admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-19 17:31:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-09-08T16:00:25.175102+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-09-08 16:00:28 +00:00
parent b55d360376
commit 5b1a7cbbbe
57 changed files with 3046 additions and 255 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

65
CVE-2015/CVE-2015-13xx/CVE-2015-1390.json
View File

@ -2,19 +2,76 @@
"id": "CVE-2015-1390", "id": "CVE-2015-1390",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-09-05T18:15:07.797", "published": "2023-09-05T18:15:07.797",
"lastModified": "2023-09-05T18:29:49.867", "lastModified": "2023-09-08T14:26:50.920",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Aruba AirWave before 8.0.7 allows XSS attacks agsinat an administrator." "value": "Aruba AirWave before 8.0.7 allows XSS attacks agsinat an administrator."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hp:airwave:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.0.0.0",
"versionEndExcluding": "8.0.7",
"matchCriteriaId": "87381F29-D2F9-4300-BB9F-924197154CE9"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2015-005.txt", "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2015-005.txt",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

65
CVE-2015/CVE-2015-13xx/CVE-2015-1391.json
View File

@ -2,19 +2,76 @@
"id": "CVE-2015-1391", "id": "CVE-2015-1391",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-09-05T18:15:07.997", "published": "2023-09-05T18:15:07.997",
"lastModified": "2023-09-05T18:29:49.867", "lastModified": "2023-09-08T14:26:44.737",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Aruba AirWave before 8.0.7 allows bypass of a CSRF protection mechanism." "value": "Aruba AirWave before 8.0.7 allows bypass of a CSRF protection mechanism."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hp:airwave:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.0.0.0",
"versionEndExcluding": "8.0.7",
"matchCriteriaId": "87381F29-D2F9-4300-BB9F-924197154CE9"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2015-005.txt", "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2015-005.txt",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

6
CVE-2019/CVE-2019-131xx/CVE-2019-13115.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2019-13115", "id": "CVE-2019-13115",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2019-07-16T18:15:13.287", "published": "2019-07-16T18:15:13.287",
"lastModified": "2023-06-12T07:15:11.743", "lastModified": "2023-09-08T14:15:07.710",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"descriptions": [ "descriptions": [
{ {
@ -249,6 +249,10 @@
"Third Party Advisory" "Third Party Advisory"
] ]
}, },
{
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00006.html",
"source": "cve@mitre.org"
},
{ {
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6LUNHPW64IGCASZ4JQ2J5KDXNZN53DWW/", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6LUNHPW64IGCASZ4JQ2J5KDXNZN53DWW/",
"source": "cve@mitre.org", "source": "cve@mitre.org",

11
CVE-2019/CVE-2019-174xx/CVE-2019-17498.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2019-17498", "id": "CVE-2019-17498",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2019-10-21T22:15:10.523", "published": "2019-10-21T22:15:10.523",
"lastModified": "2023-06-12T07:15:12.123", "lastModified": "2023-09-08T14:15:08.297",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"descriptions": [ "descriptions": [
{ {
@ -77,7 +77,6 @@
], ],
"configurations": [ "configurations": [
{ {
"operator": "AND",
"nodes": [ "nodes": [
{ {
"operator": "OR", "operator": "OR",
@ -94,7 +93,6 @@
] ]
}, },
{ {
"operator": "AND",
"nodes": [ "nodes": [
{ {
"operator": "OR", "operator": "OR",
@ -115,7 +113,6 @@
] ]
}, },
{ {
"operator": "AND",
"nodes": [ "nodes": [
{ {
"operator": "OR", "operator": "OR",
@ -131,7 +128,6 @@
] ]
}, },
{ {
"operator": "AND",
"nodes": [ "nodes": [
{ {
"operator": "OR", "operator": "OR",
@ -152,7 +148,6 @@
] ]
}, },
{ {
"operator": "AND",
"nodes": [ "nodes": [
{ {
"operator": "OR", "operator": "OR",
@ -275,6 +270,10 @@
"Third Party Advisory" "Third Party Advisory"
] ]
}, },
{
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00006.html",
"source": "cve@mitre.org"
},
{ {
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/22H4Q5XMGS3QNSA7OCL3U7UQZ4NXMR5O/", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/22H4Q5XMGS3QNSA7OCL3U7UQZ4NXMR5O/",
"source": "cve@mitre.org", "source": "cve@mitre.org",

8
CVE-2020/CVE-2020-222xx/CVE-2020-22218.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2020-22218", "id": "CVE-2020-22218",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-08-22T19:16:19.120", "published": "2023-08-22T19:16:19.120",
"lastModified": "2023-08-25T17:51:52.637", "lastModified": "2023-09-08T14:15:08.557",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -71,6 +71,10 @@
"Issue Tracking", "Issue Tracking",
"Patch" "Patch"
] ]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00006.html",
"source": "cve@mitre.org"
} }
] ]
} }

47
CVE-2022/CVE-2022-34xx/CVE-2022-3407.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-3407", "id": "CVE-2022-3407",
"sourceIdentifier": "psirt@lenovo.com", "sourceIdentifier": "psirt@lenovo.com",
"published": "2023-09-01T17:15:07.463", "published": "2023-09-01T17:15:07.463",
"lastModified": "2023-09-01T21:15:30.513", "lastModified": "2023-09-08T14:13:03.517",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.7,
"impactScore": 3.6
},
{ {
"source": "psirt@lenovo.com", "source": "psirt@lenovo.com",
"type": "Secondary", "type": "Secondary",
@ -46,10 +66,31 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:motorola:smartphone_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2022-11-01",
"matchCriteriaId": "0BB355F3-BD13-4DCF-AE42-4D6D4813AC9C"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://en-us.support.motorola.com/app/answers/detail/a_id/175354", "url": "https://en-us.support.motorola.com/app/answers/detail/a_id/175354",
"source": "psirt@lenovo.com" "source": "psirt@lenovo.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

72
CVE-2023/CVE-2023-279xx/CVE-2023-27950.json
View File

@ -2,23 +2,85 @@
"id": "CVE-2023-27950", "id": "CVE-2023-27950",
"sourceIdentifier": "product-security@apple.com", "sourceIdentifier": "product-security@apple.com",
"published": "2023-09-06T02:15:08.280", "published": "2023-09-06T02:15:08.280",
"lastModified": "2023-09-07T01:10:21.083", "lastModified": "2023-09-08T15:48:43.720",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3. Processing an image may result in disclosure of process memory." "value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3. Processing an image may result in disclosure of process memory."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.3",
"matchCriteriaId": "A6D636F7-278A-491B-8960-91A4D5A86A96"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://support.apple.com/en-us/HT213670", "url": "https://support.apple.com/en-us/HT213670",
"source": "product-security@apple.com" "source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}, },
{ {
"url": "https://support.apple.com/kb/HT213670", "url": "https://support.apple.com/kb/HT213670",
"source": "product-security@apple.com" "source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
} }
] ]
} }

72
CVE-2023/CVE-2023-281xx/CVE-2023-28187.json
View File

@ -2,23 +2,85 @@
"id": "CVE-2023-28187", "id": "CVE-2023-28187",
"sourceIdentifier": "product-security@apple.com", "sourceIdentifier": "product-security@apple.com",
"published": "2023-09-06T02:15:08.340", "published": "2023-09-06T02:15:08.340",
"lastModified": "2023-09-07T01:10:21.083", "lastModified": "2023-09-08T15:51:19.097",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "This issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3. A user may be able to cause a denial-of-service." "value": "This issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3. A user may be able to cause a denial-of-service."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.3",
"matchCriteriaId": "A6D636F7-278A-491B-8960-91A4D5A86A96"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://support.apple.com/en-us/HT213670", "url": "https://support.apple.com/en-us/HT213670",
"source": "product-security@apple.com" "source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}, },
{ {
"url": "https://support.apple.com/kb/HT213670", "url": "https://support.apple.com/kb/HT213670",
"source": "product-security@apple.com" "source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
} }
] ]
} }

72
CVE-2023/CVE-2023-281xx/CVE-2023-28188.json
View File

@ -2,23 +2,85 @@
"id": "CVE-2023-28188", "id": "CVE-2023-28188",
"sourceIdentifier": "product-security@apple.com", "sourceIdentifier": "product-security@apple.com",
"published": "2023-09-06T02:15:08.393", "published": "2023-09-06T02:15:08.393",
"lastModified": "2023-09-07T01:10:21.083", "lastModified": "2023-09-08T15:51:29.287",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "A denial-of-service issue was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3. A remote user may be able to cause a denial-of-service." "value": "A denial-of-service issue was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3. A remote user may be able to cause a denial-of-service."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.3",
"matchCriteriaId": "A6D636F7-278A-491B-8960-91A4D5A86A96"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://support.apple.com/en-us/HT213670", "url": "https://support.apple.com/en-us/HT213670",
"source": "product-security@apple.com" "source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}, },
{ {
"url": "https://support.apple.com/kb/HT213670", "url": "https://support.apple.com/kb/HT213670",
"source": "product-security@apple.com" "source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
} }
] ]
} }

72
CVE-2023/CVE-2023-281xx/CVE-2023-28195.json
View File

@ -2,23 +2,85 @@
"id": "CVE-2023-28195", "id": "CVE-2023-28195",
"sourceIdentifier": "product-security@apple.com", "sourceIdentifier": "product-security@apple.com",
"published": "2023-09-06T02:15:08.447", "published": "2023-09-06T02:15:08.447",
"lastModified": "2023-09-07T01:10:21.083", "lastModified": "2023-09-08T15:43:22.570",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Ventura 13.3. An app may be able to read sensitive location information." "value": "A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Ventura 13.3. An app may be able to read sensitive location information."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.3",
"matchCriteriaId": "A6D636F7-278A-491B-8960-91A4D5A86A96"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://support.apple.com/en-us/HT213670", "url": "https://support.apple.com/en-us/HT213670",
"source": "product-security@apple.com" "source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}, },
{ {
"url": "https://support.apple.com/kb/HT213670", "url": "https://support.apple.com/kb/HT213670",
"source": "product-security@apple.com" "source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
} }
] ]
} }

