admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-08 03:27:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-05-31T22:00:25.295166+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-05-31 22:00:28 +00:00
parent c347e38bee
commit 5aebcbd1f6
47 changed files with 1843 additions and 115 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
CVE-2021/CVE-2021-450xx/CVE-2021-45039.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2021-45039",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-31T20:15:10.210",
"lastModified": "2023-05-31T20:15:10.210",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Multiple models of the Uniview IP Camera (e.g., IPC_G6103 B6103.16.10.B25.201218, IPC_G61, IPC21, IPC23, IPC32, IPC36, IPC62, and IPC_HCMN) offer an undocumented UDP service on port 7788 that allows a remote unauthenticated attacker to overflow an internal buffer and achieve code execution. By using this buffer overflow, a remote attacker can start the telnetd service. This service has a hardcoded default username and password (root/123456). Although it has a restrictive shell, this can be easily bypassed via the built-in ECHO shell command."
}
],
"metrics": {},
"references": [
{
"url": "https://ssd-disclosure.com/ssd-advisory--uniview-preauth-rce/",
"source": "cve@mitre.org"
},
{
"url": "https://www.uniview.com/About_Us/Security/Notice/202112/920471_140493_0.htm",
"source": "cve@mitre.org"
}
]
}

64
CVE-2022/CVE-2022-300xx/CVE-2022-30025.json
View File

@ -2,19 +2,75 @@
"id": "CVE-2022-30025",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-24T21:15:10.450",
"lastModified": "2023-05-25T12:40:12.980",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-31T20:57:27.357",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "SQL injection in \"/Framewrk/Home.jsp\" file (POST method) in tCredence Analytics iDEAL Wealth and Funds - 1.0 iallows authenticated remote attackers to inject payload via \"v\" parameter."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:credenceanalytics:ideal_-_wealth_and_funds:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D5A14C63-E3D0-44F6-A6DB-72629046C6FA"
}
]
}
]
}
],
"references": [
{
"url": "https://gist.github.com/fir3storm/c8a013d1231c22e22835566609620afd",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

28
CVE-2022/CVE-2022-485xx/CVE-2022-48502.json Normal file
View File

@ -0,0 +1,28 @@
{
"id": "CVE-2022-48502",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-31T20:15:10.303",
"lastModified": "2023-05-31T20:15:10.303",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in the Linux kernel before 6.2. The ntfs3 subsystem does not properly check for correctness during disk reads, leading to an out-of-bounds read in ntfs_set_ea in fs/ntfs3/xattr.c."
}
],
"metrics": {},
"references": [
{
"url": "https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.2",
"source": "cve@mitre.org"
},
{
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0e8235d28f3a0e9eda9f02ff67ee566d5f42b66b",
"source": "cve@mitre.org"
},
{
"url": "https://syzkaller.appspot.com/bug?extid=8778f030156c6cd16d72",
"source": "cve@mitre.org"
}
]
}

18
CVE-2023/CVE-2023-243xx/CVE-2023-24329.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-24329",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-02-17T15:15:12.243",
"lastModified": "2023-05-30T05:15:10.557",
"lastModified": "2023-05-31T20:15:10.350",
"vulnStatus": "Modified",
"descriptions": [
{
@ -72,18 +72,34 @@
"Patch"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6PEVICI7YNGGMSL3UCMWGE66QFLATH72/",
"source": "cve@mitre.org"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EM2XLZSTXG44TMFXF4E6VTGKR2MQCW3G/",
"source": "cve@mitre.org"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F2NY75GFDZ5T6YPN44D3VMFT5SUVTOTG/",
"source": "cve@mitre.org"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LWC4WGXER5P6Q75RFGL7QUTPP3N5JR7T/",
"source": "cve@mitre.org"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZEHSXSCMA4WWQKXT6QV7AAR6SWNZ2VP/",
"source": "cve@mitre.org"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O5SP4RT3RRS434ZS2HQKQJ3VZW7YPKYR/",
"source": "cve@mitre.org"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OHHJHJRLEF3TDT2K3676CAUVRDD4CCMR/",
"source": "cve@mitre.org"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PURM5CFDABEWAIWZFD2MQ7ZJGCPYSQ44/",
"source": "cve@mitre.org"

47
CVE-2023/CVE-2023-25xx/CVE-2023-2586.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2586",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2023-05-22T16:15:09.597",
"lastModified": "2023-05-22T16:15:51.187",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-31T20:19:02.373",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:teltonika:remote_management_system:4.14.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EC814F7F-8166-40CD-A9B6-D5136DC0364B"
}
]
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-131-08",
"source": "ics-cert@hq.dhs.gov"
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
]
}
]
}

48
CVE-2023/CVE-2023-25xx/CVE-2023-2588.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2588",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2023-05-22T16:15:09.760",
"lastModified": "2023-05-22T16:15:51.187",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-31T20:19:21.353",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
@ -46,10 +66,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:teltonika:remote_management_system:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.10.0",
"matchCriteriaId": "FBC0B044-049C-4538-A1C6-56B61073AADE"
}
]
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-131-08",
"source": "ics-cert@hq.dhs.gov"
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
]
}
]
}

47
CVE-2023/CVE-2023-262xx/CVE-2023-26278.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2023-26278",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-05-31T20:15:10.427",
"lastModified": "2023-05-31T20:15:10.427",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "IBM QRadar WinCollect Agent 10.0 through 10.1.3 could allow a local authenticated attacker to gain elevated privileges on the system. IBM X-Force ID: 248158."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.5,
"impactScore": 6.0
}
]
},
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/248158",
"source": "psirt@us.ibm.com"
},
{
"url": "https://www.ibm.com/support/pages/node/6999341",
"source": "psirt@us.ibm.com"
}
]
}

27
CVE-2023/CVE-2023-27xx/CVE-2023-2750.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2750",
"sourceIdentifier": "cve@usom.gov.tr",
"published": "2023-05-24T12:15:09.337",
"lastModified": "2023-05-24T12:59:09.197",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-31T20:29:42.987",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -46,10 +46,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cityboss:e-municipality:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.05",
"matchCriteriaId": "CF42324E-E29C-43D7-88EF-6D7BD6AF461F"
}
]
}
]
}
],
"references": [
{
"url": "https://www.usom.gov.tr/bildirim/tr-23-0286",
"source": "cve@usom.gov.tr"
"source": "cve@usom.gov.tr",
"tags": [
"Third Party Advisory"
]
}
]
}

