27:06.947`) +* [CVE-2023-3820](CVE-2023/CVE-2023-38xx/CVE-2023-3820.json) (`2023-07-26T21:27:15.650`) +* [CVE-2023-3821](CVE-2023/CVE-2023-38xx/CVE-2023-3821.json) (`2023-07-26T21:27:23.860`) +* [CVE-2023-3822](CVE-2023/CVE-2023-38xx/CVE-2023-3822.json) (`2023-07-26T21:27:32.790`) +* [CVE-2023-34141](CVE-2023/CVE-2023-341xx/CVE-2023-34141.json) (`2023-07-26T21:29:39.207`) +* [CVE-2023-34140](CVE-2023/CVE-2023-341xx/CVE-2023-34140.json) (`2023-07-26T21:29:58.263`) +* [CVE-2023-34139](CVE-2023/CVE-2023-341xx/CVE-2023-34139.json) (`2023-07-26T21:30:22.970`) +* [CVE-2023-34138](CVE-2023/CVE-2023-341xx/CVE-2023-34138.json) (`2023-07-26T21:35:02.520`) +* [CVE-2023-33012](CVE-2023/CVE-2023-330xx/CVE-2023-33012.json) (`2023-07-26T21:35:28.507`) +* [CVE-2023-33011](CVE-2023/CVE-2023-330xx/CVE-2023-33011.json) (`2023-07-26T21:35:45.000`) +* [CVE-2023-37475](CVE-2023/CVE-2023-374xx/CVE-2023-37475.json) (`2023-07-26T21:35:57.197`) +* [CVE-2023-28767](CVE-2023/CVE-2023-287xx/CVE-2023-28767.json) (`2023-07-26T21:36:06.313`) +* [CVE-2023-3615](CVE-2023/CVE-2023-36xx/CVE-2023-3615.json) (`2023-07-26T21:37:18.587`) +* [CVE-2023-3614](CVE-2023/CVE-2023-36xx/CVE-2023-3614.json) (`2023-07-26T21:37:38.407`) +* [CVE-2023-3613](CVE-2023/CVE-2023-36xx/CVE-2023-3613.json) (`2023-07-26T21:38:28.147`) +* [CVE-2023-37793](CVE-2023/CVE-2023-377xx/CVE-2023-37793.json) (`2023-07-26T21:39:06.437`) +* [CVE-2023-37794](CVE-2023/CVE-2023-377xx/CVE-2023-37794.json) (`2023-07-26T21:39:14.513`) +* [CVE-2023-35802](CVE-2023/CVE-2023-358xx/CVE-2023-35802.json) (`2023-07-26T21:39:28.837`) +* [CVE-2023-38349](CVE-2023/CVE-2023-383xx/CVE-2023-38349.json) (`2023-07-26T21:39:44.207`) +* [CVE-2023-38350](CVE-2023/CVE-2023-383xx/CVE-2023-38350.json) (`2023-07-26T21:39:52.863`) ## Download and Usage