72
CVE-2023/CVE-2023-282xx/CVE-2023-28210.json
View File

@ -2,23 +2,85 @@
"id": "CVE-2023-28210", "id": "CVE-2023-28210",
"sourceIdentifier": "product-security@apple.com", "sourceIdentifier": "product-security@apple.com",
"published": "2023-09-06T02:15:08.600", "published": "2023-09-06T02:15:08.600",
"lastModified": "2023-09-07T01:10:21.083", "lastModified": "2023-09-08T15:43:35.903",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory." "value": "A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.3",
"matchCriteriaId": "A6D636F7-278A-491B-8960-91A4D5A86A96"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://support.apple.com/en-us/HT213670", "url": "https://support.apple.com/en-us/HT213670",
"source": "product-security@apple.com" "source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}, },
{ {
"url": "https://support.apple.com/kb/HT213670", "url": "https://support.apple.com/kb/HT213670",
"source": "product-security@apple.com" "source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
} }
] ]
} }

72
CVE-2023/CVE-2023-282xx/CVE-2023-28211.json
View File

@ -2,23 +2,85 @@
"id": "CVE-2023-28211", "id": "CVE-2023-28211",
"sourceIdentifier": "product-security@apple.com", "sourceIdentifier": "product-security@apple.com",
"published": "2023-09-06T02:15:08.653", "published": "2023-09-06T02:15:08.653",
"lastModified": "2023-09-07T01:10:21.083", "lastModified": "2023-09-08T15:43:43.790",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory." "value": "A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.3",
"matchCriteriaId": "A6D636F7-278A-491B-8960-91A4D5A86A96"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://support.apple.com/en-us/HT213670", "url": "https://support.apple.com/en-us/HT213670",
"source": "product-security@apple.com" "source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}, },
{ {
"url": "https://support.apple.com/kb/HT213670", "url": "https://support.apple.com/kb/HT213670",
"source": "product-security@apple.com" "source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
} }
] ]
} }

72
CVE-2023/CVE-2023-282xx/CVE-2023-28212.json
View File

@ -2,23 +2,85 @@
"id": "CVE-2023-28212", "id": "CVE-2023-28212",
"sourceIdentifier": "product-security@apple.com", "sourceIdentifier": "product-security@apple.com",
"published": "2023-09-06T02:15:08.703", "published": "2023-09-06T02:15:08.703",
"lastModified": "2023-09-07T01:10:21.083", "lastModified": "2023-09-08T15:43:54.463",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory." "value": "A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.3",
"matchCriteriaId": "A6D636F7-278A-491B-8960-91A4D5A86A96"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://support.apple.com/en-us/HT213670", "url": "https://support.apple.com/en-us/HT213670",
"source": "product-security@apple.com" "source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}, },
{ {
"url": "https://support.apple.com/kb/HT213670", "url": "https://support.apple.com/kb/HT213670",
"source": "product-security@apple.com" "source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
} }
] ]
} }

72
CVE-2023/CVE-2023-282xx/CVE-2023-28213.json
View File

@ -2,23 +2,85 @@
"id": "CVE-2023-28213", "id": "CVE-2023-28213",
"sourceIdentifier": "product-security@apple.com", "sourceIdentifier": "product-security@apple.com",
"published": "2023-09-06T02:15:08.757", "published": "2023-09-06T02:15:08.757",
"lastModified": "2023-09-07T01:10:21.083", "lastModified": "2023-09-08T15:44:03.280",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory." "value": "A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.3",
"matchCriteriaId": "A6D636F7-278A-491B-8960-91A4D5A86A96"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://support.apple.com/en-us/HT213670", "url": "https://support.apple.com/en-us/HT213670",
"source": "product-security@apple.com" "source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}, },
{ {
"url": "https://support.apple.com/kb/HT213670", "url": "https://support.apple.com/kb/HT213670",
"source": "product-security@apple.com" "source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
} }
] ]
} }

72
CVE-2023/CVE-2023-282xx/CVE-2023-28214.json
View File

@ -2,23 +2,85 @@
"id": "CVE-2023-28214", "id": "CVE-2023-28214",
"sourceIdentifier": "product-security@apple.com", "sourceIdentifier": "product-security@apple.com",
"published": "2023-09-06T02:15:08.807", "published": "2023-09-06T02:15:08.807",
"lastModified": "2023-09-07T01:10:21.083", "lastModified": "2023-09-08T15:44:10.947",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory." "value": "A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.3",
"matchCriteriaId": "A6D636F7-278A-491B-8960-91A4D5A86A96"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://support.apple.com/en-us/HT213670", "url": "https://support.apple.com/en-us/HT213670",
"source": "product-security@apple.com" "source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}, },
{ {
"url": "https://support.apple.com/kb/HT213670", "url": "https://support.apple.com/kb/HT213670",
"source": "product-security@apple.com" "source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
} }
] ]
} }

72
CVE-2023/CVE-2023-282xx/CVE-2023-28215.json
View File

@ -2,23 +2,85 @@
"id": "CVE-2023-28215", "id": "CVE-2023-28215",
"sourceIdentifier": "product-security@apple.com", "sourceIdentifier": "product-security@apple.com",
"published": "2023-09-06T02:15:08.857", "published": "2023-09-06T02:15:08.857",
"lastModified": "2023-09-07T01:10:21.083", "lastModified": "2023-09-08T15:44:21.330",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory." "value": "A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.3",
"matchCriteriaId": "A6D636F7-278A-491B-8960-91A4D5A86A96"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://support.apple.com/en-us/HT213670", "url": "https://support.apple.com/en-us/HT213670",
"source": "product-security@apple.com" "source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}, },
{ {
"url": "https://support.apple.com/kb/HT213670", "url": "https://support.apple.com/kb/HT213670",
"source": "product-security@apple.com" "source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
} }
] ]
} }

65
CVE-2023/CVE-2023-291xx/CVE-2023-29166.json
View File

@ -2,19 +2,76 @@
"id": "CVE-2023-29166", "id": "CVE-2023-29166",
"sourceIdentifier": "product-security@apple.com", "sourceIdentifier": "product-security@apple.com",
"published": "2023-09-06T02:15:08.910", "published": "2023-09-06T02:15:08.910",
"lastModified": "2023-09-07T01:10:21.083", "lastModified": "2023-09-08T15:44:32.397",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "A logic issue was addressed with improved state management. This issue is fixed in Pro Video Formats 2.2.5. A user may be able to elevate privileges." "value": "A logic issue was addressed with improved state management. This issue is fixed in Pro Video Formats 2.2.5. A user may be able to elevate privileges."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:pro_video_formats:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.2.5",
"matchCriteriaId": "9B349DFB-B15D-45D6-A443-861C2E308F47"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://support.apple.com/en-us/HT213882", "url": "https://support.apple.com/en-us/HT213882",
"source": "product-security@apple.com" "source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
} }
] ]
} }

59
CVE-2023/CVE-2023-294xx/CVE-2023-29441.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-29441", "id": "CVE-2023-29441",
"sourceIdentifier": "audit@patchstack.com", "sourceIdentifier": "audit@patchstack.com",
"published": "2023-09-06T08:15:43.077", "published": "2023-09-06T08:15:43.077",
"lastModified": "2023-09-07T01:10:21.083", "lastModified": "2023-09-08T14:33:55.883",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{ {
"source": "audit@patchstack.com", "source": "audit@patchstack.com",
"type": "Secondary", "type": "Secondary",
@ -36,7 +56,7 @@
}, },
"weaknesses": [ "weaknesses": [
{ {
"source": "audit@patchstack.com", "source": "nvd@nist.gov",
"type": "Primary", "type": "Primary",
"description": [ "description": [
{ {
@ -44,12 +64,43 @@
"value": "CWE-79" "value": "CWE-79"
} }
] ]
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:deepsoft:weblibrarian:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "3.5.8.1",
"matchCriteriaId": "EBC82B54-448F-4492-AA2E-75511594B949"
}
]
}
]
} }
], ],
"references": [ "references": [
{ {
"url": "https://patchstack.com/database/vulnerability/weblibrarian/wordpress-weblibrarian-plugin-3-5-8-1-multiple-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", "url": "https://patchstack.com/database/vulnerability/weblibrarian/wordpress-weblibrarian-plugin-3-5-8-1-multiple-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com" "source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

57
CVE-2023/CVE-2023-307xx/CVE-2023-30722.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30722", "id": "CVE-2023-30722",
"sourceIdentifier": "mobile.security@samsung.com", "sourceIdentifier": "mobile.security@samsung.com",
"published": "2023-09-06T04:15:15.493", "published": "2023-09-06T04:15:15.493",
"lastModified": "2023-09-07T01:10:21.083", "lastModified": "2023-09-08T14:33:26.297",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{ {
"source": "mobile.security@samsung.com", "source": "mobile.security@samsung.com",
"type": "Secondary", "type": "Secondary",
@ -35,6 +55,16 @@
] ]
}, },
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
},
{ {
"source": "mobile.security@samsung.com", "source": "mobile.security@samsung.com",
"type": "Secondary", "type": "Secondary",
@ -46,10 +76,31 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:samsung:blockchain_keystore:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.3.13.5",
"matchCriteriaId": "58D7527A-A43D-41CB-9519-70B03EB7F1EC"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=09", "url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=09",
"source": "mobile.security@samsung.com" "source": "mobile.security@samsung.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

