admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-06-14T22:00:25.798937+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-06-14 22:00:29 +00:00
parent 1e9df8cf8d
commit 5cb5cffc41
30 changed files with 1201 additions and 123 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

64
CVE-2023/CVE-2023-02xx/CVE-2023-0292.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-0292",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-06-09T06:15:49.860",
"lastModified": "2023-06-09T13:03:43.237",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-14T20:33:30.690",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -46,22 +66,54 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:expresstech:quiz_and_survey_master:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "8.0.8",
"matchCriteriaId": "7A6249D5-44F4-4955-91EF-BF8E1D327BD2"
}
]
}
]
}
],
"references": [
{
"url": "https://packetstormsecurity.com/files/171011/wpqsm808-xsrf.txt",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/2834471/quiz-master-next",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://wordpress.org/plugins/quiz-master-next/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c75e6d27-7f6b-4bec-b653-c2024504f427?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

57
CVE-2023/CVE-2023-06xx/CVE-2023-0688.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-0688",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-06-09T06:15:50.387",
"lastModified": "2023-06-09T13:03:43.237",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-14T20:25:54.320",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -46,18 +66,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpmet:metform_elementor_contact_form_builder:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "3.3.1",
"matchCriteriaId": "22EE9B5A-DBD2-49A0-92E8-F69359E40B3C"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/metform/trunk/base/shortcode.php?rev=2845078",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/2910040/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/81fc41a4-9206-404c-bd5b-821c77ff3593?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

57
CVE-2023/CVE-2023-06xx/CVE-2023-0691.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-0691",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-06-09T06:15:50.707",
"lastModified": "2023-06-09T13:03:43.237",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-14T20:21:14.983",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -46,18 +66,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpmet:metform_elementor_contact_form_builder:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "3.3.1",
"matchCriteriaId": "22EE9B5A-DBD2-49A0-92E8-F69359E40B3C"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/metform/trunk/base/shortcode.php?rev=2845078",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/2910040/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8fc4b815-dc05-4270-bf7a-3b01622739d7?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

57
CVE-2023/CVE-2023-06xx/CVE-2023-0693.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-0693",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-06-09T06:15:51.483",
"lastModified": "2023-06-09T13:03:43.237",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-14T20:19:12.043",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -46,18 +66,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpmet:metform_elementor_contact_form_builder:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "3.3.1",
"matchCriteriaId": "22EE9B5A-DBD2-49A0-92E8-F69359E40B3C"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/metform/trunk/base/shortcode.php?rev=2845078",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/2910040/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1f33a8db-7cd0-4a53-b2c1-cd5b7cd16214?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

57
CVE-2023/CVE-2023-06xx/CVE-2023-0694.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-0694",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-06-09T06:15:51.780",
"lastModified": "2023-06-09T13:03:43.237",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-14T20:16:49.710",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -46,18 +66,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpmet:metform_elementor_contact_form_builder:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "3.3.1",
"matchCriteriaId": "22EE9B5A-DBD2-49A0-92E8-F69359E40B3C"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/metform/trunk/base/shortcode.php?rev=2845078",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/2910040/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1a8b194c-371f-4adc-98fa-8f4e47a38ee7?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

57
CVE-2023/CVE-2023-09xx/CVE-2023-0993.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-0993",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-06-09T06:15:55.063",
"lastModified": "2023-06-09T13:03:43.237",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-14T20:44:32.200",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -46,18 +66,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:getshieldsecurity:shield_security:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "17.0.17",
"matchCriteriaId": "26C21257-912C-4614-927D-680366EFE994"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=2883864%40wp-simple-firewall%2Ftrunk&old=2883536%40wp-simple-firewall%2Ftrunk&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://wordpress.org/plugins/wp-simple-firewall/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/674461ad-9b61-48c4-af2a-5dfcaeb38215?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

52
CVE-2023/CVE-2023-10xx/CVE-2023-1016.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-1016",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-06-09T06:15:55.447",
"lastModified": "2023-06-09T13:03:43.237",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-14T20:36:18.430",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -46,14 +66,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hijiriworld:intuitive_custom_post_order:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "3.1.3",
"matchCriteriaId": "6C5E8F63-AAA0-45E9-BF0A-04797B1C9F78"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/intuitive-custom-post-order/trunk/intuitive-custom-post-order.php?rev=2530122",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/dc878508-200d-4bc7-aa99-c34e63cba4b3?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

