admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-08 03:27:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-08-25T08:00:26.388259+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-08-25 08:00:29 +00:00
parent 97d232ab92
commit 66da99bc4f
11 changed files with 169 additions and 86 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
CVE-2023/CVE-2023-26xx/CVE-2023-2673.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2673",
"sourceIdentifier": "info@cert.vde.com",
"published": "2023-06-13T07:15:46.460",
"lastModified": "2023-06-27T18:41:28.450",
"vulnStatus": "Analyzed",
"lastModified": "2023-08-25T06:15:07.657",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -13,7 +13,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "info@cert.vde.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -33,20 +33,20 @@
"impactScore": 1.4
},
{
"source": "info@cert.vde.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 5.8,
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
@ -56,22 +56,22 @@
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"source": "info@cert.vde.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
"value": "CWE-20"
}
]
},
{
"source": "info@cert.vde.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
"value": "NVD-CWE-noinfo"
}
]
}

55
CVE-2023/CVE-2023-327xx/CVE-2023-32755.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-32755",
"sourceIdentifier": "twcert@cert.org.tw",
"published": "2023-08-25T07:15:08.273",
"lastModified": "2023-08-25T07:15:08.273",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\ne-Excellence U-Office Force generates an error message in webiste service. An unauthenticated remote attacker can obtain partial sensitive system information from error message by sending a crafted command.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "twcert@cert.org.tw",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "twcert@cert.org.tw",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-209"
}
]
}
],
"references": [
{
"url": "https://www.twcert.org.tw/tw/cp-132-7328-d4112-1.html",
"source": "twcert@cert.org.tw"
}
]
}

26
CVE-2023/CVE-2023-32xx/CVE-2023-3261.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-3261",
"sourceIdentifier": "trellixpsirt@trellix.com",
"published": "2023-08-14T04:15:10.940",
"lastModified": "2023-08-22T16:33:49.237",
"vulnStatus": "Analyzed",
"lastModified": "2023-08-25T06:15:08.990",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "When adding a remote backup location, an authenticated user can pass arbitrary OS commands through the username field. The username is passed without sanitization into CMD running as NT/Authority System. An authenticated attacker can leverage this vulnerability to execute arbitrary code with system-level access to the CyberPower PowerPanel Enterprise server."
"value": "The Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier contains a buffer overflow vulnerability in the librta.so.0.0.0 library.Successful exploitation could cause denial of service or unexpected behavior with respect to all interactions relying on the targeted vulnerable binary, including the ability to log in via the web server."
}
],
"metrics": {
@ -37,20 +37,20 @@
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL"
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.3,
"impactScore": 6.0
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
@ -71,7 +71,7 @@
"description": [
{
"lang": "en",
"value": "CWE-78"
"value": "CWE-119"
}
]
}

18
CVE-2023/CVE-2023-32xx/CVE-2023-3262.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3262",
"sourceIdentifier": "trellixpsirt@trellix.com",
"published": "2023-08-14T04:15:11.043",
"lastModified": "2023-08-22T16:32:19.017",
"vulnStatus": "Analyzed",
"lastModified": "2023-08-25T06:15:09.797",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -37,20 +37,20 @@
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseScore": 6.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.5,
"impactScore": 3.6
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},

16
CVE-2023/CVE-2023-32xx/CVE-2023-3264.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-3264",
"sourceIdentifier": "trellixpsirt@trellix.com",
"published": "2023-08-14T05:15:09.910",
"lastModified": "2023-08-22T16:20:54.007",
"vulnStatus": "Analyzed",
"lastModified": "2023-08-25T06:15:10.350",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "The Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier is vulnerable to authentication bypass in the REST API due to the mishandling of special characters when parsing credentials.Successful exploitation allows the malicious agent to obtain a valid authorization token and read information relating to the state of the relays and power distribution."
"value": "The Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier uses hard-coded credentials for all interactions with the internal Postgres database.\u00a0A malicious agent with the ability to execute operating system commands on the device can leverage this vulnerability to read, modify, or delete arbitrary database records."
}
],
"metrics": {
@ -37,19 +37,19 @@
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH"
"baseScore": 6.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.5,
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]

20
CVE-2023/CVE-2023-35xx/CVE-2023-3570.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3570",
"sourceIdentifier": "info@cert.vde.com",
"published": "2023-08-08T07:15:10.603",
"lastModified": "2023-08-10T15:03:15.087",
"vulnStatus": "Analyzed",
"lastModified": "2023-08-25T07:15:08.680",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -13,7 +13,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "info@cert.vde.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -33,24 +33,24 @@
"impactScore": 5.9
},
{
"source": "info@cert.vde.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL"
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.1,
"impactScore": 6.0
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},

