admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-07 19:16:29 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-07-05T14:00:28.427170+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-07-05 14:00:31 +00:00
parent f0e3e32d6b
commit 6c6a18a0eb
129 changed files with 2216 additions and 310 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

65
CVE-2015/CVE-2015-201xx/CVE-2015-20109.json
View File

@ -2,19 +2,76 @@
"id": "CVE-2015-20109",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-25T17:15:14.187",
"lastModified": "2023-06-26T13:02:36.297",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-05T13:52:14.913",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "end_pattern (called from internal_fnmatch) in the GNU C Library (aka glibc or libc6) before 2.22 might allow context-dependent attackers to cause a denial of service (application crash), as demonstrated by use of the fnmatch library function with the **(!() pattern. NOTE: this is not the same as CVE-2015-8984; also, some Linux distributions have fixed CVE-2015-8984 but have not fixed this additional fnmatch issue."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.22",
"matchCriteriaId": "52FF54AF-2FAF-48C2-9C10-99313D8ADE22"
}
]
}
]
}
],
"references": [
{
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=18036",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking"
]
}
]
}

4
CVE-2020/CVE-2020-221xx/CVE-2020-22151.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2020-22151",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-03T21:15:09.240",
"lastModified": "2023-07-03T21:15:09.240",
"vulnStatus": "Received",
"lastModified": "2023-07-05T13:00:51.337",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2020/CVE-2020-221xx/CVE-2020-22152.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2020-22152",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-03T21:15:09.293",
"lastModified": "2023-07-03T21:15:09.293",
"vulnStatus": "Received",
"lastModified": "2023-07-05T13:00:51.337",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2020/CVE-2020-221xx/CVE-2020-22153.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2020-22153",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-03T21:15:09.340",
"lastModified": "2023-07-03T21:15:09.340",
"vulnStatus": "Received",
"lastModified": "2023-07-05T13:00:47.037",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2020/CVE-2020-225xx/CVE-2020-22597.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2020-22597",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-03T21:15:09.383",
"lastModified": "2023-07-03T21:15:09.383",
"vulnStatus": "Received",
"lastModified": "2023-07-05T13:00:47.037",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

77
CVE-2020/CVE-2020-230xx/CVE-2020-23066.json
View File

@ -2,23 +2,90 @@
"id": "CVE-2020-23066",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-26T19:15:09.590",
"lastModified": "2023-06-26T22:13:28.460",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-05T13:51:03.290",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cross Site Scripting vulnerability in TinyMCE v.4.9.6 and before and v.5.0.0 thru v.5.1.4 allows an attacker to execute arbitrary code via the editor function."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tiny:tinymce:*:*:*:*:*:*:*:*",
"versionEndIncluding": "4.9.6",
"matchCriteriaId": "271BEE8F-149D-4F6C-AACB-09FCD77BA49B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tiny:tinymce:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.0.0",
"versionEndIncluding": "5.1.4",
"matchCriteriaId": "1EA6FBE2-8A68-4556-BE7A-55C289B61860"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/tinymce/tinymce/security/advisories/GHSA-27gm-ghr9-4v95",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://portswigger.net/daily-swig/xss-vulnerability-patched-in-tinymce",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mitigation",
"Third Party Advisory"
]
}
]
}

64
CVE-2021/CVE-2021-316xx/CVE-2021-31635.json
View File

@ -2,19 +2,75 @@
"id": "CVE-2021-31635",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-26T19:15:09.667",
"lastModified": "2023-06-26T22:13:28.460",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-05T13:50:31.657",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Server-Side Template Injection (SSTI) vulnerability in jFinal v.4.9.08 allows a remote attacker to execute arbitrary code via the template function."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:jfinal:jfinal:4.9.08:*:*:*:*:*:*:*",
"matchCriteriaId": "B74A6560-0F2F-4DAA-A223-DA51935A6EB8"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/jfinal/jfinal/issues/187",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
]
}
]
}

24
CVE-2021/CVE-2021-468xx/CVE-2021-46890.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2021-46890",
"sourceIdentifier": "psirt@huawei.com",
"published": "2023-07-05T12:15:09.507",
"lastModified": "2023-07-05T13:00:26.547",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability of incomplete read and write permission verification in the GPU module. Successful exploitation of this vulnerability may affect service confidentiality, integrity, and availability."
}
],
"metrics": {},
"references": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2023/7/",
"source": "psirt@huawei.com"
},
{
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202307-0000001587168858",
"source": "psirt@huawei.com"
}
]
}

