diff --git a/CVE-2015/CVE-2015-13xx/CVE-2015-1390.json b/CVE-2015/CVE-2015-13xx/CVE-2015-1390.json index 56e215b70f9..2d929da4855 100644 --- a/CVE-2015/CVE-2015-13xx/CVE-2015-1390.json +++ b/CVE-2015/CVE-2015-13xx/CVE-2015-1390.json @@ -2,19 +2,76 @@ "id": "CVE-2015-1390", "sourceIdentifier": "cve@mitre.org", "published": "2023-09-05T18:15:07.797", - "lastModified": "2023-09-05T18:29:49.867", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-08T14:26:50.920", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Aruba AirWave before 8.0.7 allows XSS attacks agsinat an administrator." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:hp:airwave:*:*:*:*:*:*:*:*", + "versionStartIncluding": "8.0.0.0", + "versionEndExcluding": "8.0.7", + "matchCriteriaId": "87381F29-D2F9-4300-BB9F-924197154CE9" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2015-005.txt", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2015/CVE-2015-13xx/CVE-2015-1391.json b/CVE-2015/CVE-2015-13xx/CVE-2015-1391.json index 862b07e5107..eb04b27cc32 100644 --- a/CVE-2015/CVE-2015-13xx/CVE-2015-1391.json +++ b/CVE-2015/CVE-2015-13xx/CVE-2015-1391.json @@ -2,19 +2,76 @@ "id": "CVE-2015-1391", "sourceIdentifier": "cve@mitre.org", "published": "2023-09-05T18:15:07.997", - "lastModified": "2023-09-05T18:29:49.867", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-08T14:26:44.737", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Aruba AirWave before 8.0.7 allows bypass of a CSRF protection mechanism." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:hp:airwave:*:*:*:*:*:*:*:*", + "versionStartIncluding": "8.0.0.0", + "versionEndExcluding": "8.0.7", + "matchCriteriaId": "87381F29-D2F9-4300-BB9F-924197154CE9" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2015-005.txt", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2019/CVE-2019-131xx/CVE-2019-13115.json b/CVE-2019/CVE-2019-131xx/CVE-2019-13115.json index 2e921f85e42..dab2e308f8c 100644 --- a/CVE-2019/CVE-2019-131xx/CVE-2019-13115.json +++ b/CVE-2019/CVE-2019-131xx/CVE-2019-13115.json @@ -2,7 +2,7 @@ "id": "CVE-2019-13115", "sourceIdentifier": "cve@mitre.org", "published": "2019-07-16T18:15:13.287", - "lastModified": "2023-06-12T07:15:11.743", + "lastModified": "2023-09-08T14:15:07.710", "vulnStatus": "Modified", "descriptions": [ { @@ -249,6 +249,10 @@ "Third Party Advisory" ] }, + { + "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00006.html", + "source": "cve@mitre.org" + }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6LUNHPW64IGCASZ4JQ2J5KDXNZN53DWW/", "source": "cve@mitre.org", diff --git a/CVE-2019/CVE-2019-174xx/CVE-2019-17498.json b/CVE-2019/CVE-2019-174xx/CVE-2019-17498.json index 5842ce14b77..533a9890f08 100644 --- a/CVE-2019/CVE-2019-174xx/CVE-2019-17498.json +++ b/CVE-2019/CVE-2019-174xx/CVE-2019-17498.json @@ -2,7 +2,7 @@ "id": "CVE-2019-17498", "sourceIdentifier": "cve@mitre.org", "published": "2019-10-21T22:15:10.523", - "lastModified": "2023-06-12T07:15:12.123", + "lastModified": "2023-09-08T14:15:08.297", "vulnStatus": "Modified", "descriptions": [ { @@ -77,7 +77,6 @@ ], "configurations": [ { - "operator": "AND", "nodes": [ { "operator": "OR", @@ -94,7 +93,6 @@ ] }, { - "operator": "AND", "nodes": [ { "operator": "OR", @@ -115,7 +113,6 @@ ] }, { - "operator": "AND", "nodes": [ { "operator": "OR", @@ -131,7 +128,6 @@ ] }, { - "operator": "AND", "nodes": [ { "operator": "OR", @@ -152,7 +148,6 @@ ] }, { - "operator": "AND", "nodes": [ { "operator": "OR", @@ -275,6 +270,10 @@ "Third Party Advisory" ] }, + { + "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00006.html", + "source": "cve@mitre.org" + }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/22H4Q5XMGS3QNSA7OCL3U7UQZ4NXMR5O/", "source": "cve@mitre.org", diff --git a/CVE-2020/CVE-2020-222xx/CVE-2020-22218.json b/CVE-2020/CVE-2020-222xx/CVE-2020-22218.json index abe3a067dc0..8c3aa561dc9 100644 --- a/CVE-2020/CVE-2020-222xx/CVE-2020-22218.json +++ b/CVE-2020/CVE-2020-222xx/CVE-2020-22218.json @@ -2,8 +2,8 @@ "id": "CVE-2020-22218", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-22T19:16:19.120", - "lastModified": "2023-08-25T17:51:52.637", - "vulnStatus": "Analyzed", + "lastModified": "2023-09-08T14:15:08.557", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -71,6 +71,10 @@ "Issue Tracking", "Patch" ] + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00006.html", + "source": "cve@mitre.org" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-34xx/CVE-2022-3407.json b/CVE-2022/CVE-2022-34xx/CVE-2022-3407.json index cbf1418ef42..5d3e23baef7 100644 --- a/CVE-2022/CVE-2022-34xx/CVE-2022-3407.json +++ b/CVE-2022/CVE-2022-34xx/CVE-2022-3407.json @@ -2,8 +2,8 @@ "id": "CVE-2022-3407", "sourceIdentifier": "psirt@lenovo.com", "published": "2023-09-01T17:15:07.463", - "lastModified": "2023-09-01T21:15:30.513", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-08T14:13:03.517", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "attackVector": "PHYSICAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.7, + "impactScore": 3.6 + }, { "source": "psirt@lenovo.com", "type": "Secondary", @@ -46,10 +66,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:motorola:smartphone_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2022-11-01", + "matchCriteriaId": "0BB355F3-BD13-4DCF-AE42-4D6D4813AC9C" + } + ] + } + ] + } + ], "references": [ { "url": "https://en-us.support.motorola.com/app/answers/detail/a_id/175354", - "source": "psirt@lenovo.com" + "source": "psirt@lenovo.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-279xx/CVE-2023-27950.json b/CVE-2023/CVE-2023-279xx/CVE-2023-27950.json index e8aa65c34cf..ce9163b53f6 100644 --- a/CVE-2023/CVE-2023-279xx/CVE-2023-27950.json +++ b/CVE-2023/CVE-2023-279xx/CVE-2023-27950.json @@ -2,23 +2,85 @@ "id": "CVE-2023-27950", "sourceIdentifier": "product-security@apple.com", "published": "2023-09-06T02:15:08.280", - "lastModified": "2023-09-07T01:10:21.083", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-08T15:48:43.720", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3. Processing an image may result in disclosure of process memory." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", + "versionStartIncluding": "13.0", + "versionEndExcluding": "13.3", + "matchCriteriaId": "A6D636F7-278A-491B-8960-91A4D5A86A96" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.apple.com/en-us/HT213670", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] }, { "url": "https://support.apple.com/kb/HT213670", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-281xx/CVE-2023-28187.json b/CVE-2023/CVE-2023-281xx/CVE-2023-28187.json index 3d2bbbd1907..42e1098a479 100644 --- a/CVE-2023/CVE-2023-281xx/CVE-2023-28187.json +++ b/CVE-2023/CVE-2023-281xx/CVE-2023-28187.json @@ -2,23 +2,85 @@ "id": "CVE-2023-28187", "sourceIdentifier": "product-security@apple.com", "published": "2023-09-06T02:15:08.340", - "lastModified": "2023-09-07T01:10:21.083", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-08T15:51:19.097", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "This issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3. A user may be able to cause a denial-of-service." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", + "versionStartIncluding": "13.0", + "versionEndExcluding": "13.3", + "matchCriteriaId": "A6D636F7-278A-491B-8960-91A4D5A86A96" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.apple.com/en-us/HT213670", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] }, { "url": "https://support.apple.com/kb/HT213670", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-281xx/CVE-2023-28188.json b/CVE-2023/CVE-2023-281xx/CVE-2023-28188.json index 8693f73a6ee..4aad3c9fb8b 100644 --- a/CVE-2023/CVE-2023-281xx/CVE-2023-28188.json +++ b/CVE-2023/CVE-2023-281xx/CVE-2023-28188.json @@ -2,23 +2,85 @@ "id": "CVE-2023-28188", "sourceIdentifier": "product-security@apple.com", "published": "2023-09-06T02:15:08.393", - "lastModified": "2023-09-07T01:10:21.083", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-08T15:51:29.287", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A denial-of-service issue was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3. A remote user may be able to cause a denial-of-service." