admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-21 17:41:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-10-13T22:00:24.253629+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-10-13 22:00:27 +00:00
parent 0459b6cd09
commit 6465c27aec
39 changed files with 2328 additions and 122 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
CVE-2021/CVE-2021-467xx/CVE-2021-46784.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-46784",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-07-17T22:15:08.737",
"lastModified": "2023-10-13T12:15:09.823",
"lastModified": "2023-10-13T21:15:51.373",
"vulnStatus": "Modified",
"descriptions": [
{
@ -113,6 +113,10 @@
"url": "http://www.openwall.com/lists/oss-security/2023/10/13/1",
"source": "cve@mitre.org"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/10/13/10",
"source": "cve@mitre.org"
},
{
"url": "http://www.squid-cache.org/Versions/v4/changesets/SQUID-2021_7.patch",
"source": "cve@mitre.org",

69
CVE-2023/CVE-2023-239xx/CVE-2023-23930.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-23930",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-10-11T18:15:10.037",
"lastModified": "2023-10-11T21:04:52.423",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-13T21:27:29.790",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "vantage6 is privacy preserving federated learning infrastructure. Versions prior to 4.0.0 use pickle, which has known security issue, as a default serialization module but that has known security issues. All users of vantage6 that post tasks with the default serialization are affected. Version 4.0.0 contains a patch. Users may specify JSON serialization as a workaround."
},
{
"lang": "es",
"value": "vantage6 es una infraestructura de aprendizaje federada que preserva la privacidad. Las versiones anteriores a la 4.0.0 usan pickle, que tiene problemas de seguridad conocidos, como m\u00f3dulo de serializaci\u00f3n predeterminado pero que tiene problemas de seguridad conocidos. Todos los usuarios de vantage6 que publican tareas con la serializaci\u00f3n predeterminada se ven afectados. La versi\u00f3n 4.0.0 contiene un parche. Los usuarios pueden especificar la serializaci\u00f3n JSON como workaround."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,22 +70,55 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vantage6:vantage6:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.0.2",
"matchCriteriaId": "2D0FAD5D-F686-426B-9539-38F6F036D97B"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/vantage6/vantage6/blob/0682c4288f43fee5bcc72dc448cdd99bd7e57f76/docs/release_notes.rst#400",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/vantage6/vantage6/commit/e62f03bacf2247bd59eed217e2e7338c3a01a5f0",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/vantage6/vantage6/security/advisories/GHSA-5m22-cfq9-86x6",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://medium.com/ochrona/python-pickle-is-notoriously-insecure-d6651f1974c9",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Permissions Required",
"Technical Description",
"Third Party Advisory"
]
}
]
}

55
CVE-2023/CVE-2023-329xx/CVE-2023-32970.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-32970",
"sourceIdentifier": "security@qnapsecurity.com.tw",
"published": "2023-10-13T20:15:09.830",
"lastModified": "2023-10-13T21:31:49.997",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to launch a denial-of-service (DoS) attack via a network.\nQES is not affected.\n\nWe have already fixed the vulnerability in the following versions:\nQuTS hero h5.0.1.2515 build 20230907 and later\nQuTS hero h5.1.0.2453 build 20230708 and later\nQuTS hero h4.5.4.2476 build 20230728 and later\nQuTScloud c5.1.0.2498 and later\nQTS 5.1.0.2444 build 20230629 and later\nQTS 4.5.4.2467 build 20230718 and later\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@qnapsecurity.com.tw",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security@qnapsecurity.com.tw",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"references": [
{
"url": "https://www.qnap.com/en/security-advisory/qsa-23-41",
"source": "security@qnapsecurity.com.tw"
}
]
}

59
CVE-2023/CVE-2023-329xx/CVE-2023-32973.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-32973",
"sourceIdentifier": "security@qnapsecurity.com.tw",
"published": "2023-10-13T20:15:09.930",
"lastModified": "2023-10-13T21:31:49.997",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network.\n\nWe have already fixed the vulnerability in the following versions:\nQTS 5.0.1.2425 build 20230609 and later\nQTS 5.1.0.2444 build 20230629 and later\nQTS 4.5.4.2467 build 20230718 and later\nQuTS hero h5.0.1.2515 build 20230907 and later\nQuTS hero h5.1.0.2424 build 20230609 and later\nQuTS hero h4.5.4.2476 build 20230728 and later\nQuTScloud c5.1.0.2498 and later\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@qnapsecurity.com.tw",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 3.8,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.2,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "security@qnapsecurity.com.tw",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-120"
},
{
"lang": "en",
"value": "CWE-121"
}
]
}
],
"references": [
{
"url": "https://www.qnap.com/en/security-advisory/qsa-23-41",
"source": "security@qnapsecurity.com.tw"
}
]
}

55
CVE-2023/CVE-2023-329xx/CVE-2023-32974.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-32974",
"sourceIdentifier": "security@qnapsecurity.com.tw",
"published": "2023-10-13T20:15:10.007",
"lastModified": "2023-10-13T21:31:49.997",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A path traversal vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to read the contents of unexpected files and expose sensitive data via a network.\n\nWe have already fixed the vulnerability in the following versions:\nQTS 5.1.0.2444 build 20230629 and later\nQuTS hero h5.1.0.2424 build 20230609 and later\nQuTScloud c5.1.0.2498 and later\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@qnapsecurity.com.tw",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security@qnapsecurity.com.tw",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"references": [
{
"url": "https://www.qnap.com/en/security-advisory/qsa-23-42",
"source": "security@qnapsecurity.com.tw"
}
]
}

