diff --git a/CVE-2017/CVE-2017-121xx/CVE-2017-12146.json b/CVE-2017/CVE-2017-121xx/CVE-2017-12146.json index ce78f59e6fd..ca7e266c3b2 100644 --- a/CVE-2017/CVE-2017-121xx/CVE-2017-12146.json +++ b/CVE-2017/CVE-2017-121xx/CVE-2017-12146.json @@ -2,8 +2,8 @@ "id": "CVE-2017-12146", "sourceIdentifier": "cve@mitre.org", "published": "2017-09-08T19:29:00.207", - "lastModified": "2019-10-03T00:03:26.223", - "vulnStatus": "Modified", + "lastModified": "2023-06-21T20:59:19.180", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -15,13 +15,13 @@ } ], "metrics": { - "cvssMetricV30": [ + "cvssMetricV31": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { - "version": "3.0", - "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector": "LOCAL", "attackComplexity": "HIGH", "privilegesRequired": "LOW", @@ -85,8 +85,44 @@ { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", - "versionEndIncluding": "4.12", - "matchCriteriaId": "117361C7-9835-4C8A-AA22-B2A0AF08D09F" + "versionStartIncluding": "3.17", + "versionEndExcluding": "3.18.61", + "matchCriteriaId": "737CDAED-1476-433D-A1D3-7460323FF392" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "3.19", + "versionEndExcluding": "4.1.43", + "matchCriteriaId": "5F6B255F-0933-4983-B3F6-AD5B128A8F04" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.2", + "versionEndExcluding": "4.4.77", + "matchCriteriaId": "F09881FD-5BBD-4E0F-88C0-C795EE420DC5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.5", + "versionEndExcluding": "4.9.37", + "matchCriteriaId": "86853D2B-E143-47D3-9419-39AB1F0960D8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.10", + "versionEndExcluding": "4.11.10", + "matchCriteriaId": "EE4EAA36-3647-4C48-8C52-857C95CAD243" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.12", + "versionEndExcluding": "4.12.1", + "matchCriteriaId": "E490C35F-808E-44C4-9895-65DA70CC76F2" } ] } @@ -105,7 +141,10 @@ }, { "url": "http://www.debian.org/security/2017/dsa-3981", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.12.1", @@ -117,7 +156,11 @@ }, { "url": "http://www.securityfocus.com/bid/100651", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1489078", diff --git a/CVE-2017/CVE-2017-152xx/CVE-2017-15265.json b/CVE-2017/CVE-2017-152xx/CVE-2017-15265.json index 3101a4f9e9f..3d7459e5fc0 100644 --- a/CVE-2017/CVE-2017-152xx/CVE-2017-15265.json +++ b/CVE-2017/CVE-2017-152xx/CVE-2017-15265.json @@ -2,8 +2,8 @@ "id": "CVE-2017-15265", "sourceIdentifier": "cve@mitre.org", "published": "2017-10-16T18:29:00.577", - "lastModified": "2020-07-15T03:15:18.623", - "vulnStatus": "Modified", + "lastModified": "2023-06-21T20:59:35.910", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -15,13 +15,13 @@ } ], "metrics": { - "cvssMetricV30": [ + "cvssMetricV31": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { - "version": "3.0", - "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector": "LOCAL", "attackComplexity": "HIGH", "privilegesRequired": "LOW", @@ -89,8 +89,57 @@ { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", - "versionEndIncluding": "4.13.7", - "matchCriteriaId": "11C6B206-8716-4A16-81BD-F3B8C8ACBE19" + "versionEndExcluding": "3.2.95", + "matchCriteriaId": "FE34D8B6-10FA-4EBC-863E-F996C0D35F52" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "3.3", + "versionEndExcluding": "3.10.108", + "matchCriteriaId": "7AEC5142-D74C-40FD-9F20-286B9566A40E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "3.11", + "versionEndExcluding": "3.16.50", + "matchCriteriaId": "CB9D6AAF-DF4B-4EE1-A638-DFBDC249789F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "3.17", + "versionEndExcluding": "3.18.76", + "matchCriteriaId": "126AB064-7A35-4C32-BED7-382E0F13F147" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "3.19", + "versionEndExcluding": "4.1.46", + "matchCriteriaId": "8E07836D-67CD-47C8-9E8C-7AA3DBCAEFF2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.2", + "versionEndExcluding": "4.4.93", + "matchCriteriaId": "C2F83CFA-B098-45DE-9391-BEA047F41BC4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.5", + "versionEndExcluding": "4.9.57", + "matchCriteriaId": "D07BF343-265B-4842-9149-E4B7B8943A65" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.10", + "versionEndExcluding": "4.13.8", + "matchCriteriaId": "0CD397D8-C278-45DC-A0B3-ABBC73A74ED7" } ] } @@ -104,7 +153,7 @@ "tags": [ "Issue Tracking", "Patch", - "Third Party Advisory" + "Vendor Advisory" ] }, { @@ -151,31 +200,52 @@ }, { "url": "https://access.redhat.com/errata/RHSA-2018:0676", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://access.redhat.com/errata/RHSA-2018:1062", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://access.redhat.com/errata/RHSA-2018:1130", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://access.redhat.com/errata/RHSA-2018:1170", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://access.redhat.com/errata/RHSA-2018:2390", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://access.redhat.com/errata/RHSA-2018:3822", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://access.redhat.com/errata/RHSA-2018:3823", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://bugzilla.suse.com/show_bug.cgi?id=1062520", @@ -197,31 +267,54 @@ }, { "url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://lists.debian.org/debian-lts-announce/2017/12/msg00004.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://source.android.com/security/bulletin/2018-02-01", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://usn.ubuntu.com/3698-1/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://usn.ubuntu.com/3698-2/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://www.oracle.com/security-alerts/cpujul2020.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Patch", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2017/CVE-2017-170xx/CVE-2017-17053.json b/CVE-2017/CVE-2017-170xx/CVE-2017-17053.json index 7ead93ab8c9..0dc0b8fdbc8 100644 --- a/CVE-2017/CVE-2017-170xx/CVE-2017-17053.json +++ b/CVE-2017/CVE-2017-170xx/CVE-2017-17053.json @@ -2,7 +2,7 @@ "id": "CVE-2017-17053", "sourceIdentifier": "cve@mitre.org", "published": "2017-11-29T03:29:00.300", - "lastModified": "2018-12-19T14:04:51.890", + "lastModified": "2023-06-21T21:01:08.793", "vulnStatus": "Analyzed", "descriptions": [ { @@ -15,13 +15,13 @@ } ], "metrics": { - "cvssMetricV30": [ + "cvssMetricV31": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { - "version": "3.0", - "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector": "LOCAL", "attackComplexity": "HIGH", "privilegesRequired": "LOW", @@ -85,8 +85,23 @@ { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.4.144", + "versionEndExcluding": "4.4.153", + "matchCriteriaId": "2A1EB29A-4793-4527-8D94-4736FFCD695B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.6", + "versionEndExcluding": "4.9.46", + "matchCriteriaId": "3415528F-A245-41FE-92D4-953ACB5977FD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.10", "versionEndExcluding": "4.12.10", - "matchCriteriaId": "EB6F4341-55E4-4E6C-95A9-89265E0566CB" + "matchCriteriaId": "228B0872-5ADF-4033-B9EE-75A0E0E3D4D0" } ] } @@ -99,7 +114,8 @@ "source": "cve@mitre.org", "tags": [ "Issue Tracking", - "Patch" + "Patch", + "Vendor Advisory" ] }, { @@ -121,14 +137,16 @@ "url": "https://github.com/torvalds/linux/commit/ccd5b3235180eef3cfec337df1c8554ab151b5cc", "source": "cve@mitre.org", "tags": [ - "Patch" + "Patch", + "Third Party Advisory" ] }, { "url": "https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.12.10", "source": "cve@mitre.org", "tags": [ - "Issue Tracking" + "Issue Tracking", + "Vendor Advisory" ] } ] diff --git a/CVE-2017/CVE-2017-177xx/CVE-2017-17712.json b/CVE-2017/CVE-2017-177xx/CVE-2017-17712.json index 303dbc6f2f9..b5f9570e40a 100644 --- a/CVE-2017/CVE-2017-177xx/CVE-2017-17712.json +++ b/CVE-2017/CVE-2017-177xx/CVE-2017-17712.json @@ -2,8 +2,8 @@ "id": "CVE-2017-17712", "sourceIdentifier": "cve@mitre.org", "published": "2017-12-16T01:29:00.190", - "lastModified": "2018-04-04T01:29:01.137", - "vulnStatus": "Modified", + "lastModified": "2023-06-21T21:01:22.247", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -15,13 +15,13 @@ } ], "metrics": { - "cvssMetricV30": [ + "cvssMetricV31": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { - "version": "3.0", - "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector": "LOCAL", "attackComplexity": "HIGH", "privilegesRequired": "LOW", @@ -85,8 +85,30 @@ { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", - "versionEndIncluding": "4.14.6", - "matchCriteriaId": "199A7680-7A66-46C8-A63F-55444AF8DFF8" + "versionStartIncluding": "3.19", + "versionEndExcluding": "4.1.52", + "matchCriteriaId": "DC20C495-C297-4CEE-9034-4FE81754FE98" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.2", + "versionEndExcluding": "4.4.109", + "matchCriteriaId": "E7BEC3D4-7038-49AD-B148-012F960F2B29" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.5", + "versionEndExcluding": "4.9.74", + "matchCriteriaId": "5EED08F2-CAB9-4270-8714-16E9C8FAE7C2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.10", + "versionEndExcluding": "4.14.11", + "matchCriteriaId": "C9DFD0E4-9A4A-40D5-9DC5-D8DD9F99AC93" } ] } @@ -98,43 +120,66 @@ "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8f659a03a0ba9289b9aeb9b4470e6fb263d6f483", "source": "cve@mitre.org", "tags": [ - "Patch" + "Patch", + "Vendor Advisory" ] }, { "url": "https://access.redhat.com/errata/RHSA-2018:0502", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://github.com/torvalds/linux/commit/8f659a03a0ba9289b9aeb9b4470e6fb263d6f483", "source": "cve@mitre.org", "tags": [ - "Patch" + "Patch", + "Third Party Advisory" ] }, { "url": "https://source.android.com/security/bulletin/pixel/2018-04-01", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://usn.ubuntu.com/3581-1/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://usn.ubuntu.com/3581-2/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://usn.ubuntu.com/3581-3/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://usn.ubuntu.com/3582-1/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://usn.ubuntu.com/3582-2/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://www.debian.org/security/2017/dsa-4073", diff --git a/CVE-2023/CVE-2023-09xx/CVE-2023-0969.json b/CVE-2023/CVE-2023-09xx/CVE-2023-0969.json new file mode 100644 index 00000000000..c66d1f7ad99 --- /dev/null +++ b/CVE-2023/CVE-2023-09xx/CVE-2023-0969.