admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-08 19:47:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-06-21T22:00:29.200365+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-06-21 22:00:32 +00:00
parent 5e738aae5f
commit 5820d9c965
51 changed files with 2848 additions and 201 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

61
CVE-2017/CVE-2017-121xx/CVE-2017-12146.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2017-12146",
"sourceIdentifier": "cve@mitre.org",
"published": "2017-09-08T19:29:00.207",
"lastModified": "2019-10-03T00:03:26.223",
"vulnStatus": "Modified",
"lastModified": "2023-06-21T20:59:19.180",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -15,13 +15,13 @@
}
],
"metrics": {
"cvssMetricV30": [
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
@ -85,8 +85,44 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndIncluding": "4.12",
"matchCriteriaId": "117361C7-9835-4C8A-AA22-B2A0AF08D09F"
"versionStartIncluding": "3.17",
"versionEndExcluding": "3.18.61",
"matchCriteriaId": "737CDAED-1476-433D-A1D3-7460323FF392"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.19",
"versionEndExcluding": "4.1.43",
"matchCriteriaId": "5F6B255F-0933-4983-B3F6-AD5B128A8F04"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.2",
"versionEndExcluding": "4.4.77",
"matchCriteriaId": "F09881FD-5BBD-4E0F-88C0-C795EE420DC5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.5",
"versionEndExcluding": "4.9.37",
"matchCriteriaId": "86853D2B-E143-47D3-9419-39AB1F0960D8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.10",
"versionEndExcluding": "4.11.10",
"matchCriteriaId": "EE4EAA36-3647-4C48-8C52-857C95CAD243"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.12",
"versionEndExcluding": "4.12.1",
"matchCriteriaId": "E490C35F-808E-44C4-9895-65DA70CC76F2"
}
]
}
@ -105,7 +141,10 @@
},
{
"url": "http://www.debian.org/security/2017/dsa-3981",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.12.1",
@ -117,7 +156,11 @@
},
{
"url": "http://www.securityfocus.com/bid/100651",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1489078",

137
CVE-2017/CVE-2017-152xx/CVE-2017-15265.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2017-15265",
"sourceIdentifier": "cve@mitre.org",
"published": "2017-10-16T18:29:00.577",
"lastModified": "2020-07-15T03:15:18.623",
"vulnStatus": "Modified",
"lastModified": "2023-06-21T20:59:35.910",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -15,13 +15,13 @@
}
],
"metrics": {
"cvssMetricV30": [
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
@ -89,8 +89,57 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndIncluding": "4.13.7",
"matchCriteriaId": "11C6B206-8716-4A16-81BD-F3B8C8ACBE19"
"versionEndExcluding": "3.2.95",
"matchCriteriaId": "FE34D8B6-10FA-4EBC-863E-F996C0D35F52"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.3",
"versionEndExcluding": "3.10.108",
"matchCriteriaId": "7AEC5142-D74C-40FD-9F20-286B9566A40E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.11",
"versionEndExcluding": "3.16.50",
"matchCriteriaId": "CB9D6AAF-DF4B-4EE1-A638-DFBDC249789F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.17",
"versionEndExcluding": "3.18.76",
"matchCriteriaId": "126AB064-7A35-4C32-BED7-382E0F13F147"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.19",
"versionEndExcluding": "4.1.46",
"matchCriteriaId": "8E07836D-67CD-47C8-9E8C-7AA3DBCAEFF2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.2",
"versionEndExcluding": "4.4.93",
"matchCriteriaId": "C2F83CFA-B098-45DE-9391-BEA047F41BC4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.5",
"versionEndExcluding": "4.9.57",
"matchCriteriaId": "D07BF343-265B-4842-9149-E4B7B8943A65"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.10",
"versionEndExcluding": "4.13.8",
"matchCriteriaId": "0CD397D8-C278-45DC-A0B3-ABBC73A74ED7"
}
]
}
@ -104,7 +153,7 @@
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
"Vendor Advisory"
]
},
{
@ -151,31 +200,52 @@
},
{
"url": "https://access.redhat.com/errata/RHSA-2018:0676",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2018:1062",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2018:1130",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2018:1170",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2018:2390",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2018:3822",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2018:3823",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1062520",
@ -197,31 +267,54 @@
},
{
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2017/12/msg00004.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://source.android.com/security/bulletin/2018-02-01",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://usn.ubuntu.com/3698-1/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://usn.ubuntu.com/3698-2/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.oracle.com/security-alerts/cpujul2020.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
]
}
]
}

34
CVE-2017/CVE-2017-170xx/CVE-2017-17053.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2017-17053",
"sourceIdentifier": "cve@mitre.org",
"published": "2017-11-29T03:29:00.300",
"lastModified": "2018-12-19T14:04:51.890",
"lastModified": "2023-06-21T21:01:08.793",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -15,13 +15,13 @@
}
],
"metrics": {
"cvssMetricV30": [
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
@ -85,8 +85,23 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.4.144",
"versionEndExcluding": "4.4.153",
"matchCriteriaId": "2A1EB29A-4793-4527-8D94-4736FFCD695B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.6",
"versionEndExcluding": "4.9.46",
"matchCriteriaId": "3415528F-A245-41FE-92D4-953ACB5977FD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.10",
"versionEndExcluding": "4.12.10",
"matchCriteriaId": "EB6F4341-55E4-4E6C-95A9-89265E0566CB"
"matchCriteriaId": "228B0872-5ADF-4033-B9EE-75A0E0E3D4D0"
}
]
}
@ -99,7 +114,8 @@
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch"
"Patch",
"Vendor Advisory"
]
},
{
@ -121,14 +137,16 @@
"url": "https://github.com/torvalds/linux/commit/ccd5b3235180eef3cfec337df1c8554ab151b5cc",
"source": "cve@mitre.org",
"tags": [
"Patch"
"Patch",
"Third Party Advisory"
]
},
{
"url": "https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.12.10",
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
"Issue Tracking",
"Vendor Advisory"
]
}
]

77
CVE-2017/CVE-2017-177xx/CVE-2017-17712.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2017-17712",
"sourceIdentifier": "cve@mitre.org",
"published": "2017-12-16T01:29:00.190",
"lastModified": "2018-04-04T01:29:01.137",
"vulnStatus": "Modified",
"lastModified": "2023-06-21T21:01:22.247",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -15,13 +15,13 @@
}
],
"metrics": {
"cvssMetricV30": [
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
@ -85,8 +85,30 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndIncluding": "4.14.6",
"matchCriteriaId": "199A7680-7A66-46C8-A63F-55444AF8DFF8"
"versionStartIncluding": "3.19",
"versionEndExcluding": "4.1.52",
"matchCriteriaId": "DC20C495-C297-4CEE-9034-4FE81754FE98"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.2",
"versionEndExcluding": "4.4.109",
"matchCriteriaId": "E7BEC3D4-7038-49AD-B148-012F960F2B29"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.5",
"versionEndExcluding": "4.9.74",
"matchCriteriaId": "5EED08F2-CAB9-4270-8714-16E9C8FAE7C2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.10",
"versionEndExcluding": "4.14.11",
"matchCriteriaId": "C9DFD0E4-9A4A-40D5-9DC5-D8DD9F99AC93"
}
]
}
@ -98,43 +120,66 @@
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8f659a03a0ba9289b9aeb9b4470e6fb263d6f483",
"source": "cve@mitre.org",
"tags": [
"Patch"
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2018:0502",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://github.com/torvalds/linux/commit/8f659a03a0ba9289b9aeb9b4470e6fb263d6f483",
"source": "cve@mitre.org",
"tags": [
"Patch"
"Patch",
"Third Party Advisory"
]
},
{
"url": "https://source.android.com/security/bulletin/pixel/2018-04-01",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://usn.ubuntu.com/3581-1/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://usn.ubuntu.com/3581-2/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://usn.ubuntu.com/3581-3/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://usn.ubuntu.com/3582-1/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://usn.ubuntu.com/3582-2/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.debian.org/security/2017/dsa-4073",