55
CVE-2023/CVE-2023-329xx/CVE-2023-32976.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-32976",
"sourceIdentifier": "security@qnapsecurity.com.tw",
"published": "2023-10-13T20:15:10.077",
"lastModified": "2023-10-13T21:31:49.997",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An OS command injection vulnerability has been reported to affect Container Station. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network.\n\nWe have already fixed the vulnerability in the following version:\nContainer Station 2.6.7.44 and later\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@qnapsecurity.com.tw",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.7,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security@qnapsecurity.com.tw",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"references": [
{
"url": "https://www.qnap.com/en/security-advisory/qsa-23-44",
"source": "security@qnapsecurity.com.tw"
}
]
}

55
CVE-2023/CVE-2023-349xx/CVE-2023-34975.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-34975",
"sourceIdentifier": "security@qnapsecurity.com.tw",
"published": "2023-10-13T20:15:10.153",
"lastModified": "2023-10-13T21:31:49.997",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
"lang": "en",
"value": "A SQL injection vulnerability has been reported to affect Video Station. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network.\n\nWe have already fixed the vulnerability in the following version:\nVideo Station 5.7.0 ( 2023/07/27 ) and later\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@qnapsecurity.com.tw",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.4,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.1,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "security@qnapsecurity.com.tw",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://www.qnap.com/en/security-advisory/qsa-23-52",
"source": "security@qnapsecurity.com.tw"
}
]
}

55
CVE-2023/CVE-2023-349xx/CVE-2023-34976.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-34976",
"sourceIdentifier": "security@qnapsecurity.com.tw",
"published": "2023-10-13T20:15:10.230",
"lastModified": "2023-10-13T21:31:49.997",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
"lang": "en",
"value": "A SQL injection vulnerability has been reported to affect Video Station. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network.\n\nWe have already fixed the vulnerability in the following version:\nVideo Station 5.7.0 ( 2023/07/27 ) and later\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@qnapsecurity.com.tw",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security@qnapsecurity.com.tw",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://www.qnap.com/en/security-advisory/qsa-23-52",
"source": "security@qnapsecurity.com.tw"
}
]
}

55
CVE-2023/CVE-2023-349xx/CVE-2023-34977.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-34977",
"sourceIdentifier": "security@qnapsecurity.com.tw",
"published": "2023-10-13T20:15:10.300",
"lastModified": "2023-10-13T21:31:49.997",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
"lang": "en",
"value": "A cross-site scripting (XSS) vulnerability has been reported to affect Video Station. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network.\n\nWe have already fixed the vulnerability in the following version:\nVideo Station 5.7.0 ( 2023/07/27 ) and later\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@qnapsecurity.com.tw",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.1,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "security@qnapsecurity.com.tw",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://www.qnap.com/en/security-advisory/qsa-23-52",
"source": "security@qnapsecurity.com.tw"
}
]
}

71
CVE-2023/CVE-2023-356xx/CVE-2023-35645.json
View File

@ -2,19 +2,82 @@
"id": "CVE-2023-35645",
"sourceIdentifier": "security@android.com",
"published": "2023-10-11T19:15:10.123",
"lastModified": "2023-10-11T21:04:52.423",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-13T21:31:03.827",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In tbd of tbd, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.\n\n"
},
{
"lang": "es",
"value": "En tbd, existe una posible corrupci\u00f3n de la memoria debido a una condici\u00f3n de ejecuci\u00f3n. Esto podr\u00eda conducir a una escalada local de privilegios con permisos de ejecuci\u00f3n de System necesarios. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.5,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-362"
},
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://source.android.com/security/bulletin/pixel/2023-10-01",
"source": "security@android.com"
"source": "security@android.com",
"tags": [
"Vendor Advisory"
]
}
]
}

6
CVE-2023/CVE-2023-364xx/CVE-2023-36417.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-36417",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:12.190",
"lastModified": "2023-10-13T18:02:25.873",
"vulnStatus": "Analyzed",
"lastModified": "2023-10-13T21:15:51.493",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Microsoft SQL ODBC Driver Remote Code Execution Vulnerability"
"value": "Microsoft SQL OLE DB Remote Code Execution Vulnerability"
},
{
"lang": "es",

43
CVE-2023/CVE-2023-365xx/CVE-2023-36559.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-36559",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-13T21:15:51.583",
"lastModified": "2023-10-13T21:31:49.997",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Edge (Chromium-based) Spoofing Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.2,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.6,
"impactScore": 2.5
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36559",
"source": "secure@microsoft.com"
}
]
}

85
CVE-2023/CVE-2023-367xx/CVE-2023-36707.json
View File

@ -2,19 +2,43 @@
"id": "CVE-2023-36707",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:15.667",
"lastModified": "2023-10-10T18:21:04.527",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-13T20:35:11.517",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Windows Deployment Services Denial of Service Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de denegaci\u00f3n de servicio en Windows Deployment Services"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "secure@microsoft.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
@ -34,10 +58,63 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36707",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

95
CVE-2023/CVE-2023-367xx/CVE-2023-36709.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-36709",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:15.733",
"lastModified": "2023-10-10T18:21:04.527",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-13T20:41:23.050",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Microsoft AllJoyn API Denial of Service Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de denegaci\u00f3n de servicio en Microsoft AllJoyn API"
}
],
"metrics": {
@ -34,10 +38,95 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.10240.20232",
"matchCriteriaId": "B344BCCF-1083-4E59-81CB-9431AE5FB79F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.10240.20232",
"matchCriteriaId": "7B7A6BBD-847F-492D-8C7F-F262E03F9CA3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.4974",
"matchCriteriaId": "E500D59C-6597-45E9-A57B-BE26C0C231D3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19041.3570",
"matchCriteriaId": "80F408E5-E550-44B4-88E3-BE11359C07CD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19045.3570",
"matchCriteriaId": "1814619C-ED07-49E0-A50A-E28D824D43BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22000.2538",
"matchCriteriaId": "100A27D3-87B0-4E72-83F6-7605E3F35E63"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22621.2428",
"matchCriteriaId": "C6A36795-0238-45C9-ABE6-3DCCF751915B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36709",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