57
CVE-2023/CVE-2023-11xx/CVE-2023-1169.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-1169",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-06-09T06:15:55.873",
"lastModified": "2023-06-09T13:03:43.237",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-14T20:17:58.803",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -46,18 +66,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ooohboi_steroids_for_elementor_project:ooohboi_steroids_for_elementor:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.1.4",
"matchCriteriaId": "02A7660E-A693-494D-BEB8-B68E5DE52DAD"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/ooohboi-steroids-for-elementor/tags/2.1.3/inc/exopite-simple-options/upload-class.php",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/2888622/ooohboi-steroids-for-elementor/tags/2.1.5/inc/exopite-simple-options/upload-class.php?old=2874981&old_path=ooohboi-steroids-for-elementor%2Ftags%2F2.1.4%2Finc%2Fexopite-simple-options%2Fupload-class.php",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c56ed896-9267-49e6-a207-fe5362fe18cd?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

20
CVE-2023/CVE-2023-13xx/CVE-2023-1329.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-1329",
"sourceIdentifier": "hp-security-alert@hp.com",
"published": "2023-06-14T21:15:09.340",
"lastModified": "2023-06-14T21:27:19.783",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A potential security vulnerability has been identified for certain HP multifunction printers (MFPs). The vulnerability may lead to Buffer Overflow and/or Remote Code Execution when running HP Workpath solutions on potentially affected products."
}
],
"metrics": {},
"references": [
{
"url": "https://support.hp.com/us-en/document/ish_8585737-8585769-16/hpsbpi03849",
"source": "hp-security-alert@hp.com"
}
]
}

30
CVE-2023/CVE-2023-17xx/CVE-2023-1709.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-1709",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2023-06-07T21:15:12.933",
"lastModified": "2023-06-14T19:14:50.197",
"vulnStatus": "Analyzed",
"lastModified": "2023-06-14T21:15:09.390",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "The APDFL.dll contains a memory corruption vulnerability while parsing \nspecially crafted PDF files. This could allow an attacker to execute \ncode in the context of the current process. \n\n"
"value": "\nDatalogics Library APDFLThe v18.0.4PlusP1e and prior contains a stack-based buffer overflow due to documents containing corrupted fonts, which could allow an attack that causes an unhandled crash during the rendering process.\n\n \n\n"
}
],
"metrics": {
@ -37,41 +37,41 @@
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"source": "ics-cert@hq.dhs.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
"value": "CWE-121"
}
]
},
{
"source": "ics-cert@hq.dhs.gov",
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-121"
"value": "CWE-787"
}
]
}
@ -145,6 +145,10 @@
"Third Party Advisory",
"US Government Resource"
]
},
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-164-01",
"source": "ics-cert@hq.dhs.gov"
}
]
}

57
CVE-2023/CVE-2023-20xx/CVE-2023-2083.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2083",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-06-09T06:16:02.497",
"lastModified": "2023-06-09T13:03:33.953",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-14T21:00:43.850",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -46,18 +66,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpdeveloper:essential_blocks:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "4.0.6",
"matchCriteriaId": "4070A2EB-50FC-4519-BD3E-A09DA3059E27"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/essential-blocks/tags/4.0.6/includes/Admin/Admin.php",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=2900595%40essential-blocks%2Ftrunk&old=2900029%40essential-blocks%2Ftrunk&sfp_email=&sfph_mail=#file2",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f8bf0933-1c97-4374-b323-c55b91fe4d27?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

52
CVE-2023/CVE-2023-20xx/CVE-2023-2084.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2084",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-06-09T06:16:02.727",
"lastModified": "2023-06-09T13:03:33.953",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-14T21:00:00.970",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -46,14 +66,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpdeveloper:essential_blocks:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "4.0.6",
"matchCriteriaId": "4070A2EB-50FC-4519-BD3E-A09DA3059E27"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/essential-blocks/tags/4.0.6/includes/Admin/Admin.php",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/0be8c668-0f1c-4f83-8a71-49c8bb9b67ae?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