4
CVE-2023/CVE-2023-309xx/CVE-2023-30908.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-30908", "id": "CVE-2023-30908",
"sourceIdentifier": "security-alert@hpe.com", "sourceIdentifier": "security-alert@hpe.com",
"published": "2023-09-07T22:15:07.500", "published": "2023-09-07T22:15:07.500",
"lastModified": "2023-09-08T12:58:44.673", "lastModified": "2023-09-08T14:15:10.003",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Potential security vulnerabilities have been identified in Hewlett Packard Enterprise OneView Software. These vulnerabilities could be remotely exploited to allow authentication bypass, disclosure of sensitive information, and denial of service.\n\n" "value": "Potential security vulnerability have been identified in Hewlett Packard Enterprise OneView Software. This vulnerability could be remotely exploited to allow authentication bypass, disclosure of sensitive information, and denial of service.\n\n"
} }
], ],
"metrics": { "metrics": {

72
CVE-2023/CVE-2023-323xx/CVE-2023-32356.json
View File

@ -2,23 +2,85 @@
"id": "CVE-2023-32356", "id": "CVE-2023-32356",
"sourceIdentifier": "product-security@apple.com", "sourceIdentifier": "product-security@apple.com",
"published": "2023-09-06T02:15:08.967", "published": "2023-09-06T02:15:08.967",
"lastModified": "2023-09-07T01:10:21.083", "lastModified": "2023-09-08T15:52:10.390",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory." "value": "A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.3",
"matchCriteriaId": "A6D636F7-278A-491B-8960-91A4D5A86A96"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://support.apple.com/en-us/HT213670", "url": "https://support.apple.com/en-us/HT213670",
"source": "product-security@apple.com" "source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}, },
{ {
"url": "https://support.apple.com/kb/HT213670", "url": "https://support.apple.com/kb/HT213670",
"source": "product-security@apple.com" "source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
} }
] ]
} }

72
CVE-2023/CVE-2023-323xx/CVE-2023-32362.json
View File

@ -2,23 +2,85 @@
"id": "CVE-2023-32362", "id": "CVE-2023-32362",
"sourceIdentifier": "product-security@apple.com", "sourceIdentifier": "product-security@apple.com",
"published": "2023-09-06T02:15:09.017", "published": "2023-09-06T02:15:09.017",
"lastModified": "2023-09-07T01:10:21.083", "lastModified": "2023-09-08T15:51:50.657",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Error handling was changed to not reveal sensitive information. This issue is fixed in macOS Ventura 13.3. A website may be able to track sensitive user information." "value": "Error handling was changed to not reveal sensitive information. This issue is fixed in macOS Ventura 13.3. A website may be able to track sensitive user information."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.3",
"matchCriteriaId": "A6D636F7-278A-491B-8960-91A4D5A86A96"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://support.apple.com/en-us/HT213670", "url": "https://support.apple.com/en-us/HT213670",
"source": "product-security@apple.com" "source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}, },
{ {
"url": "https://support.apple.com/kb/HT213670", "url": "https://support.apple.com/kb/HT213670",
"source": "product-security@apple.com" "source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
} }
] ]
} }

66
CVE-2023/CVE-2023-323xx/CVE-2023-32370.json
View File

@ -2,19 +2,77 @@
"id": "CVE-2023-32370", "id": "CVE-2023-32370",
"sourceIdentifier": "product-security@apple.com", "sourceIdentifier": "product-security@apple.com",
"published": "2023-09-06T02:15:09.070", "published": "2023-09-06T02:15:09.070",
"lastModified": "2023-09-07T01:10:21.083", "lastModified": "2023-09-08T15:52:01.343",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "A logic issue was addressed with improved validation. This issue is fixed in macOS Ventura 13.3. Content Security Policy to block domains with wildcards may fail." "value": "A logic issue was addressed with improved validation. This issue is fixed in macOS Ventura 13.3. Content Security Policy to block domains with wildcards may fail."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.3",
"matchCriteriaId": "A6D636F7-278A-491B-8960-91A4D5A86A96"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://support.apple.com/en-us/HT213670", "url": "https://support.apple.com/en-us/HT213670",
"source": "product-security@apple.com" "source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
} }
] ]
} }

72
CVE-2023/CVE-2023-323xx/CVE-2023-32379.json
View File

@ -2,23 +2,85 @@
"id": "CVE-2023-32379", "id": "CVE-2023-32379",
"sourceIdentifier": "product-security@apple.com", "sourceIdentifier": "product-security@apple.com",
"published": "2023-09-06T02:15:09.120", "published": "2023-09-06T02:15:09.120",
"lastModified": "2023-09-07T01:10:21.083", "lastModified": "2023-09-08T15:29:33.913",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.4. An app may be able to execute arbitrary code with kernel privileges." "value": "A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.4. An app may be able to execute arbitrary code with kernel privileges."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.4",
"matchCriteriaId": "DA07361B-D827-471F-9443-4BE4265D6A3B"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://support.apple.com/en-us/HT213758", "url": "https://support.apple.com/en-us/HT213758",
"source": "product-security@apple.com" "source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}, },
{ {
"url": "https://support.apple.com/kb/HT213758", "url": "https://support.apple.com/kb/HT213758",
"source": "product-security@apple.com" "source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
} }
] ]
} }

60
CVE-2023/CVE-2023-32xx/CVE-2023-3221.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-3221", "id": "CVE-2023-3221",
"sourceIdentifier": "cve-coordination@incibe.es", "sourceIdentifier": "cve-coordination@incibe.es",
"published": "2023-09-04T13:15:32.853", "published": "2023-09-04T13:15:32.853",
"lastModified": "2023-09-05T06:50:39.603", "lastModified": "2023-09-08T14:12:14.190",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "User enumeration vulnerability in Password Recovery plugin 1.2 version for Roundcube, which could allow a remote attacker to create a test script against the password recovery function to enumerate all users in the database." "value": "User enumeration vulnerability in Password Recovery plugin 1.2 version for Roundcube, which could allow a remote attacker to create a test script against the password recovery function to enumerate all users in the database."
},
{
"lang": "es",
"value": "Se ha descubierto una vulnerabilidad de enumeraci\u00f3n de usuarios en el plugin Password Recovery versi\u00f3n 1.2 para Roundcube, que podr\u00eda permitir a un atacante remoto crear un script de prueba contra la funci\u00f3n de recuperaci\u00f3n de contrase\u00f1as para enumerar todos los usuarios de la base de datos. "
} }
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{ {
"source": "cve-coordination@incibe.es", "source": "cve-coordination@incibe.es",
"type": "Secondary", "type": "Secondary",
@ -35,6 +59,16 @@
] ]
}, },
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-203"
}
]
},
{ {
"source": "cve-coordination@incibe.es", "source": "cve-coordination@incibe.es",
"type": "Secondary", "type": "Secondary",
@ -46,10 +80,30 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:password_recovery_project:password_recovery:1.2:*:*:*:*:roundcube:*:*",
"matchCriteriaId": "5AC9878D-1A6B-46C0-843F-69EF179F85D6"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-roundcube-password-recovery-plugin", "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-roundcube-password-recovery-plugin",
"source": "cve-coordination@incibe.es" "source": "cve-coordination@incibe.es",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

60
CVE-2023/CVE-2023-32xx/CVE-2023-3222.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-3222", "id": "CVE-2023-3222",
"sourceIdentifier": "cve-coordination@incibe.es", "sourceIdentifier": "cve-coordination@incibe.es",
"published": "2023-09-04T13:15:33.987", "published": "2023-09-04T13:15:33.987",
"lastModified": "2023-09-05T06:50:39.603", "lastModified": "2023-09-08T14:07:29.030",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Vulnerability in the password recovery mechanism of Password Recovery plugin for Roundcube, in its 1.2 version, which could allow a remote attacker to change an existing user\u00b4s password by adding a 6-digit numeric token. An attacker could create an automatic script to test all possible values because the platform has no limit on the number of requests." "value": "Vulnerability in the password recovery mechanism of Password Recovery plugin for Roundcube, in its 1.2 version, which could allow a remote attacker to change an existing user\u00b4s password by adding a 6-digit numeric token. An attacker could create an automatic script to test all possible values because the platform has no limit on the number of requests."
},
{
"lang": "es",
"value": "Se ha descubierto una vulnerabilidad en el mecanismo de recuperaci\u00f3n de contrase\u00f1as del plugin Password Recovery para Roundcube, en su versi\u00f3n 1.2, que podr\u00eda permitir a un atacante remoto cambiar la contrase\u00f1a de un usuario existente a\u00f1adiendo un token num\u00e9rico de 6 d\u00edgitos. Un atacante podr\u00eda crear un script autom\u00e1tico para probar todos los valores posibles, ya que la plataforma no tiene l\u00edmite en el n\u00famero de peticiones. "
} }
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{ {
"source": "cve-coordination@incibe.es", "source": "cve-coordination@incibe.es",
"type": "Secondary", "type": "Secondary",
@ -35,6 +59,16 @@
] ]
}, },
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-640"
}
]
},
{ {
"source": "cve-coordination@incibe.es", "source": "cve-coordination@incibe.es",
"type": "Secondary", "type": "Secondary",
@ -46,10 +80,30 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:password_recovery_project:password_recovery:1.2:*:*:*:*:roundcube:*:*",
"matchCriteriaId": "5AC9878D-1A6B-46C0-843F-69EF179F85D6"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-roundcube-password-recovery-plugin", "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-roundcube-password-recovery-plugin",
"source": "cve-coordination@incibe.es" "source": "cve-coordination@incibe.es",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