59
CVE-2023/CVE-2023-09xx/CVE-2023-0969.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-0969",
"sourceIdentifier": "product-security@silabs.com",
"published": "2023-06-21T20:15:09.660",
"lastModified": "2023-06-21T20:15:09.660",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in SiLabs Z/IP Gateway 7.18.01 and earlier allows an authenticated attacker within Z-Wave range to manipulate an array pointer to disclose the contents of global memory."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "product-security@silabs.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW"
},
"exploitabilityScore": 2.1,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "product-security@silabs.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-119"
},
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "https://siliconlabs.lightning.force.com/sfc/servlet.shepherd/document/download/0698Y00000V6HZzQAN?operationContext=S1",
"source": "product-security@silabs.com"
}
]
}

59
CVE-2023/CVE-2023-09xx/CVE-2023-0970.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-0970",
"sourceIdentifier": "product-security@silabs.com",
"published": "2023-06-21T20:15:09.843",
"lastModified": "2023-06-21T20:15:09.843",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflow vulnerabilities in SiLabs Z/IP Gateway SDK version 7.18.01 and earlier allow an attacker with invasive physical access to a Z-Wave controller device to overwrite global memory and potentially execute arbitrary code."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "product-security@silabs.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "PHYSICAL",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 0.5,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "product-security@silabs.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-119"
},
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"references": [
{
"url": "https://siliconlabs.lightning.force.com/sfc/servlet.shepherd/document/download/0698Y00000V6HZzQAN?operationContext=S1",
"source": "product-security@silabs.com"
}
]
}

63
CVE-2023/CVE-2023-09xx/CVE-2023-0971.json Normal file
View File

@ -0,0 +1,63 @@
{
"id": "CVE-2023-0971",
"sourceIdentifier": "product-security@silabs.com",
"published": "2023-06-21T20:15:09.943",
"lastModified": "2023-06-21T20:15:09.943",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A logic error in SiLabs Z/IP Gateway SDK 7.18.02 and earlier allows authentication to be bypassed, remote administration of Z-Wave controllers, and S0/S2 encryption keys to be recovered."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "product-security@silabs.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.6,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 2.8,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "product-security@silabs.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-269"
},
{
"lang": "en",
"value": "CWE-281"
},
{
"lang": "en",
"value": "CWE-863"
}
]
}
],
"references": [
{
"url": "https://siliconlabs.lightning.force.com/sfc/servlet.shepherd/document/download/0698Y00000V6HZzQAN?operationContext=S1",
"source": "product-security@silabs.com"
}
]
}

59
CVE-2023/CVE-2023-09xx/CVE-2023-0972.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-0972",
"sourceIdentifier": "product-security@silabs.com",
"published": "2023-06-21T20:15:10.023",
"lastModified": "2023-06-21T20:15:10.023",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Description: A vulnerability in SiLabs Z/IP Gateway 7.18.01 and earlier allows an unauthenticated attacker within Z-Wave range to overflow a stack buffer, leading to arbitrary code execution."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "product-security@silabs.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.6,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 2.8,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "product-security@silabs.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-119"
},
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"references": [
{
"url": "https://siliconlabs.lightning.force.com/sfc/servlet.shepherd/document/download/0698Y00000V6HZzQAN?operationContext=S1",
"source": "product-security@silabs.com"
}
]
}

20
CVE-2023/CVE-2023-242xx/CVE-2023-24261.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-24261",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-21T21:15:10.867",
"lastModified": "2023-06-21T21:15:10.867",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in GL.iNET GL-E750 Mudi before firmware v3.216 allows authenticated attackers to execute arbitrary code via a crafted POST request."
}
],
"metrics": {},
"references": [
{
"url": "https://justinapplegate.me/2023/glinet-CVE-2023-24261/",
"source": "cve@mitre.org"
}
]
}

122
CVE-2023/CVE-2023-249xx/CVE-2023-24937.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-24937",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-06-14T03:15:08.127",
"lastModified": "2023-06-14T03:37:44.217",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-21T20:51:00.080",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -34,10 +34,126 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.17763.4499",
"matchCriteriaId": "C5F955D6-1553-4C59-9DD0-C875FB3D1199"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.17763.4499",
"matchCriteriaId": "F77DB019-5063-4534-9BF2-DF51CD20AB47"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.17763.4499",
"matchCriteriaId": "70A25108-6F9B-4D9A-8776-25F869CD95A5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.19045.3087",
"matchCriteriaId": "A6C6E459-F691-4B83-94B5-62607ED91406"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.19045.3087",
"matchCriteriaId": "20834FD7-6DA0-44F2-9D03-42F8A0B0A504"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.19045.3087",
"matchCriteriaId": "DFCEE4E3-FD34-4A17-ACA8-15F617104185"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.19045.3087",
"matchCriteriaId": "690CB61E-C65F-4F3C-A82E-96F3DF4FA25C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.19045.3087",
"matchCriteriaId": "8AE28877-7C04-4EF6-9727-CFEDFAAEFB49"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.19045.3087",
"matchCriteriaId": "8B3DF61B-DCBB-4FB0-A0EF-1E5829941C45"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.22000.2057",
"matchCriteriaId": "3C51F6A7-2518-4DF2-93E7-4C19914F4063"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.22000.2057",
"matchCriteriaId": "FFAF133F-F2A1-4BCC-B901-5C0A775BEC81"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.22621.1848",
"matchCriteriaId": "886BF41E-670B-4B8B-ACDE-EB5C3C25EDC3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.22621.1848",
"matchCriteriaId": "0D900723-68F0-4973-BE03-41A261869D6D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24937",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

20
CVE-2023/CVE-2023-254xx/CVE-2023-25435.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-25435",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-21T20:15:10.100",
"lastModified": "2023-06-21T20:15:10.100",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "libtiff 4.5.0 is vulnerable to Buffer Overflow via extractContigSamplesShifted8bits() at /libtiff/tools/tiffcrop.c:3753."
}
],
"metrics": {},
"references": [
{
"url": "https://gitlab.com/libtiff/libtiff/-/issues/518",
"source": "cve@mitre.org"
}
]
}

46
CVE-2023/CVE-2023-25xx/CVE-2023-2570.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2570",
"sourceIdentifier": "cybersecurity@se.com",
"published": "2023-06-14T08:15:09.187",
"lastModified": "2023-06-14T12:54:19.587",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-21T21:03:56.260",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "cybersecurity@se.com",
"type": "Secondary",
@ -46,10 +66,30 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:schneider-electric:ecostruxure_foxboro_dcs_control_core_services:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBC5697C-C87E-4345-9A92-7CD48BB67683"
}
]
}
]
}
],
"references": [
{
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-164-04&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-164-04.pdf",
"source": "cybersecurity@se.com"
"source": "cybersecurity@se.com",
"tags": [
"Vendor Advisory"
]
}
]
}

75
CVE-2023/CVE-2023-278xx/CVE-2023-27836.json
View File

@ -2,19 +2,86 @@
"id": "CVE-2023-27836",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-13T19:15:09.317",
"lastModified": "2023-06-13T21:27:45.680",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-21T21:02:52.600",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "TP-Link TL-WPA8630P (US)_ V2_ Version 171011 was discovered to contain a command injection vulnerability via the devicePwd parameter in the function sub_ 40A80C."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tp-link:tl-wpa8630p_firmware:171011:*:*:*:*:*:*:*",
"matchCriteriaId": "489C4308-A93A-470D-88CD-D480C7B7DEA2"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tp-link:tl-wpa8630p:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6B4CFE0D-E999-4F58-800D-262666867C90"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/lzd521/IOT/tree/main/TP-Link%20WPA8630P%202",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
}
]
}