57
CVE-2023/CVE-2023-20xx/CVE-2023-2085.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2085",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-06-09T06:16:03.203",
"lastModified": "2023-06-09T13:03:33.953",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-14T20:59:30.477",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -46,18 +66,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpdeveloper:essential_blocks:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "4.0.6",
"matchCriteriaId": "4070A2EB-50FC-4519-BD3E-A09DA3059E27"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/essential-blocks/tags/4.0.6/includes/Admin/Admin.php",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=2900595%40essential-blocks%2Ftrunk&old=2900029%40essential-blocks%2Ftrunk&sfp_email=&sfph_mail=#file2",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ad2c1ab6-5c78-4317-b5e7-c86e2eebeb4f?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

57
CVE-2023/CVE-2023-20xx/CVE-2023-2086.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2086",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-06-09T06:16:03.550",
"lastModified": "2023-06-09T13:03:33.953",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-14T20:58:29.057",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -46,18 +66,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpdeveloper:essential_blocks:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "4.0.6",
"matchCriteriaId": "4070A2EB-50FC-4519-BD3E-A09DA3059E27"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/essential-blocks/tags/4.0.6/includes/Admin/Admin.php",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=2900595%40essential-blocks%2Ftrunk&old=2900029%40essential-blocks%2Ftrunk&sfp_email=&sfph_mail=#file2",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/9efc782a-ec61-4741-81fd-a263a2739e16?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

20
CVE-2023/CVE-2023-253xx/CVE-2023-25368.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-25368",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-14T20:15:09.240",
"lastModified": "2023-06-14T21:27:19.783",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Siglent SDS 1104X-E SDS1xx4X-E_V6.1.37R9.ADS is vulnerable to Incorrect Access Control. An unauthenticated attacker can overwrite firmnware."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/BretMcDanel/CVE/blob/main/CVE-2023-25368.md",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-253xx/CVE-2023-25369.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-25369",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-14T20:15:09.290",
"lastModified": "2023-06-14T21:27:19.783",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Siglent SDS 1104X-E SDS1xx4X-E_V6.1.37R9.ADS is vulnerable to Denial of Service on the user interface triggered by malformed SCPI command."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/BretMcDanel/CVE/blob/main/CVE-2023-25369.md",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-254xx/CVE-2023-25434.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-25434",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-14T20:15:09.337",
"lastModified": "2023-06-14T21:27:19.783",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "libtiff 4.5.0 is vulnerable to Buffer Overflow via extractContigSamplesBytes() at /libtiff/tools/tiffcrop.c:3215."
}
],
"metrics": {},
"references": [
{
"url": "https://gitlab.com/libtiff/libtiff/-/issues/519",
"source": "cve@mitre.org"
}
]
}

47
CVE-2023/CVE-2023-260xx/CVE-2023-26062.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2023-26062",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-14T20:15:09.383",
"lastModified": "2023-06-14T21:27:19.783",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A mobile network solution internal fault is found in Nokia Web Element Manager before 22 R1, in which an authenticated, unprivileged user can execute administrative functions. Exploitation is not possible from outside of mobile network solution architecture. This means that exploit is not possible from mobile network user UEs, from roaming networks, or from the Internet. Exploitation is possible only from a CSP (Communication Service Provider) mobile network solution internal BTS management network."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@mitre.org",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://nokia.com",
"source": "cve@mitre.org"
},
{
"url": "https://www.nokia.com/about-us/security-and-privacy/product-security-advisory/cve-2023-26062/",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-269xx/CVE-2023-26965.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-26965",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-14T21:15:09.483",
"lastModified": "2023-06-14T21:27:19.783",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "loadImage() in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based use after free via a crafted TIFF image."
}
],
"metrics": {},
"references": [
{
"url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/472",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-300xx/CVE-2023-30082.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-30082",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-14T20:15:09.453",
"lastModified": "2023-06-14T21:27:19.783",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A denial of service attack might be launched against the server if an unusually lengthy password (more than 10000000 characters) is supplied using the osTicket application. This can cause the website to go down or stop responding. When a long password is entered, this procedure will consume all available CPU and memory."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/manavparekh/CVEs/blob/main/CVE-2023-30082/Steps%20to%20reproduce.txt",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-301xx/CVE-2023-30150.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-30150",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-14T21:15:09.557",
"lastModified": "2023-06-14T21:27:19.783",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "PrestaShop leocustomajax 1.0 and 1.0.0 are vulnerable to SQL Injection via modules/leocustomajax/leoajax.php."
}
],
"metrics": {},
"references": [
{
"url": "https://friends-of-presta.github.io/security-advisories/module/2023/06/06/leocustomajax.html",
"source": "cve@mitre.org"
}
]
}

