admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-08 03:27:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-05-08T18:00:25.673730+00:00

Browse Source
This commit is contained in:
René Helmke 2023-05-08 20:00:28 +02:00
parent b7ba42f7fe
commit 656e762198
69 changed files with 7487 additions and 326 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

58
CVE-2014/CVE-2014-1251xx/CVE-2014-125100.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2014-125100",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-05-02T02:15:27.423",
"lastModified": "2023-05-02T12:56:18.213",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-08T17:18:52.400",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,18 +93,44 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bestwebsoft:job_board:1.0.0:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "F0D65044-F8BB-4D31-9938-C5C5BA97CAFE"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/wp-plugins/job-board/commit/dbb71deee071422ce3e663fbcdce3ad24886f940",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Patch"
]
},
{
"url": "https://vuldb.com/?ctiid.227764",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://vuldb.com/?id.227764",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required"
]
}
]
}

66
CVE-2022/CVE-2022-36xx/CVE-2022-3643.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-3643",
"sourceIdentifier": "security@xen.org",
"published": "2022-12-07T01:15:11.207",
"lastModified": "2023-01-10T19:41:44.453",
"lastModified": "2023-05-08T17:34:33.167",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -17,20 +17,20 @@
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 10.0,
"baseSeverity": "CRITICAL"
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 6.0
"exploitabilityScore": 2.0,
"impactScore": 4.0
}
]
},
@ -58,8 +58,50 @@
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.19",
"versionEndExcluding": "4.14",
"matchCriteriaId": "680F9B4D-2435-4324-9A2C-F7CA0ACF6F24"
"versionEndExcluding": "4.9.336",
"matchCriteriaId": "29BF4771-EF94-4681-A778-F55F6FB556F9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.10",
"versionEndExcluding": "4.14.302",
"matchCriteriaId": "FB3E1F82-01A3-456E-9C83-D567B9A75815"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.15",
"versionEndExcluding": "4.19.269",
"matchCriteriaId": "1185B8E3-712E-4BFB-BD01-78D47F7EF1F2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.227",
"matchCriteriaId": "8C752145-904B-474A-A7F2-E9F29353B0FE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.159",
"matchCriteriaId": "7318B597-DFFD-4BBC-A947-539D6E30D82A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.83",
"matchCriteriaId": "90897BD1-104D-4CFF-94F5-29F9041217FB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.0.13",
"matchCriteriaId": "389392A7-81C4-4C26-884B-8C7CF0F53DA4"
}
]
},

78
CVE-2022/CVE-2022-417xx/CVE-2022-41736.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-41736",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-04-29T03:15:07.580",
"lastModified": "2023-05-01T10:39:42.517",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-08T16:48:12.287",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
@ -34,14 +54,64 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:spectrum_scale_container_native_storage_access:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.1.2.1",
"versionEndExcluding": "5.1.7.0",
"matchCriteriaId": "3283A677-6CC1-4886-A063-B0910CDAEBF8"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
}
]
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/237810",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
]
},
{
"url": "https://www.ibm.com/support/pages/node/6964564",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
]
}
]
}

52
CVE-2022/CVE-2022-438xx/CVE-2022-43871.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-43871",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-04-29T03:15:07.953",
"lastModified": "2023-05-01T10:39:42.517",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-08T16:47:20.913",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
@ -46,14 +66,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:financial_transaction_manager_for_multiplatform:3.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A55B1671-BB37-4F6D-9A53-118622E924FD"
}
]
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/239707",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
]
},
{
"url": "https://www.ibm.com/support/pages/node/6857799",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
]
}
]
}

4
CVE-2022/CVE-2022-450xx/CVE-2022-45065.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-45065",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-08T15:15:09.580",
"lastModified": "2023-05-08T15:15:09.580",
"vulnStatus": "Received",
"lastModified": "2023-05-08T16:35:01.700",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2022/CVE-2022-474xx/CVE-2022-47437.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-47437",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-08T15:15:09.650",
"lastModified": "2023-05-08T15:15:09.650",
"vulnStatus": "Received",
"lastModified": "2023-05-08T16:35:01.700",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2022/CVE-2022-474xx/CVE-2022-47439.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-47439",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-08T15:15:09.723",
"lastModified": "2023-05-08T15:15:09.723",
"vulnStatus": "Received",
"lastModified": "2023-05-08T16:35:01.700",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

53
CVE-2023/CVE-2023-08xx/CVE-2023-0891.json
View File

@ -2,15 +2,38 @@
"id": "CVE-2023-0891",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-05-02T08:15:09.513",
"lastModified": "2023-05-02T12:56:18.213",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-08T17:54:18.147",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The StagTools WordPress plugin before 2.3.7 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "contact@wpscan.com",
@ -23,10 +46,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:codestag:stagtools:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.3.7",
"matchCriteriaId": "0A1EDF64-6629-43F6-9687-18430412AE8B"
}
]
}
]
}
],
"references": [
{
"url": "https://wpscan.com/vulnerability/72397fee-9768-462b-933c-400181a5487c",
"source": "contact@wpscan.com"
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

53
CVE-2023/CVE-2023-09xx/CVE-2023-0924.json
View File

@ -2,15 +2,38 @@
"id": "CVE-2023-0924",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-05-02T08:15:09.620",
"lastModified": "2023-05-02T12:56:18.213",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-08T17:55:06.477",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The ZYREX POPUP WordPress plugin through 1.0 does not validate the type of files uploaded when creating a popup, allowing a high privileged user (such as an Administrator) to upload arbitrary files, even when modifying the file system is disallowed, such as in a multisite install."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "contact@wpscan.com",
@ -23,10 +46,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zyrex:popup:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.1",
"matchCriteriaId": "86209D07-BBF1-4368-8FC4-718F5D77C2ED"
}
]
}
]
}
],
"references": [
{
"url": "https://wpscan.com/vulnerability/0fd0d7a5-9263-43b6-9244-7880c3d3e6f4",
"source": "contact@wpscan.com"
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

53
CVE-2023/CVE-2023-10xx/CVE-2023-1021.json
View File

@ -2,15 +2,38 @@
"id": "CVE-2023-1021",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-05-02T08:15:09.693",
"lastModified": "2023-05-02T12:56:12.940",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-08T17:56:28.890",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The amr ical events lists WordPress plugin through 6.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "contact@wpscan.com",
@ -23,10 +46,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:amr-ical-events-list_project:amr-ical-events-list:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "6.6",
"matchCriteriaId": "89400E75-EC03-4A63-9B5A-333A92E79596"
}
]
}
]
}
],
"references": [
{
"url": "https://wpscan.com/vulnerability/91d04f96-11b2-46dc-860c-dc6c26360bf3",
"source": "contact@wpscan.com"
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

59
CVE-2023/CVE-2023-10xx/CVE-2023-1090.json
View File

@ -2,15 +2,38 @@
"id": "CVE-2023-1090",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-05-02T08:15:09.753",
"lastModified": "2023-05-02T12:56:12.940",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-08T17:57:05.840",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The SMTP Mailing Queue WordPress plugin before 2.0.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "contact@wpscan.com",
@ -23,14 +46,40 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:smtp_mailing_queue_project:smtp_mailing_queue:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.0.1",
"matchCriteriaId": "D1308513-EF0B-40A3-8F60-B1A812653568"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/youki992/youki992.github.io/blob/master/others/apply.md",
"source": "contact@wpscan.com"
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://wpscan.com/vulnerability/d470dd6c-dcac-4a3e-b42a-2489a31aca45",
"source": "contact@wpscan.com"
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

53
CVE-2023/CVE-2023-11xx/CVE-2023-1125.json
View File

@ -2,15 +2,38 @@
"id": "CVE-2023-1125",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-05-02T08:15:09.823",
"lastModified": "2023-05-02T12:56:12.940",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-08T17:57:34.940",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The Ruby Help Desk WordPress plugin before 1.3.4 does not ensure that the ticket being modified belongs to the user making the request, allowing an attacker to close and/or add files and replies to tickets other than their own."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "contact@wpscan.com",
@ -23,10 +46,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpruby:ruby_help_desk:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.3.4",
"matchCriteriaId": "489188C8-7A6D-4599-B305-CDC7EE46C3BB"
}
]
}
]
}
],
"references": [
{
"url": "https://wpscan.com/vulnerability/e8a4b6ab-47f8-495d-a22c-dcf914dfb58c",
"source": "contact@wpscan.com"
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

