admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-07 19:16:29 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-12-22T11:00:25.295334+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-12-22 11:00:29 +00:00
parent 6dafd1f596
commit 5816545a19
69 changed files with 2519 additions and 223 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
CVE-2020/CVE-2020-187xx/CVE-2020-18771.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2020-18771",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-08-23T22:15:26.150",
"lastModified": "2023-01-13T19:54:15.847",
"vulnStatus": "Analyzed",
"lastModified": "2023-12-22T10:15:08.057",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -132,6 +132,10 @@
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://security.gentoo.org/glsa/202312-06",
"source": "cve@mitre.org"
}
]
}

8
CVE-2020/CVE-2020-187xx/CVE-2020-18773.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2020-18773",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-08-23T22:15:27.807",
"lastModified": "2022-06-28T14:11:45.273",
"vulnStatus": "Analyzed",
"lastModified": "2023-12-22T10:15:08.190",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -100,6 +100,10 @@
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://security.gentoo.org/glsa/202312-06",
"source": "cve@mitre.org"
}
]
}

8
CVE-2020/CVE-2020-187xx/CVE-2020-18774.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2020-18774",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-08-23T22:15:27.910",
"lastModified": "2021-08-31T15:16:42.177",
"vulnStatus": "Analyzed",
"lastModified": "2023-12-22T10:15:08.273",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -100,6 +100,10 @@
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://security.gentoo.org/glsa/202312-06",
"source": "cve@mitre.org"
}
]
}

8
CVE-2020/CVE-2020-188xx/CVE-2020-18899.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2020-18899",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-08-19T22:15:07.333",
"lastModified": "2022-09-20T21:08:09.553",
"vulnStatus": "Analyzed",
"lastModified": "2023-12-22T10:15:08.330",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -108,6 +108,10 @@
"Issue Tracking",
"Third Party Advisory"
]
},
{
"url": "https://security.gentoo.org/glsa/202312-06",
"source": "cve@mitre.org"
}
]
}

8
CVE-2021/CVE-2021-294xx/CVE-2021-29457.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-29457",
"sourceIdentifier": "security-advisories@github.com",
"published": "2021-04-19T19:15:17.920",
"lastModified": "2023-11-07T03:32:36.767",
"lastModified": "2023-12-22T10:15:08.430",
"vulnStatus": "Modified",
"descriptions": [
{
@ -65,7 +65,7 @@
},
"weaknesses": [
{
"source": "a0819718-46f1-4df5-94e2-005712e83aaa",
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
@ -174,6 +174,10 @@
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P2A5GMJEXQ5Q76JK6F6VKK5JYCLVFGKN/",
"source": "security-advisories@github.com"
},
{
"url": "https://security.gentoo.org/glsa/202312-06",
"source": "security-advisories@github.com"
},
{
"url": "https://www.debian.org/security/2021/dsa-4958",
"source": "security-advisories@github.com",

8
CVE-2021/CVE-2021-294xx/CVE-2021-29458.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-29458",
"sourceIdentifier": "security-advisories@github.com",
"published": "2021-04-19T19:15:18.017",
"lastModified": "2023-11-07T03:32:36.850",
"lastModified": "2023-12-22T10:15:08.563",
"vulnStatus": "Modified",
"descriptions": [
{
@ -65,7 +65,7 @@
},
"weaknesses": [
{
"source": "a0819718-46f1-4df5-94e2-005712e83aaa",
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
@ -167,6 +167,10 @@
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P2A5GMJEXQ5Q76JK6F6VKK5JYCLVFGKN/",
"source": "security-advisories@github.com"
},
{
"url": "https://security.gentoo.org/glsa/202312-06",
"source": "security-advisories@github.com"
}
]
}

10
CVE-2021/CVE-2021-294xx/CVE-2021-29463.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-29463",
"sourceIdentifier": "security-advisories@github.com",
"published": "2021-04-30T19:15:07.143",
"lastModified": "2023-11-07T03:32:37.080",
"lastModified": "2023-12-22T10:15:08.673",
"vulnStatus": "Modified",
"descriptions": [
{
@ -37,7 +37,7 @@
"impactScore": 3.6
},
{
"source": "a0819718-46f1-4df5-94e2-005712e83aaa",
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -95,7 +95,7 @@
]
},
{
"source": "a0819718-46f1-4df5-94e2-005712e83aaa",
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
@ -166,6 +166,10 @@
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NDMZTVQAZSMLPTDVDYLBHAAF7I5QXVYQ/",
"source": "security-advisories@github.com"
},
{
"url": "https://security.gentoo.org/glsa/202312-06",
"source": "security-advisories@github.com"
}
]
}

10
CVE-2021/CVE-2021-294xx/CVE-2021-29464.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-29464",
"sourceIdentifier": "security-advisories@github.com",
"published": "2021-04-30T19:15:07.187",
"lastModified": "2023-11-07T03:32:37.197",
"lastModified": "2023-12-22T10:15:08.820",
"vulnStatus": "Modified",
"descriptions": [
{
@ -37,7 +37,7 @@
"impactScore": 5.9
},
{
"source": "a0819718-46f1-4df5-94e2-005712e83aaa",
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -95,7 +95,7 @@
]
},
{
"source": "a0819718-46f1-4df5-94e2-005712e83aaa",
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
@ -166,6 +166,10 @@
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NDMZTVQAZSMLPTDVDYLBHAAF7I5QXVYQ/",
"source": "security-advisories@github.com"
},
{
"url": "https://security.gentoo.org/glsa/202312-06",
"source": "security-advisories@github.com"
}
]
}

10
CVE-2021/CVE-2021-294xx/CVE-2021-29470.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-29470",
"sourceIdentifier": "security-advisories@github.com",
"published": "2021-04-23T19:15:11.243",
"lastModified": "2023-11-07T03:32:37.490",
"lastModified": "2023-12-22T10:15:08.927",
"vulnStatus": "Modified",
"descriptions": [
{
@ -37,7 +37,7 @@
"impactScore": 3.6
},
{
"source": "a0819718-46f1-4df5-94e2-005712e83aaa",
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -85,7 +85,7 @@
},
"weaknesses": [
{
"source": "a0819718-46f1-4df5-94e2-005712e83aaa",
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
@ -165,6 +165,10 @@
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P2A5GMJEXQ5Q76JK6F6VKK5JYCLVFGKN/",
"source": "security-advisories@github.com"
},
{
"url": "https://security.gentoo.org/glsa/202312-06",
"source": "security-advisories@github.com"
}
]
}

10
CVE-2021/CVE-2021-294xx/CVE-2021-29473.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-29473",
"sourceIdentifier": "security-advisories@github.com",
"published": "2021-04-26T19:15:08.460",
"lastModified": "2023-11-07T03:32:37.877",
"lastModified": "2023-12-22T10:15:09.050",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
@ -37,7 +37,7 @@
"impactScore": 1.4
},
{
"source": "a0819718-46f1-4df5-94e2-005712e83aaa",
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -85,7 +85,7 @@
},
"weaknesses": [
{
"source": "a0819718-46f1-4df5-94e2-005712e83aaa",
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
@ -202,6 +202,10 @@
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/P2A5GMJEXQ5Q76JK6F6VKK5JYCLVFGKN/",
"source": "security-advisories@github.com"
},
{
"url": "https://security.gentoo.org/glsa/202312-06",
"source": "security-advisories@github.com"
},
{
"url": "https://www.debian.org/security/2021/dsa-4958",
"source": "security-advisories@github.com",

10
CVE-2021/CVE-2021-296xx/CVE-2021-29623.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-29623",
"sourceIdentifier": "security-advisories@github.com",
"published": "2021-05-13T17:15:07.440",
"lastModified": "2023-11-07T03:32:41.253",
"lastModified": "2023-12-22T10:15:09.227",
"vulnStatus": "Modified",
"descriptions": [
{
@ -37,7 +37,7 @@
"impactScore": 1.4
},
{
"source": "a0819718-46f1-4df5-94e2-005712e83aaa",
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -85,7 +85,7 @@
},
"weaknesses": [
{
"source": "a0819718-46f1-4df5-94e2-005712e83aaa",
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
@ -175,6 +175,10 @@
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TZ5SGWHK64TB7ADRSVBGHEPDFN5CSOO3/",
"source": "security-advisories@github.com"
},
{
"url": "https://security.gentoo.org/glsa/202312-06",
"source": "security-advisories@github.com"
}
]
}