122
CVE-2023/CVE-2023-367xx/CVE-2023-36710.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-36710",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:15.797",
"lastModified": "2023-10-10T18:21:04.527",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-13T20:27:37.000",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Windows Media Foundation Core Remote Code Execution Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo en Windows Media Foundation Core"
}
],
"metrics": {
@ -34,10 +38,122 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.10240.20232",
"matchCriteriaId": "B344BCCF-1083-4E59-81CB-9431AE5FB79F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.10240.20232",
"matchCriteriaId": "7B7A6BBD-847F-492D-8C7F-F262E03F9CA3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.14393.6351",
"matchCriteriaId": "4CD49C41-6D90-47D3-AB4F-4A74169D3A8F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.14393.6351",
"matchCriteriaId": "BAEFEE13-9CD7-46A2-8AF6-0A33C79C05F1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.4974",
"matchCriteriaId": "E500D59C-6597-45E9-A57B-BE26C0C231D3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19041.3570",
"matchCriteriaId": "80F408E5-E550-44B4-88E3-BE11359C07CD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19045.3570",
"matchCriteriaId": "1814619C-ED07-49E0-A50A-E28D824D43BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22000.2538",
"matchCriteriaId": "100A27D3-87B0-4E72-83F6-7605E3F35E63"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22621.2428",
"matchCriteriaId": "C6A36795-0238-45C9-ABE6-3DCCF751915B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36710",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

117
CVE-2023/CVE-2023-367xx/CVE-2023-36711.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-36711",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:16.243",
"lastModified": "2023-10-10T18:21:04.527",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-13T20:23:44.690",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Windows Runtime C++ Template Library Elevation of Privilege Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de elevaci\u00f3n de privilegios en la librer\u00eda de plantillas de Windows Runtime C++"
}
],
"metrics": {
@ -34,10 +38,117 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.10240.20232",
"matchCriteriaId": "B344BCCF-1083-4E59-81CB-9431AE5FB79F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.10240.20232",
"matchCriteriaId": "7B7A6BBD-847F-492D-8C7F-F262E03F9CA3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.14393.6351",
"matchCriteriaId": "4CD49C41-6D90-47D3-AB4F-4A74169D3A8F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.14393.6351",
"matchCriteriaId": "BAEFEE13-9CD7-46A2-8AF6-0A33C79C05F1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.4974",
"matchCriteriaId": "E500D59C-6597-45E9-A57B-BE26C0C231D3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19041.3570",
"matchCriteriaId": "80F408E5-E550-44B4-88E3-BE11359C07CD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19045.3570",
"matchCriteriaId": "1814619C-ED07-49E0-A50A-E28D824D43BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22000.2538",
"matchCriteriaId": "100A27D3-87B0-4E72-83F6-7605E3F35E63"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22621.2428",
"matchCriteriaId": "C6A36795-0238-45C9-ABE6-3DCCF751915B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36711",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

127
CVE-2023/CVE-2023-367xx/CVE-2023-36712.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-36712",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:16.307",
"lastModified": "2023-10-10T18:21:04.527",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-13T20:26:36.080",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Windows Kernel Elevation of Privilege Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de elevaci\u00f3n de privilegios del kernel de Windows"
}
],
"metrics": {
@ -34,10 +38,127 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.10240.20232",
"matchCriteriaId": "B344BCCF-1083-4E59-81CB-9431AE5FB79F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.10240.20232",
"matchCriteriaId": "7B7A6BBD-847F-492D-8C7F-F262E03F9CA3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.14393.6351",
"matchCriteriaId": "4CD49C41-6D90-47D3-AB4F-4A74169D3A8F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.14393.6351",
"matchCriteriaId": "BAEFEE13-9CD7-46A2-8AF6-0A33C79C05F1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.4974",
"matchCriteriaId": "E500D59C-6597-45E9-A57B-BE26C0C231D3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19041.3570",
"matchCriteriaId": "80F408E5-E550-44B4-88E3-BE11359C07CD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19045.3570",
"matchCriteriaId": "1814619C-ED07-49E0-A50A-E28D824D43BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22000.2538",
"matchCriteriaId": "100A27D3-87B0-4E72-83F6-7605E3F35E63"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22621.2428",
"matchCriteriaId": "C6A36795-0238-45C9-ABE6-3DCCF751915B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp2:*:*:*:*:x64:*",
"matchCriteriaId": "2B96C1AE-05F1-4178-93A3-9B2BA59ACA74"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp2:*:*:*:*:x86:*",
"matchCriteriaId": "89DF25F2-4319-4043-AAB6-6E231EB80353"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36712",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

