admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-05-01T18:00:24.617849+00:00

Browse Source
This commit is contained in:
René Helmke 2023-05-01 20:00:27 +02:00
parent 61d23541d4
commit 605b7f27b7
32 changed files with 1530 additions and 98 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

92
CVE-2022/CVE-2022-20xx/CVE-2022-2084.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-2084",
"sourceIdentifier": "security@ubuntu.com",
"published": "2023-04-19T22:15:10.207",
"lastModified": "2023-04-20T13:15:05.443",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-01T17:39:10.673",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "security@ubuntu.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-532"
}
]
},
{
"source": "security@ubuntu.com",
"type": "Secondary",
@ -46,14 +76,68 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:canonical:cloud-init:*:*:*:*:*:*:*:*",
"versionEndExcluding": "22.3",
"matchCriteriaId": "40F3D313-A853-4C22-B9C6-774118D80091"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "902B8056-9E37-443B-8905-8AA93E2447FB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:21.10:*:*:*:*:*:*:*",
"matchCriteriaId": "AAE4D2D0-CEEB-416F-8BC5-A7987DF56190"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:22.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "359012F1-2C63-415A-88B8-6726A87830DE"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/canonical/cloud-init/commit/4d467b14363d800b2185b89790d57871f11ea88c",
"source": "security@ubuntu.com"
"source": "security@ubuntu.com",
"tags": [
"Patch"
]
},
{
"url": "https://ubuntu.com/security/notices/USN-5496-1",
"source": "security@ubuntu.com"
"source": "security@ubuntu.com",
"tags": [
"Broken Link"
]
}
]
}

43
CVE-2023/CVE-2023-225xx/CVE-2023-22503.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-22503",
"sourceIdentifier": "security@atlassian.com",
"published": "2023-05-01T17:15:08.993",
"lastModified": "2023-05-01T17:15:08.993",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Affected versions of Atlassian Confluence Server and Data Center allow anonymous remote attackers to view the names of attachments and labels in a private Confluence space. This occurs via an Information Disclosure vulnerability in the macro preview feature.\r\n\r\nThis vulnerability was reported by Rojan Rijal of the Tinder Security Engineering team.\r\n\r\nThe affected versions are before version 7.13.15, from version 7.14.0 before 7.19.7, and from version 7.20.0 before 8.2.0."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "security@atlassian.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://jira.atlassian.com/browse/CONFSERVER-82403",
"source": "security@atlassian.com"
}
]
}

55
CVE-2023/CVE-2023-229xx/CVE-2023-22919.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-22919",
"sourceIdentifier": "security@zyxel.com.tw",
"published": "2023-05-01T17:15:09.050",
"lastModified": "2023-05-01T17:15:09.050",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The post-authentication command injection vulnerability in the Zyxel NBG6604 firmware version V1.01(ABIR.0)C0 could allow an authenticated attacker to execute some OS commands remotely by sending a crafted HTTP request."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@zyxel.com.tw",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security@zyxel.com.tw",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"references": [
{
"url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-post-authentication-command-injection-vulnerability-in-nbg6604-home-router",
"source": "security@zyxel.com.tw"
}
]
}

55
CVE-2023/CVE-2023-229xx/CVE-2023-22921.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-22921",
"sourceIdentifier": "security@zyxel.com.tw",
"published": "2023-05-01T17:15:09.110",
"lastModified": "2023-05-01T17:15:09.110",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A cross-site scripting (XSS) vulnerability in the Zyxel NBG-418N v2 firmware versions prior to V1.00(AARP.14)C0 could allow a remote authenticated attacker with administrator privileges to store malicious scripts using a web management interface parameter, resulting in denial-of-service (DoS) conditions on an affected device."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@zyxel.com.tw",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security@zyxel.com.tw",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-nbg-418n-v2-home-router",
"source": "security@zyxel.com.tw"
}
]
}