6
CVE-2021/CVE-2021-312xx/CVE-2021-31292.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-31292",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-07-26T17:15:07.963",
"lastModified": "2023-11-07T03:34:55.930",
"lastModified": "2023-12-22T10:15:09.377",
"vulnStatus": "Modified",
"descriptions": [
{
@ -159,6 +159,10 @@
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UYGDELIFFJWKUU7SO3QATCIXCZJERGAC/",
"source": "cve@mitre.org"
},
{
"url": "https://security.gentoo.org/glsa/202312-06",
"source": "cve@mitre.org"
},
{
"url": "https://www.debian.org/security/2021/dsa-4958",
"source": "cve@mitre.org",

10
CVE-2021/CVE-2021-326xx/CVE-2021-32617.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-32617",
"sourceIdentifier": "security-advisories@github.com",
"published": "2021-05-17T18:15:08.080",
"lastModified": "2023-11-07T03:35:18.787",
"lastModified": "2023-12-22T10:15:09.483",
"vulnStatus": "Modified",
"descriptions": [
{
@ -37,7 +37,7 @@
"impactScore": 3.6
},
{
"source": "a0819718-46f1-4df5-94e2-005712e83aaa",
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -85,7 +85,7 @@
},
"weaknesses": [
{
"source": "a0819718-46f1-4df5-94e2-005712e83aaa",
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
@ -165,6 +165,10 @@
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TZ5SGWHK64TB7ADRSVBGHEPDFN5CSOO3/",
"source": "security-advisories@github.com"
},
{
"url": "https://security.gentoo.org/glsa/202312-06",
"source": "security-advisories@github.com"
}
]
}

10
CVE-2021/CVE-2021-328xx/CVE-2021-32815.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-32815",
"sourceIdentifier": "security-advisories@github.com",
"published": "2021-08-09T18:15:07.397",
"lastModified": "2023-11-07T03:35:29.543",
"lastModified": "2023-12-22T10:15:09.603",
"vulnStatus": "Modified",
"descriptions": [
{
@ -37,7 +37,7 @@
"impactScore": 3.6
},
{
"source": "a0819718-46f1-4df5-94e2-005712e83aaa",
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -85,7 +85,7 @@
},
"weaknesses": [
{
"source": "a0819718-46f1-4df5-94e2-005712e83aaa",
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
@ -189,6 +189,10 @@
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UYGDELIFFJWKUU7SO3QATCIXCZJERGAC/",
"source": "security-advisories@github.com"
},
{
"url": "https://security.gentoo.org/glsa/202312-06",
"source": "security-advisories@github.com"
}
]
}

10
CVE-2021/CVE-2021-343xx/CVE-2021-34334.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-34334",
"sourceIdentifier": "security-advisories@github.com",
"published": "2021-08-09T18:15:07.513",
"lastModified": "2023-11-07T03:35:57.597",
"lastModified": "2023-12-22T10:15:09.723",
"vulnStatus": "Modified",
"descriptions": [
{
@ -37,7 +37,7 @@
"impactScore": 3.6
},
{
"source": "a0819718-46f1-4df5-94e2-005712e83aaa",
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -85,7 +85,7 @@
},
"weaknesses": [
{
"source": "a0819718-46f1-4df5-94e2-005712e83aaa",
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
@ -190,6 +190,10 @@
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UYGDELIFFJWKUU7SO3QATCIXCZJERGAC/",
"source": "security-advisories@github.com"
},
{
"url": "https://security.gentoo.org/glsa/202312-06",
"source": "security-advisories@github.com"
}
]
}

10
CVE-2021/CVE-2021-343xx/CVE-2021-34335.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-34335",
"sourceIdentifier": "security-advisories@github.com",
"published": "2021-08-09T20:15:07.400",
"lastModified": "2023-11-07T03:35:57.700",
"lastModified": "2023-12-22T10:15:09.843",
"vulnStatus": "Modified",
"descriptions": [
{
@ -37,7 +37,7 @@
"impactScore": 3.6
},
{
"source": "a0819718-46f1-4df5-94e2-005712e83aaa",
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -85,7 +85,7 @@
},
"weaknesses": [
{
"source": "a0819718-46f1-4df5-94e2-005712e83aaa",
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
@ -166,6 +166,10 @@
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UYGDELIFFJWKUU7SO3QATCIXCZJERGAC/",
"source": "security-advisories@github.com"
},
{
"url": "https://security.gentoo.org/glsa/202312-06",
"source": "security-advisories@github.com"
}
]
}

8
CVE-2021/CVE-2021-36xx/CVE-2021-3634.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-3634",
"sourceIdentifier": "secalert@redhat.com",
"published": "2021-08-31T17:15:08.323",
"lastModified": "2023-11-07T03:38:10.533",
"lastModified": "2023-12-22T10:15:10.770",
"vulnStatus": "Modified",
"descriptions": [
{
@ -75,7 +75,7 @@
]
},
{
"source": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"source": "secalert@redhat.com",
"type": "Secondary",
"description": [
{
@ -221,6 +221,10 @@
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SVWAAB2XMKEUMPMDALINKAA4U2QM4LNG/",
"source": "secalert@redhat.com"
},
{
"url": "https://security.gentoo.org/glsa/202312-05",
"source": "secalert@redhat.com"
},
{
"url": "https://security.netapp.com/advisory/ntap-20211004-0003/",
"source": "secalert@redhat.com",

10
CVE-2021/CVE-2021-376xx/CVE-2021-37615.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-37615",
"sourceIdentifier": "security-advisories@github.com",
"published": "2021-08-09T20:15:07.497",
"lastModified": "2023-11-07T03:36:58.747",
"lastModified": "2023-12-22T10:15:09.977",
"vulnStatus": "Modified",
"descriptions": [
{
@ -37,7 +37,7 @@
"impactScore": 3.6
},
{
"source": "a0819718-46f1-4df5-94e2-005712e83aaa",
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -85,7 +85,7 @@
},
"weaknesses": [
{
"source": "a0819718-46f1-4df5-94e2-005712e83aaa",
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
@ -166,6 +166,10 @@
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UYGDELIFFJWKUU7SO3QATCIXCZJERGAC/",
"source": "security-advisories@github.com"
},
{
"url": "https://security.gentoo.org/glsa/202312-06",
"source": "security-advisories@github.com"
}
]
}

10
CVE-2021/CVE-2021-376xx/CVE-2021-37616.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-37616",
"sourceIdentifier": "security-advisories@github.com",
"published": "2021-08-09T19:15:07.680",
"lastModified": "2023-11-07T03:36:58.850",
"lastModified": "2023-12-22T10:15:10.090",
"vulnStatus": "Modified",
"descriptions": [
{
@ -37,7 +37,7 @@
"impactScore": 3.6
},
{
"source": "a0819718-46f1-4df5-94e2-005712e83aaa",
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -85,7 +85,7 @@
},
"weaknesses": [
{
"source": "a0819718-46f1-4df5-94e2-005712e83aaa",
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
@ -166,6 +166,10 @@
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UYGDELIFFJWKUU7SO3QATCIXCZJERGAC/",
"source": "security-advisories@github.com"
},
{
"url": "https://security.gentoo.org/glsa/202312-06",
"source": "security-advisories@github.com"
}
]
}

10
CVE-2021/CVE-2021-376xx/CVE-2021-37618.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-37618",
"sourceIdentifier": "security-advisories@github.com",
"published": "2021-08-09T19:15:07.780",
"lastModified": "2023-11-07T03:36:58.987",
"lastModified": "2023-12-22T10:15:10.197",
"vulnStatus": "Modified",
"descriptions": [
{
@ -37,7 +37,7 @@
"impactScore": 3.6
},
{
"source": "a0819718-46f1-4df5-94e2-005712e83aaa",
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -85,7 +85,7 @@
},
"weaknesses": [
{
"source": "a0819718-46f1-4df5-94e2-005712e83aaa",
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
@ -166,6 +166,10 @@
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UYGDELIFFJWKUU7SO3QATCIXCZJERGAC/",
"source": "security-advisories@github.com"
},
{
"url": "https://security.gentoo.org/glsa/202312-06",
"source": "security-advisories@github.com"
}
]
}