20
CVE-2023/CVE-2023-35xx/CVE-2023-3571.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3571",
"sourceIdentifier": "info@cert.vde.com",
"published": "2023-08-08T07:15:10.727",
"lastModified": "2023-08-10T17:08:28.947",
"vulnStatus": "Analyzed",
"lastModified": "2023-08-25T07:15:08.840",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -13,7 +13,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "info@cert.vde.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -33,24 +33,24 @@
"impactScore": 5.9
},
{
"source": "info@cert.vde.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL"
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.1,
"impactScore": 6.0
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},

20
CVE-2023/CVE-2023-35xx/CVE-2023-3573.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3573",
"sourceIdentifier": "info@cert.vde.com",
"published": "2023-08-08T07:15:10.957",
"lastModified": "2023-08-10T18:07:22.647",
"vulnStatus": "Analyzed",
"lastModified": "2023-08-25T07:15:08.990",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -13,7 +13,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "info@cert.vde.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -33,24 +33,24 @@
"impactScore": 5.9
},
{
"source": "info@cert.vde.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL"
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.1,
"impactScore": 6.0
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},

16
CVE-2023/CVE-2023-378xx/CVE-2023-37860.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-37860",
"sourceIdentifier": "info@cert.vde.com",
"published": "2023-08-09T07:15:10.933",
"lastModified": "2023-08-15T17:11:15.667",
"vulnStatus": "Analyzed",
"lastModified": "2023-08-25T07:15:08.483",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -13,7 +13,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"source": "info@cert.vde.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -33,24 +33,24 @@
"impactScore": 3.6
},
{
"source": "info@cert.vde.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 8.6,
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0
"impactScore": 3.6
}
]
},

20
CVE-2023/CVE-2023-411xx/CVE-2023-41173.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-41173",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-25T07:15:09.140",
"lastModified": "2023-08-25T07:15:09.140",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "AdGuard DNS before 2.2 allows remote attackers to cause a denial of service via malformed UDP packets."
}
],
"metrics": {},
"references": [
{
"url": "https://adguard-dns.io/en/versions.html#2.2",
"source": "cve@mitre.org"
}
]
}

22
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-08-25T06:00:25.125734+00:00
2023-08-25T08:00:26.388259+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-08-25T05:15:45.643000+00:00
2023-08-25T07:15:09.140000+00:00
```
### Last Data Feed Release
@ -29,21 +29,29 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
223417
223419
```
### CVEs added in the last Commit
Recently added CVEs: `1`
Recently added CVEs: `2`
* [CVE-2023-40530](CVE-2023/CVE-2023-405xx/CVE-2023-40530.json) (`2023-08-25T04:15:10.487`)
* [CVE-2023-32755](CVE-2023/CVE-2023-327xx/CVE-2023-32755.json) (`2023-08-25T07:15:08.273`)
* [CVE-2023-41173](CVE-2023/CVE-2023-411xx/CVE-2023-41173.json) (`2023-08-25T07:15:09.140`)
### CVEs modified in the last Commit
Recently modified CVEs: `1`
Recently modified CVEs: `8`
* [CVE-2023-3260](CVE-2023/CVE-2023-32xx/CVE-2023-3260.json) (`2023-08-25T05:15:45.643`)
* [CVE-2023-2673](CVE-2023/CVE-2023-26xx/CVE-2023-2673.json) (`2023-08-25T06:15:07.657`)
* [CVE-2023-3261](CVE-2023/CVE-2023-32xx/CVE-2023-3261.json) (`2023-08-25T06:15:08.990`)
* [CVE-2023-3262](CVE-2023/CVE-2023-32xx/CVE-2023-3262.json) (`2023-08-25T06:15:09.797`)
* [CVE-2023-3264](CVE-2023/CVE-2023-32xx/CVE-2023-3264.json) (`2023-08-25T06:15:10.350`)
* [CVE-2023-37860](CVE-2023/CVE-2023-378xx/CVE-2023-37860.json) (`2023-08-25T07:15:08.483`)
* [CVE-2023-3570](CVE-2023/CVE-2023-35xx/CVE-2023-3570.json) (`2023-08-25T07:15:08.680`)
* [CVE-2023-3571](CVE-2023/CVE-2023-35xx/CVE-2023-3571.json) (`2023-08-25T07:15:08.840`)
* [CVE-2023-3573](CVE-2023/CVE-2023-35xx/CVE-2023-3573.json) (`2023-08-25T07:15:08.990`)
## Download and Usage