55
CVE-2023/CVE-2023-229xx/CVE-2023-22922.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-22922",
"sourceIdentifier": "security@zyxel.com.tw",
"published": "2023-05-01T17:15:09.163",
"lastModified": "2023-05-01T17:15:09.163",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow vulnerability in the Zyxel NBG-418N v2 firmware versions prior to V1.00(AARP.14)C0 could allow a remote unauthenticated attacker to cause DoS conditions by sending crafted packets if Telnet is enabled on a vulnerable device."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@zyxel.com.tw",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security@zyxel.com.tw",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"references": [
{
"url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-nbg-418n-v2-home-router",
"source": "security@zyxel.com.tw"
}
]
}

55
CVE-2023/CVE-2023-229xx/CVE-2023-22923.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-22923",
"sourceIdentifier": "security@zyxel.com.tw",
"published": "2023-05-01T17:15:09.220",
"lastModified": "2023-05-01T17:15:09.220",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A format string vulnerability in a binary of the Zyxel NBG-418N v2 firmware versions prior to V1.00(AARP.14)C0 could allow a remote authenticated attacker to cause denial-of-service (DoS) conditions on an affected device."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@zyxel.com.tw",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security@zyxel.com.tw",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-134"
}
]
}
],
"references": [
{
"url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-nbg-418n-v2-home-router",
"source": "security@zyxel.com.tw"
}
]
}

55
CVE-2023/CVE-2023-229xx/CVE-2023-22924.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-22924",
"sourceIdentifier": "security@zyxel.com.tw",
"published": "2023-05-01T17:15:09.273",
"lastModified": "2023-05-01T17:15:09.273",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow vulnerability in the Zyxel NBG-418N v2 firmware versions prior to V1.00(AARP.14)C0 could allow a remote authenticated attacker with administrator privileges to cause denial-of-service (DoS) conditions by executing crafted CLI commands on a vulnerable device."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@zyxel.com.tw",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security@zyxel.com.tw",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"references": [
{
"url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities-in-nbg-418n-v2-home-router",
"source": "security@zyxel.com.tw"
}
]
}

60
CVE-2023/CVE-2023-22xx/CVE-2023-2204.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2204",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-04-21T07:15:07.260",
"lastModified": "2023-04-24T13:02:28.070",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-01T16:08:45.683",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,18 +93,46 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:retro_basketball_shoes_online_store_project:retro_basketball_shoes_online_store:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "09D09EEA-EF02-47DB-8146-958141C51E71"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/E1CHO/cve_hub/blob/main/Retro%20Basketball%20Shoes%20Online%20Store/Retro%20Basketball%20Shoes%20Online%20Store%20-%20vuln%205.pdf",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.226969",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.226969",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

60
CVE-2023/CVE-2023-22xx/CVE-2023-2205.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2205",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-04-21T07:15:07.410",
"lastModified": "2023-04-24T13:02:28.070",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-01T16:10:01.617",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,18 +93,46 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:retro_basketball_shoes_online_store_project:retro_basketball_shoes_online_store:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "09D09EEA-EF02-47DB-8146-958141C51E71"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/E1CHO/cve_hub/blob/main/Retro%20Basketball%20Shoes%20Online%20Store/Retro%20Basketball%20Shoes%20Online%20Store%20-%20vuln%201.pdf",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.226970",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.226970",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

60
CVE-2023/CVE-2023-22xx/CVE-2023-2206.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2206",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-04-21T08:15:07.093",
"lastModified": "2023-04-24T13:02:28.070",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-01T16:26:23.937",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,18 +93,46 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:retro_basketball_shoes_online_store_project:retro_basketball_shoes_online_store:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "09D09EEA-EF02-47DB-8146-958141C51E71"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/E1CHO/cve_hub/blob/main/Retro%20Basketball%20Shoes%20Online%20Store/Retro%20Basketball%20Shoes%20Online%20Store%20-%20vuln%202.pdf",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.226971",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.226971",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