32
CVE-2023/CVE-2023-317xx/CVE-2023-31746.json Normal file
View File

@ -0,0 +1,32 @@
{
"id": "CVE-2023-31746",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-14T21:15:09.610",
"lastModified": "2023-06-14T21:27:19.783",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "There is a command injection vulnerability in the adslr VW2100 router with firmware version M1DV1.0. An unauthenticated attacker can exploit the vulnerability to execute system commands as the root user."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/D2y6p/CVE/blob/main/adslr/CVE-2023-31746/1/VW2100_RCE1.pdf",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/D2y6p/CVE/blob/main/adslr/CVE-2023-31746/2/VW2100_RCE2.pdf",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/D2y6p/CVE/blob/main/adslr/CVE-2023-31746/3/VW2100_RCE3.pdf",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/D2y6p/CVE/blob/main/adslr/CVE-2023-31746/4/VW2100_RCE4.pdf",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-335xx/CVE-2023-33515.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-33515",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-14T21:15:09.663",
"lastModified": "2023-06-14T21:27:19.783",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "SoftExpert Excellence Suite 2.1.9 is vulnerable to Cross Site Scripting (XSS) via query screens."
}
],
"metrics": {},
"references": [
{
"url": "https://medium.com/@williamamorim256/stored-xss-found-in-se-suite-version-2-1-9-understanding-and-addressing-the-issue-cve-2023-33515-d59990eac324",
"source": "cve@mitre.org"
}
]
}

162
CVE-2023/CVE-2023-335xx/CVE-2023-33533.json
View File

@ -2,23 +2,175 @@
"id": "CVE-2023-33533",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-06T14:15:12.817",
"lastModified": "2023-06-06T18:34:03.700",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-14T20:41:17.157",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Netgear D6220 with Firmware Version 1.0.0.80, D8500 with Firmware Version 1.0.3.60, R6700 with Firmware Version 1.0.2.26, and R6900 with Firmware Version 1.0.2.26 are vulnerable to Command Injection. If an attacker gains web management privileges, they can inject commands into the post request parameters, gaining shell privileges."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:netgear:d6220_firmware:1.0.0.80:*:*:*:*:*:*:*",
"matchCriteriaId": "32BE1127-F7D5-42BB-A401-152C70EAF960"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:netgear:d6220:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F3EEA190-2E9C-4586-BF81-B115532FBA23"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:netgear:d8500_firmware:1.0.3.60:*:*:*:*:*:*:*",
"matchCriteriaId": "43D0A535-BDF6-45D0-A172-6315CF579670"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:netgear:d8500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "814A0114-9A1D-4EA0-9AF4-6968514E4F01"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:netgear:r6700_firmware:1.0.2.26:*:*:*:*:*:*:*",
"matchCriteriaId": "A1F6AE91-D067-429D-98C3-3BEDB24EB57C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:netgear:r6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21B27F11-4262-4CE1-8107-B365A7C152F2"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:netgear:r6900_firmware:1.0.2.26:*:*:*:*:*:*:*",
"matchCriteriaId": "D03CEC5D-BA2E-4690-A56F-CAB9125C2313"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:netgear:r6900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0794BB7C-1BCF-4F08-8EB2-9C3B150C105A"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/D2y6p/CVE/blob/main/Netgear/CVE-2023-33533/Netgear_RCE.pdf",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://www.netgear.com/about/security/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
}
]
}

6
CVE-2023/CVE-2023-340xx/CVE-2023-34095.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-34095",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-06-14T17:15:09.243",
"lastModified": "2023-06-14T18:20:18.790",
"lastModified": "2023-06-14T21:15:09.707",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -47,6 +47,10 @@
}
],
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2023/06/14/7",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/OpenPrinting/cpdb-libs/blob/85555fba64d34f53a2fce099b0488904cc48ed35/cpdb/cpdb-frontend.c#L372",
"source": "security-advisories@github.com"