59
CVE-2023/CVE-2023-285xx/CVE-2023-28598.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28598",
"sourceIdentifier": "security@zoom.us",
"published": "2023-06-13T17:15:14.467",
"lastModified": "2023-06-13T18:27:48.060",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-21T20:51:49.067",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "security@zoom.us",
"type": "Secondary",
@ -34,10 +54,43 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-74"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zoom:zoom:*:*:*:*:*:linux:*:*",
"versionEndExcluding": "5.13.10",
"matchCriteriaId": "DB1E61AA-28D0-4F15-857E-D647EF0EEA8E"
}
]
}
]
}
],
"references": [
{
"url": "https://explore.zoom.us/en/trust/security/security-bulletin/",
"source": "security@zoom.us"
"source": "security@zoom.us",
"tags": [
"Vendor Advisory"
]
}
]
}

83
CVE-2023/CVE-2023-285xx/CVE-2023-28599.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28599",
"sourceIdentifier": "security@zoom.us",
"published": "2023-06-13T17:15:14.537",
"lastModified": "2023-06-13T18:27:48.060",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-21T20:52:21.747",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "security@zoom.us",
"type": "Secondary",
@ -34,10 +54,67 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-74"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zoom:zoom:*:*:*:*:*:android:*:*",
"versionEndExcluding": "5.13.10",
"matchCriteriaId": "D266549E-02B0-4658-9D29-FD3AEE49676F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zoom:zoom:*:*:*:*:*:iphone_os:*:*",
"versionEndExcluding": "5.13.10",
"matchCriteriaId": "7BE1C2CD-27E1-4F54-B0DF-87A509B91CEF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zoom:zoom:*:*:*:*:*:linux:*:*",
"versionEndExcluding": "5.13.10",
"matchCriteriaId": "DB1E61AA-28D0-4F15-857E-D647EF0EEA8E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zoom:zoom:*:*:*:*:*:macos:*:*",
"versionEndExcluding": "5.13.10",
"matchCriteriaId": "A4EF241A-A6BF-427F-AB42-013C8127944A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zoom:zoom:*:*:*:*:*:windows:*:*",
"versionEndExcluding": "5.13.10",
"matchCriteriaId": "4C67C911-6DC5-4443-8AA7-229C63E13D5C"
}
]
}
]
}
],
"references": [
{
"url": "https://explore.zoom.us/en/trust/security/security-bulletin/",
"source": "security@zoom.us"
"source": "security@zoom.us",
"tags": [
"Vendor Advisory"
]
}
]
}

57
CVE-2023/CVE-2023-286xx/CVE-2023-28600.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28600",
"sourceIdentifier": "security@zoom.us",
"published": "2023-06-13T18:15:21.533",
"lastModified": "2023-06-13T18:27:41.330",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-21T20:52:50.547",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
},
{
"source": "security@zoom.us",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
},
{
"source": "security@zoom.us",
"type": "Secondary",
@ -46,10 +76,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zoom:zoom:*:*:*:*:*:macos:*:*",
"versionEndExcluding": "5.14.0",
"matchCriteriaId": "E607D9D5-AE32-4377-9AA5-9B44DC161882"
}
]
}
]
}
],
"references": [
{
"url": "https://explore.zoom.us/en/trust/security/security-bulletin/",
"source": "security@zoom.us"
"source": "security@zoom.us",
"tags": [
"Vendor Advisory"
]
}
]
}

57
CVE-2023/CVE-2023-286xx/CVE-2023-28601.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28601",
"sourceIdentifier": "security@zoom.us",
"published": "2023-06-13T18:15:21.613",
"lastModified": "2023-06-13T18:27:41.330",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-21T20:53:18.250",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "security@zoom.us",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-119"
}
]
},
{
"source": "security@zoom.us",
"type": "Secondary",
@ -46,10 +76,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zoom:zoom:*:*:*:*:*:windows:*:*",
"versionEndExcluding": "5.14.0",
"matchCriteriaId": "2EEE52E3-E80E-4CD2-B778-95F513E5EBFF"
}
]
}
]
}
],
"references": [
{
"url": "https://explore.zoom.us/en/trust/security/security-bulletin/",
"source": "security@zoom.us"
"source": "security@zoom.us",
"tags": [
"Vendor Advisory"
]
}
]
}

57
CVE-2023/CVE-2023-286xx/CVE-2023-28602.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28602",
"sourceIdentifier": "security@zoom.us",
"published": "2023-06-13T18:15:21.683",
"lastModified": "2023-06-13T18:27:41.330",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-21T20:53:37.857",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.1,
"impactScore": 4.0
},
{
"source": "security@zoom.us",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-347"
}
]
},
{
"source": "security@zoom.us",
"type": "Secondary",
@ -46,10 +76,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zoom:zoom:*:*:*:*:*:windows:*:*",
"versionEndExcluding": "5.13.5",
"matchCriteriaId": "DDDF143E-324E-4D0C-83D1-2E66DDE760E2"
}
]
}
]
}
],
"references": [
{
"url": "https://explore.zoom.us/en/trust/security/security-bulletin/",
"source": "security@zoom.us"
"source": "security@zoom.us",
"tags": [
"Vendor Advisory"
]
}
]
}

69
CVE-2023/CVE-2023-286xx/CVE-2023-28603.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28603",
"sourceIdentifier": "security@zoom.us",
"published": "2023-06-13T18:15:21.760",
"lastModified": "2023-06-13T18:27:41.330",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-21T20:53:55.603",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2
},
{
"source": "security@zoom.us",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
},
{
"source": "security@zoom.us",
"type": "Secondary",
@ -46,10 +76,43 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zoom:virtual_desktop_infrastructure:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.14.0",
"matchCriteriaId": "E5FF7C01-346E-4FF6-BDDF-6B642EE08130"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://explore.zoom.us/en/trust/security/security-bulletin/",
"source": "security@zoom.us"
"source": "security@zoom.us",
"tags": [
"Vendor Advisory"
]
}
]
}

6
CVE-2023/CVE-2023-28xx/CVE-2023-2828.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-2828",
"sourceIdentifier": "security-officer@isc.org",
"published": "2023-06-21T17:15:47.703",
"lastModified": "2023-06-21T18:57:48.280",
"lastModified": "2023-06-21T21:15:11.027",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -35,6 +35,10 @@
]
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2023/06/21/6",
"source": "security-officer@isc.org"
},
{
"url": "https://kb.isc.org/docs/cve-2023-2828",
"source": "security-officer@isc.org"

6
CVE-2023/CVE-2023-29xx/CVE-2023-2911.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-2911",
"sourceIdentifier": "security-officer@isc.org",
"published": "2023-06-21T17:15:47.827",
"lastModified": "2023-06-21T18:57:48.280",
"lastModified": "2023-06-21T21:15:11.177",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -35,6 +35,10 @@
]
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2023/06/21/6",
"source": "security-officer@isc.org"
},
{
"url": "https://kb.isc.org/docs/cve-2023-2911",
"source": "security-officer@isc.org"