60
CVE-2023/CVE-2023-22xx/CVE-2023-2207.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2207",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-04-21T08:15:07.157",
"lastModified": "2023-04-24T13:02:28.070",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-01T16:14:41.493",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,18 +93,46 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:retro_basketball_shoes_online_store_project:retro_basketball_shoes_online_store:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "09D09EEA-EF02-47DB-8146-958141C51E71"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/E1CHO/cve_hub/blob/main/Retro%20Basketball%20Shoes%20Online%20Store/Retro%20Basketball%20Shoes%20Online%20Store%20-%20vuln%203.pdf",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.226972",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.226972",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

60
CVE-2023/CVE-2023-22xx/CVE-2023-2208.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2208",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-04-21T08:15:07.220",
"lastModified": "2023-04-24T13:02:28.070",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-01T16:36:02.587",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,18 +93,46 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:retro_basketball_shoes_online_store_project:retro_basketball_shoes_online_store:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "09D09EEA-EF02-47DB-8146-958141C51E71"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/E1CHO/cve_hub/blob/main/Retro%20Basketball%20Shoes%20Online%20Store/Retro%20Basketball%20Shoes%20Online%20Store%20-%20vuln%204.pdf",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.226973",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.226973",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

88
CVE-2023/CVE-2023-24xx/CVE-2023-2451.json Normal file
View File

@ -0,0 +1,88 @@
{
"id": "CVE-2023-2451",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-05-01T16:15:11.640",
"lastModified": "2023-05-01T16:15:11.640",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in SourceCodester Online DJ Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/bookings/view_details.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-227795."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/ShellHunTerAndyLABA/bug_report/blob/main/SQLi-1.md",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.227795",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.227795",
"source": "cna@vuldb.com"
}
]
}

81
CVE-2023/CVE-2023-295xx/CVE-2023-29523.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-29523",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-04-19T00:15:08.987",
"lastModified": "2023-04-19T12:39:38.607",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-01T16:31:27.287",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,22 +66,71 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:xwiki:xwiki:*:*:*:*:*:*:*:*",
"versionEndExcluding": "13.10.11",
"matchCriteriaId": "A3CD7FFB-D491-4B7D-839D-D567B0C00E59"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:xwiki:xwiki:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.0",
"versionEndExcluding": "14.4.8",
"matchCriteriaId": "AD2B185D-F8A6-49EB-B485-744F234B8730"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:xwiki:xwiki:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.5",
"versionEndExcluding": "14.10.2",
"matchCriteriaId": "E472CD99-824B-4235-B9AB-2740FB40F601"
}
]
}
]
}
],
"references": [
{
"url": "https://extensions.xwiki.org/xwiki/bin/view/Extension/App%20Within%20Minutes%20Application",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Product"
]
},
{
"url": "https://github.com/xwiki/xwiki-platform/commit/0d547181389f7941e53291af940966413823f61c",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-x764-ff8r-9hpx",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://jira.xwiki.org/browse/XWIKI-20327",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Vendor Advisory"
]
}
]
}

64
CVE-2023/CVE-2023-295xx/CVE-2023-29524.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-29524",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-04-19T00:15:09.057",
"lastModified": "2023-04-19T12:39:38.607",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-01T17:27:08.340",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,18 +66,52 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:xwiki:xwiki:*:*:*:*:*:*:*:*",
"versionEndExcluding": "14.10.3",
"matchCriteriaId": "B30017E7-30DA-4B3F-9E6E-367F1DB40DE5"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-fc42-5w56-qw7h",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
]
},
{
"url": "https://jira.xwiki.org/browse/XWIKI-20295",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://jira.xwiki.org/browse/XWIKI-20462",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Vendor Advisory"
]
}
]
}

74
CVE-2023/CVE-2023-295xx/CVE-2023-29525.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-29525",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-04-19T00:15:09.127",
"lastModified": "2023-04-19T12:39:38.607",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-01T17:27:32.133",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,22 +66,64 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:xwiki:xwiki:*:*:*:*:*:*:*:*",
"versionEndExcluding": "14.4.8",
"matchCriteriaId": "18312249-9E74-4967-B376-EDD80C07233B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:xwiki:xwiki:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.5",
"versionEndExcluding": "14.10.3",
"matchCriteriaId": "4472030C-B32C-42AD-B137-2FA730A29836"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/xwiki/xwiki-platform/commit/6d74e2e4aa03d19f0be385ab63ae9e0f0e90a766",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/xwiki/xwiki-platform/commit/8e7c7f90f2ddaf067cb5b83b181af41513028754#diff-4e13f4ee4a42938bf1201b7ee71ca32edeacba22559daf0bcb89d534e0225949R70",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-jgg7-w2rj-58cj",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://jira.xwiki.org/browse/XWIKI-20287",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Vendor Advisory"
]
}
]
}

