admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-09-03T16:00:25.219902+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-09-03 16:00:28 +00:00
parent be6a126dd9
commit 6c07757ddd
11 changed files with 564 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

55
CVE-2023/CVE-2023-372xx/CVE-2023-37220.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-37220",
"sourceIdentifier": "cna@cyber.gov.il",
"published": "2023-09-03T14:15:41.587",
"lastModified": "2023-09-03T14:15:41.587",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\nSynel Terminals - CWE-494: Download of Code Without Integrity Check\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@cyber.gov.il",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "cna@cyber.gov.il",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-494"
}
]
}
],
"references": [
{
"url": "https://www.gov.il/en/Departments/faq/cve_advisories",
"source": "cna@cyber.gov.il"
}
]
}

55
CVE-2023/CVE-2023-372xx/CVE-2023-37221.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-37221",
"sourceIdentifier": "cna@cyber.gov.il",
"published": "2023-09-03T14:15:42.550",
"lastModified": "2023-09-03T14:15:42.550",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\n7Twenty BOT - CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting').\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@cyber.gov.il",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.3
}
]
},
"weaknesses": [
{
"source": "cna@cyber.gov.il",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://www.gov.il/en/Departments/faq/cve_advisories",
"source": "cna@cyber.gov.il"
}
]
}

55
CVE-2023/CVE-2023-372xx/CVE-2023-37222.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-37222",
"sourceIdentifier": "cna@cyber.gov.il",
"published": "2023-09-03T15:15:12.520",
"lastModified": "2023-09-03T15:15:12.520",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\n\n\n\n\nFarsight Tech Nordic AB ProVide version 14.5\u00a0- Multiple XSS vulnerabilities (CWE-79) can be exploited by a user with administrator privilege.\n\n\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@cyber.gov.il",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "cna@cyber.gov.il",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://www.gov.il/en/Departments/faq/cve_advisories",
"source": "cna@cyber.gov.il"
}
]
}

55
CVE-2023/CVE-2023-37xx/CVE-2023-3703.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-3703",
"sourceIdentifier": "cna@cyber.gov.il",
"published": "2023-09-03T15:15:14.647",
"lastModified": "2023-09-03T15:15:14.647",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\n\n\n\n\n\n\n\n\nProscend Advice ICR Series routers FW version 1.76\u00a0- CWE-1392: Use of Default Credentials"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@cyber.gov.il",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 10.0,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "cna@cyber.gov.il",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-1392"
}
]
}
],
"references": [
{
"url": "https://www.gov.il/en/Departments/faq/cve_advisories",
"source": "cna@cyber.gov.il"
}
]
}

55
CVE-2023/CVE-2023-393xx/CVE-2023-39369.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-39369",
"sourceIdentifier": "cna@cyber.gov.il",
"published": "2023-09-03T15:15:13.537",
"lastModified": "2023-09-03T15:15:13.537",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\nStarTrinity Softswitch version 2023-02-16\u00a0- Multiple Reflected XSS (CWE-79)\n\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@cyber.gov.il",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.3
}
]
},
"weaknesses": [
{
"source": "cna@cyber.gov.il",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://www.gov.il/en/Departments/faq/cve_advisories",
"source": "cna@cyber.gov.il"
}
]
}

55
CVE-2023/CVE-2023-393xx/CVE-2023-39370.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-39370",
"sourceIdentifier": "cna@cyber.gov.il",
"published": "2023-09-03T15:15:13.857",
"lastModified": "2023-09-03T15:15:13.857",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\n\n\nStarTrinity Softswitch version 2023-02-16 -\u00a0Persistent XSS (CWE-79)\n\n\n\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@cyber.gov.il",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.3
}
]
},
"weaknesses": [
{
"source": "cna@cyber.gov.il",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://www.gov.il/en/Departments/faq/cve_advisories",
"source": "cna@cyber.gov.il"
}
]
}

55
CVE-2023/CVE-2023-393xx/CVE-2023-39371.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-39371",
"sourceIdentifier": "cna@cyber.gov.il",
"published": "2023-09-03T15:15:13.990",
"lastModified": "2023-09-03T15:15:13.990",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\n\n\nStarTrinity Softswitch version 2023-02-16 -\u00a0Open Redirect (CWE-601)\n\n\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@cyber.gov.il",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.3
}
]
},
"weaknesses": [
{
"source": "cna@cyber.gov.il",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-601"
}
]
}
],
"references": [
{
"url": "https://www.gov.il/en/Departments/faq/cve_advisories",
"source": "cna@cyber.gov.il"
}
]
}

55
CVE-2023/CVE-2023-393xx/CVE-2023-39372.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-39372",
"sourceIdentifier": "cna@cyber.gov.il",
"published": "2023-09-03T15:15:14.127",
"lastModified": "2023-09-03T15:15:14.127",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\n\n\nStarTrinity Softswitch version 2023-02-16 -\u00a0Multiple CSRF (CWE-352)\n\n\n\n\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@cyber.gov.il",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "cna@cyber.gov.il",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://www.gov.il/en/Departments/faq/cve_advisories",
"source": "cna@cyber.gov.il"
}
]
}