72
CVE-2023/CVE-2023-306xx/CVE-2023-30631.json
View File

@ -2,19 +2,52 @@
"id": "CVE-2023-30631",
"sourceIdentifier": "security@apache.org",
"published": "2023-06-14T08:15:09.257",
"lastModified": "2023-06-14T12:54:19.587",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-21T21:05:24.670",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Improper Input Validation vulnerability in Apache Software Foundation Apache Traffic Server.\u00a0 The configuration option\u00a0proxy.config.http.push_method_enabled didn't function.\u00a0 However, by default the PUSH method is blocked in the ip_allow configuration file.This issue affects Apache Traffic Server: from 8.0.0 through 9.2.0.\n\n8.x users should upgrade to 8.1.7 or later versions\n9.x users should upgrade to 9.2.1 or later versions\n\n\n"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security@apache.org",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "security@apache.org",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -23,10 +56,39 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.0.0",
"versionEndExcluding": "8.1.7",
"matchCriteriaId": "87C4AE80-E393-43C0-B0CD-AFDDFBCCD5B1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.0.0",
"versionEndExcluding": "9.2.1",
"matchCriteriaId": "79200A3A-6182-458E-9E10-878ABF67B593"
}
]
}
]
}
],
"references": [
{
"url": "https://lists.apache.org/thread/tns2b4khyyncgs5v5p9y35pobg9z2bvs",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List"
]
}
]
}

47
CVE-2023/CVE-2023-30xx/CVE-2023-3001.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3001",
"sourceIdentifier": "cybersecurity@se.com",
"published": "2023-06-14T08:15:09.577",
"lastModified": "2023-06-14T12:54:19.587",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-21T21:06:51.690",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "cybersecurity@se.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:schneider-electric:igss_dashboard:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.0.0.23131",
"matchCriteriaId": "F22D5911-1789-4820-82FB-F3A1225748AF"
}
]
}
]
}
],
"references": [
{
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-164-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-164-02.pdf",
"source": "cybersecurity@se.com"
"source": "cybersecurity@se.com",
"tags": [
"Vendor Advisory"
]
}
]
}

22
CVE-2023/CVE-2023-319xx/CVE-2023-31975.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-31975",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-09T13:15:18.590",
"lastModified": "2023-06-21T15:15:09.577",
"lastModified": "2023-06-21T21:15:11.250",
"vulnStatus": "Modified",
"descriptions": [
{
@ -68,10 +68,30 @@
"url": "http://www.openwall.com/lists/oss-security/2023/06/20/6",
"source": "cve@mitre.org"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/06/21/10",
"source": "cve@mitre.org"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/06/21/2",
"source": "cve@mitre.org"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/06/21/5",
"source": "cve@mitre.org"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/06/21/7",
"source": "cve@mitre.org"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/06/21/8",
"source": "cve@mitre.org"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/06/21/9",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/yasm/yasm/issues/210",
"source": "cve@mitre.org",

59
CVE-2023/CVE-2023-31xx/CVE-2023-3110.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-3110",
"sourceIdentifier": "product-security@silabs.com",
"published": "2023-06-21T20:15:10.263",
"lastModified": "2023-06-21T20:15:10.263",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Description: A vulnerability in SiLabs Unify Gateway 1.3.1 and earlier allows an unauthenticated attacker within Z-Wave range to overflow a stack buffer, leading to arbitrary code execution."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "product-security@silabs.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.6,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 2.8,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "product-security@silabs.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-119"
},
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"references": [
{
"url": "https://siliconlabs.lightning.force.com/sfc/servlet.shepherd/document/download/0698Y00000V6HZzQAN?operationContext=S1",
"source": "product-security@silabs.com"
}
]
}

63
CVE-2023/CVE-2023-32xx/CVE-2023-3235.json
View File

@ -2,15 +2,41 @@
"id": "CVE-2023-3235",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-06-14T07:15:09.510",
"lastModified": "2023-06-14T12:54:19.587",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-21T20:54:16.250",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in mccms up to 2.6.5. It has been rated as critical. Affected by this issue is the function pic_api of the file sys/apps/controllers/admin/Comic.php. The manipulation of the argument url leads to server-side request forgery. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-231506 is the identifier assigned to this vulnerability."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad en mccms hasta la versi\u00f3n 2.6.5. Ha sido calificada como cr\u00edtica. Este problema afecta a la funci\u00f3n \"pic_api\" del archivo \"sys/apps/controllers/admin/Comic.php\". La manipulaci\u00f3n del argumento \"url\" conduce a una falsificaci\u00f3n de petici\u00f3n del lado del servidor. El ataque puede lanzarse de forma remota. El exploit ha sido revelado al p\u00fablico y puede ser utilizado. El identificador asignado a esta vulnerabilidad es VDB-231506. "
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,18 +97,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:chshcms:mccms:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2.6.5",
"matchCriteriaId": "8FE5F957-26A2-4B9B-B22D-7F3954F2203D"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/HuBenLab/HuBenVulList/blob/main/MCCMS%20is%20vulnerable%20to%20Server-side%20request%20forgery%20(SSRF)%201.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
},
{
"url": "https://vuldb.com/?ctiid.231506",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://vuldb.com/?id.231506",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required"
]
}
]
}

63
CVE-2023/CVE-2023-32xx/CVE-2023-3236.json
View File

@ -2,15 +2,41 @@
"id": "CVE-2023-3236",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-06-14T07:15:09.580",
"lastModified": "2023-06-14T12:54:19.587",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-21T20:52:15.233",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical has been found in mccms up to 2.6.5. This affects the function pic_save of the file sys/apps/controllers/admin/Comic.php. The manipulation of the argument pic leads to server-side request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-231507."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad clasificada como cr\u00edtica en mccms hasta la versi\u00f3n 2.6.5. Afecta a la funci\u00f3n \"pic_save\" del fichero \"sys/apps/controllers/admin/Comic.php\". La manipulaci\u00f3n del argumento \"pic\" conduce a una falsificaci\u00f3n de petici\u00f3n del lado del servidor. Es posible iniciar el ataque de forma remota. El exploit ha sido revelado al p\u00fablico y puede ser utilizado. El identificador asociado de esta vulnerabilidad es VDB-231507. "
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,18 +97,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:chshcms:mccms:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2.6.5",
"matchCriteriaId": "8FE5F957-26A2-4B9B-B22D-7F3954F2203D"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/HuBenLab/HuBenVulList/blob/main/MCCMS%20is%20vulnerable%20to%20Server-side%20request%20forgery%20(SSRF)%202.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
},
{
"url": "https://vuldb.com/?ctiid.231507",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://vuldb.com/?id.231507",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required"
]
}
]
}

92
CVE-2023/CVE-2023-331xx/CVE-2023-33121.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-33121",
"sourceIdentifier": "productcert@siemens.com",
"published": "2023-06-13T09:15:18.323",
"lastModified": "2023-06-13T13:00:42.717",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-21T20:15:37.563",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "productcert@siemens.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
},
{
"source": "productcert@siemens.com",
"type": "Secondary",
@ -46,10 +76,66 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:siemens:jt2go:*:*:*:*:*:*:*:*",
"versionEndExcluding": "14.2.0.3",
"matchCriteriaId": "64B11DAF-8FFB-4696-85E5-67853B8A91F4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:siemens:teamcenter_visualization:*:*:*:*:*:*:*:*",
"versionEndExcluding": "13.2.0.13",
"matchCriteriaId": "29CAB414-2971-4974-9F19-1809F33B9715"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:siemens:teamcenter_visualization:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.3.0",
"versionEndExcluding": "13.3.0.10",
"matchCriteriaId": "CAC2B735-3298-4B79-B98F-21916EE7926F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:siemens:teamcenter_visualization:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0",
"versionEndExcluding": "14.0.0.6",
"matchCriteriaId": "63AC2AB5-3593-4922-A4CC-E5E0E35DE071"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:siemens:teamcenter_visualization:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.1",
"versionEndExcluding": "14.1.0.8",
"matchCriteriaId": "F7D64A7C-AF27-4E09-9455-98BBF231CAF5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:siemens:teamcenter_visualization:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.2",
"versionEndExcluding": "14.2.0.3",
"matchCriteriaId": "A5D5D267-7DE4-4116-878D-4422D9B5E7FD"
}
]
}
]
}
],
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538795.pdf",
"source": "productcert@siemens.com"
"source": "productcert@siemens.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