127
CVE-2023/CVE-2023-367xx/CVE-2023-36713.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-36713",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:16.370",
"lastModified": "2023-10-10T18:21:04.527",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-13T20:19:00.440",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Windows Common Log File System Driver Information Disclosure Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n en Windows Common Log File System Driver "
}
],
"metrics": {
@ -34,10 +38,127 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.10240.20232",
"matchCriteriaId": "B344BCCF-1083-4E59-81CB-9431AE5FB79F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.10240.20232",
"matchCriteriaId": "7B7A6BBD-847F-492D-8C7F-F262E03F9CA3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.14393.6351",
"matchCriteriaId": "4CD49C41-6D90-47D3-AB4F-4A74169D3A8F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.14393.6351",
"matchCriteriaId": "BAEFEE13-9CD7-46A2-8AF6-0A33C79C05F1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.4974",
"matchCriteriaId": "E500D59C-6597-45E9-A57B-BE26C0C231D3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19041.3570",
"matchCriteriaId": "80F408E5-E550-44B4-88E3-BE11359C07CD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19045.3570",
"matchCriteriaId": "1814619C-ED07-49E0-A50A-E28D824D43BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22000.2538",
"matchCriteriaId": "100A27D3-87B0-4E72-83F6-7605E3F35E63"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22621.2428",
"matchCriteriaId": "C6A36795-0238-45C9-ABE6-3DCCF751915B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp2:*:*:*:*:x64:*",
"matchCriteriaId": "2B96C1AE-05F1-4178-93A3-9B2BA59ACA74"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp2:*:*:*:*:x86:*",
"matchCriteriaId": "89DF25F2-4319-4043-AAB6-6E231EB80353"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36713",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

95
CVE-2023/CVE-2023-367xx/CVE-2023-36717.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-36717",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:16.433",
"lastModified": "2023-10-10T18:21:04.527",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-13T20:19:18.547",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Windows Virtual Trusted Platform Module Denial of Service Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de denegaci\u00f3n de servicio en Windows Virtual Trusted Platform Module "
}
],
"metrics": {
@ -34,10 +38,95 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.10240.20232",
"matchCriteriaId": "B344BCCF-1083-4E59-81CB-9431AE5FB79F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.14393.6351",
"matchCriteriaId": "4CD49C41-6D90-47D3-AB4F-4A74169D3A8F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.17763.4974",
"matchCriteriaId": "15F303BE-3B6E-4B91-99A8-3D0135040C0F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.19041.3570",
"matchCriteriaId": "9F6EE74C-3C21-4927-9677-D4C49467634C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.19045.3570",
"matchCriteriaId": "0B3FBE8F-626A-4DF6-8BD3-2D8F6BF27A06"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22000.2538",
"matchCriteriaId": "100A27D3-87B0-4E72-83F6-7605E3F35E63"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22621.2428",
"matchCriteriaId": "C6A36795-0238-45C9-ABE6-3DCCF751915B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36717",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

95
CVE-2023/CVE-2023-367xx/CVE-2023-36718.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-36718",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:16.493",
"lastModified": "2023-10-10T18:21:04.527",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-13T20:19:38.180",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Virtual Trusted Platform Module Remote Code Execution Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo en Microsoft Virtual Trusted Platform Module"
}
],
"metrics": {
@ -34,10 +38,95 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.10240.20232",
"matchCriteriaId": "B344BCCF-1083-4E59-81CB-9431AE5FB79F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.14393.6351",
"matchCriteriaId": "4CD49C41-6D90-47D3-AB4F-4A74169D3A8F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.17763.4974",
"matchCriteriaId": "15F303BE-3B6E-4B91-99A8-3D0135040C0F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.19041.3570",
"matchCriteriaId": "9F6EE74C-3C21-4927-9677-D4C49467634C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.19045.3570",
"matchCriteriaId": "0B3FBE8F-626A-4DF6-8BD3-2D8F6BF27A06"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22000.2538",
"matchCriteriaId": "100A27D3-87B0-4E72-83F6-7605E3F35E63"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22621.2428",
"matchCriteriaId": "C6A36795-0238-45C9-ABE6-3DCCF751915B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36718",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

95
CVE-2023/CVE-2023-367xx/CVE-2023-36720.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-36720",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:16.557",
"lastModified": "2023-10-10T18:21:04.527",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-13T20:07:04.670",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Windows Mixed Reality Developer Tools Denial of Service Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de denegaci\u00f3n de servicio en Windows Mixed Reality Developer Tools"
}
],
"metrics": {
@ -34,10 +38,95 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.14393.6351",
"matchCriteriaId": "4CD49C41-6D90-47D3-AB4F-4A74169D3A8F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.14393.6351",
"matchCriteriaId": "BAEFEE13-9CD7-46A2-8AF6-0A33C79C05F1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.4974",
"matchCriteriaId": "E500D59C-6597-45E9-A57B-BE26C0C231D3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19041.3570",
"matchCriteriaId": "80F408E5-E550-44B4-88E3-BE11359C07CD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19045.3570",
"matchCriteriaId": "1814619C-ED07-49E0-A50A-E28D824D43BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22000.2538",
"matchCriteriaId": "100A27D3-87B0-4E72-83F6-7605E3F35E63"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22621.2428",
"matchCriteriaId": "C6A36795-0238-45C9-ABE6-3DCCF751915B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36720",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

78
CVE-2023/CVE-2023-367xx/CVE-2023-36721.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-36721",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:16.620",
"lastModified": "2023-10-10T18:20:58.777",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-13T20:07:31.163",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Windows Error Reporting Service Elevation of Privilege Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de elevaci\u00f3n de privilegios en Windows Error Reporting Service"
}
],
"metrics": {
@ -34,10 +38,78 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.4974",
"matchCriteriaId": "E500D59C-6597-45E9-A57B-BE26C0C231D3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19041.3570",
"matchCriteriaId": "80F408E5-E550-44B4-88E3-BE11359C07CD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19045.3570",
"matchCriteriaId": "1814619C-ED07-49E0-A50A-E28D824D43BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22000.2538",
"matchCriteriaId": "100A27D3-87B0-4E72-83F6-7605E3F35E63"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22621.2428",
"matchCriteriaId": "C6A36795-0238-45C9-ABE6-3DCCF751915B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36721",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

