From 65e39f011e9ca74e87f3fb555c0af984b461bfaa Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Tue, 22 Aug 2023 20:00:42 +0000 Subject: [PATCH] Auto-Update: 2023-08-22T20:00:38.701005+00:00 --- CVE-2013/CVE-2013-74xx/CVE-2013-7484.json | 8 +- CVE-2019/CVE-2019-173xx/CVE-2019-17382.json | 8 +- CVE-2020/CVE-2020-182xx/CVE-2020-18232.json | 20 + CVE-2020/CVE-2020-183xx/CVE-2020-18378.json | 20 + CVE-2020/CVE-2020-183xx/CVE-2020-18382.json | 20 + CVE-2020/CVE-2020-184xx/CVE-2020-18494.json | 20 + CVE-2020/CVE-2020-186xx/CVE-2020-18651.json | 24 + CVE-2020/CVE-2020-186xx/CVE-2020-18652.json | 24 + CVE-2020/CVE-2020-187xx/CVE-2020-18768.json | 20 + CVE-2020/CVE-2020-187xx/CVE-2020-18770.json | 20 + CVE-2020/CVE-2020-187xx/CVE-2020-18780.json | 20 + CVE-2020/CVE-2020-187xx/CVE-2020-18781.json | 20 + CVE-2020/CVE-2020-188xx/CVE-2020-18831.json | 24 + CVE-2020/CVE-2020-188xx/CVE-2020-18839.json | 20 + CVE-2020/CVE-2020-191xx/CVE-2020-19185.json | 20 + CVE-2020/CVE-2020-191xx/CVE-2020-19186.json | 20 + CVE-2020/CVE-2020-191xx/CVE-2020-19187.json | 20 + CVE-2020/CVE-2020-191xx/CVE-2020-19188.json | 20 + CVE-2020/CVE-2020-191xx/CVE-2020-19189.json | 20 + CVE-2020/CVE-2020-191xx/CVE-2020-19190.json | 20 + CVE-2020/CVE-2020-195xx/CVE-2020-19500.json | 15 + CVE-2020/CVE-2020-197xx/CVE-2020-19724.json | 24 + CVE-2020/CVE-2020-197xx/CVE-2020-19725.json | 20 + CVE-2020/CVE-2020-197xx/CVE-2020-19726.json | 24 + CVE-2020/CVE-2020-199xx/CVE-2020-19909.json | 20 + CVE-2020/CVE-2020-201xx/CVE-2020-20145.json | 20 + CVE-2020/CVE-2020-208xx/CVE-2020-20813.json | 20 + CVE-2020/CVE-2020-210xx/CVE-2020-21047.json | 24 + CVE-2020/CVE-2020-214xx/CVE-2020-21426.json | 20 + CVE-2020/CVE-2020-214xx/CVE-2020-21427.json | 20 + CVE-2020/CVE-2020-214xx/CVE-2020-21428.json | 20 + CVE-2020/CVE-2020-214xx/CVE-2020-21469.json | 20 + CVE-2020/CVE-2020-214xx/CVE-2020-21490.json | 24 + CVE-2020/CVE-2020-215xx/CVE-2020-21528.json | 20 + CVE-2020/CVE-2020-215xx/CVE-2020-21583.json | 24 + CVE-2020/CVE-2020-216xx/CVE-2020-21679.json | 20 + CVE-2020/CVE-2020-216xx/CVE-2020-21685.json | 20 + CVE-2020/CVE-2020-216xx/CVE-2020-21686.json | 20 + CVE-2020/CVE-2020-216xx/CVE-2020-21687.json | 20 + CVE-2020/CVE-2020-216xx/CVE-2020-21699.json | 20 + CVE-2020/CVE-2020-217xx/CVE-2020-21710.json | 24 + CVE-2020/CVE-2020-217xx/CVE-2020-21722.json | 24 + CVE-2020/CVE-2020-217xx/CVE-2020-21723.json | 24 + CVE-2020/CVE-2020-217xx/CVE-2020-21724.json | 24 + CVE-2020/CVE-2020-218xx/CVE-2020-21890.json | 20 + CVE-2020/CVE-2020-218xx/CVE-2020-21896.json | 20 + CVE-2020/CVE-2020-221xx/CVE-2020-22181.json | 24 + CVE-2020/CVE-2020-222xx/CVE-2020-22217.json | 20 + CVE-2020/CVE-2020-222xx/CVE-2020-22218.json | 20 + CVE-2020/CVE-2020-222xx/CVE-2020-22219.json | 20 + CVE-2020/CVE-2020-225xx/CVE-2020-22524.json | 20 + CVE-2020/CVE-2020-225xx/CVE-2020-22570.json | 20 + CVE-2020/CVE-2020-226xx/CVE-2020-22628.json | 20 + CVE-2020/CVE-2020-229xx/CVE-2020-22916.json | 24 + CVE-2020/CVE-2020-237xx/CVE-2020-23793.json | 20 + CVE-2020/CVE-2020-238xx/CVE-2020-23804.json | 20 + CVE-2020/CVE-2020-239xx/CVE-2020-23992.json | 20 + CVE-2020/CVE-2020-242xx/CVE-2020-24292.json | 20 + CVE-2020/CVE-2020-242xx/CVE-2020-24293.json | 20 + CVE-2020/CVE-2020-242xx/CVE-2020-24294.json | 20 + CVE-2020/CVE-2020-242xx/CVE-2020-24295.json | 20 + CVE-2020/CVE-2020-258xx/CVE-2020-25887.json | 20 + CVE-2020/CVE-2020-266xx/CVE-2020-26652.json | 20 + CVE-2020/CVE-2020-266xx/CVE-2020-26683.json | 20 + CVE-2020/CVE-2020-274xx/CVE-2020-27418.json | 24 + CVE-2020/CVE-2020-353xx/CVE-2020-35342.json | 20 + CVE-2020/CVE-2020-353xx/CVE-2020-35357.json | 24 + CVE-2021/CVE-2021-293xx/CVE-2021-29390.json | 20 + CVE-2021/CVE-2021-300xx/CVE-2021-30047.json | 20 + CVE-2021/CVE-2021-322xx/CVE-2021-32292.json | 20 + CVE-2021/CVE-2021-324xx/CVE-2021-32420.json | 24 + CVE-2021/CVE-2021-324xx/CVE-2021-32421.json | 24 + CVE-2021/CVE-2021-324xx/CVE-2021-32422.json | 24 + CVE-2021/CVE-2021-333xx/CVE-2021-33388.json | 20 + CVE-2021/CVE-2021-333xx/CVE-2021-33390.json | 20 + CVE-2021/CVE-2021-341xx/CVE-2021-34193.json | 64 + CVE-2021/CVE-2021-353xx/CVE-2021-35309.json | 24 + CVE-2021/CVE-2021-402xx/CVE-2021-40211.json | 20 + CVE-2021/CVE-2021-402xx/CVE-2021-40262.json | 20 + CVE-2021/CVE-2021-402xx/CVE-2021-40263.json | 20 + CVE-2021/CVE-2021-402xx/CVE-2021-40264.json | 20 + CVE-2021/CVE-2021-402xx/CVE-2021-40265.json | 20 + CVE-2021/CVE-2021-402xx/CVE-2021-40266.json | 20 + CVE-2021/CVE-2021-431xx/CVE-2021-43171.json | 24 + CVE-2021/CVE-2021-461xx/CVE-2021-46174.json | 20 + CVE-2021/CVE-2021-461xx/CVE-2021-46179.json | 20 + CVE-2021/CVE-2021-463xx/CVE-2021-46310.json | 20 + CVE-2021/CVE-2021-463xx/CVE-2021-46312.json | 20 + CVE-2022/CVE-2022-244xx/CVE-2022-24439.json | 6 +- CVE-2022/CVE-2022-250xx/CVE-2022-25024.json | 32 + CVE-2022/CVE-2022-265xx/CVE-2022-26592.json | 20 + CVE-2022/CVE-2022-280xx/CVE-2022-28068.json | 20 + CVE-2022/CVE-2022-280xx/CVE-2022-28069.json | 20 + CVE-2022/CVE-2022-280xx/CVE-2022-28070.json | 20 + CVE-2022/CVE-2022-280xx/CVE-2022-28071.json | 20 + CVE-2022/CVE-2022-280xx/CVE-2022-28072.json | 20 + CVE-2022/CVE-2022-280xx/CVE-2022-28073.json | 20 + CVE-2022/CVE-2022-296xx/CVE-2022-29654.json | 28 + CVE-2022/CVE-2022-340xx/CVE-2022-34038.json | 24 + CVE-2022/CVE-2022-352xx/CVE-2022-35205.json | 20 + CVE-2022/CVE-2022-352xx/CVE-2022-35206.json | 20 + CVE-2022/CVE-2022-352xx/CVE-2022-35229.json | 6 +- CVE-2022/CVE-2022-366xx/CVE-2022-36648.json | 20 + CVE-2022/CVE-2022-370xx/CVE-2022-37050.json | 24 + CVE-2022/CVE-2022-370xx/CVE-2022-37051.json | 24 + CVE-2022/CVE-2022-370xx/CVE-2022-37052.json | 24 + CVE-2022/CVE-2022-383xx/CVE-2022-38349.json | 24 + CVE-2022/CVE-2022-400xx/CVE-2022-40090.json | 24 + CVE-2022/CVE-2022-404xx/CVE-2022-40433.json | 32 + CVE-2022/CVE-2022-409xx/CVE-2022-40982.json | 6 +- CVE-2022/CVE-2022-414xx/CVE-2022-41444.json | 20 + CVE-2022/CVE-2022-418xx/CVE-2022-41804.json | 6 +- CVE-2022/CVE-2022-433xx/CVE-2022-43357.json | 28 + CVE-2022/CVE-2022-433xx/CVE-2022-43358.json | 28 + CVE-2022/CVE-2022-435xx/CVE-2022-43515.json | 8 +- CVE-2022/CVE-2022-442xx/CVE-2022-44215.json | 24 + CVE-2022/CVE-2022-447xx/CVE-2022-44729.json | 36 + CVE-2022/CVE-2022-447xx/CVE-2022-44730.json | 36 + CVE-2022/CVE-2022-448xx/CVE-2022-44840.json | 20 + CVE-2022/CVE-2022-455xx/CVE-2022-45582.json | 24 + CVE-2022/CVE-2022-456xx/CVE-2022-45611.json | 20 + CVE-2022/CVE-2022-457xx/CVE-2022-45703.json | 20 + CVE-2022/CVE-2022-470xx/CVE-2022-47007.json | 20 + CVE-2022/CVE-2022-470xx/CVE-2022-47008.json | 20 + CVE-2022/CVE-2022-470xx/CVE-2022-47010.json | 20 + CVE-2022/CVE-2022-470xx/CVE-2022-47011.json | 20 + CVE-2022/CVE-2022-470xx/CVE-2022-47022.json | 20 + CVE-2022/CVE-2022-470xx/CVE-2022-47069.json | 20 + CVE-2022/CVE-2022-476xx/CVE-2022-47673.json | 20 + CVE-2022/CVE-2022-476xx/CVE-2022-47695.json | 20 + CVE-2022/CVE-2022-476xx/CVE-2022-47696.json | 20 + CVE-2022/CVE-2022-480xx/CVE-2022-48063.json | 24 + CVE-2022/CVE-2022-480xx/CVE-2022-48064.json | 24 + CVE-2022/CVE-2022-480xx/CVE-2022-48065.json | 24 + CVE-2022/CVE-2022-481xx/CVE-2022-48174.json | 20 + CVE-2022/CVE-2022-485xx/CVE-2022-48522.json | 20 + CVE-2022/CVE-2022-485xx/CVE-2022-48538.json | 24 + CVE-2022/CVE-2022-485xx/CVE-2022-48541.json | 20 + CVE-2022/CVE-2022-485xx/CVE-2022-48545.json | 20 + CVE-2022/CVE-2022-485xx/CVE-2022-48547.json | 20 + CVE-2022/CVE-2022-485xx/CVE-2022-48554.json | 20 + CVE-2022/CVE-2022-485xx/CVE-2022-48560.json | 20 + CVE-2022/CVE-2022-485xx/CVE-2022-48564.json | 20 + CVE-2022/CVE-2022-485xx/CVE-2022-48565.json | 20 + CVE-2022/CVE-2022-485xx/CVE-2022-48566.json | 20 + CVE-2022/CVE-2022-485xx/CVE-2022-48570.json | 24 + CVE-2022/CVE-2022-485xx/CVE-2022-48571.json | 20 + CVE-2023/CVE-2023-08xx/CVE-2023-0871.json | 18 +- CVE-2023/CVE-2023-201xx/CVE-2023-20197.json | 6 +- CVE-2023/CVE-2023-205xx/CVE-2023-20589.json | 3342 ++++++++++++++++++- CVE-2023/CVE-2023-235xx/CVE-2023-23563.json | 28 + CVE-2023/CVE-2023-235xx/CVE-2023-23564.json | 28 + CVE-2023/CVE-2023-235xx/CVE-2023-23565.json | 28 + CVE-2023/CVE-2023-239xx/CVE-2023-23908.json | 8 +- CVE-2023/CVE-2023-245xx/CVE-2023-24514.json | 55 + CVE-2023/CVE-2023-245xx/CVE-2023-24515.json | 55 + CVE-2023/CVE-2023-245xx/CVE-2023-24516.json | 55 + CVE-2023/CVE-2023-245xx/CVE-2023-24517.json | 55 + CVE-2023/CVE-2023-257xx/CVE-2023-25718.json | 4 +- CVE-2023/CVE-2023-261xx/CVE-2023-26140.json | 68 +- CVE-2023/CVE-2023-294xx/CVE-2023-29450.json | 8 +- CVE-2023/CVE-2023-294xx/CVE-2023-29451.json | 8 +- CVE-2023/CVE-2023-294xx/CVE-2023-29454.json | 8 +- CVE-2023/CVE-2023-294xx/CVE-2023-29455.json | 8 +- CVE-2023/CVE-2023-294xx/CVE-2023-29456.json | 8 +- CVE-2023/CVE-2023-294xx/CVE-2023-29457.json | 8 +- CVE-2023/CVE-2023-300xx/CVE-2023-30078.json | 28 + CVE-2023/CVE-2023-300xx/CVE-2023-30079.json | 28 + CVE-2023/CVE-2023-314xx/CVE-2023-31452.json | 6 +- CVE-2023/CVE-2023-324xx/CVE-2023-32487.json | 74 +- CVE-2023/CVE-2023-324xx/CVE-2023-32488.json | 74 +- CVE-2023/CVE-2023-324xx/CVE-2023-32489.json | 74 +- CVE-2023/CVE-2023-324xx/CVE-2023-32490.json | 74 +- CVE-2023/CVE-2023-324xx/CVE-2023-32491.json | 48 +- CVE-2023/CVE-2023-324xx/CVE-2023-32492.json | 62 +- CVE-2023/CVE-2023-324xx/CVE-2023-32493.json | 60 +- CVE-2023/CVE-2023-324xx/CVE-2023-32495.json | 74 +- CVE-2023/CVE-2023-332xx/CVE-2023-33237.json | 70 +- CVE-2023/CVE-2023-332xx/CVE-2023-33238.json | 98 +- CVE-2023/CVE-2023-332xx/CVE-2023-33239.json | 98 +- CVE-2023/CVE-2023-336xx/CVE-2023-33663.json | 69 +- CVE-2023/CVE-2023-342xx/CVE-2023-34213.json | 70 +- CVE-2023/CVE-2023-342xx/CVE-2023-34214.json | 98 +- CVE-2023/CVE-2023-348xx/CVE-2023-34853.json | 24 + CVE-2023/CVE-2023-350xx/CVE-2023-35009.json | 132 +- CVE-2023/CVE-2023-350xx/CVE-2023-35011.json | 132 +- CVE-2023/CVE-2023-358xx/CVE-2023-35893.json | 90 +- CVE-2023/CVE-2023-362xx/CVE-2023-36281.json | 24 + CVE-2023/CVE-2023-36xx/CVE-2023-3699.json | 55 + CVE-2023/CVE-2023-374xx/CVE-2023-37421.json | 43 + CVE-2023/CVE-2023-374xx/CVE-2023-37422.json | 43 + CVE-2023/CVE-2023-374xx/CVE-2023-37423.json | 43 + CVE-2023/CVE-2023-374xx/CVE-2023-37424.json | 43 + CVE-2023/CVE-2023-374xx/CVE-2023-37425.json | 43 + CVE-2023/CVE-2023-374xx/CVE-2023-37426.json | 43 + CVE-2023/CVE-2023-374xx/CVE-2023-37427.json | 43 + CVE-2023/CVE-2023-374xx/CVE-2023-37428.json | 43 + CVE-2023/CVE-2023-374xx/CVE-2023-37429.json | 43 + CVE-2023/CVE-2023-374xx/CVE-2023-37430.json | 43 + CVE-2023/CVE-2023-374xx/CVE-2023-37431.json | 43 + CVE-2023/CVE-2023-374xx/CVE-2023-37432.json | 43 + CVE-2023/CVE-2023-374xx/CVE-2023-37433.json | 43 + CVE-2023/CVE-2023-374xx/CVE-2023-37434.json | 43 + CVE-2023/CVE-2023-374xx/CVE-2023-37435.json | 43 + CVE-2023/CVE-2023-374xx/CVE-2023-37436.json | 43 + CVE-2023/CVE-2023-374xx/CVE-2023-37437.json | 43 + CVE-2023/CVE-2023-374xx/CVE-2023-37438.json | 43 + CVE-2023/CVE-2023-374xx/CVE-2023-37439.json | 43 + CVE-2023/CVE-2023-374xx/CVE-2023-37440.json | 43 + CVE-2023/CVE-2023-383xx/CVE-2023-38325.json | 8 +- CVE-2023/CVE-2023-386xx/CVE-2023-38665.json | 20 + CVE-2023/CVE-2023-386xx/CVE-2023-38666.json | 20 + CVE-2023/CVE-2023-386xx/CVE-2023-38667.json | 20 + CVE-2023/CVE-2023-386xx/CVE-2023-38668.json | 20 + CVE-2023/CVE-2023-387xx/CVE-2023-38732.json | 59 + CVE-2023/CVE-2023-388xx/CVE-2023-38861.json | 76 +- CVE-2023/CVE-2023-388xx/CVE-2023-38862.json | 76 +- CVE-2023/CVE-2023-388xx/CVE-2023-38863.json | 76 +- CVE-2023/CVE-2023-388xx/CVE-2023-38865.json | 76 +- CVE-2023/CVE-2023-389xx/CVE-2023-38904.json | 65 +- CVE-2023/CVE-2023-389xx/CVE-2023-38996.json | 28 + CVE-2023/CVE-2023-391xx/CVE-2023-39115.json | 82 +- CVE-2023/CVE-2023-391xx/CVE-2023-39141.json | 24 + CVE-2023/CVE-2023-395xx/CVE-2023-39599.json | 24 + CVE-2023/CVE-2023-398xx/CVE-2023-39841.json | 76 +- CVE-2023/CVE-2023-398xx/CVE-2023-39842.json | 76 +- CVE-2023/CVE-2023-398xx/CVE-2023-39843.json | 76 +- CVE-2023/CVE-2023-39xx/CVE-2023-3958.json | 64 +- CVE-2023/CVE-2023-402xx/CVE-2023-40267.json | 8 +- CVE-2023/CVE-2023-403xx/CVE-2023-40336.json | 69 +- CVE-2023/CVE-2023-403xx/CVE-2023-40337.json | 69 +- CVE-2023/CVE-2023-403xx/CVE-2023-40338.json | 70 +- CVE-2023/CVE-2023-403xx/CVE-2023-40339.json | 70 +- CVE-2023/CVE-2023-403xx/CVE-2023-40340.json | 70 +- CVE-2023/CVE-2023-403xx/CVE-2023-40359.json | 64 +- CVE-2023/CVE-2023-407xx/CVE-2023-40735.json | 18 +- CVE-2023/CVE-2023-42xx/CVE-2023-4212.json | 63 + CVE-2023/CVE-2023-44xx/CVE-2023-4417.json | 27 +- CVE-2023/CVE-2023-44xx/CVE-2023-4475.json | 55 + README.md | 85 +- 240 files changed, 10712 insertions(+), 245 deletions(-) create mode 100644 CVE-2020/CVE-2020-182xx/CVE-2020-18232.json create mode 100644 CVE-2020/CVE-2020-183xx/CVE-2020-18378.json create mode 100644 CVE-2020/CVE-2020-183xx/CVE-2020-18382.json create mode 100644 CVE-2020/CVE-2020-184xx/CVE-2020-18494.json create mode 100644 CVE-2020/CVE-2020-186xx/CVE-2020-18651.json create mode 100644 CVE-2020/CVE-2020-186xx/CVE-2020-18652.json create mode 100644 CVE-2020/CVE-2020-187xx/CVE-2020-18768.json create mode 100644 CVE-2020/CVE-2020-187xx/CVE-2020-18770.json create mode 100644 CVE-2020/CVE-2020-187xx/CVE-2020-18780.json create mode 100644 CVE-2020/CVE-2020-187xx/CVE-2020-18781.json create mode 100644 CVE-2020/CVE-2020-188xx/CVE-2020-18831.json create mode 100644 CVE-2020/CVE-2020-188xx/CVE-2020-18839.json create mode 100644 CVE-2020/CVE-2020-191xx/CVE-2020-19185.json create mode 100644 CVE-2020/CVE-2020-191xx/CVE-2020-19186.json create mode 100644 CVE-2020/CVE-2020-191xx/CVE-2020-19187.json create mode 100644 CVE-2020/CVE-2020-191xx/CVE-2020-19188.json create mode 100644 CVE-2020/CVE-2020-191xx/CVE-2020-19189.json create mode 100644 CVE-2020/CVE-2020-191xx/CVE-2020-19190.json create mode 100644 CVE-2020/CVE-2020-195xx/CVE-2020-19500.json create mode 100644 CVE-2020/CVE-2020-197xx/CVE-2020-19724.json create mode 100644 CVE-2020/CVE-2020-197xx/CVE-2020-19725.json create mode 100644 CVE-2020/CVE-2020-197xx/CVE-2020-19726.json create mode 100644 CVE-2020/CVE-2020-199xx/CVE-2020-19909.json create mode 100644 CVE-2020/CVE-2020-201xx/CVE-2020-20145.json create mode 100644 CVE-2020/CVE-2020-208xx/CVE-2020-20813.json create mode 100644 CVE-2020/CVE-2020-210xx/CVE-2020-21047.json create mode 100644 CVE-2020/CVE-2020-214xx/CVE-2020-21426.json create mode 100644 CVE-2020/CVE-2020-214xx/CVE-2020-21427.json create mode 100644 CVE-2020/CVE-2020-214xx/CVE-2020-21428.json create mode 100644 CVE-2020/CVE-2020-214xx/CVE-2020-21469.json create mode 100644 CVE-2020/CVE-2020-214xx/CVE-2020-21490.json create mode 100644 CVE-2020/CVE-2020-215xx/CVE-2020-21528.json create mode 100644 CVE-2020/CVE-2020-215xx/CVE-2020-21583.json create mode 100644 CVE-2020/CVE-2020-216xx/CVE-2020-21679.json create mode 100644 CVE-2020/CVE-2020-216xx/CVE-2020-21685.json create mode 100644 CVE-2020/CVE-2020-216xx/CVE-2020-21686.json create mode 100644 CVE-2020/CVE-2020-216xx/CVE-2020-21687.json create mode 100644 CVE-2020/CVE-2020-216xx/CVE-2020-21699.json create mode 100644 CVE-2020/CVE-2020-217xx/CVE-2020-21710.json create mode 100644 CVE-2020/CVE-2020-217xx/CVE-2020-21722.json create mode 100644 CVE-2020/CVE-2020-217xx/CVE-2020-21723.json create mode 100644 CVE-2020/CVE-2020-217xx/CVE-2020-21724.json create mode 100644 CVE-2020/CVE-2020-218xx/CVE-2020-21890.json create mode 100644 CVE-2020/CVE-2020-218xx/CVE-2020-21896.json create mode 100644 CVE-2020/CVE-2020-221xx/CVE-2020-22181.json create mode 100644 CVE-2020/CVE-2020-222xx/CVE-2020-22217.json create mode 100644 CVE-2020/CVE-2020-222xx/CVE-2020-22218.json create mode 100644 CVE-2020/CVE-2020-222xx/CVE-2020-22219.json create mode 100644 CVE-2020/CVE-2020-225xx/CVE-2020-22524.json create mode 100644 CVE-2020/CVE-2020-225xx/CVE-2020-22570.json create mode 100644 CVE-2020/CVE-2020-226xx/CVE-2020-22628.json create mode 100644 CVE-2020/CVE-2020-229xx/CVE-2020-22916.json create mode 100644 CVE-2020/CVE-2020-237xx/CVE-2020-23793.json create mode 100644 CVE-2020/CVE-2020-238xx/CVE-2020-23804.json create mode 100644 CVE-2020/CVE-2020-239xx/CVE-2020-23992.json create mode 100644 CVE-2020/CVE-2020-242xx/CVE-2020-24292.json create mode 100644 CVE-2020/CVE-2020-242xx/CVE-2020-24293.json create mode 100644 CVE-2020/CVE-2020-242xx/CVE-2020-24294.json create mode 100644 CVE-2020/CVE-2020-242xx/CVE-2020-24295.json create mode 100644 CVE-2020/CVE-2020-258xx/CVE-2020-25887.json create mode 100644 CVE-2020/CVE-2020-266xx/CVE-2020-26652.json create mode 100644 CVE-2020/CVE-2020-266xx/CVE-2020-26683.json create mode 100644 CVE-2020/CVE-2020-274xx/CVE-2020-27418.json create mode 100644 CVE-2020/CVE-2020-353xx/CVE-2020-35342.json create mode 100644 CVE-2020/CVE-2020-353xx/CVE-2020-35357.json create mode 100644 CVE-2021/CVE-2021-293xx/CVE-2021-29390.json create mode 100644 CVE-2021/CVE-2021-300xx/CVE-2021-30047.json create mode 100644 CVE-2021/CVE-2021-322xx/CVE-2021-32292.json create mode 100644 CVE-2021/CVE-2021-324xx/CVE-2021-32420.json create mode 100644 CVE-2021/CVE-2021-324xx/CVE-2021-32421.json create mode 100644 CVE-2021/CVE-2021-324xx/CVE-2021-32422.json create mode 100644 CVE-2021/CVE-2021-333xx/CVE-2021-33388.json create mode 100644 CVE-2021/CVE-2021-333xx/CVE-2021-33390.json create mode 100644 CVE-2021/CVE-2021-341xx/CVE-2021-34193.json create mode 100644 CVE-2021/CVE-2021-353xx/CVE-2021-35309.json create mode 100644 CVE-2021/CVE-2021-402xx/CVE-2021-40211.json create mode 100644 CVE-2021/CVE-2021-402xx/CVE-2021-40262.json create mode 100644 CVE-2021/CVE-2021-402xx/CVE-2021-40263.json create mode 100644 CVE-2021/CVE-2021-402xx/CVE-2021-40264.json create mode 100644 CVE-2021/CVE-2021-402xx/CVE-2021-40265.json create mode 100644 CVE-2021/CVE-2021-402xx/CVE-2021-40266.json create mode 100644 CVE-2021/CVE-2021-431xx/CVE-2021-43171.json create mode 100644 CVE-2021/CVE-2021-461xx/CVE-2021-46174.json create mode 100644 CVE-2021/CVE-2021-461xx/CVE-2021-46179.json create mode 100644 CVE-2021/CVE-2021-463xx/CVE-2021-46310.json create mode 100644 CVE-2021/CVE-2021-463xx/CVE-2021-46312.json create mode 100644 CVE-2022/CVE-2022-250xx/CVE-2022-25024.json create mode 100644 CVE-2022/CVE-2022-265xx/CVE-2022-26592.json create mode 100644 CVE-2022/CVE-2022-280xx/CVE-2022-28068.json create mode 100644 CVE-2022/CVE-2022-280xx/CVE-2022-28069.json create mode 100644 CVE-2022/CVE-2022-280xx/CVE-2022-28070.json create mode 100644 CVE-2022/CVE-2022-280xx/CVE-2022-28071.json create mode 100644 CVE-2022/CVE-2022-280xx/CVE-2022-28072.json create mode 100644 CVE-2022/CVE-2022-280xx/CVE-2022-28073.json create mode 100644 CVE-2022/CVE-2022-296xx/CVE-2022-29654.json create mode 100644 CVE-2022/CVE-2022-340xx/CVE-2022-34038.json create mode 100644 CVE-2022/CVE-2022-352xx/CVE-2022-35205.json create mode 100644 CVE-2022/CVE-2022-352xx/CVE-2022-35206.json create mode 100644 CVE-2022/CVE-2022-366xx/CVE-2022-36648.json create mode 100644 CVE-2022/CVE-2022-370xx/CVE-2022-37050.json create mode 100644 CVE-2022/CVE-2022-370xx/CVE-2022-37051.json create mode 100644 CVE-2022/CVE-2022-370xx/CVE-2022-37052.json create mode 100644 CVE-2022/CVE-2022-383xx/CVE-2022-38349.json create mode 100644 CVE-2022/CVE-2022-400xx/CVE-2022-40090.json create mode 100644 CVE-2022/CVE-2022-404xx/CVE-2022-40433.json create mode 100644 CVE-2022/CVE-2022-414xx/CVE-2022-41444.json create mode 100644 CVE-2022/CVE-2022-433xx/CVE-2022-43357.json create mode 100644 CVE-2022/CVE-2022-433xx/CVE-2022-43358.json create mode 100644 CVE-2022/CVE-2022-442xx/CVE-2022-44215.json create mode 100644 CVE-2022/CVE-2022-447xx/CVE-2022-44729.json create mode 100644 CVE-2022/CVE-2022-447xx/CVE-2022-44730.json create mode 100644 CVE-2022/CVE-2022-448xx/CVE-2022-44840.json create mode 100644 CVE-2022/CVE-2022-455xx/CVE-2022-45582.json create mode 100644 CVE-2022/CVE-2022-456xx/CVE-2022-45611.json create mode 100644 CVE-2022/CVE-2022-457xx/CVE-2022-45703.json create mode 100644 CVE-2022/CVE-2022-470xx/CVE-2022-47007.json create mode 100644 CVE-2022/CVE-2022-470xx/CVE-2022-47008.json create mode 100644 CVE-2022/CVE-2022-470xx/CVE-2022-47010.json create mode 100644 CVE-2022/CVE-2022-470xx/CVE-2022-47011.json create mode 100644 CVE-2022/CVE-2022-470xx/CVE-2022-47022.json create mode 100644 CVE-2022/CVE-2022-470xx/CVE-2022-47069.json create mode 100644 CVE-2022/CVE-2022-476xx/CVE-2022-47673.json create mode 100644 CVE-2022/CVE-2022-476xx/CVE-2022-47695.json create mode 100644 CVE-2022/CVE-2022-476xx/CVE-2022-47696.json create mode 100644 CVE-2022/CVE-2022-480xx/CVE-2022-48063.json create mode 100644 CVE-2022/CVE-2022-480xx/CVE-2022-48064.json create mode 100644 CVE-2022/CVE-2022-480xx/CVE-2022-48065.json create mode 100644 CVE-2022/CVE-2022-481xx/CVE-2022-48174.json create mode 100644 CVE-2022/CVE-2022-485xx/CVE-2022-48522.json create mode 100644 CVE-2022/CVE-2022-485xx/CVE-2022-48538.json create mode 100644 CVE-2022/CVE-2022-485xx/CVE-2022-48541.json create mode 100644 CVE-2022/CVE-2022-485xx/CVE-2022-48545.json create mode 100644 CVE-2022/CVE-2022-485xx/CVE-2022-48547.json create mode 100644 CVE-2022/CVE-2022-485xx/CVE-2022-48554.json create mode 100644 CVE-2022/CVE-2022-485xx/CVE-2022-48560.json create mode 100644 CVE-2022/CVE-2022-485xx/CVE-2022-48564.json create mode 100644 CVE-2022/CVE-2022-485xx/CVE-2022-48565.json create mode 100644 CVE-2022/CVE-2022-485xx/CVE-2022-48566.json create mode 100644 CVE-2022/CVE-2022-485xx/CVE-2022-48570.json create mode 100644 CVE-2022/CVE-2022-485xx/CVE-2022-48571.json create mode 100644 CVE-2023/CVE-2023-235xx/CVE-2023-23563.json create mode 100644 CVE-2023/CVE-2023-235xx/CVE-2023-23564.json create mode 100644 CVE-2023/CVE-2023-235xx/CVE-2023-23565.json create mode 100644 CVE-2023/CVE-2023-245xx/CVE-2023-24514.json create mode 100644 CVE-2023/CVE-2023-245xx/CVE-2023-24515.json create mode 100644 CVE-2023/CVE-2023-245xx/CVE-2023-24516.json create mode 100644 CVE-2023/CVE-2023-245xx/CVE-2023-24517.json create mode 100644 CVE-2023/CVE-2023-300xx/CVE-2023-30078.json create mode 100644 CVE-2023/CVE-2023-300xx/CVE-2023-30079.json create mode 100644 CVE-2023/CVE-2023-348xx/CVE-2023-34853.json create mode 100644 CVE-2023/CVE-2023-362xx/CVE-2023-36281.json create mode 100644 CVE-2023/CVE-2023-36xx/CVE-2023-3699.json create mode 100644 CVE-2023/CVE-2023-374xx/CVE-2023-37421.json create mode 100644 CVE-2023/CVE-2023-374xx/CVE-2023-37422.json create mode 100644 CVE-2023/CVE-2023-374xx/CVE-2023-37423.json create mode 100644 CVE-2023/CVE-2023-374xx/CVE-2023-37424.json create mode 100644 CVE-2023/CVE-2023-374xx/CVE-2023-37425.json create mode 100644 CVE-2023/CVE-2023-374xx/CVE-2023-37426.json create mode 100644 CVE-2023/CVE-2023-374xx/CVE-2023-37427.json create mode 100644 CVE-2023/CVE-2023-374xx/CVE-2023-37428.json create mode 100644 CVE-2023/CVE-2023-374xx/CVE-2023-37429.json create mode 100644 CVE-2023/CVE-2023-374xx/CVE-2023-37430.json create mode 100644 CVE-2023/CVE-2023-374xx/CVE-2023-37431.json create mode 100644 CVE-2023/CVE-2023-374xx/CVE-2023-37432.json create mode 100644 CVE-2023/CVE-2023-374xx/CVE-2023-37433.json create mode 100644 CVE-2023/CVE-2023-374xx/CVE-2023-37434.json create mode 100644 CVE-2023/CVE-2023-374xx/CVE-2023-37435.json create mode 100644 CVE-2023/CVE-2023-374xx/CVE-2023-37436.json create mode 100644 CVE-2023/CVE-2023-374xx/CVE-2023-37437.json create mode 100644 CVE-2023/CVE-2023-374xx/CVE-2023-37438.json create mode 100644 CVE-2023/CVE-2023-374xx/CVE-2023-37439.json create mode 100644 CVE-2023/CVE-2023-374xx/CVE-2023-37440.json create mode 100644 CVE-2023/CVE-2023-386xx/CVE-2023-38665.json create mode 100644 CVE-2023/CVE-2023-386xx/CVE-2023-38666.json create mode 100644 CVE-2023/CVE-2023-386xx/CVE-2023-38667.json create mode 100644 CVE-2023/CVE-2023-386xx/CVE-2023-38668.json create mode 100644 CVE-2023/CVE-2023-387xx/CVE-2023-38732.json create mode 100644 CVE-2023/CVE-2023-389xx/CVE-2023-38996.json create mode 100644 CVE-2023/CVE-2023-391xx/CVE-2023-39141.json create mode 100644 CVE-2023/CVE-2023-395xx/CVE-2023-39599.json create mode 100644 CVE-2023/CVE-2023-42xx/CVE-2023-4212.json create mode 100644 CVE-2023/CVE-2023-44xx/CVE-2023-4475.json diff --git a/CVE-2013/CVE-2013-74xx/CVE-2013-7484.json b/CVE-2013/CVE-2013-74xx/CVE-2013-7484.json index 24f5b49512c..1c0c5180517 100644 --- a/CVE-2013/CVE-2013-74xx/CVE-2013-7484.json +++ b/CVE-2013/CVE-2013-74xx/CVE-2013-7484.json @@ -2,8 +2,8 @@ "id": "CVE-2013-7484", "sourceIdentifier": "cve@mitre.org", "published": "2019-11-30T02:15:10.390", - "lastModified": "2019-12-11T18:21:43.850", - "vulnStatus": "Analyzed", + "lastModified": "2023-08-22T19:15:53.670", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -98,6 +98,10 @@ } ], "references": [ + { + "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00027.html", + "source": "cve@mitre.org" + }, { "url": "https://support.zabbix.com/browse/ZBX-16551", "source": "cve@mitre.org", diff --git a/CVE-2019/CVE-2019-173xx/CVE-2019-17382.json b/CVE-2019/CVE-2019-173xx/CVE-2019-17382.json index 7f946eb3a23..ac354ece4ee 100644 --- a/CVE-2019/CVE-2019-173xx/CVE-2019-17382.json +++ b/CVE-2019/CVE-2019-173xx/CVE-2019-17382.json @@ -2,8 +2,8 @@ "id": "CVE-2019-17382", "sourceIdentifier": "cve@mitre.org", "published": "2019-10-09T14:15:12.817", - "lastModified": "2020-08-24T17:37:01.140", - "vulnStatus": "Analyzed", + "lastModified": "2023-08-22T19:15:54.797", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -94,6 +94,10 @@ } ], "references": [ + { + "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00027.html", + "source": "cve@mitre.org" + }, { "url": "https://www.exploit-db.com/exploits/47467", "source": "cve@mitre.org", diff --git a/CVE-2020/CVE-2020-182xx/CVE-2020-18232.json b/CVE-2020/CVE-2020-182xx/CVE-2020-18232.json new file mode 100644 index 00000000000..1a1c68531ff --- /dev/null +++ b/CVE-2020/CVE-2020-182xx/CVE-2020-18232.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2020-18232", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:15:54.903", + "lastModified": "2023-08-22T19:15:54.903", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Buffer Overflow vulnerability in function H5S_close in H5S.c in HDF5 1.10.4 allows remote attackers to run arbitrary code via creation of crafted file." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/winson2004aa/PAAFS/tree/master/vul2", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2020/CVE-2020-183xx/CVE-2020-18378.json b/CVE-2020/CVE-2020-183xx/CVE-2020-18378.json new file mode 100644 index 00000000000..e6389a558f8 --- /dev/null +++ b/CVE-2020/CVE-2020-183xx/CVE-2020-18378.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2020-18378", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:15:55.143", + "lastModified": "2023-08-22T19:15:55.143", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A NULL pointer dereference was discovered in SExpressionWasmBuilder::makeBlock in wasm/wasm-s-parser.c in Binaryen 1.38.26. A crafted wasm input can cause a segmentation fault, leading to denial-of-service, as demonstrated by wasm-as." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/WebAssembly/binaryen/issues/1900", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2020/CVE-2020-183xx/CVE-2020-18382.json b/CVE-2020/CVE-2020-183xx/CVE-2020-18382.json new file mode 100644 index 00000000000..2c95cff640b --- /dev/null +++ b/CVE-2020/CVE-2020-183xx/CVE-2020-18382.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2020-18382", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:15:55.203", + "lastModified": "2023-08-22T19:15:55.203", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Heap-buffer-overflow in /src/wasm/wasm-binary.cpp in wasm::WasmBinaryBuilder::visitBlock(wasm::Block*) in Binaryen 1.38.26. A crafted wasm input can cause a segmentation fault, leading to denial-of-service, as demonstrated by wasm-opt." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/WebAssembly/binaryen/issues/1900", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2020/CVE-2020-184xx/CVE-2020-18494.json b/CVE-2020/CVE-2020-184xx/CVE-2020-18494.json new file mode 100644 index 00000000000..486f85908df --- /dev/null +++ b/CVE-2020/CVE-2020-184xx/CVE-2020-18494.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2020-18494", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:15:55.267", + "lastModified": "2023-08-22T19:15:55.267", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Buffer Overflow vulnerability in function H5S_close in H5S.c in HDF5 1.10.4 allows remote attackers to run arbitrary code via creation of crafted file." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/magicSwordsMan/PAAFS/tree/master/vul12", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2020/CVE-2020-186xx/CVE-2020-18651.json b/CVE-2020/CVE-2020-186xx/CVE-2020-18651.json new file mode 100644 index 00000000000..0d5a865f8a5 --- /dev/null +++ b/CVE-2020/CVE-2020-186xx/CVE-2020-18651.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2020-18651", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:15:55.360", + "lastModified": "2023-08-22T19:15:55.360", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Buffer Overflow vulnerability in function ID3_Support::ID3v2Frame::getFrameValue in exempi 2.5.0 and earlier allows remote attackers to cause a denial of service via opening of crafted audio file with ID3V2 frame." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://gitlab.freedesktop.org/libopenraw/exempi/commit/fdd4765a699f9700850098b43b9798b933acb32f", + "source": "cve@mitre.org" + }, + { + "url": "https://gitlab.freedesktop.org/libopenraw/exempi/issues/13", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2020/CVE-2020-186xx/CVE-2020-18652.json b/CVE-2020/CVE-2020-186xx/CVE-2020-18652.json new file mode 100644 index 00000000000..4c62c391848 --- /dev/null +++ b/CVE-2020/CVE-2020-186xx/CVE-2020-18652.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2020-18652", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:15:55.423", + "lastModified": "2023-08-22T19:15:55.423", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Buffer Overflow vulnerability in WEBP_Support.cpp in exempi 2.5.0 and earlier allows remote attackers to cause a denial of service via opening of crafted webp file." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://gitlab.freedesktop.org/libopenraw/exempi/commit/acee2894ceb91616543927c2a6e45050c60f98f7", + "source": "cve@mitre.org" + }, + { + "url": "https://gitlab.freedesktop.org/libopenraw/exempi/issues/12", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2020/CVE-2020-187xx/CVE-2020-18768.json b/CVE-2020/CVE-2020-187xx/CVE-2020-18768.json new file mode 100644 index 00000000000..b4bfce2c98c --- /dev/null +++ b/CVE-2020/CVE-2020-187xx/CVE-2020-18768.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2020-18768", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:15:55.480", + "lastModified": "2023-08-22T19:15:55.480", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "There exists one heap buffer overflow in _TIFFmemcpy in tif_unix.c in libtiff 4.0.10, which allows an attacker to cause a denial-of-service through a crafted tiff file." + } + ], + "metrics": {}, + "references": [ + { + "url": "http://bugzilla.maptools.org/show_bug.cgi?id=2848", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2020/CVE-2020-187xx/CVE-2020-18770.json b/CVE-2020/CVE-2020-187xx/CVE-2020-18770.json new file mode 100644 index 00000000000..b93c99fe2d9 --- /dev/null +++ b/CVE-2020/CVE-2020-187xx/CVE-2020-18770.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2020-18770", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:15:55.550", + "lastModified": "2023-08-22T19:15:55.550", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An issue was discovered in function zzip_disk_entry_to_file_header in mmapped.c in zziplib 0.13.69, which will lead to a denial-of-service." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/gdraheim/zziplib/issues/69", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2020/CVE-2020-187xx/CVE-2020-18780.json b/CVE-2020/CVE-2020-187xx/CVE-2020-18780.json new file mode 100644 index 00000000000..156aeaf1572 --- /dev/null +++ b/CVE-2020/CVE-2020-187xx/CVE-2020-18780.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2020-18780", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:15:55.740", + "lastModified": "2023-08-22T19:15:55.740", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A Use After Free vulnerability in function new_Token in asm/preproc.c in nasm 2.14.02 allows attackers to cause a denial of service via crafted nasm command." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://bugzilla.nasm.us/show_bug.cgi?id=3392634", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2020/CVE-2020-187xx/CVE-2020-18781.json b/CVE-2020/CVE-2020-187xx/CVE-2020-18781.json new file mode 100644 index 00000000000..0acb7ad3283 --- /dev/null +++ b/CVE-2020/CVE-2020-187xx/CVE-2020-18781.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2020-18781", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:15:56.027", + "lastModified": "2023-08-22T19:15:56.027", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Heap buffer overflow vulnerability in FilePOSIX::read in File.cpp in audiofile 0.3.6 may cause denial-of-service via a crafted wav file, this bug can be triggered by the executable sfconvert." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/mpruett/audiofile/issues/56", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2020/CVE-2020-188xx/CVE-2020-18831.json b/CVE-2020/CVE-2020-188xx/CVE-2020-18831.json new file mode 100644 index 00000000000..8a8886352c9 --- /dev/null +++ b/CVE-2020/CVE-2020-188xx/CVE-2020-18831.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2020-18831", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:15:56.220", + "lastModified": "2023-08-22T19:15:56.220", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Buffer Overflow vulnerability in tEXtToDataBuf function in pngimage.cpp in Exiv2 0.27.1 allows remote attackers to cause a denial of service and other unspecified impacts via use of crafted file." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/Exiv2/exiv2/issues/828", + "source": "cve@mitre.org" + }, + { + "url": "https://www.exiv2.org/download.html", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2020/CVE-2020-188xx/CVE-2020-18839.json b/CVE-2020/CVE-2020-188xx/CVE-2020-18839.json new file mode 100644 index 00000000000..b8104fb748f --- /dev/null +++ b/CVE-2020/CVE-2020-188xx/CVE-2020-18839.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2020-18839", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:15:56.570", + "lastModified": "2023-08-22T19:15:56.570", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Buffer Overflow vulnerability in HtmlOutputDev::page in poppler 0.75.0 allows attackers to cause a denial of service." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://gitlab.freedesktop.org/poppler/poppler/issues/742", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2020/CVE-2020-191xx/CVE-2020-19185.json b/CVE-2020/CVE-2020-191xx/CVE-2020-19185.json new file mode 100644 index 00000000000..45e504b104a --- /dev/null +++ b/CVE-2020/CVE-2020-191xx/CVE-2020-19185.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2020-19185", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:15:57.233", + "lastModified": "2023-08-22T19:15:57.233", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Buffer Overflow vulnerability in one_one_mapping function in progs/dump_entry.c:1373 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/zjuchenyuan/fuzzpoc/blob/master/infotocap_poc1.md", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2020/CVE-2020-191xx/CVE-2020-19186.json b/CVE-2020/CVE-2020-191xx/CVE-2020-19186.json new file mode 100644 index 00000000000..a105c1902e6 --- /dev/null +++ b/CVE-2020/CVE-2020-191xx/CVE-2020-19186.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2020-19186", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:15:58.247", + "lastModified": "2023-08-22T19:15:58.247", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Buffer Overflow vulnerability in _nc_find_entry function in tinfo/comp_hash.c:66 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/zjuchenyuan/fuzzpoc/blob/master/infotocap_poc2.md", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2020/CVE-2020-191xx/CVE-2020-19187.json b/CVE-2020/CVE-2020-191xx/CVE-2020-19187.json new file mode 100644 index 00000000000..e53a3f87965 --- /dev/null +++ b/CVE-2020/CVE-2020-191xx/CVE-2020-19187.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2020-19187", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:15:59.317", + "lastModified": "2023-08-22T19:15:59.317", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Buffer Overflow vulnerability in fmt_entry function in progs/dump_entry.c:1100 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/zjuchenyuan/fuzzpoc/blob/master/infotocap_poc3.md", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2020/CVE-2020-191xx/CVE-2020-19188.json b/CVE-2020/CVE-2020-191xx/CVE-2020-19188.json new file mode 100644 index 00000000000..1e16dc478ca --- /dev/null +++ b/CVE-2020/CVE-2020-191xx/CVE-2020-19188.