92
CVE-2023/CVE-2023-331xx/CVE-2023-33122.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-33122",
"sourceIdentifier": "productcert@siemens.com",
"published": "2023-06-13T09:15:18.380",
"lastModified": "2023-06-13T13:00:42.717",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-21T20:32:43.770",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "productcert@siemens.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
},
{
"source": "productcert@siemens.com",
"type": "Secondary",
@ -46,10 +76,66 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:siemens:jt2go:*:*:*:*:*:*:*:*",
"versionEndExcluding": "14.2.0.3",
"matchCriteriaId": "64B11DAF-8FFB-4696-85E5-67853B8A91F4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:siemens:teamcenter_visualization:*:*:*:*:*:*:*:*",
"versionEndExcluding": "13.2.0.13",
"matchCriteriaId": "29CAB414-2971-4974-9F19-1809F33B9715"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:siemens:teamcenter_visualization:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.3.0",
"versionEndExcluding": "13.3.0.10",
"matchCriteriaId": "CAC2B735-3298-4B79-B98F-21916EE7926F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:siemens:teamcenter_visualization:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0",
"versionEndExcluding": "14.0.0.6",
"matchCriteriaId": "63AC2AB5-3593-4922-A4CC-E5E0E35DE071"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:siemens:teamcenter_visualization:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.1",
"versionEndExcluding": "14.1.0.8",
"matchCriteriaId": "F7D64A7C-AF27-4E09-9455-98BBF231CAF5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:siemens:teamcenter_visualization:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.2",
"versionEndExcluding": "14.2.0.3",
"matchCriteriaId": "A5D5D267-7DE4-4116-878D-4422D9B5E7FD"
}
]
}
]
}
],
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538795.pdf",
"source": "productcert@siemens.com"
"source": "productcert@siemens.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

93
CVE-2023/CVE-2023-331xx/CVE-2023-33123.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-33123",
"sourceIdentifier": "productcert@siemens.com",
"published": "2023-06-13T09:15:18.437",
"lastModified": "2023-06-13T13:00:42.717",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-21T20:37:57.867",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "productcert@siemens.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
},
{
"source": "productcert@siemens.com",
"type": "Secondary",
@ -46,10 +76,67 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:siemens:jt2go:*:*:*:*:*:*:*:*",
"versionEndExcluding": "14.2.0.3",
"matchCriteriaId": "64B11DAF-8FFB-4696-85E5-67853B8A91F4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:siemens:teamcenter_visualization:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.2.0",
"versionEndExcluding": "13.2.0.13",
"matchCriteriaId": "FC06105E-8D31-4AFD-88C6-2E58D01CFFE8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:siemens:teamcenter_visualization:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.3.0",
"versionEndExcluding": "13.3.0.10",
"matchCriteriaId": "CAC2B735-3298-4B79-B98F-21916EE7926F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:siemens:teamcenter_visualization:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0",
"versionEndExcluding": "14.0.0.6",
"matchCriteriaId": "63AC2AB5-3593-4922-A4CC-E5E0E35DE071"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:siemens:teamcenter_visualization:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.1",
"versionEndExcluding": "14.1.0.8",
"matchCriteriaId": "F7D64A7C-AF27-4E09-9455-98BBF231CAF5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:siemens:teamcenter_visualization:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.2",
"versionEndExcluding": "14.2.0.3",
"matchCriteriaId": "A5D5D267-7DE4-4116-878D-4422D9B5E7FD"
}
]
}
]
}
],
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538795.pdf",
"source": "productcert@siemens.com"
"source": "productcert@siemens.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

93
CVE-2023/CVE-2023-331xx/CVE-2023-33124.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-33124",
"sourceIdentifier": "productcert@siemens.com",
"published": "2023-06-13T09:15:18.500",
"lastModified": "2023-06-13T13:00:42.717",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-21T20:40:11.047",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "productcert@siemens.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "productcert@siemens.com",
"type": "Secondary",
@ -46,10 +76,67 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:siemens:jt2go:*:*:*:*:*:*:*:*",
"versionEndExcluding": "14.2.0.3",
"matchCriteriaId": "64B11DAF-8FFB-4696-85E5-67853B8A91F4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:siemens:teamcenter_visualization:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.2.0",
"versionEndExcluding": "13.2.0.13",
"matchCriteriaId": "FC06105E-8D31-4AFD-88C6-2E58D01CFFE8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:siemens:teamcenter_visualization:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.3.0",
"versionEndExcluding": "13.3.0.10",
"matchCriteriaId": "CAC2B735-3298-4B79-B98F-21916EE7926F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:siemens:teamcenter_visualization:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0",
"versionEndExcluding": "14.0.0.6",
"matchCriteriaId": "63AC2AB5-3593-4922-A4CC-E5E0E35DE071"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:siemens:teamcenter_visualization:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.1",
"versionEndExcluding": "14.1.0.8",
"matchCriteriaId": "F7D64A7C-AF27-4E09-9455-98BBF231CAF5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:siemens:teamcenter_visualization:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.2",
"versionEndExcluding": "14.2.0.3",
"matchCriteriaId": "A5D5D267-7DE4-4116-878D-4422D9B5E7FD"
}
]
}
]
}
],
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-538795.pdf",
"source": "productcert@siemens.com"
"source": "productcert@siemens.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

44
CVE-2023/CVE-2023-331xx/CVE-2023-33130.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-33130",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-06-14T00:15:12.027",
"lastModified": "2023-06-14T03:37:44.217",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-21T20:00:34.317",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -34,10 +34,48 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sharepoint_server:-:*:*:*:subscription:*:*:*",
"matchCriteriaId": "AC8BB33F-44C4-41FE-8B17-68E3C4B38142"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sharepoint_server:2019:*:*:*:*:*:*:*",
"matchCriteriaId": "6122D014-5BF1-4AF4-8B4D-80205ED7785E"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33130",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

100
CVE-2023/CVE-2023-331xx/CVE-2023-33139.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-33139",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-06-14T00:15:12.380",
"lastModified": "2023-06-14T03:37:44.217",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-21T20:48:34.533",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -34,10 +34,104 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:visual_studio:2015:update3:*:*:*:*:*:*",
"matchCriteriaId": "62FE95C2-066B-491D-82BF-3EF173822B2F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:visual_studio:2015:update5:*:*:*:*:*:*",
"matchCriteriaId": "647EBBAA-C731-4954-A62C-2B1AAFB1061C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*",
"versionStartIncluding": "15.0",
"versionEndExcluding": "15.8",
"matchCriteriaId": "AB877090-2FA4-4E6A-99D1-70375A3AD90E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:visual_studio_2017:*:*:*:*:*:*:*:*",
"versionStartIncluding": "15.9",
"versionEndExcluding": "15.9.55",
"matchCriteriaId": "979A6A3D-64F8-4099-A00D-16F5BAC2BD79"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0",
"versionEndIncluding": "16.10",
"matchCriteriaId": "26472C42-CDB4-4176-B10B-3BF26F5030E3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:visual_studio_2019:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.11",
"versionEndExcluding": "16.11.27",
"matchCriteriaId": "DFF8A760-E6E1-483D-A955-102A8D82B62C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*",
"versionStartIncluding": "17.0",
"versionEndExcluding": "17.0.22",
"matchCriteriaId": "2B1F98BC-0D82-4AEB-9E1E-D67325E99385"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*",
"versionStartIncluding": "17.2",
"versionEndExcluding": "17.2.16",
"matchCriteriaId": "B6B0B496-BC41-4F9D-9A28-AE7664B5C77D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*",
"versionStartIncluding": "17.4",
"versionEndExcluding": "17.4.8",
"matchCriteriaId": "BC861E65-1682-4E99-8A7B-F4A31DDC0198"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*",
"versionStartIncluding": "17.6",
"versionEndExcluding": "17.6.3",
"matchCriteriaId": "51DB90D6-C1C4-43B9-8B37-696CB361F37F"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33139",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