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-400" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", + "versionStartIncluding": "13.0", + "versionEndExcluding": "13.3", + "matchCriteriaId": "A6D636F7-278A-491B-8960-91A4D5A86A96" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.apple.com/en-us/HT213670", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] }, { "url": "https://support.apple.com/kb/HT213670", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-281xx/CVE-2023-28195.json b/CVE-2023/CVE-2023-281xx/CVE-2023-28195.json index 26e7da5ea97..d4b5e235603 100644 --- a/CVE-2023/CVE-2023-281xx/CVE-2023-28195.json +++ b/CVE-2023/CVE-2023-281xx/CVE-2023-28195.json @@ -2,23 +2,85 @@ "id": "CVE-2023-28195", "sourceIdentifier": "product-security@apple.com", "published": "2023-09-06T02:15:08.447", - "lastModified": "2023-09-07T01:10:21.083", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-08T15:43:22.570", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Ventura 13.3. An app may be able to read sensitive location information." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 3.3, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 1.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", + "versionStartIncluding": "13.0", + "versionEndExcluding": "13.3", + "matchCriteriaId": "A6D636F7-278A-491B-8960-91A4D5A86A96" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.apple.com/en-us/HT213670", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] }, { "url": "https://support.apple.com/kb/HT213670", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-282xx/CVE-2023-28210.json b/CVE-2023/CVE-2023-282xx/CVE-2023-28210.json index fbd2f417252..14f5a1e0774 100644 --- a/CVE-2023/CVE-2023-282xx/CVE-2023-28210.json +++ b/CVE-2023/CVE-2023-282xx/CVE-2023-28210.json @@ -2,23 +2,85 @@ "id": "CVE-2023-28210", "sourceIdentifier": "product-security@apple.com", "published": "2023-09-06T02:15:08.600", - "lastModified": "2023-09-07T01:10:21.083", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-08T15:43:35.903", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-120" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", + "versionStartIncluding": "13.0", + "versionEndExcluding": "13.3", + "matchCriteriaId": "A6D636F7-278A-491B-8960-91A4D5A86A96" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.apple.com/en-us/HT213670", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] }, { "url": "https://support.apple.com/kb/HT213670", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-282xx/CVE-2023-28211.json b/CVE-2023/CVE-2023-282xx/CVE-2023-28211.json index 2a957130641..ae04f847abf 100644 --- a/CVE-2023/CVE-2023-282xx/CVE-2023-28211.json +++ b/CVE-2023/CVE-2023-282xx/CVE-2023-28211.json @@ -2,23 +2,85 @@ "id": "CVE-2023-28211", "sourceIdentifier": "product-security@apple.com", "published": "2023-09-06T02:15:08.653", - "lastModified": "2023-09-07T01:10:21.083", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-08T15:43:43.790", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-120" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", + "versionStartIncluding": "13.0", + "versionEndExcluding": "13.3", + "matchCriteriaId": "A6D636F7-278A-491B-8960-91A4D5A86A96" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.apple.com/en-us/HT213670", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] }, { "url": "https://support.apple.com/kb/HT213670", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-282xx/CVE-2023-28212.json b/CVE-2023/CVE-2023-282xx/CVE-2023-28212.json index 9477d10616a..160636353fd 100644 --- a/CVE-2023/CVE-2023-282xx/CVE-2023-28212.json +++ b/CVE-2023/CVE-2023-282xx/CVE-2023-28212.json @@ -2,23 +2,85 @@ "id": "CVE-2023-28212", "sourceIdentifier": "product-security@apple.com", "published": "2023-09-06T02:15:08.703", - "lastModified": "2023-09-07T01:10:21.083", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-08T15:43:54.463", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-120" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", + "versionStartIncluding": "13.0", + "versionEndExcluding": "13.3", + "matchCriteriaId": "A6D636F7-278A-491B-8960-91A4D5A86A96" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.apple.com/en-us/HT213670", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] }, { "url": "https://support.apple.com/kb/HT213670", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-282xx/CVE-2023-28213.json b/CVE-2023/CVE-2023-282xx/CVE-2023-28213.json index b5d96ad23e5..4b0bb0414bd 100644 --- a/CVE-2023/CVE-2023-282xx/CVE-2023-28213.json +++ b/CVE-2023/CVE-2023-282xx/CVE-2023-28213.json @@ -2,23 +2,85 @@ "id": "CVE-2023-28213", "sourceIdentifier": "product-security@apple.com", "published": "2023-09-06T02:15:08.757", - "lastModified": "2023-09-07T01:10:21.083", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-08T15:44:03.280", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-120" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", + "versionStartIncluding": "13.0", + "versionEndExcluding": "13.3", + "matchCriteriaId": "A6D636F7-278A-491B-8960-91A4D5A86A96" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.apple.com/en-us/HT213670", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] }, { "url": "https://support.apple.com/kb/HT213670", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-282xx/CVE-2023-28214.json b/CVE-2023/CVE-2023-282xx/CVE-2023-28214.json index 6737edf9c56..e2961f128d1 100644 --- a/CVE-2023/CVE-2023-282xx/CVE-2023-28214.json +++ b/CVE-2023/CVE-2023-282xx/CVE-2023-28214.json @@ -2,23 +2,85 @@ "id": "CVE-2023-28214", "sourceIdentifier": "product-security@apple.com", "published": "2023-09-06T02:15:08.807", - "lastModified": "2023-09-07T01:10:21.083", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-08T15:44:10.947", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-120" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", + "versionStartIncluding": "13.0", + "versionEndExcluding": "13.3", + "matchCriteriaId": "A6D636F7-278A-491B-8960-91A4D5A86A96" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.apple.com/en-us/HT213670", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] }, { "url": "https://support.apple.com/kb/HT213670", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-282xx/CVE-2023-28215.json b/CVE-2023/CVE-2023-282xx/CVE-2023-28215.json index 7c4df945ec2..4c16cfbdd4c 100644 --- a/CVE-2023/CVE-2023-282xx/CVE-2023-28215.json +++ b/CVE-2023/CVE-2023-282xx/CVE-2023-28215.json @@ -2,23 +2,85 @@ "id": "CVE-2023-28215", "sourceIdentifier": "product-security@apple.com", "published": "2023-09-06T02:15:08.857", - "lastModified": "2023-09-07T01:10:21.083", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-08T15:44:21.330", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-120" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", + "versionStartIncluding": "13.0", + "versionEndExcluding": "13.3", + "matchCriteriaId": "A6D636F7-278A-491B-8960-91A4D5A86A96" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.apple.com/en-us/HT213670", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] }, { "url": "https://support.apple.com/kb/HT213670", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-291xx/CVE-2023-29166.json b/CVE-2023/CVE-2023-291xx/CVE-2023-29166.json index 8b002a039b3..bbb43f11ffb 100644 --- a/CVE-2023/CVE-2023-291xx/CVE-2023-29166.json +++ b/CVE-2023/CVE-2023-291xx/CVE-2023-29166.json @@ -2,19 +2,76 @@ "id": "CVE-2023-29166", "sourceIdentifier": "product-security@apple.com", "published": "2023-09-06T02:15:08.910", - "lastModified": "2023-09-07T01:10:21.083", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-08T15:44:32.397", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A logic issue was addressed with improved state management. This issue is fixed in Pro Video Formats 2.2.5. A user may be able to elevate privileges." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:apple:pro_video_formats:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.2.5", + "matchCriteriaId": "9B349DFB-B15D-45D6-A443-861C2E308F47" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.apple.com/en-us/HT213882", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-294xx/CVE-2023-29441.json b/CVE-2023/CVE-2023-294xx/CVE-2023-29441.json index 799a5359429..52a482be1d8 100644 --- a/CVE-2023/CVE-2023-294xx/CVE-2023-29441.json +++ b/CVE-2023/CVE-2023-294xx/CVE-2023-29441.json @@ -2,8 +2,8 @@ "id": "CVE-2023-29441", "sourceIdentifier": "audit@patchstack.com", "published": "2023-09-06T08:15:43.077", - "lastModified": "2023-09-07T01:10:21.083", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-08T14:33:55.883", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -36,7 +56,7 @@ }, "weaknesses": [ { - "source": "audit@patchstack.com", + "source": "nvd@nist.gov", "type": "Primary", "description": [ { @@ -44,12 +64,43 @@ "value": "CWE-79" } ] + }, + { + "source": "audit@patchstack.