admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-06-28T16:00:29.495226+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-06-28 16:00:32 +00:00
parent 3b878de53d
commit 5e555eff4a
83 changed files with 2679 additions and 151 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
CVE-2020/CVE-2020-184xx/CVE-2020-18404.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2020-18404",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-27T21:15:15.650",
"lastModified": "2023-06-27T21:15:15.650",
"vulnStatus": "Received",
"lastModified": "2023-06-28T12:34:43.903",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

8
CVE-2020/CVE-2020-184xx/CVE-2020-18409.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2020-18409",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-27T21:15:15.717",
"lastModified": "2023-06-27T21:15:15.717",
"vulnStatus": "Received",
"lastModified": "2023-06-28T12:34:43.903",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Cross Site Request Forgery (CSRF) vulnerability was discovered in CatfishCMS 4.8.63 that would allow attackers to obtain administrator permissions via /index.php/admin/index/modifymanage.html."
},
{
"lang": "es",
"value": "Se ha descubierto una vulnerabilidad de tipo Cross Site Request Forgery (CSRF) en CatfishCMS v4.8.63 que permite a los atacantes obtener permisos de administrador a trav\u00e9s de \"/index.php/admin/index/modifymanage.html\"."
}
],
"metrics": {},

4
CVE-2020/CVE-2020-184xx/CVE-2020-18414.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2020-18414",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-27T21:15:15.763",
"lastModified": "2023-06-27T21:15:15.763",
"vulnStatus": "Received",
"lastModified": "2023-06-28T12:34:43.903",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2022/CVE-2022-268xx/CVE-2022-26857.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-26857",
"sourceIdentifier": "security_alert@emc.com",
"published": "2022-05-26T16:15:08.187",
"lastModified": "2022-06-07T19:14:20.900",
"lastModified": "2023-06-28T13:59:21.027",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -90,7 +90,7 @@
"description": [
{
"lang": "en",
"value": "CWE-863"
"value": "NVD-CWE-Other"
}
]
},

4
CVE-2022/CVE-2022-26xx/CVE-2022-2661.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-2661",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2022-08-16T21:15:09.717",
"lastModified": "2022-08-17T15:23:58.357",
"lastModified": "2023-06-28T14:20:38.200",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -65,7 +65,7 @@
"description": [
{
"lang": "en",
"value": "CWE-863"
"value": "NVD-CWE-Other"
}
]
},

4
CVE-2022/CVE-2022-26xx/CVE-2022-2675.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-2675",
"sourceIdentifier": "cve@rapid7.con",
"published": "2022-08-05T17:15:08.857",
"lastModified": "2022-08-11T15:28:56.363",
"lastModified": "2023-06-28T13:58:54.710",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -45,7 +45,7 @@
"description": [
{
"lang": "en",
"value": "CWE-287"
"value": "NVD-CWE-Other"
}
]
},

6
CVE-2022/CVE-2022-272xx/CVE-2022-27211.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-27211",
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"published": "2022-03-15T17:15:11.947",
"lastModified": "2022-03-24T20:30:44.143",
"lastModified": "2023-06-28T13:44:06.287",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -71,6 +71,10 @@
{
"lang": "en",
"value": "CWE-862"
},
{
"lang": "en",
"value": "CWE-863"
}
]
},

4
CVE-2022/CVE-2022-272xx/CVE-2022-27235.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-27235",
"sourceIdentifier": "audit@patchstack.com",
"published": "2022-07-22T17:15:08.603",
"lastModified": "2022-07-26T14:49:41.873",
"lastModified": "2023-06-28T13:59:03.167",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -65,7 +65,7 @@
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
"value": "NVD-CWE-Other"
}
]
},

14
CVE-2022/CVE-2022-276xx/CVE-2022-27660.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-27660",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2022-08-05T22:15:11.483",
"lastModified": "2022-08-09T19:30:01.567",
"lastModified": "2023-06-28T13:59:57.707",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -62,8 +62,18 @@
},
"weaknesses": [
{
"source": "talos-cna@cisco.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
},
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
"description": [
{
"lang": "en",

4
CVE-2022/CVE-2022-278xx/CVE-2022-27835.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-27835",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2022-04-11T20:15:22.873",
"lastModified": "2022-04-18T18:02:26.813",
"lastModified": "2023-06-28T13:50:31.433",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -90,7 +90,7 @@
"description": [
{
"lang": "en",
"value": "CWE-119"
"value": "CWE-787"
}
]
},

4
CVE-2022/CVE-2022-278xx/CVE-2022-27838.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-27838",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2022-04-11T20:15:23.047",
"lastModified": "2022-04-19T15:14:39.430",
"lastModified": "2023-06-28T13:50:49.037",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -90,7 +90,7 @@
"description": [
{
"lang": "en",
"value": "CWE-863"
"value": "NVD-CWE-Other"
}
]
},

4
CVE-2022/CVE-2022-278xx/CVE-2022-27858.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-27858",
"sourceIdentifier": "audit@patchstack.com",
"published": "2022-11-08T19:15:11.103",
"lastModified": "2022-11-09T14:04:11.783",
"lastModified": "2023-06-28T14:28:21.057",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -61,7 +61,7 @@
"description": [
{
"lang": "en",
"value": "CWE-74"
"value": "CWE-1236"
}
]
},

14
CVE-2022/CVE-2022-27xx/CVE-2022-2765.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-2765",
"sourceIdentifier": "cna@vuldb.com",
"published": "2022-08-11T10:15:08.253",
"lastModified": "2022-08-15T15:48:34.603",
"lastModified": "2023-06-28T14:12:37.700",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -60,8 +60,18 @@
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-306"
}
]
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
"description": [
{
"lang": "en",

14
CVE-2022/CVE-2022-27xx/CVE-2022-2788.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-2788",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2022-08-19T21:15:08.403",
"lastModified": "2022-08-24T11:54:39.530",
"lastModified": "2023-06-28T14:25:03.167",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -60,8 +60,18 @@
},
"weaknesses": [
{
"source": "ics-cert@hq.dhs.gov",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
},
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"description": [
{
"lang": "en",

4
CVE-2022/CVE-2022-27xx/CVE-2022-2792.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-2792",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2022-08-19T23:15:09.347",
"lastModified": "2022-08-24T18:40:37.517",
"lastModified": "2023-06-28T14:26:21.097",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -65,7 +65,7 @@
"description": [
{
"lang": "en",
"value": "CWE-668"
"value": "NVD-CWE-Other"
}
]
},

4
CVE-2022/CVE-2022-281xx/CVE-2022-28193.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-28193",
"sourceIdentifier": "psirt@nvidia.com",
"published": "2022-04-27T18:15:07.917",
"lastModified": "2022-10-14T02:35:57.953",
"lastModified": "2023-06-28T13:51:13.563",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -90,7 +90,7 @@
"description": [
{
"lang": "en",
"value": "CWE-20"
"value": "CWE-787"
}
]
},