10
CVE-2021/CVE-2021-376xx/CVE-2021-37619.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-37619",
"sourceIdentifier": "security-advisories@github.com",
"published": "2021-08-09T19:15:07.940",
"lastModified": "2023-11-07T03:36:59.093",
"lastModified": "2023-12-22T10:15:10.290",
"vulnStatus": "Modified",
"descriptions": [
{
@ -37,7 +37,7 @@
"impactScore": 3.6
},
{
"source": "a0819718-46f1-4df5-94e2-005712e83aaa",
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -85,7 +85,7 @@
},
"weaknesses": [
{
"source": "a0819718-46f1-4df5-94e2-005712e83aaa",
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
@ -166,6 +166,10 @@
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UYGDELIFFJWKUU7SO3QATCIXCZJERGAC/",
"source": "security-advisories@github.com"
},
{
"url": "https://security.gentoo.org/glsa/202312-06",
"source": "security-advisories@github.com"
}
]
}

10
CVE-2021/CVE-2021-376xx/CVE-2021-37620.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-37620",
"sourceIdentifier": "security-advisories@github.com",
"published": "2021-08-09T19:15:08.033",
"lastModified": "2023-11-07T03:36:59.187",
"lastModified": "2023-12-22T10:15:10.377",
"vulnStatus": "Modified",
"descriptions": [
{
@ -37,7 +37,7 @@
"impactScore": 3.6
},
{
"source": "a0819718-46f1-4df5-94e2-005712e83aaa",
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -85,7 +85,7 @@
},
"weaknesses": [
{
"source": "a0819718-46f1-4df5-94e2-005712e83aaa",
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
@ -189,6 +189,10 @@
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UYGDELIFFJWKUU7SO3QATCIXCZJERGAC/",
"source": "security-advisories@github.com"
},
{
"url": "https://security.gentoo.org/glsa/202312-06",
"source": "security-advisories@github.com"
}
]
}

10
CVE-2021/CVE-2021-376xx/CVE-2021-37621.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-37621",
"sourceIdentifier": "security-advisories@github.com",
"published": "2021-08-09T19:15:08.133",
"lastModified": "2023-11-07T03:36:59.303",
"lastModified": "2023-12-22T10:15:10.480",
"vulnStatus": "Modified",
"descriptions": [
{
@ -37,7 +37,7 @@
"impactScore": 3.6
},
{
"source": "a0819718-46f1-4df5-94e2-005712e83aaa",
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -85,7 +85,7 @@
},
"weaknesses": [
{
"source": "a0819718-46f1-4df5-94e2-005712e83aaa",
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
@ -189,6 +189,10 @@
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UYGDELIFFJWKUU7SO3QATCIXCZJERGAC/",
"source": "security-advisories@github.com"
},
{
"url": "https://security.gentoo.org/glsa/202312-06",
"source": "security-advisories@github.com"
}
]
}

10
CVE-2021/CVE-2021-376xx/CVE-2021-37622.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-37622",
"sourceIdentifier": "security-advisories@github.com",
"published": "2021-08-09T19:15:08.230",
"lastModified": "2023-11-07T03:36:59.410",
"lastModified": "2023-12-22T10:15:10.577",
"vulnStatus": "Modified",
"descriptions": [
{
@ -37,7 +37,7 @@
"impactScore": 3.6
},
{
"source": "a0819718-46f1-4df5-94e2-005712e83aaa",
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -85,7 +85,7 @@
},
"weaknesses": [
{
"source": "a0819718-46f1-4df5-94e2-005712e83aaa",
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
@ -189,6 +189,10 @@
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UYGDELIFFJWKUU7SO3QATCIXCZJERGAC/",
"source": "security-advisories@github.com"
},
{
"url": "https://security.gentoo.org/glsa/202312-06",
"source": "security-advisories@github.com"
}
]
}

10
CVE-2021/CVE-2021-376xx/CVE-2021-37623.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-37623",
"sourceIdentifier": "security-advisories@github.com",
"published": "2021-08-09T18:15:07.687",
"lastModified": "2023-11-07T03:36:59.520",
"lastModified": "2023-12-22T10:15:10.673",
"vulnStatus": "Modified",
"descriptions": [
{
@ -37,7 +37,7 @@
"impactScore": 3.6
},
{
"source": "a0819718-46f1-4df5-94e2-005712e83aaa",
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -85,7 +85,7 @@
},
"weaknesses": [
{
"source": "a0819718-46f1-4df5-94e2-005712e83aaa",
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
@ -168,6 +168,10 @@
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UYGDELIFFJWKUU7SO3QATCIXCZJERGAC/",
"source": "security-advisories@github.com"
},
{
"url": "https://security.gentoo.org/glsa/202312-06",
"source": "security-advisories@github.com"
}
]
}

6
CVE-2021/CVE-2021-41xx/CVE-2021-4104.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-4104",
"sourceIdentifier": "security@apache.org",
"published": "2021-12-14T12:15:12.200",
"lastModified": "2023-12-20T08:15:42.873",
"lastModified": "2023-12-22T09:15:36.510",
"vulnStatus": "Modified",
"descriptions": [
{
@ -520,6 +520,10 @@
"url": "https://security.gentoo.org/glsa/202312-02",
"source": "security@apache.org"
},
{
"url": "https://security.gentoo.org/glsa/202312-04",
"source": "security@apache.org"
},
{
"url": "https://security.netapp.com/advisory/ntap-20211223-0007/",
"source": "security@apache.org"

8
CVE-2023/CVE-2023-16xx/CVE-2023-1667.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-1667",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-05-26T18:15:10.740",
"lastModified": "2023-11-07T04:04:32.510",
"lastModified": "2023-12-22T10:15:10.917",
"vulnStatus": "Modified",
"descriptions": [
{
@ -46,7 +46,7 @@
]
},
{
"source": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"source": "secalert@redhat.com",
"type": "Secondary",
"description": [
{
@ -166,6 +166,10 @@
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/27PD44ALQTZXX7K6JAM3BXBUHYA6DFFN/",
"source": "secalert@redhat.com"
},
{
"url": "https://security.gentoo.org/glsa/202312-05",
"source": "secalert@redhat.com"
}
]
}

8
CVE-2023/CVE-2023-22xx/CVE-2023-2283.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-2283",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-05-26T18:15:13.770",
"lastModified": "2023-11-07T04:12:19.130",
"lastModified": "2023-12-22T10:15:11.020",
"vulnStatus": "Modified",
"descriptions": [
{
@ -46,7 +46,7 @@
]
},
{
"source": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"source": "secalert@redhat.com",
"type": "Secondary",
"description": [
{
@ -141,6 +141,10 @@
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/27PD44ALQTZXX7K6JAM3BXBUHYA6DFFN/",
"source": "secalert@redhat.com"
},
{
"url": "https://security.gentoo.org/glsa/202312-05",
"source": "secalert@redhat.com"
},
{
"url": "https://www.libssh.org/security/advisories/CVE-2023-2283.txt",
"source": "secalert@redhat.com",

51
CVE-2023/CVE-2023-310xx/CVE-2023-31092.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-31092",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-20T16:15:07.503",
"lastModified": "2023-12-20T16:47:19.580",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-22T09:51:35.833",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Foxskav Easy Bet.This issue affects Easy Bet: from n/a through 1.0.2.\n\n"
},
{
"lang": "es",
"value": "La neutralizaci\u00f3n incorrecta de elementos especiales utilizados en una vulnerabilidad de comando SQL (\"Inyecci\u00f3n SQL\") en Foxskav Easy Bet. Este problema afecta a Easy Bet: desde n/a hasta 1.0.2."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:foxskav:easy_bet:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.0.2",
"matchCriteriaId": "C91B5DB1-480E-478E-9B06-5EDDA7C75A74"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/easy-bet/wordpress-easy-bet-plugin-1-0-2-sql-injection-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