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:deepsoft:weblibrarian:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "3.5.8.1", + "matchCriteriaId": "EBC82B54-448F-4492-AA2E-75511594B949" + } + ] + } + ] } ], "references": [ { "url": "https://patchstack.com/database/vulnerability/weblibrarian/wordpress-weblibrarian-plugin-3-5-8-1-multiple-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-307xx/CVE-2023-30722.json b/CVE-2023/CVE-2023-307xx/CVE-2023-30722.json index 63b044f268d..d7da6412163 100644 --- a/CVE-2023/CVE-2023-307xx/CVE-2023-30722.json +++ b/CVE-2023/CVE-2023-307xx/CVE-2023-30722.json @@ -2,8 +2,8 @@ "id": "CVE-2023-30722", "sourceIdentifier": "mobile.security@samsung.com", "published": "2023-09-06T04:15:15.493", - "lastModified": "2023-09-07T01:10:21.083", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-08T14:33:26.297", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + }, { "source": "mobile.security@samsung.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-Other" + } + ] + }, { "source": "mobile.security@samsung.com", "type": "Secondary", @@ -46,10 +76,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:samsung:blockchain_keystore:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.3.13.5", + "matchCriteriaId": "58D7527A-A43D-41CB-9519-70B03EB7F1EC" + } + ] + } + ] + } + ], "references": [ { "url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=09", - "source": "mobile.security@samsung.com" + "source": "mobile.security@samsung.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-309xx/CVE-2023-30908.json b/CVE-2023/CVE-2023-309xx/CVE-2023-30908.json index c119c9935ac..1b07eca8b6e 100644 --- a/CVE-2023/CVE-2023-309xx/CVE-2023-30908.json +++ b/CVE-2023/CVE-2023-309xx/CVE-2023-30908.json @@ -2,12 +2,12 @@ "id": "CVE-2023-30908", "sourceIdentifier": "security-alert@hpe.com", "published": "2023-09-07T22:15:07.500", - "lastModified": "2023-09-08T12:58:44.673", + "lastModified": "2023-09-08T14:15:10.003", "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", - "value": "Potential security vulnerabilities have been identified in Hewlett Packard Enterprise OneView Software. These vulnerabilities could be remotely exploited to allow authentication bypass, disclosure of sensitive information, and denial of service.\n\n" + "value": "Potential security vulnerability have been identified in Hewlett Packard Enterprise OneView Software. This vulnerability could be remotely exploited to allow authentication bypass, disclosure of sensitive information, and denial of service.\n\n" } ], "metrics": { diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32356.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32356.json index f8a82c7d6a5..88981cdc492 100644 --- a/CVE-2023/CVE-2023-323xx/CVE-2023-32356.json +++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32356.json @@ -2,23 +2,85 @@ "id": "CVE-2023-32356", "sourceIdentifier": "product-security@apple.com", "published": "2023-09-06T02:15:08.967", - "lastModified": "2023-09-07T01:10:21.083", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-08T15:52:10.390", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-120" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", + "versionStartIncluding": "13.0", + "versionEndExcluding": "13.3", + "matchCriteriaId": "A6D636F7-278A-491B-8960-91A4D5A86A96" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.apple.com/en-us/HT213670", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] }, { "url": "https://support.apple.com/kb/HT213670", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32362.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32362.json index 982db689a3e..ba6cf69dab1 100644 --- a/CVE-2023/CVE-2023-323xx/CVE-2023-32362.json +++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32362.json @@ -2,23 +2,85 @@ "id": "CVE-2023-32362", "sourceIdentifier": "product-security@apple.com", "published": "2023-09-06T02:15:09.017", - "lastModified": "2023-09-07T01:10:21.083", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-08T15:51:50.657", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Error handling was changed to not reveal sensitive information. This issue is fixed in macOS Ventura 13.3. A website may be able to track sensitive user information." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", + "versionStartIncluding": "13.0", + "versionEndExcluding": "13.3", + "matchCriteriaId": "A6D636F7-278A-491B-8960-91A4D5A86A96" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.apple.com/en-us/HT213670", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] }, { "url": "https://support.apple.com/kb/HT213670", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32370.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32370.json index 45c568d1a3c..0327cde2cdc 100644 --- a/CVE-2023/CVE-2023-323xx/CVE-2023-32370.json +++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32370.json @@ -2,19 +2,77 @@ "id": "CVE-2023-32370", "sourceIdentifier": "product-security@apple.com", "published": "2023-09-06T02:15:09.070", - "lastModified": "2023-09-07T01:10:21.083", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-08T15:52:01.343", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A logic issue was addressed with improved validation. This issue is fixed in macOS Ventura 13.3. Content Security Policy to block domains with wildcards may fail." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", + "versionStartIncluding": "13.0", + "versionEndExcluding": "13.3", + "matchCriteriaId": "A6D636F7-278A-491B-8960-91A4D5A86A96" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.apple.com/en-us/HT213670", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-323xx/CVE-2023-32379.json b/CVE-2023/CVE-2023-323xx/CVE-2023-32379.json index f9a09463242..92b348f4fcc 100644 --- a/CVE-2023/CVE-2023-323xx/CVE-2023-32379.json +++ b/CVE-2023/CVE-2023-323xx/CVE-2023-32379.json @@ -2,23 +2,85 @@ "id": "CVE-2023-32379", "sourceIdentifier": "product-security@apple.com", "published": "2023-09-06T02:15:09.120", - "lastModified": "2023-09-07T01:10:21.083", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-08T15:29:33.913", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.4. An app may be able to execute arbitrary code with kernel privileges." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-120" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", + "versionStartIncluding": "13.0", + "versionEndExcluding": "13.4", + "matchCriteriaId": "DA07361B-D827-471F-9443-4BE4265D6A3B" + } + ] + } + ] + } + ], "references": [ { "url": "https://support.apple.com/en-us/HT213758", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] }, { "url": "https://support.apple.com/kb/HT213758", - "source": "product-security@apple.com" + "source": "product-security@apple.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-32xx/CVE-2023-3221.json b/CVE-2023/CVE-2023-32xx/CVE-2023-3221.json index 7a1194a4e48..13a22853099 100644 --- a/CVE-2023/CVE-2023-32xx/CVE-2023-3221.json +++ b/CVE-2023/CVE-2023-32xx/CVE-2023-3221.json @@ -2,16 +2,40 @@ "id": "CVE-2023-3221", "sourceIdentifier": "cve-coordination@incibe.es", "published": "2023-09-04T13:15:32.853", - "lastModified": "2023-09-05T06:50:39.603", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-08T14:12:14.190", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "User enumeration vulnerability in Password Recovery plugin 1.2 version for Roundcube, which could allow a remote attacker to create a test script against the password recovery function to enumerate all users in the database." + }, + { + "lang": "es", + "value": "Se ha descubierto una vulnerabilidad de enumeraci\u00f3n de usuarios en el plugin Password Recovery versi\u00f3n 1.2 para Roundcube, que podr\u00eda permitir a un atacante remoto crear un script de prueba contra la funci\u00f3n de recuperaci\u00f3n de contrase\u00f1as para enumerar todos los usuarios de la base de datos. " } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + }, { "source": "cve-coordination@incibe.es", "type": "Secondary", @@ -35,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-203" + } + ] + }, { "source": "cve-coordination@incibe.es", "type": "Secondary", @@ -46,10 +80,30 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:password_recovery_project:password_recovery:1.2:*:*:*:*:roundcube:*:*", + "matchCriteriaId": "5AC9878D-1A6B-46C0-843F-69EF179F85D6" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-roundcube-password-recovery-plugin", - "source": "cve-coordination@incibe.es" + "source": "cve-coordination@incibe.es", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-32xx/CVE-2023-3222.json b/CVE-2023/CVE-2023-32xx/CVE-2023-3222.json index a5c5764a4b6..a0e4cffdc76 100644 --- a/CVE-2023/CVE-2023-32xx/CVE-2023-3222.json +++ b/CVE-2023/CVE-2023-32xx/CVE-2023-3222.json @@ -2,16 +2,40 @@ "id": "CVE-2023-3222", "sourceIdentifier": "cve-coordination@incibe.es", "published": "2023-09-04T13:15:33.987", - "lastModified": "2023-09-05T06:50:39.603", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-08T14:07:29.030", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Vulnerability in the password recovery mechanism of Password Recovery plugin for Roundcube, in its 1.2 version, which could allow a remote attacker to change an existing user\u00b4s password by adding a 6-digit numeric token. An attacker could create an automatic script to test all possible values because the platform has no limit on the number of requests." + }, + { + "lang": "es", + "value": "Se ha descubierto una vulnerabilidad en el mecanismo de recuperaci\u00f3n de contrase\u00f1as del plugin Password Recovery para Roundcube, en su versi\u00f3n 1.2, que podr\u00eda permitir a un atacante remoto cambiar la contrase\u00f1a de un usuario existente a\u00f1adiendo un token num\u00e9rico de 6 d\u00edgitos. Un atacante podr\u00eda crear un script autom\u00e1tico para probar todos los valores posibles, ya que la plataforma no tiene l\u00edmite en el n\u00famero de peticiones. " } ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + }, { "source": "cve-coordination@incibe.es", "type": "Secondary", @@ -35,6 +59,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-640" + } + ] + }, { "source": "cve-coordination@incibe.es", "type": "Secondary", @@ -46,10 +80,30 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:password_recovery_project:password_recovery:1.2:*:*:*:*:roundcube:*:*", + "matchCriteriaId": "5AC9878D-1A6B-46C0-843F-69EF179F85D6" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-roundcube-password-recovery-plugin", - "source": "cve-coordination@incibe.es" + "source": "cve-coordination@incibe.es", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-339xx/CVE-2023-33915.json b/CVE-2023/CVE-2023-339xx/CVE-2023-33915.json index ea92c400ce2..4236c559e40 100644 --- a/CVE-2023/CVE-2023-339xx/CVE-2023-33915.json +++ b/CVE-2023/CVE-2023-339xx/CVE-2023-33915.json @@ -2,19 +2,101 @@ "id": "CVE-2023-33915", "sourceIdentifier": "security@unisoc.com", "published": "2023-09-04T02:15:08.270", - "lastModified": "2023-09-04T03:51:45.317", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-08T14:23:21.900", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "In LTE protocol stack, there is a possible missing permission check. This could lead to remote information disclosure no additional execution privileges needed" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:google:android:11.0:-:*:*:*:*:*:*", + "matchCriteriaId": "F120D280-287A-474F-9DC5-CBBC4B4C7237" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*", + "matchCriteriaId": "FDE05D06-C798-4217-8858-8C5DC2C94751" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t760:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3D965CCA-C963-49E4-ACF0-2A9F458AF470" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t770:-:*:*:*:*:*:*:*", + "matchCriteriaId": "0FFEF06A-E3E0-486F-89CC-D52FF3F26F0B" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:unisoc:t820:-:*:*:*:*:*:*:*", + "matchCriteriaId": "49601008-D3FF-47CC-B961-6FDDFC7A0596" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434", - "source": "security@unisoc.com" + "source": "security@unisoc.com", + "tags": [ + "Broken Link" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-33xx/CVE-2023-3374.json b/CVE-2023/CVE-2023-33xx/CVE-2023-3374.json index cd00273a7e2..4b97f686f06 100644 --- a/CVE-2023/CVE-2023-33xx/CVE-2023-3374.json +++ b/CVE-2023/CVE-2023-33xx/CVE-2023-3374.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3374", "sourceIdentifier": "cve@usom.gov.tr", "published": "2023-09-05T17:15:09.400", - "lastModified": "2023-09-06T08:15:44.193", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-08T14:15:21.053", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -36,8 +36,18 @@ }, "weaknesses": [ { - "source": "cve@usom.gov.tr", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-Other" + } + ] + }, + { + "source": "cve@usom.gov.tr", + "type": "Secondary", "description": [ { "lang": "en", @@ -46,10 +56,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:bookreen:bookreen:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.0.0", + "matchCriteriaId": "CDF29D7D-1B35-4FA0-A73E-5CF3C287C3FE" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.usom.gov.tr/bildirim/tr-23-0489", - "source": "cve@usom.gov.tr" + "source": "cve@usom.gov.tr", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-33xx/CVE-2023-3375.json b/CVE-2023/CVE-2023-33xx/CVE-2023-3375.json index a51b9bc51fd..53ad4c265f1 100644 --- a/CVE-2023/CVE-2023-33xx/CVE-2023-3375.json +++ b/CVE-2023/CVE-2023-33xx/CVE-2023-3375.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3375", "sourceIdentifier": "cve@usom.gov.tr", "published": "2023-09-05T17:15:09.497", - "lastModified": "2023-09-06T08:15:44.287", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-08T14:26:17.933", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -13,8 +13,28 @@ "metrics": { "cvssMetricV31": [ { - "source": "cve@usom.gov.tr", + "source": "nvd@nist.gov", "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.9 + }, + { + "source": "cve@usom.gov.tr", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", @@ -46,10 +66,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:bookreen:bookreen:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.0.0", + "matchCriteriaId": "CDF29D7D-1B35-4FA0-A73E-5CF3C287C3FE" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.usom.gov.tr/bildirim/tr-23-0489", - "source": "cve@usom.gov.tr" + "source": "cve@usom.gov.tr", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-34xx/CVE-2023-3499.json b/CVE-2023/CVE-2023-34xx/CVE-2023-3499.json index 018572e4855..e353fce2400 100644 --- a/CVE-2023/CVE-2023-34xx/CVE-2023-3499.json +++ b/CVE-2023/CVE-2023-34xx/CVE-2023-3499.json @@ -2,15 +2,38 @@ "id": "CVE-2023-3499", "sourceIdentifier": "contact@wpscan.com", "published": "2023-09-04T12:15:09.493", - "lastModified": "2023-09-05T06:50:39.603", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-08T14:01:59.823", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "The Photo Gallery, Images, Slider in Rbs Image Gallery WordPress plugin before 3.2.16 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + } + ] + }, "weaknesses": [ { "source": "contact@wpscan.com", @@ -23,10 +46,32 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:robogallery:robo_gallery:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "3.2.16", + "matchCriteriaId": "AEA1F3F1-BBD6-4525-8AD6-8E9E854307C4" + } + ] + } + ] + } + ], "references": [ { "url": "https://wpscan.com/vulnerability/ea29413b-494e-410e-ae42-42f96284899c", - "source": "contact@wpscan.com" + "source": "contact@wpscan.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-36xx/CVE-2023-3616.json b/CVE-2023/CVE-2023-36xx/CVE-2023-3616.json index 66b25bcab4d..0886530be02 100644 --- a/CVE-2023/CVE-2023-36xx/CVE-2023-3616.json +++ b/CVE-2023/CVE-2023-36xx/CVE-2023-3616.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3616", "sourceIdentifier": "cve@usom.gov.tr", "published": "2023-09-05T18:15:11.150", - "lastModified": "2023-09-05T18:29:49.867", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-08T14:15:50.723", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -13,7 +13,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "cve@usom.gov.tr", + "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "3.1", @@ -31,6 +31,26 @@ }, "exploitabilityScore": 3.9, "impactScore": 5.9 + }, + { + "source": "cve@usom.gov.tr", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 } ] }, @@ -46,10 +66,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mava:hotel_management_system:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.0", + "matchCriteriaId": "F970B6B3-9043-4B71-B5BD-46C931DBF608" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.usom.gov.tr/bildirim/tr-23-0493", - "source": "cve@usom.gov.tr" + "source": "cve@usom.gov.tr", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-383xx/CVE-2023-38387.json b/CVE-2023/CVE-2023-383xx/CVE-2023-38387.json index 8321bb9f460..61d94e9fde9 100644 --- a/CVE-2023/CVE-2023-383xx/CVE-2023-38387.json +++ b/CVE-2023/CVE-2023-383xx/CVE-2023-38387.json @@ -2,8 +2,8 @@ "id": "CVE-2023-38387", "sourceIdentifier": "audit@patchstack.com", "published": "2023-09-03T12:15:41.077", - "lastModified": "2023-09-04T00:06:16.703", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-08T14:39:10.543", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +66,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:elasticemail:elastic_email_sender:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "1.2.6", + "matchCriteriaId": "2C464DAE-D8A1-4767-BDAF-8A971C6AC60E" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/elastic-email-sender/wordpress-elastic-email-sender-plugin-1-2-6-cross-site-scripting-xss?