4
CVE-2022/CVE-2022-281xx/CVE-2022-28196.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-28196",
"sourceIdentifier": "psirt@nvidia.com",
"published": "2022-04-27T18:15:08.097",
"lastModified": "2022-07-14T15:20:46.600",
"lastModified": "2023-06-28T13:59:39.710",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -90,7 +90,7 @@
"description": [
{
"lang": "en",
"value": "CWE-20"
"value": "CWE-787"
}
]
},

14
CVE-2022/CVE-2022-283xx/CVE-2022-28331.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-28331",
"sourceIdentifier": "security@apache.org",
"published": "2023-01-31T16:15:08.977",
"lastModified": "2023-02-08T18:48:12.623",
"lastModified": "2023-06-28T14:28:29.000",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -36,8 +36,18 @@
},
"weaknesses": [
{
"source": "security@apache.org",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-190"
}
]
},
{
"source": "security@apache.org",
"type": "Secondary",
"description": [
{
"lang": "en",

4
CVE-2022/CVE-2022-28xx/CVE-2022-2820.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-2820",
"sourceIdentifier": "security@huntr.dev",
"published": "2022-08-15T11:21:31.687",
"lastModified": "2022-08-16T16:27:07.747",
"lastModified": "2023-06-28T14:13:45.360",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -67,7 +67,7 @@
"description": [
{
"lang": "en",
"value": "CWE-613"
"value": "CWE-384"
}
]
},

4
CVE-2022/CVE-2022-28xx/CVE-2022-2824.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-2824",
"sourceIdentifier": "security@huntr.dev",
"published": "2022-08-15T16:15:07.903",
"lastModified": "2022-08-16T19:08:07.167",
"lastModified": "2023-06-28T14:15:11.573",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -67,7 +67,7 @@
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
"value": "CWE-639"
}
]
},

20
CVE-2022/CVE-2022-442xx/CVE-2022-44276.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2022-44276",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-28T15:15:09.323",
"lastModified": "2023-06-28T15:25:19.233",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In Responsive Filemanager < 9.12.0, an attacker can bypass upload restrictions resulting in RCE."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/HerrLeStrate/CVE-2022-44276-PoC",
"source": "cve@mitre.org"
}
]
}

4
CVE-2022/CVE-2022-485xx/CVE-2022-48505.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-48505",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-28T02:15:49.447",
"lastModified": "2023-06-28T02:15:49.447",
"vulnStatus": "Received",
"lastModified": "2023-06-28T12:34:43.903",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

57
CVE-2023/CVE-2023-09xx/CVE-2023-0969.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-0969",
"sourceIdentifier": "product-security@silabs.com",
"published": "2023-06-21T20:15:09.660",
"lastModified": "2023-06-22T12:51:30.407",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-28T14:59:30.573",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW"
},
"exploitabilityScore": 2.1,
"impactScore": 1.4
},
{
"source": "product-security@silabs.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-119"
}
]
},
{
"source": "product-security@silabs.com",
"type": "Secondary",
@ -50,10 +80,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:silabs:z\\/ip_gateway_sdk:*:*:*:*:*:*:*:*",
"versionEndIncluding": "7.18.01",
"matchCriteriaId": "6F96CB0A-344E-4061-808B-79DBA47375A3"
}
]
}
]
}
],
"references": [
{
"url": "https://siliconlabs.lightning.force.com/sfc/servlet.shepherd/document/download/0698Y00000V6HZzQAN?operationContext=S1",
"source": "product-security@silabs.com"
"source": "product-security@silabs.com",
"tags": [
"Permissions Required"
]
}
]
}

71
CVE-2023/CVE-2023-12xx/CVE-2023-1295.json Normal file
View File

@ -0,0 +1,71 @@
{
"id": "CVE-2023-1295",
"sourceIdentifier": "cve-coordination@google.com",
"published": "2023-06-28T12:15:09.340",
"lastModified": "2023-06-28T12:34:43.903",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A time-of-check to time-of-use issue exists in io_uring subsystem's IORING_OP_CLOSE operation in the Linux kernel's versions 5.6 - 5.11 (inclusive), which allows a local user to elevate their privileges to root. Introduced in b5dba59e0cf7e2cc4d3b3b1ac5fe81ddf21959eb, patched in 9eac1904d3364254d622bf2c771c4f85cd435fc2, backported to stable in 788d0824269bef539fe31a785b1517882eafed93."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve-coordination@google.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "cve-coordination@google.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-367"
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=788d0824269bef539fe31a785b1517882eafed93",
"source": "cve-coordination@google.com"
},
{
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=9eac1904d3364254d622bf2c771c4f85cd435fc2",
"source": "cve-coordination@google.com"
},
{
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b5dba59e0cf7e2cc4d3b3b1ac5fe81ddf21959eb",
"source": "cve-coordination@google.com"
},
{
"url": "https://kernel.dance/788d0824269bef539fe31a785b1517882eafed93",
"source": "cve-coordination@google.com"
},
{
"url": "https://kernel.dance/9eac1904d3364254d622bf2c771c4f85cd435fc2",
"source": "cve-coordination@google.com"
}
]
}

8
CVE-2023/CVE-2023-18xx/CVE-2023-1844.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-1844",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-06-28T03:15:09.140",
"lastModified": "2023-06-28T03:15:09.140",
"vulnStatus": "Received",
"lastModified": "2023-06-28T12:34:43.903",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "The Subscribe2 plugin for WordPress is vulnerable to unauthorized access to email functionality due to a missing capability check when sending test emails in versions up to, and including, 10.40. This makes it possible for author-level attackers to send emails with arbitrary content and attachments to site users."
},
{
"lang": "es",
"value": "El plugin Subscribe2 para WordPress es vulnerable al acceso no autorizado a la funcionalidad de correo electr\u00f3nico debido a la falta de una comprobaci\u00f3n de capacidad al enviar correos electr\u00f3nicos de prueba en versiones hasta la 10.40 inclusive. Esto se hace posible que los atacantes a nivel de autor env\u00eden correos electr\u00f3nicos con contenido arbitrario y archivos adjuntos a los usuarios del sitio. "
}
],
"metrics": {

55
CVE-2023/CVE-2023-200xx/CVE-2023-20006.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-20006",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2023-06-28T15:15:09.387",
"lastModified": "2023-06-28T15:25:19.233",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the hardware-based SSL/TLS cryptography functionality of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Appliances could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to an implementation error within the cryptographic functions for SSL/TLS traffic processing when they are offloaded to the hardware. An attacker could exploit this vulnerability by sending a crafted stream of SSL/TLS traffic to an affected device. A successful exploit could allow the attacker to cause an unexpected error in the hardware-based cryptography engine, which could cause the device to reload."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0
}
]
},
"weaknesses": [
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-681"
}
]
}
],
"references": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ssl-dos-uu7mV5p6",
"source": "ykramarz@cisco.com"
}
]
}

55
CVE-2023/CVE-2023-200xx/CVE-2023-20028.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-20028",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2023-06-28T15:15:09.457",
"lastModified": "2023-06-28T15:25:19.233",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager; Cisco Secure Email Gateway, formerly Cisco Email Security Appliance (ESA); and Cisco Secure Web Appliance, formerly Cisco Web Security Appliance (WSA), could allow a remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. For more information about these vulnerabilities, see the Details section of this advisory."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-xss-cP9DuEmq",
"source": "ykramarz@cisco.com"
}
]
}

