admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-12-11T17:04:10.424765+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-12-11 17:04:14 +00:00
parent 77b996cb73
commit 6123b94be0
65 changed files with 73659 additions and 245 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

99
CVE-2021/CVE-2021-359xx/CVE-2021-35975.json
View File

@ -2,19 +2,110 @@
"id": "CVE-2021-35975", "id": "CVE-2021-35975",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-11-30T22:15:07.530", "published": "2023-11-30T22:15:07.530",
"lastModified": "2023-12-01T02:28:42.607", "lastModified": "2023-12-11T15:34:44.587",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Absolute path traversal vulnerability in the Systematica SMTP Adapter component (up to v2.0.1.101) in Systematica Radius (up to v.3.9.256.777) allows remote attackers to read arbitrary files via a full pathname in GET parameter \"file\" in URL. Also: affected components in same product - HTTP Adapter (up to v.1.8.0.15), MSSQL MessageBus Proxy (up to v.1.1.06), Financial Calculator (up to v.1.3.05), FIX Adapter (up to v.2.4.0.25)" "value": "Absolute path traversal vulnerability in the Systematica SMTP Adapter component (up to v2.0.1.101) in Systematica Radius (up to v.3.9.256.777) allows remote attackers to read arbitrary files via a full pathname in GET parameter \"file\" in URL. Also: affected components in same product - HTTP Adapter (up to v.1.8.0.15), MSSQL MessageBus Proxy (up to v.1.1.06), Financial Calculator (up to v.1.3.05), FIX Adapter (up to v.2.4.0.25)"
},
{
"lang": "es",
"value": "Vulnerabilidad de path traversal absoluto en el componente Systematica SMTP Adapter (hasta v2.0.1.101) en Systematica Radius (hasta v.3.9.256.777) permite a atacantes remotos leer archivos arbitrarios a trav\u00e9s de un nombre de ruta completo en el par\u00e1metro GET \"archivo\" en URL . Adem\u00e1s: componentes afectados en el mismo producto: Adaptador HTTP (hasta v.1.8.0.15), Proxy MSSQL MessageBus (hasta v.1.1.06), Calculadora financiera (hasta v.1.3.05), Adaptador FIX (hasta v.2.4.0.25)"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:systematica:financial_calculator:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.3.05",
"matchCriteriaId": "7670A7C0-374D-49A8-ACCA-75A2E85BBBD6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:systematica:fix_adapter:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2.4.0.25",
"matchCriteriaId": "17A654EA-9C84-42EB-AF76-C51E0E242415"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:systematica:http_adapter:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.8.0.15",
"matchCriteriaId": "5CD9D4F0-F12D-4A0D-977B-765DE9968CBF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:systematica:mssql_messagebus_proxy:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.1.06",
"matchCriteriaId": "4F1F4409-1AD0-4B15-9908-A6539834F249"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:systematica:radius:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.9.256.777",
"matchCriteriaId": "B53E02A6-E1A8-4414-85F1-B98C878D0780"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:systematica:smtp_adapter:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2.0.1.101",
"matchCriteriaId": "34768134-B53D-4B3C-AB35-E1A65126C39F"
}
]
}
]
} }
], ],
"metrics": {},
"references": [ "references": [
{ {
"url": "https://github.com/fbkcs/CVE-2021-35975", "url": "https://github.com/fbkcs/CVE-2021-35975",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

72
CVE-2022/CVE-2022-475xx/CVE-2022-47531.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-47531", "id": "CVE-2022-47531",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-12-05T06:15:48.367", "published": "2023-12-05T06:15:48.367",
"lastModified": "2023-12-05T13:51:04.540", "lastModified": "2023-12-11T15:35:40.867",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -14,11 +14,75 @@
"value": "Se descubri\u00f3 un problema en las versiones 3.x anteriores a 3.25 y 2.x anteriores a 2.16 de Ericsson Evolved Packet Gateway (EPG), que permite a los usuarios autenticados omitir la Interfaz de L\u00ednea de Comandos (CLI) del sistema y ejecutar comandos que est\u00e1n autorizados a ejecutar directamente en el shell de UNIX." "value": "Se descubri\u00f3 un problema en las versiones 3.x anteriores a 3.25 y 2.x anteriores a 2.16 de Ericsson Evolved Packet Gateway (EPG), que permite a los usuarios autenticados omitir la Interfaz de L\u00ednea de Comandos (CLI) del sistema y ejecutar comandos que est\u00e1n autorizados a ejecutar directamente en el shell de UNIX."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ericsson:evolved_packet_gateway:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.0",
"versionEndExcluding": "2.16",
"matchCriteriaId": "83CA9958-EC71-41DB-AB47-0374F7A462CF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ericsson:evolved_packet_gateway:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.0",
"versionEndExcluding": "3.25",
"matchCriteriaId": "39E6AB32-639F-4736-8477-984747638272"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://www.gruppotim.it/it/footer/red-team.html", "url": "https://www.gruppotim.it/it/footer/red-team.html",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

1420
CVE-2023/CVE-2023-216xx/CVE-2023-21634.json
View File

File diff suppressed because it is too large Load Diff

1637
CVE-2023/CVE-2023-223xx/CVE-2023-22383.json
View File

File diff suppressed because it is too large Load Diff

83
CVE-2023/CVE-2023-225xx/CVE-2023-22524.json
View File

@ -2,15 +2,41 @@
"id": "CVE-2023-22524", "id": "CVE-2023-22524",
"sourceIdentifier": "security@atlassian.com", "sourceIdentifier": "security@atlassian.com",
"published": "2023-12-06T05:15:10.267", "published": "2023-12-06T05:15:10.267",
"lastModified": "2023-12-06T16:15:06.983", "lastModified": "2023-12-11T15:14:40.480",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Certain versions of the Atlassian Companion App for MacOS were affected by a remote code execution vulnerability. An attacker could utilize WebSockets to bypass Atlassian Companion\u2019s blocklist and MacOS Gatekeeper to allow execution of code." "value": "Certain versions of the Atlassian Companion App for MacOS were affected by a remote code execution vulnerability. An attacker could utilize WebSockets to bypass Atlassian Companion\u2019s blocklist and MacOS Gatekeeper to allow execution of code."
},
{
"lang": "es",
"value": "Ciertas versiones de la aplicaci\u00f3n Atlassian Companion para MacOS se vieron afectadas por una vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo. Un atacante podr\u00eda utilizar WebSockets para eludir la lista de bloqueo de Atlassian Companion y MacOS Gatekeeper para permitir la ejecuci\u00f3n de c\u00f3digo."
} }
], ],
"metrics": { "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV30": [ "cvssMetricV30": [
{ {
"source": "security@atlassian.com", "source": "security@atlassian.com",
@ -34,14 +60,63 @@
} }
] ]
}, },
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:companion:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.0.0",
"versionEndExcluding": "2.0.0",
"matchCriteriaId": "8D3069A1-74AE-4FF2-9C2F-B76AF7B92A5E"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://confluence.atlassian.com/security/cve-2023-22524-rce-vulnerability-in-atlassian-companion-app-for-macos-1319249492.html", "url": "https://confluence.atlassian.com/security/cve-2023-22524-rce-vulnerability-in-atlassian-companion-app-for-macos-1319249492.html",
"source": "security@atlassian.com" "source": "security@atlassian.com",
"tags": [
"Vendor Advisory"
]
}, },
{ {
"url": "https://jira.atlassian.com/browse/CONFSERVER-93518", "url": "https://jira.atlassian.com/browse/CONFSERVER-93518",
"source": "security@atlassian.com" "source": "security@atlassian.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

1556
CVE-2023/CVE-2023-226xx/CVE-2023-22668.json
View File

File diff suppressed because it is too large Load Diff

7603
CVE-2023/CVE-2023-285xx/CVE-2023-28546.json
View File

File diff suppressed because it is too large Load Diff

9088
CVE-2023/CVE-2023-285xx/CVE-2023-28550.json
View File

File diff suppressed because it is too large Load Diff

962
CVE-2023/CVE-2023-285xx/CVE-2023-28579.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28579", "id": "CVE-2023-28579",
"sourceIdentifier": "product-security@qualcomm.com", "sourceIdentifier": "product-security@qualcomm.com",
"published": "2023-12-05T03:15:09.233", "published": "2023-12-05T03:15:09.233",
"lastModified": "2023-12-05T13:51:04.540", "lastModified": "2023-12-11T14:51:58.197",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -16,6 +16,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{ {
"source": "product-security@qualcomm.com", "source": "product-security@qualcomm.com",
"type": "Secondary", "type": "Secondary",
@ -38,10 +58,946 @@
} }
] ]
}, },
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E670F500-9B71-4BBE-B5DA-221D35803C89"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:fastconnect_6900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9ADEB5C5-B79A-4F45-B7D3-75945B38DB6C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3053D68-C5D8-4D47-A4F0-9F3AF2289E1D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:fastconnect_7800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "638DBC7F-456F-487D-BED2-2214DFF8BEE2"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:qam8295p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C2D9E281-B382-41AC-84CB-5B1063E5AC51"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:qam8295p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "44EBEBD5-98C3-493B-A108-FD4DE6FFBE97"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:qca6391_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "83B53119-1B2F-4978-B7F5-33B84BE73B68"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:qca6391:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6FEBC0C5-CAA1-475C-96C2-B8D24B2E4536"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:qca6574au_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D527E2B1-2A46-4FBA-9F7A-F5543677C8FB"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:qca6574au:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8374DDB3-D484-4141-AE0C-42333D2721F6"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:qca6595au_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "288F637F-22F8-47CF-B67F-C798A730A1BD"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:qca6595au:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D0996EA3-1C92-4933-BE34-9CF625E59FE7"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:qca6696_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0AE207DB-9770-40ED-961D-FDA75965826F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:qca6696:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0E23922D-C37F-476F-A623-4C1458A9156F"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:qcs410_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC43BB27-0516-4750-A4C2-C45298441398"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:qcs410:-:*:*:*:*:*:*:*",
"matchCriteriaId": "969585DE-93D6-4406-A632-D838ECD4D5AD"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:qcs610_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E634F59C-6817-4898-A141-082044E66836"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:qcs610:-:*:*:*:*:*:*:*",
"matchCriteriaId": "29762819-EC90-499C-A8C6-1423DE3FE6B9"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:qualcomm_video_collaboration_vc1_platform_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5AEA324C-69CE-4AAC-91D6-6FAAE1B3FA77"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:qualcomm_video_collaboration_vc1_platform:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7B5F5CD-CE26-4C93-9FED-F783947DBDA6"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:qualcomm_video_collaboration_vc3_platform_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C20F4F14-D940-41AE-AFBC-D08A24FAE1A2"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:qualcomm_video_collaboration_vc3_platform:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F36CEF6E-97A9-4D01-A406-574EA7CB025B"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:sa6145p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C66671C1-AE1A-44BE-9DB2-0B09FF4417DB"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:sa6145p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74AA3929-3F80-4D54-B13A-9B070D5C03BB"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:sa6150p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "054F77D6-FC66-4151-9005-DC7ECDB5C722"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:sa6150p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8ED3F589-16D9-46A7-A539-C9862473EE0D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:sa6155p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8DC40C14-3B2D-4E00-9E0F-86E6BDBF2D81"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:sa6155p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0514D433-162C-4680-8912-721D19BE6201"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:sa8145p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A71D74B0-0963-49FD-8E97-148C8993B263"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:sa8145p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "910CBFA4-50F7-4C7A-B9B9-B88C8A919827"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:sa8150p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "69C1B02F-8D2D-42E7-B70D-41F4D9844FD1"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:sa8150p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3FEACAA9-C061-4713-9A54-37D8BFC0B00B"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:sa8155p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C8648B38-2597-401A-8F53-D582FA911569"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:sa8155p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A01CD59B-8F21-4CD6-8A1A-7B37547A8715"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:sa8195p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51BC0A66-493B-43BE-B51F-640BDF2FF32E"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:sa8195p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8DA4D12-7ABF-4A04-B44E-E1D68C8E58AB"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:sa8295p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A19659B-A0C3-44B7-8D54-BA21729873A4"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:sa8295p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F978041A-CE28-4BDF-A7DB-F0360F1A5F14"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:snapdragon_8_gen_1_mobile_platform_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB8FA32F-4690-4C5B-8968-474DA32FD0A4"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:snapdragon_8_gen_1_mobile_platform:-:*:*:*:*:*:*:*",
"matchCriteriaId": "59BD8BEA-725A-4158-84BE-4AFD476ED03D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:sw5100_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AA1BF9BB-AF11-46A7-A71C-F7D289E76E3F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:sw5100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7B8455D6-287D-4934-8E4D-F4127A9C0449"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:sw5100p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB599A9F-0305-4FE4-8623-0F86630FEDCB"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:sw5100p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EEB883BF-68B2-4C25-84DC-5DA953BFAA2F"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wcd9341_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CE852339-1CAE-4983-9757-8F00EDEF1141"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wcd9341:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D9E96B3-F1BB-46F8-B715-7DF90180F1E1"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1295D869-F4DD-4766-B4AA-3513752F43B4"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wcd9370:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B98784DC-3143-4D38-AD28-DBBDCCAB4272"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70292B01-617F-44AD-AF77-1AFC1450523D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA94C6D6-85DB-4031-AAF4-C399019AE16D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wcn3660b_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FB37B5DB-2493-4082-B2BF-60385B7E027C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wcn3660b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6BCD2FE2-11F2-4B2A-9BD7-EB26718139DA"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wcn3680b_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0755F669-6D7E-454A-95DA-D60FA0696FD9"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wcn3680b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE861CE7-B530-4698-A9BC-43A159647BF2"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wcn3950_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3FEF2DB6-00F5-4B07-953B-EF58B31267F1"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wcn3950:-:*:*:*:*:*:*:*",
"matchCriteriaId": "120E8F0F-EBEB-4565-9927-2D473F783EF7"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wcn3980_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9C6E9038-9B18-4958-BE1E-215901C9B4B2"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wcn3980:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B36D3274-F8D0-49C5-A6D5-95F5DC6D1950"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wcn3988_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E4BFB25F-013B-48E3-99FF-3E8687F94423"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wcn3988:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BF676C5B-838B-446C-A689-6A25AB8A87E2"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15307882-7039-43E9-9BA3-035045988B99"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AA85B322-E593-4499-829A-CC6D70BAE884"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E839A0B9-64C3-4C7A-82B7-D2AAF65928F8"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7E870D82-DE3B-4199-A730-C8FB545BAA98"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11B69595-E488-4590-A150-CE5BE08B5E13"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BF680174-5FA6-47D9-8EAB-CC2A37A7BD42"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80BC68E-7476-4A40-9F48-53722FE9A5BF"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B36F4B2-BAA3-45AD-9967-0EB482C99708"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin", "url": "https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin",
"source": "product-security@qualcomm.com" "source": "product-security@qualcomm.com",
"tags": [
"Patch",
"Vendor Advisory"
]
} }
] ]
} }