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2023-0969", + "sourceIdentifier": "product-security@silabs.com", + "published": "2023-06-21T20:15:09.660", + "lastModified": "2023-06-21T20:15:09.660", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability in SiLabs Z/IP Gateway 7.18.01 and earlier allows an authenticated attacker within Z-Wave range to manipulate an array pointer to disclose the contents of global memory." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "product-security@silabs.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 3.5, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 2.1, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "product-security@silabs.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-119" + }, + { + "lang": "en", + "value": "CWE-125" + } + ] + } + ], + "references": [ + { + "url": "https://siliconlabs.lightning.force.com/sfc/servlet.shepherd/document/download/0698Y00000V6HZzQAN?operationContext=S1", + "source": "product-security@silabs.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-09xx/CVE-2023-0970.json b/CVE-2023/CVE-2023-09xx/CVE-2023-0970.json new file mode 100644 index 00000000000..4a38e6510d1 --- /dev/null +++ b/CVE-2023/CVE-2023-09xx/CVE-2023-0970.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2023-0970", + "sourceIdentifier": "product-security@silabs.com", + "published": "2023-06-21T20:15:09.843", + "lastModified": "2023-06-21T20:15:09.843", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Multiple buffer overflow vulnerabilities in SiLabs Z/IP Gateway SDK version 7.18.01 and earlier allow an attacker with invasive physical access to a Z-Wave controller device to overwrite global memory and potentially execute arbitrary code." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "product-security@silabs.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", + "attackVector": "PHYSICAL", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 0.5, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "product-security@silabs.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-119" + }, + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "references": [ + { + "url": "https://siliconlabs.lightning.force.com/sfc/servlet.shepherd/document/download/0698Y00000V6HZzQAN?operationContext=S1", + "source": "product-security@silabs.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-09xx/CVE-2023-0971.json b/CVE-2023/CVE-2023-09xx/CVE-2023-0971.json new file mode 100644 index 00000000000..b03e743b9bc --- /dev/null +++ b/CVE-2023/CVE-2023-09xx/CVE-2023-0971.json @@ -0,0 +1,63 @@ +{ + "id": "CVE-2023-0971", + "sourceIdentifier": "product-security@silabs.com", + "published": "2023-06-21T20:15:09.943", + "lastModified": "2023-06-21T20:15:09.943", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A logic error in SiLabs Z/IP Gateway SDK 7.18.02 and earlier allows authentication to be bypassed, remote administration of Z-Wave controllers, and S0/S2 encryption keys to be recovered." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "product-security@silabs.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.6, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 2.8, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "product-security@silabs.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-269" + }, + { + "lang": "en", + "value": "CWE-281" + }, + { + "lang": "en", + "value": "CWE-863" + } + ] + } + ], + "references": [ + { + "url": "https://siliconlabs.lightning.force.com/sfc/servlet.shepherd/document/download/0698Y00000V6HZzQAN?operationContext=S1", + "source": "product-security@silabs.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-09xx/CVE-2023-0972.json b/CVE-2023/CVE-2023-09xx/CVE-2023-0972.json new file mode 100644 index 00000000000..7669c1cc3f5 --- /dev/null +++ b/CVE-2023/CVE-2023-09xx/CVE-2023-0972.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2023-0972", + "sourceIdentifier": "product-security@silabs.com", + "published": "2023-06-21T20:15:10.023", + "lastModified": "2023-06-21T20:15:10.023", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Description: A vulnerability in SiLabs Z/IP Gateway 7.18.01 and earlier allows an unauthenticated attacker within Z-Wave range to overflow a stack buffer, leading to arbitrary code execution." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "product-security@silabs.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.6, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 2.8, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "product-security@silabs.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-119" + }, + { + "lang": "en", + "value": "CWE-120" + } + ] + } + ], + "references": [ + { + "url": "https://siliconlabs.lightning.force.com/sfc/servlet.shepherd/document/download/0698Y00000V6HZzQAN?operationContext=S1", + "source": "product-security@silabs.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-242xx/CVE-2023-24261.json b/CVE-2023/CVE-2023-242xx/CVE-2023-24261.json new file mode 100644 index 00000000000..f1a56bc0bf9 --- /dev/null +++ b/CVE-2023/CVE-2023-242xx/CVE-2023-24261.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-24261", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-06-21T21:15:10.867", + "lastModified": "2023-06-21T21:15:10.867", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability in GL.iNET GL-E750 Mudi before firmware v3.216 allows authenticated attackers to execute arbitrary code via a crafted POST request." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://justinapplegate.me/2023/glinet-CVE-2023-24261/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-249xx/CVE-2023-24937.json b/CVE-2023/CVE-2023-249xx/CVE-2023-24937.json index 2f2c1e21c9d..a3215374bfd 100644 --- a/CVE-2023/CVE-2023-249xx/CVE-2023-24937.json +++ b/CVE-2023/CVE-2023-249xx/CVE-2023-24937.json @@ -2,8 +2,8 @@ "id": "CVE-2023-24937", "sourceIdentifier": "secure@microsoft.com", "published": "2023-06-14T03:15:08.127", - "lastModified": "2023-06-14T03:37:44.217", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-21T20:51:00.080", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -34,10 +34,126 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*", + "versionEndExcluding": "10.0.17763.4499", + "matchCriteriaId": "C5F955D6-1553-4C59-9DD0-C875FB3D1199" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.17763.4499", + "matchCriteriaId": "F77DB019-5063-4534-9BF2-DF51CD20AB47" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*", + "versionEndExcluding": "10.0.17763.4499", + "matchCriteriaId": "70A25108-6F9B-4D9A-8776-25F869CD95A5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:arm64:*", + "versionEndExcluding": "10.0.19045.3087", + "matchCriteriaId": "A6C6E459-F691-4B83-94B5-62607ED91406" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.19045.3087", + "matchCriteriaId": "20834FD7-6DA0-44F2-9D03-42F8A0B0A504" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x86:*", + "versionEndExcluding": "10.0.19045.3087", + "matchCriteriaId": "DFCEE4E3-FD34-4A17-ACA8-15F617104185" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:arm64:*", + "versionEndExcluding": "10.0.19045.3087", + "matchCriteriaId": "690CB61E-C65F-4F3C-A82E-96F3DF4FA25C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.19045.3087", + "matchCriteriaId": "8AE28877-7C04-4EF6-9727-CFEDFAAEFB49" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x86:*", + "versionEndExcluding": "10.0.19045.3087", + "matchCriteriaId": "8B3DF61B-DCBB-4FB0-A0EF-1E5829941C45" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:arm64:*", + "versionEndExcluding": "10.0.22000.2057", + "matchCriteriaId": "3C51F6A7-2518-4DF2-93E7-4C19914F4063" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.22000.2057", + "matchCriteriaId": "FFAF133F-F2A1-4BCC-B901-5C0A775BEC81" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:arm64:*", + "versionEndExcluding": "10.0.22621.1848", + "matchCriteriaId": "886BF41E-670B-4B8B-ACDE-EB5C3C25EDC3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:x64:*", + "versionEndExcluding": "10.0.22621.1848", + "matchCriteriaId": "0D900723-68F0-4973-BE03-41A261869D6D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*", + "matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24937", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-254xx/CVE-2023-25435.json b/CVE-2023/CVE-2023-254xx/CVE-2023-25435.json new file mode 100644 index 00000000000..36adebfa350 --- /dev/null +++ b/CVE-2023/CVE-2023-254xx/CVE-2023-25435.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-25435", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-06-21T20:15:10.100", + "lastModified": "2023-06-21T20:15:10.100", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "libtiff 4.5.0 is vulnerable to Buffer Overflow via extractContigSamplesShifted8bits() at /libtiff/tools/tiffcrop.c:3753." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://gitlab.com/libtiff/libtiff/-/issues/518", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-25xx/CVE-2023-2570.json b/CVE-2023/CVE-2023-25xx/CVE-2023-2570.json index 1291ea6d7d9..ce88701ecf8 100644 --- a/CVE-2023/CVE-2023-25xx/CVE-2023-2570.json +++ b/CVE-2023/CVE-2023-25xx/CVE-2023-2570.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2570", "sourceIdentifier": "cybersecurity@se.com", "published": "2023-06-14T08:15:09.187", - "lastModified": "2023-06-14T12:54:19.587", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-21T21:03:56.260", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + }, { "source": "cybersecurity@se.com", "type": "Secondary", @@ -46,10 +66,30 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:schneider-electric:ecostruxure_foxboro_dcs_control_core_services:-:*:*:*:*:*:*:*", + "matchCriteriaId": "EBC5697C-C87E-4345-9A92-7CD48BB67683" + } + ] + } + ] + } + ], "references": [ { "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-164-04&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-164-04.pdf", - "source": "cybersecurity@se.com" + "source": "cybersecurity@se.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-278xx/CVE-2023-27836.json b/CVE-2023/CVE-2023-278xx/CVE-2023-27836.json index 1b5640d1f65..b2d4b9b4feb 100644 --- a/CVE-2023/CVE-2023-278xx/CVE-2023-27836.json +++ b/CVE-2023/CVE-2023-278xx/CVE-2023-27836.json @@ -2,19 +2,86 @@ "id": "CVE-2023-27836", "sourceIdentifier": "cve@mitre.org", "published": "2023-06-13T19:15:09.317", - "lastModified": "2023-06-13T21:27:45.680", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-21T21:02:52.600", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "TP-Link TL-WPA8630P (US)_ V2_ Version 171011 was discovered to contain a command injection vulnerability via the devicePwd parameter in the function sub_ 40A80C." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-77" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:tp-link:tl-wpa8630p_firmware:171011:*:*:*:*:*:*:*", + "matchCriteriaId": "489C4308-A93A-470D-88CD-D480C7B7DEA2" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:tp-link:tl-wpa8630p:2.0:*:*:*:*:*:*:*", + "matchCriteriaId": "6B4CFE0D-E999-4F58-800D-262666867C90" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/lzd521/IOT/tree/main/TP-Link%20WPA8630P%202", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-285xx/CVE-2023-28598.json b/CVE-2023/CVE-2023-285xx/CVE-2023-28598.json index d2ade4d524d..837b0fbcaf1 100644 --- a/CVE-2023/CVE-2023-285xx/CVE-2023-28598.json +++ b/CVE-2023/CVE-2023-285xx/CVE-2023-28598.json @@ -2,8 +2,8 @@ "id": "CVE-2023-28598", "sourceIdentifier": "security@zoom.us", "published": "2023-06-13T17:15:14.467", - "lastModified": "2023-06-13T18:27:48.060", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-21T20:51:49.067", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + }, { "source": "security@zoom.us", "type": "Secondary", @@ -34,10 +54,43 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-74" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zoom:zoom:*:*:*:*:*:linux:*:*", + "versionEndExcluding": "5.13.10", + "matchCriteriaId": "DB1E61AA-28D0-4F15-857E-D647EF0EEA8E" + } + ] + } + ] + } + ], "references": [ { "url": "https://explore.zoom.us/en/trust/security/security-bulletin/", - "source": "security@zoom.us" + "source": "security@zoom.us", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-285xx/CVE-2023-28599.json b/CVE-2023/CVE-2023-285xx/CVE-2023-28599.json index fc26b86d60a..4f4d36d9fe0 100644 --- a/CVE-2023/CVE-2023-285xx/CVE-2023-28599.json +++ b/CVE-2023/CVE-2023-285xx/CVE-2023-28599.json @@ -2,8 +2,8 @@ "id": "CVE-2023-28599", "sourceIdentifier": "security@zoom.us", "published": "2023-06-13T17:15:14.537", - "lastModified": "2023-06-13T18:27:48.060", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-21T20:52:21.747", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + }, { "source": "security@zoom.us", "type": "Secondary", @@ -34,10 +54,67 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-74" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zoom:zoom:*:*:*:*:*:android:*:*", + "versionEndExcluding": "5.13.10", + "matchCriteriaId": "D266549E-02B0-4658-9D29-FD3AEE49676F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zoom:zoom:*:*:*:*:*:iphone_os:*:*", + "versionEndExcluding": "5.13.10", + "matchCriteriaId": "7BE1C2CD-27E1-4F54-B0DF-87A509B91CEF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zoom:zoom:*:*:*:*:*:linux:*:*", + "versionEndExcluding": "5.13.10", + "matchCriteriaId": "DB1E61AA-28D0-4F15-857E-D647EF0EEA8E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zoom:zoom:*:*:*:*:*:macos:*:*", + "versionEndExcluding": "5.13.10", + "matchCriteriaId": "A4EF241A-A6BF-427F-AB42-013C8127944A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zoom:zoom:*:*:*:*:*:windows:*:*", + "versionEndExcluding": "5.13.10", + "matchCriteriaId": "4C67C911-6DC5-4443-8AA7-229C63E13D5C" + } + ] + } + ] + } + ], "references": [ { "url": "https://explore.zoom.us/en/trust/security/security-bulletin/", - "source": "security@zoom.us" + "source": "security@zoom.us", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-286xx/CVE-2023-28600.json b/CVE-2023/CVE-2023-286xx/CVE-2023-28600.json index 1ab0c82bcef..343f9a85d48 100644 --- a/CVE-2023/CVE-2023-286xx/CVE-2023-28600.json +++ b/CVE-2023/CVE-2023-286xx/CVE-2023-28600.json @@ -2,8 +2,8 @@ "id": "CVE-2023-28600", "sourceIdentifier": "security@zoom.us", "published": "2023-06-13T18:15:21.533", - "lastModified": "2023-06-13T18:27:41.330", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-21T20:52:50.547", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.5 + }, { "source": "security@zoom.us", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-Other" + } + ] + }, { "source": "security@zoom.us", "type": "Secondary", @@ -46,10 +76,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zoom:zoom:*:*:*:*:*:macos:*:*", + "versionEndExcluding": "5.14.0", + "matchCriteriaId": "E607D9D5-AE32-4377-9AA5-9B44DC161882" + } + ] + } + ] + } + ], "references": [ { "url": "https://explore.zoom.us/en/trust/security/security-bulletin/", - "source": "security@zoom.us" + "source": "security@zoom.us", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-286xx/CVE-2023-28601.json b/CVE-2023/CVE-2023-286xx/CVE-2023-28601.json index 9e2a3b7814c..4b0df0eafda 100644 --- a/CVE-2023/CVE-2023-286xx/CVE-2023-28601.json +++ b/CVE-2023/CVE-2023-286xx/CVE-2023-28601.json @@ -2,8 +2,8 @@ "id": "CVE-2023-28601", "sourceIdentifier": "security@zoom.us", "published": "2023-06-13T18:15:21.613", - "lastModified": "2023-06-13T18:27:41.330", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-21T20:53:18.250", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + }, { "source": "security@zoom.us", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-119" + } + ] + }, { "source": "security@zoom.us", "type": "Secondary", @@ -46,10 +76,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zoom:zoom:*:*:*:*:*:windows:*:*", + "versionEndExcluding": "5.14.0", + "matchCriteriaId": "2EEE52E3-E80E-4CD2-B778-95F513E5EBFF" + } + ] + } + ] + } + ], "references": [ { "url": "https://explore.zoom.us/en/trust/security/security-bulletin/", - "source": "security@zoom.us" + "source": "security@zoom.us", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-286xx/CVE-2023-28602.json b/CVE-2023/CVE-2023-286xx/CVE-2023-28602.json index f8964d9a183..834a961d853 100644 --- a/CVE-2023/CVE-2023-286xx/CVE-2023-28602.json +++ b/CVE-2023/CVE-2023-286xx/CVE-2023-28602.json @@ -2,8 +2,8 @@ "id": "CVE-2023-28602", "sourceIdentifier": "security@zoom.us", "published": "2023-06-13T18:15:21.683", - "lastModified": "2023-06-13T18:27:41.330", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-21T20:53:37.857", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 7.7, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.1, + "impactScore": 4.0 + }, { "source": "security@zoom.us", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-347" + } + ] + }, { "source": "security@zoom.us", "type": "Secondary", @@ -46,10 +76,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zoom:zoom:*:*:*:*:*:windows:*:*", + "versionEndExcluding": "5.13.5", + "matchCriteriaId": "DDDF143E-324E-4D0C-83D1-2E66DDE760E2" + } + ] + } + ] + } + ], "references": [ { "url": "https://explore.zoom.us/en/trust/security/security-bulletin/", - "source": "security@zoom.us" + "source": "security@zoom.us", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-286xx/CVE-2023-28603.json b/CVE-2023/CVE-2023-286xx/CVE-2023-28603.json index d00199ee984..53e00a47cf1 100644 --- a/CVE-2023/CVE-2023-286xx/CVE-2023-28603.json +++ b/CVE-2023/CVE-2023-286xx/CVE-2023-28603.json @@ -2,8 +2,8 @@ "id": "CVE-2023-28603", "sourceIdentifier": "security@zoom.us", "published": "2023-06-13T18:15:21.760", - "lastModified": "2023-06-13T18:27:41.330", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-21T20:53:55.603", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.2 + }, { "source": "security@zoom.us", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-Other" + } + ] + }, { "source": "security@zoom.us", "type": "Secondary", @@ -46,10 +76,43 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zoom:virtual_desktop_infrastructure:*:*:*:*:*:*:*:*", + "versionEndExcluding": "5.14.0", + "matchCriteriaId": "E5FF7C01-346E-4FF6-BDDF-6B642EE08130" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" + } + ] + } + ] + } + ], "references": [ { "url": "https://explore.zoom.us/en/trust/security/security-bulletin/", - "source": "security@zoom.us" + "source": "security@zoom.us", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-28xx/CVE-2023-2828.json b/CVE-2023/CVE-2023-28xx/CVE-2023-2828.json index d833fbe38c4..d575f6f987a 100644 --- a/CVE-2023/CVE-2023-28xx/CVE-2023-2828.json +++ b/CVE-2023/CVE-2023-28xx/CVE-2023-2828.json @@ -2,7 +2,7 @@ "id": "CVE-2023-2828", "sourceIdentifier": "security-officer@isc.org", "published": "2023-06-21T17:15:47.703", - "lastModified": "2023-06-21T18:57:48.280", + "lastModified": "2023-06-21T21:15:11.027", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -35,6 +35,10 @@ ] }, "references": [ + { + "url": "http://www.openwall.com/lists/oss-security/2023/06/21/6", + "source": "security-officer@isc.org" + }, { "url": "https://kb.isc.org/docs/cve-2023-2828", "source": "security-officer@isc.org" diff --git a/CVE-2023/CVE-2023-29xx/CVE-2023-2911.json b/CVE-2023/CVE-2023-29xx/CVE-2023-2911.json index 4ace263205a..d54dc2024b1 100644 --- a/CVE-2023/CVE-2023-29xx/CVE-2023-2911.json +++ b/CVE-2023/CVE-2023-29xx/CVE-2023-2911.json @@ -2,7 +2,7 @@ "id": "CVE-2023-2911", "sourceIdentifier": "security-officer@isc.org", "published": "2023-06-21T17:15:47.827", - "lastModified": "2023-06-21T18:57:48.280", + "lastModified": "2023-06-21T21:15:11.177", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -35,6 +35,10 @@ ] }, "references": [ + { + "url": "http://www.openwall.com/lists/oss-security/2023/06/21/6", + "source": "security-officer@isc.org" + }, { "url": "https://kb.isc.org/docs/cve-2023-2911", "source": "security-officer@isc.org" diff --git a/CVE-2023/CVE-2023-306xx/CVE-2023-30631.json b/CVE-2023/CVE-2023-306xx/CVE-2023-30631.json index 334c5029fba..cb0ab3b64db 100644 --- a/CVE-2023/CVE-2023-306xx/CVE-2023-30631.json +++ b/CVE-2023/CVE-2023-306xx/CVE-2023-30631.json @@ -2,19 +2,52 @@ "id": "CVE-2023-30631", "sourceIdentifier": "security@apache.org", "published": "2023-06-14T08:15:09.257", - "lastModified": "2023-06-14T12:54:19.587", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-21T21:05:24.670", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Improper Input Validation vulnerability in Apache Software Foundation Apache Traffic Server.\u00a0 The configuration option\u00a0proxy.config.http.push_method_enabled didn't function.\u00a0 However, by default the PUSH method is blocked in the ip_allow configuration file.This issue affects Apache Traffic Server: from 8.0.0 through 9.2.0.\n\n8.x users should upgrade to 8.1.7 or later versions\n9.x users should upgrade to 9.2.1 or later versions\n\n\n" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, "weaknesses": [ { - "source": "security@apache.org", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + }, + { + "source": "security@apache.org", + "type": "Secondary", "description": [ { "lang": "en", @@ -23,10 +56,39 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*", + "versionStartIncluding": "8.0.0", + "versionEndExcluding": "8.1.7", + "matchCriteriaId": "87C4AE80-E393-43C0-B0CD-AFDDFBCCD5B1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*", + "versionStartIncluding": "9.0.0", + "versionEndExcluding": "9.2.1", + "matchCriteriaId": "79200A3A-6182-458E-9E10-878ABF67B593" + } + ] + } + ] + } + ], "references": [ { "url": "https://lists.apache.org/thread/tns2b4khyyncgs5v5p9y35pobg9z2bvs", - "source": "security@apache.org" + "source": "security@apache.org", + "tags": [ + "Mailing List" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-30xx/CVE-2023-3001.json b/CVE-2023/CVE-2023-30xx/CVE-2023-3001.json index a4ae456729e..21491308744 100644 --- a/CVE-2023/CVE-2023-30xx/CVE-2023-3001.json +++ b/CVE-2023/CVE-2023-30xx/CVE-2023-3001.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3001", "sourceIdentifier": "cybersecurity@se.com", "published": "2023-06-14T08:15:09.577", - "lastModified": "2023-06-14T12:54:19.587", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-21T21:06:51.690", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + }, { "source": "cybersecurity@se.com", "type": "Secondary", @@ -46,10 +66,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:schneider-electric:igss_dashboard:*:*:*:*:*:*:*:*", + "versionEndExcluding": "16.0.0.23131", + "matchCriteriaId": "F22D5911-1789-4820-82FB-F3A1225748AF" + } + ] + } + ] + } + ], "references": [ { "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-164-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-164-02.pdf", - "source": "cybersecurity@se.com" + "source": "cybersecurity@se.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-319xx/CVE-2023-31975.json b/CVE-2023/CVE-2023-319xx/CVE-2023-31975.json index 2b8b7d5a2e1..b19c50e8a69 100644 --- a/CVE-2023/CVE-2023-319xx/CVE-2023-31975.json +++ b/CVE-2023/CVE-2023-319xx/CVE-2023-31975.json @@ -2,7 +2,7 @@ "id": "CVE-2023-31975", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-09T13:15:18.590", - "lastModified": "2023-06-21T15:15:09.577", + "lastModified": "2023-06-21T21:15:11.250", "vulnStatus": "Modified", "descriptions": [ { @@ -68,10 +68,30 @@ "url": "http://www.openwall.com/lists/oss-security/2023/06/20/6", "source": "cve@mitre.org" }, + { + "url": "http://www.openwall.com/lists/oss-security/2023/06/21/10", + "source": "cve@mitre.org" + }, { "url": "http://www.openwall.com/lists/oss-security/2023/06/21/2", "source": "cve@mitre.org" }, + { + "url": "http://www.openwall.com/lists/oss-security/2023/06/21/5", + "source": "cve@mitre.org" + }, + { + "url": "http://www.openwall.com/lists/oss-security/2023/06/21/7", + "source": "cve@mitre.org" + }, + { + "url": "http://www.openwall.com/lists/oss-security/2023/06/21/8", + "source": "cve@mitre.org" + }, + { + "url": "http://www.openwall.com/lists/oss-security/2023/06/21/9", + "source": "cve@mitre.org" + }, { "url": "https://github.com/yasm/yasm/issues/210", "source": "cve@mitre.org", diff --git a/CVE-2023/CVE-2023-31xx/CVE-2023-3110.json b/CVE-2023/CVE-2023-31xx/CVE-2023-3110.json new file mode 100644 index 00000000000..e994d3b4365 --- /dev/null +++ b/CVE-2023/CVE-2023-31xx/CVE-2023-3110.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2023-3110", + "sourceIdentifier": "product-security@silabs.com", + "published": "2023-06-21T20:15:10.263", + "lastModified": "2023-06-21T20:15:10.263", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Description: A vulnerability in SiLabs Unify Gateway 1.3.1 and earlier allows an unauthenticated attacker within Z-Wave range to overflow a stack buffer, leading to arbitrary code execution." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "product-security@silabs.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.6, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 2.8, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "product-security@silabs.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-119" + }, + { + "lang": "en", + "value": "CWE-120" + } + ] + } + ], + "references": [ + { + "url": "https://siliconlabs.lightning.force.com/sfc/servlet.shepherd/document/download/0698Y00000V6HZzQAN?operationContext=S1", + "source": "product-security@silabs.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-32xx/CVE-2023-3235.json b/CVE-2023/CVE-2023-32xx/CVE-2023-3235.json index 364c525ae74..eea7abb754a 100644 --- a/CVE-2023/CVE-2023-32xx/CVE-2023-3235.json +++ b/CVE-2023/CVE-2023-32xx/CVE-2023-3235.json @@ -2,15 +2,41 @@ "id": "CVE-2023-3235", "sourceIdentifier": "cna@vuldb.com", "published": "2023-06-14T07:15:09.510", - "lastModified": "2023-06-14T12:54:19.587", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-21T20:54:16.250", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A vulnerability was found in mccms up to 2.6.5. It has been rated as critical. Affected by this issue is the function pic_api of the file sys/apps/controllers/admin/Comic.php. The manipulation of the argument url leads to server-side request forgery. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-231506 is the identifier assigned to this vulnerability." + }, + { + "lang": "es", + "value": "Se ha encontrado una vulnerabilidad en mccms hasta la versi\u00f3n 2.6.5. Ha sido calificada como cr\u00edtica. Este problema afecta a la funci\u00f3n \"pic_api\" del archivo \"sys/apps/controllers/admin/Comic.php\". La manipulaci\u00f3n del argumento \"url\" conduce a una falsificaci\u00f3n de petici\u00f3n del lado del servidor. El ataque puede lanzarse de forma remota. El exploit ha sido revelado al p\u00fablico y puede ser utilizado. El identificador asignado a esta vulnerabilidad es VDB-231506. " } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "cna@vuldb.com", @@ -71,18 +97,45 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:chshcms:mccms:*:*:*:*:*:*:*:*", + "versionEndIncluding": "2.6.5", + "matchCriteriaId": "8FE5F957-26A2-4B9B-B22D-7F3954F2203D" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/HuBenLab/HuBenVulList/blob/main/MCCMS%20is%20vulnerable%20to%20Server-side%20request%20forgery%20(SSRF)%201.md", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit" + ] }, { "url": "https://vuldb.com/?ctiid.231506", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required" + ] }, { "url": "https://vuldb.com/?id.231506", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-32xx/CVE-2023-3236.json b/CVE-2023/CVE-2023-32xx/CVE-2023-3236.json index 311e6875ef4..727166251fd 100644 --- a/CVE-2023/CVE-2023-32xx/CVE-2023-3236.json +++ b/CVE-2023/CVE-2023-32xx/CVE-2023-3236.json @@ -2,15 +2,41 @@ "id": "CVE-2023-3236", "sourceIdentifier": "cna@vuldb.com", "published": "2023-06-14T07:15:09.580", - "lastModified": "2023-06-14T12:54:19.587", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-21T20:52:15.233", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A vulnerability classified as critical has been found in mccms up to 2.6.5. This affects the function pic_save of the file sys/apps/controllers/admin/Comic.php. The manipulation of the argument pic leads to server-side request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-231507." + }, + { + "lang": "es", + "value": "Se