65
CVE-2023/CVE-2023-15xx/CVE-2023-1525.json
View File

@ -2,18 +2,41 @@
"id": "CVE-2023-1525",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-05-02T08:15:09.893",
"lastModified": "2023-05-02T12:56:12.940",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-08T17:57:58.780",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The Site Reviews WordPress plugin before 6.7.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "contact@wpscan.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
@ -21,12 +44,44 @@
"value": "CWE-79"
}
]
},
{
"source": "contact@wpscan.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:geminilabs:site_reviews:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "6.7.1",
"matchCriteriaId": "2B65A2A7-4BC2-4A82-BE7B-22531AD90A3F"
}
]
}
]
}
],
"references": [
{
"url": "https://wpscan.com/vulnerability/4ae6bf90-b100-4bb5-bdd7-8acdbd950596",
"source": "contact@wpscan.com"
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

53
CVE-2023/CVE-2023-15xx/CVE-2023-1546.json
View File

@ -2,15 +2,38 @@
"id": "CVE-2023-1546",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-05-02T08:15:09.957",
"lastModified": "2023-05-02T12:56:12.940",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-08T17:58:18.323",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The MyCryptoCheckout WordPress plugin before 2.124 does not escape some URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "contact@wpscan.com",
@ -23,10 +46,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:plainviewplugins:mycryptocheckout:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.124",
"matchCriteriaId": "4DB04FE7-2986-4E60-892D-A67FF60C27A1"
}
]
}
]
}
],
"references": [
{
"url": "https://wpscan.com/vulnerability/bb065397-370f-4ee1-a2c8-20e4dc4415a0",
"source": "contact@wpscan.com"
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

53
CVE-2023/CVE-2023-15xx/CVE-2023-1554.json
View File

@ -2,15 +2,38 @@
"id": "CVE-2023-1554",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-05-02T08:15:10.023",
"lastModified": "2023-05-02T12:56:12.940",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-08T17:58:30.793",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The Quick Paypal Payments WordPress plugin before 5.7.26.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "contact@wpscan.com",
@ -23,10 +46,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fullworksplugins:quick_paypal_payments:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "5.7.26.4",
"matchCriteriaId": "5B3FA776-5E68-4773-89DF-018C119C57E9"
}
]
}
]
}
],
"references": [
{
"url": "https://wpscan.com/vulnerability/0d247a3d-154e-4da7-a147-c1c7e1b5e87e",
"source": "contact@wpscan.com"
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

59
CVE-2023/CVE-2023-19xx/CVE-2023-1979.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-1979",
"sourceIdentifier": "cve-coordination@google.com",
"published": "2023-05-08T17:15:11.843",
"lastModified": "2023-05-08T17:15:11.843",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Web Stories for WordPress plugin supports the WordPress built-in functionality of protecting content with a password. The content is then only accessible to website visitors after entering the password. In WordPress, users with the \"Author\" role can create stories, but don't have the ability to edit password protected stories. The vulnerability allowed users with said role to bypass this permission check when trying to duplicate the protected story in the plugin's own dashboard, giving them access to the seemingly protected content. We recommend upgrading to version 1.32 or beyond commit\u00a0 ad49781c2a35c5c92ef704d4b621ab4e5cb77d68 https://github.com/GoogleForCreators/web-stories-wp/commit/ad49781c2a35c5c92ef704d4b621ab4e5cb77d68 \n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve-coordination@google.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "cve-coordination@google.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
}
],
"references": [
{
"url": "https://github.com/GoogleForCreators/web-stories-wp/commit/ad49781c2a35c5c92ef704d4b621ab4e5cb77d68",
"source": "cve-coordination@google.com"
},
{
"url": "https://github.com/GoogleForCreators/web-stories-wp/releases/tag/v1.32.0",
"source": "cve-coordination@google.com"
}
]
}

28
CVE-2023/CVE-2023-200xx/CVE-2023-20065.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-20065",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2023-03-23T17:15:14.393",
"lastModified": "2023-03-30T19:27:08.407",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-08T16:15:09.187",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Cisco IOx application hosting subsystem of Cisco IOS XE Software could allow an authenticated, local attacker to elevate privileges to root on an affected device. This vulnerability is due to insufficient restrictions on the hosted application. An attacker could exploit this vulnerability by logging in to and then escaping the Cisco IOx application container. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with root privileges."
"value": "A vulnerability in the Cisco IOx application hosting subsystem of Cisco IOS XE Software could allow an authenticated, local attacker to elevate privileges to root on an affected device. \r\n\r This vulnerability is due to insufficient restrictions on the hosted application. An attacker could exploit this vulnerability by logging in to and then escaping the Cisco IOx application container. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with root privileges."
}
],
"metrics": {
@ -31,15 +31,13 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
},
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
@ -66,16 +64,6 @@
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"configurations": [
@ -1463,6 +1451,10 @@
}
],
"references": [
{
"url": "https://github.com/orangecertcc/security-research/security/advisories/GHSA-qrpq-fp26-7v9r",
"source": "ykramarz@cisco.com"
},
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-priv-escalate-Xg8zkyPk",
"source": "ykramarz@cisco.com",

75
CVE-2023/CVE-2023-208xx/CVE-2023-20852.json Normal file
View File

@ -0,0 +1,75 @@
{
"id": "CVE-2023-20852",
"sourceIdentifier": "twcert@cert.org.tw",
"published": "2023-04-27T02:15:09.027",
"lastModified": "2023-05-08T17:45:47.537",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "aEnrich Technology a+HRD has a vulnerability of Deserialization of Untrusted Data within its MSMQ interpreter. An unauthenticated remote attacker can exploit this vulnerability to execute arbitrary system commands to perform arbitrary system operation or disrupt service."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "twcert@cert.org.tw",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "twcert@cert.org.tw",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-502"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:aenrich:a\\+hrd:6.8.1039v844:*:*:*:*:*:*:*",
"matchCriteriaId": "DBEB6635-4A9D-4C1A-82D3-3DC765512A6D"
}
]
}
]
}
],
"references": [
{
"url": "https://www.twcert.org.tw/tw/cp-132-7023-8368b-1.html",
"source": "twcert@cert.org.tw",
"tags": [
"Third Party Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-227xx/CVE-2023-22779.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-22779",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2023-05-08T15:15:09.817",
"lastModified": "2023-05-08T15:15:09.817",
"vulnStatus": "Received",
"lastModified": "2023-05-08T16:35:01.700",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-227xx/CVE-2023-22780.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-22780",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2023-05-08T15:15:09.880",
"lastModified": "2023-05-08T15:15:09.880",
"vulnStatus": "Received",
"lastModified": "2023-05-08T16:35:01.700",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-227xx/CVE-2023-22781.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-22781",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2023-05-08T15:15:09.943",
"lastModified": "2023-05-08T15:15:09.943",
"vulnStatus": "Received",
"lastModified": "2023-05-08T16:35:01.700",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-227xx/CVE-2023-22782.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-22782",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2023-05-08T15:15:10.010",
"lastModified": "2023-05-08T15:15:10.010",
"vulnStatus": "Received",
"lastModified": "2023-05-08T16:35:01.700",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-227xx/CVE-2023-22783.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-22783",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2023-05-08T15:15:10.100",
"lastModified": "2023-05-08T15:15:10.100",
"vulnStatus": "Received",
"lastModified": "2023-05-08T16:35:01.700",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-227xx/CVE-2023-22784.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-22784",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2023-05-08T15:15:10.167",
"lastModified": "2023-05-08T15:15:10.167",
"vulnStatus": "Received",
"lastModified": "2023-05-08T16:35:01.700",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-227xx/CVE-2023-22785.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-22785",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2023-05-08T15:15:10.233",
"lastModified": "2023-05-08T15:15:10.233",
"vulnStatus": "Received",
"lastModified": "2023-05-08T16:35:01.700",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-227xx/CVE-2023-22786.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-22786",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2023-05-08T15:15:10.303",
"lastModified": "2023-05-08T15:15:10.303",
"vulnStatus": "Received",
"lastModified": "2023-05-08T16:35:01.700",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-227xx/CVE-2023-22787.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-22787",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2023-05-08T15:15:10.367",
"lastModified": "2023-05-08T15:15:10.367",
"vulnStatus": "Received",
"lastModified": "2023-05-08T16:35:01.700",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-227xx/CVE-2023-22788.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-22788",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2023-05-08T15:15:10.440",
"lastModified": "2023-05-08T15:15:10.440",
"vulnStatus": "Received",
"lastModified": "2023-05-08T16:35:01.700",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-227xx/CVE-2023-22789.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-22789",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2023-05-08T15:15:10.503",
"lastModified": "2023-05-08T15:15:10.503",
"vulnStatus": "Received",
"lastModified": "2023-05-08T16:35:01.700",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-227xx/CVE-2023-22790.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-22790",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2023-05-08T15:15:10.573",
"lastModified": "2023-05-08T15:15:10.573",
"vulnStatus": "Received",
"lastModified": "2023-05-08T16:35:01.700",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-227xx/CVE-2023-22791.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-22791",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2023-05-08T15:15:10.647",
"lastModified": "2023-05-08T15:15:10.647",
"vulnStatus": "Received",
"lastModified": "2023-05-08T16:35:01.700",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