55
CVE-2023/CVE-2023-201xx/CVE-2023-20105.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-20105",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2023-06-28T15:15:09.517",
"lastModified": "2023-06-28T15:25:19.233",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated attacker with Administrator-level read-only credentials to elevate their privileges to Administrator with read-write credentials on an affected system. Note: \"Cisco Expressway Series\" refers to Cisco Expressway Control (Expressway-C) devices and Cisco Expressway Edge (Expressway-E) devices. For more information about these vulnerabilities, see the Details section of this advisory."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.6,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.1,
"impactScore": 5.8
}
]
},
"weaknesses": [
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"references": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-expressway-priv-esc-Ls2B9t7b",
"source": "ykramarz@cisco.com"
}
]
}

55
CVE-2023/CVE-2023-201xx/CVE-2023-20108.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-20108",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2023-06-28T15:15:09.577",
"lastModified": "2023-06-28T15:25:19.233",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the XCP Authentication Service of the Cisco Unified Communications Manager IM &amp; Presence Service (Unified CM IM&amp;P) could allow an unauthenticated, remote attacker to cause a temporary service outage for all Cisco Unified CM IM&amp;P users who are attempting to authenticate to the service, resulting in a denial of service (DoS) condition. This vulnerability is due to improper validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted login message to the affected device. A successful exploit could allow the attacker to cause an unexpected restart of the authentication service, preventing new users from successfully authenticating. Exploitation of this vulnerability does not impact Cisco Unified CM IM&amp;P users who were authenticated prior to an attack."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-789"
}
]
}
],
"references": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-imp-dos-49GL7rzT",
"source": "ykramarz@cisco.com"
}
]
}

55
CVE-2023/CVE-2023-201xx/CVE-2023-20116.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-20116",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2023-06-28T15:15:09.640",
"lastModified": "2023-06-28T15:25:19.233",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Administrative XML Web Service (AXL) API of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient validation of user-supplied input to the web UI of the Self Care Portal. An attacker could exploit this vulnerability by sending crafted HTTP input to an affected device. A successful exploit could allow the attacker to cause a DoS condition on the affected device."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 4.0
}
]
},
"weaknesses": [
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-835"
}
]
}
],
"references": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-dos-4Ag3yWbD",
"source": "ykramarz@cisco.com"
}
]
}

55
CVE-2023/CVE-2023-201xx/CVE-2023-20119.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-20119",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2023-06-28T15:15:09.700",
"lastModified": "2023-06-28T15:25:19.233",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager; Cisco Secure Email Gateway, formerly Cisco Email Security Appliance (ESA); and Cisco Secure Web Appliance, formerly Cisco Web Security Appliance (WSA), could allow a remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. For more information about these vulnerabilities, see the Details section of this advisory."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-xss-cP9DuEmq",
"source": "ykramarz@cisco.com"
}
]
}

55
CVE-2023/CVE-2023-201xx/CVE-2023-20120.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-20120",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2023-06-28T15:15:09.760",
"lastModified": "2023-06-28T15:25:19.233",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in the web-based management interface of Cisco AsyncOS Software for Cisco Secure Email and Web Manager; Cisco Secure Email Gateway, formerly Cisco Email Security Appliance (ESA); and Cisco Secure Web Appliance, formerly Cisco Web Security Appliance (WSA), could allow a remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. For more information about these vulnerabilities, see the Details section of this advisory."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-sma-wsa-xss-cP9DuEmq",
"source": "ykramarz@cisco.com"
}
]
}

55
CVE-2023/CVE-2023-201xx/CVE-2023-20136.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-20136",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2023-06-28T15:15:09.820",
"lastModified": "2023-06-28T15:25:19.233",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the OpenAPI of Cisco Secure Workload could allow an authenticated, remote attacker with the privileges of a read-only user to execute operations that should require Administrator privileges. The attacker would need valid user credentials. This vulnerability is due to improper role-based access control (RBAC) of certain OpenAPI operations. An attacker could exploit this vulnerability by issuing a crafted OpenAPI function call with valid credentials. A successful exploit could allow the attacker to execute OpenAPI operations that are reserved for the Administrator user, including the creation and deletion of user labels."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-648"
}
]
}
],
"references": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-csw-auth-openapi-kTndjdNX",
"source": "ykramarz@cisco.com"
}
]
}

55
CVE-2023/CVE-2023-201xx/CVE-2023-20178.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-20178",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2023-06-28T15:15:09.880",
"lastModified": "2023-06-28T15:25:19.233",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the client update process of Cisco AnyConnect Secure Mobility Client Software for Windows and Cisco Secure Client Software for Windows could allow a low-privileged, authenticated, local attacker to elevate privileges to those of SYSTEM. The client update process is executed after a successful VPN connection is established. This vulnerability exists because improper permissions are assigned to a temporary directory that is created during the update process. An attacker could exploit this vulnerability by abusing a specific function of the Windows installer process. A successful exploit could allow the attacker to execute code with SYSTEM privileges."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-276"
}
]
}
],
"references": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ac-csc-privesc-wx4U4Kw",
"source": "ykramarz@cisco.com"
}
]
}

55
CVE-2023/CVE-2023-201xx/CVE-2023-20188.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-20188",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2023-06-28T15:15:09.943",
"lastModified": "2023-06-28T15:25:19.233",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Small Business 200 Series Smart Switches, Cisco Small Business 300 Series Managed Switches, and Cisco Small Business 500 Series Stackable Managed Switches could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface on an affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by persuading a user of an affected interface to view a page containing malicious HTML or script content. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit this vulnerability, the attacker would need to have valid credentials to access the web-based management interface of the affected device. Cisco has not released software updates to address this vulnerability."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-87"
}
]
}
],
"references": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-smb-sxss-OPYJZUmE",
"source": "ykramarz@cisco.com"
}
]
}

55
CVE-2023/CVE-2023-201xx/CVE-2023-20192.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-20192",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2023-06-28T15:15:10.007",
"lastModified": "2023-06-28T15:25:19.233",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated attacker with Administrator-level read-only credentials to elevate their privileges to Administrator with read-write credentials on an affected system. Note: \"Cisco Expressway Series\" refers to Cisco Expressway Control (Expressway-C) devices and Cisco Expressway Edge (Expressway-E) devices. For more information about these vulnerabilities, see the Details section of this advisory."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.6,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.1,
"impactScore": 5.8
}
]
},
"weaknesses": [
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"references": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-expressway-priv-esc-Ls2B9t7b",
"source": "ykramarz@cisco.com"
}
]
}

55
CVE-2023/CVE-2023-201xx/CVE-2023-20199.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-20199",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2023-06-28T15:15:10.070",
"lastModified": "2023-06-28T15:25:19.233",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Cisco Duo Two-Factor Authentication for macOS could allow an authenticated, physical attacker to bypass secondary authentication and access an affected macOS device. This vulnerability is due to the incorrect handling of responses from Cisco Duo when the application is configured to fail open. An attacker with primary user credentials could exploit this vulnerability by attempting to authenticate to an affected device. A successful exploit could allow the attacker to access the affected device without valid permission."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.3,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
}
],
"references": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-duo-mac-bypass-OyZpVPnx",
"source": "ykramarz@cisco.com"
}
]
}