36
CVE-2021/CVE-2021-468xx/CVE-2021-46891.json Normal file
View File

@ -0,0 +1,36 @@
{
"id": "CVE-2021-46891",
"sourceIdentifier": "psirt@huawei.com",
"published": "2023-07-05T13:15:09.413",
"lastModified": "2023-07-05T13:15:09.413",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability of incomplete read and write permission verification in the GPU module. Successful exploitation of this vulnerability may affect service confidentiality, integrity, and availability."
}
],
"metrics": {},
"weaknesses": [
{
"source": "psirt@huawei.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"references": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2023/7/",
"source": "psirt@huawei.com"
},
{
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202307-0000001587168858",
"source": "psirt@huawei.com"
}
]
}

24
CVE-2021/CVE-2021-468xx/CVE-2021-46893.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2021-46893",
"sourceIdentifier": "psirt@huawei.com",
"published": "2023-07-05T13:15:09.467",
"lastModified": "2023-07-05T13:15:09.467",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability of unstrict data verification and parameter check. Successful exploitation of this vulnerability may affect integrity."
}
],
"metrics": {},
"references": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2023/7/",
"source": "psirt@huawei.com"
},
{
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202307-0000001587168858",
"source": "psirt@huawei.com"
}
]
}

4
CVE-2022/CVE-2022-326xx/CVE-2022-32666.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-32666",
"sourceIdentifier": "security@mediatek.com",
"published": "2023-07-04T02:15:09.480",
"lastModified": "2023-07-04T02:15:09.480",
"vulnStatus": "Received",
"lastModified": "2023-07-05T13:00:42.097",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

100
CVE-2022/CVE-2022-343xx/CVE-2022-34352.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-34352",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-06-27T18:15:11.993",
"lastModified": "2023-06-27T18:34:43.840",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-05T13:35:56.190",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
},
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
@ -46,14 +76,76 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:-:*:*:*:*:*:*",
"matchCriteriaId": "DACA17CC-8B71-4E71-B075-BFFB65AD989C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_1:*:*:*:*:*:*",
"matchCriteriaId": "BA60FDE5-8C40-4C7A-97CF-BA2A64BF307D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_2:*:*:*:*:*:*",
"matchCriteriaId": "AB518E06-00BA-48F3-8AEC-6E1E97CAA2CC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_3:*:*:*:*:*:*",
"matchCriteriaId": "289027A2-178C-45DE-A86F-1207F23D13B1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_4:*:*:*:*:*:*",
"matchCriteriaId": "5047AECF-879B-427A-ACF7-ECB10965E1B0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:qradar_security_information_and_event_manager:7.5.0:update_pack_5:*:*:*:*:*:*",
"matchCriteriaId": "CD448AB8-E3CC-41A1-9D32-B1B35C68FA5C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
}
]
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/230403",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
]
},
{
"url": "https://www.ibm.com/support/pages/node/7006057",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

4
CVE-2022/CVE-2022-421xx/CVE-2022-42175.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-42175",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-05T03:15:09.080",
"lastModified": "2023-07-05T03:15:09.080",
"vulnStatus": "Received",
"lastModified": "2023-07-05T13:00:26.547",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2022/CVE-2022-46xx/CVE-2022-4623.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-4623",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-07-04T08:15:10.043",
"lastModified": "2023-07-04T08:15:10.043",
"vulnStatus": "Received",
"lastModified": "2023-07-05T13:00:31.237",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-12xx/CVE-2023-1273.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-1273",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-07-04T08:15:10.123",
"lastModified": "2023-07-04T08:15:10.123",
"vulnStatus": "Received",
"lastModified": "2023-07-05T13:00:31.237",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

62
CVE-2023/CVE-2023-19xx/CVE-2023-1999.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-1999",
"sourceIdentifier": "cve-coordination@google.com",
"published": "2023-06-20T12:15:09.600",
"lastModified": "2023-06-20T13:03:08.293",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-05T12:47:49.483",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "cve-coordination@google.com",
"type": "Secondary",
@ -35,6 +55,20 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-415"
},
{
"lang": "en",
"value": "CWE-416"
}
]
},
{
"source": "cve-coordination@google.com",
"type": "Secondary",
@ -46,10 +80,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:webmproject:libwebp:*:*:*:*:*:*:*:*",
"versionStartIncluding": "0.4.2",
"versionEndExcluding": "1.3.1",
"matchCriteriaId": "17956DAA-EA1F-40A8-8B19-EFBFDBC36DCA"
}
]
}
]
}
],
"references": [
{
"url": "https://chromium.googlesource.com/webm/libwebp",
"source": "cve-coordination@google.com"
"source": "cve-coordination@google.com",
"tags": [
"Product"
]
}
]
}