130
CVE-2023/CVE-2023-22xx/CVE-2023-2297.json Normal file
View File

@ -0,0 +1,130 @@
{
"id": "CVE-2023-2297",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-04-27T00:15:08.923",
"lastModified": "2023-05-08T17:07:39.257",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The Profile Builder \u2013 User Profile & User Registration Forms plugin for WordPress is vulnerable to unauthorized password resets in versions up to, and including 3.9.0. This is due to the plugin using native password reset functionality, with insufficient validation on the password reset function (wppb_front_end_password_recovery). The function uses the plaintext value of a password reset key instead of a hashed value which means it can easily be retrieved and subsequently used. An attacker can leverage CVE-2023-0814, or another vulnerability like SQL Injection in another plugin or theme installed on the site to successfully exploit this vulnerability."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-620"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cozmoslabs:profile_builder:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "3.9.0",
"matchCriteriaId": "BCF57CEE-A671-4C7F-B940-591C40E34725"
}
]
}
]
}
],
"references": [
{
"url": "https://lana.codes/lanavdb/512e7307-04a5-4d8b-8f79-f75f37784a9f/",
"source": "security@wordfence.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2864329%40profile-builder&new=2864329%40profile-builder&sfp_email=&sfph_mail=",
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/blog/2023/03/vulnerability-patched-in-cozmolabs-profile-builder-plugin-information-disclosure-leads-to-account-takeover/",
"source": "security@wordfence.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e731292a-4f95-46eb-889e-b00d58f3444e?source=cve",
"source": "security@wordfence.com",
"tags": [
"Patch",
"Third Party Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-244xx/CVE-2023-24408.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-24408",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-08T15:15:10.730",
"lastModified": "2023-05-08T15:15:10.730",
"vulnStatus": "Received",
"lastModified": "2023-05-08T16:35:01.700",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

75
CVE-2023/CVE-2023-248xx/CVE-2023-24836.json Normal file
View File

@ -0,0 +1,75 @@
{
"id": "CVE-2023-24836",
"sourceIdentifier": "twcert@cert.org.tw",
"published": "2023-04-27T02:15:09.243",
"lastModified": "2023-05-08T17:41:05.390",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "SUNNET CTMS has vulnerability of path traversal within its file uploading function. An authenticated remote attacker with general user privilege can exploit this vulnerability to upload and execute scripts onto arbitrary directories to perform arbitrary system operation or disrupt service."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "twcert@cert.org.tw",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "twcert@cert.org.tw",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sun.net:ctms:7.0_1227:*:*:*:*:*:*:*",
"matchCriteriaId": "DBEE2F92-DEE5-4BC6-A03F-AC5F3376FE85"
}
]
}
]
}
],
"references": [
{
"url": "https://www.twcert.org.tw/tw/cp-132-7033-878ab-1.html",
"source": "twcert@cert.org.tw",
"tags": [
"Third Party Advisory"
]
}
]
}

12
CVE-2023/CVE-2023-248xx/CVE-2023-24857.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-24857",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-03-14T17:15:15.930",
"lastModified": "2023-03-20T03:55:11.967",
"lastModified": "2023-05-08T16:45:07.950",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -17,19 +17,19 @@
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{

10
CVE-2023/CVE-2023-248xx/CVE-2023-24885.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-24885",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-04-11T21:15:19.070",
"lastModified": "2023-04-14T14:25:56.573",
"lastModified": "2023-05-08T16:43:15.613",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -17,19 +17,19 @@
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.6,
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{

61
CVE-2023/CVE-2023-24xx/CVE-2023-2417.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2417",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-04-29T01:15:08.867",
"lastModified": "2023-05-03T18:15:48.950",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-08T17:01:41.683",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,18 +93,47 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ks-soft:advanced_host_monitor:*:*:*:*:*:*:*:*",
"versionEndIncluding": "12.56",
"matchCriteriaId": "02579510-CD02-4EAD-90C7-26A3D8DCFBF3"
}
]
}
]
}
],
"references": [
{
"url": "http://packetstormsecurity.com/files/172105/Advanced-Host-Monitor-12.56-Unquoted-Service-Path.html",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?ctiid.227714",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://vuldb.com/?id.227714",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required"
]
}
]
}

64
CVE-2023/CVE-2023-24xx/CVE-2023-2418.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2418",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-04-29T01:15:08.980",
"lastModified": "2023-05-01T10:39:42.517",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-08T16:56:19.500",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,18 +93,44 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:konghq:kong:2.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "617BECC9-676B-496E-9BE5-61DE5555543B"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/advisories/GHSA-9g4c-xm3g-f8hq",
"source": "nvd@nist.gov",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.227715",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://vuldb.com/?id.227715",
"source": "cna@vuldb.com"
},
{
"url": "https://www.cnblogs.com/andao/p/17330864.html",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required"
]
}
]
}

58
CVE-2023/CVE-2023-24xx/CVE-2023-2419.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2419",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-04-29T01:15:09.063",
"lastModified": "2023-05-01T10:39:42.517",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-08T16:52:45.753",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,18 +93,44 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:crmeb:crmeb:4.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5918E587-7108-481A-88B9-6CD63F36FBBE"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/crmeb/CRMEB/issues/77",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
},
{
"url": "https://vuldb.com/?ctiid.227716",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://vuldb.com/?id.227716",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

58
CVE-2023/CVE-2023-24xx/CVE-2023-2420.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2420",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-04-29T02:15:09.383",
"lastModified": "2023-05-01T10:39:42.517",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-08T16:50:06.377",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,18 +93,44 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mlecms:mlecms:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9E90F4E4-8E32-4525-B344-1FDD9CBE9C3B"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/VG00000/elecms/blob/main/README.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
},
{
"url": "https://vuldb.com/?ctiid.227717",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.227717",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

58
CVE-2023/CVE-2023-24xx/CVE-2023-2421.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2421",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-04-29T02:15:09.450",
"lastModified": "2023-05-01T10:39:42.517",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-08T16:48:26.457",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,18 +93,44 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:controlid:rhid:23.3.19.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9B4E7062-946D-490B-80B0-71735FBEE658"
}
]
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?ctiid.227718",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://vuldb.com/?id.227718",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://youtu.be/4JOLhAuoizE",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
}
]
}

66
CVE-2023/CVE-2023-24xx/CVE-2023-2426.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2426",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-04-29T22:15:09.243",
"lastModified": "2023-05-01T10:39:42.517",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-08T17:07:47.910",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -36,8 +58,18 @@
},
"weaknesses": [
{
"source": "security@huntr.dev",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
},
{
"source": "security@huntr.dev",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -46,14 +78,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vim:vim:*:*:*:*:*:*:*:*",
"versionEndExcluding": "9.0.1499",
"matchCriteriaId": "98C576DD-6CD7-46FC-BD71-374BCC670575"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/vim/vim/commit/caf642c25de526229264cab9425e7c9979f3509b",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Patch"
]
},
{
"url": "https://huntr.dev/bounties/3451be4c-91c8-4d08-926b-cbff7396f425",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Exploit"
]
}
]
}

58
CVE-2023/CVE-2023-24xx/CVE-2023-2451.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2451",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-05-01T16:15:11.640",
"lastModified": "2023-05-01T20:07:26.670",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-08T17:47:07.377",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,18 +93,44 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:online_dj_management_system_project:online_dj_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EA6EE0BC-5D40-4EFC-BE67-D3A939B443E4"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/ShellHunTerAndyLABA/bug_report/blob/main/SQLi-1.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
},
{
"url": "https://vuldb.com/?ctiid.227795",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://vuldb.com/?id.227795",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

59
CVE-2023/CVE-2023-25xx/CVE-2023-2583.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-2583",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-05-08T17:15:11.927",
"lastModified": "2023-05-08T17:15:11.927",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Code Injection in GitHub repository jsreport/jsreport prior to 3.11.3."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 10.0,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"references": [
{
"url": "https://github.com/jsreport/jsreport/commit/afaff3804b34b38e959f5ae65f9e672088de13d7",
"source": "security@huntr.dev"
},
{
"url": "https://huntr.dev/bounties/397ea68d-1e28-44ff-b830-c8883d067d96",
"source": "security@huntr.dev"
}
]
}

1375
CVE-2023/CVE-2023-260xx/CVE-2023-26069.json
View File

File diff suppressed because it is too large Load Diff

63
CVE-2023/CVE-2023-267xx/CVE-2023-26781.json
View File

@ -2,19 +2,74 @@
"id": "CVE-2023-26781",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-28T20:15:13.827",
"lastModified": "2023-04-28T22:22:40.580",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-08T17:11:51.063",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in mccms 2.6 allows remote attackers to run arbitrary SQL commands via Author Center ->Reader Comments ->Search."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:chshcms:mccms:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9C8CE475-6841-4A82-8021-719D1FA0F5EE"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/chshcms/mccms/issues/1",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
}
]
}