55
CVE-2023/CVE-2023-393xx/CVE-2023-39373.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-39373",
"sourceIdentifier": "cna@cyber.gov.il",
"published": "2023-09-03T15:15:14.283",
"lastModified": "2023-09-03T15:15:14.283",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\n\u00a0A Hyundai model (2017) - CWE-294: Authentication Bypass by Capture-replay.\n\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@cyber.gov.il",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 4.0
}
]
},
"weaknesses": [
{
"source": "cna@cyber.gov.il",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-294"
}
]
}
],
"references": [
{
"url": "https://www.gov.il/en/Departments/faq/cve_advisories",
"source": "cna@cyber.gov.il"
}
]
}

55
CVE-2023/CVE-2023-393xx/CVE-2023-39374.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-39374",
"sourceIdentifier": "cna@cyber.gov.il",
"published": "2023-09-03T15:15:14.453",
"lastModified": "2023-09-03T15:15:14.453",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\nForeScout NAC SecureConnector version 11.2 -\u00a0CWE-427: Uncontrolled Search Path Element\n\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@cyber.gov.il",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "cna@cyber.gov.il",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-427"
}
]
}
],
"references": [
{
"url": "https://www.gov.il/en/Departments/faq/cve_advisories",
"source": "cna@cyber.gov.il"
}
]
}

25
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update ### Last Repository Update
```plain ```plain
2023-09-03T14:00:24.668166+00:00 2023-09-03T16:00:25.219902+00:00
``` ```
### Most recent CVE Modification Timestamp synchronized with NVD ### Most recent CVE Modification Timestamp synchronized with NVD
```plain ```plain
2023-09-03T12:15:42.483000+00:00 2023-09-03T15:15:14.647000+00:00
``` ```
### Last Data Feed Release ### Last Data Feed Release
@ -29,20 +29,23 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs ### Total Number of included CVEs
```plain ```plain
223962 223972
``` ```
### CVEs added in the last Commit ### CVEs added in the last Commit
Recently added CVEs: `7` Recently added CVEs: `10`
* [CVE-2023-38387](CVE-2023/CVE-2023-383xx/CVE-2023-38387.json) (`2023-09-03T12:15:41.077`) * [CVE-2023-37220](CVE-2023/CVE-2023-372xx/CVE-2023-37220.json) (`2023-09-03T14:15:41.587`)
* [CVE-2023-38476](CVE-2023/CVE-2023-384xx/CVE-2023-38476.json) (`2023-09-03T12:15:42.053`) * [CVE-2023-37221](CVE-2023/CVE-2023-372xx/CVE-2023-37221.json) (`2023-09-03T14:15:42.550`)
* [CVE-2023-38482](CVE-2023/CVE-2023-384xx/CVE-2023-38482.json) (`2023-09-03T12:15:42.140`) * [CVE-2023-37222](CVE-2023/CVE-2023-372xx/CVE-2023-37222.json) (`2023-09-03T15:15:12.520`)
* [CVE-2023-38516](CVE-2023/CVE-2023-385xx/CVE-2023-38516.json) (`2023-09-03T12:15:42.227`) * [CVE-2023-39369](CVE-2023/CVE-2023-393xx/CVE-2023-39369.json) (`2023-09-03T15:15:13.537`)
* [CVE-2023-38517](CVE-2023/CVE-2023-385xx/CVE-2023-38517.json) (`2023-09-03T12:15:42.317`) * [CVE-2023-39370](CVE-2023/CVE-2023-393xx/CVE-2023-39370.json) (`2023-09-03T15:15:13.857`)
* [CVE-2023-38518](CVE-2023/CVE-2023-385xx/CVE-2023-38518.json) (`2023-09-03T12:15:42.403`) * [CVE-2023-39371](CVE-2023/CVE-2023-393xx/CVE-2023-39371.json) (`2023-09-03T15:15:13.990`)
* [CVE-2023-38521](CVE-2023/CVE-2023-385xx/CVE-2023-38521.json) (`2023-09-03T12:15:42.483`) * [CVE-2023-39372](CVE-2023/CVE-2023-393xx/CVE-2023-39372.json) (`2023-09-03T15:15:14.127`)
* [CVE-2023-39373](CVE-2023/CVE-2023-393xx/CVE-2023-39373.json) (`2023-09-03T15:15:14.283`)
* [CVE-2023-39374](CVE-2023/CVE-2023-393xx/CVE-2023-39374.json) (`2023-09-03T15:15:14.453`)
* [CVE-2023-3703](CVE-2023/CVE-2023-37xx/CVE-2023-3703.json) (`2023-09-03T15:15:14.647`)
### CVEs modified in the last Commit ### CVEs modified in the last Commit