90
CVE-2023/CVE-2023-339xx/CVE-2023-33915.json
View File

@ -2,19 +2,101 @@
"id": "CVE-2023-33915", "id": "CVE-2023-33915",
"sourceIdentifier": "security@unisoc.com", "sourceIdentifier": "security@unisoc.com",
"published": "2023-09-04T02:15:08.270", "published": "2023-09-04T02:15:08.270",
"lastModified": "2023-09-04T03:51:45.317", "lastModified": "2023-09-08T14:23:21.900",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "In LTE protocol stack, there is a possible missing permission check. This could lead to remote information disclosure no additional execution privileges needed" "value": "In LTE protocol stack, there is a possible missing permission check. This could lead to remote information disclosure no additional execution privileges needed"
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:11.0:-:*:*:*:*:*:*",
"matchCriteriaId": "F120D280-287A-474F-9DC5-CBBC4B4C7237"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:s8000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FDE05D06-C798-4217-8858-8C5DC2C94751"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t760:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3D965CCA-C963-49E4-ACF0-2A9F458AF470"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t770:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0FFEF06A-E3E0-486F-89CC-D52FF3F26F0B"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:unisoc:t820:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49601008-D3FF-47CC-B961-6FDDFC7A0596"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434", "url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434",
"source": "security@unisoc.com" "source": "security@unisoc.com",
"tags": [
"Broken Link"
]
} }
] ]
} }

39
CVE-2023/CVE-2023-33xx/CVE-2023-3374.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3374", "id": "CVE-2023-3374",
"sourceIdentifier": "cve@usom.gov.tr", "sourceIdentifier": "cve@usom.gov.tr",
"published": "2023-09-05T17:15:09.400", "published": "2023-09-05T17:15:09.400",
"lastModified": "2023-09-06T08:15:44.193", "lastModified": "2023-09-08T14:15:21.053",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -36,8 +36,18 @@
}, },
"weaknesses": [ "weaknesses": [
{ {
"source": "cve@usom.gov.tr", "source": "nvd@nist.gov",
"type": "Primary", "type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
},
{
"source": "cve@usom.gov.tr",
"type": "Secondary",
"description": [ "description": [
{ {
"lang": "en", "lang": "en",
@ -46,10 +56,31 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bookreen:bookreen:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.0.0",
"matchCriteriaId": "CDF29D7D-1B35-4FA0-A73E-5CF3C287C3FE"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://www.usom.gov.tr/bildirim/tr-23-0489", "url": "https://www.usom.gov.tr/bildirim/tr-23-0489",
"source": "cve@usom.gov.tr" "source": "cve@usom.gov.tr",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

49
CVE-2023/CVE-2023-33xx/CVE-2023-3375.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3375", "id": "CVE-2023-3375",
"sourceIdentifier": "cve@usom.gov.tr", "sourceIdentifier": "cve@usom.gov.tr",
"published": "2023-09-05T17:15:09.497", "published": "2023-09-05T17:15:09.497",
"lastModified": "2023-09-06T08:15:44.287", "lastModified": "2023-09-08T14:26:17.933",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -13,8 +13,28 @@
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{ {
"source": "cve@usom.gov.tr", "source": "nvd@nist.gov",
"type": "Primary", "type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
},
{
"source": "cve@usom.gov.tr",
"type": "Secondary",
"cvssData": { "cvssData": {
"version": "3.1", "version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
@ -46,10 +66,31 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bookreen:bookreen:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.0.0",
"matchCriteriaId": "CDF29D7D-1B35-4FA0-A73E-5CF3C287C3FE"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://www.usom.gov.tr/bildirim/tr-23-0489", "url": "https://www.usom.gov.tr/bildirim/tr-23-0489",
"source": "cve@usom.gov.tr" "source": "cve@usom.gov.tr",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

53
CVE-2023/CVE-2023-34xx/CVE-2023-3499.json
View File

@ -2,15 +2,38 @@
"id": "CVE-2023-3499", "id": "CVE-2023-3499",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-09-04T12:15:09.493", "published": "2023-09-04T12:15:09.493",
"lastModified": "2023-09-05T06:50:39.603", "lastModified": "2023-09-08T14:01:59.823",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "The Photo Gallery, Images, Slider in Rbs Image Gallery WordPress plugin before 3.2.16 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)" "value": "The Photo Gallery, Images, Slider in Rbs Image Gallery WordPress plugin before 3.2.16 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)"
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},
"weaknesses": [ "weaknesses": [
{ {
"source": "contact@wpscan.com", "source": "contact@wpscan.com",
@ -23,10 +46,32 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:robogallery:robo_gallery:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "3.2.16",
"matchCriteriaId": "AEA1F3F1-BBD6-4525-8AD6-8E9E854307C4"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://wpscan.com/vulnerability/ea29413b-494e-410e-ae42-42f96284899c", "url": "https://wpscan.com/vulnerability/ea29413b-494e-410e-ae42-42f96284899c",
"source": "contact@wpscan.com" "source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

49
CVE-2023/CVE-2023-36xx/CVE-2023-3616.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3616", "id": "CVE-2023-3616",
"sourceIdentifier": "cve@usom.gov.tr", "sourceIdentifier": "cve@usom.gov.tr",
"published": "2023-09-05T18:15:11.150", "published": "2023-09-05T18:15:11.150",
"lastModified": "2023-09-05T18:29:49.867", "lastModified": "2023-09-08T14:15:50.723",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -13,7 +13,7 @@
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{ {
"source": "cve@usom.gov.tr", "source": "nvd@nist.gov",
"type": "Primary", "type": "Primary",
"cvssData": { "cvssData": {
"version": "3.1", "version": "3.1",
@ -31,6 +31,26 @@
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 3.9,
"impactScore": 5.9 "impactScore": 5.9
},
{
"source": "cve@usom.gov.tr",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
} }
] ]
}, },
@ -46,10 +66,31 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mava:hotel_management_system:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.0",
"matchCriteriaId": "F970B6B3-9043-4B71-B5BD-46C931DBF608"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://www.usom.gov.tr/bildirim/tr-23-0493", "url": "https://www.usom.gov.tr/bildirim/tr-23-0493",
"source": "cve@usom.gov.tr" "source": "cve@usom.gov.tr",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

47
CVE-2023/CVE-2023-383xx/CVE-2023-38387.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-38387", "id": "CVE-2023-38387",
"sourceIdentifier": "audit@patchstack.com", "sourceIdentifier": "audit@patchstack.com",
"published": "2023-09-03T12:15:41.077", "published": "2023-09-03T12:15:41.077",
"lastModified": "2023-09-04T00:06:16.703", "lastModified": "2023-09-08T14:39:10.543",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{ {
"source": "audit@patchstack.com", "source": "audit@patchstack.com",
"type": "Secondary", "type": "Secondary",
@ -46,10 +66,31 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:elasticemail:elastic_email_sender:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.2.6",
"matchCriteriaId": "2C464DAE-D8A1-4767-BDAF-8A971C6AC60E"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://patchstack.com/database/vulnerability/elastic-email-sender/wordpress-elastic-email-sender-plugin-1-2-6-cross-site-scripting-xss?_s_id=cve", "url": "https://patchstack.com/database/vulnerability/elastic-email-sender/wordpress-elastic-email-sender-plugin-1-2-6-cross-site-scripting-xss?_s_id=cve",
"source": "audit@patchstack.com" "source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

47
CVE-2023/CVE-2023-384xx/CVE-2023-38476.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-38476", "id": "CVE-2023-38476",
"sourceIdentifier": "audit@patchstack.com", "sourceIdentifier": "audit@patchstack.com",
"published": "2023-09-03T12:15:42.053", "published": "2023-09-03T12:15:42.053",
"lastModified": "2023-09-04T00:06:16.703", "lastModified": "2023-09-08T14:40:43.120",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{ {
"source": "audit@patchstack.com", "source": "audit@patchstack.com",
"type": "Secondary", "type": "Secondary",
@ -46,10 +66,31 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:suitedash:client_portal_\\:suitedash_direct_login:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.7.6",
"matchCriteriaId": "E8586B42-DEBC-452F-944B-284BC2F0518F"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://patchstack.com/database/vulnerability/client-portal-suitedash-login/wordpress-client-portal-suitedash-direct-login-plugin-1-7-3-cross-site-scripting-xss?_s_id=cve", "url": "https://patchstack.com/database/vulnerability/client-portal-suitedash-login/wordpress-client-portal-suitedash-direct-login-plugin-1-7-3-cross-site-scripting-xss?_s_id=cve",
"source": "audit@patchstack.com" "source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

47
CVE-2023/CVE-2023-384xx/CVE-2023-38482.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-38482", "id": "CVE-2023-38482",
"sourceIdentifier": "audit@patchstack.com", "sourceIdentifier": "audit@patchstack.com",
"published": "2023-09-03T12:15:42.140", "published": "2023-09-03T12:15:42.140",
"lastModified": "2023-09-04T00:06:16.703", "lastModified": "2023-09-08T14:53:41.653",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{ {
"source": "audit@patchstack.com", "source": "audit@patchstack.com",
"type": "Secondary", "type": "Secondary",
@ -46,10 +66,31 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qualityunit:post_affiliate_pro:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.25.0",
"matchCriteriaId": "8F24A65C-39E1-4AFB-9D73-875DB8D20BBB"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://patchstack.com/database/vulnerability/postaffiliatepro/wordpress-post-affiliate-pro-plugin-1-24-9-cross-site-scripting-xss?_s_id=cve", "url": "https://patchstack.com/database/vulnerability/postaffiliatepro/wordpress-post-affiliate-pro-plugin-1-24-9-cross-site-scripting-xss?_s_id=cve",
"source": "audit@patchstack.com" "source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