4
CVE-2023/CVE-2023-206xx/CVE-2023-20689.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-20689",
"sourceIdentifier": "security@mediatek.com",
"published": "2023-07-04T02:15:09.570",
"lastModified": "2023-07-04T02:15:09.570",
"vulnStatus": "Received",
"lastModified": "2023-07-05T13:00:42.097",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-206xx/CVE-2023-20690.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-20690",
"sourceIdentifier": "security@mediatek.com",
"published": "2023-07-04T02:15:09.620",
"lastModified": "2023-07-04T02:15:09.620",
"vulnStatus": "Received",
"lastModified": "2023-07-05T13:00:42.097",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-206xx/CVE-2023-20691.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-20691",
"sourceIdentifier": "security@mediatek.com",
"published": "2023-07-04T02:15:09.670",
"lastModified": "2023-07-04T02:15:09.670",
"vulnStatus": "Received",
"lastModified": "2023-07-05T13:00:42.097",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-206xx/CVE-2023-20692.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-20692",
"sourceIdentifier": "security@mediatek.com",
"published": "2023-07-04T02:15:09.717",
"lastModified": "2023-07-04T02:15:09.717",
"vulnStatus": "Received",
"lastModified": "2023-07-05T13:00:42.097",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-206xx/CVE-2023-20693.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-20693",
"sourceIdentifier": "security@mediatek.com",
"published": "2023-07-04T02:15:09.760",
"lastModified": "2023-07-04T02:15:09.760",
"vulnStatus": "Received",
"lastModified": "2023-07-05T13:00:42.097",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-207xx/CVE-2023-20748.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-20748",
"sourceIdentifier": "security@mediatek.com",
"published": "2023-07-04T02:15:09.803",
"lastModified": "2023-07-04T02:15:09.803",
"vulnStatus": "Received",
"lastModified": "2023-07-05T13:00:42.097",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-207xx/CVE-2023-20753.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-20753",
"sourceIdentifier": "security@mediatek.com",
"published": "2023-07-04T02:15:09.847",
"lastModified": "2023-07-04T02:15:09.847",
"vulnStatus": "Received",
"lastModified": "2023-07-05T13:00:42.097",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-207xx/CVE-2023-20754.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-20754",
"sourceIdentifier": "security@mediatek.com",
"published": "2023-07-04T02:15:09.893",
"lastModified": "2023-07-04T02:15:09.893",
"vulnStatus": "Received",
"lastModified": "2023-07-05T13:00:42.097",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-207xx/CVE-2023-20755.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-20755",
"sourceIdentifier": "security@mediatek.com",
"published": "2023-07-04T02:15:09.940",
"lastModified": "2023-07-04T02:15:09.940",
"vulnStatus": "Received",
"lastModified": "2023-07-05T13:00:42.097",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-207xx/CVE-2023-20756.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-20756",
"sourceIdentifier": "security@mediatek.com",
"published": "2023-07-04T02:15:09.983",
"lastModified": "2023-07-04T02:15:09.983",
"vulnStatus": "Received",
"lastModified": "2023-07-05T13:00:42.097",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-207xx/CVE-2023-20757.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-20757",
"sourceIdentifier": "security@mediatek.com",
"published": "2023-07-04T02:15:10.030",
"lastModified": "2023-07-04T02:15:10.030",
"vulnStatus": "Received",
"lastModified": "2023-07-05T13:00:42.097",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-207xx/CVE-2023-20758.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-20758",
"sourceIdentifier": "security@mediatek.com",
"published": "2023-07-04T02:15:10.077",
"lastModified": "2023-07-04T02:15:10.077",
"vulnStatus": "Received",
"lastModified": "2023-07-05T13:00:42.097",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-207xx/CVE-2023-20759.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-20759",
"sourceIdentifier": "security@mediatek.com",
"published": "2023-07-04T02:15:10.127",
"lastModified": "2023-07-04T02:15:10.127",
"vulnStatus": "Received",
"lastModified": "2023-07-05T13:00:42.097",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-207xx/CVE-2023-20760.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-20760",
"sourceIdentifier": "security@mediatek.com",
"published": "2023-07-04T02:15:10.180",
"lastModified": "2023-07-04T02:15:10.180",
"vulnStatus": "Received",
"lastModified": "2023-07-05T13:00:42.097",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-207xx/CVE-2023-20761.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-20761",
"sourceIdentifier": "security@mediatek.com",
"published": "2023-07-04T02:15:10.233",
"lastModified": "2023-07-04T02:15:10.233",
"vulnStatus": "Received",
"lastModified": "2023-07-05T13:00:42.097",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-207xx/CVE-2023-20766.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-20766",
"sourceIdentifier": "security@mediatek.com",
"published": "2023-07-04T02:15:10.287",
"lastModified": "2023-07-04T02:15:10.287",
"vulnStatus": "Received",
"lastModified": "2023-07-05T13:00:42.097",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-207xx/CVE-2023-20767.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-20767",
"sourceIdentifier": "security@mediatek.com",
"published": "2023-07-04T02:15:10.340",
"lastModified": "2023-07-04T02:15:10.340",
"vulnStatus": "Received",
"lastModified": "2023-07-05T13:00:42.097",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-207xx/CVE-2023-20768.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-20768",
"sourceIdentifier": "security@mediatek.com",
"published": "2023-07-04T02:15:10.383",
"lastModified": "2023-07-04T02:15:10.383",
"vulnStatus": "Received",
"lastModified": "2023-07-05T13:00:42.097",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-207xx/CVE-2023-20771.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-20771",
"sourceIdentifier": "security@mediatek.com",
"published": "2023-07-04T02:15:10.423",
"lastModified": "2023-07-04T02:15:10.423",
"vulnStatus": "Received",
"lastModified": "2023-07-05T13:00:36.033",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-207xx/CVE-2023-20772.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-20772",
"sourceIdentifier": "security@mediatek.com",
"published": "2023-07-04T02:15:10.467",
"lastModified": "2023-07-04T02:15:10.467",