61
CVE-2023/CVE-2023-331xx/CVE-2023-33140.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-33140",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-06-14T00:15:12.433",
"lastModified": "2023-06-14T03:37:44.217",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-21T20:49:19.923",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -13,8 +13,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "secure@microsoft.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
@ -34,10 +54,43 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:onenote:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E92C5E61-C3A9-46BE-ABA1-2B83E68F9929"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33140",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

44
CVE-2023/CVE-2023-331xx/CVE-2023-33142.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-33142",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-06-14T00:15:12.487",
"lastModified": "2023-06-14T03:37:44.217",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-21T20:49:40.860",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -34,10 +34,48 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sharepoint_server:-:*:*:*:subscription:*:*:*",
"matchCriteriaId": "AC8BB33F-44C4-41FE-8B17-68E3C4B38142"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sharepoint_server:2019:*:*:*:*:*:*:*",
"matchCriteriaId": "6122D014-5BF1-4AF4-8B4D-80205ED7785E"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33142",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

62
CVE-2023/CVE-2023-331xx/CVE-2023-33144.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-33144",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-06-14T00:15:12.543",
"lastModified": "2023-06-14T03:37:44.217",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-21T20:50:06.800",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -13,8 +13,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.6,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.3,
"impactScore": 5.2
},
{
"source": "secure@microsoft.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
@ -34,10 +54,44 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:visual_studio_code:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.79",
"matchCriteriaId": "EE635D60-B446-4D65-902F-9F018658588E"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33144",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

40
CVE-2023/CVE-2023-331xx/CVE-2023-33145.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-33145",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-06-14T00:15:12.597",
"lastModified": "2023-06-14T03:37:44.217",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-21T20:50:33.723",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -34,10 +34,44 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:edge_chromium:*:*:*:*:*:*:*:*",
"versionEndExcluding": "114.0.1823.51",
"matchCriteriaId": "7B1E3F04-D235-4ADD-9AC7-E969558A6E5B"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33145",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

54
CVE-2023/CVE-2023-331xx/CVE-2023-33146.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-33146",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-06-14T00:15:12.653",
"lastModified": "2023-06-14T03:37:44.217",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-21T20:50:46.633",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -34,10 +34,58 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x64:*",
"matchCriteriaId": "3259EBFE-AE2D-48B8-BE9A-E22BBDB31378"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x86:*",
"matchCriteriaId": "CD25F492-9272-4836-832C-8439EBE64CCF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:office:2019:*:*:*:*:macos:*:*",
"matchCriteriaId": "40961B9E-80B6-42E0-A876-58B3CE056E4E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:macos:*:*",
"matchCriteriaId": "BF0E8112-5B6F-4E55-8E40-38ADCF6FC654"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33146",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

28
CVE-2023/CVE-2023-332xx/CVE-2023-33289.json Normal file
View File

@ -0,0 +1,28 @@
{
"id": "CVE-2023-33289",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-21T20:15:10.157",
"lastModified": "2023-06-21T20:15:10.157",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The urlnorm crate through 0.1.4 for Rust allows Regular Expression Denial of Service (ReDos) via a crafted URL to lib.rs."
}
],
"metrics": {},
"references": [
{
"url": "https://gist.github.com/6en6ar/b118888dc739e8979038f24c8ac33611",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/progscrape/urlnorm",
"source": "cve@mitre.org"
},
{
"url": "https://lib.rs/crates/urlnorm",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-334xx/CVE-2023-33405.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-33405",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-21T21:15:11.357",
"lastModified": "2023-06-21T21:15:11.357",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Blogengine.net 3.3.8.0 and earlier is vulnerable to Open Redirect."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/hacip/CVE-2023-33405",
"source": "cve@mitre.org"
}
]
}

24
CVE-2023/CVE-2023-335xx/CVE-2023-33591.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-33591",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-21T20:15:10.213",
"lastModified": "2023-06-21T20:15:10.213",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "User Registration & Login and User Management System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /admin/search-result.php."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/DARSHANAGUPTA10/CVE/blob/main/CVE%202023-33591",
"source": "cve@mitre.org"
},
{
"url": "https://phpgurukul.com/user-registration-login-and-user-management-system-with-admin-panel/",
"source": "cve@mitre.org"
}
]
}

72
CVE-2023/CVE-2023-339xx/CVE-2023-33933.json
View File

@ -2,19 +2,52 @@
"id": "CVE-2023-33933",
"sourceIdentifier": "security@apache.org",
"published": "2023-06-14T08:15:09.323",
"lastModified": "2023-06-14T12:54:19.587",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-21T21:05:39.700",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache Traffic Server.This issue affects Apache Traffic Server: from 8.0.0 through 9.2.0.\n\n8.x users should upgrade to 8.1.7 or later versions\n9.x users should upgrade to 9.2.1 or later versions\n\n\n"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security@apache.org",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "security@apache.org",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -23,10 +56,39 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.0.0",
"versionEndExcluding": "8.1.7",
"matchCriteriaId": "87C4AE80-E393-43C0-B0CD-AFDDFBCCD5B1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:traffic_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.0.0",
"versionEndExcluding": "9.2.1",
"matchCriteriaId": "79200A3A-6182-458E-9E10-878ABF67B593"
}
]
}
]
}
],
"references": [
{
"url": "https://lists.apache.org/thread/tns2b4khyyncgs5v5p9y35pobg9z2bvs",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List"
]
}
]
}

52
CVE-2023/CVE-2023-340xx/CVE-2023-34000.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34000",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-06-14T08:15:09.377",
"lastModified": "2023-06-14T12:54:19.587",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-21T21:06:14.600",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,14 +66,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:woocommerce:stripe_payment_gateway:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "7.4.1",
"matchCriteriaId": "13004F00-4F5F-4138-B33E-B7951053F5A1"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/articles/unauthenticated-idor-to-pii-disclosure-vulnerability-in-woocommerce-stripe-gateway-plugin?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Exploit"
]
},
{
"url": "https://patchstack.com/database/vulnerability/woocommerce-gateway-stripe/wordpress-woocommerce-stripe-payment-gateway-plugin-7-4-0-insecure-direct-object-references-idor-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

57
CVE-2023/CVE-2023-341xx/CVE-2023-34113.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34113",
"sourceIdentifier": "security@zoom.us",
"published": "2023-06-13T18:15:21.840",
"lastModified": "2023-06-13T18:27:41.330",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-21T20:54:16.867",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "security@zoom.us",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-345"
}
]
},
{
"source": "security@zoom.us",
"type": "Secondary",
@ -46,10 +76,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zoom:zoom:*:*:*:*:*:windows:*:*",
"versionEndExcluding": "5.14.0",
"matchCriteriaId": "2EEE52E3-E80E-4CD2-B778-95F513E5EBFF"
}
]
}
]
}
],
"references": [
{
"url": "https://explore.zoom.us/en/trust/security/security-bulletin/",
"source": "security@zoom.us"
"source": "security@zoom.us",
"tags": [
"Vendor Advisory"
]
}
]
}