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2020-19188", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:00.380", + "lastModified": "2023-08-22T19:16:00.380", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Buffer Overflow vulnerability in fmt_entry function in progs/dump_entry.c:1116 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/zjuchenyuan/fuzzpoc/blob/master/infotocap_poc4.md", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2020/CVE-2020-191xx/CVE-2020-19189.json b/CVE-2020/CVE-2020-191xx/CVE-2020-19189.json new file mode 100644 index 00000000000..08691e5a3b0 --- /dev/null +++ b/CVE-2020/CVE-2020-191xx/CVE-2020-19189.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2020-19189", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:01.020", + "lastModified": "2023-08-22T19:16:01.020", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Buffer Overflow vulnerability in postprocess_terminfo function in tinfo/parse_entry.c:997 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/zjuchenyuan/fuzzpoc/blob/master/infotocap_poc5.md", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2020/CVE-2020-191xx/CVE-2020-19190.json b/CVE-2020/CVE-2020-191xx/CVE-2020-19190.json new file mode 100644 index 00000000000..0be2f2d5a33 --- /dev/null +++ b/CVE-2020/CVE-2020-191xx/CVE-2020-19190.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2020-19190", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:01.803", + "lastModified": "2023-08-22T19:16:01.803", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Buffer Overflow vulnerability in _nc_find_entry in tinfo/comp_hash.c:70 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/zjuchenyuan/fuzzpoc/blob/master/infotocap_poc6.md", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2020/CVE-2020-195xx/CVE-2020-19500.json b/CVE-2020/CVE-2020-195xx/CVE-2020-19500.json new file mode 100644 index 00000000000..54607efe68b --- /dev/null +++ b/CVE-2020/CVE-2020-195xx/CVE-2020-19500.json @@ -0,0 +1,15 @@ +{ + "id": "CVE-2020-19500", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:02.470", + "lastModified": "2023-08-22T19:16:02.470", + "vulnStatus": "Rejected", + "descriptions": [ + { + "lang": "en", + "value": "** REJECT ** DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none." + } + ], + "metrics": {}, + "references": [] +} \ No newline at end of file diff --git a/CVE-2020/CVE-2020-197xx/CVE-2020-19724.json b/CVE-2020/CVE-2020-197xx/CVE-2020-19724.json new file mode 100644 index 00000000000..17da5b9bd1c --- /dev/null +++ b/CVE-2020/CVE-2020-197xx/CVE-2020-19724.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2020-19724", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:03.767", + "lastModified": "2023-08-22T19:16:03.767", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A memory consumption issue in get_data function in binutils/nm.c in GNU nm before 2.34 allows attackers to cause a denial of service via crafted command." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=25362", + "source": "cve@mitre.org" + }, + { + "url": "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=805f38bc551de820bcd7b31d3c5731ae27cf853a", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2020/CVE-2020-197xx/CVE-2020-19725.json b/CVE-2020/CVE-2020-197xx/CVE-2020-19725.json new file mode 100644 index 00000000000..d440bdeeb3a --- /dev/null +++ b/CVE-2020/CVE-2020-197xx/CVE-2020-19725.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2020-19725", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:04.567", + "lastModified": "2023-08-22T19:16:04.567", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "There is a use-after-free vulnerability in file pdd_simplifier.cpp in Z3 before 4.8.8. It occurs when the solver attempt to simplify the constraints and causes unexpected memory access. It can cause segmentation faults or arbitrary code execution." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/Z3Prover/z3/issues/3363", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2020/CVE-2020-197xx/CVE-2020-19726.json b/CVE-2020/CVE-2020-197xx/CVE-2020-19726.json new file mode 100644 index 00000000000..cacb011701a --- /dev/null +++ b/CVE-2020/CVE-2020-197xx/CVE-2020-19726.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2020-19726", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:05.730", + "lastModified": "2023-08-22T19:16:05.730", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An issue was discovered in binutils libbfd.c 2.36 relating to the auxiliary symbol data allows attackers to read or write to system memory or cause a denial of service." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=26240", + "source": "cve@mitre.org" + }, + { + "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=26241", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2020/CVE-2020-199xx/CVE-2020-19909.json b/CVE-2020/CVE-2020-199xx/CVE-2020-19909.json new file mode 100644 index 00000000000..4daf697631f --- /dev/null +++ b/CVE-2020/CVE-2020-199xx/CVE-2020-19909.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2020-19909", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:06.480", + "lastModified": "2023-08-22T19:16:06.480", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Integer overflow vulnerability in tool_operate.c in curl 7.65.2 via crafted value as the retry delay." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/curl/curl/pull/4166", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2020/CVE-2020-201xx/CVE-2020-20145.json b/CVE-2020/CVE-2020-201xx/CVE-2020-20145.json new file mode 100644 index 00000000000..806e2b389e4 --- /dev/null +++ b/CVE-2020/CVE-2020-201xx/CVE-2020-20145.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2020-20145", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:07.323", + "lastModified": "2023-08-22T19:16:07.323", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An issue was discovered in /src/helper.c in Dnsmasq up to and including 2.80 allows attackers to cause a denial of service via function create_helper." + } + ], + "metrics": {}, + "references": [ + { + "url": "http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=69bc94779c2f035a9fffdb5327a54c3aeca73ed5", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2020/CVE-2020-208xx/CVE-2020-20813.json b/CVE-2020/CVE-2020-208xx/CVE-2020-20813.json new file mode 100644 index 00000000000..d513c351ecb --- /dev/null +++ b/CVE-2020/CVE-2020-208xx/CVE-2020-20813.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2020-20813", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:08.247", + "lastModified": "2023-08-22T19:16:08.247", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Control Channel in OpenVPN 2.4.7 and earlier allows remote attackers to cause a denial of service via crafted reset packet." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://www.freebuf.com/vuls/215171.html", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2020/CVE-2020-210xx/CVE-2020-21047.json b/CVE-2020/CVE-2020-210xx/CVE-2020-21047.json new file mode 100644 index 00000000000..6ce8ce9aacd --- /dev/null +++ b/CVE-2020/CVE-2020-210xx/CVE-2020-21047.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2020-21047", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:09.657", + "lastModified": "2023-08-22T19:16:09.657", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The libcpu component which is used by libasm of elfutils version 0.177 (git 47780c9e), suffers from denial-of-service vulnerability caused by application crashes due to out-of-bounds write (CWE-787), off-by-one error (CWE-193) and reachable assertion (CWE-617); to exploit the vulnerability, the attackers need to craft certain ELF files which bypass the missing bound checks." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=25068", + "source": "cve@mitre.org" + }, + { + "url": "https://sourceware.org/git/?p=elfutils.git;a=commitdiff;h=99dc63b10b3878616b85df2dfd2e4e7103e414b8", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2020/CVE-2020-214xx/CVE-2020-21426.json b/CVE-2020/CVE-2020-214xx/CVE-2020-21426.json new file mode 100644 index 00000000000..f7c8c89d6ab --- /dev/null +++ b/CVE-2020/CVE-2020-214xx/CVE-2020-21426.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2020-21426", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:10.540", + "lastModified": "2023-08-22T19:16:10.540", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Buffer Overflow vulnerability in function C_IStream::read in PluginEXR.cpp in FreeImage 3.18.0 allows remote attackers to run arbitrary code and cause other impacts via crafted image file." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://sourceforge.net/p/freeimage/bugs/300/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2020/CVE-2020-214xx/CVE-2020-21427.json b/CVE-2020/CVE-2020-214xx/CVE-2020-21427.json new file mode 100644 index 00000000000..ac5cd94fc76 --- /dev/null +++ b/CVE-2020/CVE-2020-214xx/CVE-2020-21427.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2020-21427", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:11.423", + "lastModified": "2023-08-22T19:16:11.423", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Buffer Overflow vulnerability in function LoadPixelDataRLE8 in PluginBMP.cpp in FreeImage 3.18.0 allows remote attackers to run arbitrary code and cause other impacts via crafted image file." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://sourceforge.net/p/freeimage/bugs/298/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2020/CVE-2020-214xx/CVE-2020-21428.json b/CVE-2020/CVE-2020-214xx/CVE-2020-21428.json new file mode 100644 index 00000000000..5c9c79edb86 --- /dev/null +++ b/CVE-2020/CVE-2020-214xx/CVE-2020-21428.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2020-21428", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:12.293", + "lastModified": "2023-08-22T19:16:12.293", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Buffer Overflow vulnerability in function LoadRGB in PluginDDS.cpp in FreeImage 3.18.0 allows remote attackers to run arbitrary code and cause other impacts via crafted image file." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://sourceforge.net/p/freeimage/bugs/299/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2020/CVE-2020-214xx/CVE-2020-21469.json b/CVE-2020/CVE-2020-214xx/CVE-2020-21469.json new file mode 100644 index 00000000000..7910bdbd684 --- /dev/null +++ b/CVE-2020/CVE-2020-214xx/CVE-2020-21469.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2020-21469", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:13.257", + "lastModified": "2023-08-22T19:16:13.257", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An issue was discovered in PostgreSQL 12.2 allows attackers to cause a denial of service via repeatedly sending SIGHUP signals." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://www.postgresql.org/message-id/CAA8ZSMqAHDCgo07hqKoM5XJaoQy6Vv76O7966agez4ffyQktkA%40mail.gmail.com", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2020/CVE-2020-214xx/CVE-2020-21490.json b/CVE-2020/CVE-2020-214xx/CVE-2020-21490.json new file mode 100644 index 00000000000..25ae2f9353b --- /dev/null +++ b/CVE-2020/CVE-2020-214xx/CVE-2020-21490.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2020-21490", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:13.720", + "lastModified": "2023-08-22T19:16:13.720", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An issue was discovered in GNU Binutils 2.34. It is a memory leak when process microblaze-dis.c. This one will consume memory on each insn disassembled." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=25249", + "source": "cve@mitre.org" + }, + { + "url": "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=378fd436405b3051df34ac995b2e03fe1f3d1907", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2020/CVE-2020-215xx/CVE-2020-21528.json b/CVE-2020/CVE-2020-215xx/CVE-2020-21528.json new file mode 100644 index 00000000000..26a7e4331d5 --- /dev/null +++ b/CVE-2020/CVE-2020-215xx/CVE-2020-21528.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2020-21528", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:13.803", + "lastModified": "2023-08-22T19:16:13.803", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A Segmentation Fault issue discovered in in ieee_segment function in outieee.c in nasm 2.14.03 and 2.15 allows remote attackers to cause a denial of service via crafted assembly file." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://bugzilla.nasm.us/show_bug.cgi?id=3392637", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2020/CVE-2020-215xx/CVE-2020-21583.json b/CVE-2020/CVE-2020-215xx/CVE-2020-21583.json new file mode 100644 index 00000000000..9a8126d521c --- /dev/null +++ b/CVE-2020/CVE-2020-215xx/CVE-2020-21583.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2020-21583", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:13.890", + "lastModified": "2023-08-22T19:16:13.890", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An issue was discovered in hwclock.13-v2.27 allows attackers to gain escalated privlidges or execute arbitrary commands via the path parameter when setting the date." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=786804", + "source": "cve@mitre.org" + }, + { + "url": "https://packetstormsecurity.com/files/132061/hwclock-Privilege-Escalation.html", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2020/CVE-2020-216xx/CVE-2020-21679.json b/CVE-2020/CVE-2020-216xx/CVE-2020-21679.json new file mode 100644 index 00000000000..7e0290e365a --- /dev/null +++ b/CVE-2020/CVE-2020-216xx/CVE-2020-21679.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2020-21679", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:13.990", + "lastModified": "2023-08-22T19:16:13.990", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Buffer Overflow vulnerability in WritePCXImage function in pcx.c in GraphicsMagick 1.4 allows remote attackers to cause a denial of service via converting of crafted image file to pcx format." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://sourceforge.net/p/graphicsmagick/bugs/619/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2020/CVE-2020-216xx/CVE-2020-21685.json b/CVE-2020/CVE-2020-216xx/CVE-2020-21685.json new file mode 100644 index 00000000000..bbe6d011ebe --- /dev/null +++ b/CVE-2020/CVE-2020-216xx/CVE-2020-21685.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2020-21685", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:14.087", + "lastModified": "2023-08-22T19:16:14.087", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Buffer Overflow vulnerability in hash_findi function in hashtbl.c in nasm 2.15rc0 allows remote attackers to cause a denial of service via crafted asm file." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://bugzilla.nasm.us/show_bug.cgi?id=3392644", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2020/CVE-2020-216xx/CVE-2020-21686.json b/CVE-2020/CVE-2020-216xx/CVE-2020-21686.json new file mode 100644 index 00000000000..3098d089382 --- /dev/null +++ b/CVE-2020/CVE-2020-216xx/CVE-2020-21686.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2020-21686", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:14.327", + "lastModified": "2023-08-22T19:16:14.327", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A stack-use-after-scope issue discovered in expand_mmac_params function in preproc.c in nasm before 2.15.04 allows remote attackers to cause a denial of service via crafted asm file." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://bugzilla.nasm.us/show_bug.cgi?id=3392643", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2020/CVE-2020-216xx/CVE-2020-21687.json b/CVE-2020/CVE-2020-216xx/CVE-2020-21687.json new file mode 100644 index 00000000000..f9768e69506 --- /dev/null +++ b/CVE-2020/CVE-2020-216xx/CVE-2020-21687.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2020-21687", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:15.000", + "lastModified": "2023-08-22T19:16:15.000", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Buffer Overflow vulnerability in scan function in stdscan.c in nasm 2.15rc0 allows remote attackers to cause a denial of service via crafted asm file." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://bugzilla.nasm.us/show_bug.cgi?id=3392645", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2020/CVE-2020-216xx/CVE-2020-21699.json b/CVE-2020/CVE-2020-216xx/CVE-2020-21699.json new file mode 100644 index 00000000000..631a0b2a849 --- /dev/null +++ b/CVE-2020/CVE-2020-216xx/CVE-2020-21699.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2020-21699", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:15.847", + "lastModified": "2023-08-22T19:16:15.847", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The web server Tengine 2.2.2 developed in the Nginx version from 0.5.6 thru 1.13.2 is vulnerable to an integer overflow vulnerability in the nginx range filter module, resulting in the leakage of potentially sensitive information triggered by specially crafted requests." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/ZxDecide/Nginx-variants/blob/master/%E9%99%84%E4%BB%B6(Tengine).docx", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2020/CVE-2020-217xx/CVE-2020-21710.json b/CVE-2020/CVE-2020-217xx/CVE-2020-21710.json new file mode 100644 index 00000000000..918264666aa --- /dev/null +++ b/CVE-2020/CVE-2020-217xx/CVE-2020-21710.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2020-21710", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:16.127", + "lastModified": "2023-08-22T19:16:16.127", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A divide by zero issue discovered in eps_print_page in gdevepsn.c in Artifex Software GhostScript 9.50 allows remote attackers to cause a denial of service via opening of crafted PDF file." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://bugs.ghostscript.com/show_bug.cgi?id=701843", + "source": "cve@mitre.org" + }, + { + "url": "https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=4e713293de84b689c4ab358f3e110ea54aa81925", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2020/CVE-2020-217xx/CVE-2020-21722.json b/CVE-2020/CVE-2020-217xx/CVE-2020-21722.json new file mode 100644 index 00000000000..c81a956b5bb --- /dev/null +++ b/CVE-2020/CVE-2020-217xx/CVE-2020-21722.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2020-21722", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:17.080", + "lastModified": "2023-08-22T19:16:17.080", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Buffer Overflow vulnerability in oggvideotools 0.9.1 allows remote attackers to run arbitrary code via opening of crafted ogg file." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/xiaoxiongwang/security/tree/master/oggvideotools#segv-and-heap-use-after-free-detected-in-line-17-of-streamextractorcpp", + "source": "cve@mitre.org" + }, + { + "url": "https://sourceforge.net/p/oggvideotools/bugs/11/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2020/CVE-2020-217xx/CVE-2020-21723.json b/CVE-2020/CVE-2020-217xx/CVE-2020-21723.json new file mode 100644 index 00000000000..2a2058c01da --- /dev/null +++ b/CVE-2020/CVE-2020-217xx/CVE-2020-21723.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2020-21723", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:18.233", + "lastModified": "2023-08-22T19:16:18.233", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A Segmentation Fault issue discovered StreamSerializer::extractStreams function in streamSerializer.cpp in oggvideotools 0.9.1 allows remote attackers to cause a denial of service (crash) via opening of crafted ogg file." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/xiaoxiongwang/security/tree/master/oggvideotools#segv-occurs-in-function-streamserializerextractstreams-in-streamserializercpp", + "source": "cve@mitre.org" + }, + { + "url": "https://sourceforge.net/p/oggvideotools/bugs/10/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2020/CVE-2020-217xx/CVE-2020-21724.json b/CVE-2020/CVE-2020-217xx/CVE-2020-21724.json new file mode 100644 index 00000000000..ca0910ab246 --- /dev/null +++ b/CVE-2020/CVE-2020-217xx/CVE-2020-21724.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2020-21724", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:18.657", + "lastModified": "2023-08-22T19:16:18.657", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Buffer Overflow vulnerability in ExtractorInformation function in streamExtractor.cpp in oggvideotools 0.9.1 allows remaote attackers to run arbitrary code via opening of crafted ogg file." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/xiaoxiongwang/security/tree/master/oggvideotools#segv-and-heap-overflow-detected-in-line-17-of-streamextractorcpp", + "source": "cve@mitre.org" + }, + { + "url": "https://sourceforge.net/p/oggvideotools/bugs/9/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2020/CVE-2020-218xx/CVE-2020-21890.json b/CVE-2020/CVE-2020-218xx/CVE-2020-21890.json new file mode 100644 index 00000000000..05862c27719 --- /dev/null +++ b/CVE-2020/CVE-2020-218xx/CVE-2020-21890.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2020-21890", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:18.730", + "lastModified": "2023-08-22T19:16:18.730", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Buffer Overflow vulnerability in clj_media_size function in devices/gdevclj.c in Artifex Ghostscript 9.50 allows remote attackers to cause a denial of service or other unspecified impact(s) via opening of crafted PDF document." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://bugs.ghostscript.com/show_bug.cgi?id=701846", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2020/CVE-2020-218xx/CVE-2020-21896.json b/CVE-2020/CVE-2020-218xx/CVE-2020-21896.json new file mode 100644 index 00000000000..5f328711ef5 --- /dev/null +++ b/CVE-2020/CVE-2020-218xx/CVE-2020-21896.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2020-21896", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:18.793", + "lastModified": "2023-08-22T19:16:18.793", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A Use After Free vulnerability in svg_dev_text_span_as_paths_defs function in source/fitz/svg-device.c in Artifex Software MuPDF 1.16.0 allows remote attackers to cause a denial of service via opening of a crafted PDF file." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://bugs.ghostscript.com/show_bug.cgi?id=701294", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2020/CVE-2020-221xx/CVE-2020-22181.json b/CVE-2020/CVE-2020-221xx/CVE-2020-22181.json new file mode 100644 index 00000000000..dc969a15df9 --- /dev/null +++ b/CVE-2020/CVE-2020-221xx/CVE-2020-22181.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2020-22181", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:18.910", + "lastModified": "2023-08-22T19:16:18.910", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A reflected cross site scripting (XSS) vulnerability was discovered on Samsung sww-3400rw Router devices via the m2 parameter of the sess-bin/command.cgi" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/gusrmsdlrh/Vulner/blob/master/Sww-3400rw.md", + "source": "cve@mitre.org" + }, + { + "url": "https://security.samsungmobile.com/securityUpdate.smsb", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2020/CVE-2020-222xx/CVE-2020-22217.json b/CVE-2020/CVE-2020-222xx/CVE-2020-22217.json new file mode 100644 index 00000000000..6ca8cde801f --- /dev/null +++ b/CVE-2020/CVE-2020-222xx/CVE-2020-22217.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2020-22217", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:19.050", + "lastModified": "2023-08-22T19:16:19.050", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Buffer overflow vulnerability in c-ares before 1_16_1 thru 1_17_0 via function ares_parse_soa_reply in ares_parse_soa_reply.c." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/c-ares/c-ares/issues/333", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2020/CVE-2020-222xx/CVE-2020-22218.json b/CVE-2020/CVE-2020-222xx/CVE-2020-22218.json new file mode 100644 index 00000000000..2ce886c4b0a --- /dev/null +++ b/CVE-2020/CVE-2020-222xx/CVE-2020-22218.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2020-22218", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:19.120", + "lastModified": "2023-08-22T19:16:19.120", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An issue was discovered in function _libssh2_packet_add in libssh2 1.10.0 allows attackers to access out of bounds memory." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/libssh2/libssh2/pull/476", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2020/CVE-2020-222xx/CVE-2020-22219.json b/CVE-2020/CVE-2020-222xx/CVE-2020-22219.json new file mode 100644 index 00000000000..a9d90f8a1fa --- /dev/null +++ b/CVE-2020/CVE-2020-222xx/CVE-2020-22219.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2020-22219", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:19.190", + "lastModified": "2023-08-22T19:16:19.190", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Buffer Overflow vulnerability in function bitwriter_grow_ in flac before 1.4.0 allows remote attackers to run arbitrary code via crafted input to the encoder." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/xiph/flac/issues/215", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2020/CVE-2020-225xx/CVE-2020-22524.json b/CVE-2020/CVE-2020-225xx/CVE-2020-22524.json new file mode 100644 index 00000000000..5f1e9474152 --- /dev/null +++ b/CVE-2020/CVE-2020-225xx/CVE-2020-22524.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2020-22524", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:19.243", + "lastModified": "2023-08-22T19:16:19.243", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Buffer Overflow vulnerability in FreeImage_Load function in FreeImage Library 3.19.0(r1828) allows attackers to cuase a denial of service via crafted PFM file." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://sourceforge.net/p/freeimage/bugs/319/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2020/CVE-2020-225xx/CVE-2020-22570.json b/CVE-2020/CVE-2020-225xx/CVE-2020-22570.json new file mode 100644 index 00000000000..b0180db2c3f --- /dev/null +++ b/CVE-2020/CVE-2020-225xx/CVE-2020-22570.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2020-22570", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:19.297", + "lastModified": "2023-08-22T19:16:19.297", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Memcached 1.6.0 before 1.6.3 allows remote attackers to cause a denial of service (daemon crash) via a crafted meta command." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/memcached/memcached/issues/636", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2020/CVE-2020-226xx/CVE-2020-22628.json b/CVE-2020/CVE-2020-226xx/CVE-2020-22628.json new file mode 100644 index 00000000000..3915e366d24 --- /dev/null +++ b/CVE-2020/CVE-2020-226xx/CVE-2020-22628.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2020-22628", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:19.353", + "lastModified": "2023-08-22T19:16:19.353", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Buffer Overflow vulnerability in LibRaw::stretch() function in libraw\\src\\postprocessing\\aspect_ratio.cpp." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/LibRaw/LibRaw/issues/269", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2020/CVE-2020-229xx/CVE-2020-22916.json b/CVE-2020/CVE-2020-229xx/CVE-2020-22916.json new file mode 100644 index 00000000000..299adcb6857 --- /dev/null +++ b/CVE-2020/CVE-2020-229xx/CVE-2020-22916.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2020-22916", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:19.407", + "lastModified": "2023-08-22T19:16:19.407", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An issue discovered in XZ 5.2.5 allows attackers to cause a denial of service via decompression of crafted file." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/snappyJack/CVE-request-XZ-5.2.5-has-denial-of-service-vulnerability", + "source": "cve@mitre.org" + }, + { + "url": "https://tukaani.org/xz/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2020/CVE-2020-237xx/CVE-2020-23793.json b/CVE-2020/CVE-2020-237xx/CVE-2020-23793.json new file mode 100644 index 00000000000..b99b79d4991 --- /dev/null +++ b/CVE-2020/CVE-2020-237xx/CVE-2020-23793.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2020-23793", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:19.463", + "lastModified": "2023-08-22T19:16:19.463", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An issue was discovered in spice-server spice-server-0.14.0-6.el7_6.1.x86_64 of Redhat's VDI product. There is a security vulnerablility that can restart KVMvirtual machine without any authorization. It is not yet known if there will be other other effects." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/zelat/spice-security-issues", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2020/CVE-2020-238xx/CVE-2020-23804.json b/CVE-2020/CVE-2020-238xx/CVE-2020-23804.json new file mode 100644 index 00000000000..b755a55ee0f --- /dev/null +++ b/CVE-2020/CVE-2020-238xx/CVE-2020-23804.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2020-23804", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:19.520", + "lastModified": "2023-08-22T19:16:19.520", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Uncontrolled Recursion in pdfinfo, and pdftops in poppler 0.89.0 allows remote attackers to cause a denial of service via crafted input." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://gitlab.freedesktop.org/poppler/poppler/-/issues/936", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2020/CVE-2020-239xx/CVE-2020-23992.json b/CVE-2020/CVE-2020-239xx/CVE-2020-23992.json new file mode 100644 index 00000000000..a6a2010f08d --- /dev/null +++ b/CVE-2020/CVE-2020-239xx/CVE-2020-23992.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2020-23992", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:19.580", + "lastModified": "2023-08-22T19:16:19.580", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Cross Site Scripting (XSS) in Nagios XI 5.7.1 allows remote attackers to run arbitrary code via returnUrl parameter in a crafted GET request." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/EmreOvunc/Nagios-XI-Reflected-XSS", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2020/CVE-2020-242xx/CVE-2020-24292.json b/CVE-2020/CVE-2020-242xx/CVE-2020-24292.json new file mode 100644 index 00000000000..a2f7bbbbe7d --- /dev/null +++ b/CVE-2020/CVE-2020-242xx/CVE-2020-24292.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2020-24292", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:19.647", + "lastModified": "2023-08-22T19:16:19.647", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Buffer Overflow vulnerability in load function in PluginICO.cpp in FreeImage 3.19.0 [r1859] allows remote attackers to run arbitrary code via opening of crafted ico file." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://sourceforge.net/p/freeimage/discussion/36111/thread/afb98701eb/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2020/CVE-2020-242xx/CVE-2020-24293.json b/CVE-2020/CVE-2020-242xx/CVE-2020-24293.json new file mode 100644 index 00000000000..cf25e2745d4 --- /dev/null +++ b/CVE-2020/CVE-2020-242xx/CVE-2020-24293.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2020-24293", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:19.703", + "lastModified": "2023-08-22T19:16:19.703", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Buffer Overflow vulnerability in psdThumbnail::Read in PSDParser.cpp in FreeImage 3.19.0 [r1859] allows remote attackers to run arbitrary code via opening of crafted psd file." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://sourceforge.net/p/freeimage/discussion/36111/thread/afb98701eb/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2020/CVE-2020-242xx/CVE-2020-24294.json b/CVE-2020/CVE-2020-242xx/CVE-2020-24294.json new file mode 100644 index 00000000000..8a46c00618d --- /dev/null +++ b/CVE-2020/CVE-2020-242xx/CVE-2020-24294.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2020-24294", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:19.760", + "lastModified": "2023-08-22T19:16:19.760", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Buffer Overflow vulnerability in psdParser::UnpackRLE function in PSDParser.cpp in FreeImage 3.19.0 [r1859] allows remote attackers to cuase a denial of service via opening of crafted psd file." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://sourceforge.net/p/freeimage/discussion/36111/thread/afb98701eb/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2020/CVE-2020-242xx/CVE-2020-24295.json b/CVE-2020/CVE-2020-242xx/CVE-2020-24295.json new file mode 100644 index 00000000000..02706840ba1 --- /dev/null +++ b/CVE-2020/CVE-2020-242xx/CVE-2020-24295.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2020-24295", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:19.827", + "lastModified": "2023-08-22T19:16:19.827", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Buffer Overflow vulnerability in PSDParser.cpp::ReadImageLine() in FreeImage 3.19.0 [r1859] allows remote attackers to ru narbitrary code via use of crafted psd file." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://sourceforge.net/p/freeimage/discussion/36111/thread/afb98701eb/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2020/CVE-2020-258xx/CVE-2020-25887.json b/CVE-2020/CVE-2020-258xx/CVE-2020-25887.json new file mode 100644 index 00000000000..3391efbe296 --- /dev/null +++ b/CVE-2020/CVE-2020-258xx/CVE-2020-25887.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2020-25887", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:19.887", + "lastModified": "2023-08-22T19:16:19.887", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Buffer overflow in mg_resolve_from_hosts_file in Mongoose 6.18, when reading from a crafted hosts file." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/cesanta/mongoose/issues/1140", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2020/CVE-2020-266xx/CVE-2020-26652.json b/CVE-2020/CVE-2020-266xx/CVE-2020-26652.json new file mode 100644 index 00000000000..b751d0038e4 --- /dev/null +++ b/CVE-2020/CVE-2020-266xx/CVE-2020-26652.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2020-26652", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:19.943", + "lastModified": "2023-08-22T19:16:19.943", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An issue was discovered in function nl80211_send_chandef in rtl8812au v5.6.4.2 allows attackers to cause a denial of service." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/aircrack-ng/rtl8812au/issues/730", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2020/CVE-2020-266xx/CVE-2020-26683.json b/CVE-2020/CVE-2020-266xx/CVE-2020-26683.json new file mode 100644 index 00000000000..8e3341c20bc --- /dev/null +++ b/CVE-2020/CVE-2020-266xx/CVE-2020-26683.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2020-26683", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:19.997", + "lastModified": "2023-08-22T19:16:19.997", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A memory leak issue discovered in /pdf/pdf-font-add.c in Artifex Software MuPDF 1.17.0 allows attackers to obtain sensitive information." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://bugs.ghostscript.com/show_bug.cgi?id=702566", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2020/CVE-2020-274xx/CVE-2020-27418.json b/CVE-2020/CVE-2020-274xx/CVE-2020-27418.json new file mode 100644 index 00000000000..a1622a4adde --- /dev/null +++ b/CVE-2020/CVE-2020-274xx/CVE-2020-27418.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2020-27418", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:20.047", + "lastModified": "2023-08-22T19:16:20.047", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A Use After Free vulnerability in Fedora Linux kernel 5.9.0-rc9 allows attackers to obatin sensitive information via vgacon_invert_region() function." + } + ], + "metrics": {}, + "references": [ + { + "url": "http://fedora.com", + "source": "cve@mitre.org" + }, + { + "url": "https://patchwork.freedesktop.org/patch/356372/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2020/CVE-2020-353xx/CVE-2020-35342.json b/CVE-2020/CVE-2020-353xx/CVE-2020-35342.json new file mode 100644 index 00000000000..77ef9aaa351 --- /dev/null +++ b/CVE-2020/CVE-2020-353xx/CVE-2020-35342.