28
CVE-2023/CVE-2023-343xx/CVE-2023-34367.json Normal file
View File

@ -0,0 +1,28 @@
{
"id": "CVE-2023-34367",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-14T20:15:09.510",
"lastModified": "2023-06-14T21:27:19.783",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Windows 7 is vulnerable to a full blind TCP/IP hijacking attack. The vulnerability exists in Windows 7 (any Windows until Windows 8) and in any implementation of TCP/IP, which is vulnerable to the Idle scan attack (including many IoT devices). NOTE: The vendor considers this a low severity issue."
}
],
"metrics": {},
"references": [
{
"url": "http://blog.pi3.com.pl/?p=850",
"source": "cve@mitre.org"
},
{
"url": "https://portswigger.net/daily-swig/blind-tcp-ip-hijacking-is-resurrected-for-windows-7",
"source": "cve@mitre.org"
},
{
"url": "https://pwnies.com/windows-7-blind-tcp-ip-hijacking/",
"source": "cve@mitre.org"
}
]
}

75
CVE-2023/CVE-2023-344xx/CVE-2023-34449.json Normal file
View File

@ -0,0 +1,75 @@
{
"id": "CVE-2023-34449",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-06-14T21:15:09.790",
"lastModified": "2023-06-14T21:27:19.783",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "ink! is an embedded domain specific language to write smart contracts in Rust for blockchains built on the Substrate framework. Starting in version 4.0.0 and prior to version 4.2.1, the return value when using delegate call mechanics, either through `CallBuilder::delegate` or `ink_env::invoke_contract_delegate`, is decoded incorrectly. This bug was related to the mechanics around decoding a call's return buffer, which was changed as part of pull request 1450. Since this feature was only released in ink! 4.0.0, no previous versions are affected. Users who have an ink! 4.x series contract should upgrade to 4.2.1 to receive a patch."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-253"
},
{
"lang": "en",
"value": "CWE-754"
}
]
}
],
"references": [
{
"url": "https://docs.rs/ink_env/4.2.0/ink_env/call/struct.CallBuilder.html#method.delegate",
"source": "security-advisories@github.com"
},
{
"url": "https://docs.rs/ink_env/4.2.0/ink_env/fn.invoke_contract_delegate.html",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/paritytech/ink/commit/f1407ee9f87e5f64d467a22d26ee88f61db7f3db",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/paritytech/ink/pull/1450",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/paritytech/ink/security/advisories/GHSA-853p-5678-hv8f",
"source": "security-advisories@github.com"
}
]
}

20
CVE-2023/CVE-2023-345xx/CVE-2023-34565.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-34565",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-14T21:15:09.867",
"lastModified": "2023-06-14T21:27:19.783",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Netbox 3.5.1 is vulnerable to Cross Site Scripting (XSS) in the \"Create Wireless LAN Groups\" function."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/grayfullbuster0804/netbox/issues/1",
"source": "cve@mitre.org"
}
]
}

13
CVE-2023/CVE-2023-345xx/CVE-2023-34585.json
View File

@ -2,19 +2,14 @@
"id": "CVE-2023-34585",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-14T14:15:09.800",
"lastModified": "2023-06-14T15:30:53.640",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-14T20:15:09.687",
"vulnStatus": "Rejected",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in OBS-Studio 29.1.1, plaintext storage of passwords."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/obsproject/obs-studio/issues/8966",
"source": "cve@mitre.org"
}
]
"references": []
}