3148
CVE-2023/CVE-2023-330xx/CVE-2023-33082.json
View File

File diff suppressed because it is too large Load Diff

3148
CVE-2023/CVE-2023-330xx/CVE-2023-33083.json
View File

File diff suppressed because it is too large Load Diff

3230
CVE-2023/CVE-2023-330xx/CVE-2023-33087.json
View File

File diff suppressed because it is too large Load Diff

8305
CVE-2023/CVE-2023-330xx/CVE-2023-33088.json
View File

File diff suppressed because it is too large Load Diff

6199
CVE-2023/CVE-2023-330xx/CVE-2023-33089.json
View File

File diff suppressed because it is too large Load Diff

2609
CVE-2023/CVE-2023-330xx/CVE-2023-33092.json
View File

File diff suppressed because it is too large Load Diff

3337
CVE-2023/CVE-2023-330xx/CVE-2023-33097.json
View File

File diff suppressed because it is too large Load Diff

7144
CVE-2023/CVE-2023-330xx/CVE-2023-33098.json
View File

File diff suppressed because it is too large Load Diff

4179
CVE-2023/CVE-2023-331xx/CVE-2023-33106.json
View File

File diff suppressed because it is too large Load Diff

6582
CVE-2023/CVE-2023-331xx/CVE-2023-33107.json
View File

File diff suppressed because it is too large Load Diff

64
CVE-2023/CVE-2023-375xx/CVE-2023-37572.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-37572", "id": "CVE-2023-37572",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-12-05T06:15:48.617", "published": "2023-12-05T06:15:48.617",
"lastModified": "2023-12-05T13:51:04.540", "lastModified": "2023-12-11T15:34:02.400",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -14,11 +14,67 @@
"value": "Softing OPC Suite versi\u00f3n 5.25 y anteriores tiene un control de acceso incorrecto, lo que permite a los atacantes obtener informaci\u00f3n confidencial a trav\u00e9s de permisos d\u00e9biles en el servicio OSF_discovery." "value": "Softing OPC Suite versi\u00f3n 5.25 y anteriores tiene un control de acceso incorrecto, lo que permite a los atacantes obtener informaci\u00f3n confidencial a trav\u00e9s de permisos d\u00e9biles en el servicio OSF_discovery."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-276"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:softing:opc:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.30",
"matchCriteriaId": "84F4815A-A822-4A31-8601-8C6394CFE0E8"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://industrial.softing.com/fileadmin/psirt/downloads/2023/syt-2023-5.html", "url": "https://industrial.softing.com/fileadmin/psirt/downloads/2023/syt-2023-5.html",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

56
CVE-2023/CVE-2023-392xx/CVE-2023-39248.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-39248", "id": "CVE-2023-39248",
"sourceIdentifier": "security_alert@emc.com", "sourceIdentifier": "security_alert@emc.com",
"published": "2023-12-05T06:15:48.667", "published": "2023-12-05T06:15:48.667",
"lastModified": "2023-12-05T13:51:04.540", "lastModified": "2023-12-11T15:33:45.650",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -16,6 +16,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{ {
"source": "security_alert@emc.com", "source": "security_alert@emc.com",
"type": "Secondary", "type": "Secondary",
@ -39,6 +59,16 @@
] ]
}, },
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{ {
"source": "security_alert@emc.com", "source": "security_alert@emc.com",
"type": "Secondary", "type": "Secondary",
@ -50,10 +80,30 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dell:networking_os10:10.5.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3754A576-AFB2-42EE-94CF-15A7A1392C36"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://www.dell.com/support/kbdoc/en-us/000220138/dsa-2023-278-dell-networking-os10-security-updates-for-uncontrolled-resource-consumption", "url": "https://www.dell.com/support/kbdoc/en-us/000220138/dsa-2023-278-dell-networking-os10-security-updates-for-uncontrolled-resource-consumption",
"source": "security_alert@emc.com" "source": "security_alert@emc.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

6
CVE-2023/CVE-2023-394xx/CVE-2023-39417.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-39417", "id": "CVE-2023-39417",
"sourceIdentifier": "secalert@redhat.com", "sourceIdentifier": "secalert@redhat.com",
"published": "2023-08-11T13:15:09.870", "published": "2023-08-11T13:15:09.870",
"lastModified": "2023-12-07T10:15:07.173", "lastModified": "2023-12-11T16:15:42.330",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Undergoing Analysis",
"descriptions": [ "descriptions": [
{ {
@ -208,6 +208,10 @@
"url": "https://access.redhat.com/errata/RHSA-2023:7695", "url": "https://access.redhat.com/errata/RHSA-2023:7695",
"source": "secalert@redhat.com" "source": "secalert@redhat.com"
}, },
{
"url": "https://access.redhat.com/errata/RHSA-2023:7714",
"source": "secalert@redhat.com"
},
{ {
"url": "https://access.redhat.com/security/cve/CVE-2023-39417", "url": "https://access.redhat.com/security/cve/CVE-2023-39417",
"source": "secalert@redhat.com", "source": "secalert@redhat.com",

78
CVE-2023/CVE-2023-418xx/CVE-2023-41835.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-41835", "id": "CVE-2023-41835",
"sourceIdentifier": "security@apache.org", "sourceIdentifier": "security@apache.org",
"published": "2023-12-05T09:15:07.093", "published": "2023-12-05T09:15:07.093",
"lastModified": "2023-12-09T18:15:06.723", "lastModified": "2023-12-11T15:28:53.037",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -14,11 +14,44 @@
"value": "Cuando se realiza una solicitud multiparte pero algunos de los campos exceden el l\u00edmite maxStringLength, los archivos cargados permanecer\u00e1n en struts.multipart.saveDir incluso si la solicitud ha sido denegada. Se recomienda a los usuarios actualizar a las versiones Struts 2.5.32 o 6.1.2.2 o Struts 6.3.0.1 o superior, que solucionan este problema." "value": "Cuando se realiza una solicitud multiparte pero algunos de los campos exceden el l\u00edmite maxStringLength, los archivos cargados permanecer\u00e1n en struts.multipart.saveDir incluso si la solicitud ha sido denegada. Se recomienda a los usuarios actualizar a las versiones Struts 2.5.32 o 6.1.2.2 o Struts 6.3.0.1 o superior, que solucionan este problema."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [ "weaknesses": [
{ {
"source": "security@apache.org", "source": "nvd@nist.gov",
"type": "Primary", "type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-459"
}
]
},
{
"source": "security@apache.org",
"type": "Secondary",
"description": [ "description": [
{ {
"lang": "en", "lang": "en",
@ -27,14 +60,47 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:struts:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.0.0",
"versionEndExcluding": "2.5.32",
"matchCriteriaId": "F9AB79F4-6FCB-42EC-B241-099B97CC99ED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:struts:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.1.2.1",
"versionEndExcluding": "6.3.0.1",
"matchCriteriaId": "97723A4F-E3A6-4AF3-ACC9-3C9618A75220"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "http://www.openwall.com/lists/oss-security/2023/12/09/1", "url": "http://www.openwall.com/lists/oss-security/2023/12/09/1",
"source": "security@apache.org" "source": "security@apache.org",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://lists.apache.org/thread/6wj530kh3ono8phr642y9sqkl67ys2ft", "url": "https://lists.apache.org/thread/6wj530kh3ono8phr642y9sqkl67ys2ft",
"source": "security@apache.org" "source": "security@apache.org",
"tags": [
"Mailing List",
"Release Notes"
]
} }
] ]
} }

135
CVE-2023/CVE-2023-425xx/CVE-2023-42569.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-42569", "id": "CVE-2023-42569",
"sourceIdentifier": "mobile.security@samsung.com", "sourceIdentifier": "mobile.security@samsung.com",
"published": "2023-12-05T03:15:17.237", "published": "2023-12-05T03:15:17.237",
"lastModified": "2023-12-05T13:51:04.540", "lastModified": "2023-12-11T14:55:58.267",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -16,6 +16,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
},
{ {
"source": "mobile.security@samsung.com", "source": "mobile.security@samsung.com",
"type": "Secondary", "type": "Secondary",
@ -38,10 +58,119 @@
} }
] ]
}, },
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:*:*:*:*:*:*:*:*",
"versionStartIncluding": "11.0",
"versionEndExcluding": "13.0",
"matchCriteriaId": "E29C429C-FF93-4978-AE5D-5933AFEA3FFA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:-:*:*:*:*:*:*",
"matchCriteriaId": "A123EDB1-3048-44B0-8D4D-39A2B24B5F6B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-apr-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "70825981-F895-4BFD-9B6E-92BFF0D67023"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-aug-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "88DC0A82-CAF3-4E88-8A4D-8AF79D0C226D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-dec-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "299284DA-85AB-4162-B858-E67E5C6C14F7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-feb-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "D98F307E-3B01-4C17-86E5-1C6299919417"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-jan-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "7D7DA96D-9C25-4DDA-A6BF-D998AC346B89"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-jul-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "34114DDC-DCDA-4306-8D23-2E628873171F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-jun-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "85E4E8C1-749F-4A1C-8333-6BAFBF8B64D1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-mar-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "5F73D594-178F-4FC8-9F40-0E545E2647B0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-may-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "3F3EF3F1-4E54-46E3-A308-69656A29FBD2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-nov-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "D2B24866-2B3A-4A1A-8B75-EF7A7541797A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-nov-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "3D30C02C-91FB-4D29-AF49-7903158E8FEB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-oct-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "EBB29F18-A929-432B-B20C-365401E6CA12"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-oct-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "2B6D9064-844B-4D3F-AAE4-D170DF45EF8D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:13.0:smr-sep-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "C581B7EE-CD08-4D6E-8858-EA8FA631F84C"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=12", "url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=12",
"source": "mobile.security@samsung.com" "source": "mobile.security@samsung.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