57
CVE-2023/CVE-2023-295xx/CVE-2023-29527.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-29527",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-04-19T00:15:09.293",
"lastModified": "2023-04-19T12:39:38.607",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-01T17:27:48.017",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,14 +66,43 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:xwiki:xwiki:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.4.4",
"versionEndExcluding": "14.10.3",
"matchCriteriaId": "4903C234-C2CF-4386-9096-0A7DF92F8B19"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-jgrg-qvpp-9vwr",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
]
},
{
"url": "https://jira.xwiki.org/browse/XWIKI-20423",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Vendor Advisory"
]
}
]
}

24
CVE-2023/CVE-2023-296xx/CVE-2023-29635.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-29635",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-01T16:15:11.240",
"lastModified": "2023-05-01T16:15:11.240",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "File upload vulnerability in Antabot White-Jotter v0.2.2, allows remote attackers to execute malicious code via the file parameter to function coversUpload."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/Antabot/White-Jotter/blob/c1c5d66fda090b986b8f46a7132d403e3b038c5d/wj/src/main/java/com/gm/wj/controller/LibraryController.java#L63",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/Antabot/White-Jotter/issues/157",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-296xx/CVE-2023-29636.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-29636",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-01T16:15:11.377",
"lastModified": "2023-05-01T16:15:11.377",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Cross site scripting (XSS) vulnerability in ZHENFENG13 My-Blog, allows attackers to inject arbitrary web script or HTML via the \"title\" field in the \"blog management\" page due to the the default configuration not using MyBlogUtils.cleanString."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/ZHENFENG13/My-Blog/issues/131",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-296xx/CVE-2023-29637.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-29637",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-01T16:15:11.433",
"lastModified": "2023-05-01T16:15:11.433",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Cross Site Scripting (XSS) vulnerability in Qbian61 forum-java, allows attackers to inject arbitrary web script or HTML via editing the article content in the \"article editor\" page."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/Qbian61/forum-java/issues/13",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-296xx/CVE-2023-29638.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-29638",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-01T16:15:11.483",
"lastModified": "2023-05-01T16:15:11.483",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Cross Site Scripting (XSS) vulnerability in WinterChenS my-site before commit 3f0423da6d5200c7a46e200da145c1f54ee18548, allows attackers to inject arbitrary web script or HTML via editing blog articles."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/WinterChenS/my-site/issues/74",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-296xx/CVE-2023-29639.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-29639",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-01T16:15:11.523",
"lastModified": "2023-05-01T16:15:11.523",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Cross site scripting (XSS) vulnerability in ZHENFENG13 My-Blog, allows attackers to inject arbitrary web script or HTML via editing an article in the \"blog article\" page due to the default configuration not utilizing MyBlogUtils.cleanString."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/ZHENFENG13/My-Blog/issues/131",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-296xx/CVE-2023-29641.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-29641",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-01T16:15:11.560",
"lastModified": "2023-05-01T16:15:11.560",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Cross Site Scripting (XSS) vulnerability in pandao editor.md thru 1.5.0 allows attackers to inject arbitrary web script or HTML via crafted markdown text."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/pandao/editor.md/issues/985",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-296xx/CVE-2023-29643.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-29643",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-01T16:15:11.600",
"lastModified": "2023-05-01T16:15:11.600",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Cross Site Scripting (XSS) vulnerability in PerfreeBlog 3.1.2 allows attackers to execute arbitrary code via the Post function."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/perfree/PerfreeBlog/issues/14",
"source": "cve@mitre.org"
}
]
}