127
CVE-2023/CVE-2023-367xx/CVE-2023-36722.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-36722",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:16.680",
"lastModified": "2023-10-10T18:20:58.777",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-13T20:07:43.723",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Active Directory Domain Services Information Disclosure Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n en Active Directory Domain Services "
}
],
"metrics": {
@ -34,10 +38,127 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.10240.20232",
"matchCriteriaId": "B344BCCF-1083-4E59-81CB-9431AE5FB79F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.10240.20232",
"matchCriteriaId": "7B7A6BBD-847F-492D-8C7F-F262E03F9CA3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.14393.6351",
"matchCriteriaId": "4CD49C41-6D90-47D3-AB4F-4A74169D3A8F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.14393.6351",
"matchCriteriaId": "BAEFEE13-9CD7-46A2-8AF6-0A33C79C05F1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.4974",
"matchCriteriaId": "E500D59C-6597-45E9-A57B-BE26C0C231D3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19041.3570",
"matchCriteriaId": "80F408E5-E550-44B4-88E3-BE11359C07CD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19045.3570",
"matchCriteriaId": "1814619C-ED07-49E0-A50A-E28D824D43BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22000.2538",
"matchCriteriaId": "100A27D3-87B0-4E72-83F6-7605E3F35E63"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22621.2428",
"matchCriteriaId": "C6A36795-0238-45C9-ABE6-3DCCF751915B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp2:*:*:*:*:*:*",
"matchCriteriaId": "DF11918C-FE48-4778-AB51-62159779D96B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36722",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

78
CVE-2023/CVE-2023-367xx/CVE-2023-36723.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-36723",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:16.743",
"lastModified": "2023-10-10T18:20:58.777",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-13T20:08:08.063",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Windows Container Manager Service Elevation of Privilege Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de elevaci\u00f3n de privilegios en Windows Container Manager Service"
}
],
"metrics": {
@ -34,10 +38,78 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.4974",
"matchCriteriaId": "E500D59C-6597-45E9-A57B-BE26C0C231D3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19041.3570",
"matchCriteriaId": "80F408E5-E550-44B4-88E3-BE11359C07CD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19045.3570",
"matchCriteriaId": "1814619C-ED07-49E0-A50A-E28D824D43BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22000.2538",
"matchCriteriaId": "100A27D3-87B0-4E72-83F6-7605E3F35E63"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22621.2428",
"matchCriteriaId": "C6A36795-0238-45C9-ABE6-3DCCF751915B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36723",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-406xx/CVE-2023-40682.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-40682",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-10-13T16:15:11.487",
"lastModified": "2023-10-13T16:15:11.487",
"vulnStatus": "Received",
"lastModified": "2023-10-13T21:31:49.997",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

59
CVE-2023/CVE-2023-42xx/CVE-2023-4263.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-4263",
"sourceIdentifier": "vulnerabilities@zephyrproject.org",
"published": "2023-10-13T21:15:51.777",
"lastModified": "2023-10-13T21:31:49.997",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Potential buffer overflow vulnerability in the Zephyr IEEE 802.15.4 nRF 15.4 driver"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "vulnerabilities@zephyrproject.org",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "HIGH",
"baseScore": 7.6,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 4.7
}
]
},
"weaknesses": [
{
"source": "vulnerabilities@zephyrproject.org",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-120"
},
{
"lang": "en",
"value": "CWE-121"
}
]
}
],
"references": [
{
"url": "https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-rf6q-rhhp-pqhf",
"source": "vulnerabilities@zephyrproject.org"
}
]
}

87
CVE-2023/CVE-2023-439xx/CVE-2023-43960.json
View File

@ -2,23 +2,100 @@
"id": "CVE-2023-43960",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-11T18:15:10.137",
"lastModified": "2023-10-11T21:04:52.423",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-13T21:28:50.987",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue in DLINK DPH-400SE FRU 2.2.15.8 allows a remote attacker to escalate privileges via the User Modify function in the Maintenance/Access function component."
},
{
"lang": "es",
"value": "Un problema en DLINK DPH-400SE FRU 2.2.15.8 permite a un atacante remoto escalar privilegios a trav\u00e9s de la funci\u00f3n User Modify en el componente de funci\u00f3n Maintenance/Access."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-269"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dlink:dph-400se_firmware:2.2.15.8:*:*:*:*:*:*:*",
"matchCriteriaId": "CD6772EB-86AD-45EE-9CC5-1E62618C6C6F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dlink:dph-400se:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49439D1C-6BC2-43CB-9716-F04552545CFF"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://hackmd.io/@tahaafarooq/dlink-dph-400se-cwe-200",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://www.exploit-db.com/exploits/51709",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
}
]
}

125
CVE-2023/CVE-2023-441xx/CVE-2023-44105.json
View File

@ -2,16 +2,53 @@
"id": "CVE-2023-44105",
"sourceIdentifier": "psirt@huawei.com",
"published": "2023-10-11T13:15:09.820",
"lastModified": "2023-10-11T14:23:06.207",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-13T20:05:12.087",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability of permissions not being strictly verified in the window management module.Successful exploitation of this vulnerability may cause features to perform abnormally."
},
{
"lang": "es",
"value": "Vulnerabilidad de que los permisos no se verifican estrictamente en el m\u00f3dulo window management. La explotaci\u00f3n exitosa de esta vulnerabilidad puede causar que las funciones funcionen de manera anormal."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-269"
}
]
},
{
"source": "psirt@huawei.com",
"type": "Secondary",
@ -23,14 +60,92 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "20112231-B840-44D3-A061-B9B9F80EE378"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "64118936-E2A5-4935-8594-29DF29B5475A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C01447F1-7F58-4AE3-B403-C01B2575D898"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CB3751C1-7729-41D3-AE50-80B5AF601135"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4D81C4EF-7CAF-4E60-91A4-8CF7B95B2B54"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8198CDB2-4BC5-411A-8736-615A531FC545"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:emui:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "511F8CE2-C2B6-4A08-B992-49D9B75B8655"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:emui:12.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A974CA73-84E8-480B-BB4C-4A81D0C985B2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:emui:12.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF07E7F-3A18-4B74-B73D-DF3647C2A48F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:emui:13.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "353AEAF2-AF46-4835-93E1-4F942D5E2810"
}
]
}
]
}
],
"references": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2023/10/",
"source": "psirt@huawei.com"
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202310-0000001663676540",
"source": "psirt@huawei.com"
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
]
}
]
}