135
CVE-2023/CVE-2023-425xx/CVE-2023-42570.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-42570", "id": "CVE-2023-42570",
"sourceIdentifier": "mobile.security@samsung.com", "sourceIdentifier": "mobile.security@samsung.com",
"published": "2023-12-05T03:15:17.403", "published": "2023-12-05T03:15:17.403",
"lastModified": "2023-12-05T13:51:04.540", "lastModified": "2023-12-11T14:53:30.653",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -16,6 +16,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
},
{ {
"source": "mobile.security@samsung.com", "source": "mobile.security@samsung.com",
"type": "Secondary", "type": "Secondary",
@ -38,10 +58,119 @@
} }
] ]
}, },
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:*:*:*:*:*:*:*:*",
"versionStartIncluding": "11.0",
"versionEndExcluding": "14.0",
"matchCriteriaId": "792DB1B5-0C09-4E66-A407-E3F0E72496A6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:-:*:*:*:*:*:*",
"matchCriteriaId": "3093F6FE-C562-4F62-97B7-CA0D2DDF9BBE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-apr-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "DAB2A0D7-8F4F-4128-AE09-D2658D793BF7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-aug-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "CC6E2FC7-2BAF-4C7B-9E0F-D9F844041A35"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-dec-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "2A901EFE-90BA-474C-88D2-8A3E7D99C0E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-feb-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "FD8B9CD3-063E-481E-BE7C-1628ADA71849"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-jan-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "9CE09EF7-B024-4D79-9400-C8223CDFBB86"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-jul-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "3DD61EDA-98ED-4309-B54F-0CF8B7D07DC7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-jun-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "4ECB0B7A-590C-460C-878B-9A78CB37D259"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-mar-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "EAFE015F-8130-4F10-A553-420F0BB2A132"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-may-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "ACEA385E-3931-4438-A2A9-0357651F9B48"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-nov-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "6DD1F78D-EA98-4825-A0EA-703196DDE5E4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-nov-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "BDDB3FBE-99EC-4763-961B-2C436D864A1A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-oct-2022-r1:*:*:*:*:*:*",
"matchCriteriaId": "1B02110E-71FB-495F-86CA-F2A4E55C0E42"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-oct-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "931CC6D7-A42D-4482-B901-B539DFF89C3E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:android:14.0:smr-sep-2023-r1:*:*:*:*:*:*",
"matchCriteriaId": "84ED2366-D4BA-4094-94AC-AD6E7AEBB6FF"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=12", "url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=12",
"source": "mobile.security@samsung.com" "source": "mobile.security@samsung.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

59
CVE-2023/CVE-2023-425xx/CVE-2023-42571.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-42571", "id": "CVE-2023-42571",
"sourceIdentifier": "mobile.security@samsung.com", "sourceIdentifier": "mobile.security@samsung.com",
"published": "2023-12-05T03:15:17.573", "published": "2023-12-05T03:15:17.573",
"lastModified": "2023-12-05T13:51:04.540", "lastModified": "2023-12-11T14:50:26.363",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -16,6 +16,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9
},
{ {
"source": "mobile.security@samsung.com", "source": "mobile.security@samsung.com",
"type": "Secondary", "type": "Secondary",
@ -38,10 +58,43 @@
} }
] ]
}, },
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:samsung:find_my_mobile:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.3.13.4",
"matchCriteriaId": "4185038B-DDD2-47F6-9C44-9CC2EF57615A"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=12", "url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=12",
"source": "mobile.security@samsung.com" "source": "mobile.security@samsung.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

59
CVE-2023/CVE-2023-425xx/CVE-2023-42572.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-42572", "id": "CVE-2023-42572",
"sourceIdentifier": "mobile.security@samsung.com", "sourceIdentifier": "mobile.security@samsung.com",
"published": "2023-12-05T03:15:17.750", "published": "2023-12-05T03:15:17.750",
"lastModified": "2023-12-05T13:51:04.540", "lastModified": "2023-12-11T14:49:52.840",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -16,6 +16,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{ {
"source": "mobile.security@samsung.com", "source": "mobile.security@samsung.com",
"type": "Secondary", "type": "Secondary",
@ -38,10 +58,43 @@
} }
] ]
}, },
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:samsung:account_web_software_development_kit:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.5.24",
"matchCriteriaId": "B847502D-EB2D-4DCB-954F-A578678B42D0"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=12", "url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=12",
"source": "mobile.security@samsung.com" "source": "mobile.security@samsung.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

59
CVE-2023/CVE-2023-425xx/CVE-2023-42573.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-42573", "id": "CVE-2023-42573",
"sourceIdentifier": "mobile.security@samsung.com", "sourceIdentifier": "mobile.security@samsung.com",
"published": "2023-12-05T03:15:17.927", "published": "2023-12-05T03:15:17.927",
"lastModified": "2023-12-05T13:51:04.540", "lastModified": "2023-12-11T16:05:18.447",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -16,6 +16,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{ {
"source": "mobile.security@samsung.com", "source": "mobile.security@samsung.com",
"type": "Secondary", "type": "Secondary",
@ -38,10 +58,43 @@
} }
] ]
}, },
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:samsung:search_widget:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.4",
"matchCriteriaId": "A0DDDA20-75B5-4754-9D97-F37894EA6ECF"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=12", "url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=12",
"source": "mobile.security@samsung.com" "source": "mobile.security@samsung.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

59
CVE-2023/CVE-2023-425xx/CVE-2023-42574.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-42574", "id": "CVE-2023-42574",
"sourceIdentifier": "mobile.security@samsung.com", "sourceIdentifier": "mobile.security@samsung.com",
"published": "2023-12-05T03:15:18.100", "published": "2023-12-05T03:15:18.100",
"lastModified": "2023-12-05T13:51:04.540", "lastModified": "2023-12-11T16:04:55.683",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -16,6 +16,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{ {
"source": "mobile.security@samsung.com", "source": "mobile.security@samsung.com",
"type": "Secondary", "type": "Secondary",
@ -38,10 +58,43 @@
} }
] ]
}, },
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:samsung:gamehomecn:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2.60.2",
"matchCriteriaId": "C1622621-A79E-4ABB-B22D-1971D174DA2A"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=12", "url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=12",
"source": "mobile.security@samsung.com" "source": "mobile.security@samsung.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

59
CVE-2023/CVE-2023-425xx/CVE-2023-42575.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-42575", "id": "CVE-2023-42575",
"sourceIdentifier": "mobile.security@samsung.com", "sourceIdentifier": "mobile.security@samsung.com",
"published": "2023-12-05T03:15:18.273", "published": "2023-12-05T03:15:18.273",
"lastModified": "2023-12-05T13:51:04.540", "lastModified": "2023-12-11T16:04:34.710",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -16,6 +16,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9
},
{ {
"source": "mobile.security@samsung.com", "source": "mobile.security@samsung.com",
"type": "Secondary", "type": "Secondary",
@ -38,10 +58,43 @@
} }
] ]
}, },
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:samsung:pass:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.3.00.17",
"matchCriteriaId": "BAF62AE3-EC39-4BED-B961-BFD630286633"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=12", "url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=12",
"source": "mobile.security@samsung.com" "source": "mobile.security@samsung.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

59
CVE-2023/CVE-2023-425xx/CVE-2023-42576.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-42576", "id": "CVE-2023-42576",
"sourceIdentifier": "mobile.security@samsung.com", "sourceIdentifier": "mobile.security@samsung.com",
"published": "2023-12-05T03:15:18.450", "published": "2023-12-05T03:15:18.450",
"lastModified": "2023-12-05T13:51:04.540", "lastModified": "2023-12-11T15:42:44.137",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -16,6 +16,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9
},
{ {
"source": "mobile.security@samsung.com", "source": "mobile.security@samsung.com",
"type": "Secondary", "type": "Secondary",
@ -38,10 +58,43 @@
} }
] ]
}, },
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:samsung:pass:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.3.00.17",
"matchCriteriaId": "BAF62AE3-EC39-4BED-B961-BFD630286633"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=12", "url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=12",
"source": "mobile.security@samsung.com" "source": "mobile.security@samsung.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

104
CVE-2023/CVE-2023-425xx/CVE-2023-42577.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-42577", "id": "CVE-2023-42577",
"sourceIdentifier": "mobile.security@samsung.com", "sourceIdentifier": "mobile.security@samsung.com",
"published": "2023-12-05T03:15:18.623", "published": "2023-12-05T03:15:18.623",
"lastModified": "2023-12-05T13:51:04.540", "lastModified": "2023-12-11T15:41:26.297",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -16,6 +16,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.4,
"baseSeverity": "LOW"
},
"exploitabilityScore": 0.9,
"impactScore": 1.4
},
{ {
"source": "mobile.security@samsung.com", "source": "mobile.security@samsung.com",
"type": "Secondary", "type": "Secondary",
@ -38,10 +58,88 @@
} }
] ]
}, },
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:samsung_voice_recorder:*:*:*:*:*:*:*:*",
"versionEndExcluding": "21.4.15.01",
"matchCriteriaId": "A1A827C7-4137-41AA-99F0-A3452BB99AD3"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:samsung:android:12.0:-:*:*:*:*:*:*",
"matchCriteriaId": "D757450C-270E-4FB2-A50C-7F769FED558A"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:samsung:android:13.0:-:*:*:*:*:*:*",
"matchCriteriaId": "A123EDB1-3048-44B0-8D4D-39A2B24B5F6B"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:samsung_voice_recorder:*:*:*:*:*:*:*:*",
"versionEndExcluding": "21.4.50.17",
"matchCriteriaId": "479BCF48-9EC1-42D6-82FC-9B73F8A79676"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:samsung:android:14.0:-:*:*:*:*:*:*",
"matchCriteriaId": "3093F6FE-C562-4F62-97B7-CA0D2DDF9BBE"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=12", "url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=12",
"source": "mobile.security@samsung.com" "source": "mobile.security@samsung.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

59
CVE-2023/CVE-2023-425xx/CVE-2023-42578.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-42578", "id": "CVE-2023-42578",
"sourceIdentifier": "mobile.security@samsung.com", "sourceIdentifier": "mobile.security@samsung.com",
"published": "2023-12-05T03:15:18.803", "published": "2023-12-05T03:15:18.803",
"lastModified": "2023-12-05T13:51:04.540", "lastModified": "2023-12-11T15:38:57.763",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -16,6 +16,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{ {
"source": "mobile.security@samsung.com", "source": "mobile.security@samsung.com",
"type": "Secondary", "type": "Secondary",
@ -38,10 +58,43 @@
} }
] ]
}, },
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-755"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:samsung:cloud:*:*:*:*:*:*:*:*",
"versionEndIncluding": "5.2.00.7",
"matchCriteriaId": "CB9D406F-5E49-4DB8-8AB5-59FC2AB82EB0"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=12", "url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=12",
"source": "mobile.security@samsung.com" "source": "mobile.security@samsung.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

64
CVE-2023/CVE-2023-433xx/CVE-2023-43302.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-43302", "id": "CVE-2023-43302",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-12-07T07:15:08.880", "published": "2023-12-07T07:15:08.880",
"lastModified": "2023-12-07T12:12:27.987", "lastModified": "2023-12-11T15:27:52.097",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -14,11 +14,67 @@
"value": "Un problema en la miniaplicaci\u00f3n sanTas en Line v13.6.1 permite a los atacantes enviar notificaciones maliciosas manipuladas mediante la fuga del token de acceso al canal." "value": "Un problema en la miniaplicaci\u00f3n sanTas en Line v13.6.1 permite a los atacantes enviar notificaciones maliciosas manipuladas mediante la fuga del token de acceso al canal."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:linecorp:line:13.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "22743D41-3381-4220-8D9F-60CC36E48F78"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/syz913/CVE-reports/blob/main/CVE-2023-43302.md", "url": "https://github.com/syz913/CVE-reports/blob/main/CVE-2023-43302.md",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

