mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-07-09 16:05:11 +00:00
Auto-Update: 2023-08-25T12:00:25.091616+00:00
This commit is contained in:
parent
85311d1fae
commit
582579afbe
55
CVE-2023/CVE-2023-243xx/CVE-2023-24394.json
Normal file
55
CVE-2023/CVE-2023-243xx/CVE-2023-24394.json
Normal file
@ -0,0 +1,55 @@
|
||||
{
|
||||
"id": "CVE-2023-24394",
|
||||
"sourceIdentifier": "audit@patchstack.com",
|
||||
"published": "2023-08-25T11:15:07.363",
|
||||
"lastModified": "2023-08-25T11:15:07.363",
|
||||
"vulnStatus": "Received",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gopi Ramasamy iframe popup plugin <=\u00a03.3 versions."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "audit@patchstack.com",
|
||||
"type": "Secondary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "HIGH",
|
||||
"userInteraction": "REQUIRED",
|
||||
"scope": "CHANGED",
|
||||
"confidentialityImpact": "LOW",
|
||||
"integrityImpact": "LOW",
|
||||
"availabilityImpact": "LOW",
|
||||
"baseScore": 5.9,
|
||||
"baseSeverity": "MEDIUM"
|
||||
},
|
||||
"exploitabilityScore": 1.7,
|
||||
"impactScore": 3.7
|
||||
}
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "audit@patchstack.com",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-79"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://patchstack.com/database/vulnerability/iframe-popup/wordpress-iframe-popup-plugin-3-3-cross-site-scripting-xss-vulnerability?_s_id=cve",
|
||||
"source": "audit@patchstack.com"
|
||||
}
|
||||
]
|
||||
}
|
55
CVE-2023/CVE-2023-256xx/CVE-2023-25649.json
Normal file
55
CVE-2023/CVE-2023-256xx/CVE-2023-25649.json
Normal file
@ -0,0 +1,55 @@
|
||||
{
|
||||
"id": "CVE-2023-25649",
|
||||
"sourceIdentifier": "psirt@zte.com.cn",
|
||||
"published": "2023-08-25T10:15:08.247",
|
||||
"lastModified": "2023-08-25T10:15:08.247",
|
||||
"vulnStatus": "Received",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "\nThere is a command injection vulnerability in a mobile internet product of ZTE. Due to insufficient validation of SET_DEVICE_LED interface parameter, an authenticated attacker could use the vulnerability to execute arbitrary commands.\n\n"
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "psirt@zte.com.cn",
|
||||
"type": "Secondary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
|
||||
"attackVector": "ADJACENT_NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "HIGH",
|
||||
"userInteraction": "NONE",
|
||||
"scope": "UNCHANGED",
|
||||
"confidentialityImpact": "HIGH",
|
||||
"integrityImpact": "HIGH",
|
||||
"availabilityImpact": "HIGH",
|
||||
"baseScore": 6.8,
|
||||
"baseSeverity": "MEDIUM"
|
||||
},
|
||||
"exploitabilityScore": 0.9,
|
||||
"impactScore": 5.9
|
||||
}
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "psirt@zte.com.cn",
|
||||
"type": "Secondary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-77"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1032544",
|
||||
"source": "psirt@zte.com.cn"
|
||||
}
|
||||
]
|
||||
}
|
55
CVE-2023/CVE-2023-259xx/CVE-2023-25981.json
Normal file
55
CVE-2023/CVE-2023-259xx/CVE-2023-25981.json
Normal file
@ -0,0 +1,55 @@
|
||||
{
|
||||
"id": "CVE-2023-25981",
|
||||
"sourceIdentifier": "audit@patchstack.com",
|
||||
"published": "2023-08-25T10:15:09.350",
|
||||
"lastModified": "2023-08-25T10:15:09.350",
|
||||
"vulnStatus": "Received",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in ThemeKraft Post Form plugin <=\u00a02.8.1 versions."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "audit@patchstack.com",
|
||||
"type": "Secondary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "LOW",
|
||||
"userInteraction": "REQUIRED",
|
||||
"scope": "CHANGED",
|
||||
"confidentialityImpact": "LOW",
|
||||
"integrityImpact": "LOW",
|
||||
"availabilityImpact": "LOW",
|
||||
"baseScore": 6.5,
|
||||
"baseSeverity": "MEDIUM"
|
||||
},
|
||||
"exploitabilityScore": 2.3,
|
||||
"impactScore": 3.7
|
||||
}
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "audit@patchstack.com",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-79"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://patchstack.com/database/vulnerability/buddyforms/wordpress-buddyforms-plugin-2-8-1-cross-site-scripting-xss-vulnerability?_s_id=cve",