47
CVE-2023/CVE-2023-385xx/CVE-2023-38516.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-38516", "id": "CVE-2023-38516",
"sourceIdentifier": "audit@patchstack.com", "sourceIdentifier": "audit@patchstack.com",
"published": "2023-09-03T12:15:42.227", "published": "2023-09-03T12:15:42.227",
"lastModified": "2023-09-04T00:06:16.703", "lastModified": "2023-09-08T14:59:31.500",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{ {
"source": "audit@patchstack.com", "source": "audit@patchstack.com",
"type": "Secondary", "type": "Secondary",
@ -46,10 +66,31 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:essentialplugin:audio_player_with_playlist_ultimate:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.2.2",
"matchCriteriaId": "888B52DF-DB43-4356-830A-100AE94F7750"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://patchstack.com/database/vulnerability/audio-player-with-playlist-ultimate/wordpress-audio-player-with-playlist-ultimate-plugin-1-2-2-cross-site-scripting-xss?_s_id=cve", "url": "https://patchstack.com/database/vulnerability/audio-player-with-playlist-ultimate/wordpress-audio-player-with-playlist-ultimate-plugin-1-2-2-cross-site-scripting-xss?_s_id=cve",
"source": "audit@patchstack.com" "source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

59
CVE-2023/CVE-2023-385xx/CVE-2023-38517.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-38517", "id": "CVE-2023-38517",
"sourceIdentifier": "audit@patchstack.com", "sourceIdentifier": "audit@patchstack.com",
"published": "2023-09-03T12:15:42.317", "published": "2023-09-03T12:15:42.317",
"lastModified": "2023-09-04T00:06:16.703", "lastModified": "2023-09-08T15:07:40.147",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{ {
"source": "audit@patchstack.com", "source": "audit@patchstack.com",
"type": "Secondary", "type": "Secondary",
@ -36,7 +56,7 @@
}, },
"weaknesses": [ "weaknesses": [
{ {
"source": "audit@patchstack.com", "source": "nvd@nist.gov",
"type": "Primary", "type": "Primary",
"description": [ "description": [
{ {
@ -44,12 +64,43 @@
"value": "CWE-79" "value": "CWE-79"
} }
] ]
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:realwebcare:wrc_pricing_tables:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.3.7",
"matchCriteriaId": "9B48C504-E3AD-45B2-8C44-37648FE4CA4E"
}
]
}
]
} }
], ],
"references": [ "references": [
{ {
"url": "https://patchstack.com/database/vulnerability/wrc-pricing-tables/wordpress-wrc-pricing-tables-plugin-2-3-4-cross-site-scripting-xss?_s_id=cve", "url": "https://patchstack.com/database/vulnerability/wrc-pricing-tables/wordpress-wrc-pricing-tables-plugin-2-3-4-cross-site-scripting-xss?_s_id=cve",
"source": "audit@patchstack.com" "source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

28
CVE-2023/CVE-2023-396xx/CVE-2023-39676.json Normal file
View File

@ -0,0 +1,28 @@
{
"id": "CVE-2023-39676",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-08T14:15:11.293",
"lastModified": "2023-09-08T14:15:11.293",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "SimpleImportProduct Prestashop Module v1.0.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the callback parameter at ajax.php."
}
],
"metrics": {},
"references": [
{
"url": "https://blog.sorcery.ie/posts/fieldpopupnewsletter_xss/",
"source": "cve@mitre.org"
},
{
"url": "https://sorcery.ie",
"source": "cve@mitre.org"
},
{
"url": "https://themeforest.net/user/fieldthemes",
"source": "cve@mitre.org"
}
]
}

68
CVE-2023/CVE-2023-396xx/CVE-2023-39681.json
View File

@ -2,19 +2,79 @@
"id": "CVE-2023-39681", "id": "CVE-2023-39681",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-09-05T18:15:11.027", "published": "2023-09-05T18:15:11.027",
"lastModified": "2023-09-05T18:29:49.867", "lastModified": "2023-09-08T14:16:00.450",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Cuppa CMS v1.0 was discovered to contain a remote code execution (RCE) vulnerability via the email_outgoing parameter at /Configuration.php. This vulnerability is triggered via a crafted payload." "value": "Cuppa CMS v1.0 was discovered to contain a remote code execution (RCE) vulnerability via the email_outgoing parameter at /Configuration.php. This vulnerability is triggered via a crafted payload."
},
{
"lang": "es",
"value": "Se descubri\u00f3 que Cuppa CMS v1.0 contiene una vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo (RCE) a trav\u00e9s del par\u00e1metro \"email_outgoing parameter at /Configuration.php\". Esta vulnerabilidad se activa a trav\u00e9s de un payload manipulado. "
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cuppacms:cuppacms:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "983E1279-93C7-47D9-9AC8-EFB6D57B92E7"
}
]
}
]
} }
], ],
"metrics": {},
"references": [ "references": [
{ {
"url": "https://github.com/yanbochen97/CuppaCMS_RCE", "url": "https://github.com/yanbochen97/CuppaCMS_RCE",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

58
CVE-2023/CVE-2023-399xx/CVE-2023-39983.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-39983", "id": "CVE-2023-39983",
"sourceIdentifier": "psirt@moxa.com", "sourceIdentifier": "psirt@moxa.com",
"published": "2023-09-02T13:15:45.427", "published": "2023-09-02T13:15:45.427",
"lastModified": "2023-09-04T00:06:16.703", "lastModified": "2023-09-08T14:22:27.980",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{ {
"source": "psirt@moxa.com", "source": "psirt@moxa.com",
"type": "Secondary", "type": "Secondary",
@ -35,6 +55,16 @@
] ]
}, },
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-913"
}
]
},
{ {
"source": "psirt@moxa.com", "source": "psirt@moxa.com",
"type": "Secondary", "type": "Secondary",
@ -46,10 +76,32 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:moxa:mxsecurity:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.0.1",
"matchCriteriaId": "0ED6F989-0F7D-46CC-BCEC-91E50F1B42AC"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-230403-mxsecurity-series-multiple-vulnerabilities", "url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-230403-mxsecurity-series-multiple-vulnerabilities",
"source": "psirt@moxa.com" "source": "psirt@moxa.com",
"tags": [
"Patch",
"Vendor Advisory"
]
} }
] ]
} }

79
CVE-2023/CVE-2023-399xx/CVE-2023-39991.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-39991", "id": "CVE-2023-39991",
"sourceIdentifier": "audit@patchstack.com", "sourceIdentifier": "audit@patchstack.com",
"published": "2023-09-04T11:15:40.933", "published": "2023-09-04T11:15:40.933",
"lastModified": "2023-09-05T06:50:39.603", "lastModified": "2023-09-08T14:05:34.107",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{ {
"source": "audit@patchstack.com", "source": "audit@patchstack.com",
"type": "Secondary", "type": "Secondary",
@ -36,7 +56,7 @@
}, },
"weaknesses": [ "weaknesses": [
{ {
"source": "audit@patchstack.com", "source": "nvd@nist.gov",
"type": "Primary", "type": "Primary",
"description": [ "description": [
{ {
@ -44,12 +64,63 @@
"value": "CWE-79" "value": "CWE-79"
} }
] ]
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:blindsidenetworks:bigbluebutton:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "3.0.0",
"matchCriteriaId": "0F2E0415-2A61-47D3-A093-DA000BE271D0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:blindsidenetworks:bigbluebutton:3.0.0:beta1:*:*:*:wordpress:*:*",
"matchCriteriaId": "A318CF14-A9CD-44FF-8D96-E5EA46C94A86"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:blindsidenetworks:bigbluebutton:3.0.0:beta2:*:*:*:wordpress:*:*",
"matchCriteriaId": "A571F96D-8435-4404-94C2-E755E64803BD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:blindsidenetworks:bigbluebutton:3.0.0:beta3:*:*:*:wordpress:*:*",
"matchCriteriaId": "2CB5CD5B-A00A-4D9F-B008-3BBD05836B81"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:blindsidenetworks:bigbluebutton:3.0.0:beta4:*:*:*:wordpress:*:*",
"matchCriteriaId": "1E8C6565-6A53-46FA-BCF4-C73820651D0F"
}
]
}
]
} }
], ],
"references": [ "references": [
{ {
"url": "https://patchstack.com/database/vulnerability/bigbluebutton/wordpress-bigbluebutton-plugin-3-0-0-beta-4-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", "url": "https://patchstack.com/database/vulnerability/bigbluebutton/wordpress-bigbluebutton-plugin-3-0-0-beta-4-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com" "source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

69
CVE-2023/CVE-2023-409xx/CVE-2023-40918.json
View File

@ -2,19 +2,80 @@
"id": "CVE-2023-40918", "id": "CVE-2023-40918",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-09-05T18:15:11.317", "published": "2023-09-05T18:15:11.317",
"lastModified": "2023-09-05T18:29:49.867", "lastModified": "2023-09-08T14:26:06.590",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "KnowStreaming 3.3.0 is vulnerable to Escalation of Privileges. Unauthorized users can create a new user with an admin role." "value": "KnowStreaming 3.3.0 is vulnerable to Escalation of Privileges. Unauthorized users can create a new user with an admin role."
},
{
"lang": "es",
"value": "KnowStreaming v3.3.0 es vulnerable a la escalada de privilegios. Los usuarios no autorizados pueden crear un nuevo usuario con un rol de administrador. "
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-269"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:knowstreaming_project:knowstreaming:3.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E4F7FED8-1125-4851-AC50-8EAC3290E77C"
}
]
}
]
} }
], ],
"metrics": {},
"references": [ "references": [
{ {
"url": "https://github.com/didi/KnowStreaming/issues/1128", "url": "https://github.com/didi/KnowStreaming/issues/1128",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
]
} }
] ]
} }