10
CVE-2023/CVE-2023-282xx/CVE-2023-28231.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-28231",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-04-11T21:15:23.463",
"lastModified": "2023-04-14T17:35:01.287",
"lastModified": "2023-05-08T16:32:42.290",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -17,19 +17,19 @@
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.1,
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{

4
CVE-2023/CVE-2023-284xx/CVE-2023-28493.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28493",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-08T15:15:10.910",
"lastModified": "2023-05-08T15:15:10.910",
"vulnStatus": "Received",
"lastModified": "2023-05-08T16:35:01.700",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

3182
CVE-2023/CVE-2023-290xx/CVE-2023-29058.json
View File

File diff suppressed because it is too large Load Diff

131
CVE-2023/CVE-2023-294xx/CVE-2023-29442.json Normal file
View File

@ -0,0 +1,131 @@
{
"id": "CVE-2023-29442",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-26T21:15:08.890",
"lastModified": "2023-05-08T16:49:33.963",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Zoho ManageEngine Applications Manager through 16390 allows DOM XSS."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_applications_manager:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.3",
"matchCriteriaId": "71A91D5D-BA60-4FAC-92D7-DD477399A552"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_applications_manager:16.3:build16300:*:*:*:*:*:*",
"matchCriteriaId": "725F03D7-8655-4C2C-8BC8-BD81A657E53C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_applications_manager:16.3:build16310:*:*:*:*:*:*",
"matchCriteriaId": "716C228E-FEB8-41D3-A290-BA4DB9D51717"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_applications_manager:16.3:build16320:*:*:*:*:*:*",
"matchCriteriaId": "C73EC9D6-B2AD-4E68-B429-EBF9EA2A7618"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_applications_manager:16.3:build16330:*:*:*:*:*:*",
"matchCriteriaId": "6251408C-2192-44E7-A8D8-92EE97BC3D5A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_applications_manager:16.3:build16340:*:*:*:*:*:*",
"matchCriteriaId": "9F50F891-EA20-4DAC-A100-C80FC455FF15"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_applications_manager:16.3:build16350:*:*:*:*:*:*",
"matchCriteriaId": "14969EAF-CDB7-45AE-AAA1-8D7D0C1D04A7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_applications_manager:16.3:build16360:*:*:*:*:*:*",
"matchCriteriaId": "1B69B236-6FB4-4142-BAA3-578283DB225D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_applications_manager:16.3:build16361:*:*:*:*:*:*",
"matchCriteriaId": "1A68602E-658B-435E-A456-736C8297ABDB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_applications_manager:16.3:build16370:*:*:*:*:*:*",
"matchCriteriaId": "0743D3FA-E17C-4AB4-8821-ECFA8760AA69"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_applications_manager:16.3:build16380:*:*:*:*:*:*",
"matchCriteriaId": "125F2CA8-EB8C-4863-85AB-B8ABB3A0B6BB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_applications_manager:16.3:build16390:*:*:*:*:*:*",
"matchCriteriaId": "65477E77-D8C3-428A-89CB-188E456FFFC4"
}
]
}
]
}
],
"references": [
{
"url": "https://www.manageengine.com/products/applications_manager/security-updates/security-updates-cve-2023-29442.html",
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
}
]
}

183
CVE-2023/CVE-2023-294xx/CVE-2023-29443.json Normal file
View File

@ -0,0 +1,183 @@
{
"id": "CVE-2023-29443",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-26T21:15:08.957",
"lastModified": "2023-05-08T16:36:42.850",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Zoho ManageEngine ServiceDesk Plus through 14104 allows admin users to conduct an XXE attack."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-611"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_assetexplorer:6.9:6980:*:*:*:*:*:*",
"matchCriteriaId": "C9AAC638-1379-4F87-9BA3-07CE16CAB98A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_assetexplorer:6.9:6981:*:*:*:*:*:*",
"matchCriteriaId": "B3470B5B-B8BC-41B9-8CA5-5E7A0EB9934F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_assetexplorer:6.9:6982:*:*:*:*:*:*",
"matchCriteriaId": "3A2D9355-B1D5-4B14-8900-42E7C8DC5E4E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_assetexplorer:6.9:6983:*:*:*:*:*:*",
"matchCriteriaId": "03A34ED3-EC89-4BE3-8A99-A5727A154672"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_assetexplorer:6.9:6984:*:*:*:*:*:*",
"matchCriteriaId": "4E84EF2B-37A5-4499-8C16-877E8AB8A731"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_assetexplorer:6.9:6985:*:*:*:*:*:*",
"matchCriteriaId": "1FDA22C3-8F1E-45C9-BC8D-C3A49EFA348C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_assetexplorer:6.9:6986:*:*:*:*:*:*",
"matchCriteriaId": "DDA5504A-8BD9-4C0D-AD5A-4CB188A99563"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_assetexplorer:6.9:6987:*:*:*:*:*:*",
"matchCriteriaId": "2E4E1A50-A366-4D5E-9DDB-B33D1D1770E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_assetexplorer:6.9:6988:*:*:*:*:*:*",
"matchCriteriaId": "356CA7C7-993F-4D5D-9FAB-9E5475878D53"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:*:*:*:*:*:*:*:*",
"versionEndExcluding": "14.1",
"matchCriteriaId": "0F8049D8-8FE3-43CA-9568-AEA659776436"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:14.1:-:*:*:*:*:*:*",
"matchCriteriaId": "5CDE81A3-95A1-42FC-A526-5F343E73ABD2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:14.1:14100:*:*:*:*:*:*",
"matchCriteriaId": "0575CC86-9321-4502-83C0-348DCE175EEC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:14.1:14101:*:*:*:*:*:*",
"matchCriteriaId": "D1B60D55-DE84-4BE8-A42D-98D133D3D228"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:14.1:14102:*:*:*:*:*:*",
"matchCriteriaId": "B79CA06A-17DE-429A-A3C9-4FC28E907318"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:14.1:14103:*:*:*:*:*:*",
"matchCriteriaId": "19C86206-29CB-4ABA-8979-19DF52B8CC1A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:14.1:14104:*:*:*:*:*:*",
"matchCriteriaId": "7C7ACCBA-56DC-4159-A26C-6D8007B3AC23"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:*:*:*:*:*:*:*:*",
"versionEndExcluding": "14.0",
"matchCriteriaId": "E427ED35-3804-4448-BADE-6DD1E80D093F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:14.0:14000:*:*:*:*:*:*",
"matchCriteriaId": "6E368AC5-E3A5-44CE-8B6E-2454493764E4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:14.0:14001:*:*:*:*:*:*",
"matchCriteriaId": "B265CA09-4FDD-41BD-A5E8-1A4666FBDE62"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:*:*:*:*:*:*:*:*",
"versionEndExcluding": "14.0",
"matchCriteriaId": "5563D0F3-ACFD-4F79-8428-12EF982E0F5F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:14.0:14000:*:*:*:*:*:*",
"matchCriteriaId": "B46588F2-4258-44C7-BCBE-40975D4CE27D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_supportcenter_plus:14.0:14001:*:*:*:*:*:*",
"matchCriteriaId": "8FA49D56-60A0-462B-86D2-61391E8FAA47"
}
]
}
]
}
],
"references": [
{
"url": "https://www.manageengine.com/products/service-desk/CVE-2023-29443.html",
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-296xx/CVE-2023-29693.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-29693",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-08T15:15:10.983",
"lastModified": "2023-05-08T15:15:10.983",
"vulnStatus": "Received",
"lastModified": "2023-05-08T16:35:01.700",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-296xx/CVE-2023-29696.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-29696",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-08T15:15:11.033",
"lastModified": "2023-05-08T15:15:11.033",
"vulnStatus": "Received",
"lastModified": "2023-05-08T16:35:01.700",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

76
CVE-2023/CVE-2023-298xx/CVE-2023-29835.json Normal file
View File

@ -0,0 +1,76 @@
{
"id": "CVE-2023-29835",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-26T20:15:10.210",
"lastModified": "2023-05-08T16:22:23.493",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Insecure Permission vulnerability found in Wondershare Dr.Fone v.12.9.6 allows a remote attacker to escalate privileges via the service permission function."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wondershare:dr.fone:12.9.6:*:*:*:*:windows:*:*",
"matchCriteriaId": "C2C2D87E-8A0C-4686-BA5A-C8DB098ED33F"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/IthacaLabs/Wondershare/tree/main/Dr.Fone",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