63
CVE-2023/CVE-2023-433xx/CVE-2023-43303.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-43303", "id": "CVE-2023-43303",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-12-07T07:15:09.027", "published": "2023-12-07T07:15:09.027",
"lastModified": "2023-12-07T12:12:27.987", "lastModified": "2023-12-11T15:27:16.227",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -14,11 +14,66 @@
"value": "Un problema en la miniaplicaci\u00f3n craftbeer bar canvas en Line v13.6.1 permite a los atacantes enviar notificaciones maliciosas manipuladas mediante la fuga del token de acceso al canal." "value": "Un problema en la miniaplicaci\u00f3n craftbeer bar canvas en Line v13.6.1 permite a los atacantes enviar notificaciones maliciosas manipuladas mediante la fuga del token de acceso al canal."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:linecorp:line:13.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "22743D41-3381-4220-8D9F-60CC36E48F78"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "http://craftbeer.com", "url": "http://craftbeer.com",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Broken Link"
]
} }
] ]
} }

64
CVE-2023/CVE-2023-433xx/CVE-2023-43304.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-43304", "id": "CVE-2023-43304",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-12-07T07:15:09.200", "published": "2023-12-07T07:15:09.200",
"lastModified": "2023-12-07T12:12:27.987", "lastModified": "2023-12-11T15:27:02.600",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -14,11 +14,67 @@
"value": "Un problema en la miniaplicaci\u00f3n PARK DANDAN en Line v13.6.1 permite a los atacantes enviar notificaciones maliciosas manipuladas mediante la fuga del token de acceso al canal." "value": "Un problema en la miniaplicaci\u00f3n PARK DANDAN en Line v13.6.1 permite a los atacantes enviar notificaciones maliciosas manipuladas mediante la fuga del token de acceso al canal."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:linecorp:line:13.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "22743D41-3381-4220-8D9F-60CC36E48F78"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/syz913/CVE-reports/blob/main/CVE-2023-43304.md", "url": "https://github.com/syz913/CVE-reports/blob/main/CVE-2023-43304.md",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

65
CVE-2023/CVE-2023-434xx/CVE-2023-43472.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-43472", "id": "CVE-2023-43472",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-12-05T07:15:07.667", "published": "2023-12-05T07:15:07.667",
"lastModified": "2023-12-05T13:51:04.540", "lastModified": "2023-12-11T15:32:59.420",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -14,11 +14,68 @@
"value": "Un problema en las versiones 2.8.1 y anteriores de MLFlow permite que un atacante remoto obtenga informaci\u00f3n confidencial a trav\u00e9s de una solicitud manipulada a la API REST." "value": "Un problema en las versiones 2.8.1 y anteriores de MLFlow permite que un atacante remoto obtenga informaci\u00f3n confidencial a trav\u00e9s de una solicitud manipulada a la API REST."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lfprojects:mlflow:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2.8.1",
"matchCriteriaId": "47420A42-F445-490F-9FFA-72F8671D8DC1"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://www.contrastsecurity.com/security-influencers/discovering-mlflow-framework-zero-day-vulnerability-machine-language-model-security-contrast-security", "url": "https://www.contrastsecurity.com/security-influencers/discovering-mlflow-framework-zero-day-vulnerability-machine-language-model-security-contrast-security",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Press/Media Coverage"
]
} }
] ]
} }

63
CVE-2023/CVE-2023-436xx/CVE-2023-43608.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-43608", "id": "CVE-2023-43608",
"sourceIdentifier": "talos-cna@cisco.com", "sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-12-05T12:15:42.467", "published": "2023-12-05T12:15:42.467",
"lastModified": "2023-12-11T03:15:07.300", "lastModified": "2023-12-11T15:25:39.170",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -16,6 +16,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9
},
{ {
"source": "talos-cna@cisco.com", "source": "talos-cna@cisco.com",
"type": "Secondary", "type": "Secondary",
@ -39,6 +59,16 @@
] ]
}, },
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-494"
}
]
},
{ {
"source": "talos-cna@cisco.com", "source": "talos-cna@cisco.com",
"type": "Secondary", "type": "Secondary",
@ -50,14 +80,39 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:buildroot:buildroot:2023.08.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CF734410-BA22-45F7-AD10-CB28F69D1D81"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "http://www.openwall.com/lists/oss-security/2023/12/11/1", "url": "http://www.openwall.com/lists/oss-security/2023/12/11/1",
"source": "talos-cna@cisco.com" "source": "talos-cna@cisco.com",
"tags": [
"Patch",
"Third Party Advisory"
]
}, },
{ {
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1845", "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1845",
"source": "talos-cna@cisco.com" "source": "talos-cna@cisco.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

57
CVE-2023/CVE-2023-436xx/CVE-2023-43628.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-43628", "id": "CVE-2023-43628",
"sourceIdentifier": "talos-cna@cisco.com", "sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-12-05T12:15:43.000", "published": "2023-12-05T12:15:43.000",
"lastModified": "2023-12-06T19:15:07.340", "lastModified": "2023-12-11T15:24:22.683",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -16,6 +16,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{ {
"source": "talos-cna@cisco.com", "source": "talos-cna@cisco.com",
"type": "Secondary", "type": "Secondary",
@ -39,6 +59,16 @@
] ]
}, },
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-191"
}
]
},
{ {
"source": "talos-cna@cisco.com", "source": "talos-cna@cisco.com",
"type": "Secondary", "type": "Secondary",
@ -50,10 +80,31 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gpsd_project:gpsd:3.25.1:dev:*:*:*:*:*:*",
"matchCriteriaId": "63B52FC8-5957-4408-9E20-B90EE1ADF678"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1860", "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1860",
"source": "talos-cna@cisco.com" "source": "talos-cna@cisco.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

100
CVE-2023/CVE-2023-440xx/CVE-2023-44099.json
View File

@ -2,16 +2,53 @@
"id": "CVE-2023-44099", "id": "CVE-2023-44099",
"sourceIdentifier": "psirt@huawei.com", "sourceIdentifier": "psirt@huawei.com",
"published": "2023-12-06T09:15:08.020", "published": "2023-12-06T09:15:08.020",
"lastModified": "2023-12-06T13:50:00.573", "lastModified": "2023-12-11T16:16:17.500",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Vulnerability of data verification errors in the kernel module. Successful exploitation of this vulnerability may cause WLAN interruption." "value": "Vulnerability of data verification errors in the kernel module. Successful exploitation of this vulnerability may cause WLAN interruption."
},
{
"lang": "es",
"value": "Vulnerabilidad de errores de verificaci\u00f3n de datos en el m\u00f3dulo del kernel. La explotaci\u00f3n exitosa de esta vulnerabilidad puede provocar la interrupci\u00f3n de la WLAN."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-754"
}
]
},
{ {
"source": "psirt@huawei.com", "source": "psirt@huawei.com",
"type": "Secondary", "type": "Secondary",
@ -23,14 +60,67 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "20112231-B840-44D3-A061-B9B9F80EE378"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C01447F1-7F58-4AE3-B403-C01B2575D898"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CB3751C1-7729-41D3-AE50-80B5AF601135"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8198CDB2-4BC5-411A-8736-615A531FC545"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://consumer.huawei.com/en/support/bulletin/2023/12/", "url": "https://consumer.huawei.com/en/support/bulletin/2023/12/",
"source": "psirt@huawei.com" "source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
]
}, },
{ {
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202312-0000001758430245", "url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202312-0000001758430245",
"source": "psirt@huawei.com" "source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

102
CVE-2023/CVE-2023-441xx/CVE-2023-44113.json
View File

@ -2,23 +2,115 @@
"id": "CVE-2023-44113", "id": "CVE-2023-44113",
"sourceIdentifier": "psirt@huawei.com", "sourceIdentifier": "psirt@huawei.com",
"published": "2023-12-06T09:15:08.113", "published": "2023-12-06T09:15:08.113",
"lastModified": "2023-12-06T13:50:00.573", "lastModified": "2023-12-11T16:15:48.920",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Vulnerability of missing permission verification for APIs in the Designed for Reliability (DFR) module. Successful exploitation of this vulnerability may affect service confidentiality." "value": "Vulnerability of missing permission verification for APIs in the Designed for Reliability (DFR) module. Successful exploitation of this vulnerability may affect service confidentiality."
},
{
"lang": "es",
"value": "Vulnerabilidad de falta de verificaci\u00f3n de permisos para API en el m\u00f3dulo Designed for Reliability (DFR). La explotaci\u00f3n exitosa de esta vulnerabilidad puede afectar la confidencialidad del servicio."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:emui:13.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "353AEAF2-AF46-4835-93E1-4F942D5E2810"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C01447F1-7F58-4AE3-B403-C01B2575D898"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CB3751C1-7729-41D3-AE50-80B5AF601135"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4D81C4EF-7CAF-4E60-91A4-8CF7B95B2B54"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8198CDB2-4BC5-411A-8736-615A531FC545"
}
]
}
]
} }
], ],
"metrics": {},
"references": [ "references": [
{ {
"url": "https://consumer.huawei.com/en/support/bulletin/2023/12/", "url": "https://consumer.huawei.com/en/support/bulletin/2023/12/",
"source": "psirt@huawei.com" "source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
]
}, },
{ {
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202312-0000001758430245", "url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202312-0000001758430245",
"source": "psirt@huawei.com" "source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

58
CVE-2023/CVE-2023-442xx/CVE-2023-44288.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-44288", "id": "CVE-2023-44288",
"sourceIdentifier": "security_alert@emc.com", "sourceIdentifier": "security_alert@emc.com",
"published": "2023-12-05T06:15:48.900", "published": "2023-12-05T06:15:48.900",
"lastModified": "2023-12-05T13:51:04.540", "lastModified": "2023-12-11T15:33:33.377",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -16,6 +16,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{ {
"source": "security_alert@emc.com", "source": "security_alert@emc.com",
"type": "Secondary", "type": "Secondary",
@ -39,6 +59,16 @@
] ]
}, },
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
},
{ {
"source": "security_alert@emc.com", "source": "security_alert@emc.com",
"type": "Secondary", "type": "Secondary",
@ -50,10 +80,32 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dell:powerscale_onefs:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.2.2",
"versionEndIncluding": "9.6.1",
"matchCriteriaId": "1A21B79C-B66C-41A2-BBD0-3E2C91A29B80"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://www.dell.com/support/kbdoc/en-us/000219932/dsa-2023-417-dell-powerscale-onefs-security-updates-for-multiple-security-vulnerabilities", "url": "https://www.dell.com/support/kbdoc/en-us/000219932/dsa-2023-417-dell-powerscale-onefs-security-updates-for-multiple-security-vulnerabilities",
"source": "security_alert@emc.com" "source": "security_alert@emc.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

58
CVE-2023/CVE-2023-442xx/CVE-2023-44295.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-44295", "id": "CVE-2023-44295",
"sourceIdentifier": "security_alert@emc.com", "sourceIdentifier": "security_alert@emc.com",
"published": "2023-12-05T06:15:49.110", "published": "2023-12-05T06:15:49.110",
"lastModified": "2023-12-05T13:51:04.540", "lastModified": "2023-12-11T15:33:19.813",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -16,6 +16,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2
},
{ {
"source": "security_alert@emc.com", "source": "security_alert@emc.com",
"type": "Secondary", "type": "Secondary",
@ -39,6 +59,16 @@
] ]
}, },
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
},
{ {
"source": "security_alert@emc.com", "source": "security_alert@emc.com",
"type": "Secondary", "type": "Secondary",
@ -50,10 +80,32 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dell:powerscale_onefs:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.2.2",
"versionEndIncluding": "9.6.0",
"matchCriteriaId": "D351A022-B7EA-4A10-A3E3-2E7087354573"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://www.dell.com/support/kbdoc/en-us/000219932/dsa-2023-417-dell-powerscale-onefs-security-updates-for-multiple-security-vulnerabilities", "url": "https://www.dell.com/support/kbdoc/en-us/000219932/dsa-2023-417-dell-powerscale-onefs-security-updates-for-multiple-security-vulnerabilities",
"source": "security_alert@emc.com" "source": "security_alert@emc.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