77
CVE-2023/CVE-2023-242xx/CVE-2023-24261.json
View File

@ -2,19 +2,88 @@
"id": "CVE-2023-24261",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-21T21:15:10.867",
"lastModified": "2023-06-22T12:51:30.407",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-28T15:57:40.363",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in GL.iNET GL-E750 Mudi before firmware v3.216 allows authenticated attackers to execute arbitrary code via a crafted POST request."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:gl-e750_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.216",
"matchCriteriaId": "1435C66B-38C7-4ECC-993D-F4EDD2853898"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:gl-e750:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5C88C24-42C5-4512-83B5-F7DED1D70E86"
}
]
}
]
}
],
"references": [
{
"url": "https://justinapplegate.me/2023/glinet-CVE-2023-24261/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-250xx/CVE-2023-25001.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-25001",
"sourceIdentifier": "psirt@autodesk.com",
"published": "2023-06-27T23:15:09.537",
"lastModified": "2023-06-27T23:15:09.537",
"vulnStatus": "Received",
"lastModified": "2023-06-28T12:34:43.903",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-250xx/CVE-2023-25002.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-25002",
"sourceIdentifier": "psirt@autodesk.com",
"published": "2023-06-27T23:15:09.590",
"lastModified": "2023-06-27T23:15:09.590",
"vulnStatus": "Received",
"lastModified": "2023-06-28T12:34:43.903",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-261xx/CVE-2023-26134.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-26134",
"sourceIdentifier": "report@snyk.io",
"published": "2023-06-28T05:15:10.467",
"lastModified": "2023-06-28T05:15:10.467",
"vulnStatus": "Received",
"lastModified": "2023-06-28T12:34:43.903",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

24
CVE-2023/CVE-2023-266xx/CVE-2023-26615.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-26615",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-28T15:15:10.137",
"lastModified": "2023-06-28T15:25:19.233",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "D-Link DIR-823G firmware version 1.02B05 has a password reset vulnerability, which originates from the SetMultipleActions API, allowing unauthorized attackers to reset the WEB page management password."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/726232111/VulIoT/tree/main/D-Link/DIR823G%20V1.0.2B05/HNAP1",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/726232111/VulIoT/tree/main/D-Link/DIR823G%20V1.0.2B05/HNAP1/SetMultipleActions",
"source": "cve@mitre.org"
}
]
}

78
CVE-2023/CVE-2023-272xx/CVE-2023-27243.json
View File

@ -2,27 +2,93 @@
"id": "CVE-2023-27243",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-21T16:15:11.347",
"lastModified": "2023-06-21T18:57:48.280",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-28T13:50:19.303",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An access control issue in Makves DCAP v3.0.0.122 allows unauthenticated attackers to obtain cleartext credentials via a crafted web request to the product API."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-312"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:makves:dcap:3.0.0.122:*:*:*:*:*:*:*",
"matchCriteriaId": "B00FDE30-C048-4F56-BF8B-3EE89E901D6B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:makves:dcap:3.0.0.183:*:*:*:*:*:*:*",
"matchCriteriaId": "4F28C15F-9375-4567-95B8-02D75FCB2EC6"
}
]
}
]
}
],
"references": [
{
"url": "http://dcap.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Not Applicable"
]
},
{
"url": "http://makves.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Not Applicable"
]
},
{
"url": "https://pastebin.com/L5BkBeEE",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-274xx/CVE-2023-27414.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-27414",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-06-21T14:15:09.603",
"lastModified": "2023-06-21T15:14:56.427",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-28T14:30:54.427",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ays-pro:popup_box:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "3.4.5",
"matchCriteriaId": "9F749839-8038-478F-A1B1-FDA4B80DF54F"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/ays-popup-box/wordpress-popup-box-plugin-3-4-4-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-274xx/CVE-2023-27432.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-27432",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-06-21T14:15:09.763",
"lastModified": "2023-06-21T15:14:56.427",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-28T14:31:07.147",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:manage_upload_limit_project:manage_upload_limit:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.0.4",
"matchCriteriaId": "77ADCAAD-7F85-4BAC-84EF-AD0BB554506F"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wpsimpletools-upload-limit/wordpress-manage-upload-limit-plugin-1-0-4-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

79
CVE-2023/CVE-2023-289xx/CVE-2023-28956.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28956",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-06-22T02:15:48.717",
"lastModified": "2023-06-22T12:51:30.407",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-28T14:51:02.947",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
@ -34,14 +54,65 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:spectrum_protect_backup-archive_client:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.1.0.0",
"versionEndIncluding": "8.1.17.2",
"matchCriteriaId": "D80F002B-D62A-46C1-A5B3-5385F9934E3A"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/251767",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
]
},
{
"url": "https://www.ibm.com/support/pages/node/7005519",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

82
CVE-2023/CVE-2023-297xx/CVE-2023-29711.json
View File

@ -2,23 +2,95 @@
"id": "CVE-2023-29711",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-22T12:15:11.793",
"lastModified": "2023-06-22T12:51:15.117",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-28T15:33:24.683",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An incorrect access control issue was discovered in Interlink PSG-5124 version 1.0.4, allows attackers to execute arbitrary code via crafted GET request."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:interlink:psg-5124_firmware:1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "96258895-AC41-499A-AAC1-6D5B3FF59BE5"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:interlink:psg-5124:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C4D200B2-1E4E-4D36-9B75-BD4A29C473E2"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/shellpei/LINK-Unauthorized/blob/main/CVE-2023-29711",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://holistic-height-e6d.notion.site/LINK-PSG-5124-Switch-remote-command-vulnerability-da4fd8fb450d42879b07ef3a953a2366",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

20
CVE-2023/CVE-2023-302xx/CVE-2023-30259.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-30259",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-28T14:15:09.677",
"lastModified": "2023-06-28T15:25:24.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A Buffer Overflow vulnerability in importshp plugin in LibreCAD 2.2.0 allows attackers to obtain sensitive information via a crafted DBF file."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/LibreCAD/LibreCAD/issues/1481",
"source": "cve@mitre.org"
}
]
}

4
CVE-2023/CVE-2023-30xx/CVE-2023-3034.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3034",
"sourceIdentifier": "vulnerability@ncsc.ch",
"published": "2023-06-28T09:15:09.677",
"lastModified": "2023-06-28T09:15:09.677",
"vulnStatus": "Received",
"lastModified": "2023-06-28T12:34:43.903",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

57
CVE-2023/CVE-2023-31xx/CVE-2023-3110.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3110",
"sourceIdentifier": "product-security@silabs.com",
"published": "2023-06-21T20:15:10.263",
"lastModified": "2023-06-22T12:51:30.407",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-28T15:59:59.863",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "product-security@silabs.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-119"
}
]
},
{
"source": "product-security@silabs.com",
"type": "Secondary",
@ -50,10 +80,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:silabs:unify_software_development_kit:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.3.1",
"matchCriteriaId": "A46D0A98-4348-4FE1-A8B1-A86891F7851E"
}
]
}
]
}
],
"references": [
{
"url": "https://siliconlabs.lightning.force.com/sfc/servlet.shepherd/document/download/0698Y00000V6HZzQAN?operationContext=S1",
"source": "product-security@silabs.com"
"source": "product-security@silabs.com",
"tags": [
"Permissions Required"
]
}
]
}