10
CVE-2023/CVE-2023-286xx/CVE-2023-28625.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28625",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-04-03T14:15:07.507",
"lastModified": "2023-05-25T20:13:55.667",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-31T20:15:10.493",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -57,7 +57,7 @@
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -121,6 +121,10 @@
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WIBKFC22PDH6UXMSZ23PHTD7736ZC7BB/",
"source": "security-advisories@github.com"
},
{
"url": "https://www.debian.org/security/2023/dsa-5405",
"source": "security-advisories@github.com",

62
CVE-2023/CVE-2023-28xx/CVE-2023-2862.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2862",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-05-24T10:15:09.283",
"lastModified": "2023-05-24T12:59:09.197",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-31T20:29:34.837",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,18 +93,48 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sscms:siteserver_cms:*:*:*:*:*:*:*:*",
"versionEndIncluding": "7.2.1",
"matchCriteriaId": "D4251879-053B-4244-8521-ABD3BB4C1BB5"
}
]
}
]
}
],
"references": [
{
"url": "https://gitee.com/siteserver/cms/issues/I71WJ4",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.229818",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.229818",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

92
CVE-2023/CVE-2023-28xx/CVE-2023-2873.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2873",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-05-24T18:15:10.493",
"lastModified": "2023-05-25T12:40:12.980",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-31T20:14:12.547",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -61,8 +83,18 @@
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -71,22 +103,68 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:filseclab:twister_antivirus:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.0",
"versionEndIncluding": "8.17",
"matchCriteriaId": "2A09A498-D3C2-4356-87A0-6A9E35D14F09"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://drive.google.com/file/d/1ABRMxr6Ek02P_WAXjyYLGQ4sHYMVQTka/view?usp=sharing",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://github.com/zeze-zeze/WindowsKernelVuln/blob/master/CVE-2023-2873",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.229852",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.229852",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

92
CVE-2023/CVE-2023-28xx/CVE-2023-2874.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2874",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-05-24T19:15:09.443",
"lastModified": "2023-05-25T12:40:12.980",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-31T20:06:14.543",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -61,8 +83,18 @@
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -71,22 +103,68 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:filseclab:twister_antivirus:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.0",
"versionEndIncluding": "8.17",
"matchCriteriaId": "2A09A498-D3C2-4356-87A0-6A9E35D14F09"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://drive.google.com/file/d/1hcj4tdRveydUv84J5IEQFmjF1XxUvxGy/view?usp=sharing",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://github.com/zeze-zeze/WindowsKernelVuln/blob/master/CVE-2023-2874",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.229853",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.229853",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

32
CVE-2023/CVE-2023-30xx/CVE-2023-3006.json Normal file
View File

@ -0,0 +1,32 @@
{
"id": "CVE-2023-3006",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-05-31T20:15:11.127",
"lastModified": "2023-05-31T20:15:11.127",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A known cache speculation vulnerability, known as Branch History Injection (BHI) or Spectre-BHB, becomes actual again for the new hw AmpereOne. Spectre-BHB is similar to Spectre v2, except that malicious code uses the shared branch history (stored in the CPU Branch History Buffer, or BHB) to influence mispredicted branches within the victim's hardware context. Once that occurs, speculation caused by the mispredicted branches can cause cache allocation. This issue leads to obtaining information that should not be accessible."
}
],
"metrics": {},
"weaknesses": [
{
"source": "secalert@redhat.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-226"
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git/commit/?id=0e5d5ae837c8",
"source": "secalert@redhat.com"
}
]
}

48
CVE-2023/CVE-2023-323xx/CVE-2023-32346.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32346",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2023-05-22T15:15:09.647",
"lastModified": "2023-05-22T16:15:51.187",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-31T20:17:36.940",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
@ -46,10 +66,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:teltonika:remote_management_system:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.10.0",
"matchCriteriaId": "FBC0B044-049C-4538-A1C6-56B61073AADE"
}
]
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-131-08",
"source": "ics-cert@hq.dhs.gov"
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
]
}
]
}

48
CVE-2023/CVE-2023-323xx/CVE-2023-32347.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32347",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2023-05-22T15:15:09.723",
"lastModified": "2023-05-22T16:15:51.187",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-31T20:18:22.233",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
@ -46,10 +66,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:teltonika:remote_management_system:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.10.0",
"matchCriteriaId": "FBC0B044-049C-4538-A1C6-56B61073AADE"
}
]
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-131-08",
"source": "ics-cert@hq.dhs.gov"
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
]
}
]
}