51
CVE-2023/CVE-2023-321xx/CVE-2023-32128.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-32128",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-20T16:15:07.717",
"lastModified": "2023-12-20T16:47:19.580",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-22T09:50:51.407",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Adastra Crypto Cryptocurrency Payment & Donation Box \u2013 Accept Payments in any Cryptocurrency on your WP Site for Free.This issue affects Cryptocurrency Payment & Donation Box \u2013 Accept Payments in any Cryptocurrency on your WP Site for Free: from n/a through 2.2.7.\n\n"
},
{
"lang": "es",
"value": "La neutralizaci\u00f3n incorrecta de elementos especiales utilizados en una vulnerabilidad de comando SQL ('Inyecci\u00f3n SQL') en Adastra Crypto Cryptocurrency Payment & Donation Box \u2013 Accept Payments in any Cryptocurrency on your WP Site for Free. Este problema afecta a Cryptocurrency Payment & Donation Box \u2013 Accept Payments in any Cryptocurrency on your WP Site for Free: desde n/a hasta 2.2.7."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adastracrypto:cryptocurrency_payment_\\&_donation_box:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.2.8",
"matchCriteriaId": "496C3A0A-E4E2-49CE-AE36-5E5C95A8D381"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/cryptocurrency-donation-box/wordpress-cryptocurrency-payment-donation-box-plugin-2-2-5-sql-injection-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-333xx/CVE-2023-33331.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-33331",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-18T23:15:07.520",
"lastModified": "2023-12-19T13:42:22.313",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-22T09:43:12.947",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -50,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:woo:product_vendors:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.1.77",
"matchCriteriaId": "A1D2342F-DEA3-42E4-B36D-77BC7F8178AD"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/woocommerce-product-vendors/wordpress-woocommerce-product-vendors-plugin-2-1-76-vendor-admin-sql-injection-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-341xx/CVE-2023-34168.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34168",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-18T23:15:07.743",
"lastModified": "2023-12-19T13:42:22.313",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-22T09:45:04.787",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -50,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:esiteq:wp_report_post:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.1.2",
"matchCriteriaId": "D71EB291-0F17-4639-8573-BE91BAF6CD33"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wp-report-post/wordpress-wp-report-post-plugin-2-1-2-sql-injection-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

51
CVE-2023/CVE-2023-400xx/CVE-2023-40010.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-40010",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-20T15:15:09.310",
"lastModified": "2023-12-20T16:47:19.580",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-22T09:54:05.790",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in realmag777 HUSKY \u2013 Products Filter for WooCommerce Professional.This issue affects HUSKY \u2013 Products Filter for WooCommerce Professional: from n/a through 1.3.4.2.\n\n"
},
{
"lang": "es",
"value": "La neutralizaci\u00f3n incorrecta de elementos especiales utilizados en una vulnerabilidad de comando SQL ('Inyecci\u00f3n SQL') en realmag777 HUSKY \u2013 Products Filter for WooCommerce Professional. Este problema afecta a HUSKY \u2013 Products Filter for WooCommerce Professional: desde n/a hasta 1.3.4.2."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pluginus:husky_-_products_filter_professional_for_woocommerce:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.3.4.3",
"matchCriteriaId": "93E61EDB-244D-433F-AEDD-1717CA1F6D95"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/woocommerce-products-filter/wordpress-husky-plugin-1-3-4-2-sql-injection-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

20
CVE-2023/CVE-2023-431xx/CVE-2023-43116.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-43116",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-12-22T10:15:11.110",
"lastModified": "2023-12-22T10:15:11.110",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A symbolic link following vulnerability in Buildkite Elastic CI for AWS versions prior to 6.7.1 and 5.22.5 allows the buildkite-agent user to change ownership of arbitrary directories via the PIPELINE_PATH variable in the fix-buildkite-agent-builds-permissions script."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/atredispartners/advisories/blob/master/ATREDIS-2023-0003.md",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-437xx/CVE-2023-43741.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-43741",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-12-22T10:15:11.173",
"lastModified": "2023-12-22T10:15:11.173",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A time-of-check-time-of-use race condition vulnerability in Buildkite Elastic CI for AWS versions prior to 6.7.1 and 5.22.5 allows the buildkite-agent user to bypass a symbolic link check for the PIPELINE_PATH variable in the fix-buildkite-agent-builds-permissions script."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/atredispartners/advisories/blob/master/ATREDIS-2023-0003.md",
"source": "cve@mitre.org"
}
]
}

8
CVE-2023/CVE-2023-443xx/CVE-2023-44398.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-44398",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-11-06T18:15:08.380",
"lastModified": "2023-11-14T17:10:42.623",
"vulnStatus": "Analyzed",
"lastModified": "2023-12-22T10:15:11.223",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -101,6 +101,10 @@
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://security.gentoo.org/glsa/202312-06",
"source": "security-advisories@github.com"
}
]
}

47
CVE-2023/CVE-2023-475xx/CVE-2023-47506.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-47506",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-18T23:15:07.933",
"lastModified": "2023-12-19T13:42:22.313",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-22T09:42:06.887",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -50,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:masterslider:master_slider:*:*:*:*:pro:wordpress:*:*",
"versionEndIncluding": "3.6.5",
"matchCriteriaId": "84000261-563F-4977-B5A3-2EF65C78A066"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/masterslider/wordpress-master-slider-pro-plugin-3-6-5-authenticated-editor-sql-injection-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-475xx/CVE-2023-47530.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-47530",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-18T23:15:08.133",
"lastModified": "2023-12-19T13:42:22.313",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-22T09:23:45.770",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -50,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpvibes:redirect_404_error_page_to_homepage_or_custom_page_with_logs:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.8.8",
"matchCriteriaId": "0B416C4B-1AC6-42C5-BD19-33CDB8F07A8C"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/redirect-404-error-page-to-homepage-or-custom-page/wordpress-redirect-404-error-page-to-homepage-or-custom-page-with-logs-plugin-1-8-7-sql-injection-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

76
CVE-2023/CVE-2023-477xx/CVE-2023-47702.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-47702",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-12-20T02:15:43.970",
"lastModified": "2023-12-20T13:50:15.967",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-22T10:03:25.553",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2
},
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
@ -50,14 +70,62 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:security_guardium_key_lifecycle_manager:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.2.0",
"versionEndExcluding": "4.2.0.2",
"matchCriteriaId": "66451AC9-420C-4002-9D00-47735D9ED072"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E492C463-D76E-49B7-A4D4-3B499E422D89"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/271196",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
]
},
{
"url": "https://www.ibm.com/support/pages/node/7091157",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
]
}
]
}

86
CVE-2023/CVE-2023-477xx/CVE-2023-47703.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-47703",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-12-20T02:15:44.167",
"lastModified": "2023-12-20T13:50:15.967",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-22T10:02:23.280",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-209"
}
]
},
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
@ -50,14 +80,62 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:security_guardium_key_lifecycle_manager:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.2.0",
"versionEndExcluding": "4.2.0.2",
"matchCriteriaId": "66451AC9-420C-4002-9D00-47735D9ED072"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E492C463-D76E-49B7-A4D4-3B499E422D89"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/271197",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
]
},
{
"url": "https://www.ibm.com/support/pages/node/7091157",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
]
}
]
}

76
CVE-2023/CVE-2023-477xx/CVE-2023-47704.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-47704",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-12-20T01:15:07.363",
"lastModified": "2023-12-20T13:50:15.967",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-22T10:11:58.137",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
@ -50,14 +70,62 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:security_guardium_key_lifecycle_manager:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.2.0",
"versionEndExcluding": "4.2.0.2",
"matchCriteriaId": "66451AC9-420C-4002-9D00-47735D9ED072"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E492C463-D76E-49B7-A4D4-3B499E422D89"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/271220",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
]
},
{
"url": "https://www.ibm.com/support/pages/node/7091157",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
]
}
]
}

76
CVE-2023/CVE-2023-477xx/CVE-2023-47705.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-47705",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-12-20T02:15:44.437",
"lastModified": "2023-12-20T13:50:15.967",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-22T10:01:58.917",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
@ -50,14 +70,62 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:security_guardium_key_lifecycle_manager:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.2.0",
"versionEndExcluding": "4.2.0.2",
"matchCriteriaId": "66451AC9-420C-4002-9D00-47735D9ED072"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E492C463-D76E-49B7-A4D4-3B499E422D89"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/271228",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
]
},
{
"url": "https://www.ibm.com/support/pages/node/7091157",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
]
}
]
}