63
CVE-2023/CVE-2023-458xx/CVE-2023-45838.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-45838", "id": "CVE-2023-45838",
"sourceIdentifier": "talos-cna@cisco.com", "sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-12-05T12:15:43.210", "published": "2023-12-05T12:15:43.210",
"lastModified": "2023-12-11T03:15:07.470", "lastModified": "2023-12-11T15:22:08.430",
"vulnStatus": "Undergoing Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -16,6 +16,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9
},
{ {
"source": "talos-cna@cisco.com", "source": "talos-cna@cisco.com",
"type": "Secondary", "type": "Secondary",
@ -39,6 +59,16 @@
] ]
}, },
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-494"
}
]
},
{ {
"source": "talos-cna@cisco.com", "source": "talos-cna@cisco.com",
"type": "Secondary", "type": "Secondary",
@ -50,14 +80,39 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:buildroot:buildroot:2023.08.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CF734410-BA22-45F7-AD10-CB28F69D1D81"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "http://www.openwall.com/lists/oss-security/2023/12/11/1", "url": "http://www.openwall.com/lists/oss-security/2023/12/11/1",
"source": "talos-cna@cisco.com" "source": "talos-cna@cisco.com",
"tags": [
"Patch",
"Third Party Advisory"
]
}, },
{ {
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1844", "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1844",
"source": "talos-cna@cisco.com" "source": "talos-cna@cisco.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

97
CVE-2023/CVE-2023-467xx/CVE-2023-46773.json
View File

@ -2,23 +2,110 @@
"id": "CVE-2023-46773", "id": "CVE-2023-46773",
"sourceIdentifier": "psirt@huawei.com", "sourceIdentifier": "psirt@huawei.com",
"published": "2023-12-06T09:15:08.250", "published": "2023-12-06T09:15:08.250",
"lastModified": "2023-12-06T13:50:00.573", "lastModified": "2023-12-11T16:14:54.787",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Permission management vulnerability in the PMS module. Successful exploitation of this vulnerability may cause privilege escalation." "value": "Permission management vulnerability in the PMS module. Successful exploitation of this vulnerability may cause privilege escalation."
},
{
"lang": "es",
"value": "Vulnerabilidad de gesti\u00f3n de permisos en el m\u00f3dulo PMS. La explotaci\u00f3n exitosa de esta vulnerabilidad puede causar una escalada de privilegios."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-276"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:emui:13.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "353AEAF2-AF46-4835-93E1-4F942D5E2810"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CB3751C1-7729-41D3-AE50-80B5AF601135"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4D81C4EF-7CAF-4E60-91A4-8CF7B95B2B54"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8198CDB2-4BC5-411A-8736-615A531FC545"
}
]
}
]
} }
], ],
"metrics": {},
"references": [ "references": [
{ {
"url": "https://consumer.huawei.com/en/support/bulletin/2023/12/", "url": "https://consumer.huawei.com/en/support/bulletin/2023/12/",
"source": "psirt@huawei.com" "source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
]
}, },
{ {
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202312-0000001758430245", "url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202312-0000001758430245",
"source": "psirt@huawei.com" "source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

75
CVE-2023/CVE-2023-473xx/CVE-2023-47304.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-47304", "id": "CVE-2023-47304",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-12-05T04:15:07.083", "published": "2023-12-05T04:15:07.083",
"lastModified": "2023-12-05T13:51:04.540", "lastModified": "2023-12-11T15:37:02.707",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -14,11 +14,78 @@
"value": "Se descubri\u00f3 un problema en Vonage Box Telephone Adapter VDV23 versi\u00f3n VDV21-3.2.11-0.5.1, que permite a atacantes locales eludir los controles de autenticaci\u00f3n UART y leer/escribir valores arbitrarios en la memoria del dispositivo." "value": "Se descubri\u00f3 un problema en Vonage Box Telephone Adapter VDV23 versi\u00f3n VDV21-3.2.11-0.5.1, que permite a atacantes locales eludir los controles de autenticaci\u00f3n UART y leer/escribir valores arbitrarios en la memoria del dispositivo."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vonage:vdv23_firmware:vdv21-3.2.11-0.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2E6A9EB7-FD15-44AE-8AE9-052C5FE43495"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vonage:vdv23:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2A5A354-8732-4192-ABA1-B2CCE9F2472B"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://trojanhorsey.substack.com/p/cve-2023-47304-unsecured-uart-in", "url": "https://trojanhorsey.substack.com/p/cve-2023-47304-unsecured-uart-in",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit"
]
} }
] ]
} }

65
CVE-2023/CVE-2023-482xx/CVE-2023-48205.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-48205", "id": "CVE-2023-48205",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-12-07T07:15:09.373", "published": "2023-12-07T07:15:09.373",
"lastModified": "2023-12-07T12:12:27.987", "lastModified": "2023-12-11T15:26:29.517",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -14,11 +14,68 @@
"value": "Jorani Leave Management System 1.0.2 permite a un atacante remoto falsificar un encabezado de Host asociado con correos electr\u00f3nicos de restablecimiento de contrase\u00f1a." "value": "Jorani Leave Management System 1.0.2 permite a un atacante remoto falsificar un encabezado de Host asociado con correos electr\u00f3nicos de restablecimiento de contrase\u00f1a."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-74"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:jorani:leave_management_system:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "00F9C1CC-15CC-4C2A-AFAA-163D330F0CBE"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "http://packetstormsecurity.com/files/175802", "url": "http://packetstormsecurity.com/files/175802",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
} }
] ]
} }

65
CVE-2023/CVE-2023-482xx/CVE-2023-48207.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-48207", "id": "CVE-2023-48207",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-12-07T07:15:09.743", "published": "2023-12-07T07:15:09.743",
"lastModified": "2023-12-07T12:12:27.987", "lastModified": "2023-12-11T15:22:41.410",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -14,11 +14,68 @@
"value": "Availability Booking Calendar 5.0 permite la inyecci\u00f3n de CSV a trav\u00e9s del campo de ID \u00fanico en el componente de lista de Reservas." "value": "Availability Booking Calendar 5.0 permite la inyecci\u00f3n de CSV a trav\u00e9s del campo de ID \u00fanico en el componente de lista de Reservas."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-1236"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:phpjabbers:availability_booking_calendar:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "400C4218-066A-411F-8DCA-4088E461A203"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "http://packetstormsecurity.com/files/175804", "url": "http://packetstormsecurity.com/files/175804",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
} }
] ]
} }

620
CVE-2023/CVE-2023-488xx/CVE-2023-48849.json
View File

@ -2,19 +2,631 @@
"id": "CVE-2023-48849", "id": "CVE-2023-48849",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-12-06T08:15:07.107", "published": "2023-12-06T08:15:07.107",
"lastModified": "2023-12-06T13:50:08.353", "lastModified": "2023-12-11T16:18:06.687",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Ruijie EG Series Routers version EG_3.0(1)B11P216 and before allows unauthenticated attackers to remotely execute arbitrary code due to incorrect filtering." "value": "Ruijie EG Series Routers version EG_3.0(1)B11P216 and before allows unauthenticated attackers to remotely execute arbitrary code due to incorrect filtering."
},
{
"lang": "es",
"value": "Ruijie EG Series Routers versi\u00f3n EG_3.0(1)B11P216 y anteriores permiten a atacantes no autenticados ejecutar de forma remota c\u00f3digo arbitrario debido a un filtrado incorrecto."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:ruijie:rg-eg1000c_firmware:3.0\\(1\\)b11p216:*:*:*:*:*:*:*",
"matchCriteriaId": "E8D428A3-FC96-4EB5-A04F-31A71D2E12F6"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:ruijie:rg-eg1000c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "392B0C18-CD2A-45F3-95DF-1E064B84AC24"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:ruijie:rg-eg1000e_firmware:3.0\\(1\\)b11p216:*:*:*:*:*:*:*",
"matchCriteriaId": "299A82E0-325D-4228-A591-DA6A1B4EA74F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:ruijie:rg-eg1000e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DA58CE8C-9CEF-4990-B4F1-925B7B2F6CE2"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:ruijie:rg-eg105g_firmware:3.0\\(1\\)b11p216:*:*:*:*:*:*:*",
"matchCriteriaId": "CE3300C5-4CF4-4001-AE7B-910FD472337C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:ruijie:rg-eg105g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FEBFC706-AC97-4541-B2B5-1804A4A1DEFC"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:ruijie:rg-eg105g_v2_firmware:3.0\\(1\\)b11p216:*:*:*:*:*:*:*",
"matchCriteriaId": "90D0404E-653F-4EF1-A00B-81F291CF29F2"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:ruijie:rg-eg105g_v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5E4EBC91-4AB4-4103-93F8-A4ADF708A5F2"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:ruijie:rg-eg105g-e_firmware:3.0\\(1\\)b11p216:*:*:*:*:*:*:*",
"matchCriteriaId": "018D197F-FD45-49FC-B449-3C0D6086445A"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:ruijie:rg-eg105g-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD536DA0-81D3-4D4A-A118-547B5A4F1EAD"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:ruijie:rg-eg105g-p_firmware:3.0\\(1\\)b11p216:*:*:*:*:*:*:*",
"matchCriteriaId": "01ECF45E-0D62-4020-9AC0-E11D0DC02D43"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:ruijie:rg-eg105g-p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7611947-CA1E-48C5-A79E-584EA174D4E7"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:ruijie:rg-eg105g-pe_firmware:3.0\\(1\\)b11p216:*:*:*:*:*:*:*",
"matchCriteriaId": "4F61792C-9A8D-4BB0-ABEC-E378B4A09EA4"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:ruijie:rg-eg105g-pe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56E58BB1-41AA-4299-A872-0D8538C22D97"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:ruijie:rg-eg105gw\\(t\\)_firmware:3.0\\(1\\)b11p216:*:*:*:*:*:*:*",
"matchCriteriaId": "5EF42017-3BE4-41D3-B440-002324926274"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:ruijie:rg-eg105gw\\(t\\):-:*:*:*:*:*:*:*",
"matchCriteriaId": "E8489805-7913-441A-A234-FF81727145F4"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:ruijie:rg-eg105gw-x_firmware:3.0\\(1\\)b11p216:*:*:*:*:*:*:*",
"matchCriteriaId": "01C66016-1A85-4A4A-A64E-227F34D2059C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:ruijie:rg-eg105gw-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DFC91E9-48B8-44B7-B3D1-8307AF28D2C3"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:ruijie:rg-eg2000ce_firmware:3.0\\(1\\)b11p216:*:*:*:*:*:*:*",
"matchCriteriaId": "C6C68405-AEAC-4F8F-AD9E-AF4B5244C199"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:ruijie:rg-eg2000ce:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EEE2EBF3-6B54-4820-9B81-78C536C27EBD"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:ruijie:rg-eg209gs_firmware:3.0\\(1\\)b11p216:*:*:*:*:*:*:*",
"matchCriteriaId": "30D1E3AE-D86C-461F-8EF6-26802DE1F810"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:ruijie:rg-eg209gs:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A19353AD-583C-45ED-B7E9-5A698957A58F"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:ruijie:rg-eg2100-p_firmware:3.0\\(1\\)b11p216:*:*:*:*:*:*:*",
"matchCriteriaId": "198D50AD-070A-4CF6-9508-BE21BA2C4012"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:ruijie:rg-eg2100-p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C143C34F-E3B0-4758-B5B2-940487C0DF9A"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:ruijie:rg-eg210g-e_firmware:3.0\\(1\\)b11p216:*:*:*:*:*:*:*",
"matchCriteriaId": "CC0ACC94-C949-43DA-98B8-5AF1BC48D2A1"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:ruijie:rg-eg210g-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0523E44D-02BD-4383-9E06-9D9072C3279B"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:ruijie:rg-eg210g-p_firmware:3.0\\(1\\)b11p216:*:*:*:*:*:*:*",
"matchCriteriaId": "6826B7F7-9F5C-4501-92DF-733829BB4E41"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:ruijie:rg-eg210g-p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "637BFC7A-BDAD-4FE3-A783-847B2790A289"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:ruijie:rg-eg210g-pe_firmware:3.0\\(1\\)b11p216:*:*:*:*:*:*:*",
"matchCriteriaId": "8841AAE5-890A-473F-B009-2C63003703AE"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:ruijie:rg-eg210g-pe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C131E10E-92FE-4934-9FD3-44023A74A07F"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:ruijie:rg-eg3000eu_firmware:3.0\\(1\\)b11p216:*:*:*:*:*:*:*",
"matchCriteriaId": "246C77FD-B976-4063-A024-EC1B1CDE6425"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:ruijie:rg-eg3000eu:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2091E90B-592D-4140-A601-6211824F294D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:ruijie:rg-eg3000xe_firmware:3.0\\(1\\)b11p216:*:*:*:*:*:*:*",
"matchCriteriaId": "993832B4-72BE-4545-97F0-52F18DE81183"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:ruijie:rg-eg3000xe:-:*:*:*:*:*:*:*",
"matchCriteriaId": "13B97B62-B757-48B5-9FE8-31CD941E17BA"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:ruijie:rg-eg305gh-p-e_firmware:3.0\\(1\\)b11p216:*:*:*:*:*:*:*",
"matchCriteriaId": "44BD1A69-B1CB-46CA-86EF-4FF3F0456EAB"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:ruijie:rg-eg305gh-p-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F06A951-22E0-489C-86F8-F10659A58F84"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:ruijie:rg-eg310gh-e_firmware:3.0\\(1\\)b11p216:*:*:*:*:*:*:*",
"matchCriteriaId": "261F64C4-8075-49EA-8D03-D332273199ED"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:ruijie:rg-eg310gh-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AE5689D7-078B-4009-A7CC-78E82012DECA"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:ruijie:rg-eg3230_firmware:3.0\\(1\\)b11p216:*:*:*:*:*:*:*",
"matchCriteriaId": "5E278531-11DB-451E-92C9-1581A7472EB1"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:ruijie:rg-eg3230:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DC572D3-B08D-4F28-A5A1-B8B86A9816D8"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:ruijie:rg-eg3250_firmware:3.0\\(1\\)b11p216:*:*:*:*:*:*:*",
"matchCriteriaId": "9D162D1D-B4CB-4657-A3DA-4EE262197104"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:ruijie:rg-eg3250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7473057D-92EF-49BC-9721-A69CA90DEF04"
}
]
}
]
} }
], ],
"metrics": {},
"references": [ "references": [
{ {
"url": "https://github.com/delsploit/CVE-2023-48849", "url": "https://github.com/delsploit/CVE-2023-48849",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