28
CVE-2023/CVE-2023-332xx/CVE-2023-33287.json Normal file
View File

@ -0,0 +1,28 @@
{
"id": "CVE-2023-33287",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-31T20:15:10.583",
"lastModified": "2023-05-31T20:15:10.583",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A stored cross-site scripting (XSS) vulnerability in the Inline Table Editing application before 3.8.0 for Confluence allows attackers to store and execute arbitrary JavaScript via a crafted payload injected into the tables."
}
],
"metrics": {},
"references": [
{
"url": "https://actonic.de/produkte/inline-table-editing/",
"source": "cve@mitre.org"
},
{
"url": "https://marketplace.atlassian.com/apps/1217271/inline-table-editing/version-history",
"source": "cve@mitre.org"
},
{
"url": "https://marketplace.atlassian.com/apps/1217271/inline-table-editing?hosting=server&tab=versions",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-336xx/CVE-2023-33627.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-33627",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-31T21:15:09.423",
"lastModified": "2023-05-31T21:15:09.423",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the UpdateSnat interface at /goform/aspForm."
}
],
"metrics": {},
"references": [
{
"url": "https://hackmd.io/@0dayResearch/UpdateSnat",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-336xx/CVE-2023-33628.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-33628",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-31T21:15:09.470",
"lastModified": "2023-05-31T21:15:09.470",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the DelvsList interface at /goform/aspForm."
}
],
"metrics": {},
"references": [
{
"url": "https://hackmd.io/@0dayResearch/DelvsList_R300",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-336xx/CVE-2023-33629.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-33629",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-31T21:15:09.520",
"lastModified": "2023-05-31T21:15:09.520",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the DeltriggerList interface at /goform/aspForm."
}
],
"metrics": {},
"references": [
{
"url": "https://hackmd.io/@0dayResearch/r1UjggZfh",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-336xx/CVE-2023-33630.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-33630",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-31T21:15:09.563",
"lastModified": "2023-05-31T21:15:09.563",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the EditvsList interface at /goform/aspForm."
}
],
"metrics": {},
"references": [
{
"url": "https://hackmd.io/@0dayResearch/HkUA31-Mh",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-336xx/CVE-2023-33631.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-33631",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-31T21:15:09.607",
"lastModified": "2023-05-31T21:15:09.607",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the DelSTList interface at /goform/aspForm."
}
],
"metrics": {},
"references": [
{
"url": "https://hackmd.io/@0dayResearch/DelSTList",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-336xx/CVE-2023-33632.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-33632",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-31T21:15:09.650",
"lastModified": "2023-05-31T21:15:09.650",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the ipqos_lanip_dellist interface at /goform/aspForm."
}
],
"metrics": {},
"references": [
{
"url": "https://hackmd.io/@0dayResearch/r1N7fg-fn",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-336xx/CVE-2023-33633.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-33633",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-31T21:15:09.690",
"lastModified": "2023-05-31T21:15:09.690",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the UpdateWanParams interface at /goform/aspForm."
}
],
"metrics": {},
"references": [
{
"url": "https://hackmd.io/@0dayResearch/UpdateWanParams",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-336xx/CVE-2023-33634.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-33634",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-31T21:15:09.733",
"lastModified": "2023-05-31T21:15:09.733",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the EdittriggerList interface at /goform/aspForm."
}
],
"metrics": {},
"references": [
{
"url": "https://hackmd.io/@0dayResearch/r1g5bl-Mn",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-336xx/CVE-2023-33635.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-33635",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-31T21:15:09.780",
"lastModified": "2023-05-31T21:15:09.780",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the UpdateMacClone interface at /goform/aspForm."
}
],
"metrics": {},
"references": [
{
"url": "https://hackmd.io/@0dayResearch/UpdateMacClone",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-336xx/CVE-2023-33636.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-33636",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-31T21:15:09.820",
"lastModified": "2023-05-31T21:15:09.820",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the ipqos_lanip_editlist interface at /goform/aspForm."
}
],
"metrics": {},
"references": [
{
"url": "https://hackmd.io/@0dayResearch/HyX6mgWz2",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-336xx/CVE-2023-33637.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-33637",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-31T21:15:09.877",
"lastModified": "2023-05-31T21:15:09.877",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the DelDNSHnList interface at /goform/aspForm."
}
],
"metrics": {},
"references": [
{
"url": "https://hackmd.io/@0dayResearch/r1azLeWz3",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-336xx/CVE-2023-33638.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-33638",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-31T21:15:09.923",
"lastModified": "2023-05-31T21:15:09.923",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the Edit_BasicSSID_5G interface at /goform/aspForm."
}
],
"metrics": {},
"references": [
{
"url": "https://hackmd.io/@0dayResearch/ryyALdiV3",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-336xx/CVE-2023-33639.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-33639",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-31T21:15:09.967",
"lastModified": "2023-05-31T21:15:09.967",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the SetMobileAPInfoById interface at /goform/aspForm."
}
],
"metrics": {},
"references": [
{
"url": "https://hackmd.io/@0dayResearch/Bk2hvYkH3",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-336xx/CVE-2023-33640.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-33640",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-31T21:15:10.010",
"lastModified": "2023-05-31T21:15:10.010",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the SetAPWifiorLedInfoById interface at /goform/aspForm."
}
],
"metrics": {},
"references": [
{
"url": "https://hackmd.io/@0dayResearch/S1twOtyrh",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-336xx/CVE-2023-33641.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-33641",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-31T21:15:10.050",
"lastModified": "2023-05-31T21:15:10.050",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the AddMacList interface at /goform/aspForm."
}
],
"metrics": {},
"references": [
{
"url": "https://hackmd.io/@0dayResearch/SycYkOj42",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-336xx/CVE-2023-33642.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-33642",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-31T21:15:10.097",
"lastModified": "2023-05-31T21:15:10.097",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the Edit_BasicSSID interface at /goform/aspForm."
}
],
"metrics": {},
"references": [
{
"url": "https://hackmd.io/@0dayResearch/Skg0zOsVh",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-336xx/CVE-2023-33643.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-33643",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-31T21:15:10.137",
"lastModified": "2023-05-31T21:15:10.137",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the AddWlanMacList interface at /goform/aspForm."
}
],
"metrics": {},
"references": [
{
"url": "https://hackmd.io/@0dayResearch/S1N5bdsE2",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-337xx/CVE-2023-33730.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-33730",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-31T20:15:10.630",
"lastModified": "2023-05-31T20:15:10.630",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Privilege Escalation in the \"GetUserCurrentPwd\" function in Microworld Technologies eScan Management Console 14.0.1400.2281 allows any remote attacker to retrieve password of any admin or normal user in plain text format."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/sahiloj/CVE-2023-33730/blob/main/CVE-2023-33730.md",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-337xx/CVE-2023-33732.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-33732",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-31T20:15:10.677",
"lastModified": "2023-05-31T20:15:10.677",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Cross Site Scripting (XSS) in the New Policy form in Microworld Technologies eScan management console 14.0.1400.2281 allows a remote attacker to inject arbitrary code via the vulnerable parameters type, txtPolicyType, and Deletefileval."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/sahiloj/CVE-2023-33733/blob/main/CVE-2023-33733.md",
"source": "cve@mitre.org"
}
]
}

24
CVE-2023/CVE-2023-337xx/CVE-2023-33735.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-33735",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-31T20:15:10.720",
"lastModified": "2023-05-31T20:15:10.720",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "D-Link DIR-846 v1.00A52 was discovered to contain a remote command execution (RCE) vulnerability via the tomography_ping_address parameter in the /HNAP1 interface."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/Tyaoo/IoT-Vuls/blob/main/dlink/DIR-846/vul.md",
"source": "cve@mitre.org"
},
{
"url": "https://www.dlink.com/en/security-bulletin/",
"source": "cve@mitre.org"
}
]
}