76
CVE-2023/CVE-2023-477xx/CVE-2023-47706.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-47706",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-12-20T01:15:07.597",
"lastModified": "2023-12-20T13:50:15.967",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-22T10:11:40.633",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
@ -50,14 +70,62 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:security_guardium_key_lifecycle_manager:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.2.0",
"versionEndExcluding": "4.2.0.2",
"matchCriteriaId": "66451AC9-420C-4002-9D00-47735D9ED072"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E492C463-D76E-49B7-A4D4-3B499E422D89"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/271341",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
]
},
{
"url": "https://www.ibm.com/support/pages/node/7091157",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
]
}
]
}

76
CVE-2023/CVE-2023-477xx/CVE-2023-47707.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-47707",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-12-20T02:15:44.627",
"lastModified": "2023-12-20T13:50:15.967",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-22T10:00:51.667",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
@ -50,14 +70,62 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:security_guardium_key_lifecycle_manager:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.2.0",
"versionEndIncluding": "4.2.0.2",
"matchCriteriaId": "FB0A58CC-10AF-4C09-8C5D-C5E0E13CBD18"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E492C463-D76E-49B7-A4D4-3B499E422D89"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/271522",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry"
]
},
{
"url": "https://www.ibm.com/support/pages/node/7091157",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

51
CVE-2023/CVE-2023-478xx/CVE-2023-47852.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-47852",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-20T15:15:09.500",
"lastModified": "2023-12-20T16:47:19.580",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-22T09:52:21.457",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Link Whisper Link Whisper Free.This issue affects Link Whisper Free: from n/a through 0.6.5.\n\n"
},
{
"lang": "es",
"value": "La neutralizaci\u00f3n incorrecta de elementos especiales utilizados en una vulnerabilidad de comando SQL ('inyecci\u00f3n SQL') en Link Whisper Link Whisper Free. Este problema afecta a Link Whisper Free: desde n/a hasta 0.6.5."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:linkwhisper:link_whisper_free:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "0.6.6",
"matchCriteriaId": "5F76B693-B9C8-4F17-B8BE-EE49C0DB51AD"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/link-whisper/wordpress-link-whisper-free-plugin-0-6-5-sql-injection-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

51
CVE-2023/CVE-2023-487xx/CVE-2023-48768.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-48768",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-18T22:15:09.143",
"lastModified": "2023-12-19T13:42:29.533",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-22T09:49:39.717",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in CodeAstrology Team Quantity Plus Minus Button for WooCommerce by CodeAstrology.This issue affects Quantity Plus Minus Button for WooCommerce by CodeAstrology: from n/a through 1.1.9.\n\n"
},
{
"lang": "es",
"value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en CodeAstrology Team Quantity Plus Minus Button para WooCommerce. Este problema afecta a Quantity Plus Minus Button for WooCommerce para WooCommerce desde n/a hasta 1.1.9."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:codeastrology:quantity_plus_minus_button_for_woocommerce:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.2.0",
"matchCriteriaId": "54C1C2D0-3414-463B-9219-AE0574B56DF2"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wc-quantity-plus-minus-button/wordpress-quantity-plus-minus-button-for-woocommerce-by-codeastrology-plugin-1-1-9-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

51
CVE-2023/CVE-2023-487xx/CVE-2023-48769.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-48769",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-18T22:15:09.337",
"lastModified": "2023-12-19T13:42:29.533",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-22T09:48:47.847",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in Blue Coral Chat Bubble \u2013 Floating Chat with Contact Chat Icons, Messages, Telegram, Email, SMS, Call me back.This issue affects Chat Bubble \u2013 Floating Chat with Contact Chat Icons, Messages, Telegram, Email, SMS, Call me back: from n/a through 2.3.\n\n"
},
{
"lang": "es",
"value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en Blue Coral Chat Bubble \u2013 Floating Chat with Contact Chat Icons, Messages, Telegram, Email, SMS, Call me back. Este problema afecta a Blue Coral Chat Bubble \u2013 Floating Chat with Contact Chat Icons, Messages, Telegram, Email, SMS, Call me back: desde n/a hasta 2.3."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bluecoral:chat_bubble:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.3",
"matchCriteriaId": "7382E975-FE03-4C45-8797-F03BD864E606"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/chat-bubble/wordpress-chat-bubble-plugin-2-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

51
CVE-2023/CVE-2023-487xx/CVE-2023-48772.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-48772",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-18T22:15:09.570",
"lastModified": "2023-12-19T13:42:29.533",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-22T09:49:18.993",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in Arul Prasad J Prevent Landscape Rotation.This issue affects Prevent Landscape Rotation: from n/a through 2.0.\n\n"
},
{
"lang": "es",
"value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en Arul Prasad J Prevent Landscape Rotation. Este problema afecta a Prevent Landscape Rotation: desde n/a hasta 2.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:arulprasadj:prevent_landscape_rotation:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.0",
"matchCriteriaId": "214D9B5C-F956-47CB-A636-30500FD44329"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/prevent-landscape-rotation/wordpress-prevent-landscape-rotation-plugin-2-0-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

51
CVE-2023/CVE-2023-487xx/CVE-2023-48773.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-48773",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-18T22:15:09.757",
"lastModified": "2023-12-19T13:42:29.533",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-22T09:48:23.130",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in WP Doctor WooCommerce Login Redirect.This issue affects WooCommerce Login Redirect: from n/a through 2.2.4.\n\n"
},
{
"lang": "es",
"value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en WP Doctor WooCommerce Login Redirect. Este problema afecta a WooCommerce Login Redirect: desde n/a hasta 2.2.4."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpdoctor:woocommerce_login_redirect:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2.2.4",
"matchCriteriaId": "813E543D-2E03-45B2-9E93-B77C2A5E2578"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/woo-login-redirect/wordpress-woo-login-redirect-plugin-2-2-4-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

51
CVE-2023/CVE-2023-487xx/CVE-2023-48778.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-48778",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-18T22:15:09.960",
"lastModified": "2023-12-19T13:42:29.533",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-22T09:48:10.170",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in VillaTheme Product Size Chart For WooCommerce.This issue affects Product Size Chart For WooCommerce: from n/a through 1.1.5.\n\n"
},
{
"lang": "es",
"value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en VillaTheme Product Size Chart para WooCommerce. Este problema afecta a Product Size Chart para WooCommerce: desde n/a hasta 1.1.5."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:villatheme:product_size_chart_for_woocommerce:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.1.5",
"matchCriteriaId": "6E2E748C-124D-4419-A64E-AD54D9962527"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/product-size-chart-for-woo/wordpress-product-size-chart-for-woocommerce-plugin-1-1-5-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

51
CVE-2023/CVE-2023-487xx/CVE-2023-48781.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-48781",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-18T22:15:10.150",
"lastModified": "2023-12-19T13:42:29.533",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-22T09:47:10.017",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in Marketing Rapel MkRapel Regiones y Ciudades de Chile para WC.This issue affects MkRapel Regiones y Ciudades de Chile para WC: from n/a through 4.3.0.\n\n"
},
{
"lang": "es",
"value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en Marketing Rapel MkRapel Regiones y Ciudades de Chile para WC. Este problema afecta a MkRapel Regiones y Ciudades de Chile para WC: desde n/a hasta 4.3.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:marketingrapel:mkrapel_regiones_y_ciudades_de_chile_para_wc:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "4.3.0",
"matchCriteriaId": "D44049EE-DEAF-4EE2-8331-248A04D6E09B"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wc-ciudades-y-regiones-de-chile/wordpress-mkrapel-regiones-y-ciudades-de-chile-para-wc-plugin-4-3-0-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

57
CVE-2023/CVE-2023-491xx/CVE-2023-49164.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-49164",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-19T22:15:08.143",
"lastModified": "2023-12-20T13:50:26.727",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-22T09:54:59.777",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -50,10 +80,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oceanwp:ocean_extra:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.2.3",
"matchCriteriaId": "4776B127-D21A-4D10-AB53-5BE1B33E3BBE"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/ocean-extra/wordpress-ocean-extra-plugin-2-2-2-csrf-leading-to-arbitrary-plugin-activation-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