63
CVE-2023/CVE-2023-341xx/CVE-2023-34114.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34114",
"sourceIdentifier": "security@zoom.us",
"published": "2023-06-13T19:15:09.427",
"lastModified": "2023-06-13T21:27:45.680",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-21T21:02:32.257",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "security@zoom.us",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-668"
}
]
},
{
"source": "security@zoom.us",
"type": "Secondary",
@ -46,10 +76,37 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zoom:zoom:*:*:*:*:*:macos:*:*",
"versionEndExcluding": "5.14.10",
"matchCriteriaId": "6B3D7B50-B13B-45D3-AE2C-7EBB1DE30FA4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zoom:zoom:*:*:*:*:*:windows:*:*",
"versionEndExcluding": "5.14.10",
"matchCriteriaId": "B2DE0D4A-F97E-41D3-9906-427BEFFBDB8F"
}
]
}
]
}
],
"references": [
{
"url": "https://explore.zoom.us/en/trust/security/security-bulletin/",
"source": "security@zoom.us"
"source": "security@zoom.us",
"tags": [
"Vendor Advisory"
]
}
]
}

69
CVE-2023/CVE-2023-341xx/CVE-2023-34120.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34120",
"sourceIdentifier": "security@zoom.us",
"published": "2023-06-13T18:15:21.913",
"lastModified": "2023-06-13T18:27:41.330",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-21T20:54:35.730",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "security@zoom.us",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "security@zoom.us",
"type": "Secondary",
@ -46,10 +76,43 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zoom:virtual_desktop_infrastructure:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.14.0",
"matchCriteriaId": "E5FF7C01-346E-4FF6-BDDF-6B642EE08130"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://explore.zoom.us/en/trust/security/security-bulletin/",
"source": "security@zoom.us"
"source": "security@zoom.us",
"tags": [
"Vendor Advisory"
]
}
]
}

92
CVE-2023/CVE-2023-341xx/CVE-2023-34121.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34121",
"sourceIdentifier": "security@zoom.us",
"published": "2023-06-13T18:15:21.987",
"lastModified": "2023-06-13T18:27:41.330",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-21T20:54:52.100",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "security@zoom.us",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "security@zoom.us",
"type": "Secondary",
@ -46,10 +76,66 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zoom:rooms:*:*:*:*:*:windows:*:*",
"versionEndExcluding": "5.14.0",
"matchCriteriaId": "3B7131D9-0B21-4DC3-A7FF-C318D862211C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zoom:zoom:*:*:*:*:*:windows:*:*",
"versionEndExcluding": "5.14.0",
"matchCriteriaId": "2EEE52E3-E80E-4CD2-B778-95F513E5EBFF"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zoom:virtual_desktop_infrastructure:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.14.0",
"matchCriteriaId": "E5FF7C01-346E-4FF6-BDDF-6B642EE08130"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://explore.zoom.us/en/trust/security/security-bulletin/",
"source": "security@zoom.us"
"source": "security@zoom.us",
"tags": [
"Vendor Advisory"
]
}
]
}

57
CVE-2023/CVE-2023-341xx/CVE-2023-34122.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34122",
"sourceIdentifier": "security@zoom.us",
"published": "2023-06-13T18:15:22.053",
"lastModified": "2023-06-13T18:27:41.330",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-21T20:55:04.803",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "security@zoom.us",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "security@zoom.us",
"type": "Secondary",
@ -46,10 +76,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zoom:zoom:*:*:*:*:*:windows:*:*",
"versionEndExcluding": "5.14.0",
"matchCriteriaId": "2EEE52E3-E80E-4CD2-B778-95F513E5EBFF"
}
]
}
]
}
],
"references": [
{
"url": "https://explore.zoom.us/en/trust/security/security-bulletin/",
"source": "security@zoom.us"
"source": "security@zoom.us",
"tags": [
"Vendor Advisory"
]
}
]
}

59
CVE-2023/CVE-2023-341xx/CVE-2023-34149.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34149",
"sourceIdentifier": "security@apache.org",
"published": "2023-06-14T08:15:09.450",
"lastModified": "2023-06-14T15:15:10.147",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-21T21:06:26.343",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "security@apache.org",
"type": "Secondary",
@ -46,14 +66,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:struts:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.5.31",
"matchCriteriaId": "D75F74D6-E223-41BA-86B4-5BADF2B48692"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:struts:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.0.0",
"versionEndExcluding": "6.1.2.1",
"matchCriteriaId": "158CD586-162F-41A6-97B5-62D5F59B656E"
}
]
}
]
}
],
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2023/06/14/2",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List"
]
},
{
"url": "https://cwiki.apache.org/confluence/display/WW/S2-063",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Vendor Advisory"
]
}
]
}

59
CVE-2023/CVE-2023-343xx/CVE-2023-34396.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34396",
"sourceIdentifier": "security@apache.org",
"published": "2023-06-14T08:15:09.520",
"lastModified": "2023-06-14T15:15:10.217",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-21T21:06:39.670",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "security@apache.org",
"type": "Secondary",
@ -46,14 +66,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:struts:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.5.31",
"matchCriteriaId": "D75F74D6-E223-41BA-86B4-5BADF2B48692"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:struts:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.0.0",
"versionEndExcluding": "6.1.2.1",
"matchCriteriaId": "158CD586-162F-41A6-97B5-62D5F59B656E"
}
]
}
]
}
],
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2023/06/14/3",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List"
]
},
{
"url": "https://cwiki.apache.org/confluence/display/WW/S2-064",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Vendor Advisory"
]
}
]
}