303
CVE-2023/CVE-2023-339xx/CVE-2023-33939.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-33939",
"sourceIdentifier": "security@liferay.com",
"published": "2023-05-24T14:15:09.623",
"lastModified": "2023-05-25T12:40:42.083",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-31T20:35:06.760",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "security@liferay.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "security@liferay.com",
"type": "Secondary",
@ -46,10 +76,277 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.1:-:*:*:*:*:*:*",
"matchCriteriaId": "27DF695E-B890-42C2-8941-5BB53154755F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_1:*:*:*:*:*:*",
"matchCriteriaId": "072F6C59-3D86-48D1-A14E-477FFFA3B1D1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_10:*:*:*:*:*:*",
"matchCriteriaId": "FE68B4A2-3459-4DBA-8BAC-E9AA9FA25264"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_11:*:*:*:*:*:*",
"matchCriteriaId": "680D7963-1393-4E86-A65F-D4463D532120"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_12:*:*:*:*:*:*",
"matchCriteriaId": "D81E73DD-FD21-4082-A883-34422AE6C024"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_13:*:*:*:*:*:*",
"matchCriteriaId": "E6DD0451-98EA-4140-8294-77A14F063E2E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_14:*:*:*:*:*:*",
"matchCriteriaId": "CE94E76B-8CC2-4E91-B7A3-EEBCC1358FF4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_15:*:*:*:*:*:*",
"matchCriteriaId": "408BD438-E15C-422F-9612-C62A7387FC63"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_16:*:*:*:*:*:*",
"matchCriteriaId": "A78C8B1C-39CB-4C27-B57C-0AF5E7EB50D9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_17:*:*:*:*:*:*",
"matchCriteriaId": "0AB19E97-BACE-4FCC-A53F-078D61A7A9E8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_18:*:*:*:*:*:*",
"matchCriteriaId": "D18ACD28-9182-435C-A30F-DF3BFE13C39A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_19:*:*:*:*:*:*",
"matchCriteriaId": "CFE4CC72-C15A-40DE-AFF4-0B6B79BFB2BA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_2:*:*:*:*:*:*",
"matchCriteriaId": "386F0E26-78DC-4D59-A20F-B41D0E59561B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_20:*:*:*:*:*:*",
"matchCriteriaId": "43C11288-1C48-47A0-95DF-A48F3C0285F6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_21:*:*:*:*:*:*",
"matchCriteriaId": "5ECF3B18-D0DB-4FB6-9F6F-B63A6CE45081"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_22:*:*:*:*:*:*",
"matchCriteriaId": "79AC7C0B-4135-4C24-8D37-A9431156E3E9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_23:*:*:*:*:*:*",
"matchCriteriaId": "7289F71D-ECEB-4FB9-A53F-D3F4D1315ADD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_24:*:*:*:*:*:*",
"matchCriteriaId": "C18AE68F-6EF0-4132-A3D8-C2D77A842137"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_25:*:*:*:*:*:*",
"matchCriteriaId": "4C5F0729-7B44-4B9E-949F-6A66D8176E11"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_26:*:*:*:*:*:*",
"matchCriteriaId": "B883C27E-3C14-4686-A0E8-8969B4246CDF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_3:*:*:*:*:*:*",
"matchCriteriaId": "54576481-2AE9-4133-9EFA-B7FBDCA4427D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_4:*:*:*:*:*:*",
"matchCriteriaId": "E29CE810-76D5-4283-B102-70344B6C9506"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_5:*:*:*:*:*:*",
"matchCriteriaId": "DA869467-C560-4130-A180-86819F6A8673"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_6:*:*:*:*:*:*",
"matchCriteriaId": "CC0C94B7-31FB-4115-8EDE-62CC459B6663"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_7:*:*:*:*:*:*",
"matchCriteriaId": "07DEAA71-53DA-4508-B7E6-924ABED49E66"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_8:*:*:*:*:*:*",
"matchCriteriaId": "467323F6-5CA7-42A0-9810-C6FA694CEC93"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_9:*:*:*:*:*:*",
"matchCriteriaId": "32EFFD8A-1C0D-446B-AAD7-5D23D483D3D8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:-:*:*:*:*:*:*",
"matchCriteriaId": "0DCF7F39-A198-4F7E-84B7-90C88C1BAA96"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_1:*:*:*:*:*:*",
"matchCriteriaId": "E7E68DF8-749B-4284-A7C9-929701A86B36"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_10:*:*:*:*:*:*",
"matchCriteriaId": "340DF1FE-5720-4516-BA51-F2197A654409"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_11:*:*:*:*:*:*",
"matchCriteriaId": "97E155DE-05C6-4559-94A8-0EFEB958D0C9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_12:*:*:*:*:*:*",
"matchCriteriaId": "0635FB5F-9C90-49C7-A9EF-00C0396FCCAE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_13:*:*:*:*:*:*",
"matchCriteriaId": "77523B76-FC26-41B1-A804-7372E13F4FB2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_14:*:*:*:*:*:*",
"matchCriteriaId": "B15397B8-5087-4239-AE78-D3C37D59DE83"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_15:*:*:*:*:*:*",
"matchCriteriaId": "311EE92A-0EEF-4556-A52F-E6C9522FA2DD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_16:*:*:*:*:*:*",
"matchCriteriaId": "49501C9E-D12A-45E0-92F3-8FD5FDC6D3CF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_2:*:*:*:*:*:*",
"matchCriteriaId": "7CECAA19-8B7F-44C8-8059-6D4F2105E196"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_3:*:*:*:*:*:*",
"matchCriteriaId": "68CBCEEB-7C28-4769-813F-3F01E33D2E08"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_4:*:*:*:*:*:*",
"matchCriteriaId": "C0CB4927-A361-4DFA-BDB8-A454EA2894AB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_5:*:*:*:*:*:*",
"matchCriteriaId": "B2B771B7-D5CB-4778-A3A8-1005E4EE134C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_6:*:*:*:*:*:*",
"matchCriteriaId": "3B9DB383-3791-4A43-BA4D-7695B203E736"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_7:*:*:*:*:*:*",
"matchCriteriaId": "13F02D77-20E9-4F32-9752-511EB71E6704"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_8:*:*:*:*:*:*",
"matchCriteriaId": "6353CC8F-A6D4-4A0C-8D68-290CD8DEB4F8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_9:*:*:*:*:*:*",
"matchCriteriaId": "759DDB90-6A89-4E4F-BD04-F70EFA5343B0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:-:*:*:*:*:*:*",
"matchCriteriaId": "6F6A98ED-E694-4F39-95D0-C152BD1EC115"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:fix_pack_1:*:*:*:*:*:*",
"matchCriteriaId": "2CD6861A-D546-462F-8B22-FA76A4AF8A9C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.3:fix_pack_2:*:*:*:*:*:*",
"matchCriteriaId": "324BB977-5AAC-4367-98FC-605FF4997B3F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:-:*:*:*:*:*:*",
"matchCriteriaId": "96E84DBC-C740-4E23-8D1D-83C8AE49813E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update1:*:*:*:*:*:*",
"matchCriteriaId": "8B1B2384-764F-43CC-8206-36DCBE9DDCBF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:liferay_portal:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.1.0",
"versionEndIncluding": "7.4.3.12",
"matchCriteriaId": "94AA76F2-5073-4F3D-9C90-0D44689F873A"
}
]
}
]
}
],
"references": [
{
"url": "https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/cve-2023-33939",
"source": "security@liferay.com"
"source": "security@liferay.com",
"tags": [
"Vendor Advisory"
]
}
]
}