"vulnStatus": "Received",
"lastModified": "2023-07-05T13:00:36.033",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-207xx/CVE-2023-20773.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-20773",
"sourceIdentifier": "security@mediatek.com",
"published": "2023-07-04T02:15:10.510",
"lastModified": "2023-07-04T02:15:10.510",
"vulnStatus": "Received",
"lastModified": "2023-07-05T13:00:36.033",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-207xx/CVE-2023-20774.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-20774",
"sourceIdentifier": "security@mediatek.com",
"published": "2023-07-04T02:15:10.550",
"lastModified": "2023-07-04T02:15:10.550",
"vulnStatus": "Received",
"lastModified": "2023-07-05T13:00:36.033",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-207xx/CVE-2023-20775.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-20775",
"sourceIdentifier": "security@mediatek.com",
"published": "2023-07-04T02:15:10.590",
"lastModified": "2023-07-04T02:15:10.590",
"vulnStatus": "Received",
"lastModified": "2023-07-05T13:00:36.033",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-20xx/CVE-2023-2010.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2010",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-07-04T08:15:10.183",
"lastModified": "2023-07-04T08:15:10.183",
"vulnStatus": "Received",
"lastModified": "2023-07-05T13:00:31.237",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-216xx/CVE-2023-21624.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-21624",
"sourceIdentifier": "product-security@qualcomm.com",
"published": "2023-07-04T05:15:09.893",
"lastModified": "2023-07-04T05:15:09.893",
"vulnStatus": "Received",
"lastModified": "2023-07-05T13:00:36.033",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-216xx/CVE-2023-21629.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-21629",
"sourceIdentifier": "product-security@qualcomm.com",
"published": "2023-07-04T05:15:10.040",
"lastModified": "2023-07-04T05:15:10.040",
"vulnStatus": "Received",
"lastModified": "2023-07-05T13:00:36.033",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-216xx/CVE-2023-21631.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-21631",
"sourceIdentifier": "product-security@qualcomm.com",
"published": "2023-07-04T05:15:10.110",
"lastModified": "2023-07-04T05:15:10.110",
"vulnStatus": "Received",
"lastModified": "2023-07-05T13:00:36.033",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-216xx/CVE-2023-21633.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-21633",
"sourceIdentifier": "product-security@qualcomm.com",
"published": "2023-07-04T05:15:10.173",
"lastModified": "2023-07-04T05:15:10.173",
"vulnStatus": "Received",
"lastModified": "2023-07-05T13:00:36.033",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-216xx/CVE-2023-21635.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-21635",
"sourceIdentifier": "product-security@qualcomm.com",
"published": "2023-07-04T05:15:10.230",
"lastModified": "2023-07-04T05:15:10.230",
"vulnStatus": "Received",
"lastModified": "2023-07-05T13:00:36.033",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-216xx/CVE-2023-21637.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-21637",
"sourceIdentifier": "product-security@qualcomm.com",
"published": "2023-07-04T05:15:10.287",
"lastModified": "2023-07-04T05:15:10.287",
"vulnStatus": "Received",
"lastModified": "2023-07-05T13:00:36.033",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-216xx/CVE-2023-21638.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-21638",
"sourceIdentifier": "product-security@qualcomm.com",
"published": "2023-07-04T05:15:10.343",
"lastModified": "2023-07-04T05:15:10.343",
"vulnStatus": "Received",
"lastModified": "2023-07-05T13:00:36.033",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-216xx/CVE-2023-21639.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-21639",
"sourceIdentifier": "product-security@qualcomm.com",
"published": "2023-07-04T05:15:10.397",
"lastModified": "2023-07-04T05:15:10.397",
"vulnStatus": "Received",
"lastModified": "2023-07-05T13:00:36.033",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-216xx/CVE-2023-21640.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-21640",
"sourceIdentifier": "product-security@qualcomm.com",
"published": "2023-07-04T05:15:10.450",
"lastModified": "2023-07-04T05:15:10.450",
"vulnStatus": "Received",
"lastModified": "2023-07-05T13:00:36.033",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-216xx/CVE-2023-21641.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-21641",
"sourceIdentifier": "product-security@qualcomm.com",
"published": "2023-07-04T05:15:10.513",
"lastModified": "2023-07-04T05:15:10.513",
"vulnStatus": "Received",
"lastModified": "2023-07-05T13:00:36.033",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-216xx/CVE-2023-21672.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-21672",
"sourceIdentifier": "product-security@qualcomm.com",
"published": "2023-07-04T05:15:10.570",
"lastModified": "2023-07-04T05:15:10.570",
"vulnStatus": "Received",
"lastModified": "2023-07-05T13:00:36.033",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-223xx/CVE-2023-22386.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-22386",
"sourceIdentifier": "product-security@qualcomm.com",
"published": "2023-07-04T05:15:10.627",
"lastModified": "2023-07-04T05:15:10.627",
"vulnStatus": "Received",
"lastModified": "2023-07-05T13:00:36.033",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-223xx/CVE-2023-22387.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-22387",
"sourceIdentifier": "product-security@qualcomm.com",
"published": "2023-07-04T05:15:10.683",
"lastModified": "2023-07-04T05:15:10.683",
"vulnStatus": "Received",
"lastModified": "2023-07-05T13:00:36.033",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-226xx/CVE-2023-22667.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-22667",
"sourceIdentifier": "product-security@qualcomm.com",
"published": "2023-07-04T05:15:10.740",
"lastModified": "2023-07-04T05:15:10.740",
"vulnStatus": "Received",
"lastModified": "2023-07-05T13:00:36.033",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-229xx/CVE-2023-22906.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-22906",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-04T00:15:09.407",
"lastModified": "2023-07-04T00:15:09.407",
"vulnStatus": "Received",
"lastModified": "2023-07-05T13:00:47.037",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