312
CVE-2023/CVE-2023-324xx/CVE-2023-32449.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32449",
"sourceIdentifier": "security_alert@emc.com",
"published": "2023-06-22T07:15:08.867",
"lastModified": "2023-06-22T12:51:30.407",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-28T15:21:44.097",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "security_alert@emc.com",
"type": "Secondary",
@ -46,10 +66,296 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dell:powerstoret_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.5.0.0-2050321",
"matchCriteriaId": "A280B79D-02B3-434A-9186-D99F839FFE05"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dell:powerstore_500t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B529671-71A1-428C-BC17-C8E002222FEA"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dell:powerstoret_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.5.0.0-2050321",
"matchCriteriaId": "A280B79D-02B3-434A-9186-D99F839FFE05"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dell:powerstore_1000t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FD5BE2B0-BB56-4E6C-8818-26910B23CE31"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dell:powerstoret_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.5.0.0-2050321",
"matchCriteriaId": "A280B79D-02B3-434A-9186-D99F839FFE05"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dell:powerstore_1200t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AB965674-7EBA-437E-A13B-39BC3F3FE139"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dell:powerstoret_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.5.0.0-2050321",
"matchCriteriaId": "A280B79D-02B3-434A-9186-D99F839FFE05"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dell:powerstore_3200t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E0A29ED1-5CE6-4D49-A079-7F4E6D782DE1"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dell:powerstoret_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.5.0.0-2050321",
"matchCriteriaId": "A280B79D-02B3-434A-9186-D99F839FFE05"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dell:powerstore_3000t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "861B5BE7-159A-41FF-9658-D243051CAC88"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dell:powerstoret_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.5.0.0-2050321",
"matchCriteriaId": "A280B79D-02B3-434A-9186-D99F839FFE05"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dell:powerstore_5200t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F0FCFFD4-A989-4AF3-99DF-32AE2547D9C1"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dell:powerstoret_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.5.0.0-2050321",
"matchCriteriaId": "A280B79D-02B3-434A-9186-D99F839FFE05"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dell:powerstore_5000t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2D5EE934-AD08-4C2B-B3EA-878975EE825E"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dell:powerstoret_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.5.0.0-2050321",
"matchCriteriaId": "A280B79D-02B3-434A-9186-D99F839FFE05"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dell:powerstore_7000t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "37E8CD6E-65F4-48A0-B796-93E4EE51BD06"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dell:powerstoret_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.5.0.0-2050321",
"matchCriteriaId": "A280B79D-02B3-434A-9186-D99F839FFE05"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dell:powerstore_9000t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D9BB1B88-C9C0-4B08-84C6-279C79E34CD3"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dell:powerstoret_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.5.0.0-2050321",
"matchCriteriaId": "A280B79D-02B3-434A-9186-D99F839FFE05"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dell:powerstore_9200t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F90EFCBC-F720-4426-8043-EB1489820C22"
}
]
}
]
}
],
"references": [
{
"url": "https://www.dell.com/support/kbdoc/en-us/000215171/dsa-2023-173-dell-powerstore-family-security-update-for-multiple-vulnerabilities",
"source": "security_alert@emc.com"
"source": "security_alert@emc.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-326xx/CVE-2023-32623.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32623",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2023-06-28T05:15:10.733",
"lastModified": "2023-06-28T05:15:10.733",
"vulnStatus": "Received",
"lastModified": "2023-06-28T12:34:43.903",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

65
CVE-2023/CVE-2023-334xx/CVE-2023-33405.json
View File

@ -2,19 +2,76 @@
"id": "CVE-2023-33405",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-21T21:15:11.357",
"lastModified": "2023-06-22T12:51:30.407",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-28T15:46:39.587",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Blogengine.net 3.3.8.0 and earlier is vulnerable to Open Redirect."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-601"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:blogengine:blogengine.net:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.8.0",
"matchCriteriaId": "FF6301ED-2F5D-40E7-8620-67405198A2A2"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/hacip/CVE-2023-33405",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

68
CVE-2023/CVE-2023-335xx/CVE-2023-33591.json
View File

@ -2,23 +2,81 @@
"id": "CVE-2023-33591",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-21T20:15:10.213",
"lastModified": "2023-06-22T12:51:30.407",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-28T15:47:35.893",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "User Registration & Login and User Management System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /admin/search-result.php."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:user_registration_\\&_login_and_user_management_system_project:user_registration_\\&_login_and_user_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE9D4C11-FD02-4308-B3D2-3D4737AA23A8"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/DARSHANAGUPTA10/CVE/blob/main/CVE%202023-33591",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://phpgurukul.com/user-registration-login-and-user-management-system-with-admin-panel/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
}
]
}

108
CVE-2023/CVE-2023-338xx/CVE-2023-33842.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-33842",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-06-22T02:15:48.857",
"lastModified": "2023-06-22T12:51:30.407",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-28T15:08:42.347",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
@ -34,14 +54,94 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:spss_modeler:17.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9EED1126-9582-4697-90FA-BFEE594B430D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:spss_modeler:18.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6DA0F9C4-551E-4D06-A7E4-666B9E756E53"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:spss_modeler:18.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "88279320-527E-470B-8331-F21AF782B5BA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:spss_modeler:18.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9E57C233-A5C2-4729-894F-2BA3798770C7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:spss_modeler:18.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3FFF09E6-BD10-46EF-B1B8-D6498D6128A5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:spss_modeler:18.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D438467A-875E-43F6-AF96-BE4C908550C1"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/256117",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
]
},
{
"url": "https://https://www.ibm.com/support/pages/node/7004299",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"Broken Link",
"Patch",
"Vendor Advisory"
]
}
]
}

71
CVE-2023/CVE-2023-338xx/CVE-2023-33869.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-33869",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2023-06-20T20:15:09.493",
"lastModified": "2023-06-21T12:29:48.917",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-28T12:51:10.270",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
@ -36,7 +56,7 @@
},
"weaknesses": [
{
"source": "ics-cert@hq.dhs.gov",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
@ -44,12 +64,55 @@
"value": "CWE-78"
}
]
},
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:enphase:envoy_firmware:d7.0.88:*:*:*:*:*:*:*",
"matchCriteriaId": "2F2EC2F1-624D-422B-B568-92CBE7A153E0"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:enphase:envoy:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A9FE4788-74CB-4DAB-ABF9-0C6D361E7B9B"
}
]
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-171-01",
"source": "ics-cert@hq.dhs.gov"
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
]
}
]
}