68
CVE-2023/CVE-2023-339xx/CVE-2023-33940.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-33940",
"sourceIdentifier": "security@liferay.com",
"published": "2023-05-24T14:15:09.697",
"lastModified": "2023-05-25T12:40:42.083",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-31T20:32:27.547",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "security@liferay.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "security@liferay.com",
"type": "Secondary",
@ -46,10 +76,42 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:-:*:*:*:*:*:*",
"matchCriteriaId": "96E84DBC-C740-4E23-8D1D-83C8AE49813E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update1:*:*:*:*:*:*",
"matchCriteriaId": "8B1B2384-764F-43CC-8206-36DCBE9DDCBF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:liferay_portal:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.4.0",
"versionEndIncluding": "7.4.3.30",
"matchCriteriaId": "0144D43C-D0E8-4D25-A6AC-81CFD2278DFB"
}
]
}
]
}
],
"references": [
{
"url": "https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/cve-2023-33940",
"source": "security@liferay.com"
"source": "security@liferay.com",
"tags": [
"Vendor Advisory"
]
}
]
}

61
CVE-2023/CVE-2023-339xx/CVE-2023-33942.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-33942",
"sourceIdentifier": "security@liferay.com",
"published": "2023-05-24T15:15:09.807",
"lastModified": "2023-05-25T12:40:42.083",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-31T20:38:53.780",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "security@liferay.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "security@liferay.com",
"type": "Secondary",
@ -46,10 +76,35 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update50:*:*:*:*:*:*",
"matchCriteriaId": "CCD1DEA0-8823-4780-B5EE-C1A2BB3C6B4F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:liferay_portal:7.4.3.50:*:*:*:*:*:*:*",
"matchCriteriaId": "85FAEA65-56C6-49F2-9F40-207496267879"
}
]
}
]
}
],
"references": [
{
"url": "https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/cve-2023-33942",
"source": "security@liferay.com"
"source": "security@liferay.com",
"tags": [
"Vendor Advisory"
]
}
]
}

68
CVE-2023/CVE-2023-339xx/CVE-2023-33943.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-33943",
"sourceIdentifier": "security@liferay.com",
"published": "2023-05-24T15:15:09.897",
"lastModified": "2023-05-25T12:40:42.083",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-31T20:42:51.747",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "security@liferay.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "security@liferay.com",
"type": "Secondary",
@ -46,10 +76,42 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update21:*:*:*:*:*:*",
"matchCriteriaId": "22B6B8C1-1FF3-41BC-9576-16193AE20CC7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update62:*:*:*:*:*:*",
"matchCriteriaId": "365F28B6-DBF2-45BB-A06D-DD80CFBAD7BD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:liferay_portal:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.4.3.21",
"versionEndIncluding": "7.4.3.62",
"matchCriteriaId": "AABBE89E-33BB-462C-B1CE-17A7E578B304"
}
]
}
]
}
],
"references": [
{
"url": "https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/cve-2023-33943",
"source": "security@liferay.com"
"source": "security@liferay.com",
"tags": [
"Vendor Advisory"
]
}
]
}

73
CVE-2023/CVE-2023-339xx/CVE-2023-33949.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-33949",
"sourceIdentifier": "security@liferay.com",
"published": "2023-05-24T17:15:09.933",
"lastModified": "2023-05-25T12:40:12.980",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-31T20:16:46.520",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "security@liferay.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-1188"
}
]
},
{
"source": "security@liferay.com",
"type": "Secondary",
@ -46,10 +76,47 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.0:-:*:*:*:*:*:*",
"matchCriteriaId": "4614C87F-F39C-4ADD-A7A2-4A498612AD38"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.1:-:*:*:*:*:*:*",
"matchCriteriaId": "27DF695E-B890-42C2-8941-5BB53154755F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.2:-:*:*:*:*:*:*",
"matchCriteriaId": "0DCF7F39-A198-4F7E-84B7-90C88C1BAA96"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:liferay_portal:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.0.0",
"versionEndIncluding": "7.3.0",
"matchCriteriaId": "39BA38ED-FF39-4795-9313-F920D16DD629"
}
]
}
]
}
],
"references": [
{
"url": "https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/cve-2023-33949",
"source": "security@liferay.com"
"source": "security@liferay.com",
"tags": [
"Vendor Advisory"
]
}
]
}