60
CVE-2023/CVE-2023-410xx/CVE-2023-41037.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-41037", "id": "CVE-2023-41037",
"sourceIdentifier": "security-advisories@github.com", "sourceIdentifier": "security-advisories@github.com",
"published": "2023-08-29T17:15:13.003", "published": "2023-08-29T17:15:13.003",
"lastModified": "2023-08-29T18:14:25.027", "lastModified": "2023-09-08T14:01:40.800",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{ {
"source": "security-advisories@github.com", "source": "security-advisories@github.com",
"type": "Secondary", "type": "Secondary",
@ -46,14 +66,46 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openpgpjs:openpgpjs:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.10.11",
"matchCriteriaId": "EE3685F7-C06B-487D-8D10-E192DC1D1589"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openpgpjs:openpgpjs:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.0.0",
"versionEndExcluding": "5.10.0",
"matchCriteriaId": "FF849E0F-852A-48C8-8F9B-15DFE8DD0EBB"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/openpgpjs/openpgpjs/commit/6b43e02a254853f5ff508ebd1b07541f78b7c566", "url": "https://github.com/openpgpjs/openpgpjs/commit/6b43e02a254853f5ff508ebd1b07541f78b7c566",
"source": "security-advisories@github.com" "source": "security-advisories@github.com",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://github.com/openpgpjs/openpgpjs/security/advisories/GHSA-ch3c-v47x-4pgp", "url": "https://github.com/openpgpjs/openpgpjs/security/advisories/GHSA-ch3c-v47x-4pgp",
"source": "security-advisories@github.com" "source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
]
} }
] ]
} }

66
CVE-2023/CVE-2023-410xx/CVE-2023-41052.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-41052", "id": "CVE-2023-41052",
"sourceIdentifier": "security-advisories@github.com", "sourceIdentifier": "security-advisories@github.com",
"published": "2023-09-04T18:15:08.657", "published": "2023-09-04T18:15:08.657",
"lastModified": "2023-09-05T06:50:39.603", "lastModified": "2023-09-08T14:08:27.387",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{ {
"source": "security-advisories@github.com", "source": "security-advisories@github.com",
"type": "Secondary", "type": "Secondary",
@ -36,7 +56,7 @@
}, },
"weaknesses": [ "weaknesses": [
{ {
"source": "security-advisories@github.com", "source": "nvd@nist.gov",
"type": "Primary", "type": "Primary",
"description": [ "description": [
{ {
@ -44,16 +64,52 @@
"value": "CWE-670" "value": "CWE-670"
} }
] ]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-670"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vyperlang:vyper:*:*:*:*:*:python:*:*",
"versionEndIncluding": "0.3.9",
"matchCriteriaId": "56FB25B4-6446-4B4B-87AA-D4368B4B8685"
}
]
}
]
} }
], ],
"references": [ "references": [
{ {
"url": "https://github.com/vyperlang/vyper/pull/3583", "url": "https://github.com/vyperlang/vyper/pull/3583",
"source": "security-advisories@github.com" "source": "security-advisories@github.com",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://github.com/vyperlang/vyper/security/advisories/GHSA-4hg4-9mf5-wxxq", "url": "https://github.com/vyperlang/vyper/security/advisories/GHSA-4hg4-9mf5-wxxq",
"source": "security-advisories@github.com" "source": "security-advisories@github.com",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
]
} }
] ]
} }

54
CVE-2023/CVE-2023-410xx/CVE-2023-41055.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-41055", "id": "CVE-2023-41055",
"sourceIdentifier": "security-advisories@github.com", "sourceIdentifier": "security-advisories@github.com",
"published": "2023-09-04T18:15:09.203", "published": "2023-09-04T18:15:09.203",
"lastModified": "2023-09-05T06:50:39.603", "lastModified": "2023-09-08T14:09:38.550",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{ {
"source": "security-advisories@github.com", "source": "security-advisories@github.com",
"type": "Secondary", "type": "Secondary",
@ -46,14 +66,40 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ahwx:librey:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2023-08-17",
"matchCriteriaId": "C84208E2-25ED-4435-A72C-95619190D677"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/Ahwxorg/LibreY/pull/9", "url": "https://github.com/Ahwxorg/LibreY/pull/9",
"source": "security-advisories@github.com" "source": "security-advisories@github.com",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://github.com/Ahwxorg/LibreY/security/advisories/GHSA-xfj6-4vp9-8rgc", "url": "https://github.com/Ahwxorg/LibreY/security/advisories/GHSA-xfj6-4vp9-8rgc",
"source": "security-advisories@github.com" "source": "security-advisories@github.com",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
]
} }
] ]
} }

69
CVE-2023/CVE-2023-419xx/CVE-2023-41908.json
View File

@ -2,23 +2,82 @@
"id": "CVE-2023-41908", "id": "CVE-2023-41908",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-09-05T07:15:14.810", "published": "2023-09-05T07:15:14.810",
"lastModified": "2023-09-05T12:54:46.447", "lastModified": "2023-09-08T14:26:28.263",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Cerebrate before 1.15 lacks the Secure attribute for the session cookie." "value": "Cerebrate before 1.15 lacks the Secure attribute for the session cookie."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cerebrate-project:cerebrate:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.15",
"matchCriteriaId": "DE11F1CF-0968-4E5C-B646-1F5C2BCB9B1E"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/cerebrate-project/cerebrate/commit/9be81055651649658243b5aa274b175064bfc6db", "url": "https://github.com/cerebrate-project/cerebrate/commit/9be81055651649658243b5aa274b175064bfc6db",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://github.com/cerebrate-project/cerebrate/compare/v1.14...v1.15", "url": "https://github.com/cerebrate-project/cerebrate/compare/v1.14...v1.15",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Patch"
]
} }
] ]
} }

62
CVE-2023/CVE-2023-46xx/CVE-2023-4613.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4613", "id": "CVE-2023-4613",
"sourceIdentifier": "product.security@lge.com", "sourceIdentifier": "product.security@lge.com",
"published": "2023-09-04T09:15:07.510", "published": "2023-09-04T09:15:07.510",
"lastModified": "2023-09-05T06:50:39.603", "lastModified": "2023-09-08T14:14:54.583",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{ {
"source": "product.security@lge.com", "source": "product.security@lge.com",
"type": "Secondary", "type": "Secondary",
@ -35,6 +55,16 @@
] ]
}, },
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
},
{ {
"source": "product.security@lge.com", "source": "product.security@lge.com",
"type": "Secondary", "type": "Secondary",
@ -46,14 +76,38 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lg:lg_led_assistant:2.1.45:*:*:*:*:*:*:*",
"matchCriteriaId": "01BF17A2-A252-43A4-867B-64380FFC9A92"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://lgsecurity.lge.com/bulletins/idproducts#updateDetails", "url": "https://lgsecurity.lge.com/bulletins/idproducts#updateDetails",
"source": "product.security@lge.com" "source": "product.security@lge.com",
"tags": [
"Vendor Advisory"
]
}, },
{ {
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1221/", "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1221/",
"source": "product.security@lge.com" "source": "product.security@lge.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
} }
] ]
} }

62
CVE-2023/CVE-2023-46xx/CVE-2023-4614.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4614", "id": "CVE-2023-4614",
"sourceIdentifier": "product.security@lge.com", "sourceIdentifier": "product.security@lge.com",
"published": "2023-09-04T11:15:41.560", "published": "2023-09-04T11:15:41.560",
"lastModified": "2023-09-05T06:50:39.603", "lastModified": "2023-09-08T14:14:50.043",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{ {
"source": "product.security@lge.com", "source": "product.security@lge.com",
"type": "Secondary", "type": "Secondary",
@ -35,6 +55,16 @@
] ]
}, },
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
},
{ {
"source": "product.security@lge.com", "source": "product.security@lge.com",
"type": "Secondary", "type": "Secondary",
@ -46,14 +76,38 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lg:lg_led_assistant:2.1.45:*:*:*:*:*:*:*",
"matchCriteriaId": "01BF17A2-A252-43A4-867B-64380FFC9A92"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://lgsecurity.lge.com/bulletins/idproducts#updateDetails", "url": "https://lgsecurity.lge.com/bulletins/idproducts#updateDetails",
"source": "product.security@lge.com" "source": "product.security@lge.com",
"tags": [
"Vendor Advisory"
]
}, },
{ {
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1222/", "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1222/",
"source": "product.security@lge.com" "source": "product.security@lge.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
} }
] ]
} }

62
CVE-2023/CVE-2023-46xx/CVE-2023-4615.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4615", "id": "CVE-2023-4615",
"sourceIdentifier": "product.security@lge.com", "sourceIdentifier": "product.security@lge.com",
"published": "2023-09-04T11:15:41.657", "published": "2023-09-04T11:15:41.657",
"lastModified": "2023-09-05T06:50:39.603", "lastModified": "2023-09-08T14:14:45.633",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{ {
"source": "product.security@lge.com", "source": "product.security@lge.com",
"type": "Secondary", "type": "Secondary",
@ -35,6 +55,16 @@
] ]
}, },
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
},
{ {
"source": "product.security@lge.com", "source": "product.security@lge.com",
"type": "Secondary", "type": "Secondary",
@ -46,14 +76,38 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lg:lg_led_assistant:2.1.45:*:*:*:*:*:*:*",
"matchCriteriaId": "01BF17A2-A252-43A4-867B-64380FFC9A92"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://lgsecurity.lge.com/bulletins/idproducts#updateDetails", "url": "https://lgsecurity.lge.com/bulletins/idproducts#updateDetails",
"source": "product.security@lge.com" "source": "product.security@lge.com",
"tags": [
"Vendor Advisory"
]
}, },
{ {
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1224/", "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1224/",
"source": "product.security@lge.com" "source": "product.security@lge.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
} }
] ]
} }