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-384xx/CVE-2023-38476.json b/CVE-2023/CVE-2023-384xx/CVE-2023-38476.json index 07f4e0d997a..6bf8cbe2b55 100644 --- a/CVE-2023/CVE-2023-384xx/CVE-2023-38476.json +++ b/CVE-2023/CVE-2023-384xx/CVE-2023-38476.json @@ -2,8 +2,8 @@ "id": "CVE-2023-38476", "sourceIdentifier": "audit@patchstack.com", "published": "2023-09-03T12:15:42.053", - "lastModified": "2023-09-04T00:06:16.703", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-08T14:40:43.120", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +66,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:suitedash:client_portal_\\:suitedash_direct_login:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "1.7.6", + "matchCriteriaId": "E8586B42-DEBC-452F-944B-284BC2F0518F" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/client-portal-suitedash-login/wordpress-client-portal-suitedash-direct-login-plugin-1-7-3-cross-site-scripting-xss?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-384xx/CVE-2023-38482.json b/CVE-2023/CVE-2023-384xx/CVE-2023-38482.json index 5f666e32a9a..47a72571688 100644 --- a/CVE-2023/CVE-2023-384xx/CVE-2023-38482.json +++ b/CVE-2023/CVE-2023-384xx/CVE-2023-38482.json @@ -2,8 +2,8 @@ "id": "CVE-2023-38482", "sourceIdentifier": "audit@patchstack.com", "published": "2023-09-03T12:15:42.140", - "lastModified": "2023-09-04T00:06:16.703", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-08T14:53:41.653", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +66,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:qualityunit:post_affiliate_pro:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "1.25.0", + "matchCriteriaId": "8F24A65C-39E1-4AFB-9D73-875DB8D20BBB" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/postaffiliatepro/wordpress-post-affiliate-pro-plugin-1-24-9-cross-site-scripting-xss?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-385xx/CVE-2023-38516.json b/CVE-2023/CVE-2023-385xx/CVE-2023-38516.json index abf693fffb3..7c15cffcf98 100644 --- a/CVE-2023/CVE-2023-385xx/CVE-2023-38516.json +++ b/CVE-2023/CVE-2023-385xx/CVE-2023-38516.json @@ -2,8 +2,8 @@ "id": "CVE-2023-38516", "sourceIdentifier": "audit@patchstack.com", "published": "2023-09-03T12:15:42.227", - "lastModified": "2023-09-04T00:06:16.703", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-08T14:59:31.500", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +66,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:essentialplugin:audio_player_with_playlist_ultimate:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "1.2.2", + "matchCriteriaId": "888B52DF-DB43-4356-830A-100AE94F7750" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/audio-player-with-playlist-ultimate/wordpress-audio-player-with-playlist-ultimate-plugin-1-2-2-cross-site-scripting-xss?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-385xx/CVE-2023-38517.json b/CVE-2023/CVE-2023-385xx/CVE-2023-38517.json index 4f6536542c9..a174b9792f7 100644 --- a/CVE-2023/CVE-2023-385xx/CVE-2023-38517.json +++ b/CVE-2023/CVE-2023-385xx/CVE-2023-38517.json @@ -2,8 +2,8 @@ "id": "CVE-2023-38517", "sourceIdentifier": "audit@patchstack.com", "published": "2023-09-03T12:15:42.317", - "lastModified": "2023-09-04T00:06:16.703", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-08T15:07:40.147", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -36,7 +56,7 @@ }, "weaknesses": [ { - "source": "audit@patchstack.com", + "source": "nvd@nist.gov", "type": "Primary", "description": [ { @@ -44,12 +64,43 @@ "value": "CWE-79" } ] + }, + { + "source": "audit@patchstack.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:realwebcare:wrc_pricing_tables:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "2.3.7", + "matchCriteriaId": "9B48C504-E3AD-45B2-8C44-37648FE4CA4E" + } + ] + } + ] } ], "references": [ { "url": "https://patchstack.com/database/vulnerability/wrc-pricing-tables/wordpress-wrc-pricing-tables-plugin-2-3-4-cross-site-scripting-xss?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-396xx/CVE-2023-39676.json b/CVE-2023/CVE-2023-396xx/CVE-2023-39676.json new file mode 100644 index 00000000000..6a8e035e89a --- /dev/null +++ b/CVE-2023/CVE-2023-396xx/CVE-2023-39676.json @@ -0,0 +1,28 @@ +{ + "id": "CVE-2023-39676", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-09-08T14:15:11.293", + "lastModified": "2023-09-08T14:15:11.293", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "SimpleImportProduct Prestashop Module v1.0.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the callback parameter at ajax.php." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://blog.sorcery.ie/posts/fieldpopupnewsletter_xss/", + "source": "cve@mitre.org" + }, + { + "url": "https://sorcery.ie", + "source": "cve@mitre.org" + }, + { + "url": "https://themeforest.net/user/fieldthemes", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-396xx/CVE-2023-39681.json b/CVE-2023/CVE-2023-396xx/CVE-2023-39681.json index 0cd847b2bec..02ee7ec0535 100644 --- a/CVE-2023/CVE-2023-396xx/CVE-2023-39681.json +++ b/CVE-2023/CVE-2023-396xx/CVE-2023-39681.json @@ -2,19 +2,79 @@ "id": "CVE-2023-39681", "sourceIdentifier": "cve@mitre.org", "published": "2023-09-05T18:15:11.027", - "lastModified": "2023-09-05T18:29:49.867", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-08T14:16:00.450", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Cuppa CMS v1.0 was discovered to contain a remote code execution (RCE) vulnerability via the email_outgoing parameter at /Configuration.php. This vulnerability is triggered via a crafted payload." + }, + { + "lang": "es", + "value": "Se descubri\u00f3 que Cuppa CMS v1.0 contiene una vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo (RCE) a trav\u00e9s del par\u00e1metro \"email_outgoing parameter at /Configuration.php\". Esta vulnerabilidad se activa a trav\u00e9s de un payload manipulado. " + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-94" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:cuppacms:cuppacms:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "983E1279-93C7-47D9-9AC8-EFB6D57B92E7" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://github.com/yanbochen97/CuppaCMS_RCE", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-399xx/CVE-2023-39983.json b/CVE-2023/CVE-2023-399xx/CVE-2023-39983.json index 26280cb68a5..30c68f62e19 100644 --- a/CVE-2023/CVE-2023-399xx/CVE-2023-39983.json +++ b/CVE-2023/CVE-2023-399xx/CVE-2023-39983.json @@ -2,8 +2,8 @@ "id": "CVE-2023-39983", "sourceIdentifier": "psirt@moxa.com", "published": "2023-09-02T13:15:45.427", - "lastModified": "2023-09-04T00:06:16.703", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-08T14:22:27.980", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + }, { "source": "psirt@moxa.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-913" + } + ] + }, { "source": "psirt@moxa.com", "type": "Secondary", @@ -46,10 +76,32 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:moxa:mxsecurity:*:*:*:*:*:*:*:*", + "versionEndIncluding": "1.0.1", + "matchCriteriaId": "0ED6F989-0F7D-46CC-BCEC-91E50F1B42AC" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-230403-mxsecurity-series-multiple-vulnerabilities", - "source": "psirt@moxa.com" + "source": "psirt@moxa.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-399xx/CVE-2023-39991.json b/CVE-2023/CVE-2023-399xx/CVE-2023-39991.json index 401927f62e2..c0356800699 100644 --- a/CVE-2023/CVE-2023-399xx/CVE-2023-39991.json +++ b/CVE-2023/CVE-2023-399xx/CVE-2023-39991.json @@ -2,8 +2,8 @@ "id": "CVE-2023-39991", "sourceIdentifier": "audit@patchstack.com", "published": "2023-09-04T11:15:40.933", - "lastModified": "2023-09-05T06:50:39.603", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-08T14:05:34.107", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -36,7 +56,7 @@ }, "weaknesses": [ { - "source": "audit@patchstack.com", + "source": "nvd@nist.gov", "type": "Primary", "description": [ { @@ -44,12 +64,63 @@ "value": "CWE-79" } ] + }, + { + "source": "audit@patchstack.