95
CVE-2023/CVE-2023-441xx/CVE-2023-44114.json
View File

@ -2,16 +2,53 @@
"id": "CVE-2023-44114",
"sourceIdentifier": "psirt@huawei.com",
"published": "2023-10-11T13:15:10.097",
"lastModified": "2023-10-11T14:23:06.207",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-13T20:31:20.313",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Out-of-bounds array vulnerability in the dataipa module.Successful exploitation of this vulnerability may affect service confidentiality."
},
{
"lang": "es",
"value": "Vulnerabilidad de matriz fuera de los l\u00edmites en el m\u00f3dulo dataipa. La explotaci\u00f3n exitosa de esta vulnerabilidad puede afectar la confidencialidad del servicio."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
},
{
"source": "psirt@huawei.com",
"type": "Secondary",
@ -23,14 +60,62 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CB3751C1-7729-41D3-AE50-80B5AF601135"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:3.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4D81C4EF-7CAF-4E60-91A4-8CF7B95B2B54"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:harmonyos:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8198CDB2-4BC5-411A-8736-615A531FC545"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:huawei:emui:13.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "353AEAF2-AF46-4835-93E1-4F942D5E2810"
}
]
}
]
}
],
"references": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2023/10/",
"source": "psirt@huawei.com"
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202310-0000001663676540",
"source": "psirt@huawei.com"
"source": "psirt@huawei.com",
"tags": [
"Vendor Advisory"
]
}
]
}

8
CVE-2023/CVE-2023-444xx/CVE-2023-44487.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-44487",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-10T14:15:10.883",
"lastModified": "2023-10-13T19:32:37.727",
"vulnStatus": "Analyzed",
"lastModified": "2023-10-13T21:15:51.670",
"vulnStatus": "Modified",
"cisaExploitAdd": "2023-10-10",
"cisaActionDue": "2023-10-31",
"cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
@ -80,6 +80,10 @@
"Third Party Advisory"
]
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/10/13/9",
"source": "cve@mitre.org"
},
{
"url": "https://access.redhat.com/security/cve/cve-2023-44487",
"source": "cve@mitre.org",

4
CVE-2023/CVE-2023-44xx/CVE-2023-4499.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4499",
"sourceIdentifier": "hp-security-alert@hp.com",
"published": "2023-10-13T17:15:09.653",
"lastModified": "2023-10-13T17:15:09.653",
"vulnStatus": "Received",
"lastModified": "2023-10-13T21:31:49.997",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-452xx/CVE-2023-45269.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-45269",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-10-13T16:15:12.853",
"lastModified": "2023-10-13T16:15:12.853",
"vulnStatus": "Received",
"lastModified": "2023-10-13T21:31:49.997",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-452xx/CVE-2023-45270.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-45270",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-10-13T16:15:12.997",
"lastModified": "2023-10-13T16:15:12.997",
"vulnStatus": "Received",
"lastModified": "2023-10-13T21:31:49.997",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-452xx/CVE-2023-45276.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-45276",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-10-13T16:15:13.123",
"lastModified": "2023-10-13T16:15:13.123",
"vulnStatus": "Received",
"lastModified": "2023-10-13T21:31:49.997",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-54xx/CVE-2023-5409.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-5409",
"sourceIdentifier": "hp-security-alert@hp.com",
"published": "2023-10-13T17:15:09.713",
"lastModified": "2023-10-13T17:15:09.713",
"vulnStatus": "Received",
"lastModified": "2023-10-13T21:31:49.997",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-54xx/CVE-2023-5449.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-5449",
"sourceIdentifier": "hp-security-alert@hp.com",
"published": "2023-10-13T17:15:09.767",
"lastModified": "2023-10-13T17:15:09.767",
"vulnStatus": "Received",
"lastModified": "2023-10-13T21:31:49.997",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

77
CVE-2023/CVE-2023-54xx/CVE-2023-5489.json
View File

@ -2,15 +2,41 @@
"id": "CVE-2023-5489",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-10-10T15:15:10.850",
"lastModified": "2023-10-10T15:47:36.710",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-13T20:51:30.550",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical has been found in Beijing Baichuo Smart S45F Multi-Service Secure Gateway Intelligent Management Platform up to 20230928. This affects an unknown part of the file /Tool/uploadfile.php. The manipulation of the argument file_upload leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-241641 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "es",
"value": "Una vulnerabilidad ha sido encontrada en Beijing Baichuo Smart S45F Multi-Service Secure Gateway Intelligent Management Platform hasta 20230928 y clasificada como cr\u00edtica. Una parte desconocida del archivo /Tool/uploadfile.php es afectada por esta vulnerabilidad. La manipulaci\u00f3n del argumento file_upload conduce a una carga sin restricciones. Es posible iniciar el ataque de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. A esta vulnerabilidad se le asign\u00f3 el identificador VDB-241641. NOTA: Se contact\u00f3 primeramente con el proveedor sobre esta divulgaci\u00f3n, pero no respondi\u00f3 de ninguna manera."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,18 +97,59 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:byzoro:smart_s45f_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "20230928",
"matchCriteriaId": "92BFABCF-7517-438D-92F1-4F21699BBB7E"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:byzoro:smart_s45f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0BDA1A96-1CB9-48C6-805E-514CE4FEC9E3"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/llixixi/cve/blob/main/s45_upload_%20uploadfile.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.241641",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.241641",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