70
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-06-14T20:00:28.659696+00:00
2023-06-14T22:00:25.798937+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-06-14T19:58:43.870000+00:00
2023-06-14T21:27:19.783000+00:00
```
### Last Data Feed Release
@ -29,50 +29,48 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
217775
217788
```
### CVEs added in the last Commit
Recently added CVEs: `6`
Recently added CVEs: `13`
* [CVE-2022-31644](CVE-2022/CVE-2022-316xx/CVE-2022-31644.json) (`2023-06-14T18:15:09.363`)
* [CVE-2022-31645](CVE-2022/CVE-2022-316xx/CVE-2022-31645.json) (`2023-06-14T18:15:09.413`)
* [CVE-2022-31646](CVE-2022/CVE-2022-316xx/CVE-2022-31646.json) (`2023-06-14T18:15:09.457`)
* [CVE-2022-4284](CVE-2022/CVE-2022-42xx/CVE-2022-4284.json) (`2023-06-14T19:15:09.187`)
* [CVE-2023-2976](CVE-2023/CVE-2023-29xx/CVE-2023-2976.json) (`2023-06-14T18:15:09.513`)
* [CVE-2023-31671](CVE-2023/CVE-2023-316xx/CVE-2023-31671.json) (`2023-06-14T18:15:09.573`)
* [CVE-2023-25368](CVE-2023/CVE-2023-253xx/CVE-2023-25368.json) (`2023-06-14T20:15:09.240`)
* [CVE-2023-25369](CVE-2023/CVE-2023-253xx/CVE-2023-25369.json) (`2023-06-14T20:15:09.290`)
* [CVE-2023-25434](CVE-2023/CVE-2023-254xx/CVE-2023-25434.json) (`2023-06-14T20:15:09.337`)
* [CVE-2023-26062](CVE-2023/CVE-2023-260xx/CVE-2023-26062.json) (`2023-06-14T20:15:09.383`)
* [CVE-2023-30082](CVE-2023/CVE-2023-300xx/CVE-2023-30082.json) (`2023-06-14T20:15:09.453`)
* [CVE-2023-34367](CVE-2023/CVE-2023-343xx/CVE-2023-34367.json) (`2023-06-14T20:15:09.510`)
* [CVE-2023-1329](CVE-2023/CVE-2023-13xx/CVE-2023-1329.json) (`2023-06-14T21:15:09.340`)
* [CVE-2023-26965](CVE-2023/CVE-2023-269xx/CVE-2023-26965.json) (`2023-06-14T21:15:09.483`)
* [CVE-2023-30150](CVE-2023/CVE-2023-301xx/CVE-2023-30150.json) (`2023-06-14T21:15:09.557`)
* [CVE-2023-31746](CVE-2023/CVE-2023-317xx/CVE-2023-31746.json) (`2023-06-14T21:15:09.610`)
* [CVE-2023-33515](CVE-2023/CVE-2023-335xx/CVE-2023-33515.json) (`2023-06-14T21:15:09.663`)
* [CVE-2023-34449](CVE-2023/CVE-2023-344xx/CVE-2023-34449.json) (`2023-06-14T21:15:09.790`)
* [CVE-2023-34565](CVE-2023/CVE-2023-345xx/CVE-2023-34565.json) (`2023-06-14T21:15:09.867`)
### CVEs modified in the last Commit
Recently modified CVEs: `40`
Recently modified CVEs: `16`
* [CVE-2023-34867](CVE-2023/CVE-2023-348xx/CVE-2023-34867.json) (`2023-06-14T18:20:18.790`)
* [CVE-2023-34868](CVE-2023/CVE-2023-348xx/CVE-2023-34868.json) (`2023-06-14T18:20:18.790`)
* [CVE-2023-0009](CVE-2023/CVE-2023-00xx/CVE-2023-0009.json) (`2023-06-14T18:20:18.790`)
* [CVE-2023-0010](CVE-2023/CVE-2023-00xx/CVE-2023-0010.json) (`2023-06-14T18:20:18.790`)
* [CVE-2023-25367](CVE-2023/CVE-2023-253xx/CVE-2023-25367.json) (`2023-06-14T18:20:18.790`)
* [CVE-2023-34095](CVE-2023/CVE-2023-340xx/CVE-2023-34095.json) (`2023-06-14T18:20:18.790`)
* [CVE-2023-3172](CVE-2023/CVE-2023-31xx/CVE-2023-3172.json) (`2023-06-14T18:21:14.247`)
* [CVE-2023-2530](CVE-2023/CVE-2023-25xx/CVE-2023-2530.json) (`2023-06-14T18:31:32.977`)