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2020-35342", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:20.107", + "lastModified": "2023-08-22T19:16:20.107", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "GNU Binutils before 2.34 has an uninitialized-heap vulnerability in function tic4x_print_cond (file opcodes/tic4x-dis.c) which could allow attackers to make an information leak." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=25319", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2020/CVE-2020-353xx/CVE-2020-35357.json b/CVE-2020/CVE-2020-353xx/CVE-2020-35357.json new file mode 100644 index 00000000000..5043d758041 --- /dev/null +++ b/CVE-2020/CVE-2020-353xx/CVE-2020-35357.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2020-35357", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:20.167", + "lastModified": "2023-08-22T19:16:20.167", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A buffer overflow can occur when calculating the quantile value using the Statistics Library of GSL (GNU Scientific Library), versions 2.5 and 2.6. Processing a maliciously crafted input data for gsl_stats_quantile_from_sorted_data of the library may lead to unexpected application termination or arbitrary code execution." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.savannah.gnu.org/cgit/gsl.git/commit/?id=989a193268b963aa1047814f7f1402084fb7d859", + "source": "cve@mitre.org" + }, + { + "url": "https://savannah.gnu.org/bugs/?59624", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2021/CVE-2021-293xx/CVE-2021-29390.json b/CVE-2021/CVE-2021-293xx/CVE-2021-29390.json new file mode 100644 index 00000000000..83e342d71af --- /dev/null +++ b/CVE-2021/CVE-2021-293xx/CVE-2021-29390.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2021-29390", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:20.237", + "lastModified": "2023-08-22T19:16:20.237", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "libjpeg-turbo version 2.0.90 is vulnerable to a heap-buffer-overflow vulnerability in decompress_smooth_data in jdcoefct.c." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1943797", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2021/CVE-2021-300xx/CVE-2021-30047.json b/CVE-2021/CVE-2021-300xx/CVE-2021-30047.json new file mode 100644 index 00000000000..460b43c6e64 --- /dev/null +++ b/CVE-2021/CVE-2021-300xx/CVE-2021-30047.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2021-30047", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:20.290", + "lastModified": "2023-08-22T19:16:20.290", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "VSFTPD 3.0.3 allows attackers to cause a denial of service due to limited number of connections allowed." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://www.exploit-db.com/exploits/49719", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2021/CVE-2021-322xx/CVE-2021-32292.json b/CVE-2021/CVE-2021-322xx/CVE-2021-32292.json new file mode 100644 index 00000000000..eebbd2a32ca --- /dev/null +++ b/CVE-2021/CVE-2021-322xx/CVE-2021-32292.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2021-32292", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:20.350", + "lastModified": "2023-08-22T19:16:20.350", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An issue was discovered in json-c through 0.15-20200726. A stack-buffer-overflow exists in the function parseit located in json_parse.c. It allows an attacker to cause code Execution." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/json-c/json-c/issues/654", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2021/CVE-2021-324xx/CVE-2021-32420.json b/CVE-2021/CVE-2021-324xx/CVE-2021-32420.json new file mode 100644 index 00000000000..2b9242528aa --- /dev/null +++ b/CVE-2021/CVE-2021-324xx/CVE-2021-32420.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2021-32420", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:20.407", + "lastModified": "2023-08-22T19:16:20.407", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "dpic 2021.01.01 has a Heap-based Buffer Overflow in thestorestring function in dpic.y." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://gitlab.com/aplevich/dpic/-/commit/d317e4066c17f9ceb359b3af13264c32f6fb43cf", + "source": "cve@mitre.org" + }, + { + "url": "https://gitlab.com/aplevich/dpic/-/issues/5", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2021/CVE-2021-324xx/CVE-2021-32421.json b/CVE-2021/CVE-2021-324xx/CVE-2021-32421.json new file mode 100644 index 00000000000..b4fb5e3f4f5 --- /dev/null +++ b/CVE-2021/CVE-2021-324xx/CVE-2021-32421.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2021-32421", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:20.460", + "lastModified": "2023-08-22T19:16:20.460", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "dpic 2021.01.01 has a Heap Use-After-Free in thedeletestringbox() function in dpic.y." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://gitlab.com/aplevich/dpic/-/commit/d317e4066c17f9ceb359b3af13264c32f6fb43cf", + "source": "cve@mitre.org" + }, + { + "url": "https://gitlab.com/aplevich/dpic/-/issues/7", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2021/CVE-2021-324xx/CVE-2021-32422.json b/CVE-2021/CVE-2021-324xx/CVE-2021-32422.json new file mode 100644 index 00000000000..adc100b1067 --- /dev/null +++ b/CVE-2021/CVE-2021-324xx/CVE-2021-32422.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2021-32422", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:20.510", + "lastModified": "2023-08-22T19:16:20.510", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "dpic 2021.01.01 has a Global buffer overflow in theyylex() function in main.c and reads out of the bound array." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://gitlab.com/aplevich/dpic/-/commit/d317e4066c17f9ceb359b3af13264c32f6fb43cf", + "source": "cve@mitre.org" + }, + { + "url": "https://gitlab.com/aplevich/dpic/-/issues/6", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2021/CVE-2021-333xx/CVE-2021-33388.json b/CVE-2021/CVE-2021-333xx/CVE-2021-33388.json new file mode 100644 index 00000000000..29b912caa43 --- /dev/null +++ b/CVE-2021/CVE-2021-333xx/CVE-2021-33388.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2021-33388", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:20.567", + "lastModified": "2023-08-22T19:16:20.567", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "dpic 2021.04.10 has a Heap Buffer Overflow in themakevar() function in dpic.y" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://gitlab.com/aplevich/dpic/-/issues/8", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2021/CVE-2021-333xx/CVE-2021-33390.json b/CVE-2021/CVE-2021-333xx/CVE-2021-33390.json new file mode 100644 index 00000000000..6147437c8ce --- /dev/null +++ b/CVE-2021/CVE-2021-333xx/CVE-2021-33390.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2021-33390", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:20.617", + "lastModified": "2023-08-22T19:16:20.617", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "dpic 2021.04.10 has a use-after-free in thedeletestringbox() function in dpic.y. A different vulnerablility than CVE-2021-32421." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://gitlab.com/aplevich/dpic/-/issues/10", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2021/CVE-2021-341xx/CVE-2021-34193.json b/CVE-2021/CVE-2021-341xx/CVE-2021-34193.json new file mode 100644 index 00000000000..d24d230e09c --- /dev/null +++ b/CVE-2021/CVE-2021-341xx/CVE-2021-34193.json @@ -0,0 +1,64 @@ +{ + "id": "CVE-2021-34193", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:20.913", + "lastModified": "2023-08-22T19:16:20.913", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Stack overflow vulnerability in OpenSC smart card middleware before 0.23 via crafted responses to APDUs." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=27719", + "source": "cve@mitre.org" + }, + { + "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28185", + "source": "cve@mitre.org" + }, + { + "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28383", + "source": "cve@mitre.org" + }, + { + "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28768", + "source": "cve@mitre.org" + }, + { + "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28843", + "source": "cve@mitre.org" + }, + { + "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28855", + "source": "cve@mitre.org" + }, + { + "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=29912", + "source": "cve@mitre.org" + }, + { + "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=30112", + "source": "cve@mitre.org" + }, + { + "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=30800", + "source": "cve@mitre.org" + }, + { + "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31448", + "source": "cve@mitre.org" + }, + { + "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31540", + "source": "cve@mitre.org" + }, + { + "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32149", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2021/CVE-2021-353xx/CVE-2021-35309.json b/CVE-2021/CVE-2021-353xx/CVE-2021-35309.json new file mode 100644 index 00000000000..be25f4cebb9 --- /dev/null +++ b/CVE-2021/CVE-2021-353xx/CVE-2021-35309.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2021-35309", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:21.367", + "lastModified": "2023-08-22T19:16:21.367", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An issue discovered in Samsung SyncThru Web Service SPL 5.93 06-09-2014 allows attackers to gain escalated privileges via MITM attacks." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/mustafa-turgut/cve-subscriptions/tree/main/samsung-stws", + "source": "cve@mitre.org" + }, + { + "url": "https://security.samsungmobile.com/securityUpdate.smsb", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2021/CVE-2021-402xx/CVE-2021-40211.json b/CVE-2021/CVE-2021-402xx/CVE-2021-40211.json new file mode 100644 index 00000000000..51753db9530 --- /dev/null +++ b/CVE-2021/CVE-2021-402xx/CVE-2021-40211.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2021-40211", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:21.427", + "lastModified": "2023-08-22T19:16:21.427", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An issue was discovered with ImageMagick 7.1.0-4 via Division by zero in function ReadEnhMetaFile of coders/emf.c." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/ImageMagick/ImageMagick/issues/4097", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2021/CVE-2021-402xx/CVE-2021-40262.json b/CVE-2021/CVE-2021-402xx/CVE-2021-40262.json new file mode 100644 index 00000000000..b9eefde62d6 --- /dev/null +++ b/CVE-2021/CVE-2021-402xx/CVE-2021-40262.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2021-40262", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:21.487", + "lastModified": "2023-08-22T19:16:21.487", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A stack exhaustion issue was discovered in FreeImage before 1.18.0 via the Validate function in PluginRAW.cpp." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://sourceforge.net/p/freeimage/bugs/338/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2021/CVE-2021-402xx/CVE-2021-40263.json b/CVE-2021/CVE-2021-402xx/CVE-2021-40263.json new file mode 100644 index 00000000000..6682b695ee2 --- /dev/null +++ b/CVE-2021/CVE-2021-402xx/CVE-2021-40263.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2021-40263", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:21.540", + "lastModified": "2023-08-22T19:16:21.540", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A heap overflow vulnerability in FreeImage 1.18.0 via the ofLoad function in PluginTIFF.cpp." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://sourceforge.net/p/freeimage/bugs/336/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2021/CVE-2021-402xx/CVE-2021-40264.json b/CVE-2021/CVE-2021-402xx/CVE-2021-40264.json new file mode 100644 index 00000000000..a7a6496d067 --- /dev/null +++ b/CVE-2021/CVE-2021-402xx/CVE-2021-40264.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2021-40264", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:21.597", + "lastModified": "2023-08-22T19:16:21.597", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "NULL pointer dereference vulnerability in FreeImage before 1.18.0 via the FreeImage_CloneTag function inFreeImageTag.cpp." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://sourceforge.net/p/freeimage/bugs/335/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2021/CVE-2021-402xx/CVE-2021-40265.json b/CVE-2021/CVE-2021-402xx/CVE-2021-40265.json new file mode 100644 index 00000000000..09e22f5efea --- /dev/null +++ b/CVE-2021/CVE-2021-402xx/CVE-2021-40265.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2021-40265", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:21.650", + "lastModified": "2023-08-22T19:16:21.650", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A heap overflow bug exists FreeImage before 1.18.0 via ofLoad function in PluginJPEG.cpp." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://sourceforge.net/p/freeimage/bugs/337/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2021/CVE-2021-402xx/CVE-2021-40266.json b/CVE-2021/CVE-2021-402xx/CVE-2021-40266.json new file mode 100644 index 00000000000..07d8740229a --- /dev/null +++ b/CVE-2021/CVE-2021-402xx/CVE-2021-40266.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2021-40266", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:21.707", + "lastModified": "2023-08-22T19:16:21.707", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "FreeImage before 1.18.0, ReadPalette function in PluginTIFF.cpp is vulnerabile to null pointer dereference." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://sourceforge.net/p/freeimage/bugs/334/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2021/CVE-2021-431xx/CVE-2021-43171.json b/CVE-2021/CVE-2021-431xx/CVE-2021-43171.json new file mode 100644 index 00000000000..95ec44bddd8 --- /dev/null +++ b/CVE-2021/CVE-2021-431xx/CVE-2021-43171.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2021-43171", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:21.760", + "lastModified": "2023-08-22T19:16:21.760", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper verification of applications' cryptographic signatures in the /e/OS app store client App Lounge before 0.19q allows attackers in control of the application server to install malicious applications on user's systems by altering the server's API response." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://gitlab.e.foundation/e/os/releases/-/releases/v0.19-q#sparkles-we-embedded-other-improvements", + "source": "cve@mitre.org" + }, + { + "url": "https://nervuri.net/e/apps", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2021/CVE-2021-461xx/CVE-2021-46174.json b/CVE-2021/CVE-2021-461xx/CVE-2021-46174.json new file mode 100644 index 00000000000..79addf09c31 --- /dev/null +++ b/CVE-2021/CVE-2021-461xx/CVE-2021-46174.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2021-46174", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:21.820", + "lastModified": "2023-08-22T19:16:21.820", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Heap-based Buffer Overflow in function bfd_getl32 in Binutils objdump 3.37." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=28753", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2021/CVE-2021-461xx/CVE-2021-46179.json b/CVE-2021/CVE-2021-461xx/CVE-2021-46179.json new file mode 100644 index 00000000000..3e8bef73c54 --- /dev/null +++ b/CVE-2021/CVE-2021-461xx/CVE-2021-46179.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2021-46179", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:21.883", + "lastModified": "2023-08-22T19:16:21.883", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Reachable Assertion vulnerability in upx before 4.0.0 allows attackers to cause a denial of service via crafted file passed to the the readx function." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/upx/upx/issues/545", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2021/CVE-2021-463xx/CVE-2021-46310.json b/CVE-2021/CVE-2021-463xx/CVE-2021-46310.json new file mode 100644 index 00000000000..fe7be5a5262 --- /dev/null +++ b/CVE-2021/CVE-2021-463xx/CVE-2021-46310.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2021-46310", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:21.940", + "lastModified": "2023-08-22T19:16:21.940", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An issue was discovered IW44Image.cpp in djvulibre 3.5.28 in allows attackers to cause a denial of service via divide by zero." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://sourceforge.net/p/djvu/bugs/345/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2021/CVE-2021-463xx/CVE-2021-46312.json b/CVE-2021/CVE-2021-463xx/CVE-2021-46312.json new file mode 100644 index 00000000000..f018f3a4622 --- /dev/null +++ b/CVE-2021/CVE-2021-463xx/CVE-2021-46312.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2021-46312", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:21.993", + "lastModified": "2023-08-22T19:16:21.993", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An issue was discovered IW44EncodeCodec.cpp in djvulibre 3.5.28 in allows attackers to cause a denial of service via divide by zero." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://sourceforge.net/p/djvu/bugs/344/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-244xx/CVE-2022-24439.json b/CVE-2022/CVE-2022-244xx/CVE-2022-24439.json index 4246c62dae4..ea458ee9fa0 100644 --- a/CVE-2022/CVE-2022-244xx/CVE-2022-24439.json +++ b/CVE-2022/CVE-2022-244xx/CVE-2022-24439.json @@ -2,7 +2,7 @@ "id": "CVE-2022-24439", "sourceIdentifier": "report@snyk.io", "published": "2022-12-06T05:15:11.420", - "lastModified": "2023-07-25T12:15:10.570", + "lastModified": "2023-08-22T19:16:22.050", "vulnStatus": "Modified", "descriptions": [ { @@ -124,6 +124,10 @@ "Third Party Advisory" ] }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PF6AXUTC5BO7L2SBJMCVKJSPKWY52I5R/", + "source": "report@snyk.io" + }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SJHN3QUXPJIMM6SULIR3PR34UFWRAE7X/", "source": "report@snyk.io", diff --git a/CVE-2022/CVE-2022-250xx/CVE-2022-25024.json b/CVE-2022/CVE-2022-250xx/CVE-2022-25024.json new file mode 100644 index 00000000000..4116624ceff --- /dev/null +++ b/CVE-2022/CVE-2022-250xx/CVE-2022-25024.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2022-25024", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:22.173", + "lastModified": "2023-08-22T19:16:22.173", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The json2xml package through 3.12.0 for Python allows an error in typecode decoding enabling a remote attack that can lead to an exception, causing a denial of service." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/vinitkumar/json2xml/issues/106", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/vinitkumar/json2xml/pull/107", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/vinitkumar/json2xml/pull/107/files", + "source": "cve@mitre.org" + }, + { + "url": "https://packaging.python.org/en/latest/guides/analyzing-pypi-package-downloads/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-265xx/CVE-2022-26592.json b/CVE-2022/CVE-2022-265xx/CVE-2022-26592.json new file mode 100644 index 00000000000..9871d08ef1e --- /dev/null +++ b/CVE-2022/CVE-2022-265xx/CVE-2022-26592.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2022-26592", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:22.240", + "lastModified": "2023-08-22T19:16:22.240", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Stack Overflow vulnerability in libsass 3.6.5 via the CompoundSelector::has_real_parent_ref function." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/sass/libsass/issues/3174", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-280xx/CVE-2022-28068.json b/CVE-2022/CVE-2022-280xx/CVE-2022-28068.json new file mode 100644 index 00000000000..af9751f1fa2 --- /dev/null +++ b/CVE-2022/CVE-2022-280xx/CVE-2022-28068.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2022-28068", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:22.423", + "lastModified": "2023-08-22T19:16:22.423", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A heap buffer overflow in r_sleb128 function in radare2 5.4.2 and 5.4.0." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/radareorg/radare2/commit/637f4bd1af6752e28e0a9998e954e2e9ce6fa992", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-280xx/CVE-2022-28069.json b/CVE-2022/CVE-2022-280xx/CVE-2022-28069.json new file mode 100644 index 00000000000..3335f3c5e3d --- /dev/null +++ b/CVE-2022/CVE-2022-280xx/CVE-2022-28069.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2022-28069", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:22.513", + "lastModified": "2023-08-22T19:16:22.513", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A heap buffer overflow in vax_opfunction in radare2 5.4.2 and 5.4.0." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/radareorg/radare2/commit/49b0cebfdf0db9704e36f8a5533f1df6d3e2ed3a", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-280xx/CVE-2022-28070.json b/CVE-2022/CVE-2022-280xx/CVE-2022-28070.json new file mode 100644 index 00000000000..ed7a1c46a98 --- /dev/null +++ b/CVE-2022/CVE-2022-280xx/CVE-2022-28070.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2022-28070", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:22.583", + "lastModified": "2023-08-22T19:16:22.583", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A null pointer deference in __core_anal_fcn function in radare2 5.4.2 and 5.4.0." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/radareorg/radare2/commit/4aff1bb00224de4f5bc118f987dfd5d2fe3450d0", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-280xx/CVE-2022-28071.json b/CVE-2022/CVE-2022-280xx/CVE-2022-28071.json new file mode 100644 index 00000000000..636d82e2539 --- /dev/null +++ b/CVE-2022/CVE-2022-280xx/CVE-2022-28071.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2022-28071", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:22.667", + "lastModified": "2023-08-22T19:16:22.667", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A use after free in r_reg_get_name_idx function in radare2 5.4.2 and 5.4.0." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/radareorg/radare2/commit/65448811e5b9582a19cf631e03cfcaa025a92ef5", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-280xx/CVE-2022-28072.json b/CVE-2022/CVE-2022-280xx/CVE-2022-28072.json new file mode 100644 index 00000000000..55de80cf15f --- /dev/null +++ b/CVE-2022/CVE-2022-280xx/CVE-2022-28072.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2022-28072", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:22.740", + "lastModified": "2023-08-22T19:16:22.740", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A heap buffer overflow in r_read_le32 function in radare25.4.2 and 5.4.0." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/radareorg/radare2/commit/027cd9b7274988bb1af866539ba6c2fa2ff63e45", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-280xx/CVE-2022-28073.json b/CVE-2022/CVE-2022-280xx/CVE-2022-28073.json new file mode 100644 index 00000000000..3bdee226d1e --- /dev/null +++ b/CVE-2022/CVE-2022-280xx/CVE-2022-28073.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2022-28073", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:22.843", + "lastModified": "2023-08-22T19:16:22.843", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A use after free in r_reg_set_value function in radare2 5.4.2 and 5.4.0." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/radareorg/radare2/commit/59a9dfb60acf8b5c0312061cffd9693fc9526053", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-296xx/CVE-2022-29654.json b/CVE-2022/CVE-2022-296xx/CVE-2022-29654.json new file mode 100644 index 00000000000..a2be33b2af2 --- /dev/null +++ b/CVE-2022/CVE-2022-296xx/CVE-2022-29654.json @@ -0,0 +1,28 @@ +{ + "id": "CVE-2022-29654", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:22.940", + "lastModified": "2023-08-22T19:16:22.940", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Buffer overflow vulnerability in quote_for_pmake in asm/nasm.c in nasm before 2.15.05 allows attackers to cause a denial of service via crafted file." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://gcc.gnu.org/onlinedocs/gcc/Instrumentation-Options.html", + "source": "cve@mitre.org" + }, + { + "url": "https://gist.github.com/naihsin/b96e2c5c2c81621b46557fd7aacd165f", + "source": "cve@mitre.org" + }, + { + "url": "https://www.nasm.us/pub/nasm/releasebuilds/2.15.05/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-340xx/CVE-2022-34038.json b/CVE-2022/CVE-2022-340xx/CVE-2022-34038.json new file mode 100644 index 00000000000..ec78021d663 --- /dev/null +++ b/CVE-2022/CVE-2022-340xx/CVE-2022-34038.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2022-34038", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:23.000", + "lastModified": "2023-08-22T19:16:23.000", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Etcd v3.5.4 allows remote attackers to cause a denial of service via function PageWriter.write in pagewriter.go" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/etcd-io/etcd/pull/14022", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/etcd-io/etcd/pull/14452", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-352xx/CVE-2022-35205.json b/CVE-2022/CVE-2022-352xx/CVE-2022-35205.json new file mode 100644 index 00000000000..4153f29ce20 --- /dev/null +++ b/CVE-2022/CVE-2022-352xx/CVE-2022-35205.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2022-35205", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:23.060", + "lastModified": "2023-08-22T19:16:23.060", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An issue was discovered in Binutils readelf 2.38.50, reachable assertion failure in function display_debug_names allows attackers to cause a denial of service." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=29289", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-352xx/CVE-2022-35206.json b/CVE-2022/CVE-2022-352xx/CVE-2022-35206.json new file mode 100644 index 00000000000..162a5fddd5d --- /dev/null +++ b/CVE-2022/CVE-2022-352xx/CVE-2022-35206.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2022-35206", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:23.113", + "lastModified": "2023-08-22T19:16:23.113", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Null pointer dereference vulnerability in Binutils readelf 2.38.50 via function read_and_display_attr_value in file dwarf.c." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=29290", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-352xx/CVE-2022-35229.json b/CVE-2022/CVE-2022-352xx/CVE-2022-35229.json index 2fd3e6da6fc..a2c9a242bc6 100644 --- a/CVE-2022/CVE-2022-352xx/CVE-2022-35229.json +++ b/CVE-2022/CVE-2022-352xx/CVE-2022-35229.json @@ -2,7 +2,7 @@ "id": "CVE-2022-35229", "sourceIdentifier": "security@zabbix.com", "published": "2022-07-06T11:15:08.967", - "lastModified": "2023-04-12T16:15:14.627", + "lastModified": "2023-08-22T19:16:23.167", "vulnStatus": "Modified", "descriptions": [ { @@ -147,6 +147,10 @@ "url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00013.html", "source": "security@zabbix.com" }, + { + "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00027.html", + "source": "security@zabbix.com" + }, { "url": "https://support.zabbix.com/browse/ZBX-21306", "source": "security@zabbix.com", diff --git a/CVE-2022/CVE-2022-366xx/CVE-2022-36648.json b/CVE-2022/CVE-2022-366xx/CVE-2022-36648.json new file mode 100644 index 00000000000..2b1f9f20c43 --- /dev/null +++ b/CVE-2022/CVE-2022-366xx/CVE-2022-36648.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2022-36648", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:23.293", + "lastModified": "2023-08-22T19:16:23.293", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "The hardware emulation in the of_dpa_cmd_add_l2_flood of rocker device model in QEMU, as used in 7.0.0 and earlier, allows remote attackers to crash the host qemu and potentially execute code on the host via execute a malformed program in the guest OS." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://lists.nongnu.org/archive/html/qemu-devel/2022-06/msg04469.html", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-370xx/CVE-2022-37050.json b/CVE-2022/CVE-2022-370xx/CVE-2022-37050.json new file mode 100644 index 00000000000..8cff5bed79e --- /dev/null +++ b/CVE-2022/CVE-2022-370xx/CVE-2022-37050.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2022-37050", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:23.657", + "lastModified": "2023-08-22T19:16:23.657", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In Poppler 22.07.0, PDFDoc::savePageAs in PDFDoc.c callows attackers to cause a denial-of-service (application crashes with SIGABRT) by crafting a PDF file in which the xref data structure is mishandled in getCatalog processing. Note that this vulnerability is caused by the incomplete patch of CVE-2018-20662." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://gitlab.freedesktop.org/poppler/poppler/-/commit/dcd5bd8238ea448addd102ff045badd0aca1b990", + "source": "cve@mitre.org" + }, + { + "url": "https://gitlab.freedesktop.org/poppler/poppler/-/issues/1274", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-370xx/CVE-2022-37051.json b/CVE-2022/CVE-2022-370xx/CVE-2022-37051.json new file mode 100644 index 00000000000..94050818965 --- /dev/null +++ b/CVE-2022/CVE-2022-370xx/CVE-2022-37051.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2022-37051", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:23.733", + "lastModified": "2023-08-22T19:16:23.733", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An issue was discovered in Poppler 22.07.0. There is a reachable abort which leads to denial of service because the main function in pdfunite.cc lacks a stream check before saving an embedded file." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://gitlab.freedesktop.org/poppler/poppler/-/commit/4631115647c1e4f0482ffe0491c2f38d2231337b", + "source": "cve@mitre.org" + }, + { + "url": "https://gitlab.freedesktop.org/poppler/poppler/-/issues/1276", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-370xx/CVE-2022-37052.json b/CVE-2022/CVE-2022-370xx/CVE-2022-37052.json new file mode 100644 index 00000000000..26d2b774cee --- /dev/null +++ b/CVE-2022/CVE-2022-370xx/CVE-2022-37052.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2022-37052", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:23.800", + "lastModified": "2023-08-22T19:16:23.800", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A reachable Object::getString assertion in Poppler 22.07.0 allows attackers to cause a denial of service due to a failure in markObject." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://gitlab.freedesktop.org/poppler/poppler/-/commit/8677500399fc2548fa816b619580c2c07915a98c", + "source": "cve@mitre.org" + }, + { + "url": "https://gitlab.freedesktop.org/poppler/poppler/-/issues/1278", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-383xx/CVE-2022-38349.json b/CVE-2022/CVE-2022-383xx/CVE-2022-38349.json new file mode 100644 index 00000000000..76088b9f26d --- /dev/null +++ b/CVE-2022/CVE-2022-383xx/CVE-2022-38349.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2022-38349", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:23.880", + "lastModified": "2023-08-22T19:16:23.880", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An issue was discovered in Poppler 22.08.0. There is a reachable assertion in Object.h, will lead to denial of service because PDFDoc::replacePageDict in PDFDoc.cc lacks a stream check before saving an embedded file." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://gitlab.freedesktop.org/poppler/poppler/-/commit/4564a002bcb6094cc460bc0d5ddff9423fe6dd28", + "source": "cve@mitre.org" + }, + { + "url": "https://gitlab.freedesktop.org/poppler/poppler/-/issues/1282", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-400xx/CVE-2022-40090.json b/CVE-2022/CVE-2022-400xx/CVE-2022-40090.json new file mode 100644 index 00000000000..4ec1a904749 --- /dev/null +++ b/CVE-2022/CVE-2022-400xx/CVE-2022-40090.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2022-40090", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:23.943", + "lastModified": "2023-08-22T19:16:23.943", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An issue was discovered in function TIFFReadDirectory libtiff before 4.4.0 allows attackers to cause a denial of service via crafted TIFF file." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://gitlab.com/libtiff/libtiff/-/issues/455", + "source": "cve@mitre.org" + }, + { + "url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/386", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-404xx/CVE-2022-40433.json b/CVE-2022/CVE-2022-404xx/CVE-2022-40433.json new file mode 100644 index 00000000000..cc0e009064a --- /dev/null +++ b/CVE-2022/CVE-2022-404xx/CVE-2022-40433.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2022-40433", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:24.010", + "lastModified": "2023-08-22T19:16:24.010", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An issue was discovered in function ciMethodBlocks::make_block_at in Oracle JDK (HotSpot VM) 11, 17 and OpenJDK (HotSpot VM) 8, 11, 17, allows attackers to cause a denial of service." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://bugs.openjdk.org/browse/JDK-8283441", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/openjdk/jdk11u-dev/pull/1183", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/openjdk/jdk13u-dev/pull/394", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/openjdk/jdk15u-dev/pull/261", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-409xx/CVE-2022-40982.json b/CVE-2022/CVE-2022-409xx/CVE-2022-40982.json index ae1dbf5b50d..b8c1b2c8269 100644 --- a/CVE-2022/CVE-2022-409xx/CVE-2022-40982.json +++ b/CVE-2022/CVE-2022-409xx/CVE-2022-40982.json @@ -2,7 +2,7 @@ "id": "CVE-2022-40982", "sourceIdentifier": "secure@intel.com", "published": "2023-08-11T03:15:14.823", - "lastModified": "2023-08-18T03:15:08.847", + "lastModified": "2023-08-22T19:16:24.077", "vulnStatus": "Modified", "descriptions": [ { @@ -16838,6 +16838,10 @@ "Third Party Advisory" ] }, + { + "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00026.html", + "source": "secure@intel.com" + }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HKREYYTWUY7ZDNIB2N6H5BUJ3LE5VZPE/", "source": "secure@intel.com" diff --git a/CVE-2022/CVE-2022-414xx/CVE-2022-41444.json b/CVE-2022/CVE-2022-414xx/CVE-2022-41444.json new file mode 100644 index 00000000000..a66aacc62fd --- /dev/null +++ b/CVE-2022/CVE-2022-414xx/CVE-2022-41444.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2022-41444", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:28.320", + "lastModified": "2023-08-22T19:16:28.320", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Cross Site Scripting (XSS) vulnerability in Cacti 1.2.21 via crafted POST request to graphs_new.php." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://gist.github.com/enferas/9079535112e4f4ff2c1d2ce1c099d4c2", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-418xx/CVE-2022-41804.json b/CVE-2022/CVE-2022-418xx/CVE-2022-41804.json index 385585c4c84..073b845335f 100644 --- a/CVE-2022/CVE-2022-418xx/CVE-2022-41804.json +++ b/CVE-2022/CVE-2022-418xx/CVE-2022-41804.json @@ -2,7 +2,7 @@ "id": "CVE-2022-41804", "sourceIdentifier": "secure@intel.com", "published": "2023-08-11T03:15:15.063", - "lastModified": "2023-08-18T03:15:14.097", + "lastModified": "2023-08-22T19:16:28.407", "vulnStatus": "Modified", "descriptions": [ { @@ -5231,6 +5231,10 @@ "Vendor Advisory" ] }, + { + "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00026.html", + "source": "secure@intel.com" + }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HKREYYTWUY7ZDNIB2N6H5BUJ3LE5VZPE/", "source": "secure@intel.com" diff --git a/CVE-2022/CVE-2022-433xx/CVE-2022-43357.json b/CVE-2022/CVE-2022-433xx/CVE-2022-43357.json new file mode 100644 index 00000000000..0e1e102eb33 --- /dev/null +++ b/CVE-2022/CVE-2022-433xx/CVE-2022-43357.json @@ -0,0 +1,28 @@ +{ + "id": "CVE-2022-43357", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:29.527", + "lastModified": "2023-08-22T19:16:29.527", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Stack overflow vulnerability in ast_selectors.cpp in function Sass::CompoundSelector::has_real_parent_ref in libsass:3.6.5-8-g210218, which can be exploited by attackers to causea denial of service (DoS). Also affects the command line driver for libsass, sassc 3.6.2." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://drive.google.com/file/d/1aC5q3czen0atI91fuBIoCBFkS30_OSWX/", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/sass/libsass", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/sass/libsass/issues/3177", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-433xx/CVE-2022-43358.json b/CVE-2022/CVE-2022-433xx/CVE-2022-43358.json new file mode 100644 index 00000000000..2f46cba4e4f --- /dev/null +++ b/CVE-2022/CVE-2022-433xx/CVE-2022-43358.json @@ -0,0 +1,28 @@ +{ + "id": "CVE-2022-43358", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:29.603", + "lastModified": "2023-08-22T19:16:29.603", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Stack overflow vulnerability in ast_selectors.cpp: in function Sass::ComplexSelector::has_placeholder in libsass:3.6.5-8-g210218, which can be exploited by attackers to cause a denial of service (DoS)." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://drive.google.com/file/d/1j5fkPjWH9zQeTdO_4dMcZ-FpOBzP0MaI/", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/sass/libsass", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/sass/libsass/issues/3178", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-435xx/CVE-2022-43515.json b/CVE-2022/CVE-2022-435xx/CVE-2022-43515.json index f2fdcd0bd8b..69c6add14fa 100644 --- a/CVE-2022/CVE-2022-435xx/CVE-2022-43515.json +++ b/CVE-2022/CVE-2022-435xx/CVE-2022-43515.json @@ -2,8 +2,8 @@ "id": "CVE-2022-43515", "sourceIdentifier": "security@zabbix.com", "published": "2022-12-05T19:15:10.363", - "lastModified": "2023-02-03T21:23:01.430", - "vulnStatus": "Analyzed", + "lastModified": "2023-08-22T19:16:29.670", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -132,6 +132,10 @@ } ], "references": [ + { + "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00027.html", + "source": "security@zabbix.com" + }, { "url": "https://support.zabbix.com/browse/ZBX-22050", "source": "security@zabbix.com", diff --git a/CVE-2022/CVE-2022-442xx/CVE-2022-44215.json b/CVE-2022/CVE-2022-442xx/CVE-2022-44215.json new file mode 100644 index 00000000000..f92993f884e --- /dev/null +++ b/CVE-2022/CVE-2022-442xx/CVE-2022-44215.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2022-44215", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:29.777", + "lastModified": "2023-08-22T19:16:29.777", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "There is an open redirect vulnerability in Titan FTP server 19.0 and below. Users are redirected to any target URL." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://drive.google.com/file/d/1oLJaqs5RRNQLT1Hyy-tgEzzhGLB0506J/view?usp=sharing", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/JBalanza/CVE-2022-44215", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-447xx/CVE-2022-44729.json b/CVE-2022/CVE-2022-447xx/CVE-2022-44729.json new file mode 100644 index 00000000000..0872108eced --- /dev/null +++ b/CVE-2022/CVE-2022-447xx/CVE-2022-44729.json @@ -0,0 +1,36 @@ +{ + "id": "CVE-2022-44729", + "sourceIdentifier": "security@apache.org", + "published": "2023-08-22T19:16:29.833", + "lastModified": "2023-08-22T19:16:29.833", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Server-Side Request Forgery (SSRF) vulnerability in Apache Software Foundation Apache XML Graphics Batik.This issue affects Apache XML Graphics Batik: 1.16.\n\nOn version 1.16, a malicious SVG could trigger loading external resources by default, causing resource consumption or in some cases even information disclosure. Users are recommended to upgrade to version 1.17 or later.\n\n" + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "security@apache.org", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-918" + } + ] + } + ], + "references": [ + { + "url": "https://lists.apache.org/thread/hco2nw1typoorz33qzs0fcdx0ws6d6j2", + "source": "security@apache.org" + }, + { + "url": "https://xmlgraphics.apache.org/security.html", + "source": "security@apache.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-447xx/CVE-2022-44730.json b/CVE-2022/CVE-2022-447xx/CVE-2022-44730.json new file mode 100644 index 00000000000..6d3fe500ee4 --- /dev/null +++ b/CVE-2022/CVE-2022-447xx/CVE-2022-44730.json @@ -0,0 +1,36 @@ +{ + "id": "CVE-2022-44730", + "sourceIdentifier": "security@apache.org", + "published": "2023-08-22T19:16:29.930", + "lastModified": "2023-08-22T19:16:29.930", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Server-Side Request Forgery (SSRF) vulnerability in Apache Software Foundation Apache XML Graphics Batik.This issue affects Apache XML Graphics Batik: 1.16.\n\nA malicious SVG can probe user profile / data and send it directly as parameter to a URL.\n\n" + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "security@apache.org", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-918" + } + ] + } + ], + "references": [ + { + "url": "https://lists.apache.org/thread/58m5817jr059f4v1zogh0fngj9pwjyj0", + "source": "security@apache.org" + }, + { + "url": "https://xmlgraphics.apache.org/security.html", + "source": "security@apache.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-448xx/CVE-2022-44840.json b/CVE-2022/CVE-2022-448xx/CVE-2022-44840.json new file mode 100644 index 00000000000..b0324bfce8c --- /dev/null +++ b/CVE-2022/CVE-2022-448xx/CVE-2022-44840.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2022-44840", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:30.010", + "lastModified": "2023-08-22T19:16:30.010", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Heap buffer overflow vulnerability in binutils readelf before 2.40 via function find_section_in_set in file readelf.c." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=29732", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-455xx/CVE-2022-45582.json b/CVE-2022/CVE-2022-455xx/CVE-2022-45582.json new file mode 100644 index 00000000000..4abcb75dd2c --- /dev/null +++ b/CVE-2022/CVE-2022-455xx/CVE-2022-45582.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2022-45582", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:30.107", + "lastModified": "2023-08-22T19:16:30.107", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Open Redirect vulnerability in Horizon Web Dashboard 19.4.0 thru 20.1.4 via the success_url parameter." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://bugs.launchpad.net/horizon/+bug/1982676", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/openstack/horizon/blob/master/horizon/workflows/views.py#L96-L102", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-456xx/CVE-2022-45611.json b/CVE-2022/CVE-2022-456xx/CVE-2022-45611.json new file mode 100644 index 00000000000..47da64cd218 --- /dev/null +++ b/CVE-2022/CVE-2022-456xx/CVE-2022-45611.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2022-45611", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:30.167", + "lastModified": "2023-08-22T19:16:30.167", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An issue was discovered in Fresenius Kabi PharmaHelp 5.1.759.0 allows attackers to gain escalated privileges via via capture of user login information." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://www.fresenius-kabi.com/de-at/produkte/pharmahelp-compounder", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-457xx/CVE-2022-45703.json b/CVE-2022/CVE-2022-457xx/CVE-2022-45703.json new file mode 100644 index 00000000000..8db7ca278c4 --- /dev/null +++ b/CVE-2022/CVE-2022-457xx/CVE-2022-45703.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2022-45703", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:30.220", + "lastModified": "2023-08-22T19:16:30.220", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Heap buffer overflow vulnerability in binutils readelf before 2.40 via function display_debug_section in file readelf.c." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=29799", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-470xx/CVE-2022-47007.json b/CVE-2022/CVE-2022-470xx/CVE-2022-47007.json new file mode 100644 index 00000000000..25cb0361854 --- /dev/null +++ b/CVE-2022/CVE-2022-470xx/CVE-2022-47007.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2022-47007", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:30.293", + "lastModified": "2023-08-22T19:16:30.293", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An issue was discovered function stab_demangle_v3_arg in stabs.c in Binutils 2.34 thru 2.38, allows attackers to cause a denial of service due to memory leaks." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=29254", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-470xx/CVE-2022-47008.json b/CVE-2022/CVE-2022-470xx/CVE-2022-47008.json new file mode 100644 index 00000000000..069fe7877ad --- /dev/null +++ b/CVE-2022/CVE-2022-470xx/CVE-2022-47008.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2022-47008", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:30.350", + "lastModified": "2023-08-22T19:16:30.350", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An issue was discovered function make_tempdir, and make_tempname in bucomm.c in Binutils 2.34 thru 2.38, allows attackers to cause a denial of service due to memory leaks." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=29255%20", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-470xx/CVE-2022-47010.json b/CVE-2022/CVE-2022-470xx/CVE-2022-47010.json new file mode 100644 index 00000000000..18d87f0b97f --- /dev/null +++ b/CVE-2022/CVE-2022-470xx/CVE-2022-47010.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2022-47010", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:30.410", + "lastModified": "2023-08-22T19:16:30.410", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An issue was discovered function pr_function_type in prdbg.c in Binutils 2.34 thru 2.38, allows attackers to cause a denial of service due to memory leaks." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=29262", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-470xx/CVE-2022-47011.json b/CVE-2022/CVE-2022-470xx/CVE-2022-47011.json new file mode 100644 index 00000000000..11b3b0b6e17 --- /dev/null +++ b/CVE-2022/CVE-2022-470xx/CVE-2022-47011.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2022-47011", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:30.490", + "lastModified": "2023-08-22T19:16:30.490", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An issue was discovered function parse_stab_struct_fields in stabs.c in Binutils 2.34 thru 2.38, allows attackers to cause a denial of service due to memory leaks." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=29261", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-470xx/CVE-2022-47022.json b/CVE-2022/CVE-2022-470xx/CVE-2022-47022.json new file mode 100644 index 00000000000..4ce6d0d03a7 --- /dev/null +++ b/CVE-2022/CVE-2022-470xx/CVE-2022-47022.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2022-47022", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:30.547", + "lastModified": "2023-08-22T19:16:30.547", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An issue was discovered in open-mpi hwloc 2.1.0 allows attackers to cause a denial of service or other unspecified impacts via glibc-cpuset in topology-linux.c." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/open-mpi/hwloc/issues/544", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-470xx/CVE-2022-47069.json b/CVE-2022/CVE-2022-470xx/CVE-2022-47069.json new file mode 100644 index 00000000000..8134b4d2461 --- /dev/null +++ b/CVE-2022/CVE-2022-470xx/CVE-2022-47069.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2022-47069", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:30.617", + "lastModified": "2023-08-22T19:16:30.617", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "p7zip 16.02 was discovered to contain a heap-buffer-overflow vulnerability via the function NArchive::NZip::CInArchive::FindCd(bool) at CPP/7zip/Archive/Zip/ZipIn.cpp." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://sourceforge.net/p/p7zip/bugs/241/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-476xx/CVE-2022-47673.json b/CVE-2022/CVE-2022-476xx/CVE-2022-47673.json new file mode 100644 index 00000000000..37765615a8f --- /dev/null +++ b/CVE-2022/CVE-2022-476xx/CVE-2022-47673.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2022-47673", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:30.687", + "lastModified": "2023-08-22T19:16:30.687", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An issue was discovered in Binutils addr2line before 2.39.3, function parse_module contains multiple out of bound reads which may cause a denial of service or other unspecified impacts." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=29876", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-476xx/CVE-2022-47695.json b/CVE-2022/CVE-2022-476xx/CVE-2022-47695.json new file mode 100644 index 00000000000..2c4d2c8a92e --- /dev/null +++ b/CVE-2022/CVE-2022-476xx/CVE-2022-47695.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2022-47695", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:30.743", + "lastModified": "2023-08-22T19:16:30.743", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An issue was discovered Binutils objdump before 2.39.3 allows attackers to cause a denial of service or other unspecified impacts via function bfd_mach_o_get_synthetic_symtab in match-o.c." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=29846", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-476xx/CVE-2022-47696.json b/CVE-2022/CVE-2022-476xx/CVE-2022-47696.json new file mode 100644 index 00000000000..f6ad4d6393e --- /dev/null +++ b/CVE-2022/CVE-2022-476xx/CVE-2022-47696.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2022-47696", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:30.803", + "lastModified": "2023-08-22T19:16:30.803", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An issue was discovered Binutils objdump before 2.39.3 allows attackers to cause a denial of service or other unspecified impacts via function compare_symbols." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=29677", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-480xx/CVE-2022-48063.json b/CVE-2022/CVE-2022-480xx/CVE-2022-48063.json new file mode 100644 index 00000000000..33458a6e448 --- /dev/null +++ b/CVE-2022/CVE-2022-480xx/CVE-2022-48063.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2022-48063", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:30.867", + "lastModified": "2023-08-22T19:16:30.867", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "GNU Binutils before 2.40 was discovered to contain an excessive memory consumption vulnerability via the function load_separate_debug_files at dwarf2.c. The attacker could supply a crafted ELF file and cause a DNS attack." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=29924", + "source": "cve@mitre.org" + }, + { + "url": "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=75393a2d54bcc40053e5262a3de9d70c5ebfbbfd", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-480xx/CVE-2022-48064.json b/CVE-2022/CVE-2022-480xx/CVE-2022-48064.json new file mode 100644 index 00000000000..c2622a649c6 --- /dev/null +++ b/CVE-2022/CVE-2022-480xx/CVE-2022-48064.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2022-48064", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:30.937", + "lastModified": "2023-08-22T19:16:30.937", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "GNU Binutils before 2.40 was discovered to contain an excessive memory consumption vulnerability via the function bfd_dwarf2_find_nearest_line_with_alt at dwarf2.c. The attacker could supply a crafted ELF file and cause a DNS attack." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=29922", + "source": "cve@mitre.org" + }, + { + "url": "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=8f2c64de86bc3d7556121fe296dd679000283931", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-480xx/CVE-2022-48065.json b/CVE-2022/CVE-2022-480xx/CVE-2022-48065.json new file mode 100644 index 00000000000..98c988c30db --- /dev/null +++ b/CVE-2022/CVE-2022-480xx/CVE-2022-48065.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2022-48065", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:31.013", + "lastModified": "2023-08-22T19:16:31.013", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "GNU Binutils before 2.40 was discovered to contain a memory leak vulnerability var the function find_abstract_instance in dwarf2.c." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=29925", + "source": "cve@mitre.org" + }, + { + "url": "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=d28fbc7197ba0e021a43f873eff90b05dcdcff6a", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-481xx/CVE-2022-48174.json b/CVE-2022/CVE-2022-481xx/CVE-2022-48174.json new file mode 100644 index 00000000000..cb815a3e5ff --- /dev/null +++ b/CVE-2022/CVE-2022-481xx/CVE-2022-48174.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2022-48174", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:31.080", + "lastModified": "2023-08-22T19:16:31.080", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "There is a stack overflow vulnerability in ash.c:6030 in busybox before 1.35. In the environment of Internet of Vehicles, this vulnerability can be executed from command to arbitrary code execution." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://bugs.busybox.net/show_bug.cgi?id=15216", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-485xx/CVE-2022-48522.json b/CVE-2022/CVE-2022-485xx/CVE-2022-48522.json new file mode 100644 index 00000000000..1931f03fc13 --- /dev/null +++ b/CVE-2022/CVE-2022-485xx/CVE-2022-48522.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2022-48522", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:31.153", + "lastModified": "2023-08-22T19:16:31.153", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In Perl 5.34.0, function S_find_uninit_var in sv.c has a stack-based crash that can lead to remote code execution or local privilege escalation." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/Perl/perl5/blob/79a7b254d85a10b65126ad99bf10e70480569d68/sv.c#L16336-L16345", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-485xx/CVE-2022-48538.json b/CVE-2022/CVE-2022-485xx/CVE-2022-48538.json new file mode 100644 index 00000000000..835c1c0a994 --- /dev/null +++ b/CVE-2022/CVE-2022-485xx/CVE-2022-48538.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2022-48538", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:31.230", + "lastModified": "2023-08-22T19:16:31.230", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "In Cacti 1.2.19, there is an authentication bypass in the web login functionality because of improper validation in the PHP code: cacti_ldap_auth() allows a zero as the password." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://docs.cacti.net/Settings-Auth-LDAP.md", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/Cacti/cacti/issues/5189", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-485xx/CVE-2022-48541.json b/CVE-2022/CVE-2022-485xx/CVE-2022-48541.json new file mode 100644 index 00000000000..3c6a0d60768 --- /dev/null +++ b/CVE-2022/CVE-2022-485xx/CVE-2022-48541.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2022-48541", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:31.443", + "lastModified": "2023-08-22T19:16:31.443", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A memory leak in ImageMagick 7.0.10-45 and 6.9.11-22 allows remote attackers to perform a denial of service via the \"identify -help\" command." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/ImageMagick/ImageMagick/issues/2889", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-485xx/CVE-2022-48545.json b/CVE-2022/CVE-2022-485xx/CVE-2022-48545.json new file mode 100644 index 00000000000..f8f3e49a9ca --- /dev/null +++ b/CVE-2022/CVE-2022-485xx/CVE-2022-48545.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2022-48545", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:31.553", + "lastModified": "2023-08-22T19:16:31.553", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An infinite recursion in Catalog::findDestInTree can cause denial of service for xpdf 4.02." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://forum.xpdfreader.com/viewtopic.php?f=3&t=42092", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-485xx/CVE-2022-48547.json b/CVE-2022/CVE-2022-485xx/CVE-2022-48547.json new file mode 100644 index 00000000000..59ce35f3441 --- /dev/null +++ b/CVE-2022/CVE-2022-485xx/CVE-2022-48547.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2022-48547", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:31.647", + "lastModified": "2023-08-22T19:16:31.647", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A reflected cross-site scripting (XSS) vulnerability in Cacti 0.8.7g and earlier allows unauthenticated remote attackers to inject arbitrary web script or HTML in the \"ref\" parameter at auth_changepassword.php." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/Cacti/cacti/issues/1882", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-485xx/CVE-2022-48554.json b/CVE-2022/CVE-2022-485xx/CVE-2022-48554.json new file mode 100644 index 00000000000..db47bcb4b40 --- /dev/null +++ b/CVE-2022/CVE-2022-485xx/CVE-2022-48554.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2022-48554", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:31.757", + "lastModified": "2023-08-22T19:16:31.757", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "File before 5.43 has an stack-based buffer over-read in file_copystr in funcs.c. NOTE: \"File\" is the name of an Open Source project." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://bugs.astron.com/view.php?id=310", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-485xx/CVE-2022-48560.json b/CVE-2022/CVE-2022-485xx/CVE-2022-48560.json new file mode 100644 index 00000000000..370f011657f --- /dev/null +++ b/CVE-2022/CVE-2022-485xx/CVE-2022-48560.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2022-48560", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:31.827", + "lastModified": "2023-08-22T19:16:31.827", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A use-after-free exists in Python through 3.9 via heappushpop in heapq." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://bugs.python.org/issue39421", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-485xx/CVE-2022-48564.json b/CVE-2022/CVE-2022-485xx/CVE-2022-48564.json new file mode 100644 index 00000000000..d9b7fac7d51 --- /dev/null +++ b/CVE-2022/CVE-2022-485xx/CVE-2022-48564.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2022-48564", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:31.927", + "lastModified": "2023-08-22T19:16:31.927", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "read_ints in plistlib.py in Python through 3.9.1 is vulnerable to a potential DoS attack via CPU and RAM exhaustion when processing malformed Apple Property List files in binary format." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://bugs.python.org/issue42103", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-485xx/CVE-2022-48565.json b/CVE-2022/CVE-2022-485xx/CVE-2022-48565.json new file mode 100644 index 00000000000..1be9d6ad2c7 --- /dev/null +++ b/CVE-2022/CVE-2022-485xx/CVE-2022-48565.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2022-48565", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:32.007", + "lastModified": "2023-08-22T19:16:32.007", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An XML External Entity (XXE) issue was discovered in Python through 3.9.1. The plistlib module no longer accepts entity declarations in XML plist files to avoid XML vulnerabilities." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://bugs.python.org/issue42051", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-485xx/CVE-2022-48566.json b/CVE-2022/CVE-2022-485xx/CVE-2022-48566.json new file mode 100644 index 00000000000..96af0f69342 --- /dev/null +++ b/CVE-2022/CVE-2022-485xx/CVE-2022-48566.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2022-48566", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:32.087", + "lastModified": "2023-08-22T19:16:32.087", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An issue was discovered in compare_digest in Lib/hmac.py in Python through 3.9.1. Constant-time-defeating optimisations were possible in the accumulator variable in hmac.compare_digest." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://bugs.python.org/issue40791", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-485xx/CVE-2022-48570.json b/CVE-2022/CVE-2022-485xx/CVE-2022-48570.json new file mode 100644 index 00000000000..1f5a0e07483 --- /dev/null +++ b/CVE-2022/CVE-2022-485xx/CVE-2022-48570.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2022-48570", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:32.157", + "lastModified": "2023-08-22T19:16:32.157", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Crypto++ through 8.4 contains a timing side channel in ECDSA signature generation. Function FixedSizeAllocatorWithCleanup could write to memory outside of the allocation if the allocated memory was not 16-byte aligned. NOTE: this issue exists because the CVE-2019-14318 fix was intentionally removed for functionality reasons." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/weidai11/cryptopp/issues/992", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/weidai11/cryptopp/releases/tag/CRYPTOPP_8_4_0", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-485xx/CVE-2022-48571.json b/CVE-2022/CVE-2022-485xx/CVE-2022-48571.json new file mode 100644 index 00000000000..fadfe34982c --- /dev/null +++ b/CVE-2022/CVE-2022-485xx/CVE-2022-48571.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2022-48571", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:32.233", + "lastModified": "2023-08-22T19:16:32.233", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "memcached 1.6.7 allows a Denial of Service via multi-packet uploads in UDP." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/memcached/memcached/commit/6b319c8c7a29e9c353dec83dc92f01905f6c8966", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-08xx/CVE-2023-0871.json b/CVE-2023/CVE-2023-08xx/CVE-2023-0871.json index f6c0ee62f2b..c494822859b 100644 --- a/CVE-2023/CVE-2023-08xx/CVE-2023-0871.json +++ b/CVE-2023/CVE-2023-08xx/CVE-2023-0871.json @@ -2,8 +2,8 @@ "id": "CVE-2023-0871", "sourceIdentifier": "security@opennms.com", "published": "2023-08-11T17:15:08.980", - "lastModified": "2023-08-18T16:21:52.737", - "vulnStatus": "Analyzed", + "lastModified": "2023-08-22T19:16:32.307", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -37,20 +37,20 @@ "type": "Secondary", "cvssData": { "version": "3.1", - "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:L", "attackVector": "ADJACENT_NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "CHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "LOW", - "availabilityImpact": "NONE", - "baseScore": 7.6, - "baseSeverity": "HIGH" + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "LOW", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" }, "exploitabilityScore": 2.3, - "impactScore": 4.7 + "impactScore": 2.7 } ] }, diff --git a/CVE-2023/CVE-2023-201xx/CVE-2023-20197.json b/CVE-2023/CVE-2023-201xx/CVE-2023-20197.json index f8dc345a8b5..7c6db1142b9 100644 --- a/CVE-2023/CVE-2023-201xx/CVE-2023-20197.json +++ b/CVE-2023/CVE-2023-201xx/CVE-2023-20197.json @@ -2,7 +2,7 @@ "id": "CVE-2023-20197", "sourceIdentifier": "ykramarz@cisco.com", "published": "2023-08-16T22:15:10.510", - "lastModified": "2023-08-17T12:53:44.537", + "lastModified": "2023-08-22T19:16:32.447", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -35,6 +35,10 @@ ] }, "references": [ + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IISWNZUBAQL4MNBRKLDYG3SHTEGP5KEO/", + "source": "ykramarz@cisco.com" + }, { "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-rNwNEEee", "source": "ykramarz@cisco.com" diff --git a/CVE-2023/CVE-2023-205xx/CVE-2023-20589.json b/CVE-2023/CVE-2023-205xx/CVE-2023-20589.json index 7e215407011..79e50b70821 100644 --- a/CVE-2023/CVE-2023-205xx/CVE-2023-20589.json +++ b/CVE-2023/CVE-2023-205xx/CVE-2023-20589.json @@ -2,19 +2,3353 @@ "id": "CVE-2023-20589", "sourceIdentifier": "psirt@amd.com", "published": "2023-08-08T18:15:11.717", - "lastModified": "2023-08-08T18:33:14.257", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-22T18:34:00.837", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "\nAn attacker with specialized hardware and physical access to an impacted device may be able to perform a voltage fault injection attack resulting in compromise of the ASP secure boot potentially leading to arbitrary code execution.\u00a0\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "PHYSICAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 6.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_5_pro_3400g_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D403DB4C-6053-41D1-9A69-6B2BEB3ACD40" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_5_pro_3400g:-:*:*:*:*:*:*:*", + "matchCriteriaId": "43C5E75B-136B-4A60-9C2C-84D9C78C0453" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_5_3400g_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "5AC21C1E-D4E7-424F-A284-BBE94194B43C" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_5_3400g:-:*:*:*:*:*:*:*", + "matchCriteriaId": "AF3EDC73-2517-4EBF-B160-85266304D866" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_5_pro_3400ge_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6DE15998-C424-4A1A-81DB-C4E15B0DF7B8" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_5_pro_3400ge:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2C6A9017-FE60-4087-AA9D-AFB4E444E884" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_5_pro_3350g_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "40933267-3CEF-417E-BE95-37B562F37E78" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_5_pro_3350g:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3D242085-9B1A-4125-8070-50505531EECE" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_5_pro_3350ge_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "C9724784-3A56-4175-9829-796CF687CA09" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_5_pro_3350ge:-:*:*:*:*:*:*:*", + "matchCriteriaId": "055F87B8-FD74-44CC-A063-84E0BA2E8136" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_3_pro_3200g_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E0CF4C3B-337D-44ED-8544-A3D55AB1E62E" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_3_pro_3200g:-:*:*:*:*:*:*:*", + "matchCriteriaId": "C61CD3C7-E080-4C11-81BC-8D2A5D4F140C" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_3_3200g_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "EAFFAD03-CEE3-4C35-B6D2-627004A22934" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_3_3200g:-:*:*:*:*:*:*:*", + "matchCriteriaId": "926812AD-94F0-4CB8-9890-EAB11FDC1804" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_3_3200ge_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B2BB6B36-892D-434B-B590-6BEAFD4037BC" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_3_3200ge:-:*:*:*:*:*:*:*", + "matchCriteriaId": "8A9E5D46-DB87-4420-9AC6-2ABCB0119E01" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_3_pro_3200ge_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "EF105508-6252-4101-92B5-ECA9022D4720" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_3_pro_3200ge:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2BE83C48-571F-4BD6-ABE3-2B14ED510D13" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_9_3950x_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F23104CA-40BB-497E-809E-B89BDBB8B844" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_9_3950x:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A468A5E6-BCFA-4141-955E-D7AFE1737913" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_9_3900xt_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "4350ADE3-9A31-4A23-9B15-7A44E8F29E90" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_9_3900xt:-:*:*:*:*:*:*:*", + "matchCriteriaId": "7E52108F-FAAE-4075-8F87-239008E77009" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_9_3900x_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "53240910-3F88-465C-A0CD-A98395A05756" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_9_3900x:-:*:*:*:*:*:*:*", + "matchCriteriaId": "0ED8BD87-468E-4953-96B1-CF923985B963" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_9_3900_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2CFA3FA5-601A-42DF-8FBD-846ED91ECE3C" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_9_3900:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B5CB2C92-A84F-450D-BC0F-3675423DBF0E" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_7_3800xt_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "4A45A30A-6857-419E-8816-7EC9F8C8FEF8" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_7_3800xt:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3D814C2A-D794-46A8-9A06-CC4DB387176F" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_7_3800x_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E6788A3F-6731-4529-AAFF-3CB893C0D07B" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_7_3800x:-:*:*:*:*:*:*:*", + "matchCriteriaId": "7DC56C52-6200-47CD-A722-28A1437050B3" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_7_3700x_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3D824D3D-E27D-4B6D-A7CC-0D42288AA5C6" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_7_3700x:-:*:*:*:*:*:*:*", + "matchCriteriaId": "937E2FA2-BED8-48FF-8D01-153D4039F224" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_5_3600xt_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DD9B37D9-8A56-4058-9AFF-3BE64D95CC23" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_5_3600xt:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B156A9F3-E22D-428D-9E84-9D6CD6F3FE3E" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_5_3600x_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D72FC510-6F4C-4D04-BEA9-9DDE22617CEF" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_5_3600x:-:*:*:*:*:*:*:*", + "matchCriteriaId": "09342618-057F-4F49-A43F-352212738F80" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_5_3600_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "15D68B5B-0878-47BA-9DCC-BF2D793F92E7" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_5_3600:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E9B07D45-5EA5-405E-A649-DADE2451E3EC" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_5_3500x_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "927B2661-8988-484F-965C-D94AA9D52911" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_5_3500x:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A0CD66B3-96B6-43A0-AA57-A548FF34B5F9" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_5_3500_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "7F0E87F5-65BA-477D-9679-907FD2906298" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_5_3500:-:*:*:*:*:*:*:*", + "matchCriteriaId": "51A56423-3DDE-451B-AC47-51715AC74F41" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_3_3300x_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "22B7FA81-11D0-4DC2-B81D-1BD48D341E6A" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_3_3300x:-:*:*:*:*:*:*:*", + "matchCriteriaId": "45C1A897-5FA2-403D-86C2-9D67C5B043A9" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_3_3100_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "32B01772-B9AB-4724-BC36-C707E01C9EDB" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_3_3100:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DE4F55EF-4F2B-499C-8173-12BE32085744" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_threadripper_pro_3995wx_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "37F1D3A8-2FD7-4767-BC2A-2ADA8A53ECCC" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_threadripper_pro_3995wx:-:*:*:*:*:*:*:*", + "matchCriteriaId": "015BEF9F-7CFC-4A99-B9B4-FB58B3F35E31" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_threadripper_pro_3975wx_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "57E61614-68FD-437A-8037-801E0663CBD8" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_threadripper_pro_3975wx:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F3D16B66-A4EC-422D-856A-A862ECE13FBE" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_threadripper_pro_3955wx_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F3E5574E-5537-4F47-AB05-8A8D1D4C2BBF" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_threadripper_pro_3955wx:-:*:*:*:*:*:*:*", + "matchCriteriaId": "0EDF7650-0A7D-48FF-AD78-2D2DBF3CD646" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_threadripper_pro_3945wx_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "73A86733-31A4-4146-9539-01883B0D315A" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_threadripper_pro_3945wx:-:*:*:*:*:*:*:*", + "matchCriteriaId": "85D99997-1389-493E-BDEA-9904A46E48EE" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_threadripper_3990x_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "72F74102-CBC1-4BB8-80A7-A2DCB6F4239A" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_threadripper_3990x:-:*:*:*:*:*:*:*", + "matchCriteriaId": "5D1A55FE-F144-494E-BCF0-7E367DA56E40" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_threadripper_3970x_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F7AE0210-F156-42BA-AAD5-177A2E845A4B" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_threadripper_3970x:-:*:*:*:*:*:*:*", + "matchCriteriaId": "FDDFDB8A-5EFB-4D00-9E05-FC19B4CD8913" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_threadripper_3960x_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "1A986D34-FDDA-48D5-8762-2B1AF2C6DA3E" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_threadripper_3960x:-:*:*:*:*:*:*:*", + "matchCriteriaId": "978DF75D-F7B7-40F6-8054-9551306106F7" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:4700s_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "49ABBBB9-64DD-4E29-ADBD-8D3B2911BE5F" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:4700s:-:*:*:*:*:*:*:*", + "matchCriteriaId": "BB32FD86-4EBD-408C-8473-90524C31FF13" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_5_4500_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9BD02DFE-BC7C-4358-A9D4-5B1D8F731B12" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_5_4500:-:*:*:*:*:*:*:*", + "matchCriteriaId": "5EE3D939-DA9A-4B78-AEBA-8C30AA7E9354" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_3_4100_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "5DAE4BB3-4488-406C-A615-C8171D9303C2" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_3_4100:-:*:*:*:*:*:*:*", + "matchCriteriaId": "263E53BD-7A57-40AC-8A35-D761BD3895A5" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_7_4700g_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2F0D63B0-369D-4337-AC25-F0851C0C15C3" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_7_4700g:-:*:*:*:*:*:*:*", + "matchCriteriaId": "5B44C21E-681A-4869-8D9D-D3898D9CBB3B" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_7_4700ge_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D14B4470-CF19-40F0-A765-08BA391F0E45" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_7_4700ge:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2D640C5C-C906-41A2-96BC-19299ADB9446" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_5_4600g_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "BD852DB5-720F-473E-99EB-F037E81AA567" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_5_4600g:-:*:*:*:*:*:*:*", + "matchCriteriaId": "0005355A-DA7A-417D-8AF9-F6CC880040BC" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_5_4600ge_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "30F5D1C5-6AAE-4226-A627-9F37D7131102" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_5_4600ge:-:*:*:*:*:*:*:*", + "matchCriteriaId": "1614C8C2-0DDF-464F-BAE5-812CED10CA17" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_3_4300g_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "755801C1-7058-4584-BB7B-BE2BF9D5B78B" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_3_4300g:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2BE6DAAF-7A5E-4D6C-862A-443647E66432" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_3_4300ge_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "59172BDD-6177-4E6E-B9D7-C453EB1D651A" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_3_4300ge:-:*:*:*:*:*:*:*", + "matchCriteriaId": "492017EE-C13F-4C40-887F-9C3C9F439898" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_9_5950x_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3EE2DD3E-51C4-4E21-BC43-CE567812B59A" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_9_5950x:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6D51D4EF-7AD9-45F4-8179-BA0FE9890D13" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_9_5900x_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "331E829F-D05A-4D6D-A017-A2BE0D7C3D09" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_9_5900x:-:*:*:*:*:*:*:*", + "matchCriteriaId": "CE2F99FD-5E86-4F30-B07F-0D50B2DEF5FA" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_9_5900_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "777D94BA-613B-49E9-B1B3-2A9E0FC35908" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_9_5900:-:*:*:*:*:*:*:*", + "matchCriteriaId": "34045719-7683-4621-929B-5F6B16B6A580" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_9_pro_5945_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "29878A14-6096-4746-A61B-422284C863BF" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_9_pro_5945:-:*:*:*:*:*:*:*", + "matchCriteriaId": "7AD7AE84-3299-4C99-97A2-4159086FBC61" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_7_5800x3d_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E654C546-AAEE-4DDA-81B4-144DD5766F9F" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_7_5800x3d:-:*:*:*:*:*:*:*", + "matchCriteriaId": "487D6661-ECA7-44C0-BD46-FC8C03187B85" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_7_5800x_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E4D3A469-E7A2-44A0-963C-EE1D6BB2425D" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_7_5800x:-:*:*:*:*:*:*:*", + "matchCriteriaId": "5C0D71DD-DCA9-4788-AFDD-758E78B2DC14" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_7_5800_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "84FE65F0-3F46-4F0E-AF1C-3ED950F12F1E" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_7_5800:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F4E68C36-118D-41F9-900E-9F38F585A34D" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_7_5700x_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A6100A4E-BBA5-4C5E-B58F-F3F0B168A19F" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_7_5700x:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E309B1D5-E232-4F26-BF35-25A1542A5E10" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_7_pro_5845_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E5D13B09-E422-4A7B-B4AE-3D47E95A89C0" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_7_pro_5845:-:*:*:*:*:*:*:*", + "matchCriteriaId": "342D9BCB-5C64-426E-8546-7D38C4DE6288" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_5_5600x3d_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A366AB35-673F-47FA-845F-154ED3DAD127" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_5_5600x3d:-:*:*:*:*:*:*:*", + "matchCriteriaId": "5423F6D1-DA8B-4960-B87B-FA03C3539EDD" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_5_5600x_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "91D4E46F-20BB-46BE-A36F-826E2A15E931" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_5_5600x:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6FD86A5C-A9A9-4C84-91D9-54F2516E8487" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_5_5600_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A53089E9-4CD9-4E0A-92B3-7D4E4F7BE12B" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_5_5600:-:*:*:*:*:*:*:*", + "matchCriteriaId": "15DE7ACE-6BBB-4B5E-8D15-80997A85004C" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_5_pro_5645_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "68869B67-FE7B-4C95-9470-9D23C1A6B34F" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_5_pro_5645:-:*:*:*:*:*:*:*", + "matchCriteriaId": "EE0D0239-0550-4B9C-9342-916B5462F791" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_7_5700_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D87F2131-D439-44A7-8513-844E2B387120" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_7_5700:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E3CA3FBA-9DA5-4515-8911-DD8BD4C74A2A" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_5_5500_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D04B41F4-E5BD-4140-9A59-FE5AEF099CCB" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_5_5500:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A0B0DB96-32E6-4EBD-952B-F34DDF9AC9F0" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_3_5100_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "466CA7F1-2114-48F6-B765-1A0282DB46B4" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_3_5100:-:*:*:*:*:*:*:*", + "matchCriteriaId": "8576A19F-AC8F-457B-8EA5-651B552ED0F2" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_7_5700g_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "34798EA1-7F05-4F3D-BFBF-05385C1807EB" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_7_5700g:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A6746407-9EC7-49B2-93B4-926174F2A457" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_7_5700ge_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "608EC8C9-A5EC-45DE-8C6D-8928D36A8FD9" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_7_5700ge:-:*:*:*:*:*:*:*", + "matchCriteriaId": "5B481C5C-90C3-4DC2-85DF-F1EA0F409DF3" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_5_5600g_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D677F2A4-8B2B-432F-89FC-14E8BCB909DB" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_5_5600g:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DDE6B0E7-AE27-4DE8-8AF2-801E57F5FC30" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_5_5600ge_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D6A2CC5A-3BD8-4DD8-8339-F8E627E65A1C" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_5_5600ge:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F59A2AF2-5D13-480B-93CD-70AB6AEB60F5" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_3_5300g_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "C21E19B0-BD1A-4B4A-9107-2224AF9FD813" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_3_5300g:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D34308FA-D6D1-4024-95F5-45C86EFBF00A" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_3_5300ge_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "C4AD470C-C960-40C9-BC06-236B2391332E" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_3_5300ge:-:*:*:*:*:*:*:*", + "matchCriteriaId": "94E19774-C744-46AC-B8F8-2B3E2BB19050" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_threadripper_pro_5995wx_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "1B4FF79D-843C-4F44-8F7D-F1EDBD6C5EC0" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_threadripper_pro_5995wx:-:*:*:*:*:*:*:*", + "matchCriteriaId": "51BD2B6B-A491-4430-ACDA-019C8E1D0348" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_threadripper_pro_5975wx_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "38997E8B-D2B7-4AB2-BB6E-33966511AF38" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_threadripper_pro_5975wx:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6B99E921-4023-4E28-BAB7-A830487B3850" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_threadripper_pro_5965wx_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3CC4654E-519B-4412-B551-F2436108152B" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_threadripper_pro_5965wx:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A97EE77A-DB13-4A81-8BCD-E3BC1E45F420" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_threadripper_pro_5955wx_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "CC97F277-4BFD-41D7-A205-631C6FBE8DAB" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_threadripper_pro_5955wx:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B08A5CCF-054C-450B-93FC-8A3A4577CA00" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_threadripper_pro_5945wx_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "54611A05-BCA3-495A-8CDB-946FF47E0333" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_threadripper_pro_5945wx:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E38E22B3-AAAF-4075-9DEB-5198A8283E15" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_threadripper_2990wx_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2AF7F277-B1E1-4C44-B122-91A7B7D299DE" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_threadripper_2990wx:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B1B5369B-DFFE-4A84-8894-513AE7FC7C6C" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_threadripper_2970wx_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "5454A72B-76EC-46D9-8675-97DC076D7615" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_threadripper_2970wx:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B0A2CE6D-331C-4388-B0D6-EBAA05E87AB3" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_threadripper_2950x_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "59A9F95C-E531-40FA-BCE7-3CEB6E26497B" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_threadripper_2950x:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3964CA7C-996C-43C5-B1A5-14046DAD07BD" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_threadripper_2920x_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "27CDB416-B093-4871-8142-1D7EB5BF90B6" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_threadripper_2920x:-:*:*:*:*:*:*:*", + "matchCriteriaId": "52C9FEEF-0D0F-40DC-9E98-248F8608B755" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:athlon_pro_300ge_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "52DFA8C8-AD16-45B1-934F-AEE78C51DDAC" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:athlon_pro_300ge:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6F521757-7ABC-4CEB-AD06-2FD738216E8E" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:athlon_gold_3150ge_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9832717E-8322-4548-B6C7-DE662D2B05AA" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:athlon_gold_3150ge:-:*:*:*:*:*:*:*", + "matchCriteriaId": "11D12DB6-A9E9-4BEA-BC80-D6672A3383CD" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:athlon_gold_pro_3150ge_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D689C088-F1F1-4368-B6AE-75D3F9582FB1" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:athlon_gold_pro_3150ge:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E09DC414-96EE-478E-847C-7ACB5915659B" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:athlon_gold_3150g_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "FD375C2E-B976-4DAE-BF89-EFED1482DB28" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:athlon_gold_3150g:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6AE68ECE-5298-4BC1-AC24-5CF613389CDC" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:athlon_gold_pro_3150g_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "420E8314-35B8-4A12-AD42-3914EBA51D4D" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:athlon_gold_pro_3150g:-:*:*:*:*:*:*:*", + "matchCriteriaId": "EE0FB0AF-E942-4257-A9F2-8077A753A169" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:athlon_silver_3050e_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "40E3B591-EBC2-4C6A-8574-33F27F9AAE17" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:athlon_silver_3050e:-:*:*:*:*:*:*:*", + "matchCriteriaId": "951CA892-BAE2-46A4-BC86-0A205A4FA218" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:athlon_pro_3045b_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6882B4E1-0BFF-4093-BE67-72294949C3F8" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:athlon_pro_3045b:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A3726F1B-6B01-4DCD-ABCE-4BC6469D8DD8" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:athlon_silver_3050u_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "064D6E4E-56D7-4E37-AC8C-7F3DDAA68B61" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:athlon_silver_3050u:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6CFF28BE-F049-4716-AADE-643FABB753A7" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:athlon_silver_3050c_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9E741A31-8265-45E0-9834-23D00D5F8176" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:athlon_silver_3050c:-:*:*:*:*:*:*:*", + "matchCriteriaId": "FEE30066-A56C-4997-BED2-FEB4F61D9F09" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:athlon_pro_3145b_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "07D642E6-4D91-49C3-B8BB-8B4575CE99D9" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:athlon_pro_3145b:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9E514E0C-397F-4DF3-AD79-D7C800BAA28A" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:athlon_gold_3150u_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "610909ED-A636-4007-A50F-500057340E70" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:athlon_gold_3150u:-:*:*:*:*:*:*:*", + "matchCriteriaId": "57E11A9D-03EC-4014-BB1C-5286C694581B" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:athlon_gold_3150c_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "1902D5CE-4BBB-45F7-9D52-28AF43F460CC" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:athlon_gold_3150c:-:*:*:*:*:*:*:*", + "matchCriteriaId": "C2293F6A-ECB3-462B-9CB6-1DF0EF43A816" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_7_5700u_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "8390832E-A389-454A-B8F3-630708DDC9BE" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_7_5700u:-:*:*:*:*:*:*:*", + "matchCriteriaId": "56772AAA-A5A9-4125-B4DB-939D583DA8E5" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_5_5500u_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "181E611F-CC4C-4F72-930D-93C3A85BF2A1" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_5_5500u:-:*:*:*:*:*:*:*", + "matchCriteriaId": "C212F6CE-1920-44DC-AC13-4922A052CEBB" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_3_5300u_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "C9348AE1-C1F5-4512-9392-4A5971442EA1" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_3_5300u:-:*:*:*:*:*:*:*", + "matchCriteriaId": "FDE2EB95-146C-4DFA-A627-3E4B3CDD5F88" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_9_5980hx_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "1031085D-AD15-4124-803E-9B742E7484A0" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_9_5980hx:-:*:*:*:*:*:*:*", + "matchCriteriaId": "8308D5A2-0985-487C-B16C-4EEF835BDD4F" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_9_5980hs_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "808C582D-4F80-4378-B177-012EEF438443" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_9_5980hs:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6C00179A-620B-4DC7-893A-11AFAB9EE13C" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_9_5900hx_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6DD6028F-DD27-4D81-8E0A-06C2F1B9277C" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_9_5900hx:-:*:*:*:*:*:*:*", + "matchCriteriaId": "AB9BDB04-877C-472D-A3BB-6C32FF269E00" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_9_5900hs_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "BB09D697-326C-4902-BB5A-C5EAC9A2BD22" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_9_5900hs:-:*:*:*:*:*:*:*", + "matchCriteriaId": "FE64730D-B284-450E-9450-72AAEBAE2000" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_7_5800h_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "23B3A9DE-92BB-4D84-8773-F58BBF0EFBFC" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_7_5800h:-:*:*:*:*:*:*:*", + "matchCriteriaId": "7A1449EC-F9D9-4846-A6E1-56F0B1EE8849" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_7_5800hs_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "13AB11C7-28F2-41AF-85D4-F391E02797A4" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_7_5800hs:-:*:*:*:*:*:*:*", + "matchCriteriaId": "8FEDF9F0-CE97-4A9F-B4C2-EB3CF6E9507D" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_7_5825u_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "C9669B2E-9590-4521-AC69-E7F5F201CAA3" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_7_5825u:-:*:*:*:*:*:*:*", + "matchCriteriaId": "BF398C51-EB53-4C3F-8D88-BD3931D9293F" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_7_5800u_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "8DC33A3B-F40D-4532-AA66-4E23360F94E2" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_7_5800u:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F2A09152-93D2-493D-8CE0-8A4F30F0DD39" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_5_5600h_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F5898533-4CDE-496C-99A8-361F8C8E5A85" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_5_5600h:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9A5FDA44-978A-4ACC-9A42-00929DFE485B" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_5_5600hs_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "8928F3EB-EE42-4ABB-A76D-619AFEA284B6" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_5_5600hs:-:*:*:*:*:*:*:*", + "matchCriteriaId": "FD963142-F19B-42C9-AB46-8F24CD773BE0" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_5_5625u_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F3C4424D-70E5-4101-B39C-15EEC4E933BE" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_5_5625u:-:*:*:*:*:*:*:*", + "matchCriteriaId": "C16BC515-84AE-432F-853B-822E737C242F" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_5_5600u_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B4DA33B2-B942-447F-9229-A41808411F38" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_5_5600u:-:*:*:*:*:*:*:*", + "matchCriteriaId": "85D64E8F-BB90-4425-9980-9D2E2B74E83B" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_5_5560u_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "CA5ADD5B-C4F4-4BB4-8EFC-D949A79DFB0B" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_5_5560u:-:*:*:*:*:*:*:*", + "matchCriteriaId": "94BB2CE6-E989-43EE-B501-0DA6079BA420" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_3_5425u_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "1D97A583-39ED-4B1C-B7D9-48F0F56294A8" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_3_5425u:-:*:*:*:*:*:*:*", + "matchCriteriaId": "74236755-56DA-4245-A07F-DF9817D8F01D" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_3_5400u_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "98831A6B-A51F-48A9-80D7-B903A4F0A936" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_3_5400u:-:*:*:*:*:*:*:*", + "matchCriteriaId": "0B1390DB-9E89-4C57-93F7-06B36EFDE579" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_3_5125c_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "1117C6B9-C87A-4185-A7DE-B4221BB59ABC" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_3_5125c:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A5F962DD-90D5-47AB-8ABC-36E925821636" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_9_6980hx_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "573E5B00-4F5A-4419-A265-FD8F46CB9D9A" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_9_6980hx:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3674D656-9623-4B39-AADE-158FE70FF29F" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_9_6980hs_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "433893A2-C55A-4A88-9314-A91DF4DEDA9E" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_9_6980hs:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B21FB338-F944-40F9-8F0C-99B471AAD51E" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_9_6900hx_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E3DAFB9F-9661-4E82-BF07-E750E8D42694" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_9_6900hx:-:*:*:*:*:*:*:*", + "matchCriteriaId": "528D6AB3-01D9-41F1-90A7-FF5ADF66D4CC" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_9_6900hs_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "5F26496C-0832-4D9E-BFA7-15E4EBEA40B3" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_9_6900hs:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DA29FE4D-C9A2-46FB-8EC5-3067F56ED080" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_7_6800h_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "AFCA1EF3-C51D-4E70-9777-C921EA2C2A78" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_7_6800h:-:*:*:*:*:*:*:*", + "matchCriteriaId": "09B085FF-EAEA-42BC-BA60-3AA9B76141B9" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_7_6800hs_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "987A3CCC-ACF3-4F85-9C82-F361BA12EB84" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_7_6800hs:-:*:*:*:*:*:*:*", + "matchCriteriaId": "760F20CC-9034-462C-A25E-C009E2218C38" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_7_6800u_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2AE4A9C2-6383-4B30-A423-5C8F63C06A15" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_7_6800u:-:*:*:*:*:*:*:*", + "matchCriteriaId": "1D2CBCEA-AB4F-444C-9CCD-A976003F796C" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_5_6600h_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "66251A10-F3CE-48C0-8288-ED01F1122AD6" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_5_6600h:-:*:*:*:*:*:*:*", + "matchCriteriaId": "7D260012-5D8F-4B36-8B88-82DB0291EE9D" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_5_6600hs_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "BC1C0146-D148-4590-9127-F0005D6AB4EC" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_5_6600hs:-:*:*:*:*:*:*:*", + "matchCriteriaId": "0B34AD7A-1C4A-4A4B-87EA-B7BE207F2E67" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_5_6600u_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "4393BD5E-E997-459A-98D3-828B536AA2C8" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_5_6600u:-:*:*:*:*:*:*:*", + "matchCriteriaId": "025E494E-953E-426E-BE89-6F2360A3AAC4" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_5_7520u_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "C6DDD082-BAA1-415A-8E2A-AF8F5F27BDC2" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_5_7520u:-:*:*:*:*:*:*:*", + "matchCriteriaId": "0870FBE4-92B4-4717-88B0-EC1094268034" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_3_7320u_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "33BCC8C4-3F88-4D2B-BBDD-860619B3E15C" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_3_7320u:-:*:*:*:*:*:*:*", + "matchCriteriaId": "48F04B9F-8C65-476B-B5D8-18CC96E3B712" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_7_pro_7730u_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "7F22498B-9054-48F9-A85D-C98CDE7064CD" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_7_pro_7730u:-:*:*:*:*:*:*:*", + "matchCriteriaId": "29805A0A-1E52-4545-9D41-B9A1EE571778" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_5_pro_7530u_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "4A9F0139-22CE-4ABF-89CE-3345A7BB79D8" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_5_pro_7530u:-:*:*:*:*:*:*:*", + "matchCriteriaId": "C822A153-C32B-423B-8660-EAE0A1DEB4EB" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_3_pro_7330u_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E8B08AB2-9A24-4280-8B77-3AA92787F936" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_3_pro_7330u:-:*:*:*:*:*:*:*", + "matchCriteriaId": "86704116-43D0-47FD-8896-AB00C265AAE0" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_7_7735hs_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "546E34C2-C25B-4282-96F2-57E97C6631D8" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_7_7735hs:-:*:*:*:*:*:*:*", + "matchCriteriaId": "4E5A8E7A-3430-41B9-8B3C-D9D462A2CEC2" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_7_7736u_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "34C10A17-F8D9-4C5E-90B1-EB5D1C130312" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_7_7736u:-:*:*:*:*:*:*:*", + "matchCriteriaId": "5D50E8EA-ECB2-463D-BA51-D13CF5A02266" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_7_7735u_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E7BE3323-E4D0-415E-9D7C-4AA04EC19733" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_7_7735u:-:*:*:*:*:*:*:*", + "matchCriteriaId": "CD9171F4-F05E-4183-91BB-8DAD0A5EB0D2" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_5_7535hs_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "EF7FB2F5-2F07-491B-B368-5637CE4761FC" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_5_7535hs:-:*:*:*:*:*:*:*", + "matchCriteriaId": "EE36D471-57BF-4385-A825-029F7313E4DB" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_5_7535u_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "C5F57F56-259A-4067-AF55-158705C666C1" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_5_7535u:-:*:*:*:*:*:*:*", + "matchCriteriaId": "082BE536-F29C-4A73-B030-A19DD3A448B3" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:amd:ryzen_3_7335u_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6BABF86B-F7B6-4D97-B934-64452CA1E025" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:amd:ryzen_3_7335u:-:*:*:*:*:*:*:*", + "matchCriteriaId": "495E436C-B0EE-4B72-AB49-332F4752C140" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-4005", - "source": "psirt@amd.com" + "source": "psirt@amd.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-235xx/CVE-2023-23563.json b/CVE-2023/CVE-2023-235xx/CVE-2023-23563.json new file mode 100644 index 00000000000..427e14b93c9 --- /dev/null +++ b/CVE-2023/CVE-2023-235xx/CVE-2023-23563.json @@ -0,0 +1,28 @@ +{ + "id": "CVE-2023-23563", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:32.563", + "lastModified": "2023-08-22T19:16:32.563", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An issue was discovered in Geomatika IsiGeo Web 6.0. It allows remote authenticated users to obtain sensitive database content via SQL Injection." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/Orange-Cyberdefense/CVE-repository", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/Orange-Cyberdefense/CVE-repository/blob/master/PoCs/poc_geomatika_isigeoweb.md", + "source": "cve@mitre.org" + }, + { + "url": "https://www.geomatika.fr/isigeo-web/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-235xx/CVE-2023-23564.json b/CVE-2023/CVE-2023-235xx/CVE-2023-23564.json new file mode 100644 index 00000000000..d48331cee4c --- /dev/null +++ b/CVE-2023/CVE-2023-235xx/CVE-2023-23564.json @@ -0,0 +1,28 @@ +{ + "id": "CVE-2023-23564", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:32.647", + "lastModified": "2023-08-22T19:16:32.647", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An issue was discovered in Geomatika IsiGeo Web 6.0. It allows remote authenticated users to execute commands." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/Orange-Cyberdefense/CVE-repository", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/Orange-Cyberdefense/CVE-repository/blob/master/PoCs/poc_geomatika_isigeoweb.md", + "source": "cve@mitre.org" + }, + { + "url": "https://www.geomatika.fr/isigeo-web/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-235xx/CVE-2023-23565.json b/CVE-2023/CVE-2023-235xx/CVE-2023-23565.json new file mode 100644 index 00000000000..739ef9a7cf1 --- /dev/null +++ b/CVE-2023/CVE-2023-235xx/CVE-2023-23565.json @@ -0,0 +1,28 @@ +{ + "id": "CVE-2023-23565", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:32.720", + "lastModified": "2023-08-22T19:16:32.720", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An issue was discovered in Geomatika IsiGeo Web 6.0. It allows remote authenticated users to retrieve PHP files from the server via Local File Inclusion." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/Orange-Cyberdefense/CVE-repository", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/Orange-Cyberdefense/CVE-repository/blob/master/PoCs/poc_geomatika_isigeoweb.md", + "source": "cve@mitre.org" + }, + { + "url": "https://www.geomatika.fr/isigeo-web/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-239xx/CVE-2023-23908.json b/CVE-2023/CVE-2023-239xx/CVE-2023-23908.json index 2944ad52356..835a4b4a8ed 100644 --- a/CVE-2023/CVE-2023-239xx/CVE-2023-23908.json +++ b/CVE-2023/CVE-2023-239xx/CVE-2023-23908.json @@ -2,8 +2,8 @@ "id": "CVE-2023-23908", "sourceIdentifier": "secure@intel.com", "published": "2023-08-11T03:15:18.510", - "lastModified": "2023-08-18T03:15:15.527", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-22T19:16:32.830", + "vulnStatus": "Undergoing Analysis", "descriptions": [ { "lang": "en", @@ -39,6 +39,10 @@ "url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00836.html", "source": "secure@intel.com" }, + { + "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00026.html", + "source": "secure@intel.com" + }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HKREYYTWUY7ZDNIB2N6H5BUJ3LE5VZPE/", "source": "secure@intel.com" diff --git a/CVE-2023/CVE-2023-245xx/CVE-2023-24514.json b/CVE-2023/CVE-2023-245xx/CVE-2023-24514.json new file mode 100644 index 00000000000..de673d63d2d --- /dev/null +++ b/CVE-2023/CVE-2023-245xx/CVE-2023-24514.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-24514", + "sourceIdentifier": "cve-coordination@incibe.es", + "published": "2023-08-22T19:16:34.393", + "lastModified": "2023-08-22T19:16:34.393", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Cross-site Scripting (XSS) vulnerability in Visual Console Module of Pandora FMS could be used to hijack admin users session cookie values, carry out phishing attacks, etc. This issue affects Pandora FMS v767 version and prior versions on all platforms." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cve-coordination@incibe.es", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "LOW", + "baseScore": 6.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.1, + "impactScore": 4.2 + } + ] + }, + "weaknesses": [ + { + "source": "cve-coordination@incibe.es", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://pandorafms.com/en/security/common-vulnerabilities-and-exposures/", + "source": "cve-coordination@incibe.es" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-245xx/CVE-2023-24515.json b/CVE-2023/CVE-2023-245xx/CVE-2023-24515.json new file mode 100644 index 00000000000..e9ecdb8ebca --- /dev/null +++ b/CVE-2023/CVE-2023-245xx/CVE-2023-24515.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-24515", + "sourceIdentifier": "cve-coordination@incibe.es", + "published": "2023-08-22T19:16:34.480", + "lastModified": "2023-08-22T19:16:34.480", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Server-Side Request Forgery (SSRF) vulnerability in API checker of Pandora FMS. Application does not have a check on the URL scheme used while retrieving API URL. Rather than validating the http/https scheme, the application allows other scheme such as file, which could allow a malicious user to fetch internal file content. This issue affects Pandora FMS v767 version and prior versions on all platforms." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cve-coordination@incibe.es", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.2, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.9, + "impactScore": 4.2 + } + ] + }, + "weaknesses": [ + { + "source": "cve-coordination@incibe.es", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-918" + } + ] + } + ], + "references": [ + { + "url": "https://pandorafms.com/en/security/common-vulnerabilities-and-exposures/", + "source": "cve-coordination@incibe.es" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-245xx/CVE-2023-24516.json b/CVE-2023/CVE-2023-245xx/CVE-2023-24516.json new file mode 100644 index 00000000000..55d9f8d9d56 --- /dev/null +++ b/CVE-2023/CVE-2023-245xx/CVE-2023-24516.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-24516", + "sourceIdentifier": "cve-coordination@incibe.es", + "published": "2023-08-22T19:16:34.557", + "lastModified": "2023-08-22T19:16:34.557", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Cross-site Scripting (XSS) vulnerability in the Pandora FMS Special Days component allows an attacker to use it to steal the session cookie value of admin users easily with little user interaction. This issue affects Pandora FMS v767 version and prior versions on all platforms." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cve-coordination@incibe.es", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 5.9, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.2, + "impactScore": 4.7 + } + ] + }, + "weaknesses": [ + { + "source": "cve-coordination@incibe.es", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://pandorafms.com/en/security/common-vulnerabilities-and-exposures/", + "source": "cve-coordination@incibe.es" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-245xx/CVE-2023-24517.json b/CVE-2023/CVE-2023-245xx/CVE-2023-24517.json new file mode 100644 index 00000000000..ed71f9c4f11 --- /dev/null +++ b/CVE-2023/CVE-2023-245xx/CVE-2023-24517.