77
CVE-2023/CVE-2023-54xx/CVE-2023-5490.json
View File

@ -2,15 +2,41 @@
"id": "CVE-2023-5490",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-10-10T15:15:10.927",
"lastModified": "2023-10-10T15:47:36.710",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-13T20:52:55.227",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical was found in Beijing Baichuo Smart S45F Multi-Service Secure Gateway Intelligent Management Platform up to 20230928. This vulnerability affects unknown code of the file /useratte/userattestation.php. The manipulation of the argument web_img leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-241642 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "es",
"value": "Una vulnerabilidad fue encontrada en Beijing Baichuo Smart S45F Multi-Service Secure Gateway Intelligent Management Platform hasta 20230928 y clasificada como cr\u00edtica. Esta vulnerabilidad afecta a un c\u00f3digo desconocido del archivo /useratte/userattestation.php. La manipulaci\u00f3n del argumento web_img conduce a una carga sin restricciones. El ataque se puede iniciar de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. VDB-241642 es el identificador asignado a esta vulnerabilidad. NOTA: Se contact\u00f3 primeramente con el proveedor sobre esta divulgaci\u00f3n, pero no respondi\u00f3 de ninguna manera."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,18 +97,59 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:byzoro:smart_s45f_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "20230928",
"matchCriteriaId": "92BFABCF-7517-438D-92F1-4F21699BBB7E"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:byzoro:smart_s45f:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0BDA1A96-1CB9-48C6-805E-514CE4FEC9E3"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/llixixi/cve/blob/main/s45_upload_%20userattestation.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.241642",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.241642",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