83
CVE-2023/CVE-2023-298xx/CVE-2023-29836.json Normal file
View File

@ -0,0 +1,83 @@
{
"id": "CVE-2023-29836",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-26T20:15:10.257",
"lastModified": "2023-05-08T16:28:40.610",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cross Site Scripting vulnerability found in Exelysis Unified Communication Solutions (EUCS) v.1.0 allows a remote attacker to execute arbitrary code via the Username parameter of the eucsAdmin login form."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:exelysis:exelysis_unified_communications_solution:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DACD11BC-5F95-4E4B-9B91-78244C70F03C"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/IthacaLabs/Exelysis",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://github.com/IthacaLabs/Exelysis/blob/main/EUCS%20Admin%20Login%20XSS.txt",
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
}
]
}

6
CVE-2023/CVE-2023-300xx/CVE-2023-30019.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-30019",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-08T15:15:11.087",
"lastModified": "2023-05-08T15:15:11.087",
"vulnStatus": "Received",
"lastModified": "2023-05-08T16:35:01.700",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "imgproxy <= 3.6.0 is vulnerable to Server-Side Request Forgery (SSRF) due to a lack of sanitization of the imageURL parameter."
"value": "imgproxy <=3.14.0 is vulnerable to Server-Side Request Forgery (SSRF) due to a lack of sanitization of the imageURL parameter."
}
],
"metrics": {},

4
CVE-2023/CVE-2023-300xx/CVE-2023-30092.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30092",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-08T15:15:11.137",
"lastModified": "2023-05-08T15:15:11.137",
"vulnStatus": "Received",
"lastModified": "2023-05-08T16:35:01.700",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

148
CVE-2023/CVE-2023-302xx/CVE-2023-30280.json Normal file
View File

@ -0,0 +1,148 @@
{
"id": "CVE-2023-30280",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-26T20:15:10.310",
"lastModified": "2023-05-08T16:54:48.227",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Buffer Overflow vulnerability found in Netgear R6900 v.1.0.2.26, R6700v3 v.1.0.4.128, R6700 v.1.0.0.26 allows a remote attacker to execute arbitrary code and cause a denial ofservice via the getInputData parameter of the fwSchedule.cgi page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:netgear:r6900_firmware:1.0.2.26:*:*:*:*:*:*:*",
"matchCriteriaId": "D03CEC5D-BA2E-4690-A56F-CAB9125C2313"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:netgear:r6900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0794BB7C-1BCF-4F08-8EB2-9C3B150C105A"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:netgear:r6700_firmware:1.0.0.26:*:*:*:*:*:*:*",
"matchCriteriaId": "78F96F02-F565-4760-9417-ECBB5E1A33E2"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:netgear:r6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "21B27F11-4262-4CE1-8107-B365A7C152F2"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:netgear:r6700_firmware:1.0.4.128:*:*:*:*:*:*:*",
"matchCriteriaId": "43CC6DB1-AF1F-4518-B018-47D8F771ED72"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:netgear:r6700:v3:*:*:*:*:*:*:*",
"matchCriteriaId": "5A09A9E8-8C77-4EDB-9483-B3C540EF083A"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/",
"source": "cve@mitre.org",
"tags": [
"Not Applicable"
]
},
{
"url": "https://www.netgear.com/about/security/",
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
}
]
}

63
CVE-2023/CVE-2023-305xx/CVE-2023-30551.json Normal file
View File

@ -0,0 +1,63 @@
{
"id": "CVE-2023-30551",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-05-08T16:15:09.453",
"lastModified": "2023-05-08T16:35:01.700",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Rekor is an open source software supply chain transparency log. Rekor prior to version 1.1.1 may crash due to out of memory (OOM) conditions caused by reading archive metadata files into memory without checking their sizes first. Verification of a JAR file submitted to Rekor can cause an out of memory crash if files within the META-INF directory of the JAR are sufficiently large. Parsing of an APK file submitted to Rekor can cause an out of memory crash if the .SIGN or .PKGINFO files within the APK are sufficiently large. The OOM crash has been patched in Rekor version 1.1.1. There are no known workarounds."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-770"
}
]
}
],
"references": [
{
"url": "https://github.com/sigstore/rekor/commit/cf42ace82667025fe128f7a50cf6b4cdff51cc48",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/sigstore/rekor/releases/tag/v1.1.1",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/sigstore/rekor/security/advisories/GHSA-2h5h-59f5-c5x9",
"source": "security-advisories@github.com"
}
]
}

62
CVE-2023/CVE-2023-307xx/CVE-2023-30792.json
View File

@ -2,16 +2,49 @@
"id": "CVE-2023-30792",
"sourceIdentifier": "cve-assign@fb.com",
"published": "2023-04-29T03:15:08.347",
"lastModified": "2023-05-01T10:39:42.517",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-08T16:46:28.470",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Anchor tag hrefs in Lexical prior to v0.10.0 would render javascript: URLs, allowing for cross-site scripting on link clicks in cases where input was being parsed from untrusted sources."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "cve-assign@fb.com",
"type": "Secondary",
@ -23,10 +56,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:facebook:lexical:*:*:*:*:*:*:*:*",
"versionEndExcluding": "0.10.0",
"matchCriteriaId": "5A53F19C-A7AE-4626-995D-0DBEB2E3E95D"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/facebook/lexical/releases/tag/v0.10.0",
"source": "cve-assign@fb.com"
"source": "cve-assign@fb.com",
"tags": [
"Release Notes"
]
}
]
}

59
CVE-2023/CVE-2023-308xx/CVE-2023-30837.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-30837",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-05-08T17:15:12.007",
"lastModified": "2023-05-08T17:15:12.007",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Vyper is a pythonic smart contract language for the EVM. The storage allocator does not guard against allocation overflows in versions prior to 0.3.8. An attacker can overwrite the owner variable. This issue was fixed in version 0.3.8.\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-789"
}
]
}
],
"references": [
{
"url": "https://github.com/vyperlang/vyper/commit/0bb7203b584e771b23536ba065a6efda457161bb",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/vyperlang/vyper/security/advisories/GHSA-mgv8-gggw-mrg6",
"source": "security-advisories@github.com"
}
]
}

52
CVE-2023/CVE-2023-308xx/CVE-2023-30857.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30857",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-04-28T21:15:09.127",
"lastModified": "2023-04-28T22:22:40.580",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-08T17:29:51.240",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW"
},
"exploitabilityScore": 2.2,
"impactScore": 1.4
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,14 +66,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:aedart:ion:*:*:*:*:*:node.js:*:*",
"versionEndExcluding": "0.6.1",
"matchCriteriaId": "80FB7841-5B3F-48A1-9CD7-5B4CDF9723A1"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/aedart/ion/commit/c3e2ee08710d4164d796ecb66ed291335dae9291",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/aedart/ion/security/advisories/GHSA-wwxh-74fx-33c6",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
}
]
}

58
CVE-2023/CVE-2023-308xx/CVE-2023-30858.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30858",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-04-28T21:15:09.187",
"lastModified": "2023-04-28T22:22:40.580",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-08T17:41:46.183",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,18 +66,46 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:denosaurs:emoji:*:*:*:*:*:*:*:*",
"versionStartIncluding": "0.1.0",
"versionEndExcluding": "0.3.0",
"matchCriteriaId": "957125B8-E12A-4B89-B1C5-7A69686242CF"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/denosaurs/emoji/pull/11",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/denosaurs/emoji/security/advisories/GHSA-w2xx-hjhp-gx5v",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://huntr.dev/bounties/444f2255-5085-466f-ba0e-5549fa8846a3/",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit"
]
}
]
}

69
CVE-2023/CVE-2023-314xx/CVE-2023-31470.json
View File

@ -2,23 +2,82 @@
"id": "CVE-2023-31470",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-28T21:15:09.307",
"lastModified": "2023-04-28T22:22:40.580",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-08T17:42:00.757",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "SmartDNS through 41 before 56d0332 allows an out-of-bounds write because of a stack-based buffer overflow in the _dns_encode_domain function in the dns.c file, via a crafted DNS request."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:smartdns_project:smartdns:*:*:*:*:*:*:*:*",
"versionEndIncluding": "41",
"matchCriteriaId": "D5368DF9-87D5-4CC3-BCCA-5E7DF8098097"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/pymumu/smartdns/commit/56d0332bf91104cfc877635f6c82e9348587df04",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/pymumu/smartdns/issues/1378",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
}
]
}