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:blindsidenetworks:bigbluebutton:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "3.0.0", + "matchCriteriaId": "0F2E0415-2A61-47D3-A093-DA000BE271D0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:blindsidenetworks:bigbluebutton:3.0.0:beta1:*:*:*:wordpress:*:*", + "matchCriteriaId": "A318CF14-A9CD-44FF-8D96-E5EA46C94A86" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:blindsidenetworks:bigbluebutton:3.0.0:beta2:*:*:*:wordpress:*:*", + "matchCriteriaId": "A571F96D-8435-4404-94C2-E755E64803BD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:blindsidenetworks:bigbluebutton:3.0.0:beta3:*:*:*:wordpress:*:*", + "matchCriteriaId": "2CB5CD5B-A00A-4D9F-B008-3BBD05836B81" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:blindsidenetworks:bigbluebutton:3.0.0:beta4:*:*:*:wordpress:*:*", + "matchCriteriaId": "1E8C6565-6A53-46FA-BCF4-C73820651D0F" + } + ] + } + ] } ], "references": [ { "url": "https://patchstack.com/database/vulnerability/bigbluebutton/wordpress-bigbluebutton-plugin-3-0-0-beta-4-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-409xx/CVE-2023-40918.json b/CVE-2023/CVE-2023-409xx/CVE-2023-40918.json index 37ab71def39..4102d6e5066 100644 --- a/CVE-2023/CVE-2023-409xx/CVE-2023-40918.json +++ b/CVE-2023/CVE-2023-409xx/CVE-2023-40918.json @@ -2,19 +2,80 @@ "id": "CVE-2023-40918", "sourceIdentifier": "cve@mitre.org", "published": "2023-09-05T18:15:11.317", - "lastModified": "2023-09-05T18:29:49.867", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-08T14:26:06.590", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "KnowStreaming 3.3.0 is vulnerable to Escalation of Privileges. Unauthorized users can create a new user with an admin role." + }, + { + "lang": "es", + "value": "KnowStreaming v3.3.0 es vulnerable a la escalada de privilegios. Los usuarios no autorizados pueden crear un nuevo usuario con un rol de administrador. " + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-269" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:knowstreaming_project:knowstreaming:3.3.0:*:*:*:*:*:*:*", + "matchCriteriaId": "E4F7FED8-1125-4851-AC50-8EAC3290E77C" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://github.com/didi/KnowStreaming/issues/1128", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-410xx/CVE-2023-41037.json b/CVE-2023/CVE-2023-410xx/CVE-2023-41037.json index 7187654a744..49f89cd030d 100644 --- a/CVE-2023/CVE-2023-410xx/CVE-2023-41037.json +++ b/CVE-2023/CVE-2023-410xx/CVE-2023-41037.json @@ -2,8 +2,8 @@ "id": "CVE-2023-41037", "sourceIdentifier": "security-advisories@github.com", "published": "2023-08-29T17:15:13.003", - "lastModified": "2023-08-29T18:14:25.027", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-08T14:01:40.800", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + }, { "source": "security-advisories@github.com", "type": "Secondary", @@ -46,14 +66,46 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:openpgpjs:openpgpjs:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.10.11", + "matchCriteriaId": "EE3685F7-C06B-487D-8D10-E192DC1D1589" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:openpgpjs:openpgpjs:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.0.0", + "versionEndExcluding": "5.10.0", + "matchCriteriaId": "FF849E0F-852A-48C8-8F9B-15DFE8DD0EBB" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/openpgpjs/openpgpjs/commit/6b43e02a254853f5ff508ebd1b07541f78b7c566", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/openpgpjs/openpgpjs/security/advisories/GHSA-ch3c-v47x-4pgp", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Exploit", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-410xx/CVE-2023-41052.json b/CVE-2023/CVE-2023-410xx/CVE-2023-41052.json index 835dfcefcb5..ce2580cc011 100644 --- a/CVE-2023/CVE-2023-410xx/CVE-2023-41052.json +++ b/CVE-2023/CVE-2023-410xx/CVE-2023-41052.json @@ -2,8 +2,8 @@ "id": "CVE-2023-41052", "sourceIdentifier": "security-advisories@github.com", "published": "2023-09-04T18:15:08.657", - "lastModified": "2023-09-05T06:50:39.603", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-08T14:08:27.387", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + }, { "source": "security-advisories@github.com", "type": "Secondary", @@ -36,7 +56,7 @@ }, "weaknesses": [ { - "source": "security-advisories@github.com", + "source": "nvd@nist.gov", "type": "Primary", "description": [ { @@ -44,16 +64,52 @@ "value": "CWE-670" } ] + }, + { + "source": "security-advisories@github.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-670" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:vyperlang:vyper:*:*:*:*:*:python:*:*", + "versionEndIncluding": "0.3.9", + "matchCriteriaId": "56FB25B4-6446-4B4B-87AA-D4368B4B8685" + } + ] + } + ] } ], "references": [ { "url": "https://github.com/vyperlang/vyper/pull/3583", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/vyperlang/vyper/security/advisories/GHSA-4hg4-9mf5-wxxq", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Exploit", + "Patch", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-410xx/CVE-2023-41055.json b/CVE-2023/CVE-2023-410xx/CVE-2023-41055.json index ebe5fec939f..f4964775dbe 100644 --- a/CVE-2023/CVE-2023-410xx/CVE-2023-41055.json +++ b/CVE-2023/CVE-2023-410xx/CVE-2023-41055.json @@ -2,8 +2,8 @@ "id": "CVE-2023-41055", "sourceIdentifier": "security-advisories@github.com", "published": "2023-09-04T18:15:09.203", - "lastModified": "2023-09-05T06:50:39.603", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-08T14:09:38.550", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + }, { "source": "security-advisories@github.com", "type": "Secondary", @@ -46,14 +66,40 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ahwx:librey:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023-08-17", + "matchCriteriaId": "C84208E2-25ED-4435-A72C-95619190D677" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/Ahwxorg/LibreY/pull/9", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/Ahwxorg/LibreY/security/advisories/GHSA-xfj6-4vp9-8rgc", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Exploit", + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-419xx/CVE-2023-41908.json b/CVE-2023/CVE-2023-419xx/CVE-2023-41908.json index e2404e9b3c7..81cea9fc330 100644 --- a/CVE-2023/CVE-2023-419xx/CVE-2023-41908.json +++ b/CVE-2023/CVE-2023-419xx/CVE-2023-41908.json @@ -2,23 +2,82 @@ "id": "CVE-2023-41908", "sourceIdentifier": "cve@mitre.org", "published": "2023-09-05T07:15:14.810", - "lastModified": "2023-09-05T12:54:46.447", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-08T14:26:28.263", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Cerebrate before 1.15 lacks the Secure attribute for the session cookie." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:cerebrate-project:cerebrate:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.15", + "matchCriteriaId": "DE11F1CF-0968-4E5C-B646-1F5C2BCB9B1E" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/cerebrate-project/cerebrate/commit/9be81055651649658243b5aa274b175064bfc6db", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/cerebrate-project/cerebrate/compare/v1.14...v1.15", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-46xx/CVE-2023-4613.json b/CVE-2023/CVE-2023-46xx/CVE-2023-4613.json index 7dbbc1f2833..2ea634c2da7 100644 --- a/CVE-2023/CVE-2023-46xx/CVE-2023-4613.json +++ b/CVE-2023/CVE-2023-46xx/CVE-2023-4613.json @@ -2,8 +2,8 @@ "id": "CVE-2023-4613", "sourceIdentifier": "product.security@lge.com", "published": "2023-09-04T09:15:07.510", - "lastModified": "2023-09-05T06:50:39.603", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-08T14:14:54.583", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "product.security@lge.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + }, { "source": "product.security@lge.com", "type": "Secondary", @@ -46,14 +76,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:lg:lg_led_assistant:2.1.45:*:*:*:*:*:*:*", + "matchCriteriaId": "01BF17A2-A252-43A4-867B-64380FFC9A92" + } + ] + } + ] + } + ], "references": [ { "url": "https://lgsecurity.lge.com/bulletins/idproducts#updateDetails", - "source": "product.security@lge.com" + "source": "product.security@lge.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1221/", - "source": "product.security@lge.com" + "source": "product.security@lge.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-46xx/CVE-2023-4614.json b/CVE-2023/CVE-2023-46xx/CVE-2023-4614.json index ca4f22720c4..de5402ef1a2 100644 --- a/CVE-2023/CVE-2023-46xx/CVE-2023-4614.json +++ b/CVE-2023/CVE-2023-46xx/CVE-2023-4614.json @@ -2,8 +2,8 @@ "id": "CVE-2023-4614", "sourceIdentifier": "product.security@lge.com", "published": "2023-09-04T11:15:41.560", - "lastModified": "2023-09-05T06:50:39.603", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-08T14:14:50.043", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "product.security@lge.