68
CVE-2023/CVE-2023-339xx/CVE-2023-33950.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-33950",
"sourceIdentifier": "security@liferay.com",
"published": "2023-05-24T17:15:10.007",
"lastModified": "2023-05-25T12:40:12.980",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-31T20:22:30.147",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "security@liferay.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-1333"
}
]
},
{
"source": "security@liferay.com",
"type": "Secondary",
@ -46,10 +76,42 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update48:*:*:*:*:*:*",
"matchCriteriaId": "67F50AF8-7B0E-4D01-9EB2-C6625E9DACB6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:digital_experience_platform:7.4:update76:*:*:*:*:*:*",
"matchCriteriaId": "7E325115-EEBC-41F4-8606-45270DA40B98"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:liferay:liferay_portal:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.4.3.48",
"versionEndIncluding": "7.4.3.76",
"matchCriteriaId": "B7BD9AEF-1599-49B1-85E8-0B0DB56CE4C0"
}
]
}
]
}
],
"references": [
{
"url": "https://liferay.dev/portal/security/known-vulnerabilities/-/asset_publisher/jekt/content/cve-2023-33950",
"source": "security@liferay.com"
"source": "security@liferay.com",
"tags": [
"Vendor Advisory"
]
}
]
}

24
CVE-2023/CVE-2023-342xx/CVE-2023-34255.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-34255",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-31T20:15:10.767",
"lastModified": "2023-05-31T20:15:10.767",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in the Linux kernel through 6.3.5. There is a use-after-free in xfs_btree_lookup_get_block in fs/xfs/libxfs/xfs_btree.c because fs/xfs/xfs_buf_item_recover.c does not perform buffer content verification when log replay is skipped."
}
],
"metrics": {},
"references": [
{
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=22ed903eee23a5b174e240f1cdfa9acf393a5210",
"source": "cve@mitre.org"
},
{
"url": "https://syzkaller.appspot.com/bug?extid=7e9494b8b399902e994e",
"source": "cve@mitre.org"
}
]
}

28
CVE-2023/CVE-2023-342xx/CVE-2023-34256.json Normal file
View File

@ -0,0 +1,28 @@
{
"id": "CVE-2023-34256",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-31T20:15:10.817",
"lastModified": "2023-05-31T20:15:10.817",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in the Linux kernel before 6.3.3. There is an out-of-bounds read in crc16 in lib/crc16.c when called from fs/ext4/super.c because ext4_group_desc_csum does not properly check an offset."
}
],
"metrics": {},
"references": [
{
"url": "https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.3",
"source": "cve@mitre.org"
},
{
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=4f04351888a83e595571de672e0a4a8b74f4fb31",
"source": "cve@mitre.org"
},
{
"url": "https://syzkaller.appspot.com/bug?extid=8785e41224a3afd04321",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-342xx/CVE-2023-34257.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-34257",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-31T20:15:10.860",
"lastModified": "2023-05-31T20:15:10.860",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "** DISPUTED ** An issue was discovered in BMC Patrol through 23.1.00. The agent's configuration can be remotely modified (and, by default, authentication is not required). Some configuration fields related to SNMP (e.g., masterAgentName or masterAgentStartLine) result in code execution when the agent is restarted. NOTE: the vendor's perspective is \"These are not vulnerabilities for us as we have provided the option to implement the authentication.\""
}
],
"metrics": {},
"references": [
{
"url": "https://www.errno.fr/PatrolAdvisory.html#remote-code-excution-using-patrols-pconfig",
"source": "cve@mitre.org"
}
]
}

24
CVE-2023/CVE-2023-342xx/CVE-2023-34258.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-34258",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-31T20:15:10.903",
"lastModified": "2023-05-31T20:15:10.903",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in BMC Patrol before 22.1.00. The agent's configuration can be remotely queried. This configuration contains the Patrol account password, encrypted with a default AES key. This account can then be used to achieve remote code execution."
}
],
"metrics": {},
"references": [
{
"url": "https://gist.github.com/gquere/045638b9959f4b3e119ea01d8d6ff856",
"source": "cve@mitre.org"
},
{
"url": "https://www.errno.fr/PatrolAdvisory.html#remote-secrets-leak-using-patrols-pconfig-22100",
"source": "cve@mitre.org"
}
]
}