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-24517", + "sourceIdentifier": "cve-coordination@incibe.es", + "published": "2023-08-22T19:16:34.693", + "lastModified": "2023-08-22T19:16:34.693", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Unrestricted Upload of File with Dangerous Type vulnerability in the Pandora FMS File Manager component, allows an attacker to make make use of this issue ( unrestricted file upload ) to execute arbitrary system commands. This issue affects Pandora FMS v767 version and prior versions on all platforms." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cve-coordination@incibe.es", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "LOW", + "baseScore": 6.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.9, + "impactScore": 5.5 + } + ] + }, + "weaknesses": [ + { + "source": "cve-coordination@incibe.es", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-434" + } + ] + } + ], + "references": [ + { + "url": "https://pandorafms.com/en/security/common-vulnerabilities-and-exposures/", + "source": "cve-coordination@incibe.es" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-257xx/CVE-2023-25718.json b/CVE-2023/CVE-2023-257xx/CVE-2023-25718.json index bf178ef87bd..81d575128fd 100644 --- a/CVE-2023/CVE-2023-257xx/CVE-2023-25718.json +++ b/CVE-2023/CVE-2023-257xx/CVE-2023-25718.json @@ -2,12 +2,12 @@ "id": "CVE-2023-25718", "sourceIdentifier": "cve@mitre.org", "published": "2023-02-13T20:15:11.040", - "lastModified": "2023-03-05T20:15:08.977", + "lastModified": "2023-08-22T19:16:34.823", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "In ConnectWise Control through 22.9.10032 (formerly known as ScreenConnect), after an executable file is signed, additional instructions can be added without invalidating the signature, such as instructions that result in offering the end user a (different) attacker-controlled executable file. It is plausible that the end user may allow the download and execution of this file to proceed. There are ConnectWise Control configuration options that add mitigations. NOTE: this may overlap CVE-2023-25719." + "value": "** DISPUTED ** In ConnectWise Control through 22.9.10032 (formerly known as ScreenConnect), after an executable file is signed, additional instructions can be added without invalidating the signature, such as instructions that result in offering the end user a (different) attacker-controlled executable file. It is plausible that the end user may allow the download and execution of this file to proceed. There are ConnectWise Control configuration options that add mitigations. NOTE: this may overlap CVE-2023-25719. NOTE: the vendor's position is that this purported vulnerability represents a \"fundamental lack of understanding of Authenticode code signing behavior.\"" } ], "metrics": { diff --git a/CVE-2023/CVE-2023-261xx/CVE-2023-26140.json b/CVE-2023/CVE-2023-261xx/CVE-2023-26140.json index 6e59e042b07..ef4826a3235 100644 --- a/CVE-2023/CVE-2023-261xx/CVE-2023-26140.json +++ b/CVE-2023/CVE-2023-261xx/CVE-2023-26140.json @@ -2,8 +2,8 @@ "id": "CVE-2023-26140", "sourceIdentifier": "report@snyk.io", "published": "2023-08-16T05:15:09.810", - "lastModified": "2023-08-16T12:02:41.873", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-22T18:10:27.173", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + }, { "source": "report@snyk.io", "type": "Secondary", @@ -34,18 +54,56 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:excalidraw:excalidraw:*:*:*:*:*:node.js:*:*", + "matchCriteriaId": "0A45A5D1-07D8-49A6-9C39-5731B7D0CAE3" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/excalidraw/excalidraw/commit/b33fa6d6f64d27adc3a47b25c0aa55711740d0af", - "source": "report@snyk.io" + "source": "report@snyk.io", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/excalidraw/excalidraw/pull/6728", - "source": "report@snyk.io" + "source": "report@snyk.io", + "tags": [ + "Issue Tracking" + ] }, { "url": "https://security.snyk.io/vuln/SNYK-JS-EXCALIDRAWEXCALIDRAW-5841658", - "source": "report@snyk.io" + "source": "report@snyk.io", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-294xx/CVE-2023-29450.json b/CVE-2023/CVE-2023-294xx/CVE-2023-29450.json index 92bb4dc4cc2..07c1e0bafd8 100644 --- a/CVE-2023/CVE-2023-294xx/CVE-2023-29450.json +++ b/CVE-2023/CVE-2023-294xx/CVE-2023-29450.json @@ -2,8 +2,8 @@ "id": "CVE-2023-29450", "sourceIdentifier": "security@zabbix.com", "published": "2023-07-13T09:15:09.660", - "lastModified": "2023-07-25T14:55:15.027", - "vulnStatus": "Analyzed", + "lastModified": "2023-08-22T19:16:34.983", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -120,6 +120,10 @@ } ], "references": [ + { + "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00027.html", + "source": "security@zabbix.com" + }, { "url": "https://support.zabbix.com/browse/ZBX-22588", "source": "security@zabbix.com", diff --git a/CVE-2023/CVE-2023-294xx/CVE-2023-29451.json b/CVE-2023/CVE-2023-294xx/CVE-2023-29451.json index cdc1fd86f41..e6e60b16c43 100644 --- a/CVE-2023/CVE-2023-294xx/CVE-2023-29451.json +++ b/CVE-2023/CVE-2023-294xx/CVE-2023-29451.json @@ -2,8 +2,8 @@ "id": "CVE-2023-29451", "sourceIdentifier": "security@zabbix.com", "published": "2023-07-13T10:15:09.137", - "lastModified": "2023-07-25T14:55:32.543", - "vulnStatus": "Analyzed", + "lastModified": "2023-08-22T19:16:35.183", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -152,6 +152,10 @@ } ], "references": [ + { + "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00027.html", + "source": "security@zabbix.com" + }, { "url": "https://support.zabbix.com/browse/ZBX-22587", "source": "security@zabbix.com", diff --git a/CVE-2023/CVE-2023-294xx/CVE-2023-29454.json b/CVE-2023/CVE-2023-294xx/CVE-2023-29454.json index 51c7da7b3c6..c5e3d1986f8 100644 --- a/CVE-2023/CVE-2023-294xx/CVE-2023-29454.json +++ b/CVE-2023/CVE-2023-294xx/CVE-2023-29454.json @@ -2,8 +2,8 @@ "id": "CVE-2023-29454", "sourceIdentifier": "security@zabbix.com", "published": "2023-07-13T10:15:09.320", - "lastModified": "2023-07-20T20:54:45.290", - "vulnStatus": "Analyzed", + "lastModified": "2023-08-22T19:16:35.460", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -110,6 +110,10 @@ } ], "references": [ + { + "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00027.html", + "source": "security@zabbix.com" + }, { "url": "https://support.zabbix.com/browse/ZBX-22985", "source": "security@zabbix.com", diff --git a/CVE-2023/CVE-2023-294xx/CVE-2023-29455.json b/CVE-2023/CVE-2023-294xx/CVE-2023-29455.json index a95919866ba..16806ad6b65 100644 --- a/CVE-2023/CVE-2023-294xx/CVE-2023-29455.json +++ b/CVE-2023/CVE-2023-294xx/CVE-2023-29455.json @@ -2,8 +2,8 @@ "id": "CVE-2023-29455", "sourceIdentifier": "security@zabbix.com", "published": "2023-07-13T10:15:09.377", - "lastModified": "2023-07-20T20:59:09.067", - "vulnStatus": "Analyzed", + "lastModified": "2023-08-22T19:16:35.670", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -103,6 +103,10 @@ } ], "references": [ + { + "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00027.html", + "source": "security@zabbix.com" + }, { "url": "https://support.zabbix.com/browse/ZBX-22986", "source": "security@zabbix.com", diff --git a/CVE-2023/CVE-2023-294xx/CVE-2023-29456.json b/CVE-2023/CVE-2023-294xx/CVE-2023-29456.json index f8cad24bfb3..ae34d8c2424 100644 --- a/CVE-2023/CVE-2023-294xx/CVE-2023-29456.json +++ b/CVE-2023/CVE-2023-294xx/CVE-2023-29456.json @@ -2,8 +2,8 @@ "id": "CVE-2023-29456", "sourceIdentifier": "security@zabbix.com", "published": "2023-07-13T10:15:09.440", - "lastModified": "2023-07-25T15:03:10.453", - "vulnStatus": "Analyzed", + "lastModified": "2023-08-22T19:16:35.827", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -117,6 +117,10 @@ } ], "references": [ + { + "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00027.html", + "source": "security@zabbix.com" + }, { "url": "https://support.zabbix.com/browse/ZBX-22987", "source": "security@zabbix.com", diff --git a/CVE-2023/CVE-2023-294xx/CVE-2023-29457.json b/CVE-2023/CVE-2023-294xx/CVE-2023-29457.json index fa0bf4ac58b..308e95c811a 100644 --- a/CVE-2023/CVE-2023-294xx/CVE-2023-29457.json +++ b/CVE-2023/CVE-2023-294xx/CVE-2023-29457.json @@ -2,8 +2,8 @@ "id": "CVE-2023-29457", "sourceIdentifier": "security@zabbix.com", "published": "2023-07-13T10:15:09.507", - "lastModified": "2023-07-20T21:03:59.290", - "vulnStatus": "Analyzed", + "lastModified": "2023-08-22T19:16:35.957", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -110,6 +110,10 @@ } ], "references": [ + { + "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00027.html", + "source": "security@zabbix.com" + }, { "url": "https://support.zabbix.com/browse/ZBX-22988", "source": "security@zabbix.com", diff --git a/CVE-2023/CVE-2023-300xx/CVE-2023-30078.json b/CVE-2023/CVE-2023-300xx/CVE-2023-30078.json new file mode 100644 index 00000000000..7a387b96fa9 --- /dev/null +++ b/CVE-2023/CVE-2023-300xx/CVE-2023-30078.json @@ -0,0 +1,28 @@ +{ + "id": "CVE-2023-30078", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:36.097", + "lastModified": "2023-08-22T19:16:36.097", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A stack overflow vulnerability exists in function econf_writeFile in file atlibeconf/lib/libeconf.c in libeconf 0.5.1 allows attackers to cause a Denial of service or execute arbitrary code." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/openSUSE/libeconf/issues/178", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/yangjiageng/PoC/blob/master/libeconf-PoC/econf_writeFile_546", + "source": "cve@mitre.org" + }, + { + "url": "https://raw.githubusercontent.com/yangjiageng/PoC/master/libeconf-PoC/tst-write-string-data.c", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-300xx/CVE-2023-30079.json b/CVE-2023/CVE-2023-300xx/CVE-2023-30079.json new file mode 100644 index 00000000000..abe562b2e82 --- /dev/null +++ b/CVE-2023/CVE-2023-300xx/CVE-2023-30079.json @@ -0,0 +1,28 @@ +{ + "id": "CVE-2023-30079", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:36.190", + "lastModified": "2023-08-22T19:16:36.190", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A stack overflow vulnerability exists in function read_file in atlibeconf/lib/getfilecontents.c in libeconf 0.5.1 allows attackers to cause a Denial of service or execute arbitrary code." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/openSUSE/libeconf/issues/177", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/yangjiageng/PoC/blob/master/libeconf-PoC/read_file_503", + "source": "cve@mitre.org" + }, + { + "url": "https://raw.githubusercontent.com/yangjiageng/PoC/master/libeconf-PoC/tst-logindefs1.c", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-314xx/CVE-2023-31452.json b/CVE-2023/CVE-2023-314xx/CVE-2023-31452.json index a0ae7035750..e719281ce55 100644 --- a/CVE-2023/CVE-2023-314xx/CVE-2023-31452.json +++ b/CVE-2023/CVE-2023-314xx/CVE-2023-31452.json @@ -2,7 +2,7 @@ "id": "CVE-2023-31452", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-09T12:15:09.970", - "lastModified": "2023-08-16T12:15:13.540", + "lastModified": "2023-08-22T19:16:36.270", "vulnStatus": "Modified", "descriptions": [ { @@ -72,6 +72,10 @@ "Vendor Advisory" ] }, + { + "url": "https://www.paessler.com/prtg/history/prtg-23#23.3.86.1520", + "source": "cve@mitre.org" + }, { "url": "https://www.paessler.com/prtg/history/stable", "source": "cve@mitre.org", diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32487.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32487.json index d501a84a38c..65f15807f99 100644 --- a/CVE-2023/CVE-2023-324xx/CVE-2023-32487.json +++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32487.json @@ -2,8 +2,8 @@ "id": "CVE-2023-32487", "sourceIdentifier": "security_alert@emc.com", "published": "2023-08-16T14:15:11.047", - "lastModified": "2023-08-16T15:17:05.683", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-22T18:52:14.657", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + }, { "source": "security_alert@emc.com", "type": "Secondary", @@ -36,8 +56,18 @@ }, "weaknesses": [ { - "source": "security_alert@emc.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + }, + { + "source": "security_alert@emc.com", + "type": "Secondary", "description": [ { "lang": "en", @@ -46,10 +76,46 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:dell:powerscale_onefs:*:*:*:*:*:*:*:*", + "versionStartIncluding": "9.2.1.0", + "versionEndIncluding": "9.2.1.22", + "matchCriteriaId": "FEF3F09E-3FF7-4352-A853-41DC25627EAD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:dell:powerscale_onefs:*:*:*:*:*:*:*:*", + "versionStartIncluding": "9.4.0.0", + "versionEndIncluding": "9.4.0.13", + "matchCriteriaId": "F49A7E9F-F753-48EA-8A96-CFE473CBD81A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:dell:powerscale_onefs:*:*:*:*:*:*:*:*", + "versionStartIncluding": "9.5.0.0", + "versionEndIncluding": "9.5.0.3", + "matchCriteriaId": "AB96F54D-D8C1-439A-BA83-72B8E840DFB1" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.dell.com/support/kbdoc/en-us/000216717/dsa-2023-269-security-update-for-dell-powerscale-onefs-for-multiple-security-vulnerabilities", - "source": "security_alert@emc.com" + "source": "security_alert@emc.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32488.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32488.json index 1039c4b15cd..18f8a276687 100644 --- a/CVE-2023/CVE-2023-324xx/CVE-2023-32488.json +++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32488.json @@ -2,8 +2,8 @@ "id": "CVE-2023-32488", "sourceIdentifier": "security_alert@emc.com", "published": "2023-08-16T14:15:11.133", - "lastModified": "2023-08-16T15:17:05.683", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-22T18:52:30.857", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + }, { "source": "security_alert@emc.com", "type": "Secondary", @@ -36,8 +56,18 @@ }, "weaknesses": [ { - "source": "security_alert@emc.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-Other" + } + ] + }, + { + "source": "security_alert@emc.com", + "type": "Secondary", "description": [ { "lang": "en", @@ -46,10 +76,46 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:dell:powerscale_onefs:*:*:*:*:*:*:*:*", + "versionStartIncluding": "9.2.1.0", + "versionEndIncluding": "9.2.1.22", + "matchCriteriaId": "FEF3F09E-3FF7-4352-A853-41DC25627EAD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:dell:powerscale_onefs:*:*:*:*:*:*:*:*", + "versionStartIncluding": "9.4.0.0", + "versionEndIncluding": "9.4.0.13", + "matchCriteriaId": "F49A7E9F-F753-48EA-8A96-CFE473CBD81A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:dell:powerscale_onefs:*:*:*:*:*:*:*:*", + "versionStartIncluding": "9.5.0.0", + "versionEndIncluding": "9.5.0.3", + "matchCriteriaId": "AB96F54D-D8C1-439A-BA83-72B8E840DFB1" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.dell.com/support/kbdoc/en-us/000216717/dsa-2023-269-security-update-for-dell-powerscale-onefs-for-multiple-security-vulnerabilities", - "source": "security_alert@emc.com" + "source": "security_alert@emc.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32489.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32489.json index c457bd76990..2ed359e30a5 100644 --- a/CVE-2023/CVE-2023-324xx/CVE-2023-32489.json +++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32489.json @@ -2,8 +2,8 @@ "id": "CVE-2023-32489", "sourceIdentifier": "security_alert@emc.com", "published": "2023-08-16T14:15:11.237", - "lastModified": "2023-08-16T15:17:05.683", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-22T18:52:04.277", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 6.7, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.8, + "impactScore": 5.9 + }, { "source": "security_alert@emc.com", "type": "Secondary", @@ -36,8 +56,18 @@ }, "weaknesses": [ { - "source": "security_alert@emc.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-Other" + } + ] + }, + { + "source": "security_alert@emc.com", + "type": "Secondary", "description": [ { "lang": "en", @@ -46,10 +76,46 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:dell:powerscale_onefs:*:*:*:*:*:*:*:*", + "versionStartIncluding": "9.2.1.0", + "versionEndIncluding": "9.2.1.22", + "matchCriteriaId": "FEF3F09E-3FF7-4352-A853-41DC25627EAD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:dell:powerscale_onefs:*:*:*:*:*:*:*:*", + "versionStartIncluding": "9.4.0.0", + "versionEndIncluding": "9.4.0.13", + "matchCriteriaId": "F49A7E9F-F753-48EA-8A96-CFE473CBD81A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:dell:powerscale_onefs:*:*:*:*:*:*:*:*", + "versionStartIncluding": "9.5.0.0", + "versionEndIncluding": "9.5.0.3", + "matchCriteriaId": "AB96F54D-D8C1-439A-BA83-72B8E840DFB1" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.dell.com/support/kbdoc/en-us/000216717/dsa-2023-269-security-update-for-dell-powerscale-onefs-for-multiple-security-vulnerabilities", - "source": "security_alert@emc.com" + "source": "security_alert@emc.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32490.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32490.json index 0fadaa89d27..baacc8d03e6 100644 --- a/CVE-2023/CVE-2023-324xx/CVE-2023-32490.json +++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32490.json @@ -2,8 +2,8 @@ "id": "CVE-2023-32490", "sourceIdentifier": "security_alert@emc.com", "published": "2023-08-16T14:15:11.343", - "lastModified": "2023-08-16T15:17:05.683", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-22T18:51:54.437", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 6.7, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.8, + "impactScore": 5.9 + }, { "source": "security_alert@emc.com", "type": "Secondary", @@ -36,8 +56,18 @@ }, "weaknesses": [ { - "source": "security_alert@emc.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + }, + { + "source": "security_alert@emc.com", + "type": "Secondary", "description": [ { "lang": "en", @@ -46,10 +76,46 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:dell:powerscale_onefs:*:*:*:*:*:*:*:*", + "versionStartIncluding": "9.2.1.0", + "versionEndIncluding": "9.2.1.22", + "matchCriteriaId": "FEF3F09E-3FF7-4352-A853-41DC25627EAD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:dell:powerscale_onefs:*:*:*:*:*:*:*:*", + "versionStartIncluding": "9.4.0.0", + "versionEndIncluding": "9.4.0.13", + "matchCriteriaId": "F49A7E9F-F753-48EA-8A96-CFE473CBD81A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:dell:powerscale_onefs:*:*:*:*:*:*:*:*", + "versionStartIncluding": "9.5.0.0", + "versionEndIncluding": "9.5.0.3", + "matchCriteriaId": "AB96F54D-D8C1-439A-BA83-72B8E840DFB1" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.dell.com/support/kbdoc/en-us/000216717/dsa-2023-269-security-update-for-dell-powerscale-onefs-for-multiple-security-vulnerabilities", - "source": "security_alert@emc.com" + "source": "security_alert@emc.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32491.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32491.json index c4babf0bcf3..562f6d72c65 100644 --- a/CVE-2023/CVE-2023-324xx/CVE-2023-32491.json +++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32491.json @@ -2,8 +2,8 @@ "id": "CVE-2023-32491", "sourceIdentifier": "security_alert@emc.com", "published": "2023-08-16T14:15:11.437", - "lastModified": "2023-08-16T15:17:05.683", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-22T18:54:18.617", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + }, { "source": "security_alert@emc.com", "type": "Secondary", @@ -46,10 +66,32 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:dell:powerscale_onefs:*:*:*:*:*:*:*:*", + "versionStartIncluding": "9.5.0.0", + "versionEndIncluding": "9.5.0.3", + "matchCriteriaId": "AB96F54D-D8C1-439A-BA83-72B8E840DFB1" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.dell.com/support/kbdoc/en-us/000216717/dsa-2023-269-security-update-for-dell-powerscale-onefs-for-multiple-security-vulnerabilities", - "source": "security_alert@emc.com" + "source": "security_alert@emc.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32492.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32492.json index 50eba0297b4..e90e6a77c54 100644 --- a/CVE-2023/CVE-2023-324xx/CVE-2023-32492.json +++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32492.json @@ -2,8 +2,8 @@ "id": "CVE-2023-32492", "sourceIdentifier": "security_alert@emc.com", "published": "2023-08-16T14:15:11.543", - "lastModified": "2023-08-16T15:17:05.683", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-22T18:16:08.377", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.2 + }, { "source": "security_alert@emc.com", "type": "Secondary", @@ -46,10 +66,46 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:dell:powerscale_onefs:*:*:*:*:*:*:*:*", + "versionStartIncluding": "9.2.1.0", + "versionEndIncluding": "9.2.1.22", + "matchCriteriaId": "FEF3F09E-3FF7-4352-A853-41DC25627EAD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:dell:powerscale_onefs:*:*:*:*:*:*:*:*", + "versionStartIncluding": "9.4.0.0", + "versionEndIncluding": "9.4.0.13", + "matchCriteriaId": "F49A7E9F-F753-48EA-8A96-CFE473CBD81A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:dell:powerscale_onefs:*:*:*:*:*:*:*:*", + "versionStartIncluding": "9.5.0.0", + "versionEndIncluding": "9.5.0.3", + "matchCriteriaId": "AB96F54D-D8C1-439A-BA83-72B8E840DFB1" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.dell.com/support/kbdoc/en-us/000216717/dsa-2023-269-security-update-for-dell-powerscale-onefs-for-multiple-security-vulnerabilities", - "source": "security_alert@emc.com" + "source": "security_alert@emc.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32493.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32493.json index a0d4b21b34f..d0ed7609f0f 100644 --- a/CVE-2023/CVE-2023-324xx/CVE-2023-32493.json +++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32493.json @@ -2,8 +2,8 @@ "id": "CVE-2023-32493", "sourceIdentifier": "security_alert@emc.com", "published": "2023-08-16T14:15:11.663", - "lastModified": "2023-08-16T15:17:05.683", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-22T18:16:21.687", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "security_alert@emc.com", "type": "Secondary", @@ -36,8 +56,18 @@ }, "weaknesses": [ { - "source": "security_alert@emc.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-Other" + } + ] + }, + { + "source": "security_alert@emc.com", + "type": "Secondary", "description": [ { "lang": "en", @@ -46,10 +76,32 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:dell:powerscale_onefs:*:*:*:*:*:*:*:*", + "versionStartIncluding": "9.5.0.0", + "versionEndIncluding": "9.5.0.3", + "matchCriteriaId": "AB96F54D-D8C1-439A-BA83-72B8E840DFB1" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.dell.com/support/kbdoc/en-us/000216717/dsa-2023-269-security-update-for-dell-powerscale-onefs-for-multiple-security-vulnerabilities", - "source": "security_alert@emc.com" + "source": "security_alert@emc.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32495.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32495.json index 44cfa294baf..897ac59748b 100644 --- a/CVE-2023/CVE-2023-324xx/CVE-2023-32495.json +++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32495.json @@ -2,8 +2,8 @@ "id": "CVE-2023-32495", "sourceIdentifier": "security_alert@emc.com", "published": "2023-08-16T14:15:11.777", - "lastModified": "2023-08-16T15:17:05.683", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-22T18:15:55.557", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + }, { "source": "security_alert@emc.com", "type": "Secondary", @@ -36,8 +56,18 @@ }, "weaknesses": [ { - "source": "security_alert@emc.com", + "source": "nvd@nist.gov", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + }, + { + "source": "security_alert@emc.com", + "type": "Secondary", "description": [ { "lang": "en", @@ -46,10 +76,46 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:dell:powerscale_onefs:*:*:*:*:*:*:*:*", + "versionStartIncluding": "9.2.1.0", + "versionEndIncluding": "9.2.1.22", + "matchCriteriaId": "FEF3F09E-3FF7-4352-A853-41DC25627EAD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:dell:powerscale_onefs:*:*:*:*:*:*:*:*", + "versionStartIncluding": "9.4.0.0", + "versionEndIncluding": "9.4.0.13", + "matchCriteriaId": "F49A7E9F-F753-48EA-8A96-CFE473CBD81A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:dell:powerscale_onefs:*:*:*:*:*:*:*:*", + "versionStartIncluding": "9.5.0.0", + "versionEndIncluding": "9.5.0.3", + "matchCriteriaId": "AB96F54D-D8C1-439A-BA83-72B8E840DFB1" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.dell.com/support/kbdoc/en-us/000216717/dsa-2023-269-security-update-for-dell-powerscale-onefs-for-multiple-security-vulnerabilities", - "source": "security_alert@emc.com" + "source": "security_alert@emc.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-332xx/CVE-2023-33237.json b/CVE-2023/CVE-2023-332xx/CVE-2023-33237.json index f191143d6ae..3878f8e563a 100644 --- a/CVE-2023/CVE-2023-332xx/CVE-2023-33237.json +++ b/CVE-2023/CVE-2023-332xx/CVE-2023-33237.json @@ -2,8 +2,8 @@ "id": "CVE-2023-33237", "sourceIdentifier": "psirt@moxa.com", "published": "2023-08-17T02:15:41.177", - "lastModified": "2023-08-17T12:53:44.537", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-22T19:10:04.453", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "psirt@moxa.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-287" + } + ] + }, { "source": "psirt@moxa.com", "type": "Secondary", @@ -46,10 +76,44 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:moxa:tn-5900_firmware:*:*:*:*:*:*:*:*", + "versionEndIncluding": "3.3", + "matchCriteriaId": "ABA65A45-A850-440B-8B4B-191D46059E71" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:moxa:tn-5900:-:*:*:*:*:*:*:*", + "matchCriteriaId": "7D1E9F45-0ED4-4223-BC9B-D2E01A583DCA" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-230402-tn-5900-and-tn-4900-series-web-server-multiple-vulnerabilities", - "source": "psirt@moxa.com" + "source": "psirt@moxa.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-332xx/CVE-2023-33238.json b/CVE-2023/CVE-2023-332xx/CVE-2023-33238.json index 6fb6490d13f..0372e807256 100644 --- a/CVE-2023/CVE-2023-332xx/CVE-2023-33238.json +++ b/CVE-2023/CVE-2023-332xx/CVE-2023-33238.json @@ -2,8 +2,8 @@ "id": "CVE-2023-33238", "sourceIdentifier": "psirt@moxa.com", "published": "2023-08-17T03:15:09.377", - "lastModified": "2023-08-17T12:53:44.537", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-22T19:10:24.183", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "psirt@moxa.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-77" + } + ] + }, { "source": "psirt@moxa.com", "type": "Secondary", @@ -46,10 +76,72 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:moxa:tn-5900_firmware:*:*:*:*:*:*:*:*", + "versionEndIncluding": "3.3", + "matchCriteriaId": "ABA65A45-A850-440B-8B4B-191D46059E71" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:moxa:tn-5900:-:*:*:*:*:*:*:*", + "matchCriteriaId": "7D1E9F45-0ED4-4223-BC9B-D2E01A583DCA" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:moxa:tn-4900_firmware:*:*:*:*:*:*:*:*", + "versionEndIncluding": "1.2.4", + "matchCriteriaId": "442E0C68-A369-4079-86CC-0E63408C48E7" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:moxa:tn-4900:-:*:*:*:*:*:*:*", + "matchCriteriaId": "56CD9ADD-E963-42F4-A2E5-175A0D2EE8D0" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-230402-tn-5900-and-tn-4900-series-web-server-multiple-vulnerabilities", - "source": "psirt@moxa.com" + "source": "psirt@moxa.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-332xx/CVE-2023-33239.json b/CVE-2023/CVE-2023-332xx/CVE-2023-33239.json index 484765b4b71..2a0b3253c9e 100644 --- a/CVE-2023/CVE-2023-332xx/CVE-2023-33239.json +++ b/CVE-2023/CVE-2023-332xx/CVE-2023-33239.json @@ -2,8 +2,8 @@ "id": "CVE-2023-33239", "sourceIdentifier": "psirt@moxa.com", "published": "2023-08-17T03:15:09.580", - "lastModified": "2023-08-17T12:53:44.537", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-22T18:51:19.917", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "psirt@moxa.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-77" + } + ] + }, { "source": "psirt@moxa.com", "type": "Secondary", @@ -46,10 +76,72 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:moxa:tn-5900_firmware:*:*:*:*:*:*:*:*", + "versionEndIncluding": "3.3", + "matchCriteriaId": "ABA65A45-A850-440B-8B4B-191D46059E71" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:moxa:tn-5900:-:*:*:*:*:*:*:*", + "matchCriteriaId": "7D1E9F45-0ED4-4223-BC9B-D2E01A583DCA" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:moxa:tn-4900_firmware:*:*:*:*:*:*:*:*", + "versionEndIncluding": "1.2.4", + "matchCriteriaId": "442E0C68-A369-4079-86CC-0E63408C48E7" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:moxa:tn-4900:-:*:*:*:*:*:*:*", + "matchCriteriaId": "56CD9ADD-E963-42F4-A2E5-175A0D2EE8D0" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-230402-tn-5900-and-tn-4900-series-web-server-multiple-vulnerabilities", - "source": "psirt@moxa.com" + "source": "psirt@moxa.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-336xx/CVE-2023-33663.json b/CVE-2023/CVE-2023-336xx/CVE-2023-33663.json index 85bfa660eb3..155071931e6 100644 --- a/CVE-2023/CVE-2023-336xx/CVE-2023-33663.json +++ b/CVE-2023/CVE-2023-336xx/CVE-2023-33663.json @@ -2,23 +2,82 @@ "id": "CVE-2023-33663", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-16T14:15:11.863", - "lastModified": "2023-08-16T15:16:57.723", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-22T18:15:15.680", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "In the module \u201cCustomization fields fee for your store\u201d (aicustomfee) from ai-dev module for PrestaShop, an attacker can perform SQL injection up to 0.2.0. Release 0.2.1 fixed this security issue." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ai-dev:aicustomfee:*:*:*:*:*:prestashop:*:*", + "versionEndExcluding": "0.2.1", + "matchCriteriaId": "A85F863F-C25B-4C60-9DE0-46D5D79B836E" + } + ] + } + ] + } + ], "references": [ { "url": "https://security.friendsofpresta.org/modules/2023/08/16/aicustomfee.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://www.boutique.ai-dev.fr/en/customization/62-customization-fee.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Product" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-342xx/CVE-2023-34213.json b/CVE-2023/CVE-2023-342xx/CVE-2023-34213.json index 8c473dafdea..28e916d10f5 100644 --- a/CVE-2023/CVE-2023-342xx/CVE-2023-34213.json +++ b/CVE-2023/CVE-2023-342xx/CVE-2023-34213.json @@ -2,8 +2,8 @@ "id": "CVE-2023-34213", "sourceIdentifier": "psirt@moxa.com", "published": "2023-08-17T03:15:09.663", - "lastModified": "2023-08-17T12:53:44.537", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-22T18:51:41.683", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "psirt@moxa.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-77" + } + ] + }, { "source": "psirt@moxa.com", "type": "Secondary", @@ -46,10 +76,44 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:moxa:tn-5900_firmware:*:*:*:*:*:*:*:*", + "versionEndIncluding": "3.3", + "matchCriteriaId": "ABA65A45-A850-440B-8B4B-191D46059E71" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:moxa:tn-5900:-:*:*:*:*:*:*:*", + "matchCriteriaId": "7D1E9F45-0ED4-4223-BC9B-D2E01A583DCA" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-230402-tn-5900-and-tn-4900-series-web-server-multiple-vulnerabilities", - "source": "psirt@moxa.com" + "source": "psirt@moxa.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-342xx/CVE-2023-34214.json b/CVE-2023/CVE-2023-342xx/CVE-2023-34214.json index edcab26bf43..838085a58a6 100644 --- a/CVE-2023/CVE-2023-342xx/CVE-2023-34214.json +++ b/CVE-2023/CVE-2023-342xx/CVE-2023-34214.json @@ -2,8 +2,8 @@ "id": "CVE-2023-34214", "sourceIdentifier": "psirt@moxa.com", "published": "2023-08-17T03:15:09.747", - "lastModified": "2023-08-17T12:53:44.537", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-22T19:05:01.607", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "psirt@moxa.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-77" + } + ] + }, { "source": "psirt@moxa.com", "type": "Secondary", @@ -46,10 +76,72 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:moxa:tn-5900_firmware:*:*:*:*:*:*:*:*", + "versionEndIncluding": "3.3", + "matchCriteriaId": "ABA65A45-A850-440B-8B4B-191D46059E71" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:moxa:tn-5900:-:*:*:*:*:*:*:*", + "matchCriteriaId": "7D1E9F45-0ED4-4223-BC9B-D2E01A583DCA" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:moxa:tn-4900_firmware:*:*:*:*:*:*:*:*", + "versionEndIncluding": "1.2.4", + "matchCriteriaId": "442E0C68-A369-4079-86CC-0E63408C48E7" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:moxa:tn-4900:-:*:*:*:*:*:*:*", + "matchCriteriaId": "56CD9ADD-E963-42F4-A2E5-175A0D2EE8D0" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-230402-tn-5900-and-tn-4900-series-web-server-multiple-vulnerabilities", - "source": "psirt@moxa.com" + "source": "psirt@moxa.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-348xx/CVE-2023-34853.json b/CVE-2023/CVE-2023-348xx/CVE-2023-34853.json new file mode 100644 index 00000000000..23eba3eef56 --- /dev/null +++ b/CVE-2023/CVE-2023-348xx/CVE-2023-34853.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-34853", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:36.370", + "lastModified": "2023-08-22T19:16:36.370", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Buffer Overflow vulnerability in Supermicro motherboard X12DPG-QR 1.4b allows local attackers to hijack control flow via manipulation of SmcSecurityEraseSetupVar variable." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://www.supermicro.com/Bios/softfiles/17136/X12DPG-QR_1.4b_X1.02.61_SUM2.10.0.zip.", + "source": "cve@mitre.org" + }, + { + "url": "https://www.supermicro.com/en/support/security_BIOS_Aug_2023", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-350xx/CVE-2023-35009.json b/CVE-2023/CVE-2023-350xx/CVE-2023-35009.json index c11f088c054..fd235a50ac2 100644 --- a/CVE-2023/CVE-2023-350xx/CVE-2023-35009.json +++ b/CVE-2023/CVE-2023-350xx/CVE-2023-35009.json @@ -2,8 +2,8 @@ "id": "CVE-2023-35009", "sourceIdentifier": "psirt@us.ibm.com", "published": "2023-08-16T23:15:09.570", - "lastModified": "2023-08-17T12:53:44.537", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-22T18:41:39.153", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + }, { "source": "psirt@us.ibm.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-209" + } + ] + }, { "source": "psirt@us.ibm.com", "type": "Secondary", @@ -46,14 +76,108 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:cognos_analytics:*:*:*:*:*:*:*:*", + "versionStartIncluding": "11.1.0", + "versionEndExcluding": "11.1.7", + "matchCriteriaId": "89AC2F63-02F5-449F-A66C-24AAFA34ED98" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:cognos_analytics:*:*:*:*:*:*:*:*", + "versionStartIncluding": "11.2.0", + "versionEndExcluding": "11.2.4", + "matchCriteriaId": "FA7F561D-2D45-4BDB-AE84-1BD057DC9930" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:cognos_analytics:11.1.7:-:*:*:*:*:*:*", + "matchCriteriaId": "6680448A-C3B3-4FEE-A500-974681D3E731" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:cognos_analytics:11.1.7:interimfix1:*:*:*:*:*:*", + "matchCriteriaId": "3603A994-ACF9-493D-9C94-3C0751CA6C01" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:cognos_analytics:11.1.7:interimfix2:*:*:*:*:*:*", + "matchCriteriaId": "D9DDC625-D853-4D78-A409-266FE6E151FB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:cognos_analytics:11.1.7:interimfix3:*:*:*:*:*:*", + "matchCriteriaId": "E431ED86-8EE1-4378-96F9-F36B669B8174" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:cognos_analytics:11.1.7:interimfix4:*:*:*:*:*:*", + "matchCriteriaId": "13D2B9C1-2AAF-4023-B50C-A21C768F0B35" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:cognos_analytics:11.1.7:interimfix5:*:*:*:*:*:*", + "matchCriteriaId": "9612A430-DA3F-4B95-9504-EEBC1DE58A5A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:cognos_analytics:11.1.7:interimfix6:*:*:*:*:*:*", + "matchCriteriaId": "3BBA3C87-0F74-405E-AF26-43FDF71B0BD7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:cognos_analytics:11.1.7:interimfix7:*:*:*:*:*:*", + "matchCriteriaId": "29AAD02D-BB07-433F-8862-FF8F35DBFD59" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:cognos_analytics:11.1.7:interimfix8:*:*:*:*:*:*", + "matchCriteriaId": "7BEE0C22-BDEF-4C5D-8D4D-963AD9813E4D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:cognos_analytics:11.1.7:interimfix9:*:*:*:*:*:*", + "matchCriteriaId": "C25B4B1A-3EFF-4FBE-B954-ACADD7A68AA6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:cognos_analytics:11.2.4:-:*:*:*:*:*:*", + "matchCriteriaId": "A1D81212-AFFE-4A73-AAC1-E558973FC452" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:cognos_analytics:11.2.4:fixpack1:*:*:*:*:*:*", + "matchCriteriaId": "07DC144D-62FC-4808-A77A-642871C1F8FC" + } + ] + } + ] + } + ], "references": [ { "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/257703", - "source": "psirt@us.ibm.com" + "source": "psirt@us.ibm.com", + "tags": [ + "VDB Entry", + "Vendor Advisory" + ] }, { "url": "https://www.ibm.com/support/pages/node/7026692", - "source": "psirt@us.ibm.com" + "source": "psirt@us.ibm.