62
CVE-2023/CVE-2023-46xx/CVE-2023-4616.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4616", "id": "CVE-2023-4616",
"sourceIdentifier": "product.security@lge.com", "sourceIdentifier": "product.security@lge.com",
"published": "2023-09-04T11:15:41.747", "published": "2023-09-04T11:15:41.747",
"lastModified": "2023-09-05T06:50:39.603", "lastModified": "2023-09-08T14:14:22.880",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{ {
"source": "product.security@lge.com", "source": "product.security@lge.com",
"type": "Secondary", "type": "Secondary",
@ -35,6 +55,16 @@
] ]
}, },
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
},
{ {
"source": "product.security@lge.com", "source": "product.security@lge.com",
"type": "Secondary", "type": "Secondary",
@ -46,14 +76,38 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lg:lg_led_assistant:2.1.45:*:*:*:*:*:*:*",
"matchCriteriaId": "01BF17A2-A252-43A4-867B-64380FFC9A92"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://lgsecurity.lge.com/bulletins/idproducts#updateDetails", "url": "https://lgsecurity.lge.com/bulletins/idproducts#updateDetails",
"source": "product.security@lge.com" "source": "product.security@lge.com",
"tags": [
"Vendor Advisory"
]
}, },
{ {
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1223/", "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1223/",
"source": "product.security@lge.com" "source": "product.security@lge.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
} }
] ]
} }

76
CVE-2023/CVE-2023-47xx/CVE-2023-4733.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4733", "id": "CVE-2023-4733",
"sourceIdentifier": "security@huntr.dev", "sourceIdentifier": "security@huntr.dev",
"published": "2023-09-04T14:15:07.563", "published": "2023-09-04T14:15:07.563",
"lastModified": "2023-09-07T03:15:08.517", "lastModified": "2023-09-08T14:06:13.627",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -11,6 +11,28 @@
} }
], ],
"metrics": { "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [ "cvssMetricV30": [
{ {
"source": "security@huntr.dev", "source": "security@huntr.dev",
@ -46,18 +68,62 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vim:vim:*:*:*:*:*:*:*:*",
"versionEndExcluding": "9.0.1840",
"matchCriteriaId": "3665420B-1EB9-4491-903B-1822D5FD0E8A"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/vim/vim/commit/e1dc9a627536304bc4f738c21e909ad9fcf3974c", "url": "https://github.com/vim/vim/commit/e1dc9a627536304bc4f738c21e909ad9fcf3974c",
"source": "security@huntr.dev" "source": "security@huntr.dev",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://huntr.dev/bounties/1ce1fd8c-050a-4373-8004-b35b61590217", "url": "https://huntr.dev/bounties/1ce1fd8c-050a-4373-8004-b35b61590217",
"source": "security@huntr.dev" "source": "security@huntr.dev",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
]
}, },
{ {
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ITRVK4FB74RZDIGTZJXOZMUW6X6F4TNF/", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ITRVK4FB74RZDIGTZJXOZMUW6X6F4TNF/",
"source": "security@huntr.dev" "source": "security@huntr.dev",
"tags": [
"Mailing List"
]
} }
] ]
} }

56
CVE-2023/CVE-2023-47xx/CVE-2023-4734.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4734", "id": "CVE-2023-4734",
"sourceIdentifier": "security@huntr.dev", "sourceIdentifier": "security@huntr.dev",
"published": "2023-09-02T18:15:17.127", "published": "2023-09-02T18:15:17.127",
"lastModified": "2023-09-04T00:06:16.703", "lastModified": "2023-09-08T15:22:57.160",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -11,6 +11,28 @@
} }
], ],
"metrics": { "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [ "cvssMetricV30": [
{ {
"source": "security@huntr.dev", "source": "security@huntr.dev",
@ -46,14 +68,40 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vim:vim:*:*:*:*:*:*:*:*",
"versionEndExcluding": "9.0.1846",
"matchCriteriaId": "CD174B25-7E00-4526-BFAB-ABD283C72975"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/vim/vim/commit/4c6fe2e2ea62469642ed1d80b16d39e616b25cf5", "url": "https://github.com/vim/vim/commit/4c6fe2e2ea62469642ed1d80b16d39e616b25cf5",
"source": "security@huntr.dev" "source": "security@huntr.dev",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://huntr.dev/bounties/688e4382-d2b6-439a-a54e-484780f82217", "url": "https://huntr.dev/bounties/688e4382-d2b6-439a-a54e-484780f82217",
"source": "security@huntr.dev" "source": "security@huntr.dev",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
]
} }
] ]
} }

56
CVE-2023/CVE-2023-47xx/CVE-2023-4735.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4735", "id": "CVE-2023-4735",
"sourceIdentifier": "security@huntr.dev", "sourceIdentifier": "security@huntr.dev",
"published": "2023-09-02T18:15:20.637", "published": "2023-09-02T18:15:20.637",
"lastModified": "2023-09-04T00:06:16.703", "lastModified": "2023-09-08T15:28:23.527",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -11,6 +11,28 @@
} }
], ],
"metrics": { "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [ "cvssMetricV30": [
{ {
"source": "security@huntr.dev", "source": "security@huntr.dev",
@ -46,14 +68,40 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vim:vim:*:*:*:*:*:*:*:*",
"versionEndExcluding": "9.0.1847",
"matchCriteriaId": "C575EAB5-D4CF-4D7A-A401-71646E52859A"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/vim/vim/commit/889f6af37164775192e33b233a90e86fd3df0f57", "url": "https://github.com/vim/vim/commit/889f6af37164775192e33b233a90e86fd3df0f57",
"source": "security@huntr.dev" "source": "security@huntr.dev",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://huntr.dev/bounties/fc83bde3-f621-42bd-aecb-8c1ae44cba51", "url": "https://huntr.dev/bounties/fc83bde3-f621-42bd-aecb-8c1ae44cba51",
"source": "security@huntr.dev" "source": "security@huntr.dev",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
]
} }
] ]
} }

56
CVE-2023/CVE-2023-47xx/CVE-2023-4738.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4738", "id": "CVE-2023-4738",
"sourceIdentifier": "security@huntr.dev", "sourceIdentifier": "security@huntr.dev",
"published": "2023-09-02T20:15:07.413", "published": "2023-09-02T20:15:07.413",
"lastModified": "2023-09-04T00:06:16.703", "lastModified": "2023-09-08T14:46:27.187",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -11,6 +11,28 @@
} }
], ],
"metrics": { "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [ "cvssMetricV30": [
{ {
"source": "security@huntr.dev", "source": "security@huntr.dev",
@ -46,14 +68,40 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vim:vim:*:*:*:*:*:*:*:*",
"versionEndExcluding": "9.0.1848",
"matchCriteriaId": "D21B674E-FE7C-4CB1-A184-E199A2515CF0"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/vim/vim/commit/ced2c7394aafdc90fb7845e09b3a3fee23d48cb1", "url": "https://github.com/vim/vim/commit/ced2c7394aafdc90fb7845e09b3a3fee23d48cb1",
"source": "security@huntr.dev" "source": "security@huntr.dev",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://huntr.dev/bounties/9fc7dced-a7bb-4479-9718-f956df20f612", "url": "https://huntr.dev/bounties/9fc7dced-a7bb-4479-9718-f956df20f612",
"source": "security@huntr.dev" "source": "security@huntr.dev",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
]
} }
] ]
} }

95
CVE-2023/CVE-2023-47xx/CVE-2023-4761.json
View File

@ -2,27 +2,110 @@
"id": "CVE-2023-4761", "id": "CVE-2023-4761",
"sourceIdentifier": "chrome-cve-admin@google.com", "sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-09-05T22:15:09.583", "published": "2023-09-05T22:15:09.583",
"lastModified": "2023-09-08T04:15:10.137", "lastModified": "2023-09-08T15:45:15.787",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Out of bounds memory access in FedCM in Google Chrome prior to 116.0.5845.179 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High)" "value": "Out of bounds memory access in FedCM in Google Chrome prior to 116.0.5845.179 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High)"
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding": "116.0.5845.179",
"matchCriteriaId": "8DA933DC-9C49-43BA-B462-A3DBFF8387F2"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "46D69DCC-AE4D-4EA5-861C-D60951444C6C"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop.html",
"source": "chrome-cve-admin@google.com" "source": "chrome-cve-admin@google.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}, },
{ {
"url": "https://crbug.com/1476403", "url": "https://crbug.com/1476403",
"source": "chrome-cve-admin@google.com" "source": "chrome-cve-admin@google.com",
"tags": [
"Permissions Required"
]
}, },
{ {
"url": "https://www.debian.org/security/2023/dsa-5491", "url": "https://www.debian.org/security/2023/dsa-5491",
"source": "chrome-cve-admin@google.com" "source": "chrome-cve-admin@google.com",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

56
CVE-2023/CVE-2023-47xx/CVE-2023-4781.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4781", "id": "CVE-2023-4781",
"sourceIdentifier": "security@huntr.dev", "sourceIdentifier": "security@huntr.dev",
"published": "2023-09-05T19:15:49.207", "published": "2023-09-05T19:15:49.207",
"lastModified": "2023-09-07T01:10:21.083", "lastModified": "2023-09-08T14:15:32.177",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -11,6 +11,28 @@
} }
], ],
"metrics": { "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [ "cvssMetricV30": [
{ {
"source": "security@huntr.dev", "source": "security@huntr.dev",
@ -46,14 +68,40 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vim:vim:*:*:*:*:*:*:*:*",
"versionEndExcluding": "9.0.1873",
"matchCriteriaId": "804D6AB3-048C-483C-B38A-48A8A9104D3A"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/vim/vim/commit/f6d28fe2c95c678cc3202cc5dc825a3fcc709e93", "url": "https://github.com/vim/vim/commit/f6d28fe2c95c678cc3202cc5dc825a3fcc709e93",
"source": "security@huntr.dev" "source": "security@huntr.dev",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://huntr.dev/bounties/c867eb0a-aa8b-4946-a621-510350673883", "url": "https://huntr.dev/bounties/c867eb0a-aa8b-4946-a621-510350673883",
"source": "security@huntr.dev" "source": "security@huntr.dev",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
]
} }
] ]
} }