102
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-05-31T20:00:27.942308+00:00
2023-05-31T22:00:25.295166+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-05-31T19:43:32.370000+00:00
2023-05-31T21:15:10.137000+00:00
```
### Last Data Feed Release
@ -29,69 +29,61 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
216550
216579
```
### CVEs added in the last Commit
Recently added CVEs: `27`
Recently added CVEs: `29`
* [CVE-2022-35744](CVE-2022/CVE-2022-357xx/CVE-2022-35744.json) (`2023-05-31T19:15:16.273`)
* [CVE-2022-35745](CVE-2022/CVE-2022-357xx/CVE-2022-35745.json) (`2023-05-31T19:15:16.367`)
* [CVE-2022-35746](CVE-2022/CVE-2022-357xx/CVE-2022-35746.json) (`2023-05-31T19:15:16.427`)
* [CVE-2022-35747](CVE-2022/CVE-2022-357xx/CVE-2022-35747.json) (`2023-05-31T19:15:16.490`)
* [CVE-2022-35748](CVE-2022/CVE-2022-357xx/CVE-2022-35748.json) (`2023-05-31T19:15:16.550`)
* [CVE-2022-35749](CVE-2022/CVE-2022-357xx/CVE-2022-35749.json) (`2023-05-31T19:15:16.610`)
* [CVE-2022-35750](CVE-2022/CVE-2022-357xx/CVE-2022-35750.json) (`2023-05-31T19:15:16.677`)
* [CVE-2022-35751](CVE-2022/CVE-2022-357xx/CVE-2022-35751.json) (`2023-05-31T19:15:16.747`)
* [CVE-2022-35752](CVE-2022/CVE-2022-357xx/CVE-2022-35752.json) (`2023-05-31T19:15:16.813`)
* [CVE-2022-35753](CVE-2022/CVE-2022-357xx/CVE-2022-35753.json) (`2023-05-31T19:15:16.877`)
* [CVE-2022-35754](CVE-2022/CVE-2022-357xx/CVE-2022-35754.json) (`2023-05-31T19:15:16.937`)
* [CVE-2022-35755](CVE-2022/CVE-2022-357xx/CVE-2022-35755.json) (`2023-05-31T19:15:17.000`)
* [CVE-2022-35756](CVE-2022/CVE-2022-357xx/CVE-2022-35756.json) (`2023-05-31T19:15:17.063`)
* [CVE-2022-35757](CVE-2022/CVE-2022-357xx/CVE-2022-35757.json) (`2023-05-31T19:15:17.123`)
* [CVE-2022-35758](CVE-2022/CVE-2022-357xx/CVE-2022-35758.json) (`2023-05-31T19:15:17.190`)
* [CVE-2022-35759](CVE-2022/CVE-2022-357xx/CVE-2022-35759.json) (`2023-05-31T19:15:17.253`)
* [CVE-2023-33964](CVE-2023/CVE-2023-339xx/CVE-2023-33964.json) (`2023-05-31T18:15:09.437`)
* [CVE-2023-33966](CVE-2023/CVE-2023-339xx/CVE-2023-33966.json) (`2023-05-31T18:15:09.527`)
* [CVE-2023-33967](CVE-2023/CVE-2023-339xx/CVE-2023-33967.json) (`2023-05-31T18:15:09.603`)
* [CVE-2023-33971](CVE-2023/CVE-2023-339xx/CVE-2023-33971.json) (`2023-05-31T18:15:09.683`)
* [CVE-2023-26277](CVE-2023/CVE-2023-262xx/CVE-2023-26277.json) (`2023-05-31T19:15:26.677`)
* [CVE-2023-33718](CVE-2023/CVE-2023-337xx/CVE-2023-33718.json) (`2023-05-31T19:15:26.997`)
* [CVE-2023-33722](CVE-2023/CVE-2023-337xx/CVE-2023-33722.json) (`2023-05-31T19:15:27.090`)
* [CVE-2023-33979](CVE-2023/CVE-2023-339xx/CVE-2023-33979.json) (`2023-05-31T19:15:27.163`)
* [CVE-2023-34088](CVE-2023/CVE-2023-340xx/CVE-2023-34088.json) (`2023-05-31T19:15:27.290`)
* [CVE-2023-33730](CVE-2023/CVE-2023-337xx/CVE-2023-33730.json) (`2023-05-31T20:15:10.630`)
* [CVE-2023-33732](CVE-2023/CVE-2023-337xx/CVE-2023-33732.json) (`2023-05-31T20:15:10.677`)
* [CVE-2023-33735](CVE-2023/CVE-2023-337xx/CVE-2023-33735.json) (`2023-05-31T20:15:10.720`)
* [CVE-2023-34255](CVE-2023/CVE-2023-342xx/CVE-2023-34255.json) (`2023-05-31T20:15:10.767`)
* [CVE-2023-34256](CVE-2023/CVE-2023-342xx/CVE-2023-34256.json) (`2023-05-31T20:15:10.817`)
* [CVE-2023-34257](CVE-2023/CVE-2023-342xx/CVE-2023-34257.json) (`2023-05-31T20:15:10.860`)
* [CVE-2023-34258](CVE-2023/CVE-2023-342xx/CVE-2023-34258.json) (`2023-05-31T20:15:10.903`)
* [CVE-2023-3006](CVE-2023/CVE-2023-30xx/CVE-2023-3006.json) (`2023-05-31T20:15:11.127`)
* [CVE-2023-33627](CVE-2023/CVE-2023-336xx/CVE-2023-33627.json) (`2023-05-31T21:15:09.423`)
* [CVE-2023-33628](CVE-2023/CVE-2023-336xx/CVE-2023-33628.json) (`2023-05-31T21:15:09.470`)
* [CVE-2023-33629](CVE-2023/CVE-2023-336xx/CVE-2023-33629.json) (`2023-05-31T21:15:09.520`)
* [CVE-2023-33630](CVE-2023/CVE-2023-336xx/CVE-2023-33630.json) (`2023-05-31T21:15:09.563`)
* [CVE-2023-33631](CVE-2023/CVE-2023-336xx/CVE-2023-33631.json) (`2023-05-31T21:15:09.607`)
* [CVE-2023-33632](CVE-2023/CVE-2023-336xx/CVE-2023-33632.json) (`2023-05-31T21:15:09.650`)
* [CVE-2023-33633](CVE-2023/CVE-2023-336xx/CVE-2023-33633.json) (`2023-05-31T21:15:09.690`)
* [CVE-2023-33634](CVE-2023/CVE-2023-336xx/CVE-2023-33634.json) (`2023-05-31T21:15:09.733`)
* [CVE-2023-33635](CVE-2023/CVE-2023-336xx/CVE-2023-33635.json) (`2023-05-31T21:15:09.780`)
* [CVE-2023-33636](CVE-2023/CVE-2023-336xx/CVE-2023-33636.json) (`2023-05-31T21:15:09.820`)
* [CVE-2023-33637](CVE-2023/CVE-2023-336xx/CVE-2023-33637.json) (`2023-05-31T21:15:09.877`)