56
CVE-2023/CVE-2023-33xx/CVE-2023-3303.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3303",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-06-23T13:15:10.587",
"lastModified": "2023-06-23T15:14:22.530",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-28T15:19:14.713",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW"
},
"exploitabilityScore": 2.1,
"impactScore": 1.4
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -46,14 +68,40 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:admidio:admidio:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2.9",
"matchCriteriaId": "E38D2EC2-B220-473C-ABD0-5CD26F447C2E"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/admidio/admidio/commit/3d8bafaa4e9b7a314ffdf548622a8c7b38faee8a",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Patch"
]
},
{
"url": "https://huntr.dev/bounties/65d260cc-55a9-4e71-888d-cb2f66c071af",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
]
}
]
}

68
CVE-2023/CVE-2023-33xx/CVE-2023-3304.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3304",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-06-23T13:15:10.663",
"lastModified": "2023-06-23T15:14:22.530",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-28T15:21:27.977",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -36,8 +58,18 @@
},
"weaknesses": [
{
"source": "security@huntr.dev",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
},
{
"source": "security@huntr.dev",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -46,14 +78,40 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:admidio:admidio:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2.9",
"matchCriteriaId": "E38D2EC2-B220-473C-ABD0-5CD26F447C2E"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/admidio/admidio/commit/3b248b7d5e0e60a00ee2f9a6908d538d62a5837f",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Patch"
]
},
{
"url": "https://huntr.dev/bounties/721fae61-3c8c-4e4b-8407-64321bc0ed17",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
]
}
]
}

72
CVE-2023/CVE-2023-33xx/CVE-2023-3325.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3325",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-06-20T05:15:09.170",
"lastModified": "2023-06-20T07:12:55.493",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-28T13:26:34.913",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -13,8 +13,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
@ -36,8 +56,18 @@
},
"weaknesses": [
{
"source": "security@wordfence.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-331"
}
]
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -46,18 +76,46 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cmscommander:cms_commander:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.287",
"matchCriteriaId": "9EC459F5-5904-426F-8464-E7B387A51944"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/cms-commander-client/tags/2.287/init.php#L88",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/2927811/cms-commander-client",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ca37d453-9f9a-46b2-a17f-65a16e3e2ed1?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch",
"Third Party Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-33xx/CVE-2023-3330.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3330",
"sourceIdentifier": "psirt-info@cyber.jp.nec.com",
"published": "2023-06-28T02:15:49.523",
"lastModified": "2023-06-28T02:15:49.523",
"vulnStatus": "Received",
"lastModified": "2023-06-28T12:34:43.903",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-33xx/CVE-2023-3331.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3331",
"sourceIdentifier": "psirt-info@cyber.jp.nec.com",
"published": "2023-06-28T02:15:49.590",
"lastModified": "2023-06-28T02:15:49.590",
"vulnStatus": "Received",
"lastModified": "2023-06-28T12:34:43.903",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-33xx/CVE-2023-3332.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3332",
"sourceIdentifier": "psirt-info@cyber.jp.nec.com",
"published": "2023-06-28T02:15:49.650",
"lastModified": "2023-06-28T02:15:49.650",
"vulnStatus": "Received",
"lastModified": "2023-06-28T12:34:43.903",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-33xx/CVE-2023-3333.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3333",
"sourceIdentifier": "psirt-info@cyber.jp.nec.com",
"published": "2023-06-28T02:15:49.713",
"lastModified": "2023-06-28T02:15:49.713",
"vulnStatus": "Received",
"lastModified": "2023-06-28T12:34:43.903",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

47
CVE-2023/CVE-2023-340xx/CVE-2023-34012.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34012",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-06-23T12:15:09.687",
"lastModified": "2023-06-23T13:03:18.900",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-28T15:04:03.897",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:leap13:premium_addons_for_elementor:*:*:*:*:pro:wordpress:*:*",
"versionEndIncluding": "2.8.24",
"matchCriteriaId": "977101B3-0AA0-46E2-B152-8634C18FD0BE"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/premium-addons-pro/wordpress-premium-addons-pro-plugin-2-8-24-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

57
CVE-2023/CVE-2023-343xx/CVE-2023-34340.json
View File

@ -2,15 +2,38 @@
"id": "CVE-2023-34340",
"sourceIdentifier": "security@apache.org",
"published": "2023-06-21T08:15:10.740",
"lastModified": "2023-06-21T12:29:48.917",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-28T12:43:31.883",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Improper Authentication vulnerability in Apache Software Foundation Apache Accumulo.\nThis issue affects Apache Accumulo: 2.1.0.\n\nAccumulo 2.1.0 contains a defect in the user authentication process that may succeed when invalid credentials are provided. Users are advised to upgrade to 2.1.1.\n\n\n"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security@apache.org",
@ -23,14 +46,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:accumulo:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1CC467CA-6E34-4CD0-9F6B-0520399C6701"
}
]
}
]
}
],
"references": [
{
"url": "https://accumulo.apache.org/release/accumulo-2.1.1/",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Release Notes"
]
},
{
"url": "https://lists.apache.org/thread/syy6jftvy9l6tlhn33o0rzwhh4rd0z4t",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List",
"Vendor Advisory"
]
}
]
}

20
CVE-2023/CVE-2023-349xx/CVE-2023-34928.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-34928",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-28T14:15:09.743",
"lastModified": "2023-06-28T15:25:24.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A stack overflow in the Edit_BasicSSID function of H3C Magic B1STV100R012 allows attackers to cause a Denial of Service (DoS) via a crafted POST request."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/h4kuy4/vuln/blob/main/H3C_B1STW/CVE-2023-34928.md",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-349xx/CVE-2023-34929.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-34929",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-28T14:15:09.790",
"lastModified": "2023-06-28T15:25:24.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A stack overflow in the AddMacList function of H3C Magic B1STV100R012 allows attackers to cause a Denial of Service (DoS) via a crafted POST request."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/h4kuy4/vuln/blob/main/H3C_B1STW/CVE-2023-34929.md",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-349xx/CVE-2023-34930.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-34930",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-28T14:15:09.833",
"lastModified": "2023-06-28T15:25:24.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A stack overflow in the EditMacList function of H3C Magic B1STV100R012 allows attackers to cause a Denial of Service (DoS) via a crafted POST request."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/h4kuy4/vuln/blob/main/H3C_B1STW/CVE-2023-34930.md",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-349xx/CVE-2023-34931.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-34931",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-28T14:15:09.877",
"lastModified": "2023-06-28T15:25:24.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A stack overflow in the EditWlanMacList function of H3C Magic B1STV100R012 allows attackers to cause a Denial of Service (DoS) via a crafted POST request."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/h4kuy4/vuln/blob/main/H3C_B1STW/CVE-2023-34931.md",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-349xx/CVE-2023-34932.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-34932",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-28T14:15:09.923",
"lastModified": "2023-06-28T15:25:24.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A stack overflow in the UpdateWanMode function of H3C Magic B1STV100R012 allows attackers to cause a Denial of Service (DoS) via a crafted POST request."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/h4kuy4/vuln/blob/main/H3C_B1STW/CVE-2023-34932.md",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-349xx/CVE-2023-34933.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-34933",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-28T15:15:10.193",
"lastModified": "2023-06-28T15:25:19.233",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A stack overflow in the UpdateWanParams function of H3C Magic B1STV100R012 allows attackers to cause a Denial of Service (DoS) via a crafted POST request."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/h4kuy4/vuln/blob/main/H3C_B1STW/CVE-2023-34933.md",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-349xx/CVE-2023-34934.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-34934",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-28T15:15:10.240",
"lastModified": "2023-06-28T15:25:19.233",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A stack overflow in the Edit_BasicSSID_5G function of H3C Magic B1STV100R012 allows attackers to cause a Denial of Service (DoS) via a crafted POST request."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/h4kuy4/vuln/blob/main/H3C_B1STW/CVE-2023-34934.md",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-349xx/CVE-2023-34935.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-34935",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-28T15:15:10.283",
"lastModified": "2023-06-28T15:25:19.233",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A stack overflow in the AddWlanMacList function of H3C Magic B1STV100R012 allows attackers to cause a Denial of Service (DoS) via a crafted POST request."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/h4kuy4/vuln/blob/main/H3C_B1STW/CVE-2023-34935.md",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-349xx/CVE-2023-34936.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-34936",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-28T15:15:10.333",
"lastModified": "2023-06-28T15:25:19.233",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A stack overflow in the UpdateMacClone function of H3C Magic B1STV100R012 allows attackers to cause a Denial of Service (DoS) via a crafted POST request."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/h4kuy4/vuln/blob/main/H3C_B1STW/CVE-2023-34936.md",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-349xx/CVE-2023-34937.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-34937",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-28T15:15:10.377",
"lastModified": "2023-06-28T15:25:19.233",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A stack overflow in the UpdateSnat function of H3C Magic B1STV100R012 allows attackers to cause a Denial of Service (DoS) via a crafted POST request."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/h4kuy4/vuln/blob/main/H3C_B1STW/CVE-2023-34937.md",
"source": "cve@mitre.org"
}
]
}