* [CVE-2023-29345](CVE-2023/CVE-2023-293xx/CVE-2023-29345.json) (`2023-06-14T18:35:45.610`)
* [CVE-2023-20887](CVE-2023/CVE-2023-208xx/CVE-2023-20887.json) (`2023-06-14T18:40:01.347`)
* [CVE-2023-3165](CVE-2023/CVE-2023-31xx/CVE-2023-3165.json) (`2023-06-14T18:57:13.767`)
* [CVE-2023-20888](CVE-2023/CVE-2023-208xx/CVE-2023-20888.json) (`2023-06-14T19:10:16.743`)
* [CVE-2023-33658](CVE-2023/CVE-2023-336xx/CVE-2023-33658.json) (`2023-06-14T19:12:15.637`)
* [CVE-2023-33443](CVE-2023/CVE-2023-334xx/CVE-2023-33443.json) (`2023-06-14T19:13:04.663`)
* [CVE-2023-1709](CVE-2023/CVE-2023-17xx/CVE-2023-1709.json) (`2023-06-14T19:14:50.197`)
* [CVE-2023-33284](CVE-2023/CVE-2023-332xx/CVE-2023-33284.json) (`2023-06-14T19:21:44.847`)
* [CVE-2023-2558](CVE-2023/CVE-2023-25xx/CVE-2023-2558.json) (`2023-06-14T19:24:54.113`)
* [CVE-2023-2555](CVE-2023/CVE-2023-25xx/CVE-2023-2555.json) (`2023-06-14T19:26:15.310`)
* [CVE-2023-2557](CVE-2023/CVE-2023-25xx/CVE-2023-2557.json) (`2023-06-14T19:26:43.670`)
* [CVE-2023-20889](CVE-2023/CVE-2023-208xx/CVE-2023-20889.json) (`2023-06-14T19:35:42.450`)
* [CVE-2023-0692](CVE-2023/CVE-2023-06xx/CVE-2023-0692.json) (`2023-06-14T19:41:44.033`)
* [CVE-2023-33863](CVE-2023/CVE-2023-338xx/CVE-2023-33863.json) (`2023-06-14T19:44:08.787`)
* [CVE-2023-33864](CVE-2023/CVE-2023-338xx/CVE-2023-33864.json) (`2023-06-14T19:48:06.770`)
* [CVE-2023-30948](CVE-2023/CVE-2023-309xx/CVE-2023-30948.json) (`2023-06-14T19:53:58.033`)
* [CVE-2023-32551](CVE-2023/CVE-2023-325xx/CVE-2023-32551.json) (`2023-06-14T19:58:43.870`)
* [CVE-2023-34585](CVE-2023/CVE-2023-345xx/CVE-2023-34585.json) (`2023-06-14T20:15:09.687`)
* [CVE-2023-0694](CVE-2023/CVE-2023-06xx/CVE-2023-0694.json) (`2023-06-14T20:16:49.710`)
* [CVE-2023-1169](CVE-2023/CVE-2023-11xx/CVE-2023-1169.json) (`2023-06-14T20:17:58.803`)
* [CVE-2023-0693](CVE-2023/CVE-2023-06xx/CVE-2023-0693.json) (`2023-06-14T20:19:12.043`)
* [CVE-2023-0691](CVE-2023/CVE-2023-06xx/CVE-2023-0691.json) (`2023-06-14T20:21:14.983`)
* [CVE-2023-0688](CVE-2023/CVE-2023-06xx/CVE-2023-0688.json) (`2023-06-14T20:25:54.320`)
* [CVE-2023-0292](CVE-2023/CVE-2023-02xx/CVE-2023-0292.json) (`2023-06-14T20:33:30.690`)
* [CVE-2023-1016](CVE-2023/CVE-2023-10xx/CVE-2023-1016.json) (`2023-06-14T20:36:18.430`)
* [CVE-2023-33533](CVE-2023/CVE-2023-335xx/CVE-2023-33533.json) (`2023-06-14T20:41:17.157`)
* [CVE-2023-0993](CVE-2023/CVE-2023-09xx/CVE-2023-0993.json) (`2023-06-14T20:44:32.200`)
* [CVE-2023-2086](CVE-2023/CVE-2023-20xx/CVE-2023-2086.json) (`2023-06-14T20:58:29.057`)
* [CVE-2023-2085](CVE-2023/CVE-2023-20xx/CVE-2023-2085.json) (`2023-06-14T20:59:30.477`)
* [CVE-2023-2084](CVE-2023/CVE-2023-20xx/CVE-2023-2084.json) (`2023-06-14T21:00:00.970`)
* [CVE-2023-2083](CVE-2023/CVE-2023-20xx/CVE-2023-2083.json) (`2023-06-14T21:00:43.850`)
* [CVE-2023-1709](CVE-2023/CVE-2023-17xx/CVE-2023-1709.json) (`2023-06-14T21:15:09.390`)
* [CVE-2023-34095](CVE-2023/CVE-2023-340xx/CVE-2023-34095.json) (`2023-06-14T21:15:09.707`)
## Download and Usage