51
CVE-2023/CVE-2023-491xx/CVE-2023-49168.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-49168",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-14T15:15:08.357",
"lastModified": "2023-12-14T15:20:34.133",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-22T09:50:06.877",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WordPlus Better Messages \u2013 Live Chat for WordPress, BuddyPress, PeepSo, Ultimate Member, BuddyBoss allows Stored XSS.This issue affects Better Messages \u2013 Live Chat for WordPress, BuddyPress, PeepSo, Ultimate Member, BuddyBoss: from n/a through 2.4.0.\n\n"
},
{
"lang": "es",
"value": "Neutralizaci\u00f3n inadecuada de la entrada durante la vulnerabilidad de generaci\u00f3n de p\u00e1ginas web ('Coss-Site Scripting') en WordPlus Better Messages \u2013 Live Chat for WordPress, BuddyPress, PeepSo, Ultimate Member, BuddyBoss permite Stored XSS. Este problema afecta a Better Messages \u2013 Live Chat for WordPress. BuddyPress, PeepSo, Ultimate Member, BuddyBoss: desde n/a hasta 2.4.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wordplus:better_messages:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.4.1",
"matchCriteriaId": "63DE541B-6467-4A11-877A-2FEA994B28A3"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/bp-better-messages/wordpress-bp-better-messages-plugin-2-3-12-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

20
CVE-2023/CVE-2023-493xx/CVE-2023-49356.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-49356",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-12-22T10:15:11.323",
"lastModified": "2023-12-22T10:15:11.323",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A stack buffer overflow vulnerability in MP3Gain v1.6.2 allows an attacker to cause a denial of service via the WriteMP3GainAPETag function at apetag.c:592."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/linzc21/bug-reports/blob/main/reports/mp3gain/1.6.2/stack-buffer-overflow/CVE-2023-49356.md",
"source": "cve@mitre.org"
}
]
}

69
CVE-2023/CVE-2023-494xx/CVE-2023-49489.json
View File

@ -2,19 +2,80 @@
"id": "CVE-2023-49489",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-12-19T10:15:07.943",
"lastModified": "2023-12-19T13:42:12.823",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-22T10:13:39.257",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Reflective Cross Site Scripting (XSS) vulnerability in KodeExplorer version 4.51, allows attackers to obtain sensitive information and escalate privileges via the APP_HOST parameter at config/i18n/en/main.php."
},
{
"lang": "es",
"value": "Vulnerabilidad de Cross Site Scripting (XSS) Reflejado en KodeExplorer versi\u00f3n 4.51 permite a los atacantes obtener informaci\u00f3n confidencial y escalar privilegios a trav\u00e9s del par\u00e1metro APP_HOST en config/i18n/en/main.php."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:kodcloud:kodexplorer:4.51:*:*:*:*:*:*:*",
"matchCriteriaId": "C60D895F-51BD-4FAF-B449-B04037016307"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/kalcaddle/KodExplorer/issues/526",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-503xx/CVE-2023-50376.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-50376",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-19T09:15:36.343",
"lastModified": "2023-12-19T13:42:12.823",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-22T10:13:15.320",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -50,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:simple-membership-plugin:simple_membership:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "4.3.8",
"matchCriteriaId": "1676B35D-B851-4FF3-A77C-95BF0236633E"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/simple-membership/wordpress-simple-membership-plugin-4-3-8-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

72
CVE-2023/CVE-2023-506xx/CVE-2023-50639.json
View File

@ -2,19 +2,83 @@
"id": "CVE-2023-50639",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-12-20T21:15:08.280",
"lastModified": "2023-12-21T02:24:22.413",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-22T10:12:33.847",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cross Site Scripting (XSS) vulnerability in CuteHttpFileServer v.1.0 and v.2.0 allows attackers to obtain sensitive information via the file upload function in the home page."
},
{
"lang": "es",
"value": "Una vulnerabilidad de Cross Site Scripting (XSS) en CuteHttpFileServer v.1.0 y v.2.0 permite a los atacantes obtener informaci\u00f3n confidencial a trav\u00e9s de la funci\u00f3n de carga de archivos en la p\u00e1gina de inicio."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:iscute:cute_http_file_server:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F903B485-BF9B-44D0-93A6-305BC9FF0818"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:iscute:cute_http_file_server:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C6646F1C-FEF9-4361-94C8-1EEB8D9E1CB3"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/940198871/Vulnerability-details/blob/main/CVE-2023-50639.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

55
CVE-2023/CVE-2023-67xx/CVE-2023-6768.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-6768",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2023-12-20T10:15:07.730",
"lastModified": "2023-12-20T13:50:15.967",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-22T09:58:49.833",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Authentication bypass vulnerability in Amazing Little Poll affecting versions 1.3 and 1.4. This vulnerability could allow an unauthenticated user to access the admin panel without providing any credentials by simply accessing the \"lp_admin.php?adminstep=\" parameter."
},
{
"lang": "es",
"value": "Vulnerabilidad de omisi\u00f3n de autenticaci\u00f3n en Amazing Little Poll que afecta a las versiones 1.3 y 1.4. Esta vulnerabilidad podr\u00eda permitir que un usuario no autenticado acceda al panel de administraci\u00f3n sin proporcionar ninguna credencial simplemente accediendo al par\u00e1metro \"lp_admin.php?adminstep=\"."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
@ -46,10 +70,35 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mr-corner:amazing_little_poll:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1E9D3BF2-8AF3-44D0-BF44-CFC2F235A129"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mr-corner:amazing_little_poll:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E224C9C6-B463-4167-91E6-565DE9C5E1F7"
}
]
}
]
}
],
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amazing-little-poll",
"source": "cve-coordination@incibe.es"
"source": "cve-coordination@incibe.es",
"tags": [
"Third Party Advisory"
]
}
]
}

55
CVE-2023/CVE-2023-67xx/CVE-2023-6769.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-6769",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2023-12-20T10:15:08.087",
"lastModified": "2023-12-20T13:50:15.967",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-22T09:59:41.467",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Stored XSS vulnerability in Amazing Little Poll, affecting versions 1.3 and 1.4. This vulnerability allows a remote attacker to store a malicious JavaScript payload in the \"lp_admin.php\" file in the \"question\" and \"item\" parameters. This vulnerability could lead to malicious JavaScript execution while the page is loading."
},
{
"lang": "es",
"value": "Vulnerabilidad XSS almacenado en Amazing Little Poll, que afecta a las versiones 1.3 y 1.4. Esta vulnerabilidad permite a un atacante remoto almacenar un payload de JavaScript malicioso en el archivo \"lp_admin.php\" en los par\u00e1metros \"question\" e \"item\". Esta vulnerabilidad podr\u00eda provocar la ejecuci\u00f3n maliciosa de JavaScript mientras se carga la p\u00e1gina."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.1,
"impactScore": 2.5
},
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
@ -46,10 +70,35 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mr-corner:amazing_little_poll:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1E9D3BF2-8AF3-44D0-BF44-CFC2F235A129"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mr-corner:amazing_little_poll:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E224C9C6-B463-4167-91E6-565DE9C5E1F7"
}
]
}
]
}
],
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-amazing-little-poll",
"source": "cve-coordination@incibe.es"
"source": "cve-coordination@incibe.es",
"tags": [
"Third Party Advisory"
]
}
]
}

121
CVE-2023/CVE-2023-68xx/CVE-2023-6864.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6864",
"sourceIdentifier": "security@mozilla.org",
"published": "2023-12-19T14:15:07.707",
"lastModified": "2023-12-22T01:15:12.180",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-12-22T10:59:57.740",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,31 +14,134 @@
"value": "Errores de seguridad de la memoria presentes en Firefox 120, Firefox ESR 115.5 y Thunderbird 115.5. Algunos de estos errores mostraron evidencia de corrupci\u00f3n de memoria y suponemos que con suficiente esfuerzo algunos de ellos podr\u00edan haberse aprovechado para ejecutar c\u00f3digo arbitrario. Esta vulnerabilidad afecta a Firefox ESR <115.6, Thunderbird <115.6 y Firefox <121."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
"versionEndExcluding": "121.0",
"matchCriteriaId": "A3D81D72-5965-4DB7-BFA7-9A32A9108919"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*",
"versionEndExcluding": "115.6",
"matchCriteriaId": "46B36C5E-77B7-4FBF-8B7A-6F794C8B8B2B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*",
"versionEndExcluding": "115.6",
"matchCriteriaId": "1856451B-B03F-4BF2-AEFE-BF66D82D9E78"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "46D69DCC-AE4D-4EA5-861C-D60951444C6C"
}
]
}
]
}
],
"references": [
{
"url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1736385%2C1810805%2C1846328%2C1856090%2C1858033%2C1858509%2C1862089%2C1862777%2C1864015",
"source": "security@mozilla.org"
"source": "security@mozilla.org",
"tags": [
"Broken Link"
]
},
{
"url": "https://www.debian.org/security/2023/dsa-5581",
"source": "security@mozilla.org"
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.debian.org/security/2023/dsa-5582",
"source": "security@mozilla.org"
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-54/",
"source": "security@mozilla.org"
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-55/",
"source": "security@mozilla.org"
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-56/",
"source": "security@mozilla.org"
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
]
}
]
}