70
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-06-21T20:00:28.196802+00:00
2023-06-21T22:00:29.200365+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-06-21T19:58:38.217000+00:00
2023-06-21T21:15:11.357000+00:00
```
### Last Data Feed Release
@ -29,44 +29,54 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
218191
218201
```
### CVEs added in the last Commit
Recently added CVEs: `0`
Recently added CVEs: `10`
* [CVE-2023-0969](CVE-2023/CVE-2023-09xx/CVE-2023-0969.json) (`2023-06-21T20:15:09.660`)
* [CVE-2023-0970](CVE-2023/CVE-2023-09xx/CVE-2023-0970.json) (`2023-06-21T20:15:09.843`)
* [CVE-2023-0971](CVE-2023/CVE-2023-09xx/CVE-2023-0971.json) (`2023-06-21T20:15:09.943`)
* [CVE-2023-0972](CVE-2023/CVE-2023-09xx/CVE-2023-0972.json) (`2023-06-21T20:15:10.023`)
* [CVE-2023-25435](CVE-2023/CVE-2023-254xx/CVE-2023-25435.json) (`2023-06-21T20:15:10.100`)
* [CVE-2023-33289](CVE-2023/CVE-2023-332xx/CVE-2023-33289.json) (`2023-06-21T20:15:10.157`)
* [CVE-2023-33591](CVE-2023/CVE-2023-335xx/CVE-2023-33591.json) (`2023-06-21T20:15:10.213`)
* [CVE-2023-3110](CVE-2023/CVE-2023-31xx/CVE-2023-3110.json) (`2023-06-21T20:15:10.263`)
* [CVE-2023-24261](CVE-2023/CVE-2023-242xx/CVE-2023-24261.json) (`2023-06-21T21:15:10.867`)
* [CVE-2023-33405](CVE-2023/CVE-2023-334xx/CVE-2023-33405.json) (`2023-06-21T21:15:11.357`)
### CVEs modified in the last Commit
Recently modified CVEs: `39`
Recently modified CVEs: `40`
* [CVE-2023-31195](CVE-2023/CVE-2023-311xx/CVE-2023-31195.json) (`2023-06-21T18:25:17.290`)
* [CVE-2023-34245](CVE-2023/CVE-2023-342xx/CVE-2023-34245.json) (`2023-06-21T18:37:03.310`)
* [CVE-2023-32017](CVE-2023/CVE-2023-320xx/CVE-2023-32017.json) (`2023-06-21T18:39:58.440`)
* [CVE-2023-32016](CVE-2023/CVE-2023-320xx/CVE-2023-32016.json) (`2023-06-21T18:41:33.663`)
* [CVE-2023-32014](CVE-2023/CVE-2023-320xx/CVE-2023-32014.json) (`2023-06-21T18:50:45.160`)
* [CVE-2023-27243](CVE-2023/CVE-2023-272xx/CVE-2023-27243.json) (`2023-06-21T18:57:48.280`)
* [CVE-2023-33725](CVE-2023/CVE-2023-337xx/CVE-2023-33725.json) (`2023-06-21T18:57:48.280`)
* [CVE-2023-0026](CVE-2023/CVE-2023-00xx/CVE-2023-0026.json) (`2023-06-21T18:57:48.280`)
* [CVE-2023-2828](CVE-2023/CVE-2023-28xx/CVE-2023-2828.json) (`2023-06-21T18:57:48.280`)
* [CVE-2023-2829](CVE-2023/CVE-2023-28xx/CVE-2023-2829.json) (`2023-06-21T18:57:48.280`)
* [CVE-2023-2911](CVE-2023/CVE-2023-29xx/CVE-2023-2911.json) (`2023-06-21T18:57:48.280`)
* [CVE-2023-29160](CVE-2023/CVE-2023-291xx/CVE-2023-29160.json) (`2023-06-21T18:57:51.187`)
* [CVE-2023-2603](CVE-2023/CVE-2023-26xx/CVE-2023-2603.json) (`2023-06-21T19:02:07.267`)
* [CVE-2023-3231](CVE-2023/CVE-2023-32xx/CVE-2023-3231.json) (`2023-06-21T19:11:26.607`)
* [CVE-2023-30082](CVE-2023/CVE-2023-300xx/CVE-2023-30082.json) (`2023-06-21T19:15:09.570`)
* [CVE-2023-33137](CVE-2023/CVE-2023-331xx/CVE-2023-33137.json) (`2023-06-21T19:18:58.407`)
* [CVE-2023-33135](CVE-2023/CVE-2023-331xx/CVE-2023-33135.json) (`2023-06-21T19:30:49.343`)
* [CVE-2023-33133](CVE-2023/CVE-2023-331xx/CVE-2023-33133.json) (`2023-06-21T19:31:52.523`)
* [CVE-2023-33132](CVE-2023/CVE-2023-331xx/CVE-2023-33132.json) (`2023-06-21T19:40:48.003`)
* [CVE-2023-33131](CVE-2023/CVE-2023-331xx/CVE-2023-33131.json) (`2023-06-21T19:42:39.463`)
* [CVE-2023-33129](CVE-2023/CVE-2023-331xx/CVE-2023-33129.json) (`2023-06-21T19:43:36.377`)
* [CVE-2023-32032](CVE-2023/CVE-2023-320xx/CVE-2023-32032.json) (`2023-06-21T19:45:21.513`)
* [CVE-2023-33126](CVE-2023/CVE-2023-331xx/CVE-2023-33126.json) (`2023-06-21T19:47:39.447`)
* [CVE-2023-33128](CVE-2023/CVE-2023-331xx/CVE-2023-33128.json) (`2023-06-21T19:48:19.337`)
* [CVE-2023-32029](CVE-2023/CVE-2023-320xx/CVE-2023-32029.json) (`2023-06-21T19:58:38.217`)
* [CVE-2023-24937](CVE-2023/CVE-2023-249xx/CVE-2023-24937.json) (`2023-06-21T20:51:00.080`)
* [CVE-2023-28598](CVE-2023/CVE-2023-285xx/CVE-2023-28598.json) (`2023-06-21T20:51:49.067`)
* [CVE-2023-3236](CVE-2023/CVE-2023-32xx/CVE-2023-3236.json) (`2023-06-21T20:52:15.233`)
* [CVE-2023-28599](CVE-2023/CVE-2023-285xx/CVE-2023-28599.json) (`2023-06-21T20:52:21.747`)
* [CVE-2023-28600](CVE-2023/CVE-2023-286xx/CVE-2023-28600.json) (`2023-06-21T20:52:50.547`)
* [CVE-2023-28601](CVE-2023/CVE-2023-286xx/CVE-2023-28601.json) (`2023-06-21T20:53:18.250`)
* [CVE-2023-28602](CVE-2023/CVE-2023-286xx/CVE-2023-28602.json) (`2023-06-21T20:53:37.857`)
* [CVE-2023-28603](CVE-2023/CVE-2023-286xx/CVE-2023-28603.json) (`2023-06-21T20:53:55.603`)
* [CVE-2023-3235](CVE-2023/CVE-2023-32xx/CVE-2023-3235.json) (`2023-06-21T20:54:16.250`)
* [CVE-2023-34113](CVE-2023/CVE-2023-341xx/CVE-2023-34113.json) (`2023-06-21T20:54:16.867`)
* [CVE-2023-34120](CVE-2023/CVE-2023-341xx/CVE-2023-34120.json) (`2023-06-21T20:54:35.730`)
* [CVE-2023-34121](CVE-2023/CVE-2023-341xx/CVE-2023-34121.json) (`2023-06-21T20:54:52.100`)
* [CVE-2023-34122](CVE-2023/CVE-2023-341xx/CVE-2023-34122.json) (`2023-06-21T20:55:04.803`)
* [CVE-2023-34114](CVE-2023/CVE-2023-341xx/CVE-2023-34114.json) (`2023-06-21T21:02:32.257`)
* [CVE-2023-27836](CVE-2023/CVE-2023-278xx/CVE-2023-27836.json) (`2023-06-21T21:02:52.600`)
* [CVE-2023-2570](CVE-2023/CVE-2023-25xx/CVE-2023-2570.json) (`2023-06-21T21:03:56.260`)
* [CVE-2023-30631](CVE-2023/CVE-2023-306xx/CVE-2023-30631.json) (`2023-06-21T21:05:24.670`)
* [CVE-2023-33933](CVE-2023/CVE-2023-339xx/CVE-2023-33933.json) (`2023-06-21T21:05:39.700`)
* [CVE-2023-34000](CVE-2023/CVE-2023-340xx/CVE-2023-34000.json) (`2023-06-21T21:06:14.600`)
* [CVE-2023-34149](CVE-2023/CVE-2023-341xx/CVE-2023-34149.json) (`2023-06-21T21:06:26.343`)
* [CVE-2023-34396](CVE-2023/CVE-2023-343xx/CVE-2023-34396.json) (`2023-06-21T21:06:39.670`)
* [CVE-2023-3001](CVE-2023/CVE-2023-30xx/CVE-2023-3001.json) (`2023-06-21T21:06:51.690`)
* [CVE-2023-2828](CVE-2023/CVE-2023-28xx/CVE-2023-2828.json) (`2023-06-21T21:15:11.027`)
* [CVE-2023-2911](CVE-2023/CVE-2023-29xx/CVE-2023-2911.json) (`2023-06-21T21:15:11.177`)
* [CVE-2023-31975](CVE-2023/CVE-2023-319xx/CVE-2023-31975.json) (`2023-06-21T21:15:11.250`)
## Download and Usage