6
CVE-2023/CVE-2023-48xx/CVE-2023-4807.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-4807", "id": "CVE-2023-4807",
"sourceIdentifier": "openssl-security@openssl.org", "sourceIdentifier": "openssl-security@openssl.org",
"published": "2023-09-08T12:15:08.043", "published": "2023-09-08T12:15:08.043",
"lastModified": "2023-09-08T12:58:39.247", "lastModified": "2023-09-08T15:15:32.203",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
@ -12,6 +12,10 @@
], ],
"metrics": {}, "metrics": {},
"references": [ "references": [
{
"url": "http://www.openwall.com/lists/oss-security/2023/09/08/1",
"source": "openssl-security@openssl.org"
},
{ {
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=4bfac4471f53c4f74c8d81020beb938f92d84ca5", "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=4bfac4471f53c4f74c8d81020beb938f92d84ca5",
"source": "openssl-security@openssl.org" "source": "openssl-security@openssl.org"

65
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update ### Last Repository Update
```plain ```plain
2023-09-08T14:00:25.474966+00:00 2023-09-08T16:00:25.175102+00:00
``` ```
### Most recent CVE Modification Timestamp synchronized with NVD ### Most recent CVE Modification Timestamp synchronized with NVD
```plain ```plain
2023-09-08T13:59:58.123000+00:00 2023-09-08T15:52:10.390000+00:00
``` ```
### Last Data Feed Release ### Last Data Feed Release
@ -29,48 +29,45 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs ### Total Number of included CVEs
```plain ```plain
224511 224512
``` ```
### CVEs added in the last Commit ### CVEs added in the last Commit
Recently added CVEs: `4` Recently added CVEs: `1`
* [CVE-2023-4807](CVE-2023/CVE-2023-48xx/CVE-2023-4807.json) (`2023-09-08T12:15:08.043`) * [CVE-2023-39676](CVE-2023/CVE-2023-396xx/CVE-2023-39676.json) (`2023-09-08T14:15:11.293`)
* [CVE-2023-39076](CVE-2023/CVE-2023-390xx/CVE-2023-39076.json) (`2023-09-08T13:15:07.827`)
* [CVE-2023-39584](CVE-2023/CVE-2023-395xx/CVE-2023-39584.json) (`2023-09-08T13:15:07.990`)
* [CVE-2023-40924](CVE-2023/CVE-2023-409xx/CVE-2023-40924.json) (`2023-09-08T13:15:08.127`)
### CVEs modified in the last Commit ### CVEs modified in the last Commit
Recently modified CVEs: `41` Recently modified CVEs: `55`
* [CVE-2023-40353](CVE-2023/CVE-2023-403xx/CVE-2023-40353.json) (`2023-09-08T12:58:39.247`) * [CVE-2023-38387](CVE-2023/CVE-2023-383xx/CVE-2023-38387.json) (`2023-09-08T14:39:10.543`)
* [CVE-2023-40953](CVE-2023/CVE-2023-409xx/CVE-2023-40953.json) (`2023-09-08T12:58:39.247`) * [CVE-2023-38476](CVE-2023/CVE-2023-384xx/CVE-2023-38476.json) (`2023-09-08T14:40:43.120`)
* [CVE-2023-41594](CVE-2023/CVE-2023-415xx/CVE-2023-41594.json) (`2023-09-08T12:58:39.247`) * [CVE-2023-4738](CVE-2023/CVE-2023-47xx/CVE-2023-4738.json) (`2023-09-08T14:46:27.187`)
* [CVE-2023-41615](CVE-2023/CVE-2023-416xx/CVE-2023-41615.json) (`2023-09-08T12:58:39.247`) * [CVE-2023-38482](CVE-2023/CVE-2023-384xx/CVE-2023-38482.json) (`2023-09-08T14:53:41.653`)
* [CVE-2023-32470](CVE-2023/CVE-2023-324xx/CVE-2023-32470.json) (`2023-09-08T12:58:39.247`) * [CVE-2023-38516](CVE-2023/CVE-2023-385xx/CVE-2023-38516.json) (`2023-09-08T14:59:31.500`)
* [CVE-2023-34041](CVE-2023/CVE-2023-340xx/CVE-2023-34041.json) (`2023-09-08T12:58:39.247`) * [CVE-2023-38517](CVE-2023/CVE-2023-385xx/CVE-2023-38517.json) (`2023-09-08T15:07:40.147`)
* [CVE-2023-41775](CVE-2023/CVE-2023-417xx/CVE-2023-41775.json) (`2023-09-08T12:58:39.247`) * [CVE-2023-4807](CVE-2023/CVE-2023-48xx/CVE-2023-4807.json) (`2023-09-08T15:15:32.203`)
* [CVE-2023-4777](CVE-2023/CVE-2023-47xx/CVE-2023-4777.json) (`2023-09-08T12:58:39.247`) * [CVE-2023-4734](CVE-2023/CVE-2023-47xx/CVE-2023-4734.json) (`2023-09-08T15:22:57.160`)
* [CVE-2023-30908](CVE-2023/CVE-2023-309xx/CVE-2023-30908.json) (`2023-09-08T12:58:44.673`) * [CVE-2023-4735](CVE-2023/CVE-2023-47xx/CVE-2023-4735.json) (`2023-09-08T15:28:23.527`)
* [CVE-2023-41161](CVE-2023/CVE-2023-411xx/CVE-2023-41161.json) (`2023-09-08T12:58:44.673`) * [CVE-2023-32379](CVE-2023/CVE-2023-323xx/CVE-2023-32379.json) (`2023-09-08T15:29:33.913`)
* [CVE-2023-41646](CVE-2023/CVE-2023-416xx/CVE-2023-41646.json) (`2023-09-08T12:58:44.673`) * [CVE-2023-28195](CVE-2023/CVE-2023-281xx/CVE-2023-28195.json) (`2023-09-08T15:43:22.570`)
* [CVE-2023-40029](CVE-2023/CVE-2023-400xx/CVE-2023-40029.json) (`2023-09-08T12:58:44.673`) * [CVE-2023-28210](CVE-2023/CVE-2023-282xx/CVE-2023-28210.json) (`2023-09-08T15:43:35.903`)
* [CVE-2023-40584](CVE-2023/CVE-2023-405xx/CVE-2023-40584.json) (`2023-09-08T12:58:44.673`) * [CVE-2023-28211](CVE-2023/CVE-2023-282xx/CVE-2023-28211.json) (`2023-09-08T15:43:43.790`)
* [CVE-2023-38836](CVE-2023/CVE-2023-388xx/CVE-2023-38836.json) (`2023-09-08T13:15:07.563`) * [CVE-2023-28212](CVE-2023/CVE-2023-282xx/CVE-2023-28212.json) (`2023-09-08T15:43:54.463`)
* [CVE-2023-39982](CVE-2023/CVE-2023-399xx/CVE-2023-39982.json) (`2023-09-08T13:23:36.153`) * [CVE-2023-28213](CVE-2023/CVE-2023-282xx/CVE-2023-28213.json) (`2023-09-08T15:44:03.280`)
* [CVE-2023-4752](CVE-2023/CVE-2023-47xx/CVE-2023-4752.json) (`2023-09-08T13:24:52.210`) * [CVE-2023-28214](CVE-2023/CVE-2023-282xx/CVE-2023-28214.json) (`2023-09-08T15:44:10.947`)
* [CVE-2023-41054](CVE-2023/CVE-2023-410xx/CVE-2023-41054.json) (`2023-09-08T13:39:44.417`) * [CVE-2023-28215](CVE-2023/CVE-2023-282xx/CVE-2023-28215.json) (`2023-09-08T15:44:21.330`)
* [CVE-2023-4740](CVE-2023/CVE-2023-47xx/CVE-2023-4740.json) (`2023-09-08T13:51:18.927`) * [CVE-2023-29166](CVE-2023/CVE-2023-291xx/CVE-2023-29166.json) (`2023-09-08T15:44:32.397`)
* [CVE-2023-4742](CVE-2023/CVE-2023-47xx/CVE-2023-4742.json) (`2023-09-08T13:54:08.653`) * [CVE-2023-4761](CVE-2023/CVE-2023-47xx/CVE-2023-4761.json) (`2023-09-08T15:45:15.787`)
* [CVE-2023-4741](CVE-2023/CVE-2023-47xx/CVE-2023-4741.json) (`2023-09-08T13:54:42.737`) * [CVE-2023-27950](CVE-2023/CVE-2023-279xx/CVE-2023-27950.json) (`2023-09-08T15:48:43.720`)
* [CVE-2023-41266](CVE-2023/CVE-2023-412xx/CVE-2023-41266.json) (`2023-09-08T13:57:32.727`) * [CVE-2023-28187](CVE-2023/CVE-2023-281xx/CVE-2023-28187.json) (`2023-09-08T15:51:19.097`)
* [CVE-2023-40015](CVE-2023/CVE-2023-400xx/CVE-2023-40015.json) (`2023-09-08T13:58:23.860`) * [CVE-2023-28188](CVE-2023/CVE-2023-281xx/CVE-2023-28188.json) (`2023-09-08T15:51:29.287`)
* [CVE-2023-28072](CVE-2023/CVE-2023-280xx/CVE-2023-28072.json) (`2023-09-08T13:58:40.990`) * [CVE-2023-32362](CVE-2023/CVE-2023-323xx/CVE-2023-32362.json) (`2023-09-08T15:51:50.657`)
* [CVE-2023-4750](CVE-2023/CVE-2023-47xx/CVE-2023-4750.json) (`2023-09-08T13:59:22.443`) * [CVE-2023-32370](CVE-2023/CVE-2023-323xx/CVE-2023-32370.json) (`2023-09-08T15:52:01.343`)
* [CVE-2023-41265](CVE-2023/CVE-2023-412xx/CVE-2023-41265.json) (`2023-09-08T13:59:58.123`) * [CVE-2023-32356](CVE-2023/CVE-2023-323xx/CVE-2023-32356.json) (`2023-09-08T15:52:10.390`)
## Download and Usage ## Download and Usage