69
CVE-2023/CVE-2023-314xx/CVE-2023-31483.json
View File

@ -2,23 +2,82 @@
"id": "CVE-2023-31483",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-28T23:15:08.520",
"lastModified": "2023-05-01T10:39:42.517",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-08T17:16:37.827",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "tar/TarFileReader.cpp in Cauldron cbang before bastet-v8.1.17 has a directory traversal during extraction that allows the attacker to create or write to files outside the current directory via a crafted tar archive."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cauldrondevelopment:cbang:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.1.17",
"matchCriteriaId": "3B314898-A964-4E84-B85D-33AB88FAA091"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/CauldronDevelopmentLLC/cbang/compare/bastet-v8.1.16...bastet-v8.1.17",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/CauldronDevelopmentLLC/cbang/issues/115",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
}
]
}

105
CVE-2023/CVE-2023-314xx/CVE-2023-31484.json
View File

@ -2,47 +2,130 @@
"id": "CVE-2023-31484",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-29T00:15:09.000",
"lastModified": "2023-05-08T00:15:09.433",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-05-08T17:11:13.023",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-295"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cpanpm_project:cpanpm:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.35",
"matchCriteriaId": "90D5B630-223B-4035-89FF-84D4BD0D7C32"
}
]
}
]
}
],
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2023/04/29/1",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch"
]
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/05/03/3",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch"
]
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/05/03/5",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List"
]
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/05/07/2",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List"
]
},
{
"url": "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mitigation",
"Patch",
"Third Party Advisory"
]
},
{
"url": "https://github.com/andk/cpanpm/pull/175",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking"
]
},
{
"url": "https://metacpan.org/dist/CPAN/changes",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Release Notes"
]
},
{
"url": "https://www.openwall.com/lists/oss-security/2023/04/18/14",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch"
]
}
]
}

104
CVE-2023/CVE-2023-314xx/CVE-2023-31485.json
View File

@ -2,47 +2,129 @@
"id": "CVE-2023-31485",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-29T00:15:09.043",
"lastModified": "2023-05-08T00:15:09.517",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-05-08T17:07:50.933",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "GitLab::API::v4 through 0.26 does not verify TLS certificates when connecting to a GitLab server, enabling machine-in-the-middle attacks."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-295"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab\\:\\:api\\:\\:v4_project:gitlab\\:\\:api\\:\\:v4:*:*:*:*:*:*:*:*",
"versionEndIncluding": "0.26",
"matchCriteriaId": "EA38B03A-651A-4674-9F23-AAC1A5334E7D"
}
]
}
]
}
],
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2023/04/29/1",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch"
]
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/05/03/3",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch"
]
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/05/03/5",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List"
]
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/05/07/2",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List"
]
},
{
"url": "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mitigation",
"Patch",
"Third Party Advisory"
]
},
{
"url": "https://github.com/bluefeet/GitLab-API-v4/pull/57",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://github.com/chansen/p5-http-tiny/pull/151",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://www.openwall.com/lists/oss-security/2023/04/18/14",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch"
]
}
]
}

110
CVE-2023/CVE-2023-314xx/CVE-2023-31486.json
View File

@ -2,51 +2,137 @@
"id": "CVE-2023-31486",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-29T00:15:09.083",
"lastModified": "2023-05-08T00:15:09.577",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-05-08T17:06:34.067",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "HTTP::Tiny 0.082, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-295"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:http\\:\\:tiny_project:http\\:\\:tiny:0.082:*:*:*:*:*:*:*",
"matchCriteriaId": "3B6A9378-CA92-4797-9A9B-1B60CB40FFC3"
}
]
}
]
}
],
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2023/04/29/1",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch"
]
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/05/03/3",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch"
]
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/05/03/5",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List"
]
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/05/07/2",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mitigation",
"Patch",
"Third Party Advisory"
]
},
{
"url": "https://hackeriet.github.io/cpan-http-tiny-overview/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://www.openwall.com/lists/oss-security/2023/04/18/14",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch"
]
},
{
"url": "https://www.openwall.com/lists/oss-security/2023/05/03/4",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://www.reddit.com/r/perl/comments/111tadi/psa_httptiny_disabled_ssl_verification_by_default/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
]
}
]
}