47
CVE-2023/CVE-2023-236xx/CVE-2023-23679.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-23679",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-06-23T15:15:09.063",
"lastModified": "2023-06-23T15:49:09.940",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-05T13:13:22.423",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:jshelpdesk:jshelpdesk:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.7.7",
"matchCriteriaId": "0ACCDC3E-DAA0-418C-A5A3-1F42B66D53D7"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/js-support-ticket/wordpress-js-help-desk-best-help-desk-support-plugin-plugin-2-7-7-idor-leading-to-ticket-deletion-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-23xx/CVE-2023-2320.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2320",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-07-04T08:15:10.240",
"lastModified": "2023-07-04T08:15:10.240",
"vulnStatus": "Received",
"lastModified": "2023-07-05T13:00:31.237",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-23xx/CVE-2023-2321.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2321",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-07-04T08:15:10.293",
"lastModified": "2023-07-04T08:15:10.293",
"vulnStatus": "Received",
"lastModified": "2023-07-05T13:00:31.237",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-23xx/CVE-2023-2324.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2324",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-07-04T08:15:10.347",
"lastModified": "2023-07-04T08:15:10.347",
"vulnStatus": "Received",
"lastModified": "2023-07-05T13:00:31.237",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-23xx/CVE-2023-2333.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2333",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-07-04T08:15:10.403",
"lastModified": "2023-07-04T08:15:10.403",
"vulnStatus": "Received",
"lastModified": "2023-07-05T13:00:31.237",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-248xx/CVE-2023-24851.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-24851",
"sourceIdentifier": "product-security@qualcomm.com",
"published": "2023-07-04T05:15:10.797",
"lastModified": "2023-07-04T05:15:10.797",
"vulnStatus": "Received",
"lastModified": "2023-07-05T13:00:36.033",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-248xx/CVE-2023-24854.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-24854",
"sourceIdentifier": "product-security@qualcomm.com",
"published": "2023-07-04T05:15:10.850",
"lastModified": "2023-07-04T05:15:10.850",
"vulnStatus": "Received",
"lastModified": "2023-07-05T13:00:31.237",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-255xx/CVE-2023-25516.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-25516",
"sourceIdentifier": "psirt@nvidia.com",
"published": "2023-07-04T00:15:09.587",
"lastModified": "2023-07-04T00:15:09.587",
"vulnStatus": "Received",
"lastModified": "2023-07-05T13:00:47.037",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-255xx/CVE-2023-25517.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-25517",
"sourceIdentifier": "psirt@nvidia.com",
"published": "2023-07-04T00:15:09.653",
"lastModified": "2023-07-04T00:15:09.653",
"vulnStatus": "Received",
"lastModified": "2023-07-05T13:00:47.037",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-255xx/CVE-2023-25521.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-25521",
"sourceIdentifier": "psirt@nvidia.com",
"published": "2023-07-04T00:15:09.727",
"lastModified": "2023-07-04T00:15:09.727",
"vulnStatus": "Received",
"lastModified": "2023-07-05T13:00:47.037",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-255xx/CVE-2023-25522.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-25522",
"sourceIdentifier": "psirt@nvidia.com",
"published": "2023-07-04T00:15:09.797",
"lastModified": "2023-07-04T00:15:09.797",
"vulnStatus": "Received",
"lastModified": "2023-07-05T13:00:47.037",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