8
CVE-2023/CVE-2023-34xx/CVE-2023-3407.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-3407",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-06-28T03:15:09.243",
"lastModified": "2023-06-28T03:15:09.243",
"vulnStatus": "Received",
"lastModified": "2023-06-28T12:34:43.903",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "The Subscribe2 plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 10.40. This is due to missing or incorrect nonce validation when sending test emails. This makes it possible for unauthenticated attackers to send test emails with custom content to users on sites running a vulnerable version of this plugin via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."
},
{
"lang": "es",
"value": "El plugin Subscribe2 para WordPress es vulnerable a ataques de tipo Cross-Site Request Forgery (CSRF) en versiones hasta la 10.40 inclusive. Esto se debe a la falta o incorrecta validaci\u00f3n nonce al enviar correos electr\u00f3nicos de prueba. Esto hace posible que los atacantes no autenticados env\u00eden correos electr\u00f3nicos de prueba con contenido personalizado en los sitios que ejecutan una versi\u00f3n vulnerable de este plugin a trav\u00e9s de una petici\u00f3n falsificada pudiendo enga\u00f1ar a un administrador del sitio para realizar una acci\u00f3n como hacer clic en un enlace. "
}
],
"metrics": {

4
CVE-2023/CVE-2023-34xx/CVE-2023-3427.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3427",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-06-28T02:15:49.783",
"lastModified": "2023-06-28T02:15:49.783",
"vulnStatus": "Received",
"lastModified": "2023-06-28T12:34:43.903",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-34xx/CVE-2023-3436.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3436",
"sourceIdentifier": "xpdf@xpdfreader.com",
"published": "2023-06-27T21:15:16.047",
"lastModified": "2023-06-27T21:15:16.047",
"vulnStatus": "Received",
"lastModified": "2023-06-28T12:34:43.903",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

59
CVE-2023/CVE-2023-34xx/CVE-2023-3445.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-3445",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-06-28T14:15:10.117",
"lastModified": "2023-06-28T15:25:19.233",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Cross-site Scripting (XSS) - Stored in GitHub repository spinacms/spina prior to 2.15.1."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW"
},
"exploitabilityScore": 0.9,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/spinacms/spina/commit/9adfe7b4807b3cc10dbb7351a26cc32f5d8c14a3",
"source": "security@huntr.dev"
},
{
"url": "https://huntr.dev/bounties/18a74a9d-4a2d-4bf8-ae62-56a909427070",
"source": "security@huntr.dev"
}
]
}

4
CVE-2023/CVE-2023-364xx/CVE-2023-36464.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36464",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-06-27T22:15:11.790",
"lastModified": "2023-06-27T22:15:11.790",
"vulnStatus": "Received",
"lastModified": "2023-06-28T12:34:43.903",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

67
CVE-2023/CVE-2023-364xx/CVE-2023-36467.json Normal file
View File

@ -0,0 +1,67 @@
{
"id": "CVE-2023-36467",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-06-28T14:15:09.967",
"lastModified": "2023-06-28T15:25:24.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "AWS data.all is an open source development framework to help users build a data marketplace on Amazon Web Services. data.all versions 1.2.0 through 1.5.1 do not prevent remote code execution when a user injects Python commands into the \u2018Template\u2019 field when configuring a data pipeline. The issue can only be triggered by authenticated users. A fix for this issue is available in data.all version 1.5.2 and later. There is no recommended work around."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.1,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"references": [
{
"url": "https://github.com/awslabs/aws-dataall/pull/472",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/awslabs/aws-dataall/releases/tag/v1.5.2",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/awslabs/aws-dataall/releases/tag/v1.5.4",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/awslabs/aws-dataall/security/advisories/GHSA-m922-chh7-8qcr",
"source": "security-advisories@github.com"
}
]
}

6
CVE-2023/CVE-2023-366xx/CVE-2023-36630.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-36630",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-25T16:15:09.480",
"lastModified": "2023-06-26T13:02:36.297",
"lastModified": "2023-06-28T14:15:10.047",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -12,6 +12,10 @@
],
"metrics": {},
"references": [
{
"url": "https://github.com/yunaranyancat/poc-dump/blob/main/cloudpanel/README.md",
"source": "cve@mitre.org"
},
{
"url": "https://www.cloudpanel.io/docs/v2/changelog/",
"source": "cve@mitre.org"

