admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-10-09T12:00:25.871338+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-10-09 12:00:29 +00:00
parent 3bcdb2b2ce
commit 5acb034d6c
13 changed files with 677 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

55
CVE-2023/CVE-2023-442xx/CVE-2023-44236.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-44236",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-10-09T10:15:22.763",
"lastModified": "2023-10-09T10:15:22.763",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in Devnath verma WP Captcha plugin <=\u00a02.0.0 versions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wp-captcha/wordpress-wp-captcha-plugin-2-0-0-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2023/CVE-2023-442xx/CVE-2023-44237.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-44237",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-10-09T10:15:22.903",
"lastModified": "2023-10-09T10:15:22.903",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in Moriyan Jay WP Site Protector plugin <=\u00a02.0 versions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wp-site-protector/wordpress-wp-site-protector-plugin-2-0-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2023/CVE-2023-442xx/CVE-2023-44238.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-44238",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-10-09T10:15:22.987",
"lastModified": "2023-10-09T10:15:22.987",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in Joakim Ling Remove slug from custom post type plugin <=\u00a01.0.3 versions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/remove-slug-from-custom-post-type/wordpress-remove-slug-from-custom-post-type-plugin-1-0-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2023/CVE-2023-442xx/CVE-2023-44240.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-44240",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-10-09T11:15:10.723",
"lastModified": "2023-10-09T11:15:10.723",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in Peter Butler Timthumb Vulnerability Scanner plugin <=\u00a01.54 versions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/timthumb-vulnerability-scanner/wordpress-timthumb-vulnerability-scanner-plugin-1-54-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2023/CVE-2023-442xx/CVE-2023-44246.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-44246",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-10-09T10:15:23.067",
"lastModified": "2023-10-09T10:15:23.067",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in Matias s Shockingly Simple Favicon plugin <=\u00a01.8.2 versions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/shockingly-simple-favicon/wordpress-shockingly-simple-favicon-plugin-1-8-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2023/CVE-2023-444xx/CVE-2023-44473.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-44473",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-10-09T11:15:10.813",
"lastModified": "2023-10-09T11:15:10.813",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in Michael Tran Table of Contents Plus plugin <=\u00a02302 versions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/table-of-contents-plus/wordpress-table-of-contents-plus-plugin-2302-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2023/CVE-2023-449xx/CVE-2023-44993.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-44993",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-10-09T11:15:10.900",
"lastModified": "2023-10-09T11:15:10.900",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in QuantumCloud AI ChatBot plugin <=\u00a04.7.8 versions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/chatbot/wordpress-ai-chatbot-plugin-4-7-8-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2023/CVE-2023-456xx/CVE-2023-45612.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-45612",
"sourceIdentifier": "security@jetbrains.com",
"published": "2023-10-09T11:15:11.020",
"lastModified": "2023-10-09T11:15:11.020",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In JetBrains Ktor before 2.3.5 default configuration of ContentNegotiation with XML format was vulnerable to XXE"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@jetbrains.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 8.6,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0
}
]
},
"weaknesses": [
{
"source": "security@jetbrains.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-611"
}
]
}
],
"references": [
{
"url": "https://www.jetbrains.com/privacy-security/issues-fixed/",
"source": "security@jetbrains.com"
}
]
}

55
CVE-2023/CVE-2023-456xx/CVE-2023-45613.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-45613",
"sourceIdentifier": "security@jetbrains.com",
"published": "2023-10-09T11:15:11.110",
"lastModified": "2023-10-09T11:15:11.110",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In JetBrains Ktor before 2.3.5 server certificates were not verified"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@jetbrains.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.6,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "security@jetbrains.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-295"
}
]
}
],
"references": [
{
"url": "https://www.jetbrains.com/privacy-security/issues-fixed/",
"source": "security@jetbrains.com"
}
]
}

55
CVE-2023/CVE-2023-53xx/CVE-2023-5330.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-5330",
"sourceIdentifier": "responsibledisclosure@mattermost.com",
"published": "2023-10-09T11:15:11.197",
"lastModified": "2023-10-09T11:15:11.197",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Mattermost fails to\u00a0enforce a limit for the size of the cache entry for OpenGraph data allowing an attacker to send a specially crafted request to the /api/v4/opengraph filling the cache and turning the server unavailable.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "responsibledisclosure@mattermost.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "responsibledisclosure@mattermost.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
}
],
"references": [
{
"url": "https://mattermost.com/security-updates",
"source": "responsibledisclosure@mattermost.com"
}
]
}