154
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-05-08T16:00:24.679684+00:00
2023-05-08T18:00:25.673730+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-05-08T15:15:11.183000+00:00
2023-05-08T17:58:30.793000+00:00
```
### Last Data Feed Release
@ -29,95 +29,87 @@ Download and Changelog: [Click](releases/latest)
### Total Number of included CVEs
```plain
214267
214271
```
### CVEs added in the last Commit
Recently added CVEs: `60`
Recently added CVEs: `4`
* [CVE-2020-18131](CVE-2020/CVE-2020-181xx/CVE-2020-18131.json) (`2023-05-08T14:15:10.000`)
* [CVE-2020-18132](CVE-2020/CVE-2020-181xx/CVE-2020-18132.json) (`2023-05-08T14:15:10.067`)
* [CVE-2020-18282](CVE-2020/CVE-2020-182xx/CVE-2020-18282.json) (`2023-05-08T14:15:10.147`)
* [CVE-2020-19660](CVE-2020/CVE-2020-196xx/CVE-2020-19660.json) (`2023-05-08T14:15:10.217`)
* [CVE-2020-21038](CVE-2020/CVE-2020-210xx/CVE-2020-21038.json) (`2023-05-08T14:15:10.283`)
* [CVE-2020-22334](CVE-2020/CVE-2020-223xx/CVE-2020-22334.json) (`2023-05-08T14:15:10.357`)
* [CVE-2020-22755](CVE-2020/CVE-2020-227xx/CVE-2020-22755.json) (`2023-05-08T14:15:10.423`)
* [CVE-2020-23966](CVE-2020/CVE-2020-239xx/CVE-2020-23966.json) (`2023-05-08T14:15:10.493`)
* [CVE-2020-36065](CVE-2020/CVE-2020-360xx/CVE-2020-36065.json) (`2023-05-08T14:15:10.563`)
* [CVE-2021-27280](CVE-2021/CVE-2021-272xx/CVE-2021-27280.json) (`2023-05-08T14:15:10.640`)
* [CVE-2021-28998](CVE-2021/CVE-2021-289xx/CVE-2021-28998.json) (`2023-05-08T14:15:10.707`)
* [CVE-2021-28999](CVE-2021/CVE-2021-289xx/CVE-2021-28999.json) (`2023-05-08T14:15:10.770`)
* [CVE-2022-4118](CVE-2022/CVE-2022-41xx/CVE-2022-4118.json) (`2023-05-08T14:15:10.883`)
* [CVE-2022-45065](CVE-2022/CVE-2022-450xx/CVE-2022-45065.json) (`2023-05-08T15:15:09.580`)
* [CVE-2022-47437](CVE-2022/CVE-2022-474xx/CVE-2022-47437.json) (`2023-05-08T15:15:09.650`)
* [CVE-2022-47439](CVE-2022/CVE-2022-474xx/CVE-2022-47439.json) (`2023-05-08T15:15:09.723`)
* [CVE-2023-0267](CVE-2023/CVE-2023-02xx/CVE-2023-0267.json) (`2023-05-08T14:15:10.967`)
* [CVE-2023-0268](CVE-2023/CVE-2023-02xx/CVE-2023-0268.json) (`2023-05-08T14:15:11.057`)
* [CVE-2023-0280](CVE-2023/CVE-2023-02xx/CVE-2023-0280.json) (`2023-05-08T14:15:11.147`)
* [CVE-2023-0421](CVE-2023/CVE-2023-04xx/CVE-2023-0421.json) (`2023-05-08T14:15:11.233`)
* [CVE-2023-0514](CVE-2023/CVE-2023-05xx/CVE-2023-0514.json) (`2023-05-08T14:15:11.330`)
* [CVE-2023-0522](CVE-2023/CVE-2023-05xx/CVE-2023-0522.json) (`2023-05-08T14:15:11.417`)
* [CVE-2023-0526](CVE-2023/CVE-2023-05xx/CVE-2023-0526.json) (`2023-05-08T14:15:11.507`)
* [CVE-2023-0536](CVE-2023/CVE-2023-05xx/CVE-2023-0536.json) (`2023-05-08T14:15:11.597`)
* [CVE-2023-0537](CVE-2023/CVE-2023-05xx/CVE-2023-0537.json) (`2023-05-08T14:15:11.677`)
* [CVE-2023-0542](CVE-2023/CVE-2023-05xx/CVE-2023-0542.json) (`2023-05-08T14:15:11.777`)
* [CVE-2023-0544](CVE-2023/CVE-2023-05xx/CVE-2023-0544.json) (`2023-05-08T14:15:11.887`)
* [CVE-2023-0603](CVE-2023/CVE-2023-06xx/CVE-2023-0603.json) (`2023-05-08T14:15:11.967`)
* [CVE-2023-0768](CVE-2023/CVE-2023-07xx/CVE-2023-0768.json) (`2023-05-08T14:15:12.067`)
* [CVE-2023-0894](CVE-2023/CVE-2023-08xx/CVE-2023-0894.json) (`2023-05-08T14:15:12.157`)
* [CVE-2023-0948](CVE-2023/CVE-2023-09xx/CVE-2023-0948.json) (`2023-05-08T14:15:12.277`)
* [CVE-2023-1011](CVE-2023/CVE-2023-10xx/CVE-2023-1011.json) (`2023-05-08T14:15:12.367`)
* [CVE-2023-1347](CVE-2023/CVE-2023-13xx/CVE-2023-1347.json) (`2023-05-08T14:15:12.457`)
* [CVE-2023-1408](CVE-2023/CVE-2023-14xx/CVE-2023-1408.json) (`2023-05-08T14:15:12.577`)
* [CVE-2023-1649](CVE-2023/CVE-2023-16xx/CVE-2023-1649.json) (`2023-05-08T14:15:12.670`)
* [CVE-2023-1650](CVE-2023/CVE-2023-16xx/CVE-2023-1650.json) (`2023-05-08T14:15:12.747`)
* [CVE-2023-1651](CVE-2023/CVE-2023-16xx/CVE-2023-1651.json) (`2023-05-08T14:15:12.867`)
* [CVE-2023-1660](CVE-2023/CVE-2023-16xx/CVE-2023-1660.json) (`2023-05-08T14:15:13.173`)
* [CVE-2023-1806](CVE-2023/CVE-2023-18xx/CVE-2023-1806.json) (`2023-05-08T14:15:13.310`)
* [CVE-2023-1905](CVE-2023/CVE-2023-19xx/CVE-2023-1905.json) (`2023-05-08T14:15:13.417`)
* [CVE-2023-2114](CVE-2023/CVE-2023-21xx/CVE-2023-2114.json) (`2023-05-08T14:15:13.507`)
* [CVE-2023-22779](CVE-2023/CVE-2023-227xx/CVE-2023-22779.json) (`2023-05-08T15:15:09.817`)
* [CVE-2023-22780](CVE-2023/CVE-2023-227xx/CVE-2023-22780.json) (`2023-05-08T15:15:09.880`)
* [CVE-2023-22781](CVE-2023/CVE-2023-227xx/CVE-2023-22781.json) (`2023-05-08T15:15:09.943`)
* [CVE-2023-22782](CVE-2023/CVE-2023-227xx/CVE-2023-22782.json) (`2023-05-08T15:15:10.010`)
* [CVE-2023-22783](CVE-2023/CVE-2023-227xx/CVE-2023-22783.json) (`2023-05-08T15:15:10.100`)
* [CVE-2023-22784](CVE-2023/CVE-2023-227xx/CVE-2023-22784.json) (`2023-05-08T15:15:10.167`)
* [CVE-2023-22785](CVE-2023/CVE-2023-227xx/CVE-2023-22785.json) (`2023-05-08T15:15:10.233`)
* [CVE-2023-22786](CVE-2023/CVE-2023-227xx/CVE-2023-22786.json) (`2023-05-08T15:15:10.303`)
* [CVE-2023-22787](CVE-2023/CVE-2023-227xx/CVE-2023-22787.json) (`2023-05-08T15:15:10.367`)
* [CVE-2023-22788](CVE-2023/CVE-2023-227xx/CVE-2023-22788.json) (`2023-05-08T15:15:10.440`)
* [CVE-2023-22789](CVE-2023/CVE-2023-227xx/CVE-2023-22789.json) (`2023-05-08T15:15:10.503`)
* [CVE-2023-22790](CVE-2023/CVE-2023-227xx/CVE-2023-22790.json) (`2023-05-08T15:15:10.573`)
* [CVE-2023-22791](CVE-2023/CVE-2023-227xx/CVE-2023-22791.json) (`2023-05-08T15:15:10.647`)
* [CVE-2023-24408](CVE-2023/CVE-2023-244xx/CVE-2023-24408.json) (`2023-05-08T15:15:10.730`)
* [CVE-2023-28493](CVE-2023/CVE-2023-284xx/CVE-2023-28493.json) (`2023-05-08T15:15:10.910`)
* [CVE-2023-29693](CVE-2023/CVE-2023-296xx/CVE-2023-29693.json) (`2023-05-08T15:15:10.983`)
* [CVE-2023-29696](CVE-2023/CVE-2023-296xx/CVE-2023-29696.json) (`2023-05-08T15:15:11.033`)
* [CVE-2023-30019](CVE-2023/CVE-2023-300xx/CVE-2023-30019.json) (`2023-05-08T15:15:11.087`)
* [CVE-2023-30092](CVE-2023/CVE-2023-300xx/CVE-2023-30092.json) (`2023-05-08T15:15:11.137`)
* [CVE-2023-1979](CVE-2023/CVE-2023-19xx/CVE-2023-1979.json) (`2023-05-08T17:15:11.843`)
* [CVE-2023-2583](CVE-2023/CVE-2023-25xx/CVE-2023-2583.json) (`2023-05-08T17:15:11.927`)
* [CVE-2023-30551](CVE-2023/CVE-2023-305xx/CVE-2023-30551.json) (`2023-05-08T16:15:09.453`)
* [CVE-2023-30837](CVE-2023/CVE-2023-308xx/CVE-2023-30837.json) (`2023-05-08T17:15:12.007`)
### CVEs modified in the last Commit
Recently modified CVEs: `16`
Recently modified CVEs: `64`
* [CVE-2023-2374](CVE-2023/CVE-2023-23xx/CVE-2023-2374.json) (`2023-05-08T14:04:08.280`)
* [CVE-2023-2375](CVE-2023/CVE-2023-23xx/CVE-2023-2375.json) (`2023-05-08T14:06:37.457`)
* [CVE-2023-2376](CVE-2023/CVE-2023-23xx/CVE-2023-2376.json) (`2023-05-08T14:06:02.730`)
* [CVE-2023-2377](CVE-2023/CVE-2023-23xx/CVE-2023-2377.json) (`2023-05-08T14:05:14.903`)
* [CVE-2023-2378](CVE-2023/CVE-2023-23xx/CVE-2023-2378.json) (`2023-05-08T14:09:36.283`)