61
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-06-28T12:00:41.204318+00:00
2023-06-28T16:00:29.495226+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-06-28T10:15:09.607000+00:00
2023-06-28T15:59:59.863000+00:00
```
### Last Data Feed Release
@ -29,20 +29,69 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
218709
218737
```
### CVEs added in the last Commit
Recently added CVEs: `0`
Recently added CVEs: `28`
* [CVE-2023-20006](CVE-2023/CVE-2023-200xx/CVE-2023-20006.json) (`2023-06-28T15:15:09.387`)
* [CVE-2023-20028](CVE-2023/CVE-2023-200xx/CVE-2023-20028.json) (`2023-06-28T15:15:09.457`)
* [CVE-2023-20105](CVE-2023/CVE-2023-201xx/CVE-2023-20105.json) (`2023-06-28T15:15:09.517`)
* [CVE-2023-20108](CVE-2023/CVE-2023-201xx/CVE-2023-20108.json) (`2023-06-28T15:15:09.577`)
* [CVE-2023-20116](CVE-2023/CVE-2023-201xx/CVE-2023-20116.json) (`2023-06-28T15:15:09.640`)
* [CVE-2023-20119](CVE-2023/CVE-2023-201xx/CVE-2023-20119.json) (`2023-06-28T15:15:09.700`)
* [CVE-2023-20120](CVE-2023/CVE-2023-201xx/CVE-2023-20120.json) (`2023-06-28T15:15:09.760`)
* [CVE-2023-20136](CVE-2023/CVE-2023-201xx/CVE-2023-20136.json) (`2023-06-28T15:15:09.820`)
* [CVE-2023-20178](CVE-2023/CVE-2023-201xx/CVE-2023-20178.json) (`2023-06-28T15:15:09.880`)
* [CVE-2023-20188](CVE-2023/CVE-2023-201xx/CVE-2023-20188.json) (`2023-06-28T15:15:09.943`)
* [CVE-2023-20192](CVE-2023/CVE-2023-201xx/CVE-2023-20192.json) (`2023-06-28T15:15:10.007`)
* [CVE-2023-20199](CVE-2023/CVE-2023-201xx/CVE-2023-20199.json) (`2023-06-28T15:15:10.070`)
* [CVE-2023-26615](CVE-2023/CVE-2023-266xx/CVE-2023-26615.json) (`2023-06-28T15:15:10.137`)
* [CVE-2023-34933](CVE-2023/CVE-2023-349xx/CVE-2023-34933.json) (`2023-06-28T15:15:10.193`)
* [CVE-2023-34934](CVE-2023/CVE-2023-349xx/CVE-2023-34934.json) (`2023-06-28T15:15:10.240`)
* [CVE-2023-34935](CVE-2023/CVE-2023-349xx/CVE-2023-34935.json) (`2023-06-28T15:15:10.283`)
* [CVE-2023-34936](CVE-2023/CVE-2023-349xx/CVE-2023-34936.json) (`2023-06-28T15:15:10.333`)
* [CVE-2023-34937](CVE-2023/CVE-2023-349xx/CVE-2023-34937.json) (`2023-06-28T15:15:10.377`)
* [CVE-2023-30259](CVE-2023/CVE-2023-302xx/CVE-2023-30259.json) (`2023-06-28T14:15:09.677`)
* [CVE-2023-34928](CVE-2023/CVE-2023-349xx/CVE-2023-34928.json) (`2023-06-28T14:15:09.743`)
* [CVE-2023-34929](CVE-2023/CVE-2023-349xx/CVE-2023-34929.json) (`2023-06-28T14:15:09.790`)
* [CVE-2023-34930](CVE-2023/CVE-2023-349xx/CVE-2023-34930.json) (`2023-06-28T14:15:09.833`)
* [CVE-2023-34931](CVE-2023/CVE-2023-349xx/CVE-2023-34931.json) (`2023-06-28T14:15:09.877`)
* [CVE-2023-34932](CVE-2023/CVE-2023-349xx/CVE-2023-34932.json) (`2023-06-28T14:15:09.923`)
* [CVE-2023-36467](CVE-2023/CVE-2023-364xx/CVE-2023-36467.json) (`2023-06-28T14:15:09.967`)
### CVEs modified in the last Commit
Recently modified CVEs: `1`
Recently modified CVEs: `54`
* [CVE-2023-2785](CVE-2023/CVE-2023-27xx/CVE-2023-2785.json) (`2023-06-28T10:15:09.607`)
* [CVE-2023-3427](CVE-2023/CVE-2023-34xx/CVE-2023-3427.json) (`2023-06-28T12:34:43.903`)
* [CVE-2023-1844](CVE-2023/CVE-2023-18xx/CVE-2023-1844.json) (`2023-06-28T12:34:43.903`)
* [CVE-2023-3407](CVE-2023/CVE-2023-34xx/CVE-2023-3407.json) (`2023-06-28T12:34:43.903`)
* [CVE-2023-26134](CVE-2023/CVE-2023-261xx/CVE-2023-26134.json) (`2023-06-28T12:34:43.903`)
* [CVE-2023-32623](CVE-2023/CVE-2023-326xx/CVE-2023-32623.json) (`2023-06-28T12:34:43.903`)
* [CVE-2023-3034](CVE-2023/CVE-2023-30xx/CVE-2023-3034.json) (`2023-06-28T12:34:43.903`)
* [CVE-2023-34340](CVE-2023/CVE-2023-343xx/CVE-2023-34340.json) (`2023-06-28T12:43:31.883`)
* [CVE-2023-33869](CVE-2023/CVE-2023-338xx/CVE-2023-33869.json) (`2023-06-28T12:51:10.270`)
* [CVE-2023-3325](CVE-2023/CVE-2023-33xx/CVE-2023-3325.json) (`2023-06-28T13:26:34.913`)
* [CVE-2023-27243](CVE-2023/CVE-2023-272xx/CVE-2023-27243.json) (`2023-06-28T13:50:19.303`)
* [CVE-2023-36630](CVE-2023/CVE-2023-366xx/CVE-2023-36630.json) (`2023-06-28T14:15:10.047`)
* [CVE-2023-27414](CVE-2023/CVE-2023-274xx/CVE-2023-27414.json) (`2023-06-28T14:30:54.427`)
* [CVE-2023-27432](CVE-2023/CVE-2023-274xx/CVE-2023-27432.json) (`2023-06-28T14:31:07.147`)
* [CVE-2023-28956](CVE-2023/CVE-2023-289xx/CVE-2023-28956.json) (`2023-06-28T14:51:02.947`)
* [CVE-2023-0969](CVE-2023/CVE-2023-09xx/CVE-2023-0969.json) (`2023-06-28T14:59:30.573`)
* [CVE-2023-34012](CVE-2023/CVE-2023-340xx/CVE-2023-34012.json) (`2023-06-28T15:04:03.897`)
* [CVE-2023-33842](CVE-2023/CVE-2023-338xx/CVE-2023-33842.json) (`2023-06-28T15:08:42.347`)
* [CVE-2023-3303](CVE-2023/CVE-2023-33xx/CVE-2023-3303.json) (`2023-06-28T15:19:14.713`)
* [CVE-2023-3304](CVE-2023/CVE-2023-33xx/CVE-2023-3304.json) (`2023-06-28T15:21:27.977`)
* [CVE-2023-32449](CVE-2023/CVE-2023-324xx/CVE-2023-32449.json) (`2023-06-28T15:21:44.097`)
* [CVE-2023-29711](CVE-2023/CVE-2023-297xx/CVE-2023-29711.json) (`2023-06-28T15:33:24.683`)
* [CVE-2023-33405](CVE-2023/CVE-2023-334xx/CVE-2023-33405.json) (`2023-06-28T15:46:39.587`)
* [CVE-2023-33591](CVE-2023/CVE-2023-335xx/CVE-2023-33591.json) (`2023-06-28T15:47:35.893`)
* [CVE-2023-24261](CVE-2023/CVE-2023-242xx/CVE-2023-24261.json) (`2023-06-28T15:57:40.363`)
* [CVE-2023-3110](CVE-2023/CVE-2023-31xx/CVE-2023-3110.json) (`2023-06-28T15:59:59.863`)
## Download and Usage