55
CVE-2023/CVE-2023-53xx/CVE-2023-5331.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-5331",
"sourceIdentifier": "responsibledisclosure@mattermost.com",
"published": "2023-10-09T11:15:11.280",
"lastModified": "2023-10-09T11:15:11.280",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Mattermost fails to properly check the creator of an attached file when adding the file to a draft post,\u00a0potentially exposing unauthorized file information.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "responsibledisclosure@mattermost.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "responsibledisclosure@mattermost.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://mattermost.com/security-updates",
"source": "responsibledisclosure@mattermost.com"
}
]
}

55
CVE-2023/CVE-2023-53xx/CVE-2023-5333.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-5333",
"sourceIdentifier": "responsibledisclosure@mattermost.com",
"published": "2023-10-09T11:15:11.363",
"lastModified": "2023-10-09T11:15:11.363",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Mattermost fails to deduplicate input IDs allowing a\u00a0simple user to cause the application to consume excessive resources and possibly crash by sending a specially crafted request to /api/v4/users/ids with multiple identical IDs. \n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "responsibledisclosure@mattermost.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "responsibledisclosure@mattermost.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
}
],
"references": [
{
"url": "https://mattermost.com/security-updates",
"source": "responsibledisclosure@mattermost.com"
}
]
}

28
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-10-09T10:00:25.049586+00:00
2023-10-09T12:00:25.871338+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-10-09T09:15:10.787000+00:00
2023-10-09T11:15:11.363000+00:00
```
### Last Data Feed Release
@ -29,25 +29,31 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
227203
227215
```
### CVEs added in the last Commit
Recently added CVEs: `4`
Recently added CVEs: `12`
* [CVE-2023-3589](CVE-2023/CVE-2023-35xx/CVE-2023-3589.json) (`2023-10-09T09:15:10.507`)
* [CVE-2023-44231](CVE-2023/CVE-2023-442xx/CVE-2023-44231.json) (`2023-10-09T09:15:10.617`)
* [CVE-2023-44232](CVE-2023/CVE-2023-442xx/CVE-2023-44232.json) (`2023-10-09T09:15:10.713`)
* [CVE-2023-44260](CVE-2023/CVE-2023-442xx/CVE-2023-44260.json) (`2023-10-09T09:15:10.787`)
* [CVE-2023-44236](CVE-2023/CVE-2023-442xx/CVE-2023-44236.json) (`2023-10-09T10:15:22.763`)
* [CVE-2023-44237](CVE-2023/CVE-2023-442xx/CVE-2023-44237.json) (`2023-10-09T10:15:22.903`)
* [CVE-2023-44238](CVE-2023/CVE-2023-442xx/CVE-2023-44238.json) (`2023-10-09T10:15:22.987`)
* [CVE-2023-44246](CVE-2023/CVE-2023-442xx/CVE-2023-44246.json) (`2023-10-09T10:15:23.067`)
* [CVE-2023-44240](CVE-2023/CVE-2023-442xx/CVE-2023-44240.json) (`2023-10-09T11:15:10.723`)
* [CVE-2023-44473](CVE-2023/CVE-2023-444xx/CVE-2023-44473.json) (`2023-10-09T11:15:10.813`)
* [CVE-2023-44993](CVE-2023/CVE-2023-449xx/CVE-2023-44993.json) (`2023-10-09T11:15:10.900`)
* [CVE-2023-45612](CVE-2023/CVE-2023-456xx/CVE-2023-45612.json) (`2023-10-09T11:15:11.020`)
* [CVE-2023-45613](CVE-2023/CVE-2023-456xx/CVE-2023-45613.json) (`2023-10-09T11:15:11.110`)
* [CVE-2023-5330](CVE-2023/CVE-2023-53xx/CVE-2023-5330.json) (`2023-10-09T11:15:11.197`)
* [CVE-2023-5331](CVE-2023/CVE-2023-53xx/CVE-2023-5331.json) (`2023-10-09T11:15:11.280`)
* [CVE-2023-5333](CVE-2023/CVE-2023-53xx/CVE-2023-5333.json) (`2023-10-09T11:15:11.363`)
### CVEs modified in the last Commit
Recently modified CVEs: `2`
Recently modified CVEs: `0`
* [CVE-2023-1632](CVE-2023/CVE-2023-16xx/CVE-2023-1632.json) (`2023-10-09T08:15:10.630`)
* [CVE-2023-4413](CVE-2023/CVE-2023-44xx/CVE-2023-4413.json) (`2023-10-09T08:15:11.163`)
## Download and Usage