ha encontrado una vulnerabilidad clasificada como cr\u00edtica en mccms hasta la versi\u00f3n 2.6.5. Afecta a la funci\u00f3n \"pic_save\" del fichero \"sys/apps/controllers/admin/Comic.php\". La manipulaci\u00f3n del argumento \"pic\" conduce a una falsificaci\u00f3n de petici\u00f3n del lado del servidor. Es posible iniciar el ataque de forma remota. El exploit ha sido revelado al p\u00fablico y puede ser utilizado. El identificador asociado de esta vulnerabilidad es VDB-231507. " } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "cna@vuldb.com", @@ -71,18 +97,45 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:chshcms:mccms:*:*:*:*:*:*:*:*", + "versionEndIncluding": "2.6.5", + "matchCriteriaId": "8FE5F957-26A2-4B9B-B22D-7F3954F2203D" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/HuBenLab/HuBenVulList/blob/main/MCCMS%20is%20vulnerable%20to%20Server-side%20request%20forgery%20(SSRF)%202.md", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit" + ] }, { "url": "https://vuldb.com/?ctiid.231507", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required" + ] }, { "url": "https://vuldb.com/?id.231507", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-331xx/CVE-2023-33121.json b/CVE-2023/CVE-2023-331xx/CVE-2023-33121.json index 159f3a1d340..e5df48fd2a0 100644 --- a/CVE-2023/CVE-2023-331xx/CVE-2023-33121.json +++ b/CVE-2023/CVE-2023-331xx/CVE-2023-33121.json @@ -2,8 +2,8 @@ "id": "CVE-2023-33121", "sourceIdentifier": "productcert@siemens.com", "published": "2023-06-13T09:15:18.323", - "lastModified": "2023-06-13T13:00:42.717", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-21T20:15:37.563", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + }, { "source": "productcert@siemens.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + }, { "source": "productcert@siemens.com", "type": "Secondary", @@ -46,10 +76,66 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:siemens:jt2go:*:*:*:*:*:*:*:*", + "versionEndExcluding": "14.2.0.3", + "matchCriteriaId": "64B11DAF-8FFB-4696-85E5-67853B8A91F4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:siemens:teamcenter_visualization:*:*:*:*:*:*:*:*", + "versionEndExcluding": "13.2.0.13", + "matchCriteriaId": "29CAB414-2971-4974-9F19-1809F33B9715" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:siemens:teamcenter_visualization:*:*:*:*:*:*:*:*", + "versionStartIncluding": "13.3.0", + "versionEndExcluding": "13.3.0.10", + "matchCriteriaId": "CAC2B735-3298-4B79-B98F-21916EE7926F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:siemens:teamcenter_visualization:*:*:*:*:*:*:*:*", + "versionStartIncluding": "14.0", + "versionEndExcluding": "14.0.0.6", + "matchCriteriaId": "63AC2AB5-3593-4922-A4CC-E5E0E35DE071" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:siemens:teamcenter_visualization:*:*:*:*:*:*:*:*", + "versionStartIncluding": "14.1", + "versionEndExcluding": "14.1.0.8", + "matchCriteriaId": "F7D64A7C-AF27-4E09-9455-98BBF231CAF5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:siemens:teamcenter_visualization:*:*:*:*:*:*:*:*", + "versionStartIncluding": "14.2", + "versionEndExcluding": "14.2.0.3", + "matchCriteriaId": "A5D5D267-7DE4-4116-878D-4422D9B5E7FD" + } + ] + } + ] + } + ], "references": [ { "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538795.pdf", - "source": "productcert@siemens.com" + "source": "productcert@siemens.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-331xx/CVE-2023-33122.json b/CVE-2023/CVE-2023-331xx/CVE-2023-33122.json index 10648628af6..ce4ec399a6f 100644 --- a/CVE-2023/CVE-2023-331xx/CVE-2023-33122.json +++ b/CVE-2023/CVE-2023-331xx/CVE-2023-33122.json @@ -2,8 +2,8 @@ "id": "CVE-2023-33122", "sourceIdentifier": "productcert@siemens.com", "published": "2023-06-13T09:15:18.380", - "lastModified": "2023-06-13T13:00:42.717", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-21T20:32:43.770", + "vulnStatus": "Undergoing Analysis", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + }, { "source": "productcert@siemens.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] + }, { "source": "productcert@siemens.com", "type": "Secondary", @@ -46,10 +76,66 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:siemens:jt2go:*:*:*:*:*:*:*:*", + "versionEndExcluding": "14.2.0.3", + "matchCriteriaId": "64B11DAF-8FFB-4696-85E5-67853B8A91F4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:siemens:teamcenter_visualization:*:*:*:*:*:*:*:*", + "versionEndExcluding": "13.2.0.13", + "matchCriteriaId": "29CAB414-2971-4974-9F19-1809F33B9715" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:siemens:teamcenter_visualization:*:*:*:*:*:*:*:*", + "versionStartIncluding": "13.3.0", + "versionEndExcluding": "13.3.0.10", + "matchCriteriaId": "CAC2B735-3298-4B79-B98F-21916EE7926F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:siemens:teamcenter_visualization:*:*:*:*:*:*:*:*", + "versionStartIncluding": "14.0", + "versionEndExcluding": "14.0.0.6", + "matchCriteriaId": "63AC2AB5-3593-4922-A4CC-E5E0E35DE071" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:siemens:teamcenter_visualization:*:*:*:*:*:*:*:*", + "versionStartIncluding": "14.1", + "versionEndExcluding": "14.1.0.8", + "matchCriteriaId": "F7D64A7C-AF27-4E09-9455-98BBF231CAF5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:siemens:teamcenter_visualization:*:*:*:*:*:*:*:*", + "versionStartIncluding": "14.2", + "versionEndExcluding": "14.2.0.3", + "matchCriteriaId": "A5D5D267-7DE4-4116-878D-4422D9B5E7FD" + } + ] + } + ] + } + ], "references": [ { "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538795.pdf", - "source": "productcert@siemens.com" + "source": "productcert@siemens.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-331xx/CVE-2023-33123.json b/CVE-2023/CVE-2023-331xx/CVE-2023-33123.json index 271431e8633..0cbcfaa9939 100644 --- a/CVE-2023/CVE-2023-331xx/CVE-2023-33123.json +++ b/CVE-2023/CVE-2023-331xx/CVE-2023-33123.json @@ -2,8 +2,8 @@ "id": "CVE-2023-33123", "sourceIdentifier": "productcert@siemens.com", "published": "2023-06-13T09:15:18.437", - "lastModified": "2023-06-13T13:00:42.717", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-21T20:37:57.867", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + }, { "source": "productcert@siemens.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] + }, { "source": "productcert@siemens.com", "type": "Secondary", @@ -46,10 +76,67 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:siemens:jt2go:*:*:*:*:*:*:*:*", + "versionEndExcluding": "14.2.0.3", + "matchCriteriaId": "64B11DAF-8FFB-4696-85E5-67853B8A91F4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:siemens:teamcenter_visualization:*:*:*:*:*:*:*:*", + "versionStartIncluding": "13.2.0", + "versionEndExcluding": "13.2.0.13", + "matchCriteriaId": "FC06105E-8D31-4AFD-88C6-2E58D01CFFE8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:siemens:teamcenter_visualization:*:*:*:*:*:*:*:*", + "versionStartIncluding": "13.3.0", + "versionEndExcluding": "13.3.0.10", + "matchCriteriaId": "CAC2B735-3298-4B79-B98F-21916EE7926F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:siemens:teamcenter_visualization:*:*:*:*:*:*:*:*", + "versionStartIncluding": "14.0", + "versionEndExcluding": "14.0.0.6", + "matchCriteriaId": "63AC2AB5-3593-4922-A4CC-E5E0E35DE071" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:siemens:teamcenter_visualization:*:*:*:*:*:*:*:*", + "versionStartIncluding": "14.1", + "versionEndExcluding": "14.1.0.8", + "matchCriteriaId": "F7D64A7C-AF27-4E09-9455-98BBF231CAF5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:siemens:teamcenter_visualization:*:*:*:*:*:*:*:*", + "versionStartIncluding": "14.2", + "versionEndExcluding": "14.2.0.3", + "matchCriteriaId": "A5D5D267-7DE4-4116-878D-4422D9B5E7FD" + } + ] + } + ] + } + ], "references": [ { "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538795.pdf", - "source": "productcert@siemens.com" + "source": "productcert@siemens.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-331xx/CVE-2023-33124.json b/CVE-2023/CVE-2023-331xx/CVE-2023-33124.json index f0340e65e17..2e88fe732e7 100644 --- a/CVE-2023/CVE-2023-331xx/CVE-2023-33124.json +++ b/CVE-2023/CVE-2023-331xx/CVE-2023-33124.json @@ -2,8 +2,8 @@ "id": "CVE-2023-33124", "sourceIdentifier": "productcert@siemens.com", "published": "2023-06-13T09:15:18.500", - "lastModified": "2023-06-13T13:00:42.717", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-21T20:40:11.047", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + }, { "source": "productcert@siemens.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + }, { "source": "productcert@siemens.com", "type": "Secondary", @@ -46,10 +76,67 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:siemens:jt2go:*:*:*:*:*:*:*:*", + "versionEndExcluding": "14.2.0.3", + "matchCriteriaId": "64B11DAF-8FFB-4696-85E5-67853B8A91F4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:siemens:teamcenter_visualization:*:*:*:*:*:*:*:*", + "versionStartIncluding": "13.2.0", + "versionEndExcluding": "13.2.0.13", + "matchCriteriaId": "FC06105E-8D31-4AFD-88C6-2E58D01CFFE8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:siemens:teamcenter_visualization:*:*:*:*:*:*:*:*", + "versionStartIncluding": "13.3.0", + "versionEndExcluding": "13.3.0.10", + "matchCriteriaId": "CAC2B735-3298-4B79-B98F-21916EE7926F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:siemens:teamcenter_visualization:*:*:*:*:*:*:*:*", + "versionStartIncluding": "14.0", + "versionEndExcluding": "14.0.0.6", + "matchCriteriaId": "63AC2AB5-3593-4922-A4CC-E5E0E35DE071" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:siemens:teamcenter_visualization:*:*:*:*:*:*:*:*", + "versionStartIncluding": "14.1", + "versionEndExcluding": "14.1.0.8", + "matchCriteriaId": "F7D64A7C-AF27-4E09-9455-98BBF231CAF5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:siemens:teamcenter_visualization:*:*:*:*:*:*:*:*", + "versionStartIncluding": "14.2", + "versionEndExcluding": "14.2.0.3", + "matchCriteriaId": "A5D5D267-7DE4-4116-878D-4422D9B5E7FD" + } + ] + } + ] + } + ], "references": [ { "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538795.pdf", - "source": "productcert@siemens.com" + "source": "productcert@siemens.