57
CVE-2023/CVE-2023-305xx/CVE-2023-30536.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30536",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-04-17T22:15:10.137",
"lastModified": "2023-04-18T03:15:28.387",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-01T16:38:35.117",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,18 +66,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:slimframework:slim_psr-7:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.6.1",
"matchCriteriaId": "1CB325BE-7B88-42C4-ABF2-6AA374A0FE92"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/slimphp/Slim-Psr7/commit/ed1d553225dd190875d8814c47460daed4b550bb",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/slimphp/Slim-Psr7/security/advisories/GHSA-q2qj-628g-vhfw",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.rfc-editor.org/rfc/rfc7230#section-3.2.4",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Technical Description"
]
}
]
}

48
CVE-2023/CVE-2023-305xx/CVE-2023-30552.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30552",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-04-19T00:15:09.380",
"lastModified": "2023-04-19T12:39:38.607",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-05-01T16:48:47.687",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,10 +66,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:archerydms:archery:1.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DCE3AAB2-FAE8-440E-8BD4-3367BF3639D5"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/hhyo/Archery/security/advisories/GHSA-9jvj-8h33-6cqp",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Mitigation",
"Vendor Advisory"
]
}
]
}

48
CVE-2023/CVE-2023-305xx/CVE-2023-30553.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30553",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-04-19T00:15:09.450",
"lastModified": "2023-04-19T12:39:38.607",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-05-01T17:11:14.503",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,10 +66,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:archerydms:archery:1.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DCE3AAB2-FAE8-440E-8BD4-3367BF3639D5"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/hhyo/Archery/security/advisories/GHSA-hvcq-r2r2-34ch",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Mitigation",
"Vendor Advisory"
]
}
]
}

48
CVE-2023/CVE-2023-305xx/CVE-2023-30554.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30554",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-04-19T00:15:09.510",
"lastModified": "2023-04-19T12:39:38.607",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-05-01T17:17:50.057",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,10 +66,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:archerydms:archery:1.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DCE3AAB2-FAE8-440E-8BD4-3367BF3639D5"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/hhyo/Archery/security/advisories/GHSA-3p43-89m6-7x5w",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Mitigation",
"Vendor Advisory"
]
}
]
}

48
CVE-2023/CVE-2023-305xx/CVE-2023-30555.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30555",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-04-19T00:15:09.577",
"lastModified": "2023-04-19T12:39:38.607",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-05-01T17:21:56.100",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,10 +66,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:archerydms:archery:1.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DCE3AAB2-FAE8-440E-8BD4-3367BF3639D5"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/hhyo/Archery/security/advisories/GHSA-349r-2663-cr3w",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Mitigation",
"Vendor Advisory"
]
}
]
}

48
CVE-2023/CVE-2023-305xx/CVE-2023-30556.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30556",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-04-19T00:15:09.643",
"lastModified": "2023-04-19T12:39:38.607",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-05-01T17:27:45.527",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,10 +66,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:archerydms:archery:1.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DCE3AAB2-FAE8-440E-8BD4-3367BF3639D5"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/hhyo/Archery/security/advisories/GHSA-6pv9-9gq7-hr68",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Mitigation",
"Vendor Advisory"
]
}
]
}

53
CVE-2023/CVE-2023-305xx/CVE-2023-30557.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30557",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-04-19T00:15:09.717",
"lastModified": "2023-04-19T12:39:38.607",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-05-01T17:22:55.270",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,14 +66,39 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:archerydms:archery:1.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DCE3AAB2-FAE8-440E-8BD4-3367BF3639D5"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/hhyo/Archery/blob/bc86cda4c3b7d59f759d0d23bb63a54f52616752/sql/data_dictionary.py#L47-L86",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit"
]
},
{
"url": "https://github.com/hhyo/Archery/security/advisories/GHSA-9pvw-f8jv-xxjr",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Mitigation",
"Vendor Advisory"
]
}
]
}