* [CVE-2023-2379](CVE-2023/CVE-2023-23xx/CVE-2023-2379.json) (`2023-05-08T14:03:43.337`)
* [CVE-2023-25754](CVE-2023/CVE-2023-257xx/CVE-2023-25754.json) (`2023-05-08T15:15:10.830`)
* [CVE-2023-26243](CVE-2023/CVE-2023-262xx/CVE-2023-26243.json) (`2023-05-08T14:14:58.957`)
* [CVE-2023-26244](CVE-2023/CVE-2023-262xx/CVE-2023-26244.json) (`2023-05-08T14:15:15.390`)
* [CVE-2023-26245](CVE-2023/CVE-2023-262xx/CVE-2023-26245.json) (`2023-05-08T14:15:48.107`)
* [CVE-2023-26246](CVE-2023/CVE-2023-262xx/CVE-2023-26246.json) (`2023-05-08T14:15:42.497`)
* [CVE-2023-26560](CVE-2023/CVE-2023-265xx/CVE-2023-26560.json) (`2023-05-08T14:16:07.847`)
* [CVE-2023-26735](CVE-2023/CVE-2023-267xx/CVE-2023-26735.json) (`2023-05-08T14:26:16.970`)
* [CVE-2023-30404](CVE-2023/CVE-2023-304xx/CVE-2023-30404.json) (`2023-05-08T14:01:58.300`)
* [CVE-2023-30405](CVE-2023/CVE-2023-304xx/CVE-2023-30405.json) (`2023-05-08T14:04:49.080`)
* [CVE-2023-31039](CVE-2023/CVE-2023-310xx/CVE-2023-31039.json) (`2023-05-08T15:15:11.183`)
* [CVE-2014-125100](CVE-2014/CVE-2014-1251xx/CVE-2014-125100.json) (`2023-05-08T17:18:52.400`)
* [CVE-2022-3643](CVE-2022/CVE-2022-36xx/CVE-2022-3643.json) (`2023-05-08T17:34:33.167`)
* [CVE-2022-41736](CVE-2022/CVE-2022-417xx/CVE-2022-41736.json) (`2023-05-08T16:48:12.287`)
* [CVE-2022-43871](CVE-2022/CVE-2022-438xx/CVE-2022-43871.json) (`2023-05-08T16:47:20.913`)
* [CVE-2022-45065](CVE-2022/CVE-2022-450xx/CVE-2022-45065.json) (`2023-05-08T16:35:01.700`)
* [CVE-2022-47437](CVE-2022/CVE-2022-474xx/CVE-2022-47437.json) (`2023-05-08T16:35:01.700`)
* [CVE-2022-47439](CVE-2022/CVE-2022-474xx/CVE-2022-47439.json) (`2023-05-08T16:35:01.700`)
* [CVE-2023-0891](CVE-2023/CVE-2023-08xx/CVE-2023-0891.json) (`2023-05-08T17:54:18.147`)
* [CVE-2023-0924](CVE-2023/CVE-2023-09xx/CVE-2023-0924.json) (`2023-05-08T17:55:06.477`)
* [CVE-2023-1021](CVE-2023/CVE-2023-10xx/CVE-2023-1021.json) (`2023-05-08T17:56:28.890`)
* [CVE-2023-1090](CVE-2023/CVE-2023-10xx/CVE-2023-1090.json) (`2023-05-08T17:57:05.840`)
* [CVE-2023-1125](CVE-2023/CVE-2023-11xx/CVE-2023-1125.json) (`2023-05-08T17:57:34.940`)
* [CVE-2023-1525](CVE-2023/CVE-2023-15xx/CVE-2023-1525.json) (`2023-05-08T17:57:58.780`)
* [CVE-2023-1546](CVE-2023/CVE-2023-15xx/CVE-2023-1546.json) (`2023-05-08T17:58:18.323`)
* [CVE-2023-1554](CVE-2023/CVE-2023-15xx/CVE-2023-1554.json) (`2023-05-08T17:58:30.793`)
* [CVE-2023-20065](CVE-2023/CVE-2023-200xx/CVE-2023-20065.json) (`2023-05-08T16:15:09.187`)
* [CVE-2023-20852](CVE-2023/CVE-2023-208xx/CVE-2023-20852.json) (`2023-05-08T17:45:47.537`)
* [CVE-2023-22779](CVE-2023/CVE-2023-227xx/CVE-2023-22779.json) (`2023-05-08T16:35:01.700`)
* [CVE-2023-22780](CVE-2023/CVE-2023-227xx/CVE-2023-22780.json) (`2023-05-08T16:35:01.700`)
* [CVE-2023-22781](CVE-2023/CVE-2023-227xx/CVE-2023-22781.json) (`2023-05-08T16:35:01.700`)
* [CVE-2023-22782](CVE-2023/CVE-2023-227xx/CVE-2023-22782.json) (`2023-05-08T16:35:01.700`)
* [CVE-2023-22783](CVE-2023/CVE-2023-227xx/CVE-2023-22783.json) (`2023-05-08T16:35:01.700`)
* [CVE-2023-22784](CVE-2023/CVE-2023-227xx/CVE-2023-22784.json) (`2023-05-08T16:35:01.700`)
* [CVE-2023-22785](CVE-2023/CVE-2023-227xx/CVE-2023-22785.json) (`2023-05-08T16:35:01.700`)
* [CVE-2023-22786](CVE-2023/CVE-2023-227xx/CVE-2023-22786.json) (`2023-05-08T16:35:01.700`)
* [CVE-2023-22787](CVE-2023/CVE-2023-227xx/CVE-2023-22787.json) (`2023-05-08T16:35:01.700`)
* [CVE-2023-22788](CVE-2023/CVE-2023-227xx/CVE-2023-22788.json) (`2023-05-08T16:35:01.700`)
* [CVE-2023-22789](CVE-2023/CVE-2023-227xx/CVE-2023-22789.json) (`2023-05-08T16:35:01.700`)
* [CVE-2023-22790](CVE-2023/CVE-2023-227xx/CVE-2023-22790.json) (`2023-05-08T16:35:01.700`)
* [CVE-2023-22791](CVE-2023/CVE-2023-227xx/CVE-2023-22791.json) (`2023-05-08T16:35:01.700`)
* [CVE-2023-2297](CVE-2023/CVE-2023-22xx/CVE-2023-2297.json) (`2023-05-08T17:07:39.257`)
* [CVE-2023-2417](CVE-2023/CVE-2023-24xx/CVE-2023-2417.json) (`2023-05-08T17:01:41.683`)
* [CVE-2023-2418](CVE-2023/CVE-2023-24xx/CVE-2023-2418.json) (`2023-05-08T16:56:19.500`)
* [CVE-2023-2419](CVE-2023/CVE-2023-24xx/CVE-2023-2419.json) (`2023-05-08T16:52:45.753`)
* [CVE-2023-2420](CVE-2023/CVE-2023-24xx/CVE-2023-2420.json) (`2023-05-08T16:50:06.377`)
* [CVE-2023-2421](CVE-2023/CVE-2023-24xx/CVE-2023-2421.json) (`2023-05-08T16:48:26.457`)
* [CVE-2023-2426](CVE-2023/CVE-2023-24xx/CVE-2023-2426.json) (`2023-05-08T17:07:47.910`)
* [CVE-2023-24408](CVE-2023/CVE-2023-244xx/CVE-2023-24408.json) (`2023-05-08T16:35:01.700`)
* [CVE-2023-2451](CVE-2023/CVE-2023-24xx/CVE-2023-2451.json) (`2023-05-08T17:47:07.377`)
* [CVE-2023-24836](CVE-2023/CVE-2023-248xx/CVE-2023-24836.json) (`2023-05-08T17:41:05.390`)
* [CVE-2023-24857](CVE-2023/CVE-2023-248xx/CVE-2023-24857.json) (`2023-05-08T16:45:07.950`)
* [CVE-2023-24885](CVE-2023/CVE-2023-248xx/CVE-2023-24885.json) (`2023-05-08T16:43:15.613`)
* [CVE-2023-26069](CVE-2023/CVE-2023-260xx/CVE-2023-26069.json) (`2023-05-08T17:57:37.837`)
* [CVE-2023-26781](CVE-2023/CVE-2023-267xx/CVE-2023-26781.json) (`2023-05-08T17:11:51.063`)
* [CVE-2023-28231](CVE-2023/CVE-2023-282xx/CVE-2023-28231.json) (`2023-05-08T16:32:42.290`)
* [CVE-2023-28493](CVE-2023/CVE-2023-284xx/CVE-2023-28493.json) (`2023-05-08T16:35:01.700`)
* [CVE-2023-29058](CVE-2023/CVE-2023-290xx/CVE-2023-29058.json) (`2023-05-08T17:27:52.427`)
* [CVE-2023-29442](CVE-2023/CVE-2023-294xx/CVE-2023-29442.json) (`2023-05-08T16:49:33.963`)
* [CVE-2023-29443](CVE-2023/CVE-2023-294xx/CVE-2023-29443.json) (`2023-05-08T16:36:42.850`)
* [CVE-2023-29693](CVE-2023/CVE-2023-296xx/CVE-2023-29693.json) (`2023-05-08T16:35:01.700`)
* [CVE-2023-29696](CVE-2023/CVE-2023-296xx/CVE-2023-29696.json) (`2023-05-08T16:35:01.700`)
* [CVE-2023-29835](CVE-2023/CVE-2023-298xx/CVE-2023-29835.json) (`2023-05-08T16:22:23.493`)
* [CVE-2023-29836](CVE-2023/CVE-2023-298xx/CVE-2023-29836.json) (`2023-05-08T16:28:40.610`)
* [CVE-2023-30019](CVE-2023/CVE-2023-300xx/CVE-2023-30019.json) (`2023-05-08T16:35:01.700`)
* [CVE-2023-30092](CVE-2023/CVE-2023-300xx/CVE-2023-30092.json) (`2023-05-08T16:35:01.700`)
* [CVE-2023-30280](CVE-2023/CVE-2023-302xx/CVE-2023-30280.json) (`2023-05-08T16:54:48.227`)
* [CVE-2023-30792](CVE-2023/CVE-2023-307xx/CVE-2023-30792.json) (`2023-05-08T16:46:28.470`)
* [CVE-2023-30857](CVE-2023/CVE-2023-308xx/CVE-2023-30857.json) (`2023-05-08T17:29:51.240`)
* [CVE-2023-30858](CVE-2023/CVE-2023-308xx/CVE-2023-30858.json) (`2023-05-08T17:41:46.183`)
* [CVE-2023-31470](CVE-2023/CVE-2023-314xx/CVE-2023-31470.json) (`2023-05-08T17:42:00.757`)
* [CVE-2023-31483](CVE-2023/CVE-2023-314xx/CVE-2023-31483.json) (`2023-05-08T17:16:37.827`)
* [CVE-2023-31484](CVE-2023/CVE-2023-314xx/CVE-2023-31484.json) (`2023-05-08T17:11:13.023`)
* [CVE-2023-31485](CVE-2023/CVE-2023-314xx/CVE-2023-31485.json) (`2023-05-08T17:07:50.933`)
* [CVE-2023-31486](CVE-2023/CVE-2023-314xx/CVE-2023-31486.json) (`2023-05-08T17:06:34.067`)
## Download and Usage