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + }, { "source": "product.security@lge.com", "type": "Secondary", @@ -46,14 +76,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:lg:lg_led_assistant:2.1.45:*:*:*:*:*:*:*", + "matchCriteriaId": "01BF17A2-A252-43A4-867B-64380FFC9A92" + } + ] + } + ] + } + ], "references": [ { "url": "https://lgsecurity.lge.com/bulletins/idproducts#updateDetails", - "source": "product.security@lge.com" + "source": "product.security@lge.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1222/", - "source": "product.security@lge.com" + "source": "product.security@lge.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-46xx/CVE-2023-4615.json b/CVE-2023/CVE-2023-46xx/CVE-2023-4615.json index f864129b40c..1b4e54a4d09 100644 --- a/CVE-2023/CVE-2023-46xx/CVE-2023-4615.json +++ b/CVE-2023/CVE-2023-46xx/CVE-2023-4615.json @@ -2,8 +2,8 @@ "id": "CVE-2023-4615", "sourceIdentifier": "product.security@lge.com", "published": "2023-09-04T11:15:41.657", - "lastModified": "2023-09-05T06:50:39.603", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-08T14:14:45.633", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + }, { "source": "product.security@lge.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + }, { "source": "product.security@lge.com", "type": "Secondary", @@ -46,14 +76,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:lg:lg_led_assistant:2.1.45:*:*:*:*:*:*:*", + "matchCriteriaId": "01BF17A2-A252-43A4-867B-64380FFC9A92" + } + ] + } + ] + } + ], "references": [ { "url": "https://lgsecurity.lge.com/bulletins/idproducts#updateDetails", - "source": "product.security@lge.com" + "source": "product.security@lge.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1224/", - "source": "product.security@lge.com" + "source": "product.security@lge.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-46xx/CVE-2023-4616.json b/CVE-2023/CVE-2023-46xx/CVE-2023-4616.json index aeb0c7375eb..54c67f05506 100644 --- a/CVE-2023/CVE-2023-46xx/CVE-2023-4616.json +++ b/CVE-2023/CVE-2023-46xx/CVE-2023-4616.json @@ -2,8 +2,8 @@ "id": "CVE-2023-4616", "sourceIdentifier": "product.security@lge.com", "published": "2023-09-04T11:15:41.747", - "lastModified": "2023-09-05T06:50:39.603", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-08T14:14:22.880", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + }, { "source": "product.security@lge.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + }, { "source": "product.security@lge.com", "type": "Secondary", @@ -46,14 +76,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:lg:lg_led_assistant:2.1.45:*:*:*:*:*:*:*", + "matchCriteriaId": "01BF17A2-A252-43A4-867B-64380FFC9A92" + } + ] + } + ] + } + ], "references": [ { "url": "https://lgsecurity.lge.com/bulletins/idproducts#updateDetails", - "source": "product.security@lge.com" + "source": "product.security@lge.com", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1223/", - "source": "product.security@lge.com" + "source": "product.security@lge.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-47xx/CVE-2023-4733.json b/CVE-2023/CVE-2023-47xx/CVE-2023-4733.json index 3a6bb4803d7..60baa869ae8 100644 --- a/CVE-2023/CVE-2023-47xx/CVE-2023-4733.json +++ b/CVE-2023/CVE-2023-47xx/CVE-2023-4733.json @@ -2,8 +2,8 @@ "id": "CVE-2023-4733", "sourceIdentifier": "security@huntr.dev", "published": "2023-09-04T14:15:07.563", - "lastModified": "2023-09-07T03:15:08.517", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2023-09-08T14:06:13.627", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "security@huntr.dev", @@ -46,18 +68,62 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:vim:vim:*:*:*:*:*:*:*:*", + "versionEndExcluding": "9.0.1840", + "matchCriteriaId": "3665420B-1EB9-4491-903B-1822D5FD0E8A" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*", + "matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/vim/vim/commit/e1dc9a627536304bc4f738c21e909ad9fcf3974c", - "source": "security@huntr.dev" + "source": "security@huntr.dev", + "tags": [ + "Patch" + ] }, { "url": "https://huntr.dev/bounties/1ce1fd8c-050a-4373-8004-b35b61590217", - "source": "security@huntr.dev" + "source": "security@huntr.dev", + "tags": [ + "Exploit", + "Patch", + "Third Party Advisory" + ] }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ITRVK4FB74RZDIGTZJXOZMUW6X6F4TNF/", - "source": "security@huntr.dev" + "source": "security@huntr.dev", + "tags": [ + "Mailing List" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-47xx/CVE-2023-4734.json b/CVE-2023/CVE-2023-47xx/CVE-2023-4734.json index 70201856b23..41f70f649ef 100644 --- a/CVE-2023/CVE-2023-47xx/CVE-2023-4734.json +++ b/CVE-2023/CVE-2023-47xx/CVE-2023-4734.json @@ -2,8 +2,8 @@ "id": "CVE-2023-4734", "sourceIdentifier": "security@huntr.dev", "published": "2023-09-02T18:15:17.127", - "lastModified": "2023-09-04T00:06:16.703", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-08T15:22:57.160", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "security@huntr.dev", @@ -46,14 +68,40 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:vim:vim:*:*:*:*:*:*:*:*", + "versionEndExcluding": "9.0.1846", + "matchCriteriaId": "CD174B25-7E00-4526-BFAB-ABD283C72975" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/vim/vim/commit/4c6fe2e2ea62469642ed1d80b16d39e616b25cf5", - "source": "security@huntr.dev" + "source": "security@huntr.dev", + "tags": [ + "Patch" + ] }, { "url": "https://huntr.dev/bounties/688e4382-d2b6-439a-a54e-484780f82217", - "source": "security@huntr.dev" + "source": "security@huntr.dev", + "tags": [ + "Exploit", + "Patch", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-47xx/CVE-2023-4735.json b/CVE-2023/CVE-2023-47xx/CVE-2023-4735.json index d4fae9937d4..6af6da112b3 100644 --- a/CVE-2023/CVE-2023-47xx/CVE-2023-4735.json +++ b/CVE-2023/CVE-2023-47xx/CVE-2023-4735.json @@ -2,8 +2,8 @@ "id": "CVE-2023-4735", "sourceIdentifier": "security@huntr.dev", "published": "2023-09-02T18:15:20.637", - "lastModified": "2023-09-04T00:06:16.703", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-08T15:28:23.527", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "security@huntr.dev", @@ -46,14 +68,40 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:vim:vim:*:*:*:*:*:*:*:*", + "versionEndExcluding": "9.0.1847", + "matchCriteriaId": "C575EAB5-D4CF-4D7A-A401-71646E52859A" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/vim/vim/commit/889f6af37164775192e33b233a90e86fd3df0f57", - "source": "security@huntr.dev" + "source": "security@huntr.dev", + "tags": [ + "Patch" + ] }, { "url": "https://huntr.dev/bounties/fc83bde3-f621-42bd-aecb-8c1ae44cba51", - "source": "security@huntr.dev" + "source": "security@huntr.dev", + "tags": [ + "Exploit", + "Patch", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-47xx/CVE-2023-4738.json b/CVE-2023/CVE-2023-47xx/CVE-2023-4738.json index 9f0008a9eff..9d5cafb59c2 100644 --- a/CVE-2023/CVE-2023-47xx/CVE-2023-4738.json +++ b/CVE-2023/CVE-2023-47xx/CVE-2023-4738.json @@ -2,8 +2,8 @@ "id": "CVE-2023-4738", "sourceIdentifier": "security@huntr.dev", "published": "2023-09-02T20:15:07.413", - "lastModified": "2023-09-04T00:06:16.703", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-08T14:46:27.187", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "security@huntr.dev", @@ -46,14 +68,40 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:vim:vim:*:*:*:*:*:*:*:*", + "versionEndExcluding": "9.0.1848", + "matchCriteriaId": "D21B674E-FE7C-4CB1-A184-E199A2515CF0" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/vim/vim/commit/ced2c7394aafdc90fb7845e09b3a3fee23d48cb1", - "source": "security@huntr.dev" + "source": "security@huntr.dev", + "tags": [ + "Patch" + ] }, { "url": "https://huntr.dev/bounties/9fc7dced-a7bb-4479-9718-f956df20f612", - "source": "security@huntr.dev" + "source": "security@huntr.dev", + "tags": [ + "Exploit", + "Patch", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-47xx/CVE-2023-4761.json b/CVE-2023/CVE-2023-47xx/CVE-2023-4761.json index cdeff2f9665..c31d4ede409 100644 --- a/CVE-2023/CVE-2023-47xx/CVE-2023-4761.json +++ b/CVE-2023/CVE-2023-47xx/CVE-2023-4761.json @@ -2,27 +2,110 @@ "id": "CVE-2023-4761", "sourceIdentifier": "chrome-cve-admin@google.com", "published": "2023-09-05T22:15:09.583", - "lastModified": "2023-09-08T04:15:10.137", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2023-09-08T15:45:15.787", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Out of bounds memory access in FedCM in Google Chrome prior to 116.0.5845.179 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High)" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 8.