69
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-10-13T20:00:24.095064+00:00
2023-10-13T22:00:24.253629+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-10-13T19:58:57.183000+00:00
2023-10-13T21:31:49.997000+00:00
```
### Last Data Feed Release
@ -29,44 +29,53 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
227773
227782
```
### CVEs added in the last Commit
Recently added CVEs: `0`
Recently added CVEs: `9`
* [CVE-2023-32970](CVE-2023/CVE-2023-329xx/CVE-2023-32970.json) (`2023-10-13T20:15:09.830`)
* [CVE-2023-32973](CVE-2023/CVE-2023-329xx/CVE-2023-32973.json) (`2023-10-13T20:15:09.930`)
* [CVE-2023-32974](CVE-2023/CVE-2023-329xx/CVE-2023-32974.json) (`2023-10-13T20:15:10.007`)
* [CVE-2023-32976](CVE-2023/CVE-2023-329xx/CVE-2023-32976.json) (`2023-10-13T20:15:10.077`)
* [CVE-2023-34975](CVE-2023/CVE-2023-349xx/CVE-2023-34975.json) (`2023-10-13T20:15:10.153`)
* [CVE-2023-34976](CVE-2023/CVE-2023-349xx/CVE-2023-34976.json) (`2023-10-13T20:15:10.230`)
* [CVE-2023-34977](CVE-2023/CVE-2023-349xx/CVE-2023-34977.json) (`2023-10-13T20:15:10.300`)
* [CVE-2023-36559](CVE-2023/CVE-2023-365xx/CVE-2023-36559.json) (`2023-10-13T21:15:51.583`)
* [CVE-2023-4263](CVE-2023/CVE-2023-42xx/CVE-2023-4263.json) (`2023-10-13T21:15:51.777`)
### CVEs modified in the last Commit
Recently modified CVEs: `57`
Recently modified CVEs: `29`
* [CVE-2023-39854](CVE-2023/CVE-2023-398xx/CVE-2023-39854.json) (`2023-10-13T19:01:50.667`)
* [CVE-2023-36584](CVE-2023/CVE-2023-365xx/CVE-2023-36584.json) (`2023-10-13T19:07:41.083`)
* [CVE-2023-35652](CVE-2023/CVE-2023-356xx/CVE-2023-35652.json) (`2023-10-13T19:08:54.447`)
* [CVE-2023-36585](CVE-2023/CVE-2023-365xx/CVE-2023-36585.json) (`2023-10-13T19:09:26.133`)
* [CVE-2023-36581](CVE-2023/CVE-2023-365xx/CVE-2023-36581.json) (`2023-10-13T19:14:45.527`)
* [CVE-2023-36582](CVE-2023/CVE-2023-365xx/CVE-2023-36582.json) (`2023-10-13T19:16:24.573`)
* [CVE-2023-36589](CVE-2023/CVE-2023-365xx/CVE-2023-36589.json) (`2023-10-13T19:17:45.187`)
* [CVE-2023-36596](CVE-2023/CVE-2023-365xx/CVE-2023-36596.json) (`2023-10-13T19:22:20.200`)
* [CVE-2023-36605](CVE-2023/CVE-2023-366xx/CVE-2023-36605.json) (`2023-10-13T19:27:21.993`)
* [CVE-2023-36732](CVE-2023/CVE-2023-367xx/CVE-2023-36732.json) (`2023-10-13T19:28:13.070`)
* [CVE-2023-36603](CVE-2023/CVE-2023-366xx/CVE-2023-36603.json) (`2023-10-13T19:29:00.070`)
* [CVE-2023-36594](CVE-2023/CVE-2023-365xx/CVE-2023-36594.json) (`2023-10-13T19:31:02.297`)
* [CVE-2023-44487](CVE-2023/CVE-2023-444xx/CVE-2023-44487.json) (`2023-10-13T19:32:37.727`)
* [CVE-2023-36602](CVE-2023/CVE-2023-366xx/CVE-2023-36602.json) (`2023-10-13T19:35:00.647`)
* [CVE-2023-36728](CVE-2023/CVE-2023-367xx/CVE-2023-36728.json) (`2023-10-13T19:41:30.780`)
* [CVE-2023-36729](CVE-2023/CVE-2023-367xx/CVE-2023-36729.json) (`2023-10-13T19:41:41.020`)
* [CVE-2023-36730](CVE-2023/CVE-2023-367xx/CVE-2023-36730.json) (`2023-10-13T19:42:01.933`)
* [CVE-2023-36731](CVE-2023/CVE-2023-367xx/CVE-2023-36731.json) (`2023-10-13T19:42:54.560`)
* [CVE-2023-36590](CVE-2023/CVE-2023-365xx/CVE-2023-36590.json) (`2023-10-13T19:43:33.030`)
* [CVE-2023-36606](CVE-2023/CVE-2023-366xx/CVE-2023-36606.json) (`2023-10-13T19:52:35.470`)
* [CVE-2023-36724](CVE-2023/CVE-2023-367xx/CVE-2023-36724.json) (`2023-10-13T19:53:26.347`)
* [CVE-2023-36725](CVE-2023/CVE-2023-367xx/CVE-2023-36725.json) (`2023-10-13T19:53:42.393`)
* [CVE-2023-36598](CVE-2023/CVE-2023-365xx/CVE-2023-36598.json) (`2023-10-13T19:56:30.370`)
* [CVE-2023-36593](CVE-2023/CVE-2023-365xx/CVE-2023-36593.json) (`2023-10-13T19:58:44.980`)
* [CVE-2023-36726](CVE-2023/CVE-2023-367xx/CVE-2023-36726.json) (`2023-10-13T19:58:57.183`)
* [CVE-2023-36722](CVE-2023/CVE-2023-367xx/CVE-2023-36722.json) (`2023-10-13T20:07:43.723`)
* [CVE-2023-36723](CVE-2023/CVE-2023-367xx/CVE-2023-36723.json) (`2023-10-13T20:08:08.063`)
* [CVE-2023-36713](CVE-2023/CVE-2023-367xx/CVE-2023-36713.json) (`2023-10-13T20:19:00.440`)
* [CVE-2023-36717](CVE-2023/CVE-2023-367xx/CVE-2023-36717.json) (`2023-10-13T20:19:18.547`)
* [CVE-2023-36718](CVE-2023/CVE-2023-367xx/CVE-2023-36718.json) (`2023-10-13T20:19:38.180`)
* [CVE-2023-36711](CVE-2023/CVE-2023-367xx/CVE-2023-36711.json) (`2023-10-13T20:23:44.690`)
* [CVE-2023-36712](CVE-2023/CVE-2023-367xx/CVE-2023-36712.json) (`2023-10-13T20:26:36.080`)
* [CVE-2023-36710](CVE-2023/CVE-2023-367xx/CVE-2023-36710.json) (`2023-10-13T20:27:37.000`)
* [CVE-2023-44114](CVE-2023/CVE-2023-441xx/CVE-2023-44114.json) (`2023-10-13T20:31:20.313`)
* [CVE-2023-36707](CVE-2023/CVE-2023-367xx/CVE-2023-36707.json) (`2023-10-13T20:35:11.517`)
* [CVE-2023-36709](CVE-2023/CVE-2023-367xx/CVE-2023-36709.json) (`2023-10-13T20:41:23.050`)
* [CVE-2023-5489](CVE-2023/CVE-2023-54xx/CVE-2023-5489.json) (`2023-10-13T20:51:30.550`)
* [CVE-2023-5490](CVE-2023/CVE-2023-54xx/CVE-2023-5490.json) (`2023-10-13T20:52:55.227`)
* [CVE-2023-36417](CVE-2023/CVE-2023-364xx/CVE-2023-36417.json) (`2023-10-13T21:15:51.493`)
* [CVE-2023-44487](CVE-2023/CVE-2023-444xx/CVE-2023-44487.json) (`2023-10-13T21:15:51.670`)
* [CVE-2023-23930](CVE-2023/CVE-2023-239xx/CVE-2023-23930.json) (`2023-10-13T21:27:29.790`)
* [CVE-2023-43960](CVE-2023/CVE-2023-439xx/CVE-2023-43960.json) (`2023-10-13T21:28:50.987`)
* [CVE-2023-35645](CVE-2023/CVE-2023-356xx/CVE-2023-35645.json) (`2023-10-13T21:31:03.827`)
* [CVE-2023-40682](CVE-2023/CVE-2023-406xx/CVE-2023-40682.json) (`2023-10-13T21:31:49.997`)
* [CVE-2023-45269](CVE-2023/CVE-2023-452xx/CVE-2023-45269.json) (`2023-10-13T21:31:49.997`)
* [CVE-2023-45270](CVE-2023/CVE-2023-452xx/CVE-2023-45270.json) (`2023-10-13T21:31:49.997`)
* [CVE-2023-45276](CVE-2023/CVE-2023-452xx/CVE-2023-45276.json) (`2023-10-13T21:31:49.997`)
* [CVE-2023-4499](CVE-2023/CVE-2023-44xx/CVE-2023-4499.json) (`2023-10-13T21:31:49.997`)
* [CVE-2023-5409](CVE-2023/CVE-2023-54xx/CVE-2023-5409.json) (`2023-10-13T21:31:49.997`)
* [CVE-2023-5449](CVE-2023/CVE-2023-54xx/CVE-2023-5449.json) (`2023-10-13T21:31:49.997`)
## Download and Usage