106
CVE-2023/CVE-2023-68xx/CVE-2023-6865.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6865",
"sourceIdentifier": "security@mozilla.org",
"published": "2023-12-19T14:15:07.777",
"lastModified": "2023-12-21T01:15:33.960",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-22T10:59:40.403",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,23 +14,115 @@
"value": "`EncryptingOutputStream` era susceptible de exponer datos no inicializados. S\u00f3lo se puede abusar de este problema para escribir datos en un disco local, lo que puede tener implicaciones para el modo de navegaci\u00f3n privada. Esta vulnerabilidad afecta a Firefox ESR <115.6 y Firefox <121."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
"versionEndExcluding": "121.0",
"matchCriteriaId": "A3D81D72-5965-4DB7-BFA7-9A32A9108919"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*",
"versionEndExcluding": "115.6",
"matchCriteriaId": "46B36C5E-77B7-4FBF-8B7A-6F794C8B8B2B"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "46D69DCC-AE4D-4EA5-861C-D60951444C6C"
}
]
}
]
}
],
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1864123",
"source": "security@mozilla.org"
"source": "security@mozilla.org",
"tags": [
"Issue Tracking",
"Permissions Required"
]
},
{
"url": "https://www.debian.org/security/2023/dsa-5581",
"source": "security@mozilla.org"
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-54/",
"source": "security@mozilla.org"
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-56/",
"source": "security@mozilla.org"
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
]
}
]
}

74
CVE-2023/CVE-2023-68xx/CVE-2023-6866.json
View File

@ -2,23 +2,87 @@
"id": "CVE-2023-6866",
"sourceIdentifier": "security@mozilla.org",
"published": "2023-12-19T14:15:07.847",
"lastModified": "2023-12-19T14:49:49.807",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-22T10:54:33.320",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "TypedArrays can be fallible and lacked proper exception handling. This could lead to abuse in other APIs which expect TypedArrays to always succeed. This vulnerability affects Firefox < 121."
},
{
"lang": "es",
"value": "TypedArrays puede ser falible y carecer de un manejo de excepciones adecuado. Esto podr\u00eda dar lugar a abusos en otras API que esperan que TypedArrays siempre tenga \u00e9xito. Esta vulnerabilidad afecta a Firefox &lt; 121."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-755"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
"versionEndExcluding": "121.0",
"matchCriteriaId": "A3D81D72-5965-4DB7-BFA7-9A32A9108919"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1849037",
"source": "security@mozilla.org"
"source": "security@mozilla.org",
"tags": [
"Issue Tracking",
"Permissions Required"
]
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-56/",
"source": "security@mozilla.org"
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
]
}
]
}

106
CVE-2023/CVE-2023-68xx/CVE-2023-6867.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6867",
"sourceIdentifier": "security@mozilla.org",
"published": "2023-12-19T14:15:07.933",
"lastModified": "2023-12-21T01:15:34.010",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-22T10:53:35.230",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,23 +14,115 @@
"value": "El timing en el que se hace clic en un bot\u00f3n que provoca la desaparici\u00f3n de una ventana emergente era aproximadamente de la misma duraci\u00f3n que el retraso anti-clickjacking en las solicitudes de permiso. Era posible utilizar este hecho para sorprender a los usuarios atray\u00e9ndolos a hacer clic en el lugar donde el bot\u00f3n de concesi\u00f3n de permiso estar\u00eda a punto de aparecer. Esta vulnerabilidad afecta a Firefox ESR &lt;115.6 y Firefox &lt;121."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-1021"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
"versionEndExcluding": "121.0",
"matchCriteriaId": "A3D81D72-5965-4DB7-BFA7-9A32A9108919"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*",
"versionEndExcluding": "115.6",
"matchCriteriaId": "46B36C5E-77B7-4FBF-8B7A-6F794C8B8B2B"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "46D69DCC-AE4D-4EA5-861C-D60951444C6C"
}
]
}
]
}
],
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1863863",
"source": "security@mozilla.org"
"source": "security@mozilla.org",
"tags": [
"Issue Tracking",
"Permissions Required"
]
},
{
"url": "https://www.debian.org/security/2023/dsa-5581",
"source": "security@mozilla.org"
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-54/",
"source": "security@mozilla.org"
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-56/",
"source": "security@mozilla.org"
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
]
}
]
}

86
CVE-2023/CVE-2023-68xx/CVE-2023-6868.json
View File

@ -2,23 +2,99 @@
"id": "CVE-2023-6868",
"sourceIdentifier": "security@mozilla.org",
"published": "2023-12-19T14:15:07.983",
"lastModified": "2023-12-19T14:49:49.807",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-22T10:52:54.690",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In some instances, the user-agent would allow push requests which lacked a valid VAPID even though the push manager subscription defined one. This could allow empty messages to be sent from unauthorized parties.\n*This bug only affects Firefox on Android.* This vulnerability affects Firefox < 121."
},
{
"lang": "es",
"value": "En algunos casos, el agente de usuario permitir\u00eda solicitudes de inserci\u00f3n que carec\u00edan de un VAPID v\u00e1lido aunque la suscripci\u00f3n del administrador de inserci\u00f3n definiera uno. Esto podr\u00eda permitir que se env\u00eden mensajes vac\u00edos desde partes no autorizadas. *Este error solo afecta a Firefox en Android.* Esta vulnerabilidad afecta a Firefox &lt; 121."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
"versionEndExcluding": "121.0",
"matchCriteriaId": "A3D81D72-5965-4DB7-BFA7-9A32A9108919"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1865488",
"source": "security@mozilla.org"
"source": "security@mozilla.org",
"tags": [
"Issue Tracking",
"Permissions Required"
]
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-56/",
"source": "security@mozilla.org"
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
]
}
]
}

74
CVE-2023/CVE-2023-68xx/CVE-2023-6869.json
View File

@ -2,23 +2,87 @@
"id": "CVE-2023-6869",
"sourceIdentifier": "security@mozilla.org",
"published": "2023-12-19T14:15:08.040",
"lastModified": "2023-12-19T17:15:07.560",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-22T10:52:43.520",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A `&lt;dialog>` element could have been manipulated to paint content outside of a sandboxed iframe. This could allow untrusted content to display under the guise of trusted content. This vulnerability affects Firefox < 121."
},
{
"lang": "es",
"value": "Un elemento `&lt;dialog&gt;` podr\u00eda haber sido manipulado para pintar contenido fuera de un iframe en la sandbox. Esto podr\u00eda permitir que se muestre contenido que no es de confianza bajo la apariencia de contenido confiable. Esta vulnerabilidad afecta a Firefox &lt; 121."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
"versionEndExcluding": "121.0",
"matchCriteriaId": "A3D81D72-5965-4DB7-BFA7-9A32A9108919"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1799036",
"source": "security@mozilla.org"
"source": "security@mozilla.org",
"tags": [
"Issue Tracking",
"Permissions Required"
]
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-56/",
"source": "security@mozilla.org"
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
]
}
]
}