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-350xx/CVE-2023-35011.json b/CVE-2023/CVE-2023-350xx/CVE-2023-35011.json index 04b48dffd0e..26e9efc25d7 100644 --- a/CVE-2023/CVE-2023-350xx/CVE-2023-35011.json +++ b/CVE-2023/CVE-2023-350xx/CVE-2023-35011.json @@ -2,8 +2,8 @@ "id": "CVE-2023-35011", "sourceIdentifier": "psirt@us.ibm.com", "published": "2023-08-16T23:15:10.297", - "lastModified": "2023-08-17T12:53:44.537", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-22T18:41:57.707", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.5 + }, { "source": "psirt@us.ibm.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-918" + } + ] + }, { "source": "psirt@us.ibm.com", "type": "Secondary", @@ -46,14 +76,108 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:cognos_analytics:*:*:*:*:*:*:*:*", + "versionStartIncluding": "11.1.0", + "versionEndExcluding": "11.1.7", + "matchCriteriaId": "89AC2F63-02F5-449F-A66C-24AAFA34ED98" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:cognos_analytics:*:*:*:*:*:*:*:*", + "versionStartIncluding": "11.2.0", + "versionEndExcluding": "11.2.4", + "matchCriteriaId": "FA7F561D-2D45-4BDB-AE84-1BD057DC9930" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:cognos_analytics:11.1.7:-:*:*:*:*:*:*", + "matchCriteriaId": "6680448A-C3B3-4FEE-A500-974681D3E731" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:cognos_analytics:11.1.7:interimfix1:*:*:*:*:*:*", + "matchCriteriaId": "3603A994-ACF9-493D-9C94-3C0751CA6C01" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:cognos_analytics:11.1.7:interimfix2:*:*:*:*:*:*", + "matchCriteriaId": "D9DDC625-D853-4D78-A409-266FE6E151FB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:cognos_analytics:11.1.7:interimfix3:*:*:*:*:*:*", + "matchCriteriaId": "E431ED86-8EE1-4378-96F9-F36B669B8174" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:cognos_analytics:11.1.7:interimfix4:*:*:*:*:*:*", + "matchCriteriaId": "13D2B9C1-2AAF-4023-B50C-A21C768F0B35" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:cognos_analytics:11.1.7:interimfix5:*:*:*:*:*:*", + "matchCriteriaId": "9612A430-DA3F-4B95-9504-EEBC1DE58A5A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:cognos_analytics:11.1.7:interimfix6:*:*:*:*:*:*", + "matchCriteriaId": "3BBA3C87-0F74-405E-AF26-43FDF71B0BD7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:cognos_analytics:11.1.7:interimfix7:*:*:*:*:*:*", + "matchCriteriaId": "29AAD02D-BB07-433F-8862-FF8F35DBFD59" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:cognos_analytics:11.1.7:interimfix8:*:*:*:*:*:*", + "matchCriteriaId": "7BEE0C22-BDEF-4C5D-8D4D-963AD9813E4D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:cognos_analytics:11.1.7:interimfix9:*:*:*:*:*:*", + "matchCriteriaId": "C25B4B1A-3EFF-4FBE-B954-ACADD7A68AA6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:cognos_analytics:11.2.4:-:*:*:*:*:*:*", + "matchCriteriaId": "A1D81212-AFFE-4A73-AAC1-E558973FC452" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:cognos_analytics:11.2.4:fixpack1:*:*:*:*:*:*", + "matchCriteriaId": "07DC144D-62FC-4808-A77A-642871C1F8FC" + } + ] + } + ] + } + ], "references": [ { "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/257705", - "source": "psirt@us.ibm.com" + "source": "psirt@us.ibm.com", + "tags": [ + "VDB Entry", + "Vendor Advisory" + ] }, { "url": "https://www.ibm.com/support/pages/node/7026692", - "source": "psirt@us.ibm.com" + "source": "psirt@us.ibm.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-358xx/CVE-2023-35893.json b/CVE-2023/CVE-2023-358xx/CVE-2023-35893.json index b40dcbb8a97..7d2725f6704 100644 --- a/CVE-2023/CVE-2023-358xx/CVE-2023-35893.json +++ b/CVE-2023/CVE-2023-358xx/CVE-2023-35893.json @@ -2,8 +2,8 @@ "id": "CVE-2023-35893", "sourceIdentifier": "psirt@us.ibm.com", "published": "2023-08-16T22:15:13.300", - "lastModified": "2023-08-17T12:53:44.537", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-22T18:42:02.497", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "psirt@us.ibm.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-78" + } + ] + }, { "source": "psirt@us.ibm.com", "type": "Secondary", @@ -46,14 +76,66 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:security_guardium:10.6:*:*:*:*:*:*:*", + "matchCriteriaId": "B188D81F-4E29-46D9-8D41-9B02B9DB2E56" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:security_guardium:11.3:*:*:*:*:*:*:*", + "matchCriteriaId": "FBEB866D-1959-41C9-858F-24C05D20E332" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:security_guardium:11.4:*:*:*:*:*:*:*", + "matchCriteriaId": "B9329F08-2AA4-4126-9A7F-1EEBB25A6C1C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:security_guardium:11.5:*:*:*:*:*:*:*", + "matchCriteriaId": "B4F327AB-9F53-402C-9BFA-F66F20A83B40" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", + "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1" + } + ] + } + ] + } + ], "references": [ { "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/258824", - "source": "psirt@us.ibm.com" + "source": "psirt@us.ibm.com", + "tags": [ + "VDB Entry", + "Vendor Advisory" + ] }, { "url": "https://www.ibm.com/support/pages/node/7027853", - "source": "psirt@us.ibm.com" + "source": "psirt@us.ibm.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-362xx/CVE-2023-36281.json b/CVE-2023/CVE-2023-362xx/CVE-2023-36281.json new file mode 100644 index 00000000000..6051cd838ae --- /dev/null +++ b/CVE-2023/CVE-2023-362xx/CVE-2023-36281.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-36281", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:36.457", + "lastModified": "2023-08-22T19:16:36.457", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An issue in langchain v.0.0.171 allows a remote attacker to execute arbitrary code via the via the a json file to the load_prompt parameter." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://aisec.today/LangChain-2e6244a313dd46139c5ef28cbcab9e55", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/hwchase17/langchain/issues/4394", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-36xx/CVE-2023-3699.json b/CVE-2023/CVE-2023-36xx/CVE-2023-3699.json new file mode 100644 index 00000000000..76378a098ff --- /dev/null +++ b/CVE-2023/CVE-2023-36xx/CVE-2023-3699.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-3699", + "sourceIdentifier": "security@asustor.com", + "published": "2023-08-22T19:16:39.707", + "lastModified": "2023-08-22T19:16:39.707", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An Improper Privilege Management vulnerability was found in ASUSTOR Data Master (ADM) allows an unprivileged local users to modify the storage devices configuration. Affected products and versions include: ADM 4.0.6.RIS1, 4.1.0 and below as well as ADM 4.2.2.RI61 and below.\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@asustor.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "LOW", + "baseScore": 8.7, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.0, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "security@asustor.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-269" + } + ] + } + ], + "references": [ + { + "url": "https://www.asustor.com/security/security_advisory_detail?id=29", + "source": "security@asustor.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-374xx/CVE-2023-37421.json b/CVE-2023/CVE-2023-374xx/CVE-2023-37421.json new file mode 100644 index 00000000000..44063667ee6 --- /dev/null +++ b/CVE-2023/CVE-2023-374xx/CVE-2023-37421.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2023-37421", + "sourceIdentifier": "security-alert@hpe.com", + "published": "2023-08-22T19:16:36.547", + "lastModified": "2023-08-22T19:16:36.547", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated\u00a0remote attacker to conduct a stored cross-site scripting\u00a0(XSS) attack against an administrative user of the interface.\u00a0A successful exploit allows an attacker to execute arbitrary\u00a0script code in a victim's browser in the context of the\u00a0affected interface." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-alert@hpe.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 8.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.7, + "impactScore": 5.8 + } + ] + }, + "references": [ + { + "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-012.txt", + "source": "security-alert@hpe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-374xx/CVE-2023-37422.json b/CVE-2023/CVE-2023-374xx/CVE-2023-37422.json new file mode 100644 index 00000000000..b44ab64c79c --- /dev/null +++ b/CVE-2023/CVE-2023-374xx/CVE-2023-37422.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2023-37422", + "sourceIdentifier": "security-alert@hpe.com", + "published": "2023-08-22T19:16:36.647", + "lastModified": "2023-08-22T19:16:36.647", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated\u00a0remote attacker to conduct a stored cross-site scripting\u00a0(XSS) attack against an administrative user of the interface.\u00a0A successful exploit allows an attacker to execute arbitrary\u00a0script code in a victim's browser in the context of the\u00a0affected interface." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-alert@hpe.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 8.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.7, + "impactScore": 5.8 + } + ] + }, + "references": [ + { + "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-012.txt", + "source": "security-alert@hpe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-374xx/CVE-2023-37423.json b/CVE-2023/CVE-2023-374xx/CVE-2023-37423.json new file mode 100644 index 00000000000..027aa4590b9 --- /dev/null +++ b/CVE-2023/CVE-2023-374xx/CVE-2023-37423.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2023-37423", + "sourceIdentifier": "security-alert@hpe.com", + "published": "2023-08-22T19:16:36.757", + "lastModified": "2023-08-22T19:16:36.757", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated\u00a0remote attacker to conduct a stored cross-site scripting\u00a0(XSS) attack against an administrative user of the interface.\u00a0A successful exploit allows an attacker to execute arbitrary\u00a0script code in a victim's browser in the context of the\u00a0affected interface." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-alert@hpe.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 8.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.7, + "impactScore": 5.8 + } + ] + }, + "references": [ + { + "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-012.txt", + "source": "security-alert@hpe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-374xx/CVE-2023-37424.json b/CVE-2023/CVE-2023-374xx/CVE-2023-37424.json new file mode 100644 index 00000000000..2fa295e7f65 --- /dev/null +++ b/CVE-2023/CVE-2023-374xx/CVE-2023-37424.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2023-37424", + "sourceIdentifier": "security-alert@hpe.com", + "published": "2023-08-22T19:16:36.943", + "lastModified": "2023-08-22T19:16:36.943", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability in the web-based management interface\u00a0of EdgeConnect SD-WAN Orchestrator could allow an\u00a0unauthenticated remote attacker to run arbitrary commands on\u00a0the underlying host if certain preconditions outside of the\u00a0attacker's control are met. Successful exploitation of this\u00a0vulnerability could allow an attacker to execute arbitrary\u00a0commands on the underlying operating system leading to\u00a0complete system compromise." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-alert@hpe.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.2, + "impactScore": 5.9 + } + ] + }, + "references": [ + { + "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-012.txt", + "source": "security-alert@hpe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-374xx/CVE-2023-37425.json b/CVE-2023/CVE-2023-374xx/CVE-2023-37425.json new file mode 100644 index 00000000000..b92cf5ff98f --- /dev/null +++ b/CVE-2023/CVE-2023-374xx/CVE-2023-37425.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2023-37425", + "sourceIdentifier": "security-alert@hpe.com", + "published": "2023-08-22T19:16:37.097", + "lastModified": "2023-08-22T19:16:37.097", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability in the web-based management interface\u00a0of EdgeConnect SD-WAN Orchestrator could allow an\u00a0unauthenticated remote attacker to conduct a stored\u00a0cross-site scripting (XSS) attack against an administrative\u00a0user of the interface. A successful exploit allows an\u00a0attacker to execute arbitrary script code in a victim's\u00a0browser in the context of the affected interface." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-alert@hpe.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 8.0, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.6, + "impactScore": 5.8 + } + ] + }, + "references": [ + { + "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-012.txt", + "source": "security-alert@hpe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-374xx/CVE-2023-37426.json b/CVE-2023/CVE-2023-374xx/CVE-2023-37426.json new file mode 100644 index 00000000000..393dffa8412 --- /dev/null +++ b/CVE-2023/CVE-2023-374xx/CVE-2023-37426.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2023-37426", + "sourceIdentifier": "security-alert@hpe.com", + "published": "2023-08-22T19:16:37.210", + "lastModified": "2023-08-22T19:16:37.210", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "EdgeConnect SD-WAN Orchestrator instances prior to the\u00a0versions resolved in this advisory were found to have\u00a0shared static SSH host keys for all installations. This\u00a0vulnerability could allow an attacker to spoof the SSH host\u00a0signature and thereby masquerade as a legitimate Orchestrator\nhost." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-alert@hpe.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 7.4, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.2, + "impactScore": 5.2 + } + ] + }, + "references": [ + { + "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-012.txt", + "source": "security-alert@hpe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-374xx/CVE-2023-37427.json b/CVE-2023/CVE-2023-374xx/CVE-2023-37427.json new file mode 100644 index 00000000000..1aef8353aeb --- /dev/null +++ b/CVE-2023/CVE-2023-374xx/CVE-2023-37427.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2023-37427", + "sourceIdentifier": "security-alert@hpe.com", + "published": "2023-08-22T19:16:37.310", + "lastModified": "2023-08-22T19:16:37.310", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability in the web-based management interface of\u00a0EdgeConnect SD-WAN Orchestrator could allow an authenticated\u00a0remote attacker to run arbitrary commands on the underlying\u00a0host. Successful exploitation of this vulnerability allows\u00a0an attacker to execute arbitrary commands as root on the\u00a0underlying operating system leading to complete system\u00a0compromise." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-alert@hpe.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.9 + } + ] + }, + "references": [ + { + "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-012.txt", + "source": "security-alert@hpe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-374xx/CVE-2023-37428.json b/CVE-2023/CVE-2023-374xx/CVE-2023-37428.json new file mode 100644 index 00000000000..60a1ba983e5 --- /dev/null +++ b/CVE-2023/CVE-2023-374xx/CVE-2023-37428.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2023-37428", + "sourceIdentifier": "security-alert@hpe.com", + "published": "2023-08-22T19:16:37.423", + "lastModified": "2023-08-22T19:16:37.423", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability in the EdgeConnect SD-WAN Orchestrator\u00a0web-based management interface allows remote authenticated\u00a0users to run arbitrary commands on the underlying host.\u00a0A successful exploit could allow an attacker to execute\u00a0arbitrary commands as root on the underlying operating system\u00a0leading to complete system compromise." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-alert@hpe.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.9 + } + ] + }, + "references": [ + { + "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-012.txt", + "source": "security-alert@hpe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-374xx/CVE-2023-37429.json b/CVE-2023/CVE-2023-374xx/CVE-2023-37429.json new file mode 100644 index 00000000000..1338fb25bd0 --- /dev/null +++ b/CVE-2023/CVE-2023-374xx/CVE-2023-37429.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2023-37429", + "sourceIdentifier": "security-alert@hpe.com", + "published": "2023-08-22T19:16:37.580", + "lastModified": "2023-08-22T19:16:37.580", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Multiple vulnerabilities in the web-based management\u00a0interface of EdgeConnect SD-WAN Orchestrator could allow\u00a0an authenticated remote attacker to conduct SQL injection\u00a0attacks against the EdgeConnect SD-WAN Orchestrator\u00a0instance. An attacker could exploit these vulnerabilities to\n\u00a0 \u00a0 obtain and modify sensitive information in the underlying\u00a0database potentially leading to the exposure and corruption\u00a0of sensitive data controlled by the EdgeConnect SD-WAN\u00a0Orchestrator host.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-alert@hpe.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.2 + } + ] + }, + "references": [ + { + "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-012.txt", + "source": "security-alert@hpe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-374xx/CVE-2023-37430.json b/CVE-2023/CVE-2023-374xx/CVE-2023-37430.json new file mode 100644 index 00000000000..fdc766e643c --- /dev/null +++ b/CVE-2023/CVE-2023-374xx/CVE-2023-37430.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2023-37430", + "sourceIdentifier": "security-alert@hpe.com", + "published": "2023-08-22T19:16:37.737", + "lastModified": "2023-08-22T19:16:37.737", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Multiple vulnerabilities in the web-based management\u00a0interface of EdgeConnect SD-WAN Orchestrator could allow\u00a0an authenticated remote attacker to conduct SQL injection\u00a0attacks against the EdgeConnect SD-WAN Orchestrator\u00a0instance. An attacker could exploit these vulnerabilities to\n\u00a0 \u00a0 obtain and modify sensitive information in the underlying\u00a0database potentially leading to the exposure and corruption\u00a0of sensitive data controlled by the EdgeConnect SD-WAN\u00a0Orchestrator host.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-alert@hpe.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.2 + } + ] + }, + "references": [ + { + "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-012.txt", + "source": "security-alert@hpe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-374xx/CVE-2023-37431.json b/CVE-2023/CVE-2023-374xx/CVE-2023-37431.json new file mode 100644 index 00000000000..09fb639d2ea --- /dev/null +++ b/CVE-2023/CVE-2023-374xx/CVE-2023-37431.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2023-37431", + "sourceIdentifier": "security-alert@hpe.com", + "published": "2023-08-22T19:16:37.833", + "lastModified": "2023-08-22T19:16:37.833", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Multiple vulnerabilities in the web-based management\u00a0interface of EdgeConnect SD-WAN Orchestrator could allow\u00a0an authenticated remote attacker to conduct SQL injection\u00a0attacks against the EdgeConnect SD-WAN Orchestrator\u00a0instance. An attacker could exploit these vulnerabilities to\n\u00a0 \u00a0 obtain and modify sensitive information in the underlying\u00a0database potentially leading to the exposure and corruption\u00a0of sensitive data controlled by the EdgeConnect SD-WAN\u00a0Orchestrator host.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-alert@hpe.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.2 + } + ] + }, + "references": [ + { + "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-012.txt", + "source": "security-alert@hpe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-374xx/CVE-2023-37432.json b/CVE-2023/CVE-2023-374xx/CVE-2023-37432.json new file mode 100644 index 00000000000..9b9d4599e0d --- /dev/null +++ b/CVE-2023/CVE-2023-374xx/CVE-2023-37432.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2023-37432", + "sourceIdentifier": "security-alert@hpe.com", + "published": "2023-08-22T19:16:38.070", + "lastModified": "2023-08-22T19:16:38.070", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Multiple vulnerabilities in the web-based management\u00a0interface of EdgeConnect SD-WAN Orchestrator could allow\u00a0an authenticated remote attacker to conduct SQL injection\u00a0attacks against the EdgeConnect SD-WAN Orchestrator\u00a0instance. An attacker could exploit these vulnerabilities to\n\u00a0 \u00a0 obtain and modify sensitive information in the underlying\u00a0database potentially leading to the exposure and corruption\u00a0of sensitive data controlled by the EdgeConnect SD-WAN\u00a0Orchestrator host.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-alert@hpe.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.2 + } + ] + }, + "references": [ + { + "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-012.txt", + "source": "security-alert@hpe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-374xx/CVE-2023-37433.json b/CVE-2023/CVE-2023-374xx/CVE-2023-37433.json new file mode 100644 index 00000000000..130e7bbaacd --- /dev/null +++ b/CVE-2023/CVE-2023-374xx/CVE-2023-37433.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2023-37433", + "sourceIdentifier": "security-alert@hpe.com", + "published": "2023-08-22T19:16:38.253", + "lastModified": "2023-08-22T19:16:38.253", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Multiple vulnerabilities in the web-based management\u00a0interface of EdgeConnect SD-WAN Orchestrator could allow\u00a0an authenticated remote attacker to conduct SQL injection\u00a0attacks against the EdgeConnect SD-WAN Orchestrator\u00a0instance. An attacker could exploit these vulnerabilities to\n\u00a0 \u00a0 obtain and modify sensitive information in the underlying\u00a0database potentially leading to the exposure and corruption\u00a0of sensitive data controlled by the EdgeConnect SD-WAN\u00a0Orchestrator host.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-alert@hpe.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.2 + } + ] + }, + "references": [ + { + "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-012.txt", + "source": "security-alert@hpe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-374xx/CVE-2023-37434.json b/CVE-2023/CVE-2023-374xx/CVE-2023-37434.json new file mode 100644 index 00000000000..efb5058a945 --- /dev/null +++ b/CVE-2023/CVE-2023-374xx/CVE-2023-37434.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2023-37434", + "sourceIdentifier": "security-alert@hpe.com", + "published": "2023-08-22T19:16:38.360", + "lastModified": "2023-08-22T19:16:38.360", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Multiple vulnerabilities in the web-based management\u00a0interface of EdgeConnect SD-WAN Orchestrator could allow\u00a0an authenticated remote attacker to conduct SQL injection\u00a0attacks against the EdgeConnect SD-WAN Orchestrator\u00a0instance. An attacker could exploit these vulnerabilities to\n\u00a0 \u00a0 obtain and modify sensitive information in the underlying\u00a0database potentially leading to the exposure and corruption\u00a0of sensitive data controlled by the EdgeConnect SD-WAN\u00a0Orchestrator host.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-alert@hpe.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.2 + } + ] + }, + "references": [ + { + "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-012.txt", + "source": "security-alert@hpe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-374xx/CVE-2023-37435.json b/CVE-2023/CVE-2023-374xx/CVE-2023-37435.json new file mode 100644 index 00000000000..a840472b9b6 --- /dev/null +++ b/CVE-2023/CVE-2023-374xx/CVE-2023-37435.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2023-37435", + "sourceIdentifier": "security-alert@hpe.com", + "published": "2023-08-22T19:16:38.450", + "lastModified": "2023-08-22T19:16:38.450", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Multiple vulnerabilities in the web-based management\u00a0interface of EdgeConnect SD-WAN Orchestrator could allow\u00a0an authenticated remote attacker to conduct SQL injection\u00a0attacks against the EdgeConnect SD-WAN Orchestrator\u00a0instance. An attacker could exploit these vulnerabilities to\n\u00a0 \u00a0 obtain and modify sensitive information in the underlying\u00a0database potentially leading to the exposure and corruption\u00a0of sensitive data controlled by the EdgeConnect SD-WAN\u00a0Orchestrator host.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-alert@hpe.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.2 + } + ] + }, + "references": [ + { + "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-012.txt", + "source": "security-alert@hpe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-374xx/CVE-2023-37436.json b/CVE-2023/CVE-2023-374xx/CVE-2023-37436.json new file mode 100644 index 00000000000..8fa8c6e6650 --- /dev/null +++ b/CVE-2023/CVE-2023-374xx/CVE-2023-37436.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2023-37436", + "sourceIdentifier": "security-alert@hpe.com", + "published": "2023-08-22T19:16:38.543", + "lastModified": "2023-08-22T19:16:38.543", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Multiple vulnerabilities in the web-based management\u00a0interface of EdgeConnect SD-WAN Orchestrator could allow\u00a0an authenticated remote attacker to conduct SQL injection\u00a0attacks against the EdgeConnect SD-WAN Orchestrator\u00a0instance. An attacker could exploit these vulnerabilities to\n\u00a0 \u00a0 obtain and modify sensitive information in the underlying\u00a0database potentially leading to the exposure and corruption\u00a0of sensitive data controlled by the EdgeConnect SD-WAN\u00a0Orchestrator host.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-alert@hpe.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.2 + } + ] + }, + "references": [ + { + "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-012.txt", + "source": "security-alert@hpe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-374xx/CVE-2023-37437.json b/CVE-2023/CVE-2023-374xx/CVE-2023-37437.json new file mode 100644 index 00000000000..fa19eeb4cbc --- /dev/null +++ b/CVE-2023/CVE-2023-374xx/CVE-2023-37437.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2023-37437", + "sourceIdentifier": "security-alert@hpe.com", + "published": "2023-08-22T19:16:38.640", + "lastModified": "2023-08-22T19:16:38.640", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Multiple vulnerabilities in the web-based management\u00a0interface of EdgeConnect SD-WAN Orchestrator could allow\u00a0an authenticated remote attacker to conduct SQL injection\u00a0attacks against the EdgeConnect SD-WAN Orchestrator\u00a0instance. An attacker could exploit these vulnerabilities to\n\u00a0 \u00a0 obtain and modify sensitive information in the underlying\u00a0database potentially leading to the exposure and corruption\u00a0of sensitive data controlled by the EdgeConnect SD-WAN\u00a0Orchestrator host.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-alert@hpe.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.2 + } + ] + }, + "references": [ + { + "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-012.txt", + "source": "security-alert@hpe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-374xx/CVE-2023-37438.json b/CVE-2023/CVE-2023-374xx/CVE-2023-37438.json new file mode 100644 index 00000000000..31289463188 --- /dev/null +++ b/CVE-2023/CVE-2023-374xx/CVE-2023-37438.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2023-37438", + "sourceIdentifier": "security-alert@hpe.com", + "published": "2023-08-22T19:16:38.723", + "lastModified": "2023-08-22T19:16:38.723", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Multiple vulnerabilities in the web-based management\u00a0interface of EdgeConnect SD-WAN Orchestrator could allow\u00a0an authenticated remote attacker to conduct SQL injection\u00a0attacks against the EdgeConnect SD-WAN Orchestrator\u00a0instance. An attacker could exploit these vulnerabilities to\n\u00a0 \u00a0 obtain and modify sensitive information in the underlying\u00a0database potentially leading to the exposure and corruption\u00a0of sensitive data controlled by the EdgeConnect SD-WAN\u00a0Orchestrator host.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-alert@hpe.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.2 + } + ] + }, + "references": [ + { + "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-012.txt", + "source": "security-alert@hpe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-374xx/CVE-2023-37439.json b/CVE-2023/CVE-2023-374xx/CVE-2023-37439.json new file mode 100644 index 00000000000..1677056c0a1 --- /dev/null +++ b/CVE-2023/CVE-2023-374xx/CVE-2023-37439.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2023-37439", + "sourceIdentifier": "security-alert@hpe.com", + "published": "2023-08-22T19:16:38.817", + "lastModified": "2023-08-22T19:16:38.817", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Multiple vulnerabilities in the web-based management\u00a0interface of EdgeConnect SD-WAN Orchestrator could allow\u00a0an authenticated remote attacker to conduct SQL injection\u00a0attacks against the EdgeConnect SD-WAN Orchestrator\u00a0instance. An attacker could exploit these vulnerabilities to\n\u00a0 \u00a0 obtain and modify sensitive information in the underlying\u00a0database potentially leading to the exposure and corruption\u00a0of sensitive data controlled by the EdgeConnect SD-WAN\u00a0Orchestrator host.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-alert@hpe.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "references": [ + { + "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-012.txt", + "source": "security-alert@hpe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-374xx/CVE-2023-37440.json b/CVE-2023/CVE-2023-374xx/CVE-2023-37440.json new file mode 100644 index 00000000000..2822cd8fa9e --- /dev/null +++ b/CVE-2023/CVE-2023-374xx/CVE-2023-37440.json @@ -0,0 +1,43 @@ +{ + "id": "CVE-2023-37440", + "sourceIdentifier": "security-alert@hpe.com", + "published": "2023-08-22T19:16:38.907", + "lastModified": "2023-08-22T19:16:38.907", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability in the web-based management interface\u00a0of EdgeConnect SD-WAN Orchestrator could allow an\u00a0unauthenticated remote attacker to conduct a server-side\u00a0request forgery (SSRF) attack. A successful exploit allows\u00a0an attacker to enumerate information about the internal\n\u00a0 \u00a0 structure of the EdgeConnect SD-WAN Orchestrator host leading\u00a0to potential disclosure of sensitive information.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-alert@hpe.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "references": [ + { + "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-012.txt", + "source": "security-alert@hpe.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-383xx/CVE-2023-38325.json b/CVE-2023/CVE-2023-383xx/CVE-2023-38325.json index 7fb96fa0916..e14c8a137ea 100644 --- a/CVE-2023/CVE-2023-383xx/CVE-2023-38325.json +++ b/CVE-2023/CVE-2023-383xx/CVE-2023-38325.json @@ -2,8 +2,8 @@ "id": "CVE-2023-38325", "sourceIdentifier": "cve@mitre.org", "published": "2023-07-14T20:15:09.157", - "lastModified": "2023-08-01T18:21:05.103", - "vulnStatus": "Analyzed", + "lastModified": "2023-08-22T19:16:38.993", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -91,6 +91,10 @@ "Vendor Advisory" ] }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NMCCTYY3CSNQBFFYYC5DAV6KATHWCUZK/", + "source": "cve@mitre.org" + }, { "url": "https://pypi.org/project/cryptography/#history", "source": "cve@mitre.org", diff --git a/CVE-2023/CVE-2023-386xx/CVE-2023-38665.json b/CVE-2023/CVE-2023-386xx/CVE-2023-38665.json new file mode 100644 index 00000000000..4ff367a30db --- /dev/null +++ b/CVE-2023/CVE-2023-386xx/CVE-2023-38665.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-38665", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:39.093", + "lastModified": "2023-08-22T19:16:39.093", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Null pointer dereference in ieee_write_file in nasm 2.16rc0 allows attackers to cause a denial of service (crash)." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://bugzilla.nasm.us/show_bug.cgi?id=3392818", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-386xx/CVE-2023-38666.json b/CVE-2023/CVE-2023-386xx/CVE-2023-38666.json new file mode 100644 index 00000000000..3450d842f5b --- /dev/null +++ b/CVE-2023/CVE-2023-386xx/CVE-2023-38666.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-38666", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:39.170", + "lastModified": "2023-08-22T19:16:39.170", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Bento4 v1.6.0-639 was discovered to contain a segmentation violation via the AP4_Processor::ProcessFragments function in mp4encrypt." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/axiomatic-systems/Bento4/issues/784", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-386xx/CVE-2023-38667.json b/CVE-2023/CVE-2023-386xx/CVE-2023-38667.json new file mode 100644 index 00000000000..d798030a16f --- /dev/null +++ b/CVE-2023/CVE-2023-386xx/CVE-2023-38667.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-38667", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:39.240", + "lastModified": "2023-08-22T19:16:39.240", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Stack-based buffer over-read in function disasm in nasm 2.16 allows attackers to cause a denial of service." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://bugzilla.nasm.us/show_bug.cgi?id=3392812", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-386xx/CVE-2023-38668.json b/CVE-2023/CVE-2023-386xx/CVE-2023-38668.json new file mode 100644 index 00000000000..812bd6f5db9 --- /dev/null +++ b/CVE-2023/CVE-2023-386xx/CVE-2023-38668.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-38668", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:39.303", + "lastModified": "2023-08-22T19:16:39.303", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Stack-based buffer over-read in disasm in nasm 2.16 allows attackers to cause a denial of service (crash)." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://bugzilla.nasm.us/show_bug.cgi?id=3392811", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-387xx/CVE-2023-38732.json b/CVE-2023/CVE-2023-387xx/CVE-2023-38732.json new file mode 100644 index 00000000000..a55469e98f9 --- /dev/null +++ b/CVE-2023/CVE-2023-387xx/CVE-2023-38732.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2023-38732", + "sourceIdentifier": "psirt@us.ibm.com", + "published": "2023-08-22T19:16:39.373", + "lastModified": "2023-08-22T19:16:39.373", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "\nIBM Robotic Process Automation 21.0.0 through 21.0.7 server could allow an authenticated user to view sensitive information from application logs. IBM X-Force ID: 262289.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@us.ibm.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@us.ibm.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-532" + } + ] + } + ], + "references": [ + { + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/262289", + "source": "psirt@us.ibm.com" + }, + { + "url": "https://www.ibm.com/support/pages/node/7028221", + "source": "psirt@us.ibm.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-388xx/CVE-2023-38861.json b/CVE-2023/CVE-2023-388xx/CVE-2023-38861.json index b11cbf7a214..60698b57c78 100644 --- a/CVE-2023/CVE-2023-388xx/CVE-2023-38861.json +++ b/CVE-2023/CVE-2023-388xx/CVE-2023-38861.json @@ -2,19 +2,87 @@ "id": "CVE-2023-38861", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-15T19:15:10.560", - "lastModified": "2023-08-15T20:01:42.207", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-22T19:23:29.690", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An issue in Wavlink WL_WNJ575A3 v.R75A3_V1410_220513 allows a remote attacker to execute arbitrary code via username parameter of the set_sys_adm function in adm.cgi." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-77" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:wavlink:wl-wn575a3_firmware:r75a3_v1410_220513:*:*:*:*:*:*:*", + "matchCriteriaId": "F88C031C-8A56-4DF7-8217-0C5390D4E591" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:wavlink:wl-wn575a3:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E486B15E-04DA-4DF6-A1A9-A37171131F44" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/TTY-flag/my_iot_vul/tree/main/WAVLINK/WL-WN575A3", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-388xx/CVE-2023-38862.json b/CVE-2023/CVE-2023-388xx/CVE-2023-38862.json index cd6005fd22d..c8a740f0a24 100644 --- a/CVE-2023/CVE-2023-388xx/CVE-2023-38862.json +++ b/CVE-2023/CVE-2023-388xx/CVE-2023-38862.json @@ -2,19 +2,87 @@ "id": "CVE-2023-38862", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-15T19:15:10.613", - "lastModified": "2023-08-15T20:01:42.207", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-22T18:36:32.053", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An issue in COMFAST CF-XR11 v.2.7.2 allows an attacker to execute arbitrary code via the destination parameter of sub_431F64 function in bin/webmgnt." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-77" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:comfast:cf-xr11_firmware:2.7.2:*:*:*:*:*:*:*", + "matchCriteriaId": "A0ACB279-03B0-4092-B9AC-32E33B25783A" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:comfast:cf-xr11:-:*:*:*:*:*:*:*", + "matchCriteriaId": "EA049A93-1713-4B95-AB0F-84E2D6C99A26" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/TTY-flag/my_iot_vul/tree/main/COMFAST/CF-XR11/Command_Inject1", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-388xx/CVE-2023-38863.json b/CVE-2023/CVE-2023-388xx/CVE-2023-38863.json index f9131cf829e..b0c3a8b40c4 100644 --- a/CVE-2023/CVE-2023-388xx/CVE-2023-38863.json +++ b/CVE-2023/CVE-2023-388xx/CVE-2023-38863.json @@ -2,19 +2,87 @@ "id": "CVE-2023-38863", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-15T19:15:10.673", - "lastModified": "2023-08-15T20:01:42.207", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-22T18:36:43.137", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An issue in COMFAST CF-XR11 v.2.7.2 allows an attacker to execute arbitrary code via the ifname and mac parameters in the sub_410074 function at bin/webmgnt." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-77" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:comfast:cf-xr11_firmware:2.7.2:*:*:*:*:*:*:*", + "matchCriteriaId": "A0ACB279-03B0-4092-B9AC-32E33B25783A" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:comfast:cf-xr11:-:*:*:*:*:*:*:*", + "matchCriteriaId": "EA049A93-1713-4B95-AB0F-84E2D6C99A26" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/TTY-flag/my_iot_vul/tree/main/COMFAST/CF-XR11/Command_Inject4", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-388xx/CVE-2023-38865.json b/CVE-2023/CVE-2023-388xx/CVE-2023-38865.json index 2c4ebcb3cfa..9d39b7e4b60 100644 --- a/CVE-2023/CVE-2023-388xx/CVE-2023-38865.json +++ b/CVE-2023/CVE-2023-388xx/CVE-2023-38865.json @@ -2,19 +2,87 @@ "id": "CVE-2023-38865", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-15T19:15:10.727", - "lastModified": "2023-08-15T20:01:42.207", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-22T18:10:07.163", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "COMFAST CF-XR11 V2.7.2 has a command injection vulnerability detected at function sub_4143F0. Attackers can send POST request messages to /usr/bin/webmgnt and inject commands into parameter timestr." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-77" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:comfast:cf-xr11_firmware:2.7.2:*:*:*:*:*:*:*", + "matchCriteriaId": "A0ACB279-03B0-4092-B9AC-32E33B25783A" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:comfast:cf-xr11:-:*:*:*:*:*:*:*", + "matchCriteriaId": "EA049A93-1713-4B95-AB0F-84E2D6C99A26" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/TTY-flag/my_iot_vul/tree/main/COMFAST/CF-XR11/Command_Inject5", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-389xx/CVE-2023-38904.json b/CVE-2023/CVE-2023-389xx/CVE-2023-38904.json index 1f86a475d07..feb5bdf4d90 100644 --- a/CVE-2023/CVE-2023-389xx/CVE-2023-38904.json +++ b/CVE-2023/CVE-2023-389xx/CVE-2023-38904.json @@ -2,19 +2,76 @@ "id": "CVE-2023-38904", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-16T14:15:11.927", - "lastModified": "2023-08-16T15:16:57.723", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-22T18:14:55.080", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A Cross Site Scripting (XSS) vulnerability in Netlify CMS v.2.10.192 allows a remote attacker to execute arbitrary code via a crafted payload to the body parameter of the new post function." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:decapcms:netlify_cms:2.10.192:*:*:*:*:*:*:*", + "matchCriteriaId": "1726B042-2078-40CA-BC30-6A5708CFF76F" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.exploit-db.com/exploits/51576", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-389xx/CVE-2023-38996.json b/CVE-2023/CVE-2023-389xx/CVE-2023-38996.json new file mode 100644 index 00000000000..7c2d8fbe93e --- /dev/null +++ b/CVE-2023/CVE-2023-389xx/CVE-2023-38996.json @@ -0,0 +1,28 @@ +{ + "id": "CVE-2023-38996", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:39.483", + "lastModified": "2023-08-22T19:16:39.483", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An issue in all versions of Douran DSGate allows a local authenticated privileged attacker to execute arbitrary code via the debug command." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://douran.com/en-US/Dourtal/4797/page/DSGate", + "source": "cve@mitre.org" + }, + { + "url": "https://douran.com/fa-IR/Dourtal/4797/page/DSGate", + "source": "cve@mitre.org" + }, + { + "url": "https://gist.github.com/RNPG/53b579da330ba896aa8dc2d901e5e400", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-391xx/CVE-2023-39115.json b/CVE-2023/CVE-2023-391xx/CVE-2023-39115.json index aaeb114a4d3..f9b94221da4 100644 --- a/CVE-2023/CVE-2023-391xx/CVE-2023-39115.json +++ b/CVE-2023/CVE-2023-391xx/CVE-2023-39115.json @@ -2,31 +2,99 @@ "id": "CVE-2023-39115", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-16T15:15:11.113", - "lastModified": "2023-08-17T16:15:09.967", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-22T18:14:03.050", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "install/aiz-uploader/upload in Campcodes Online Matrimonial Website System Script 3.3 allows XSS via a crafted SVG document." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-434" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:campcodes:complete_online_matrimonial_website_system_script:3.3:*:*:*:*:*:*:*", + "matchCriteriaId": "7C1DFE13-DC21-420C-8DAD-DE820CA1B538" + } + ] + } + ] + } + ], "references": [ { "url": "http://packetstormsecurity.com/files/173950/Campcodes-Online-Matrimonial-Website-System-3.3-Cross-Site-Scripting.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://github.com/Raj789-sec/CVE-2023-39115", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://www.campcodes.com/projects/php/online-matrimonial-website-system-script-in-php/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Product" + ] }, { "url": "https://www.exploit-db.com/exploits/51656", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-391xx/CVE-2023-39141.json b/CVE-2023/CVE-2023-391xx/CVE-2023-39141.json new file mode 100644 index 00000000000..ae9092569b8 --- /dev/null +++ b/CVE-2023/CVE-2023-391xx/CVE-2023-39141.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-39141", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:39.563", + "lastModified": "2023-08-22T19:16:39.563", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "webui-aria2 commit 4fe2e was discovered to contain a path traversal vulnerability." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://gist.github.com/JafarAkhondali/528fe6c548b78f454911fb866b23f66e", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/ziahamza/webui-aria2/blob/109903f0e2774cf948698cd95a01f77f33d7dd2c/node-server.js#L10", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-395xx/CVE-2023-39599.json b/CVE-2023/CVE-2023-395xx/CVE-2023-39599.json new file mode 100644 index 00000000000..bdc68bfe997 --- /dev/null +++ b/CVE-2023/CVE-2023-395xx/CVE-2023-39599.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-39599", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-22T19:16:39.633", + "lastModified": "2023-08-22T19:16:39.633", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Scripting (XSS) vulnerability in CSZ CMS v.1.3.0 allows attackers to execute arbitrary code via a crafted payload to the Social Settings parameter." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/desencrypt/CVE/blob/main/CVE-2023-39599/Readme.md", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/desencrypt/CVE/tree/main/CVE-2023-2", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-398xx/CVE-2023-39841.json b/CVE-2023/CVE-2023-398xx/CVE-2023-39841.json index dd40fc0da73..bf114f5de0e 100644 --- a/CVE-2023/CVE-2023-398xx/CVE-2023-39841.json +++ b/CVE-2023/CVE-2023-398xx/CVE-2023-39841.json @@ -2,19 +2,87 @@ "id": "CVE-2023-39841", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-15T20:15:11.520", - "lastModified": "2023-08-15T21:56:06.607", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-22T18:36:20.983", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Missing encryption in the RFID tag of Etekcity 3-in-1 Smart Door Lock v1.0 allows attackers to create a cloned tag via brief physical proximity to the original device." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", + "attackVector": "PHYSICAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 4.6, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-311" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:etekcity:3-in-1_smart_door_lock_firmware:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "AD07920E-5B0A-4BC7-AE71-82019BE76B65" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:etekcity:3-in-1_smart_door_lock:-:*:*:*:*:*:*:*", + "matchCriteriaId": "CAAEB4F3-C309-49C0-A2B6-80F2725C84C3" + } + ] + } + ] + } + ], "references": [ { "url": "https://ashallen.net/smart-security-device-rfid-vulnerability-disclosure", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-398xx/CVE-2023-39842.json b/CVE-2023/CVE-2023-398xx/CVE-2023-39842.json index f6ad4f83c35..9bd894071a0 100644 --- a/CVE-2023/CVE-2023-398xx/CVE-2023-39842.json +++ b/CVE-2023/CVE-2023-398xx/CVE-2023-39842.json @@ -2,19 +2,87 @@ "id": "CVE-2023-39842", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-15T20:15:11.683", - "lastModified": "2023-08-15T21:56:06.607", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-22T18:28:36.360", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Missing encryption in the RFID tag of Digoo DG-HAMB Smart Home Security System v1.0 allows attackers to create a cloned tag via brief physical proximity to the original device." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "PHYSICAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 2.4, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 0.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-311" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:mydigoo:dg-hamb_smart_home_security_system_firmware:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "CA2F3C1D-70A5-4C79-8393-5CEEDF336AEE" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:mydigoo:dg-hamb_smart_home_security_system:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3854D177-6C25-48EA-8218-D73037448E7F" + } + ] + } + ] + } + ], "references": [ { "url": "https://ashallen.net/smart-security-device-rfid-vulnerability-disclosure", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-398xx/CVE-2023-39843.json b/CVE-2023/CVE-2023-398xx/CVE-2023-39843.json index c0f56ceb902..6ddd62f6d0d 100644 --- a/CVE-2023/CVE-2023-398xx/CVE-2023-39843.json +++ b/CVE-2023/CVE-2023-398xx/CVE-2023-39843.json @@ -2,19 +2,87 @@ "id": "CVE-2023-39843", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-15T20:15:11.857", - "lastModified": "2023-08-15T21:56:06.607", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-22T18:22:14.637", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Missing encryption in the RFID tag of Suleve 5-in-1 Smart Door Lock v1.0 allows attackers to create a cloned tag via brief physical proximity to the original device." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "PHYSICAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 2.4, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 0.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-311" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:sulimet:5-in-1_smart_door_lock_firmware:1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "7AFF36DC-1BE0-4794-AFB3-9DF9A4D234D5" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:sulimet:5-in-1_smart_door_lock:-:*:*:*:*:*:*:*", + "matchCriteriaId": "17539E53-0FB9-478F-B870-3745DAB2AD59" + } + ] + } + ] + } + ], "references": [ { "url": "https://ashallen.net/smart-security-device-rfid-vulnerability-disclosure", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-39xx/CVE-2023-3958.json b/CVE-2023/CVE-2023-39xx/CVE-2023-3958.json index 2ccd0656003..7c15cc56419 100644 --- a/CVE-2023/CVE-2023-39xx/CVE-2023-3958.json +++ b/CVE-2023/CVE-2023-39xx/CVE-2023-3958.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3958", "sourceIdentifier": "security@wordfence.com", "published": "2023-08-16T05:15:10.220", - "lastModified": "2023-08-16T12:02:41.873", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-22T18:03:28.367", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -13,8 +13,28 @@ "metrics": { "cvssMetricV31": [ { - "source": "security@wordfence.com", + "source": "nvd@nist.gov", "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.5 + }, + { + "source": "security@wordfence.com", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N", @@ -46,22 +66,52 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:froger:wp_remote_users_sync:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "1.2.13", + "matchCriteriaId": "A46D2D39-FCC5-401D-9665-1EAD039AF4D0" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/browser/wp-remote-users-sync/trunk/inc/api/class-wprus-api-abstract.php#L674", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Product" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset/2946667/wp-remote-users-sync#file127", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset/2953845/wp-remote-users-sync#file0", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/2e78c759-4a54-4ee4-8eff-df91fe9dad46?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-402xx/CVE-2023-40267.json b/CVE-2023/CVE-2023-402xx/CVE-2023-40267.json index 1e328a30b4d..d5667e3c77d 100644 --- a/CVE-2023/CVE-2023-402xx/CVE-2023-40267.json +++ b/CVE-2023/CVE-2023-402xx/CVE-2023-40267.json @@ -2,8 +2,8 @@ "id": "CVE-2023-40267", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-11T07:15:09.647", - "lastModified": "2023-08-18T15:29:27.313", - "vulnStatus": "Analyzed", + "lastModified": "2023-08-22T19:16:39.800", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -79,6 +79,10 @@ "Issue Tracking", "Patch" ] + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PF6AXUTC5BO7L2SBJMCVKJSPKWY52I5R/", + "source": "cve@mitre.org" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-403xx/CVE-2023-40336.json b/CVE-2023/CVE-2023-403xx/CVE-2023-40336.json index 066e05b4bf6..8ad8b765223 100644 --- a/CVE-2023/CVE-2023-403xx/CVE-2023-40336.json +++ b/CVE-2023/CVE-2023-403xx/CVE-2023-40336.json @@ -2,23 +2,82 @@ "id": "CVE-2023-40336", "sourceIdentifier": "jenkinsci-cert@googlegroups.com", "published": "2023-08-16T15:15:11.347", - "lastModified": "2023-08-17T19:15:13.283", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-22T18:43:51.880", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A cross-site request forgery (CSRF) vulnerability in Jenkins Folders Plugin 6.846.v23698686f0f6 and earlier allows attackers to copy folders." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:jenkins:folders:*:*:*:*:*:jenkins:*:*", + "versionEndIncluding": "6.846.v23698686f0f6", + "matchCriteriaId": "863E381A-42EA-45E2-ACD8-AB6CE13583AF" + } + ] + } + ] + } + ], "references": [ { "url": "http://www.openwall.com/lists/oss-security/2023/08/16/3", - "source": "jenkinsci-cert@googlegroups.com" + "source": "jenkinsci-cert@googlegroups.com", + "tags": [ + "Mailing List" + ] }, { "url": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3106", - "source": "jenkinsci-cert@googlegroups.com" + "source": "jenkinsci-cert@googlegroups.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-403xx/CVE-2023-40337.json b/CVE-2023/CVE-2023-403xx/CVE-2023-40337.json index 6094ae7682a..5b4f085845c 100644 --- a/CVE-2023/CVE-2023-403xx/CVE-2023-40337.json +++ b/CVE-2023/CVE-2023-403xx/CVE-2023-40337.json @@ -2,23 +2,82 @@ "id": "CVE-2023-40337", "sourceIdentifier": "jenkinsci-cert@googlegroups.com", "published": "2023-08-16T15:15:11.420", - "lastModified": "2023-08-17T19:15:13.343", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-22T18:45:37.287", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A cross-site request forgery (CSRF) vulnerability in Jenkins Folders Plugin 6.846.v23698686f0f6 and earlier allows attackers to copy a view inside a folder." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:jenkins:folders:*:*:*:*:*:jenkins:*:*", + "versionEndIncluding": "6.846.v23698686f0f6", + "matchCriteriaId": "863E381A-42EA-45E2-ACD8-AB6CE13583AF" + } + ] + } + ] + } + ], "references": [ { "url": "http://www.openwall.com/lists/oss-security/2023/08/16/3", - "source": "jenkinsci-cert@googlegroups.com" + "source": "jenkinsci-cert@googlegroups.com", + "tags": [ + "Mailing List" + ] }, { "url": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3105", - "source": "jenkinsci-cert@googlegroups.com" + "source": "jenkinsci-cert@googlegroups.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-403xx/CVE-2023-40338.json b/CVE-2023/CVE-2023-403xx/CVE-2023-40338.json index 6af1e1f6920..dba289256fa 100644 --- a/CVE-2023/CVE-2023-403xx/CVE-2023-40338.json +++ b/CVE-2023/CVE-2023-403xx/CVE-2023-40338.json @@ -2,23 +2,83 @@ "id": "CVE-2023-40338", "sourceIdentifier": "jenkinsci-cert@googlegroups.com", "published": "2023-08-16T15:15:11.483", - "lastModified": "2023-08-17T19:15:13.397", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-22T18:50:18.217", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Jenkins Folders Plugin 6.846.v23698686f0f6 and earlier displays an error message that includes an absolute path of a log file when attempting to access the Scan Organization Folder Log if no logs are available, exposing information about the Jenkins controller file system." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-532" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:jenkins:folders:*:*:*:*:*:jenkins:*:*", + "versionEndIncluding": "6.846.v23698686f0f6", + "matchCriteriaId": "863E381A-42EA-45E2-ACD8-AB6CE13583AF" + } + ] + } + ] + } + ], "references": [ { "url": "http://www.openwall.com/lists/oss-security/2023/08/16/3", - "source": "jenkinsci-cert@googlegroups.com" + "source": "jenkinsci-cert@googlegroups.com", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3109", - "source": "jenkinsci-cert@googlegroups.com" + "source": "jenkinsci-cert@googlegroups.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-403xx/CVE-2023-40339.json b/CVE-2023/CVE-2023-403xx/CVE-2023-40339.json index e825c74e4bc..338407cf1d9 100644 --- a/CVE-2023/CVE-2023-403xx/CVE-2023-40339.json +++ b/CVE-2023/CVE-2023-403xx/CVE-2023-40339.json @@ -2,23 +2,83 @@ "id": "CVE-2023-40339", "sourceIdentifier": "jenkinsci-cert@googlegroups.com", "published": "2023-08-16T15:15:11.547", - "lastModified": "2023-08-17T19:15:13.463", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-22T18:55:53.897", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Jenkins Config File Provider Plugin 952.va_544a_6234b_46 and earlier does not mask (i.e., replace with asterisks) credentials specified in configuration files when they're written to the build log." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:jenkins:config_file_provider:*:*:*:*:*:jenkins:*:*", + "versionEndIncluding": "952.va_544a_6234b_46", + "matchCriteriaId": "F0F8F4AC-9087-47EF-890B-CBEB311E4E2D" + } + ] + } + ] + } + ], "references": [ { "url": "http://www.openwall.com/lists/oss-security/2023/08/16/3", - "source": "jenkinsci-cert@googlegroups.com" + "source": "jenkinsci-cert@googlegroups.com", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3090", - "source": "jenkinsci-cert@googlegroups.com" + "source": "jenkinsci-cert@googlegroups.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-403xx/CVE-2023-40340.json b/CVE-2023/CVE-2023-403xx/CVE-2023-40340.json index 8406c1b2804..c531f1fc846 100644 --- a/CVE-2023/CVE-2023-403xx/CVE-2023-40340.json +++ b/CVE-2023/CVE-2023-403xx/CVE-2023-40340.json @@ -2,23 +2,83 @@ "id": "CVE-2023-40340", "sourceIdentifier": "jenkinsci-cert@googlegroups.com", "published": "2023-08-16T15:15:11.620", - "lastModified": "2023-08-17T19:15:13.523", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-22T18:56:54.967", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Jenkins NodeJS Plugin 1.6.0 and earlier does not properly mask (i.e., replace with asterisks) credentials specified in the Npm config file in Pipeline build logs." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:jenkins:nodejs:*:*:*:*:*:jenkins:*:*", + "versionEndIncluding": "1.6.0", + "matchCriteriaId": "17E4A07A-88FD-436F-B457-883223A52D1E" + } + ] + } + ] + } + ], "references": [ { "url": "http://www.openwall.com/lists/oss-security/2023/08/16/3", - "source": "jenkinsci-cert@googlegroups.com" + "source": "jenkinsci-cert@googlegroups.com", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] }, { "url": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3196", - "source": "jenkinsci-cert@googlegroups.com" + "source": "jenkinsci-cert@googlegroups.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-403xx/CVE-2023-40359.json b/CVE-2023/CVE-2023-403xx/CVE-2023-40359.json index f6a3c07147a..90dc2a7f91a 100644 --- a/CVE-2023/CVE-2023-403xx/CVE-2023-40359.json +++ b/CVE-2023/CVE-2023-403xx/CVE-2023-40359.json @@ -2,19 +2,75 @@ "id": "CVE-2023-40359", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-14T17:15:10.617", - "lastModified": "2023-08-14T17:27:48.160", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-22T18:53:55.847", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "xterm before 380 supports ReGIS reporting for character-set names even if they have unexpected characters (i.e., neither alphanumeric nor underscore), aka a pointer/overflow issue." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:invisible-island:xterm:*:*:*:*:*:*:*:*", + "versionEndExcluding": "380", + "matchCriteriaId": "0271A95F-708C-48C0-A128-992D8AFD8D5C" + } + ] + } + ] + } + ], "references": [ { "url": "https://invisible-island.net/xterm/xterm.log.html#xterm_380", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Release Notes" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-407xx/CVE-2023-40735.json b/CVE-2023/CVE-2023-407xx/CVE-2023-40735.json index 68a2b45ea71..d54353bda7b 100644 --- a/CVE-2023/CVE-2023-407xx/CVE-2023-40735.json +++ b/CVE-2023/CVE-2023-407xx/CVE-2023-40735.json @@ -2,12 +2,12 @@ "id": "CVE-2023-40735", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-21T12:15:09.410", - "lastModified": "2023-08-21T12:47:08.843", + "lastModified": "2023-08-22T19:16:39.883", "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", - "value": "Exposure of Sensitive Information to an Unauthorized Actor vulnerability in BUTTERFLY BUTTON PROJECT - BUTTERFLY BUTTON (Architecture) allows loss of plausible deniability, confidentiality.This issue affects BUTTERFLY BUTTON: As of 2023-08-21.\n\n" + "value": "Exposure of Sensitive Information to an Unauthorized Actor vulnerability in BUTTERFLY BUTTON PROJECT - BUTTERFLY BUTTON (Architecture flaw) allows loss of plausible deniability and confidentiality.\nThis issue affects BUTTERFLY BUTTON: As of 2023-08-21.\n" } ], "metrics": { @@ -48,13 +48,25 @@ ], "references": [ { - "url": "http://butterfly.com", + "url": "https://butterfly-button.web.app/", "source": "cve@mitre.org" }, { "url": "https://github.com/TheButterflyButton", "source": "cve@mitre.org" }, + { + "url": "https://github.com/TheButterflySDK", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/VULSecLabs/Vulnerabilities/blob/main/CVE/CVE-2023-40735.md", + "source": "cve@mitre.org" + }, + { + "url": "https://www.butterfly-button.com/", + "source": "cve@mitre.org" + }, { "url": "https://www.vulsec.org/advisories", "source": "cve@mitre.org" diff --git a/CVE-2023/CVE-2023-42xx/CVE-2023-4212.json b/CVE-2023/CVE-2023-42xx/CVE-2023-4212.json new file mode 100644 index 00000000000..57aa24f1d8a --- /dev/null +++ b/CVE-2023/CVE-2023-42xx/CVE-2023-4212.json @@ -0,0 +1,63 @@ +{ + "id": "CVE-2023-4212", + "sourceIdentifier": "ics-cert@hq.dhs.gov", + "published": "2023-08-22T19:16:41.587", + "lastModified": "2023-08-22T19:16:41.587", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "\n?A command injection vulnerability exists in Trane XL824, XL850, XL1050, and Pivot thermostats allowing an attacker to execute arbitrary commands as root using a specially crafted filename. The vulnerability requires physical access to the device via a USB stick.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "ics-cert@hq.dhs.gov", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "PHYSICAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 6.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "ics-cert@hq.dhs.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-74" + } + ] + } + ], + "references": [ + { + "url": "https://https://www.cisa.gov/news-events/ics-advisories/icsa-23-234-02", + "source": "ics-cert@hq.dhs.gov" + }, + { + "url": "https://hub.tranetechnologies.com/docs/DOC-216377", + "source": "ics-cert@hq.dhs.gov" + }, + { + "url": "https://www.trane.com/commercial/north-america/us/en/contact-us/locate-sales-offices.html", + "source": "ics-cert@hq.dhs.gov" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-44xx/CVE-2023-4417.json b/CVE-2023/CVE-2023-44xx/CVE-2023-4417.json index 16ddb7b7dbf..51954676f72 100644 --- a/CVE-2023/CVE-2023-44xx/CVE-2023-4417.json +++ b/CVE-2023/CVE-2023-44xx/CVE-2023-4417.json @@ -2,7 +2,7 @@ "id": "CVE-2023-4417", "sourceIdentifier": "security@devolutions.net", "published": "2023-08-21T19:15:09.187", - "lastModified": "2023-08-22T12:41:26.783", + "lastModified": "2023-08-22T19:16:41.680", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -10,30 +10,7 @@ "value": "Improper access controls in the entry duplication component in Devolutions Remote Desktop Manager 2023.2.19 and earlier versions on Windows allows an authenticated user, under specific circumstances, to inadvertently share their personal vault entry with shared vaults via an incorrect vault in the duplication write process." } ], - "metrics": { - "cvssMetricV31": [ - { - "source": "security@devolutions.net", - "type": "Secondary", - "cvssData": { - "version": "3.1", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", - "attackVector": "NETWORK", - "attackComplexity": "LOW", - "privilegesRequired": "NONE", - "userInteraction": "NONE", - "scope": "CHANGED", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "availabilityImpact": "HIGH", - "baseScore": 10.0, - "baseSeverity": "CRITICAL" - }, - "exploitabilityScore": 3.9, - "impactScore": 6.0 - } - ] - }, + "metrics": {}, "references": [ { "url": "https://devolutions.net/security/advisories/DEVO-2023-0015", diff --git a/CVE-2023/CVE-2023-44xx/CVE-2023-4475.json b/CVE-2023/CVE-2023-44xx/CVE-2023-4475.json new file mode 100644 index 00000000000..69ef78d302b --- /dev/null +++ b/CVE-2023/CVE-2023-44xx/CVE-2023-4475.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-4475", + "sourceIdentifier": "security@asustor.com", + "published": "2023-08-22T19:16:41.753", + "lastModified": "2023-08-22T19:16:41.753", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An Arbitrary File Movement vulnerability was found in ASUSTOR Data Master (ADM) allows an attacker to exploit the file renaming feature to move files to unintended directories. Affected products and versions include: ADM 4.0.6.RIS1, 4.1.0 and below as well as ADM 4.2.2.RI61 and below.\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@asustor.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 0.8, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "security@asustor.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-552" + } + ] + } + ], + "references": [ + { + "url": "https://www.asustor.com/security/security_advisory_detail?id=30", + "source": "security@asustor.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 582db567f5d..75eb5cfad8e 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-08-22T18:00:42.927137+00:00 +2023-08-22T20:00:38.701005+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-08-22T17:59:25.407000+00:00 +2023-08-22T19:23:29.690000+00:00 ``` ### Last Data Feed Release @@ -29,44 +29,69 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -223089 +223271 ``` ### CVEs added in the last Commit -Recently added CVEs: `0` +Recently added CVEs: `182` +* [CVE-2023-37427](CVE-2023/CVE-2023-374xx/CVE-2023-37427.json) (`2023-08-22T19:16:37.310`) +* [CVE-2023-37428](CVE-2023/CVE-2023-374xx/CVE-2023-37428.json) (`2023-08-22T19:16:37.423`) +* [CVE-2023-37429](CVE-2023/CVE-2023-374xx/CVE-2023-37429.json) (`2023-08-22T19:16:37.580`) +* [CVE-2023-37430](CVE-2023/CVE-2023-374xx/CVE-2023-37430.json) (`2023-08-22T19:16:37.737`) +* [CVE-2023-37431](CVE-2023/CVE-2023-374xx/CVE-2023-37431.json) (`2023-08-22T19:16:37.833`) +* [CVE-2023-37432](CVE-2023/CVE-2023-374xx/CVE-2023-37432.json) (`2023-08-22T19:16:38.070`) +* [CVE-2023-37433](CVE-2023/CVE-2023-374xx/CVE-2023-37433.json) (`2023-08-22T19:16:38.253`) +* [CVE-2023-37434](CVE-2023/CVE-2023-374xx/CVE-2023-37434.json) (`2023-08-22T19:16:38.360`) +* [CVE-2023-37435](CVE-2023/CVE-2023-374xx/CVE-2023-37435.json) (`2023-08-22T19:16:38.450`) +* [CVE-2023-37436](CVE-2023/CVE-2023-374xx/CVE-2023-37436.json) (`2023-08-22T19:16:38.543`) +* [CVE-2023-37437](CVE-2023/CVE-2023-374xx/CVE-2023-37437.json) (`2023-08-22T19:16:38.640`) +* [CVE-2023-37438](CVE-2023/CVE-2023-374xx/CVE-2023-37438.json) (`2023-08-22T19:16:38.723`) +* [CVE-2023-37439](CVE-2023/CVE-2023-374xx/CVE-2023-37439.json) (`2023-08-22T19:16:38.817`) +* [CVE-2023-37440](CVE-2023/CVE-2023-374xx/CVE-2023-37440.json) (`2023-08-22T19:16:38.907`) +* [CVE-2023-38665](CVE-2023/CVE-2023-386xx/CVE-2023-38665.json) (`2023-08-22T19:16:39.093`) +* [CVE-2023-38666](CVE-2023/CVE-2023-386xx/CVE-2023-38666.json) (`2023-08-22T19:16:39.170`) +* [CVE-2023-38667](CVE-2023/CVE-2023-386xx/CVE-2023-38667.json) (`2023-08-22T19:16:39.240`) +* [CVE-2023-38668](CVE-2023/CVE-2023-386xx/CVE-2023-38668.json) (`2023-08-22T19:16:39.303`) +* [CVE-2023-38732](CVE-2023/CVE-2023-387xx/CVE-2023-38732.json) (`2023-08-22T19:16:39.373`) +* [CVE-2023-38996](CVE-2023/CVE-2023-389xx/CVE-2023-38996.json) (`2023-08-22T19:16:39.483`) +* [CVE-2023-39141](CVE-2023/CVE-2023-391xx/CVE-2023-39141.json) (`2023-08-22T19:16:39.563`) +* [CVE-2023-39599](CVE-2023/CVE-2023-395xx/CVE-2023-39599.json) (`2023-08-22T19:16:39.633`) +* [CVE-2023-3699](CVE-2023/CVE-2023-36xx/CVE-2023-3699.json) (`2023-08-22T19:16:39.707`) +* [CVE-2023-4212](CVE-2023/CVE-2023-42xx/CVE-2023-4212.json) (`2023-08-22T19:16:41.587`) +* [CVE-2023-4475](CVE-2023/CVE-2023-44xx/CVE-2023-4475.json) (`2023-08-22T19:16:41.753`) ### CVEs modified in the last Commit -Recently modified CVEs: `46` +Recently modified CVEs: `57` -* [CVE-2023-2254](CVE-2023/CVE-2023-22xx/CVE-2023-2254.json) (`2023-08-22T16:43:12.597`) -* [CVE-2023-2225](CVE-2023/CVE-2023-22xx/CVE-2023-2225.json) (`2023-08-22T16:43:29.000`) -* [CVE-2023-2123](CVE-2023/CVE-2023-21xx/CVE-2023-2123.json) (`2023-08-22T16:43:44.743`) -* [CVE-2023-2122](CVE-2023/CVE-2023-21xx/CVE-2023-2122.json) (`2023-08-22T16:44:04.120`) -* [CVE-2023-1977](CVE-2023/CVE-2023-19xx/CVE-2023-1977.json) (`2023-08-22T16:44:31.767`) -* [CVE-2023-0551](CVE-2023/CVE-2023-05xx/CVE-2023-0551.json) (`2023-08-22T16:45:07.637`) -* [CVE-2023-22957](CVE-2023/CVE-2023-229xx/CVE-2023-22957.json) (`2023-08-22T16:45:55.407`) -* [CVE-2023-4241](CVE-2023/CVE-2023-42xx/CVE-2023-4241.json) (`2023-08-22T16:49:18.577`) -* [CVE-2023-30871](CVE-2023/CVE-2023-308xx/CVE-2023-30871.json) (`2023-08-22T16:49:32.083`) -* [CVE-2023-30779](CVE-2023/CVE-2023-307xx/CVE-2023-30779.json) (`2023-08-22T16:49:39.823`) -* [CVE-2023-30786](CVE-2023/CVE-2023-307xx/CVE-2023-30786.json) (`2023-08-22T16:49:51.777`) -* [CVE-2023-39507](CVE-2023/CVE-2023-395xx/CVE-2023-39507.json) (`2023-08-22T16:54:49.080`) -* [CVE-2023-4374](CVE-2023/CVE-2023-43xx/CVE-2023-4374.json) (`2023-08-22T16:55:05.483`) -* [CVE-2023-0058](CVE-2023/CVE-2023-00xx/CVE-2023-0058.json) (`2023-08-22T17:07:19.763`) -* [CVE-2023-22956](CVE-2023/CVE-2023-229xx/CVE-2023-22956.json) (`2023-08-22T17:09:33.733`) -* [CVE-2023-22955](CVE-2023/CVE-2023-229xx/CVE-2023-22955.json) (`2023-08-22T17:09:40.927`) -* [CVE-2023-4345](CVE-2023/CVE-2023-43xx/CVE-2023-4345.json) (`2023-08-22T17:26:51.913`) -* [CVE-2023-2312](CVE-2023/CVE-2023-23xx/CVE-2023-2312.json) (`2023-08-22T17:28:52.263`) -* [CVE-2023-39662](CVE-2023/CVE-2023-396xx/CVE-2023-39662.json) (`2023-08-22T17:32:00.990`) -* [CVE-2023-39661](CVE-2023/CVE-2023-396xx/CVE-2023-39661.json) (`2023-08-22T17:32:14.513`) -* [CVE-2023-39659](CVE-2023/CVE-2023-396xx/CVE-2023-39659.json) (`2023-08-22T17:32:31.447`) -* [CVE-2023-39438](CVE-2023/CVE-2023-394xx/CVE-2023-39438.json) (`2023-08-22T17:32:59.287`) -* [CVE-2023-32006](CVE-2023/CVE-2023-320xx/CVE-2023-32006.json) (`2023-08-22T17:41:28.640`) -* [CVE-2023-40274](CVE-2023/CVE-2023-402xx/CVE-2023-40274.json) (`2023-08-22T17:47:49.207`) -* [CVE-2023-31041](CVE-2023/CVE-2023-310xx/CVE-2023-31041.json) (`2023-08-22T17:59:25.407`) +* [CVE-2023-32487](CVE-2023/CVE-2023-324xx/CVE-2023-32487.json) (`2023-08-22T18:52:14.657`) +* [CVE-2023-32488](CVE-2023/CVE-2023-324xx/CVE-2023-32488.json) (`2023-08-22T18:52:30.857`) +* [CVE-2023-40359](CVE-2023/CVE-2023-403xx/CVE-2023-40359.json) (`2023-08-22T18:53:55.847`) +* [CVE-2023-32491](CVE-2023/CVE-2023-324xx/CVE-2023-32491.json) (`2023-08-22T18:54:18.617`) +* [CVE-2023-40339](CVE-2023/CVE-2023-403xx/CVE-2023-40339.json) (`2023-08-22T18:55:53.897`) +* [CVE-2023-40340](CVE-2023/CVE-2023-403xx/CVE-2023-40340.json) (`2023-08-22T18:56:54.967`) +* [CVE-2023-34214](CVE-2023/CVE-2023-342xx/CVE-2023-34214.json) (`2023-08-22T19:05:01.607`) +* [CVE-2023-33237](CVE-2023/CVE-2023-332xx/CVE-2023-33237.json) (`2023-08-22T19:10:04.453`) +* [CVE-2023-33238](CVE-2023/CVE-2023-332xx/CVE-2023-33238.json) (`2023-08-22T19:10:24.183`) +* [CVE-2023-0871](CVE-2023/CVE-2023-08xx/CVE-2023-0871.json) (`2023-08-22T19:16:32.307`) +* [CVE-2023-20197](CVE-2023/CVE-2023-201xx/CVE-2023-20197.json) (`2023-08-22T19:16:32.447`) +* [CVE-2023-23908](CVE-2023/CVE-2023-239xx/CVE-2023-23908.json) (`2023-08-22T19:16:32.830`) +* [CVE-2023-25718](CVE-2023/CVE-2023-257xx/CVE-2023-25718.json) (`2023-08-22T19:16:34.823`) +* [CVE-2023-29450](CVE-2023/CVE-2023-294xx/CVE-2023-29450.json) (`2023-08-22T19:16:34.983`) +* [CVE-2023-29451](CVE-2023/CVE-2023-294xx/CVE-2023-29451.json) (`2023-08-22T19:16:35.183`) +* [CVE-2023-29454](CVE-2023/CVE-2023-294xx/CVE-2023-29454.json) (`2023-08-22T19:16:35.460`) +* [CVE-2023-29455](CVE-2023/CVE-2023-294xx/CVE-2023-29455.json) (`2023-08-22T19:16:35.670`) +* [CVE-2023-29456](CVE-2023/CVE-2023-294xx/CVE-2023-29456.json) (`2023-08-22T19:16:35.827`) +* [CVE-2023-29457](CVE-2023/CVE-2023-294xx/CVE-2023-29457.json) (`2023-08-22T19:16:35.957`) +* [CVE-2023-31452](CVE-2023/CVE-2023-314xx/CVE-2023-31452.json) (`2023-08-22T19:16:36.270`) +* [CVE-2023-38325](CVE-2023/CVE-2023-383xx/CVE-2023-38325.json) (`2023-08-22T19:16:38.993`) +* [CVE-2023-40267](CVE-2023/CVE-2023-402xx/CVE-2023-40267.json) (`2023-08-22T19:16:39.800`) +* [CVE-2023-40735](CVE-2023/CVE-2023-407xx/CVE-2023-40735.json) (`2023-08-22T19:16:39.883`) +* [CVE-2023-4417](CVE-2023/CVE-2023-44xx/CVE-2023-4417.json) (`2023-08-22T19:16:41.680`) +* [CVE-2023-38861](CVE-2023/CVE-2023-388xx/CVE-2023-38861.json) (`2023-08-22T19:23:29.690`) ## Download and Usage