73
CVE-2023/CVE-2023-490xx/CVE-2023-49070.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-49070", "id": "CVE-2023-49070",
"sourceIdentifier": "security@apache.org", "sourceIdentifier": "security@apache.org",
"published": "2023-12-05T08:15:07.443", "published": "2023-12-05T08:15:07.443",
"lastModified": "2023-12-05T13:51:04.540", "lastModified": "2023-12-11T15:32:29.317",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -14,7 +14,30 @@
"value": "RCE de autorizaci\u00f3n previa en Apache Ofbiz 18.12.09. Se debe a que XML-RPC ya no se mantiene presente. Este problema afecta a Apache OFBiz: antes del 18.12.10. Se recomienda a los usuarios actualizar a la versi\u00f3n 18.12.10" "value": "RCE de autorizaci\u00f3n previa en Apache Ofbiz 18.12.09. Se debe a que XML-RPC ya no se mantiene presente. Este problema afecta a Apache OFBiz: antes del 18.12.10. Se recomienda a los usuarios actualizar a la versi\u00f3n 18.12.10"
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [ "weaknesses": [
{ {
"source": "security@apache.org", "source": "security@apache.org",
@ -27,26 +50,60 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:ofbiz:*:*:*:*:*:*:*:*",
"versionEndExcluding": "18.12.10",
"matchCriteriaId": "10BDFE5A-6BD0-4A4B-A60F-2463D923FE93"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://issues.apache.org/jira/browse/OFBIZ-12812", "url": "https://issues.apache.org/jira/browse/OFBIZ-12812",
"source": "security@apache.org" "source": "security@apache.org",
"tags": [
"Issue Tracking",
"Patch"
]
}, },
{ {
"url": "https://lists.apache.org/thread/jmbqk2lp4t4483whzndp5xqlq4f3otg3", "url": "https://lists.apache.org/thread/jmbqk2lp4t4483whzndp5xqlq4f3otg3",
"source": "security@apache.org" "source": "security@apache.org",
"tags": [
"Mailing List"
]
}, },
{ {
"url": "https://ofbiz.apache.org/download.html", "url": "https://ofbiz.apache.org/download.html",
"source": "security@apache.org" "source": "security@apache.org",
"tags": [
"Product"
]
}, },
{ {
"url": "https://ofbiz.apache.org/release-notes-18.12.10.html", "url": "https://ofbiz.apache.org/release-notes-18.12.10.html",
"source": "security@apache.org" "source": "security@apache.org",
"tags": [
"Release Notes"
]
}, },
{ {
"url": "https://ofbiz.apache.org/security.html", "url": "https://ofbiz.apache.org/security.html",
"source": "security@apache.org" "source": "security@apache.org",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

112
CVE-2023/CVE-2023-492xx/CVE-2023-49239.json
View File

@ -2,23 +2,125 @@
"id": "CVE-2023-49239", "id": "CVE-2023-49239",
"sourceIdentifier": "psirt@huawei.com", "sourceIdentifier": "psirt@huawei.com",
"published": "2023-12-06T09:15:08.290", "published": "2023-12-06T09:15:08.290",
"lastModified": "2023-12-06T13:50:00.573", "lastModified": "2023-12-11T16:12:38.460",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Unauthorized access vulnerability in the card management module. Successful exploitation of this vulnerability may affect service confidentiality." "value": "Unauthorized access vulnerability in the card management module. Successful exploitation of this vulnerability may affect service confidentiality."
},
{
"lang": "es",
"value": "Vulnerabilidad de acceso no autorizado en el m\u00f3dulo de gesti\u00f3n de tarjetas. La explotaci\u00f3n exitosa de esta vulnerabilidad puede afectar la confidencialidad del servicio."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:emui:13.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "353AEAF2-AF46-4835-93E1-4F942D5E2810"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "20112231-B840-44D3-A061-B9B9F80EE378"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CB3751C1-7729-41D3-AE50-80B5AF601135"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4D81C4EF-7CAF-4E60-91A4-8CF7B95B2B54"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8198CDB2-4BC5-411A-8736-615A531FC545"
}
]
}
]
} }
], ],
"metrics": {},
"references": [ "references": [
{ {
"url": "https://consumer.huawei.com/en/support/bulletin/2023/12/", "url": "https://consumer.huawei.com/en/support/bulletin/2023/12/",
"source": "psirt@huawei.com" "source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
]
}, },
{ {
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202312-0000001758430245", "url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202312-0000001758430245",
"source": "psirt@huawei.com" "source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

110
CVE-2023/CVE-2023-492xx/CVE-2023-49240.json
View File

@ -2,16 +2,53 @@
"id": "CVE-2023-49240", "id": "CVE-2023-49240",
"sourceIdentifier": "psirt@huawei.com", "sourceIdentifier": "psirt@huawei.com",
"published": "2023-12-06T09:15:08.330", "published": "2023-12-06T09:15:08.330",
"lastModified": "2023-12-06T13:50:00.573", "lastModified": "2023-12-11T16:10:25.813",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Unauthorized access vulnerability in the launcher module. Successful exploitation of this vulnerability may affect service confidentiality." "value": "Unauthorized access vulnerability in the launcher module. Successful exploitation of this vulnerability may affect service confidentiality."
},
{
"lang": "es",
"value": "Vulnerabilidad de acceso no autorizado en el m\u00f3dulo lanzador. La explotaci\u00f3n exitosa de esta vulnerabilidad puede afectar la confidencialidad del servicio."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
},
{ {
"source": "psirt@huawei.com", "source": "psirt@huawei.com",
"type": "Secondary", "type": "Secondary",
@ -23,14 +60,77 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:emui:13.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "353AEAF2-AF46-4835-93E1-4F942D5E2810"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "20112231-B840-44D3-A061-B9B9F80EE378"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CB3751C1-7729-41D3-AE50-80B5AF601135"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4D81C4EF-7CAF-4E60-91A4-8CF7B95B2B54"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8198CDB2-4BC5-411A-8736-615A531FC545"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://consumer.huawei.com/en/support/bulletin/2023/12/", "url": "https://consumer.huawei.com/en/support/bulletin/2023/12/",
"source": "psirt@huawei.com" "source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
]
}, },
{ {
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202312-0000001758430245", "url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202312-0000001758430245",
"source": "psirt@huawei.com" "source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

20
CVE-2023/CVE-2023-494xx/CVE-2023-49417.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-49417",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-12-11T14:15:31.740",
"lastModified": "2023-12-11T14:15:42.110",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "TOTOLink A7000R V9.1.0u.6115_B20201022 has a stack overflow vulnerability via setOpModeCfg."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/cnitlrt/iot_vuln/tree/master/totolink/A7000R/setOpModeCfg",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-494xx/CVE-2023-49418.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-49418",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-12-11T14:15:31.800",
"lastModified": "2023-12-11T14:15:42.110",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "TOTOLink A7000R V9.1.0u.6115_B20201022has a stack overflow vulnerability via setIpPortFilterRules."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/cnitlrt/iot_vuln/tree/master/totolink/A7000R/setIpPortFilterRules",
"source": "cve@mitre.org"
}
]
}

44
CVE-2023/CVE-2023-51xx/CVE-2023-5188.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-5188", "id": "CVE-2023-5188",
"sourceIdentifier": "info@cert.vde.com", "sourceIdentifier": "info@cert.vde.com",
"published": "2023-12-05T08:15:07.690", "published": "2023-12-05T08:15:07.690",
"lastModified": "2023-12-05T13:51:04.540", "lastModified": "2023-12-11T15:32:04.883",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -40,8 +40,18 @@
}, },
"weaknesses": [ "weaknesses": [
{ {
"source": "info@cert.vde.com", "source": "nvd@nist.gov",
"type": "Primary", "type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "info@cert.vde.com",
"type": "Secondary",
"description": [ "description": [
{ {
"lang": "en", "lang": "en",
@ -50,10 +60,36 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wago:telecontrol_configurator:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ABC2D31E-C831-4293-93B2-3D7A7F58F272"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wago:wagoapprtu:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.4.6.0",
"matchCriteriaId": "BD685DB5-5DF9-472D-A899-69B2444368B0"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://cert.vde.com/en/advisories/VDE-2023-044/", "url": "https://cert.vde.com/en/advisories/VDE-2023-044/",
"source": "info@cert.vde.com" "source": "info@cert.vde.com",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

14
CVE-2023/CVE-2023-55xx/CVE-2023-5557.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-5557", "id": "CVE-2023-5557",
"sourceIdentifier": "secalert@redhat.com", "sourceIdentifier": "secalert@redhat.com",
"published": "2023-10-13T02:15:11.077", "published": "2023-10-13T02:15:11.077",
"lastModified": "2023-11-07T04:24:07.967", "lastModified": "2023-12-11T16:15:42.630",
"vulnStatus": "Modified", "vulnStatus": "Modified",
"descriptions": [ "descriptions": [
{ {
@ -37,7 +37,7 @@
"impactScore": 6.0 "impactScore": 6.0
}, },
{ {
"source": "53f830b8-0a3f-465b-8143-3b8a9948e749", "source": "secalert@redhat.com",
"type": "Secondary", "type": "Secondary",
"cvssData": { "cvssData": {
"version": "3.1", "version": "3.1",
@ -70,7 +70,7 @@
] ]
}, },
{ {
"source": "53f830b8-0a3f-465b-8143-3b8a9948e749", "source": "secalert@redhat.com",
"type": "Secondary", "type": "Secondary",
"description": [ "description": [
{ {
@ -140,6 +140,14 @@
} }
], ],
"references": [ "references": [
{
"url": "https://access.redhat.com/errata/RHSA-2023:7712",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:7713",
"source": "secalert@redhat.com"
},
{ {
"url": "https://access.redhat.com/security/cve/CVE-2023-5557", "url": "https://access.redhat.com/security/cve/CVE-2023-5557",
"source": "secalert@redhat.com", "source": "secalert@redhat.com",