60
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-05-01T16:00:23.727659+00:00
2023-05-01T18:00:24.617849+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-05-01T15:46:06.867000+00:00
2023-05-01T17:39:10.673000+00:00
```
### Last Data Feed Release
@ -29,38 +29,50 @@ Download and Changelog: [Click](releases/latest)
### Total Number of included CVEs
```plain
213854
213868
```
### CVEs added in the last Commit
Recently added CVEs: `12`
Recently added CVEs: `14`
* [CVE-2022-4568](CVE-2022/CVE-2022-45xx/CVE-2022-4568.json) (`2023-05-01T15:15:09.160`)
* [CVE-2022-45801](CVE-2022/CVE-2022-458xx/CVE-2022-45801.json) (`2023-05-01T15:15:08.790`)
* [CVE-2022-45802](CVE-2022/CVE-2022-458xx/CVE-2022-45802.json) (`2023-05-01T15:15:08.943`)
* [CVE-2022-46365](CVE-2022/CVE-2022-463xx/CVE-2022-46365.json) (`2023-05-01T15:15:09.013`)
* [CVE-2022-48186](CVE-2022/CVE-2022-481xx/CVE-2022-48186.json) (`2023-05-01T15:15:09.083`)
* [CVE-2023-0683](CVE-2023/CVE-2023-06xx/CVE-2023-0683.json) (`2023-05-01T15:15:09.223`)
* [CVE-2023-0896](CVE-2023/CVE-2023-08xx/CVE-2023-0896.json) (`2023-05-01T14:15:09.397`)
* [CVE-2023-25492](CVE-2023/CVE-2023-254xx/CVE-2023-25492.json) (`2023-05-01T15:15:09.290`)
* [CVE-2023-28092](CVE-2023/CVE-2023-280xx/CVE-2023-28092.json) (`2023-05-01T15:15:09.357`)
* [CVE-2023-30061](CVE-2023/CVE-2023-300xx/CVE-2023-30061.json) (`2023-05-01T14:15:09.550`)
* [CVE-2023-30063](CVE-2023/CVE-2023-300xx/CVE-2023-30063.json) (`2023-05-01T14:15:09.593`)
* [CVE-2023-30859](CVE-2023/CVE-2023-308xx/CVE-2023-30859.json) (`2023-05-01T14:15:09.637`)
* [CVE-2023-22503](CVE-2023/CVE-2023-225xx/CVE-2023-22503.json) (`2023-05-01T17:15:08.993`)
* [CVE-2023-22919](CVE-2023/CVE-2023-229xx/CVE-2023-22919.json) (`2023-05-01T17:15:09.050`)
* [CVE-2023-22921](CVE-2023/CVE-2023-229xx/CVE-2023-22921.json) (`2023-05-01T17:15:09.110`)
* [CVE-2023-22922](CVE-2023/CVE-2023-229xx/CVE-2023-22922.json) (`2023-05-01T17:15:09.163`)
* [CVE-2023-22923](CVE-2023/CVE-2023-229xx/CVE-2023-22923.json) (`2023-05-01T17:15:09.220`)
* [CVE-2023-22924](CVE-2023/CVE-2023-229xx/CVE-2023-22924.json) (`2023-05-01T17:15:09.273`)
* [CVE-2023-2451](CVE-2023/CVE-2023-24xx/CVE-2023-2451.json) (`2023-05-01T16:15:11.640`)
* [CVE-2023-29635](CVE-2023/CVE-2023-296xx/CVE-2023-29635.json) (`2023-05-01T16:15:11.240`)
* [CVE-2023-29636](CVE-2023/CVE-2023-296xx/CVE-2023-29636.json) (`2023-05-01T16:15:11.377`)
* [CVE-2023-29637](CVE-2023/CVE-2023-296xx/CVE-2023-29637.json) (`2023-05-01T16:15:11.433`)
* [CVE-2023-29638](CVE-2023/CVE-2023-296xx/CVE-2023-29638.json) (`2023-05-01T16:15:11.483`)