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.2 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", + "versionEndExcluding": "116.0.5845.179", + "matchCriteriaId": "8DA933DC-9C49-43BA-B462-A3DBFF8387F2" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", + "matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*", + "matchCriteriaId": "46D69DCC-AE4D-4EA5-861C-D60951444C6C" + } + ] + } + ] + } + ], "references": [ { "url": "https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop.html", - "source": "chrome-cve-admin@google.com" + "source": "chrome-cve-admin@google.com", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] }, { "url": "https://crbug.com/1476403", - "source": "chrome-cve-admin@google.com" + "source": "chrome-cve-admin@google.com", + "tags": [ + "Permissions Required" + ] }, { "url": "https://www.debian.org/security/2023/dsa-5491", - "source": "chrome-cve-admin@google.com" + "source": "chrome-cve-admin@google.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-47xx/CVE-2023-4781.json b/CVE-2023/CVE-2023-47xx/CVE-2023-4781.json index 36fd7205305..7305a02b32d 100644 --- a/CVE-2023/CVE-2023-47xx/CVE-2023-4781.json +++ b/CVE-2023/CVE-2023-47xx/CVE-2023-4781.json @@ -2,8 +2,8 @@ "id": "CVE-2023-4781", "sourceIdentifier": "security@huntr.dev", "published": "2023-09-05T19:15:49.207", - "lastModified": "2023-09-07T01:10:21.083", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-09-08T14:15:32.177", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "security@huntr.dev", @@ -46,14 +68,40 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:vim:vim:*:*:*:*:*:*:*:*", + "versionEndExcluding": "9.0.1873", + "matchCriteriaId": "804D6AB3-048C-483C-B38A-48A8A9104D3A" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/vim/vim/commit/f6d28fe2c95c678cc3202cc5dc825a3fcc709e93", - "source": "security@huntr.dev" + "source": "security@huntr.dev", + "tags": [ + "Patch" + ] }, { "url": "https://huntr.dev/bounties/c867eb0a-aa8b-4946-a621-510350673883", - "source": "security@huntr.dev" + "source": "security@huntr.dev", + "tags": [ + "Exploit", + "Patch", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-48xx/CVE-2023-4807.json b/CVE-2023/CVE-2023-48xx/CVE-2023-4807.json index cdf0a33be31..04076cadd47 100644 --- a/CVE-2023/CVE-2023-48xx/CVE-2023-4807.json +++ b/CVE-2023/CVE-2023-48xx/CVE-2023-4807.json @@ -2,7 +2,7 @@ "id": "CVE-2023-4807", "sourceIdentifier": "openssl-security@openssl.org", "published": "2023-09-08T12:15:08.043", - "lastModified": "2023-09-08T12:58:39.247", + "lastModified": "2023-09-08T15:15:32.203", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -12,6 +12,10 @@ ], "metrics": {}, "references": [ + { + "url": "http://www.openwall.com/lists/oss-security/2023/09/08/1", + "source": "openssl-security@openssl.org" + }, { "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=4bfac4471f53c4f74c8d81020beb938f92d84ca5", "source": "openssl-security@openssl.org" diff --git a/README.md b/README.md index 038c12b7a32..b148d2d8bc7 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-09-08T14:00:25.474966+00:00 +2023-09-08T16:00:25.175102+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-09-08T13:59:58.123000+00:00 +2023-09-08T15:52:10.390000+00:00 ``` ### Last Data Feed Release @@ -29,48 +29,45 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -224511 +224512 ``` ### CVEs added in the last Commit -Recently added CVEs: `4` +Recently added CVEs: `1` -* [CVE-2023-4807](CVE-2023/CVE-2023-48xx/CVE-2023-4807.json) (`2023-09-08T12:15:08.043`) -* [CVE-2023-39076](CVE-2023/CVE-2023-390xx/CVE-2023-39076.json) (`2023-09-08T13:15:07.827`) -* [CVE-2023-39584](CVE-2023/CVE-2023-395xx/CVE-2023-39584.json) (`2023-09-08T13:15:07.990`) -* [CVE-2023-40924](CVE-2023/CVE-2023-409xx/CVE-2023-40924.json) (`2023-09-08T13:15:08.127`) +* [CVE-2023-39676](CVE-2023/CVE-2023-396xx/CVE-2023-39676.json) (`2023-09-08T14:15:11.293`) ### CVEs modified in the last Commit -Recently modified CVEs: `41` +Recently modified CVEs: `55` -* [CVE-2023-40353](CVE-2023/CVE-2023-403xx/CVE-2023-40353.json) (`2023-09-08T12:58:39.247`) -* [CVE-2023-40953](CVE-2023/CVE-2023-409xx/CVE-2023-40953.json) (`2023-09-08T12:58:39.247`) -* [CVE-2023-41594](CVE-2023/CVE-2023-415xx/CVE-2023-41594.json) (`2023-09-08T12:58:39.247`) -* [CVE-2023-41615](CVE-2023/CVE-2023-416xx/CVE-2023-41615.json) (`2023-09-08T12:58:39.247`) -* [CVE-2023-32470](CVE-2023/CVE-2023-324xx/CVE-2023-32470.json) (`2023-09-08T12:58:39.247`) -* [CVE-2023-34041](CVE-2023/CVE-2023-340xx/CVE-2023-34041.json) (`2023-09-08T12:58:39.247`) -* [CVE-2023-41775](CVE-2023/CVE-2023-417xx/CVE-2023-41775.json) (`2023-09-08T12:58:39.247`) -* [CVE-2023-4777](CVE-2023/CVE-2023-47xx/CVE-2023-4777.json) (`2023-09-08T12:58:39.247`) -* [CVE-2023-30908](CVE-2023/CVE-2023-309xx/CVE-2023-30908.json) (`2023-09-08T12:58:44.673`) -* [CVE-2023-41161](CVE-2023/CVE-2023-411xx/CVE-2023-41161.json) (`2023-09-08T12:58:44.673`) -* [CVE-2023-41646](CVE-2023/CVE-2023-416xx/CVE-2023-41646.json) (`2023-09-08T12:58:44.673`) -* [CVE-2023-40029](CVE-2023/CVE-2023-400xx/CVE-2023-40029.json) (`2023-09-08T12:58:44.673`) -* [CVE-2023-40584](CVE-2023/CVE-2023-405xx/CVE-2023-40584.json) (`2023-09-08T12:58:44.673`) -* [CVE-2023-38836](CVE-2023/CVE-2023-388xx/CVE-2023-38836.json) (`2023-09-08T13:15:07.563`) -* [CVE-2023-39982](CVE-2023/CVE-2023-399xx/CVE-2023-39982.json) (`2023-09-08T13:23:36.153`) -* [CVE-2023-4752](CVE-2023/CVE-2023-47xx/CVE-2023-4752.json) (`2023-09-08T13:24:52.210`) -* [CVE-2023-41054](CVE-2023/CVE-2023-410xx/CVE-2023-41054.json) (`2023-09-08T13:39:44.417`) -* [CVE-2023-4740](CVE-2023/CVE-2023-47xx/CVE-2023-4740.json) (`2023-09-08T13:51:18.927`) -* [CVE-2023-4742](CVE-2023/CVE-2023-47xx/CVE-2023-4742.json) (`2023-09-08T13:54:08.653`) -* [CVE-2023-4741](CVE-2023/CVE-2023-47xx/CVE-2023-4741.json) (`2023-09-08T13:54:42.737`) -* [CVE-2023-41266](CVE-2023/CVE-2023-412xx/CVE-2023-41266.json) (`2023-09-08T13:57:32.727`) -* [CVE-2023-40015](CVE-2023/CVE-2023-400xx/CVE-2023-40015.json) (`2023-09-08T13:58:23.860`) -* [CVE-2023-28072](CVE-2023/CVE-2023-280xx/CVE-2023-28072.json) (`2023-09-08T13:58:40.990`) -* [CVE-2023-4750](CVE-2023/CVE-2023-47xx/CVE-2023-4750.json) (`2023-09-08T13:59:22.443`) -* [CVE-2023-41265](CVE-2023/CVE-2023-412xx/CVE-2023-41265.json) (`2023-09-08T13:59:58.123`) +* [CVE-2023-38387](CVE-2023/CVE-2023-383xx/CVE-2023-38387.json) (`2023-09-08T14:39:10.543`) +* [CVE-2023-38476](CVE-2023/CVE-2023-384xx/CVE-2023-38476.json) (`2023-09-08T14:40:43.120`) +* [CVE-2023-4738](CVE-2023/CVE-2023-47xx/CVE-2023-4738.json) (`2023-09-08T14:46:27.187`) +* [CVE-2023-38482](CVE-2023/CVE-2023-384xx/CVE-2023-38482.json) (`2023-09-08T14:53:41.653`) +* [CVE-2023-38516](CVE-2023/CVE-2023-385xx/CVE-2023-38516.json) (`2023-09-08T14:59:31.500`) +* [CVE-2023-38517](CVE-2023/CVE-2023-385xx/CVE-2023-38517.json) (`2023-09-08T15:07:40.147`) +* [CVE-2023-4807](CVE-2023/CVE-2023-48xx/CVE-2023-4807.json) (`2023-09-08T15:15:32.203`) +* [CVE-2023-4734](CVE-2023/CVE-2023-47xx/CVE-2023-4734.json) (`2023-09-08T15:22:57.160`) +* [CVE-2023-4735](CVE-2023/CVE-2023-47xx/CVE-2023-4735.json) (`2023-09-08T15:28:23.527`) +* [CVE-2023-32379](CVE-2023/CVE-2023-323xx/CVE-2023-32379.json) (`2023-09-08T15:29:33.913`) +* [CVE-2023-28195](CVE-2023/CVE-2023-281xx/CVE-2023-28195.json) (`2023-09-08T15:43:22.570`) +* [CVE-2023-28210](CVE-2023/CVE-2023-282xx/CVE-2023-28210.json) (`2023-09-08T15:43:35.903`) +* [CVE-2023-28211](CVE-2023/CVE-2023-282xx/CVE-2023-28211.json) (`2023-09-08T15:43:43.790`) +* [CVE-2023-28212](CVE-2023/CVE-2023-282xx/CVE-2023-28212.json) (`2023-09-08T15:43:54.463`) +* [CVE-2023-28213](CVE-2023/CVE-2023-282xx/CVE-2023-28213.json) (`2023-09-08T15:44:03.280`) +* [CVE-2023-28214](CVE-2023/CVE-2023-282xx/CVE-2023-28214.json) (`2023-09-08T15:44:10.947`) +* [CVE-2023-28215](CVE-2023/CVE-2023-282xx/CVE-2023-28215.json) (`2023-09-08T15:44:21.330`) +* [CVE-2023-29166](CVE-2023/CVE-2023-291xx/CVE-2023-29166.json) (`2023-09-08T15:44:32.397`) +* [CVE-2023-4761](CVE-2023/CVE-2023-47xx/CVE-2023-4761.json) (`2023-09-08T15:45:15.787`) +* [CVE-2023-27950](CVE-2023/CVE-2023-279xx/CVE-2023-27950.json) (`2023-09-08T15:48:43.720`) +* [CVE-2023-28187](CVE-2023/CVE-2023-281xx/CVE-2023-28187.json) (`2023-09-08T15:51:19.097`) +* [CVE-2023-28188](CVE-2023/CVE-2023-281xx/CVE-2023-28188.json) (`2023-09-08T15:51:29.287`) +* [CVE-2023-32362](CVE-2023/CVE-2023-323xx/CVE-2023-32362.json) (`2023-09-08T15:51:50.657`) +* [CVE-2023-32370](CVE-2023/CVE-2023-323xx/CVE-2023-32370.json) (`2023-09-08T15:52:01.343`) +* [CVE-2023-32356](CVE-2023/CVE-2023-323xx/CVE-2023-32356.json) (`2023-09-08T15:52:10.390`) ## Download and Usage