6
CVE-2023/CVE-2023-58xx/CVE-2023-5868.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-5868", "id": "CVE-2023-5868",
"sourceIdentifier": "secalert@redhat.com", "sourceIdentifier": "secalert@redhat.com",
"published": "2023-12-10T18:15:07.163", "published": "2023-12-10T18:15:07.163",
"lastModified": "2023-12-11T12:20:50.310", "lastModified": "2023-12-11T16:15:42.763",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
@ -91,6 +91,10 @@
"url": "https://access.redhat.com/errata/RHSA-2023:7695", "url": "https://access.redhat.com/errata/RHSA-2023:7695",
"source": "secalert@redhat.com" "source": "secalert@redhat.com"
}, },
{
"url": "https://access.redhat.com/errata/RHSA-2023:7714",
"source": "secalert@redhat.com"
},
{ {
"url": "https://access.redhat.com/security/cve/CVE-2023-5868", "url": "https://access.redhat.com/security/cve/CVE-2023-5868",
"source": "secalert@redhat.com" "source": "secalert@redhat.com"

6
CVE-2023/CVE-2023-58xx/CVE-2023-5869.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-5869", "id": "CVE-2023-5869",
"sourceIdentifier": "secalert@redhat.com", "sourceIdentifier": "secalert@redhat.com",
"published": "2023-12-10T18:15:07.410", "published": "2023-12-10T18:15:07.410",
"lastModified": "2023-12-11T12:20:50.310", "lastModified": "2023-12-11T16:15:42.880",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
@ -91,6 +91,10 @@
"url": "https://access.redhat.com/errata/RHSA-2023:7695", "url": "https://access.redhat.com/errata/RHSA-2023:7695",
"source": "secalert@redhat.com" "source": "secalert@redhat.com"
}, },
{
"url": "https://access.redhat.com/errata/RHSA-2023:7714",
"source": "secalert@redhat.com"
},
{ {
"url": "https://access.redhat.com/security/cve/CVE-2023-5869", "url": "https://access.redhat.com/security/cve/CVE-2023-5869",
"source": "secalert@redhat.com" "source": "secalert@redhat.com"

6
CVE-2023/CVE-2023-58xx/CVE-2023-5870.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-5870", "id": "CVE-2023-5870",
"sourceIdentifier": "secalert@redhat.com", "sourceIdentifier": "secalert@redhat.com",
"published": "2023-12-10T18:15:07.643", "published": "2023-12-10T18:15:07.643",
"lastModified": "2023-12-11T12:20:50.310", "lastModified": "2023-12-11T16:15:42.990",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
@ -91,6 +91,10 @@
"url": "https://access.redhat.com/errata/RHSA-2023:7695", "url": "https://access.redhat.com/errata/RHSA-2023:7695",
"source": "secalert@redhat.com" "source": "secalert@redhat.com"
}, },
{
"url": "https://access.redhat.com/errata/RHSA-2023:7714",
"source": "secalert@redhat.com"
},
{ {
"url": "https://access.redhat.com/security/cve/CVE-2023-5870", "url": "https://access.redhat.com/security/cve/CVE-2023-5870",
"source": "secalert@redhat.com" "source": "secalert@redhat.com"

63
CVE-2023/CVE-2023-61xx/CVE-2023-6194.json Normal file
View File

@ -0,0 +1,63 @@
{
"id": "CVE-2023-6194",
"sourceIdentifier": "emo@eclipse.org",
"published": "2023-12-11T14:15:31.847",
"lastModified": "2023-12-11T14:15:42.110",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In Eclipse Memory Analyzer versions 0.7 to 1.14.0, report definition XML files are not filtered to prohibit\ndocument type definition (DTD) references to external entities.\nThis means that if a user chooses to use a malicious report definition XML file containing an external entity reference\nto generate a report then Eclipse Memory Analyzer may access external files or URLs defined via a DTD in the report definition.\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "emo@eclipse.org",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 2.8,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.3,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "emo@eclipse.org",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-611"
}
]
}
],
"references": [
{
"url": "https://bugs.eclipse.org/bugs/show_bug.cgi?id=582631",
"source": "emo@eclipse.org"
},
{
"url": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/15",
"source": "emo@eclipse.org"
},
{
"url": "https://gitlab.eclipse.org/security/vulnerability-reports/-/issues/169",
"source": "emo@eclipse.org"
}
]
}

78
CVE-2023/CVE-2023-62xx/CVE-2023-6269.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6269", "id": "CVE-2023-6269",
"sourceIdentifier": "551230f0-3615-47bd-b7cc-93e92e730bbf", "sourceIdentifier": "551230f0-3615-47bd-b7cc-93e92e730bbf",
"published": "2023-12-05T08:15:08.020", "published": "2023-12-05T08:15:08.020",
"lastModified": "2023-12-05T13:51:04.540", "lastModified": "2023-12-11T15:31:20.927",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -16,6 +16,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{ {
"source": "551230f0-3615-47bd-b7cc-93e92e730bbf", "source": "551230f0-3615-47bd-b7cc-93e92e730bbf",
"type": "Secondary", "type": "Secondary",
@ -39,6 +59,16 @@
] ]
}, },
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-88"
}
]
},
{ {
"source": "551230f0-3615-47bd-b7cc-93e92e730bbf", "source": "551230f0-3615-47bd-b7cc-93e92e730bbf",
"type": "Secondary", "type": "Secondary",
@ -50,14 +80,54 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atos:unify_openscape_bcf:*:*:*:*:*:*:*:*",
"versionStartIncluding": "10",
"versionEndExcluding": "10r10.12.00",
"matchCriteriaId": "33A79717-055B-4379-B8E6-EF034E9C399B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atos:unify_openscape_branch:*:*:*:*:*:*:*:*",
"versionStartIncluding": "10",
"versionEndExcluding": "10r3.4.0",
"matchCriteriaId": "A3A502C0-FFCB-4C20-B344-288FDD631866"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atos:unify_openscape_session_border_controller:*:*:*:*:*:*:*:*",
"versionStartIncluding": "10",
"versionEndExcluding": "10r3.4.0",
"matchCriteriaId": "6AD7E9FB-9245-4A88-937E-3DF49B61E3C8"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://networks.unify.com/security/advisories/OBSO-2310-01.pdf", "url": "https://networks.unify.com/security/advisories/OBSO-2310-01.pdf",
"source": "551230f0-3615-47bd-b7cc-93e92e730bbf" "source": "551230f0-3615-47bd-b7cc-93e92e730bbf",
"tags": [
"Vendor Advisory"
]
}, },
{ {
"url": "https://r.sec-consult.com/unifyroot", "url": "https://r.sec-consult.com/unifyroot",
"source": "551230f0-3615-47bd-b7cc-93e92e730bbf" "source": "551230f0-3615-47bd-b7cc-93e92e730bbf",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

82
CVE-2023/CVE-2023-63xx/CVE-2023-6352.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-6352", "id": "CVE-2023-6352",
"sourceIdentifier": "9119a7d8-5eab-497f-8521-727c672e3725", "sourceIdentifier": "9119a7d8-5eab-497f-8521-727c672e3725",
"published": "2023-11-30T18:15:08.963", "published": "2023-11-30T18:15:08.963",
"lastModified": "2023-11-30T21:15:09.200", "lastModified": "2023-12-11T14:40:41.233",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "The default configuration of Aquaforest TIFF Server allows access to arbitrary file paths, subject to any restrictions imposed by Internet Information Services (IIS) or Microsoft Windows. Depending on how a web application uses and configures TIFF Server, a remote attacker may be able to enumerate files or directories, traverse directories, bypass authentication, or access restricted files.\n\n\n" "value": "The default configuration of Aquaforest TIFF Server allows access to arbitrary file paths, subject to any restrictions imposed by Internet Information Services (IIS) or Microsoft Windows. Depending on how a web application uses and configures TIFF Server, a remote attacker may be able to enumerate files or directories, traverse directories, bypass authentication, or access restricted files.\n\n\n"
},
{
"lang": "es",
"value": "La configuraci\u00f3n predeterminada de Aquaforest TIFF Server permite el acceso a rutas de archivos arbitrarias, sujetas a las restricciones impuestas por Internet Information Services (IIS) o Microsoft Windows. Dependiendo de c\u00f3mo una aplicaci\u00f3n web use y configure el servidor TIFF, un atacante remoto puede enumerar archivos o directorios, recorrer directorios, omitir la autenticaci\u00f3n o acceder a archivos restringidos."
} }
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{ {
"source": "9119a7d8-5eab-497f-8521-727c672e3725", "source": "9119a7d8-5eab-497f-8521-727c672e3725",
"type": "Secondary", "type": "Secondary",
@ -35,6 +59,16 @@
] ]
}, },
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
},
{ {
"source": "9119a7d8-5eab-497f-8521-727c672e3725", "source": "9119a7d8-5eab-497f-8521-727c672e3725",
"type": "Secondary", "type": "Secondary",
@ -46,26 +80,60 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:aquaforest:tiff_server:4.2.210913:*:*:*:*:*:*:*",
"matchCriteriaId": "D8FEC850-876D-4E93-BB36-53AF2434FBBE"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/qwell/disorder-in-the-court/blob/main/README-TylerTechnologies.md", "url": "https://github.com/qwell/disorder-in-the-court/blob/main/README-TylerTechnologies.md",
"source": "9119a7d8-5eab-497f-8521-727c672e3725" "source": "9119a7d8-5eab-497f-8521-727c672e3725",
"tags": [
"Exploit",
"Third Party Advisory"
]
}, },
{ {
"url": "https://www.aquaforest.com/blog/aquaforest-tiff-server-sunsetting", "url": "https://www.aquaforest.com/blog/aquaforest-tiff-server-sunsetting",
"source": "9119a7d8-5eab-497f-8521-727c672e3725" "source": "9119a7d8-5eab-497f-8521-727c672e3725",
"tags": [
"Vendor Advisory"
]
}, },
{ {
"url": "https://www.aquaforest.com/blog/tiff-server-security-update", "url": "https://www.aquaforest.com/blog/tiff-server-security-update",
"source": "9119a7d8-5eab-497f-8521-727c672e3725" "source": "9119a7d8-5eab-497f-8521-727c672e3725",
"tags": [
"Vendor Advisory"
]
}, },
{ {
"url": "https://www.aquaforest.com/wp-content/uploads/pdf/ts/TiffServer4.2.pdf", "url": "https://www.aquaforest.com/wp-content/uploads/pdf/ts/TiffServer4.2.pdf",
"source": "9119a7d8-5eab-497f-8521-727c672e3725" "source": "9119a7d8-5eab-497f-8521-727c672e3725",
"tags": [
"Product"
]
}, },
{ {
"url": "https://www.cisa.gov/news-events/alerts/2023/11/30/multiple-vulnerabilities-affecting-web-based-court-case-and-document-management-systems", "url": "https://www.cisa.gov/news-events/alerts/2023/11/30/multiple-vulnerabilities-affecting-web-based-court-case-and-document-management-systems",
"source": "9119a7d8-5eab-497f-8521-727c672e3725" "source": "9119a7d8-5eab-497f-8521-727c672e3725",
"tags": [
"Third Party Advisory",
"US Government Resource"
]
} }
] ]
} }