8
CVE-2023/CVE-2023-255xx/CVE-2023-25523.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-25523",
"sourceIdentifier": "psirt@nvidia.com",
"published": "2023-07-04T00:15:09.857",
"lastModified": "2023-07-04T00:15:09.857",
"vulnStatus": "Received",
"lastModified": "2023-07-05T13:00:47.037",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "\n\n\nNVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in the nvdisasm binary file, where an attacker may cause a NULL pointer dereference by providing a user with a malformed ELF file. A successful exploit of this vulnerability may lead to a partial denial of service.\n\n\n\n"
},
{
"lang": "es",
"value": "NVIDIA CUDA toolkit para Linux y Windows contiene una vulnerabilidad en el archivo binario \"nvdisasm\", donde un atacante puede provocar una desviaci\u00f3n del puntero NULL proporcionando al usuario un archivo ELF manipulado. Una explotaci\u00f3n exitosa de esta vulnerabilidad puede conducir a una denegaci\u00f3n parcial de servicio. "
}
],
"metrics": {

55
CVE-2023/CVE-2023-25xx/CVE-2023-2538.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-2538",
"sourceIdentifier": "prodsec@nozominetworks.com",
"published": "2023-07-05T13:15:09.540",
"lastModified": "2023-07-05T13:15:09.540",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A CWE-552 \"Files or Directories Accessible to External Parties\u201d in the web interface of the Tyan S5552 BMC version 3.00 allows an unauthenticated remote attacker to retrieve the private key of the TLS certificate in use by the BMC via forced browsing. This can then be abused to perform Man-in-the-Middle (MitM) attacks against victims that access the web interface through HTTPS."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.1,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-552"
}
]
}
],
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2023-2538/",
"source": "prodsec@nozominetworks.com"
}
]
}