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-331xx/CVE-2023-33130.json b/CVE-2023/CVE-2023-331xx/CVE-2023-33130.json index 08ab7ae8c61..50625ba2b2f 100644 --- a/CVE-2023/CVE-2023-331xx/CVE-2023-33130.json +++ b/CVE-2023/CVE-2023-331xx/CVE-2023-33130.json @@ -2,8 +2,8 @@ "id": "CVE-2023-33130", "sourceIdentifier": "secure@microsoft.com", "published": "2023-06-14T00:15:12.027", - "lastModified": "2023-06-14T03:37:44.217", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-21T20:00:34.317", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -34,10 +34,48 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:sharepoint_server:-:*:*:*:subscription:*:*:*", + "matchCriteriaId": "AC8BB33F-44C4-41FE-8B17-68E3C4B38142" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:sharepoint_server:2019:*:*:*:*:*:*:*", + "matchCriteriaId": "6122D014-5BF1-4AF4-8B4D-80205ED7785E" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33130", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-331xx/CVE-2023-33139.json b/CVE-2023/CVE-2023-331xx/CVE-2023-33139.json index fcb1217bd20..aec85a97c7c 100644 --- a/CVE-2023/CVE-2023-331xx/CVE-2023-33139.json +++ b/CVE-2023/CVE-2023-331xx/CVE-2023-33139.json @@ -2,8 +2,8 @@ "id": "CVE-2023-33139", "sourceIdentifier": "secure@microsoft.com", "published": "2023-06-14T00:15:12.380", - "lastModified": "2023-06-14T03:37:44.217", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-21T20:48:34.533", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -34,10 +34,104 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:visual_studio:2015:update3:*:*:*:*:*:*", + "matchCriteriaId": "62FE95C2-066B-491D-82BF-3EF173822B2F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:visual_studio:2015:update5:*:*:*:*:*:*", + "matchCriteriaId": "647EBBAA-C731-4954-A62C-2B1AAFB1061C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*", + "versionStartIncluding": "15.0", + "versionEndExcluding": "15.8", + "matchCriteriaId": "AB877090-2FA4-4E6A-99D1-70375A3AD90E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*", + "versionStartIncluding": "15.9", + "versionEndExcluding": "15.9.55", + "matchCriteriaId": "979A6A3D-64F8-4099-A00D-16F5BAC2BD79" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", + "versionStartIncluding": "16.0", + "versionEndIncluding": "16.10", + "matchCriteriaId": "26472C42-CDB4-4176-B10B-3BF26F5030E3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*", + "versionStartIncluding": "16.11", + "versionEndExcluding": "16.11.27", + "matchCriteriaId": "DFF8A760-E6E1-483D-A955-102A8D82B62C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", + "versionStartIncluding": "17.0", + "versionEndExcluding": "17.0.22", + "matchCriteriaId": "2B1F98BC-0D82-4AEB-9E1E-D67325E99385" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", + "versionStartIncluding": "17.2", + "versionEndExcluding": "17.2.16", + "matchCriteriaId": "B6B0B496-BC41-4F9D-9A28-AE7664B5C77D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", + "versionStartIncluding": "17.4", + "versionEndExcluding": "17.4.8", + "matchCriteriaId": "BC861E65-1682-4E99-8A7B-F4A31DDC0198" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*", + "versionStartIncluding": "17.6", + "versionEndExcluding": "17.6.3", + "matchCriteriaId": "51DB90D6-C1C4-43B9-8B37-696CB361F37F" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33139", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-331xx/CVE-2023-33140.json b/CVE-2023/CVE-2023-331xx/CVE-2023-33140.json index 7259e3f5e3f..fab66b14e0a 100644 --- a/CVE-2023/CVE-2023-331xx/CVE-2023-33140.json +++ b/CVE-2023/CVE-2023-331xx/CVE-2023-33140.json @@ -2,8 +2,8 @@ "id": "CVE-2023-33140", "sourceIdentifier": "secure@microsoft.com", "published": "2023-06-14T00:15:12.433", - "lastModified": "2023-06-14T03:37:44.217", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-21T20:49:19.923", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -13,8 +13,28 @@ "metrics": { "cvssMetricV31": [ { - "source": "secure@microsoft.com", + "source": "nvd@nist.gov", "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + }, + { + "source": "secure@microsoft.com", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", @@ -34,10 +54,43 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:onenote:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E92C5E61-C3A9-46BE-ABA1-2B83E68F9929" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33140", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-331xx/CVE-2023-33142.json b/CVE-2023/CVE-2023-331xx/CVE-2023-33142.json index 9db830300c1..169b61deaa1 100644 --- a/CVE-2023/CVE-2023-331xx/CVE-2023-33142.json +++ b/CVE-2023/CVE-2023-331xx/CVE-2023-33142.json @@ -2,8 +2,8 @@ "id": "CVE-2023-33142", "sourceIdentifier": "secure@microsoft.com", "published": "2023-06-14T00:15:12.487", - "lastModified": "2023-06-14T03:37:44.217", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-21T20:49:40.860", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -34,10 +34,48 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:sharepoint_server:-:*:*:*:subscription:*:*:*", + "matchCriteriaId": "AC8BB33F-44C4-41FE-8B17-68E3C4B38142" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:sharepoint_server:2019:*:*:*:*:*:*:*", + "matchCriteriaId": "6122D014-5BF1-4AF4-8B4D-80205ED7785E" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33142", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-331xx/CVE-2023-33144.json b/CVE-2023/CVE-2023-331xx/CVE-2023-33144.json index f015f3d3930..e19fca2f392 100644 --- a/CVE-2023/CVE-2023-331xx/CVE-2023-33144.json +++ b/CVE-2023/CVE-2023-331xx/CVE-2023-33144.json @@ -2,8 +2,8 @@ "id": "CVE-2023-33144", "sourceIdentifier": "secure@microsoft.com", "published": "2023-06-14T00:15:12.543", - "lastModified": "2023-06-14T03:37:44.217", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-21T20:50:06.800", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -13,8 +13,28 @@ "metrics": { "cvssMetricV31": [ { - "source": "secure@microsoft.com", + "source": "nvd@nist.gov", "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 6.6, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.3, + "impactScore": 5.2 + }, + { + "source": "secure@microsoft.com", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", @@ -34,10 +54,44 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:visual_studio_code:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.79", + "matchCriteriaId": "EE635D60-B446-4D65-902F-9F018658588E" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33144", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-331xx/CVE-2023-33145.json b/CVE-2023/CVE-2023-331xx/CVE-2023-33145.json index 957d6add5d8..50d4e109e32 100644 --- a/CVE-2023/CVE-2023-331xx/CVE-2023-33145.json +++ b/CVE-2023/CVE-2023-331xx/CVE-2023-33145.json @@ -2,8 +2,8 @@ "id": "CVE-2023-33145", "sourceIdentifier": "secure@microsoft.com", "published": "2023-06-14T00:15:12.597", - "lastModified": "2023-06-14T03:37:44.217", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-21T20:50:33.723", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -34,10 +34,44 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:edge_chromium:*:*:*:*:*:*:*:*", + "versionEndExcluding": "114.0.1823.51", + "matchCriteriaId": "7B1E3F04-D235-4ADD-9AC7-E969558A6E5B" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33145", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-331xx/CVE-2023-33146.json b/CVE-2023/CVE-2023-331xx/CVE-2023-33146.json index 4d645281272..602438cbc55 100644 --- a/CVE-2023/CVE-2023-331xx/CVE-2023-33146.json +++ b/CVE-2023/CVE-2023-331xx/CVE-2023-33146.json @@ -2,8 +2,8 @@ "id": "CVE-2023-33146", "sourceIdentifier": "secure@microsoft.com", "published": "2023-06-14T00:15:12.653", - "lastModified": "2023-06-14T03:37:44.217", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-21T20:50:46.633", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -34,10 +34,58 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x64:*", + "matchCriteriaId": "3259EBFE-AE2D-48B8-BE9A-E22BBDB31378" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x86:*", + "matchCriteriaId": "CD25F492-9272-4836-832C-8439EBE64CCF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:office:2019:*:*:*:*:macos:*:*", + "matchCriteriaId": "40961B9E-80B6-42E0-A876-58B3CE056E4E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:macos:*:*", + "matchCriteriaId": "BF0E8112-5B6F-4E55-8E40-38ADCF6FC654" + } + ] + } + ] + } + ], "references": [ { "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33146", - "source": "secure@microsoft.com" + "source": "secure@microsoft.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-332xx/CVE-2023-33289.json b/CVE-2023/CVE-2023-332xx/CVE-2023-33289.json new file mode 100644 index 00000000000..aa0db01d58e --- /dev/null +++ b/CVE-2023/CVE-2023-332xx/CVE-2023-33289.json @@ -0,0 +1,28 @@ +{ + "id": "CVE-2023-33289", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-06-21T20:15:10.157", + "lastModified": "2023-06-21T20:15:10.157", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The urlnorm crate through 0.1.4 for Rust allows Regular Expression Denial of Service (ReDos) via a crafted URL to lib.rs." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://gist.github.com/6en6ar/b118888dc739e8979038f24c8ac33611", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/progscrape/urlnorm", + "source": "cve@mitre.org" + }, + { + "url": "https://lib.rs/crates/urlnorm", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-334xx/CVE-2023-33405.json b/CVE-2023/CVE-2023-334xx/CVE-2023-33405.json new file mode 100644 index 00000000000..6fd36b9f60c --- /dev/null +++ b/CVE-2023/CVE-2023-334xx/CVE-2023-33405.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-33405", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-06-21T21:15:11.357", + "lastModified": "2023-06-21T21:15:11.357", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Blogengine.net 3.3.8.0 and earlier is vulnerable to Open Redirect." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/hacip/CVE-2023-33405", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-335xx/CVE-2023-33591.json b/CVE-2023/CVE-2023-335xx/CVE-2023-33591.json new file mode 100644 index 00000000000..baf4f79a564 --- /dev/null +++ b/CVE-2023/CVE-2023-335xx/CVE-2023-33591.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-33591", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-06-21T20:15:10.213", + "lastModified": "2023-06-21T20:15:10.213", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "User Registration & Login and User Management System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /admin/search-result.php." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/DARSHANAGUPTA10/CVE/blob/main/CVE%202023-33591", + "source": "cve@mitre.org" + }, + { + "url": "https://phpgurukul.com/user-registration-login-and-user-management-system-with-admin-panel/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-339xx/CVE-2023-33933.json b/CVE-2023/CVE-2023-339xx/CVE-2023-33933.json index 538ed104ac0..26940c550bc 100644 --- a/CVE-2023/CVE-2023-339xx/CVE-2023-33933.json +++ b/CVE-2023/CVE-2023-339xx/CVE-2023-33933.json @@ -2,19 +2,52 @@ "id": "CVE-2023-33933", "sourceIdentifier": "security@apache.org", "published": "2023-06-14T08:15:09.323", - "lastModified": "2023-06-14T12:54:19.587", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-21T21:05:39.700", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache Traffic Server.This issue affects Apache Traffic Server: from 8.0.0 through 9.2.0.\n\n8.x users should upgrade to 8.1.7 or later versions\n9.x users should upgrade to 9.2.1 or later versions\n\n\n" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, "weaknesses": [ { - "source": "security@apache.org", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + }, + { + "source": "security@apache.org", + "type": "Secondary", "description": [ { "lang": "en", @@ -23,10 +56,39 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*", + "versionStartIncluding": "8.0.0", + "versionEndExcluding": "8.1.7", + "matchCriteriaId": "87C4AE80-E393-43C0-B0CD-AFDDFBCCD5B1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*", + "versionStartIncluding": "9.0.0", + "versionEndExcluding": "9.2.1", + "matchCriteriaId": "79200A3A-6182-458E-9E10-878ABF67B593" + } + ] + } + ] + } + ], "references": [ { "url": "https://lists.apache.org/thread/tns2b4khyyncgs5v5p9y35pobg9z2bvs", - "source": "security@apache.org" + "source": "security@apache.org", + "tags": [ + "Mailing List" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-340xx/CVE-2023-34000.json b/CVE-2023/CVE-2023-340xx/CVE-2023-34000.json index 60aa5ad8cdc..d63e4fcebb0 100644 --- a/CVE-2023/CVE-2023-340xx/CVE-2023-34000.json +++ b/CVE-2023/CVE-2023-340xx/CVE-2023-34000.json @@ -2,8 +2,8 @@ "id": "CVE-2023-34000", "sourceIdentifier": "audit@patchstack.com", "published": "2023-06-14T08:15:09.377", - "lastModified": "2023-06-14T12:54:19.587", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-21T21:06:14.600", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,14 +66,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:woocommerce:stripe_payment_gateway:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "7.4.1", + "matchCriteriaId": "13004F00-4F5F-4138-B33E-B7951053F5A1" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/articles/unauthenticated-idor-to-pii-disclosure-vulnerability-in-woocommerce-stripe-gateway-plugin?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Exploit" + ] }, { "url": "https://patchstack.com/database/vulnerability/woocommerce-gateway-stripe/wordpress-woocommerce-stripe-payment-gateway-plugin-7-4-0-insecure-direct-object-references-idor-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-341xx/CVE-2023-34113.json b/CVE-2023/CVE-2023-341xx/CVE-2023-34113.json index 99a1dc44ff6..01a91599798 100644 --- a/CVE-2023/CVE-2023-341xx/CVE-2023-34113.json +++ b/CVE-2023/CVE-2023-341xx/CVE-2023-34113.json @@ -2,8 +2,8 @@ "id": "CVE-2023-34113", "sourceIdentifier": "security@zoom.us", "published": "2023-06-13T18:15:21.840", - "lastModified": "2023-06-13T18:27:41.330", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-21T20:54:16.867", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "security@zoom.us", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-345" + } + ] + }, { "source": "security@zoom.us", "type": "Secondary", @@ -46,10 +76,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zoom:zoom:*:*:*:*:*:windows:*:*", + "versionEndExcluding": "5.14.0", + "matchCriteriaId": "2EEE52E3-E80E-4CD2-B778-95F513E5EBFF" + } + ] + } + ] + } + ], "references": [ { "url": "https://explore.zoom.us/en/trust/security/security-bulletin/", - "source": "security@zoom.us" + "source": "security@zoom.us", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-341xx/CVE-2023-34114.json b/CVE-2023/CVE-2023-341xx/CVE-2023-34114.json index d0336ec5850..869d81c1ef6 100644 --- a/CVE-2023/CVE-2023-341xx/CVE-2023-34114.json +++ b/CVE-2023/CVE-2023-341xx/CVE-2023-34114.json @@ -2,8 +2,8 @@ "id": "CVE-2023-34114", "sourceIdentifier": "security@zoom.us", "published": "2023-06-13T19:15:09.427", - "lastModified": "2023-06-13T21:27:45.680", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-21T21:02:32.257", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + }, { "source": "security@zoom.us", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-668" + } + ] + }, { "source": "security@zoom.us", "type": "Secondary", @@ -46,10 +76,37 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zoom:zoom:*:*:*:*:*:macos:*:*", + "versionEndExcluding": "5.14.10", + "matchCriteriaId": "6B3D7B50-B13B-45D3-AE2C-7EBB1DE30FA4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zoom:zoom:*:*:*:*:*:windows:*:*", + "versionEndExcluding": "5.14.10", + "matchCriteriaId": "B2DE0D4A-F97E-41D3-9906-427BEFFBDB8F" + } + ] + } + ] + } + ], "references": [ { "url": "https://explore.zoom.us/en/trust/security/security-bulletin/", - "source": "security@zoom.us" + "source": "security@zoom.us", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-341xx/CVE-2023-34120.json b/CVE-2023/CVE-2023-341xx/CVE-2023-34120.json index 41177623926..d918f12e3f5 100644 --- a/CVE-2023/CVE-2023-341xx/CVE-2023-34120.json +++ b/CVE-2023/CVE-2023-341xx/CVE-2023-34120.json @@ -2,8 +2,8 @@ "id": "CVE-2023-34120", "sourceIdentifier": "security@zoom.us", "published": "2023-06-13T18:15:21.913", - "lastModified": "2023-06-13T18:27:41.330", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-21T20:54:35.730", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + }, { "source": "security@zoom.us", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + }, { "source": "security@zoom.us", "type": "Secondary", @@ -46,10 +76,43 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zoom:virtual_desktop_infrastructure:*:*:*:*:*:*:*:*", + "versionEndExcluding": "5.14.0", + "matchCriteriaId": "E5FF7C01-346E-4FF6-BDDF-6B642EE08130" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" + } + ] + } + ] + } + ], "references": [ { "url": "https://explore.zoom.us/en/trust/security/security-bulletin/", - "source": "security@zoom.us" + "source": "security@zoom.us", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-341xx/CVE-2023-34121.json b/CVE-2023/CVE-2023-341xx/CVE-2023-34121.json index 08ed2539ed3..535ab8b0849 100644 --- a/CVE-2023/CVE-2023-341xx/CVE-2023-34121.json +++ b/CVE-2023/CVE-2023-341xx/CVE-2023-34121.json @@ -2,8 +2,8 @@ "id": "CVE-2023-34121", "sourceIdentifier": "security@zoom.us", "published": "2023-06-13T18:15:21.987", - "lastModified": "2023-06-13T18:27:41.330", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-21T20:54:52.100", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "security@zoom.us", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + }, { "source": "security@zoom.us", "type": "Secondary", @@ -46,10 +76,66 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zoom:rooms:*:*:*:*:*:windows:*:*", + "versionEndExcluding": "5.14.0", + "matchCriteriaId": "3B7131D9-0B21-4DC3-A7FF-C318D862211C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zoom:zoom:*:*:*:*:*:windows:*:*", + "versionEndExcluding": "5.14.0", + "matchCriteriaId": "2EEE52E3-E80E-4CD2-B778-95F513E5EBFF" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zoom:virtual_desktop_infrastructure:*:*:*:*:*:*:*:*", + "versionEndExcluding": "5.14.0", + "matchCriteriaId": "E5FF7C01-346E-4FF6-BDDF-6B642EE08130" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" + } + ] + } + ] + } + ], "references": [ { "url": "https://explore.zoom.us/en/trust/security/security-bulletin/", - "source": "security@zoom.us" + "source": "security@zoom.us", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-341xx/CVE-2023-34122.json b/CVE-2023/CVE-2023-341xx/CVE-2023-34122.json index eeb6ff23428..1dd5129f2b1 100644 --- a/CVE-2023/CVE-2023-341xx/CVE-2023-34122.json +++ b/CVE-2023/CVE-2023-341xx/CVE-2023-34122.json @@ -2,8 +2,8 @@ "id": "CVE-2023-34122", "sourceIdentifier": "security@zoom.us", "published": "2023-06-13T18:15:22.053", - "lastModified": "2023-06-13T18:27:41.330", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-21T20:55:04.803", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + }, { "source": "security@zoom.us", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + }, { "source": "security@zoom.us", "type": "Secondary", @@ -46,10 +76,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zoom:zoom:*:*:*:*:*:windows:*:*", + "versionEndExcluding": "5.14.0", + "matchCriteriaId": "2EEE52E3-E80E-4CD2-B778-95F513E5EBFF" + } + ] + } + ] + } + ], "references": [ { "url": "https://explore.zoom.us/en/trust/security/security-bulletin/", - "source": "security@zoom.us" + "source": "security@zoom.us", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-341xx/CVE-2023-34149.json b/CVE-2023/CVE-2023-341xx/CVE-2023-34149.json index 0ccfd0030f9..3326d53430a 100644 --- a/CVE-2023/CVE-2023-341xx/CVE-2023-34149.json +++ b/CVE-2023/CVE-2023-341xx/CVE-2023-34149.json @@ -2,8 +2,8 @@ "id": "CVE-2023-34149", "sourceIdentifier": "security@apache.org", "published": "2023-06-14T08:15:09.450", - "lastModified": "2023-06-14T15:15:10.147", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-21T21:06:26.343", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + }, { "source": "security@apache.org", "type": "Secondary", @@ -46,14 +66,45 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:apache:struts:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.5.31", + "matchCriteriaId": "D75F74D6-E223-41BA-86B4-5BADF2B48692" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:apache:struts:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.0.0", + "versionEndExcluding": "6.1.2.1", + "matchCriteriaId": "158CD586-162F-41A6-97B5-62D5F59B656E" + } + ] + } + ] + } + ], "references": [ { "url": "http://www.openwall.com/lists/oss-security/2023/06/14/2", - "source": "security@apache.org" + "source": "security@apache.org", + "tags": [ + "Mailing List" + ] }, { "url": "https://cwiki.apache.org/confluence/display/WW/S2-063", - "source": "security@apache.org" + "source": "security@apache.org", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-343xx/CVE-2023-34396.json b/CVE-2023/CVE-2023-343xx/CVE-2023-34396.json index cf34ceba001..67ce4983392 100644 --- a/CVE-2023/CVE-2023-343xx/CVE-2023-34396.json +++ b/CVE-2023/CVE-2023-343xx/CVE-2023-34396.json @@ -2,8 +2,8 @@ "id": "CVE-2023-34396", "sourceIdentifier": "security@apache.org", "published": "2023-06-14T08:15:09.520", - "lastModified": "2023-06-14T15:15:10.217", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-21T21:06:39.670", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + }, { "source": "security@apache.org", "type": "Secondary", @@ -46,14 +66,45 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:apache:struts:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.5.31", + "matchCriteriaId": "D75F74D6-E223-41BA-86B4-5BADF2B48692" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:apache:struts:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.0.0", + "versionEndExcluding": "6.1.2.1", + "matchCriteriaId": "158CD586-162F-41A6-97B5-62D5F59B656E" + } + ] + } + ] + } + ], "references": [ { "url": "http://www.openwall.com/lists/oss-security/2023/06/14/3", - "source": "security@apache.org" + "source": "security@apache.org", + "tags": [ + "Mailing List" + ] }, { "url": "https://cwiki.apache.org/confluence/display/WW/S2-064", - "source": "security@apache.org" + "source": "security@apache.org", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/README.md b/README.md index 88f270f2f8d..96925cbaa4f 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-06-21T20:00:28.196802+00:00 +2023-06-21T22:00:29.200365+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-06-21T19:58:38.217000+00:00 +2023-06-21T21:15:11.357000+00:00 ``` ### Last Data Feed Release @@ -29,44 +29,54 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -218191 +218201 ``` ### CVEs added in the last Commit -Recently added CVEs: `0` +Recently added CVEs: `10` +* [CVE-2023-0969](CVE-2023/CVE-2023-09xx/CVE-2023-0969.json) (`2023-06-21T20:15:09.660`) +* [CVE-2023-0970](CVE-2023/CVE-2023-09xx/CVE-2023-0970.json) (`2023-06-21T20:15:09.843`) +* [CVE-2023-0971](CVE-2023/CVE-2023-09xx/CVE-2023-0971.json) (`2023-06-21T20:15:09.943`) +* [CVE-2023-0972](CVE-2023/CVE-2023-09xx/CVE-2023-0972.json) (`2023-06-21T20:15:10.023`) +* [CVE-2023-25435](CVE-2023/CVE-2023-254xx/CVE-2023-25435.json) (`2023-06-21T20:15:10.100`) +* [CVE-2023-33289](CVE-2023/CVE-2023-332xx/CVE-2023-33289.json) (`2023-06-21T20:15:10.157`) +* [CVE-2023-33591](CVE-2023/CVE-2023-335xx/CVE-2023-33591.json) (`2023-06-21T20:15:10.213`) +* [CVE-2023-3110](CVE-2023/CVE-2023-31xx/CVE-2023-3110.json) (`2023-06-21T20:15:10.263`) +* [CVE-2023-24261](CVE-2023/CVE-2023-242xx/CVE-2023-24261.json) (`2023-06-21T21:15:10.867`) +* [CVE-2023-33405](CVE-2023/CVE-2023-334xx/CVE-2023-33405.json) (`2023-06-21T21:15:11.357`) ### CVEs modified in the last Commit -Recently modified CVEs: `39` +Recently modified CVEs: `40` -* [CVE-2023-31195](CVE-2023/CVE-2023-311xx/CVE-2023-31195.json) (`2023-06-21T18:25:17.290`) -* [CVE-2023-34245](CVE-2023/CVE-2023-342xx/CVE-2023-34245.json) (`2023-06-21T18:37:03.310`) -* [CVE-2023-32017](CVE-2023/CVE-2023-320xx/CVE-2023-32017.json) (`2023-06-21T18:39:58.440`) -* [CVE-2023-32016](CVE-2023/CVE-2023-320xx/CVE-2023-32016.json) (`2023-06-21T18:41:33.663`) -* [CVE-2023-32014](CVE-2023/CVE-2023-320xx/CVE-2023-32014.json) (`2023-06-21T18:50:45.160`) -* [CVE-2023-27243](CVE-2023/CVE-2023-272xx/CVE-2023-27243.json) (`2023-06-21T18:57:48.280`) -* [CVE-2023-33725](CVE-2023/CVE-2023-337xx/CVE-2023-33725.json) (`2023-06-21T18:57:48.280`) -* [CVE-2023-0026](CVE-2023/CVE-2023-00xx/CVE-2023-0026.json) (`2023-06-21T18:57:48.280`) -* [CVE-2023-2828](CVE-2023/CVE-2023-28xx/CVE-2023-2828.json) (`2023-06-21T18:57:48.280`) -* [CVE-2023-2829](CVE-2023/CVE-2023-28xx/CVE-2023-2829.json) (`2023-06-21T18:57:48.280`) -* [CVE-2023-2911](CVE-2023/CVE-2023-29xx/CVE-2023-2911.json) (`2023-06-21T18:57:48.280`) -* [CVE-2023-29160](CVE-2023/CVE-2023-291xx/CVE-2023-29160.json) (`2023-06-21T18:57:51.187`) -* [CVE-2023-2603](CVE-2023/CVE-2023-26xx/CVE-2023-2603.json) (`2023-06-21T19:02:07.267`) -* [CVE-2023-3231](CVE-2023/CVE-2023-32xx/CVE-2023-3231.json) (`2023-06-21T19:11:26.607`) -* [CVE-2023-30082](CVE-2023/CVE-2023-300xx/CVE-2023-30082.json) (`2023-06-21T19:15:09.570`) -* [CVE-2023-33137](CVE-2023/CVE-2023-331xx/CVE-2023-33137.json) (`2023-06-21T19:18:58.407`) -* [CVE-2023-33135](CVE-2023/CVE-2023-331xx/CVE-2023-33135.json) (`2023-06-21T19:30:49.343`) -* [CVE-2023-33133](CVE-2023/CVE-2023-331xx/CVE-2023-33133.json) (`2023-06-21T19:31:52.523`) -* [CVE-2023-33132](CVE-2023/CVE-2023-331xx/CVE-2023-33132.json) (`2023-06-21T19:40:48.003`) -* [CVE-2023-33131](CVE-2023/CVE-2023-331xx/CVE-2023-33131.json) (`2023-06-21T19:42:39.463`) -* [CVE-2023-33129](CVE-2023/CVE-2023-331xx/CVE-2023-33129.json) (`2023-06-21T19:43:36.377`) -* [CVE-2023-32032](CVE-2023/CVE-2023-320xx/CVE-2023-32032.json) (`2023-06-21T19:45:21.513`) -* [CVE-2023-33126](CVE-2023/CVE-2023-331xx/CVE-2023-33126.json) (`2023-06-21T19:47:39.447`) -* [CVE-2023-33128](CVE-2023/CVE-2023-331xx/CVE-2023-33128.json) (`2023-06-21T19:48:19.337`) -* [CVE-2023-32029](CVE-2023/CVE-2023-320xx/CVE-2023-32029.json) (`2023-06-21T19:58:38.217`) +* [CVE-2023-24937](CVE-2023/CVE-2023-249xx/CVE-2023-24937.json) (`2023-06-21T20:51:00.080`) +* [CVE-2023-28598](CVE-2023/CVE-2023-285xx/CVE-2023-28598.json) (`2023-06-21T20:51:49.067`) +* [CVE-2023-3236](CVE-2023/CVE-2023-32xx/CVE-2023-3236.json) (`2023-06-21T20:52:15.233`) +* [CVE-2023-28599](CVE-2023/CVE-2023-285xx/CVE-2023-28599.json) (`2023-06-21T20:52:21.747`) +* [CVE-2023-28600](CVE-2023/CVE-2023-286xx/CVE-2023-28600.json) (`2023-06-21T20:52:50.547`) +* [CVE-2023-28601](CVE-2023/CVE-2023-286xx/CVE-2023-28601.json) (`2023-06-21T20:53:18.250`) +* [CVE-2023-28602](CVE-2023/CVE-2023-286xx/CVE-2023-28602.json) (`2023-06-21T20:53:37.857`) +* [CVE-2023-28603](CVE-2023/CVE-2023-286xx/CVE-2023-28603.json) (`2023-06-21T20:53:55.603`) +* [CVE-2023-3235](CVE-2023/CVE-2023-32xx/CVE-2023-3235.json) (`2023-06-21T20:54:16.250`) +* [CVE-2023-34113](CVE-2023/CVE-2023-341xx/CVE-2023-34113.json) (`2023-06-21T20:54:16.867`) +* [CVE-2023-34120](CVE-2023/CVE-2023-341xx/CVE-2023-34120.json) (`2023-06-21T20:54:35.730`) +* [CVE-2023-34121](CVE-2023/CVE-2023-341xx/CVE-2023-34121.json) (`2023-06-21T20:54:52.100`) +* [CVE-2023-34122](CVE-2023/CVE-2023-341xx/CVE-2023-34122.json) (`2023-06-21T20:55:04.803`) +* [CVE-2023-34114](CVE-2023/CVE-2023-341xx/CVE-2023-34114.json) (`2023-06-21T21:02:32.257`) +* [CVE-2023-27836](CVE-2023/CVE-2023-278xx/CVE-2023-27836.json) (`2023-06-21T21:02:52.600`) +* [CVE-2023-2570](CVE-2023/CVE-2023-25xx/CVE-2023-2570.json) (`2023-06-21T21:03:56.260`) +* [CVE-2023-30631](CVE-2023/CVE-2023-306xx/CVE-2023-30631.json) (`2023-06-21T21:05:24.670`) +* [CVE-2023-33933](CVE-2023/CVE-2023-339xx/CVE-2023-33933.json) (`2023-06-21T21:05:39.700`) +* [CVE-2023-34000](CVE-2023/CVE-2023-340xx/CVE-2023-34000.json) (`2023-06-21T21:06:14.600`) +* [CVE-2023-34149](CVE-2023/CVE-2023-341xx/CVE-2023-34149.json) (`2023-06-21T21:06:26.343`) +* [CVE-2023-34396](CVE-2023/CVE-2023-343xx/CVE-2023-34396.json) (`2023-06-21T21:06:39.670`) +* [CVE-2023-3001](CVE-2023/CVE-2023-30xx/CVE-2023-3001.json) (`2023-06-21T21:06:51.690`) +* [CVE-2023-2828](CVE-2023/CVE-2023-28xx/CVE-2023-2828.json) (`2023-06-21T21:15:11.027`) +* [CVE-2023-2911](CVE-2023/CVE-2023-29xx/CVE-2023-2911.json) (`2023-06-21T21:15:11.177`) +* [CVE-2023-31975](CVE-2023/CVE-2023-319xx/CVE-2023-31975.json) (`2023-06-21T21:15:11.250`) ## Download and Usage