* [CVE-2023-29639](CVE-2023/CVE-2023-296xx/CVE-2023-29639.json) (`2023-05-01T16:15:11.523`)
* [CVE-2023-29641](CVE-2023/CVE-2023-296xx/CVE-2023-29641.json) (`2023-05-01T16:15:11.560`)
* [CVE-2023-29643](CVE-2023/CVE-2023-296xx/CVE-2023-29643.json) (`2023-05-01T16:15:11.600`)
### CVEs modified in the last Commit
Recently modified CVEs: `7`
Recently modified CVEs: `17`
* [CVE-2022-45064](CVE-2022/CVE-2022-450xx/CVE-2022-45064.json) (`2023-05-01T15:19:22.327`)
* [CVE-2023-2131](CVE-2023/CVE-2023-21xx/CVE-2023-2131.json) (`2023-05-01T14:17:38.750`)
* [CVE-2023-2176](CVE-2023/CVE-2023-21xx/CVE-2023-2176.json) (`2023-05-01T14:26:28.220`)
* [CVE-2023-28003](CVE-2023/CVE-2023-280xx/CVE-2023-28003.json) (`2023-05-01T14:00:32.963`)
* [CVE-2023-29213](CVE-2023/CVE-2023-292xx/CVE-2023-29213.json) (`2023-05-01T14:02:43.807`)
* [CVE-2023-29528](CVE-2023/CVE-2023-295xx/CVE-2023-29528.json) (`2023-05-01T15:46:06.867`)
* [CVE-2023-30456](CVE-2023/CVE-2023-304xx/CVE-2023-30456.json) (`2023-05-01T15:26:57.893`)
* [CVE-2022-2084](CVE-2022/CVE-2022-20xx/CVE-2022-2084.json) (`2023-05-01T17:39:10.673`)
* [CVE-2023-2204](CVE-2023/CVE-2023-22xx/CVE-2023-2204.json) (`2023-05-01T16:08:45.683`)
* [CVE-2023-2205](CVE-2023/CVE-2023-22xx/CVE-2023-2205.json) (`2023-05-01T16:10:01.617`)
* [CVE-2023-2206](CVE-2023/CVE-2023-22xx/CVE-2023-2206.json) (`2023-05-01T16:26:23.937`)
* [CVE-2023-2207](CVE-2023/CVE-2023-22xx/CVE-2023-2207.json) (`2023-05-01T16:14:41.493`)
* [CVE-2023-2208](CVE-2023/CVE-2023-22xx/CVE-2023-2208.json) (`2023-05-01T16:36:02.587`)
* [CVE-2023-29523](CVE-2023/CVE-2023-295xx/CVE-2023-29523.json) (`2023-05-01T16:31:27.287`)
* [CVE-2023-29524](CVE-2023/CVE-2023-295xx/CVE-2023-29524.json) (`2023-05-01T17:27:08.340`)
* [CVE-2023-29525](CVE-2023/CVE-2023-295xx/CVE-2023-29525.json) (`2023-05-01T17:27:32.133`)
* [CVE-2023-29527](CVE-2023/CVE-2023-295xx/CVE-2023-29527.json) (`2023-05-01T17:27:48.017`)
* [CVE-2023-30536](CVE-2023/CVE-2023-305xx/CVE-2023-30536.json) (`2023-05-01T16:38:35.117`)
* [CVE-2023-30552](CVE-2023/CVE-2023-305xx/CVE-2023-30552.json) (`2023-05-01T16:48:47.687`)
* [CVE-2023-30553](CVE-2023/CVE-2023-305xx/CVE-2023-30553.json) (`2023-05-01T17:11:14.503`)
* [CVE-2023-30554](CVE-2023/CVE-2023-305xx/CVE-2023-30554.json) (`2023-05-01T17:17:50.057`)
* [CVE-2023-30555](CVE-2023/CVE-2023-305xx/CVE-2023-30555.json) (`2023-05-01T17:21:56.100`)
* [CVE-2023-30556](CVE-2023/CVE-2023-305xx/CVE-2023-30556.json) (`2023-05-01T17:27:45.527`)
* [CVE-2023-30557](CVE-2023/CVE-2023-305xx/CVE-2023-30557.json) (`2023-05-01T17:22:55.270`)
## Download and Usage