78
CVE-2023/CVE-2023-63xx/CVE-2023-6376.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-6376", "id": "CVE-2023-6376",
"sourceIdentifier": "9119a7d8-5eab-497f-8521-727c672e3725", "sourceIdentifier": "9119a7d8-5eab-497f-8521-727c672e3725",
"published": "2023-11-30T18:15:09.720", "published": "2023-11-30T18:15:09.720",
"lastModified": "2023-11-30T21:15:09.463", "lastModified": "2023-12-11T15:12:41.477",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Henschen & Associates court document management software does not sufficiently randomize file names of cached documents, allowing a remote, unauthenticated attacker to access restricted documents.\n\n\n" "value": "Henschen & Associates court document management software does not sufficiently randomize file names of cached documents, allowing a remote, unauthenticated attacker to access restricted documents.\n\n\n"
},
{
"lang": "es",
"value": "El software de gesti\u00f3n de documentos judiciales de Henschen & Associates no aleatoriza suficientemente los nombres de los archivos de los documentos almacenados en cach\u00e9, lo que permite que un atacante remoto y no autenticado acceda a documentos restringidos."
} }
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{ {
"source": "9119a7d8-5eab-497f-8521-727c672e3725", "source": "9119a7d8-5eab-497f-8521-727c672e3725",
"type": "Secondary", "type": "Secondary",
@ -35,6 +59,16 @@
] ]
}, },
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-330"
}
]
},
{ {
"source": "9119a7d8-5eab-497f-8521-727c672e3725", "source": "9119a7d8-5eab-497f-8521-727c672e3725",
"type": "Secondary", "type": "Secondary",
@ -46,22 +80,54 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:henschen:court_document_management:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2023-11-22",
"matchCriteriaId": "D975E358-D5AD-4264-8811-49889C563E99"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/qwell/disorder-in-the-court/blob/main/README-Henschen%26Associates.md", "url": "https://github.com/qwell/disorder-in-the-court/blob/main/README-Henschen%26Associates.md",
"source": "9119a7d8-5eab-497f-8521-727c672e3725" "source": "9119a7d8-5eab-497f-8521-727c672e3725",
"tags": [
"Exploit",
"Third Party Advisory"
]
}, },
{ {
"url": "https://techcrunch.com/2023/11/30/us-court-records-systems-vulnerabilities-exposed-sealed-documents/", "url": "https://techcrunch.com/2023/11/30/us-court-records-systems-vulnerabilities-exposed-sealed-documents/",
"source": "9119a7d8-5eab-497f-8521-727c672e3725" "source": "9119a7d8-5eab-497f-8521-727c672e3725",
"tags": [
"Press/Media Coverage"
]
}, },
{ {
"url": "https://www.cisa.gov/news-events/alerts/2023/11/30/multiple-vulnerabilities-affecting-web-based-court-case-and-document-management-systems", "url": "https://www.cisa.gov/news-events/alerts/2023/11/30/multiple-vulnerabilities-affecting-web-based-court-case-and-document-management-systems",
"source": "9119a7d8-5eab-497f-8521-727c672e3725" "source": "9119a7d8-5eab-497f-8521-727c672e3725",
"tags": [
"Third Party Advisory",
"US Government Resource"
]
}, },
{ {
"url": "https://www.henschen.com/government", "url": "https://www.henschen.com/government",
"source": "9119a7d8-5eab-497f-8521-727c672e3725" "source": "9119a7d8-5eab-497f-8521-727c672e3725",
"tags": [
"Product"
]
} }
] ]
} }

55
CVE-2023/CVE-2023-66xx/CVE-2023-6671.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-6671",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2023-12-11T14:15:32.150",
"lastModified": "2023-12-11T14:15:42.110",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been discovered on OJS, that consists in a CSRF (Cross-Site Request Forgery) attack that forces an end user to execute unwanted actions on a web application in which they're currently authenticated."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
]
},
"weaknesses": [
{
"source": "cve-coordination@incibe.es",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/cross-site-request-forgery-open-journal-systems",
"source": "cve-coordination@incibe.es"
}
]
}

66
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update ### Last Repository Update
```plain ```plain
2023-12-11T13:00:55.136401+00:00 2023-12-11T17:04:10.424765+00:00
``` ```
### Most recent CVE Modification Timestamp synchronized with NVD ### Most recent CVE Modification Timestamp synchronized with NVD
```plain ```plain
2023-12-11T12:52:26.990000+00:00 2023-12-11T16:18:06.687000+00:00
``` ```
### Last Data Feed Release ### Last Data Feed Release
@ -29,46 +29,48 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs ### Total Number of included CVEs
```plain ```plain
232706 232710
``` ```
### CVEs added in the last Commit ### CVEs added in the last Commit
Recently added CVEs: `2` Recently added CVEs: `4`
* [CVE-2023-6185](CVE-2023/CVE-2023-61xx/CVE-2023-6185.json) (`2023-12-11T12:15:07.037`) * [CVE-2023-49417](CVE-2023/CVE-2023-494xx/CVE-2023-49417.json) (`2023-12-11T14:15:31.740`)
* [CVE-2023-6186](CVE-2023/CVE-2023-61xx/CVE-2023-6186.json) (`2023-12-11T12:15:07.713`) * [CVE-2023-49418](CVE-2023/CVE-2023-494xx/CVE-2023-49418.json) (`2023-12-11T14:15:31.800`)
* [CVE-2023-6194](CVE-2023/CVE-2023-61xx/CVE-2023-6194.json) (`2023-12-11T14:15:31.847`)
* [CVE-2023-6671](CVE-2023/CVE-2023-66xx/CVE-2023-6671.json) (`2023-12-11T14:15:32.150`)
### CVEs modified in the last Commit ### CVEs modified in the last Commit
Recently modified CVEs: `29` Recently modified CVEs: `60`
* [CVE-2023-50456](CVE-2023/CVE-2023-504xx/CVE-2023-50456.json) (`2023-12-11T12:20:45.887`) * [CVE-2023-5188](CVE-2023/CVE-2023-51xx/CVE-2023-5188.json) (`2023-12-11T15:32:04.883`)
* [CVE-2023-50457](CVE-2023/CVE-2023-504xx/CVE-2023-50457.json) (`2023-12-11T12:20:45.887`) * [CVE-2023-49070](CVE-2023/CVE-2023-490xx/CVE-2023-49070.json) (`2023-12-11T15:32:29.317`)
* [CVE-2023-6656](CVE-2023/CVE-2023-66xx/CVE-2023-6656.json) (`2023-12-11T12:20:45.887`) * [CVE-2023-43472](CVE-2023/CVE-2023-434xx/CVE-2023-43472.json) (`2023-12-11T15:32:59.420`)
* [CVE-2023-6657](CVE-2023/CVE-2023-66xx/CVE-2023-6657.json) (`2023-12-11T12:20:45.887`) * [CVE-2023-44295](CVE-2023/CVE-2023-442xx/CVE-2023-44295.json) (`2023-12-11T15:33:19.813`)
* [CVE-2023-50463](CVE-2023/CVE-2023-504xx/CVE-2023-50463.json) (`2023-12-11T12:20:45.887`) * [CVE-2023-44288](CVE-2023/CVE-2023-442xx/CVE-2023-44288.json) (`2023-12-11T15:33:33.377`)
* [CVE-2023-6658](CVE-2023/CVE-2023-66xx/CVE-2023-6658.json) (`2023-12-11T12:20:45.887`) * [CVE-2023-39248](CVE-2023/CVE-2023-392xx/CVE-2023-39248.json) (`2023-12-11T15:33:45.650`)
* [CVE-2023-50465](CVE-2023/CVE-2023-504xx/CVE-2023-50465.json) (`2023-12-11T12:20:45.887`) * [CVE-2023-37572](CVE-2023/CVE-2023-375xx/CVE-2023-37572.json) (`2023-12-11T15:34:02.400`)
* [CVE-2023-6659](CVE-2023/CVE-2023-66xx/CVE-2023-6659.json) (`2023-12-11T12:20:45.887`) * [CVE-2023-47304](CVE-2023/CVE-2023-473xx/CVE-2023-47304.json) (`2023-12-11T15:37:02.707`)
* [CVE-2023-48417](CVE-2023/CVE-2023-484xx/CVE-2023-48417.json) (`2023-12-11T12:20:45.887`) * [CVE-2023-42578](CVE-2023/CVE-2023-425xx/CVE-2023-42578.json) (`2023-12-11T15:38:57.763`)
* [CVE-2023-48424](CVE-2023/CVE-2023-484xx/CVE-2023-48424.json) (`2023-12-11T12:20:45.887`) * [CVE-2023-42577](CVE-2023/CVE-2023-425xx/CVE-2023-42577.json) (`2023-12-11T15:41:26.297`)
* [CVE-2023-48425](CVE-2023/CVE-2023-484xx/CVE-2023-48425.json) (`2023-12-11T12:20:45.887`) * [CVE-2023-42576](CVE-2023/CVE-2023-425xx/CVE-2023-42576.json) (`2023-12-11T15:42:44.137`)
* [CVE-2023-6181](CVE-2023/CVE-2023-61xx/CVE-2023-6181.json) (`2023-12-11T12:20:45.887`) * [CVE-2023-42575](CVE-2023/CVE-2023-425xx/CVE-2023-42575.json) (`2023-12-11T16:04:34.710`)
* [CVE-2023-49355](CVE-2023/CVE-2023-493xx/CVE-2023-49355.json) (`2023-12-11T12:20:45.887`) * [CVE-2023-42574](CVE-2023/CVE-2023-425xx/CVE-2023-42574.json) (`2023-12-11T16:04:55.683`)
* [CVE-2023-5500](CVE-2023/CVE-2023-55xx/CVE-2023-5500.json) (`2023-12-11T12:20:45.887`) * [CVE-2023-42573](CVE-2023/CVE-2023-425xx/CVE-2023-42573.json) (`2023-12-11T16:05:18.447`)
* [CVE-2023-49964](CVE-2023/CVE-2023-499xx/CVE-2023-49964.json) (`2023-12-11T12:20:45.887`) * [CVE-2023-49240](CVE-2023/CVE-2023-492xx/CVE-2023-49240.json) (`2023-12-11T16:10:25.813`)
* [CVE-2023-6652](CVE-2023/CVE-2023-66xx/CVE-2023-6652.json) (`2023-12-11T12:20:50.310`) * [CVE-2023-49239](CVE-2023/CVE-2023-492xx/CVE-2023-49239.json) (`2023-12-11T16:12:38.460`)
* [CVE-2023-6653](CVE-2023/CVE-2023-66xx/CVE-2023-6653.json) (`2023-12-11T12:20:50.310`) * [CVE-2023-46773](CVE-2023/CVE-2023-467xx/CVE-2023-46773.json) (`2023-12-11T16:14:54.787`)
* [CVE-2023-6654](CVE-2023/CVE-2023-66xx/CVE-2023-6654.json) (`2023-12-11T12:20:50.310`) * [CVE-2023-39417](CVE-2023/CVE-2023-394xx/CVE-2023-39417.json) (`2023-12-11T16:15:42.330`)
* [CVE-2023-6655](CVE-2023/CVE-2023-66xx/CVE-2023-6655.json) (`2023-12-11T12:20:50.310`) * [CVE-2023-5557](CVE-2023/CVE-2023-55xx/CVE-2023-5557.json) (`2023-12-11T16:15:42.630`)
* [CVE-2023-50446](CVE-2023/CVE-2023-504xx/CVE-2023-50446.json) (`2023-12-11T12:20:50.310`) * [CVE-2023-5868](CVE-2023/CVE-2023-58xx/CVE-2023-5868.json) (`2023-12-11T16:15:42.763`)
* [CVE-2023-50449](CVE-2023/CVE-2023-504xx/CVE-2023-50449.json) (`2023-12-11T12:20:50.310`) * [CVE-2023-5869](CVE-2023/CVE-2023-58xx/CVE-2023-5869.json) (`2023-12-11T16:15:42.880`)
* [CVE-2023-5868](CVE-2023/CVE-2023-58xx/CVE-2023-5868.json) (`2023-12-11T12:20:50.310`) * [CVE-2023-5870](CVE-2023/CVE-2023-58xx/CVE-2023-5870.json) (`2023-12-11T16:15:42.990`)
* [CVE-2023-5869](CVE-2023/CVE-2023-58xx/CVE-2023-5869.json) (`2023-12-11T12:20:50.310`) * [CVE-2023-44113](CVE-2023/CVE-2023-441xx/CVE-2023-44113.json) (`2023-12-11T16:15:48.920`)
* [CVE-2023-5870](CVE-2023/CVE-2023-58xx/CVE-2023-5870.json) (`2023-12-11T12:20:50.310`) * [CVE-2023-44099](CVE-2023/CVE-2023-440xx/CVE-2023-44099.json) (`2023-12-11T16:16:17.500`)
* [CVE-2023-48698](CVE-2023/CVE-2023-486xx/CVE-2023-48698.json) (`2023-12-11T12:52:26.990`) * [CVE-2023-48849](CVE-2023/CVE-2023-488xx/CVE-2023-48849.json) (`2023-12-11T16:18:06.687`)
## Download and Usage ## Download and Usage