|
||||
"source": "audit@patchstack.com"
|
||||
}
|
||||
]
|
||||
}
|
55
CVE-2023/CVE-2023-325xx/CVE-2023-32575.json
Normal file
55
CVE-2023/CVE-2023-325xx/CVE-2023-32575.json
Normal file
@ -0,0 +1,55 @@
|
||||
{
|
||||
"id": "CVE-2023-32575",
|
||||
"sourceIdentifier": "audit@patchstack.com",
|
||||
"published": "2023-08-25T11:15:08.177",
|
||||
"lastModified": "2023-08-25T11:15:08.177",
|
||||
"vulnStatus": "Received",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in PI Websolution Product page shipping calculator for WooCommerce plugin <=\u00a01.3.25 versions."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "audit@patchstack.com",
|
||||
"type": "Secondary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "HIGH",
|
||||
"userInteraction": "REQUIRED",
|
||||
"scope": "CHANGED",
|
||||
"confidentialityImpact": "LOW",
|
||||
"integrityImpact": "LOW",
|
||||
"availabilityImpact": "LOW",
|
||||
"baseScore": 5.9,
|
||||
"baseSeverity": "MEDIUM"
|
||||
},
|
||||
"exploitabilityScore": 1.7,
|
||||
"impactScore": 3.7
|
||||
}
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "audit@patchstack.com",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-79"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://patchstack.com/database/vulnerability/product-page-shipping-calculator-for-woocommerce/wordpress-product-page-shipping-calculator-for-woocommerce-plugin-1-3-25-cross-site-scripting-xss-vulnerability?_s_id=cve",
|
||||
"source": "audit@patchstack.com"
|
||||
}
|
||||
]
|
||||
}
|
55
CVE-2023/CVE-2023-325xx/CVE-2023-32595.json
Normal file
55
CVE-2023/CVE-2023-325xx/CVE-2023-32595.json
Normal file
@ -0,0 +1,55 @@
|
||||
{
|
||||
"id": "CVE-2023-32595",
|
||||
"sourceIdentifier": "audit@patchstack.com",
|
||||
"published": "2023-08-25T11:15:08.333",
|
||||
"lastModified": "2023-08-25T11:15:08.333",
|
||||
"vulnStatus": "Received",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Palasthotel by Edward Bock, Katharina Rompf Sunny Search plugin <=\u00a01.0.2 versions."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "audit@patchstack.com",
|
||||
"type": "Secondary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "HIGH",
|
||||
"userInteraction": "REQUIRED",
|
||||
"scope": "CHANGED",
|
||||
"confidentialityImpact": "LOW",
|
||||
"integrityImpact": "LOW",
|
||||
"availabilityImpact": "LOW",
|
||||
"baseScore": 5.9,
|
||||
"baseSeverity": "MEDIUM"
|
||||
},
|
||||
"exploitabilityScore": 1.7,
|
||||
"impactScore": 3.7
|
||||
}
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "audit@patchstack.com",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-79"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://patchstack.com/database/vulnerability/fast-search-powered-by-solr/wordpress-sunny-search-plugin-1-0-2-cross-site-scripting-xss-vulnerability?_s_id=cve",
|
||||
"source": "audit@patchstack.com"
|
||||
}
|
||||
]
|
||||
}
|
55
CVE-2023/CVE-2023-325xx/CVE-2023-32596.json
Normal file
55
CVE-2023/CVE-2023-325xx/CVE-2023-32596.json
Normal file
@ -0,0 +1,55 @@
|
||||
{
|
||||
"id": "CVE-2023-32596",
|
||||
"sourceIdentifier": "audit@patchstack.com",
|
||||
"published": "2023-08-25T11:15:08.497",
|
||||
"lastModified": "2023-08-25T11:15:08.497",
|
||||
"vulnStatus": "Received",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Wolfgang Ertl weebotLite plugin <=\u00a01.0.0 versions."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "audit@patchstack.com",
|
||||
"type": "Secondary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "HIGH",
|
||||
"userInteraction": "REQUIRED",
|
||||
"scope": "CHANGED",
|
||||
"confidentialityImpact": "LOW",
|
||||
"integrityImpact": "LOW",
|
||||
"availabilityImpact": "LOW",
|
||||
"baseScore": 5.9,
|
||||
"baseSeverity": "MEDIUM"
|
||||
},
|
||||
"exploitabilityScore": 1.7,
|
||||
"impactScore": 3.7
|
||||
}
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "audit@patchstack.com",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-79"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://patchstack.com/database/vulnerability/weebotlite/wordpress-weebotlite-plugin-1-0-0-cross-site-scripting-xss-vulnerability?_s_id=cve",