74
CVE-2023/CVE-2023-68xx/CVE-2023-6871.json
View File

@ -2,23 +2,87 @@
"id": "CVE-2023-6871",
"sourceIdentifier": "security@mozilla.org",
"published": "2023-12-19T14:15:08.133",
"lastModified": "2023-12-19T14:49:49.807",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-22T10:43:54.310",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Under certain conditions, Firefox did not display a warning when a user attempted to navigate to a new protocol handler. This vulnerability affects Firefox < 121."
},
{
"lang": "es",
"value": "Bajo ciertas condiciones, Firefox no mostraba una advertencia cuando un usuario intentaba navegar a un nuevo controlador de protocolo. Esta vulnerabilidad afecta a Firefox &lt; 121."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
"versionEndExcluding": "121.0",
"matchCriteriaId": "A3D81D72-5965-4DB7-BFA7-9A32A9108919"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1828334",
"source": "security@mozilla.org"
"source": "security@mozilla.org",
"tags": [
"Issue Tracking",
"Permissions Required"
]
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-56/",
"source": "security@mozilla.org"
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
]
}
]
}

74
CVE-2023/CVE-2023-68xx/CVE-2023-6872.json
View File

@ -2,23 +2,87 @@
"id": "CVE-2023-6872",
"sourceIdentifier": "security@mozilla.org",
"published": "2023-12-19T14:15:08.180",
"lastModified": "2023-12-19T14:49:49.807",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-12-22T10:43:30.707",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Browser tab titles were being leaked by GNOME to system logs. This could potentially expose the browsing habits of users running in a private tab. This vulnerability affects Firefox < 121."
},
{
"lang": "es",
"value": "GNOME estaba filtrando los t\u00edtulos de las pesta\u00f1as del navegador a los registros del sistema. Esto podr\u00eda potencialmente exponer los h\u00e1bitos de navegaci\u00f3n de los usuarios que ejecutan en una pesta\u00f1a privada. Esta vulnerabilidad afecta a Firefox &lt; 121."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
"versionEndExcluding": "121.0",
"matchCriteriaId": "A3D81D72-5965-4DB7-BFA7-9A32A9108919"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1849186",
"source": "security@mozilla.org"
"source": "security@mozilla.org",
"tags": [
"Exploit",
"Issue Tracking"
]
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-56/",
"source": "security@mozilla.org"
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
]
}
]
}

95
CVE-2023/CVE-2023-68xx/CVE-2023-6873.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6873",
"sourceIdentifier": "security@mozilla.org",
"published": "2023-12-19T14:15:08.227",
"lastModified": "2023-12-22T01:15:12.237",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-12-22T10:28:50.477",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,19 +14,102 @@
"value": "Errores de seguridad de la memoria presentes en Firefox 120. Algunos de estos errores mostraron evidencia de corrupci\u00f3n de la memoria y suponemos que con suficiente esfuerzo algunos de ellos podr\u00edan haberse aprovechado para ejecutar c\u00f3digo arbitrario. Esta vulnerabilidad afecta a Firefox &lt; 121."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
"versionEndExcluding": "121.0",
"matchCriteriaId": "A3D81D72-5965-4DB7-BFA7-9A32A9108919"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "46D69DCC-AE4D-4EA5-861C-D60951444C6C"
}
]
}
]
}
],
"references": [
{
"url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1855327%2C1862089%2C1862723",
"source": "security@mozilla.org"
"source": "security@mozilla.org",
"tags": [
"Broken Link",
"Issue Tracking"
]
},
{
"url": "https://www.debian.org/security/2023/dsa-5582",
"source": "security@mozilla.org"
"source": "security@mozilla.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-56/",
"source": "security@mozilla.org"
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
]
}
]
}

40
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-12-22T07:00:24.833127+00:00
2023-12-22T11:00:25.295334+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-12-22T05:15:14.323000+00:00
2023-12-22T10:59:57.740000+00:00
```
### Last Data Feed Release
@ -29,21 +29,47 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
234072
234075
```
### CVEs added in the last Commit
Recently added CVEs: `2`
Recently added CVEs: `3`
* [CVE-2023-7058](CVE-2023/CVE-2023-70xx/CVE-2023-7058.json) (`2023-12-22T05:15:13.860`)
* [CVE-2023-7059](CVE-2023/CVE-2023-70xx/CVE-2023-7059.json) (`2023-12-22T05:15:14.323`)
* [CVE-2023-43116](CVE-2023/CVE-2023-431xx/CVE-2023-43116.json) (`2023-12-22T10:15:11.110`)
* [CVE-2023-43741](CVE-2023/CVE-2023-437xx/CVE-2023-43741.json) (`2023-12-22T10:15:11.173`)
* [CVE-2023-49356](CVE-2023/CVE-2023-493xx/CVE-2023-49356.json) (`2023-12-22T10:15:11.323`)
### CVEs modified in the last Commit
Recently modified CVEs: `0`
Recently modified CVEs: `65`
* [CVE-2023-40010](CVE-2023/CVE-2023-400xx/CVE-2023-40010.json) (`2023-12-22T09:54:05.790`)
* [CVE-2023-49164](CVE-2023/CVE-2023-491xx/CVE-2023-49164.json) (`2023-12-22T09:54:59.777`)
* [CVE-2023-6768](CVE-2023/CVE-2023-67xx/CVE-2023-6768.json) (`2023-12-22T09:58:49.833`)
* [CVE-2023-6769](CVE-2023/CVE-2023-67xx/CVE-2023-6769.json) (`2023-12-22T09:59:41.467`)
* [CVE-2023-47707](CVE-2023/CVE-2023-477xx/CVE-2023-47707.json) (`2023-12-22T10:00:51.667`)
* [CVE-2023-47705](CVE-2023/CVE-2023-477xx/CVE-2023-47705.json) (`2023-12-22T10:01:58.917`)
* [CVE-2023-47703](CVE-2023/CVE-2023-477xx/CVE-2023-47703.json) (`2023-12-22T10:02:23.280`)
* [CVE-2023-47702](CVE-2023/CVE-2023-477xx/CVE-2023-47702.json) (`2023-12-22T10:03:25.553`)
* [CVE-2023-47706](CVE-2023/CVE-2023-477xx/CVE-2023-47706.json) (`2023-12-22T10:11:40.633`)
* [CVE-2023-47704](CVE-2023/CVE-2023-477xx/CVE-2023-47704.json) (`2023-12-22T10:11:58.137`)
* [CVE-2023-50639](CVE-2023/CVE-2023-506xx/CVE-2023-50639.json) (`2023-12-22T10:12:33.847`)
* [CVE-2023-50376](CVE-2023/CVE-2023-503xx/CVE-2023-50376.json) (`2023-12-22T10:13:15.320`)
* [CVE-2023-49489](CVE-2023/CVE-2023-494xx/CVE-2023-49489.json) (`2023-12-22T10:13:39.257`)
* [CVE-2023-1667](CVE-2023/CVE-2023-16xx/CVE-2023-1667.json) (`2023-12-22T10:15:10.917`)
* [CVE-2023-2283](CVE-2023/CVE-2023-22xx/CVE-2023-2283.json) (`2023-12-22T10:15:11.020`)
* [CVE-2023-44398](CVE-2023/CVE-2023-443xx/CVE-2023-44398.json) (`2023-12-22T10:15:11.223`)
* [CVE-2023-6873](CVE-2023/CVE-2023-68xx/CVE-2023-6873.json) (`2023-12-22T10:28:50.477`)
* [CVE-2023-6872](CVE-2023/CVE-2023-68xx/CVE-2023-6872.json) (`2023-12-22T10:43:30.707`)
* [CVE-2023-6871](CVE-2023/CVE-2023-68xx/CVE-2023-6871.json) (`2023-12-22T10:43:54.310`)
* [CVE-2023-6869](CVE-2023/CVE-2023-68xx/CVE-2023-6869.json) (`2023-12-22T10:52:43.520`)
* [CVE-2023-6868](CVE-2023/CVE-2023-68xx/CVE-2023-6868.json) (`2023-12-22T10:52:54.690`)
* [CVE-2023-6867](CVE-2023/CVE-2023-68xx/CVE-2023-6867.json) (`2023-12-22T10:53:35.230`)
* [CVE-2023-6866](CVE-2023/CVE-2023-68xx/CVE-2023-6866.json) (`2023-12-22T10:54:33.320`)
* [CVE-2023-6865](CVE-2023/CVE-2023-68xx/CVE-2023-6865.json) (`2023-12-22T10:59:40.403`)
* [CVE-2023-6864](CVE-2023/CVE-2023-68xx/CVE-2023-6864.json) (`2023-12-22T10:59:57.740`)
## Download and Usage