* [CVE-2023-33638](CVE-2023/CVE-2023-336xx/CVE-2023-33638.json) (`2023-05-31T21:15:09.923`)
* [CVE-2023-33639](CVE-2023/CVE-2023-336xx/CVE-2023-33639.json) (`2023-05-31T21:15:09.967`)
* [CVE-2023-33640](CVE-2023/CVE-2023-336xx/CVE-2023-33640.json) (`2023-05-31T21:15:10.010`)
* [CVE-2023-33641](CVE-2023/CVE-2023-336xx/CVE-2023-33641.json) (`2023-05-31T21:15:10.050`)
* [CVE-2023-33642](CVE-2023/CVE-2023-336xx/CVE-2023-33642.json) (`2023-05-31T21:15:10.097`)
* [CVE-2023-33643](CVE-2023/CVE-2023-336xx/CVE-2023-33643.json) (`2023-05-31T21:15:10.137`)
### CVEs modified in the last Commit
Recently modified CVEs: `124`
Recently modified CVEs: `17`
* [CVE-2022-35827](CVE-2022/CVE-2022-358xx/CVE-2022-35827.json) (`2023-05-31T19:15:23.163`)
* [CVE-2022-36327](CVE-2022/CVE-2022-363xx/CVE-2022-36327.json) (`2023-05-31T19:15:23.253`)
* [CVE-2022-46812](CVE-2022/CVE-2022-468xx/CVE-2022-46812.json) (`2023-05-31T19:16:40.477`)
* [CVE-2022-46865](CVE-2022/CVE-2022-468xx/CVE-2022-46865.json) (`2023-05-31T19:17:43.610`)
* [CVE-2022-47139](CVE-2022/CVE-2022-471xx/CVE-2022-47139.json) (`2023-05-31T19:22:14.327`)
* [CVE-2022-47138](CVE-2022/CVE-2022-471xx/CVE-2022-47138.json) (`2023-05-31T19:25:50.830`)
* [CVE-2022-0357](CVE-2022/CVE-2022-03xx/CVE-2022-0357.json) (`2023-05-31T19:29:13.683`)
* [CVE-2022-47135](CVE-2022/CVE-2022-471xx/CVE-2022-47135.json) (`2023-05-31T19:30:20.797`)
* [CVE-2022-46866](CVE-2022/CVE-2022-468xx/CVE-2022-46866.json) (`2023-05-31T19:34:00.893`)
* [CVE-2023-31747](CVE-2023/CVE-2023-317xx/CVE-2023-31747.json) (`2023-05-31T18:03:21.437`)
* [CVE-2023-32697](CVE-2023/CVE-2023-326xx/CVE-2023-32697.json) (`2023-05-31T18:10:04.943`)
* [CVE-2023-2500](CVE-2023/CVE-2023-25xx/CVE-2023-2500.json) (`2023-05-31T18:26:16.663`)
* [CVE-2023-32996](CVE-2023/CVE-2023-329xx/CVE-2023-32996.json) (`2023-05-31T18:41:08.840`)
* [CVE-2023-32999](CVE-2023/CVE-2023-329xx/CVE-2023-32999.json) (`2023-05-31T18:46:35.313`)
* [CVE-2023-33000](CVE-2023/CVE-2023-330xx/CVE-2023-33000.json) (`2023-05-31T18:48:52.163`)
* [CVE-2023-1174](CVE-2023/CVE-2023-11xx/CVE-2023-1174.json) (`2023-05-31T19:09:11.500`)
* [CVE-2023-33941](CVE-2023/CVE-2023-339xx/CVE-2023-33941.json) (`2023-05-31T19:11:50.610`)
* [CVE-2023-21665](CVE-2023/CVE-2023-216xx/CVE-2023-21665.json) (`2023-05-31T19:15:23.380`)
* [CVE-2023-21666](CVE-2023/CVE-2023-216xx/CVE-2023-21666.json) (`2023-05-31T19:15:25.217`)
* [CVE-2023-33297](CVE-2023/CVE-2023-332xx/CVE-2023-33297.json) (`2023-05-31T19:15:26.897`)
* [CVE-2023-3018](CVE-2023/CVE-2023-30xx/CVE-2023-3018.json) (`2023-05-31T19:15:27.407`)
* [CVE-2023-2881](CVE-2023/CVE-2023-28xx/CVE-2023-2881.json) (`2023-05-31T19:21:59.860`)
* [CVE-2023-33246](CVE-2023/CVE-2023-332xx/CVE-2023-33246.json) (`2023-05-31T19:23:11.830`)
* [CVE-2023-33938](CVE-2023/CVE-2023-339xx/CVE-2023-33938.json) (`2023-05-31T19:32:37.323`)
* [CVE-2023-2875](CVE-2023/CVE-2023-28xx/CVE-2023-2875.json) (`2023-05-31T19:43:32.370`)
* [CVE-2022-30025](CVE-2022/CVE-2022-300xx/CVE-2022-30025.json) (`2023-05-31T20:57:27.357`)
* [CVE-2023-2874](CVE-2023/CVE-2023-28xx/CVE-2023-2874.json) (`2023-05-31T20:06:14.543`)
* [CVE-2023-2873](CVE-2023/CVE-2023-28xx/CVE-2023-2873.json) (`2023-05-31T20:14:12.547`)
* [CVE-2023-24329](CVE-2023/CVE-2023-243xx/CVE-2023-24329.json) (`2023-05-31T20:15:10.350`)
* [CVE-2023-28625](CVE-2023/CVE-2023-286xx/CVE-2023-28625.json) (`2023-05-31T20:15:10.493`)
* [CVE-2023-33949](CVE-2023/CVE-2023-339xx/CVE-2023-33949.json) (`2023-05-31T20:16:46.520`)
* [CVE-2023-32346](CVE-2023/CVE-2023-323xx/CVE-2023-32346.json) (`2023-05-31T20:17:36.940`)
* [CVE-2023-32347](CVE-2023/CVE-2023-323xx/CVE-2023-32347.json) (`2023-05-31T20:18:22.233`)
* [CVE-2023-2586](CVE-2023/CVE-2023-25xx/CVE-2023-2586.json) (`2023-05-31T20:19:02.373`)
* [CVE-2023-2588](CVE-2023/CVE-2023-25xx/CVE-2023-2588.json) (`2023-05-31T20:19:21.353`)
* [CVE-2023-33950](CVE-2023/CVE-2023-339xx/CVE-2023-33950.json) (`2023-05-31T20:22:30.147`)
* [CVE-2023-2862](CVE-2023/CVE-2023-28xx/CVE-2023-2862.json) (`2023-05-31T20:29:34.837`)
* [CVE-2023-2750](CVE-2023/CVE-2023-27xx/CVE-2023-2750.json) (`2023-05-31T20:29:42.987`)
* [CVE-2023-33940](CVE-2023/CVE-2023-339xx/CVE-2023-33940.json) (`2023-05-31T20:32:27.547`)
* [CVE-2023-33939](CVE-2023/CVE-2023-339xx/CVE-2023-33939.json) (`2023-05-31T20:35:06.760`)
* [CVE-2023-33942](CVE-2023/CVE-2023-339xx/CVE-2023-33942.json) (`2023-05-31T20:38:53.780`)
* [CVE-2023-33943](CVE-2023/CVE-2023-339xx/CVE-2023-33943.json) (`2023-05-31T20:42:51.747`)
## Download and Usage