|
||||
"source": "audit@patchstack.com"
|
||||
}
|
||||
]
|
||||
}
|
55
CVE-2023/CVE-2023-44xx/CVE-2023-4478.json
Normal file
55
CVE-2023/CVE-2023-44xx/CVE-2023-4478.json
Normal file
@ -0,0 +1,55 @@
|
||||
{
|
||||
"id": "CVE-2023-4478",
|
||||
"sourceIdentifier": "responsibledisclosure@mattermost.com",
|
||||
"published": "2023-08-25T10:15:09.687",
|
||||
"lastModified": "2023-08-25T10:15:09.687",
|
||||
"vulnStatus": "Received",
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "Mattermost fails to restrict which parameters' values it takes from the request during signup allowing an attacker to register users as inactive, thus blocking them from later accessing Mattermost without the system admin activating their accounts.\n\n"
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "responsibledisclosure@mattermost.com",
|
||||
"type": "Secondary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "NONE",
|
||||
"userInteraction": "REQUIRED",
|
||||
"scope": "UNCHANGED",
|
||||
"confidentialityImpact": "NONE",
|
||||
"integrityImpact": "LOW",
|
||||
"availabilityImpact": "NONE",
|
||||
"baseScore": 4.3,
|
||||
"baseSeverity": "MEDIUM"
|
||||
},
|
||||
"exploitabilityScore": 2.8,
|
||||
"impactScore": 1.4
|
||||
}
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "responsibledisclosure@mattermost.com",
|
||||
"type": "Secondary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-74"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://mattermost.com/security-updates",
|
||||
"source": "responsibledisclosure@mattermost.com"
|
||||
}
|
||||
]
|
||||
}
|
24
README.md
24
README.md
@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
|
||||
### Last Repository Update
|
||||
|
||||
```plain
|
||||
2023-08-25T10:00:24.534288+00:00
|
||||
2023-08-25T12:00:25.091616+00:00
|
||||
```
|
||||
|
||||
### Most recent CVE Modification Timestamp synchronized with NVD
|
||||
|
||||
```plain
|
||||
2023-08-25T09:15:08.937000+00:00
|
||||
2023-08-25T11:15:08.497000+00:00
|
||||
```
|
||||
|
||||
### Last Data Feed Release
|
||||
@ -29,22 +29,20 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
|
||||
### Total Number of included CVEs
|
||||
|
||||
```plain
|
||||
223428
|
||||
223435
|
||||
```
|
||||
|
||||
### CVEs added in the last Commit
|
||||
|
||||
Recently added CVEs: `9`
|
||||
Recently added CVEs: `7`
|
||||
|
||||
* [CVE-2023-32756](CVE-2023/CVE-2023-327xx/CVE-2023-32756.json) (`2023-08-25T08:15:07.747`)
|
||||
* [CVE-2023-32757](CVE-2023/CVE-2023-327xx/CVE-2023-32757.json) (`2023-08-25T08:15:07.850`)
|
||||
* [CVE-2023-32518](CVE-2023/CVE-2023-325xx/CVE-2023-32518.json) (`2023-08-25T09:15:07.840`)
|
||||
* [CVE-2023-32576](CVE-2023/CVE-2023-325xx/CVE-2023-32576.json) (`2023-08-25T09:15:08.477`)
|
||||
* [CVE-2023-32577](CVE-2023/CVE-2023-325xx/CVE-2023-32577.json) (`2023-08-25T09:15:08.573`)
|
||||
* [CVE-2023-32584](CVE-2023/CVE-2023-325xx/CVE-2023-32584.json) (`2023-08-25T09:15:08.670`)
|
||||
* [CVE-2023-32591](CVE-2023/CVE-2023-325xx/CVE-2023-32591.json) (`2023-08-25T09:15:08.757`)
|
||||
* [CVE-2023-3406](CVE-2023/CVE-2023-34xx/CVE-2023-3406.json) (`2023-08-25T09:15:08.850`)
|
||||
* [CVE-2023-3425](CVE-2023/CVE-2023-34xx/CVE-2023-3425.json) (`2023-08-25T09:15:08.937`)
|
||||
* [CVE-2023-25649](CVE-2023/CVE-2023-256xx/CVE-2023-25649.json) (`2023-08-25T10:15:08.247`)
|
||||
* [CVE-2023-25981](CVE-2023/CVE-2023-259xx/CVE-2023-25981.json) (`2023-08-25T10:15:09.350`)
|
||||
* [CVE-2023-4478](CVE-2023/CVE-2023-44xx/CVE-2023-4478.json) (`2023-08-25T10:15:09.687`)
|
||||
* [CVE-2023-24394](CVE-2023/CVE-2023-243xx/CVE-2023-24394.json) (`2023-08-25T11:15:07.363`)
|
||||
* [CVE-2023-32575](CVE-2023/CVE-2023-325xx/CVE-2023-32575.json) (`2023-08-25T11:15:08.177`)
|
||||
* [CVE-2023-32595](CVE-2023/CVE-2023-325xx/CVE-2023-32595.json) (`2023-08-25T11:15:08.333`)
|
||||
* [CVE-2023-32596](CVE-2023/CVE-2023-325xx/CVE-2023-32596.json) (`2023-08-25T11:15:08.497`)
|
||||
|
||||
|
||||
### CVEs modified in the last Commit
|
||||
|
Loading…
x
Reference in New Issue
Block a user