63
CVE-2023/CVE-2023-26xx/CVE-2023-2683.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2683",
"sourceIdentifier": "product-security@silabs.com",
"published": "2023-06-15T20:15:09.260",
"lastModified": "2023-06-15T20:46:39.603",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-05T13:13:07.587",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "product-security@silabs.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
},
{
"source": "product-security@silabs.com",
"type": "Secondary",
@ -46,14 +76,39 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:silabs:bluetooth_low_energy_software_development_kit:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.0.0",
"versionEndIncluding": "5.1.1",
"matchCriteriaId": "D5B6C798-416B-4D1B-A9B3-C793C3B775E3"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/SiliconLabs",
"source": "product-security@silabs.com"
"source": "product-security@silabs.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://https://siliconlabs.lightning.force.com/sfc/servlet.shepherd/document/download/0698Y00000U2U1QQAV?operationContext=S1",
"source": "product-security@silabs.com"
"source": "product-security@silabs.com",
"tags": [
"Broken Link"
]
}
]
}

86
CVE-2023/CVE-2023-270xx/CVE-2023-27082.json
View File

@ -2,19 +2,97 @@
"id": "CVE-2023-27082",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-26T20:15:09.817",
"lastModified": "2023-06-26T22:13:24.933",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-05T13:43:44.310",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cross Site Scripting (XSS) vulnerability in /admin.php in Pluck CMS 4.7.15 through 4.7.16-dev4 allows remote attackers to run arbitrary code via upload of crafted html file."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pluck-cms:pluck:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.7.15",
"versionEndExcluding": "4.7.16",
"matchCriteriaId": "B41F06FF-81EC-4D18-A140-9E23D3D2A24F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pluck-cms:pluck:4.7.16:dev1:*:*:*:*:*:*",
"matchCriteriaId": "202CB88D-BDA3-4F58-8CAB-6224367CA33B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pluck-cms:pluck:4.7.16:dev2:*:*:*:*:*:*",
"matchCriteriaId": "6C20AFCB-BF33-42E3-A735-E0B7E9C6D4E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pluck-cms:pluck:4.7.16:dev3:*:*:*:*:*:*",
"matchCriteriaId": "7CD1FF6D-A0F9-46CF-AF24-1CBC4F858D13"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pluck-cms:pluck:4.7.16:dev4:*:*:*:*:*:*",
"matchCriteriaId": "2A0E277D-0CB2-448C-9508-1E5719128EDC"
}
]
}
]
}
],
"references": [
{
"url": "https://medium.com/@syed.pentester/authenticated-stored-cross-site-scripting-xss-d39aab69e58f",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-27xx/CVE-2023-2727.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2727",
"sourceIdentifier": "jordan@liggitt.net",
"published": "2023-07-03T21:15:09.480",
"lastModified": "2023-07-03T21:15:09.480",
"vulnStatus": "Received",
"lastModified": "2023-07-05T13:00:47.037",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-27xx/CVE-2023-2728.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2728",
"sourceIdentifier": "jordan@liggitt.net",
"published": "2023-07-03T21:15:09.557",
"lastModified": "2023-07-03T21:15:09.557",
"vulnStatus": "Received",
"lastModified": "2023-07-05T13:00:47.037",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

301
CVE-2023/CVE-2023-281xx/CVE-2023-28175.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28175",
"sourceIdentifier": "psirt@bosch.com",
"published": "2023-06-15T11:15:09.227",
"lastModified": "2023-06-15T12:39:17.910",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-05T13:25:06.167",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.1,
"impactScore": 4.0
},
{
"source": "psirt@bosch.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
},
{
"source": "psirt@bosch.com",
"type": "Secondary",
@ -46,10 +76,275 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bosch:video_management_system:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.5",
"versionEndIncluding": "11.1.1",
"matchCriteriaId": "19576583-FEDD-4D73-AE62-863636F9CC3F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bosch:video_management_system_viewer:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.5",
"versionEndIncluding": "11.1.1",
"matchCriteriaId": "AE49F10A-B283-4A83-B2D4-FC2EF44C9CC7"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:divar_ip_4000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CF7AC49B-19B5-474A-B2AD-8801440663B2"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:divar_ip_5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AB0DE1C9-D3C0-49BF-9FFD-B765F9AF6691"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:divar_ip_6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "790EF36F-6C6B-477E-A2B8-369E6D113004"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:divar_ip_7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10D23E90-110B-4ADC-8417-CD0149D126D2"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:divar_ip_7000_r2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7C27C0C9-7FC8-4B0C-BBF1-C7833CA9B2DE"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:divar_ip_7000_r3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C021F78B-FBA2-4C35-8B26-FF0E3D4B9907"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:bosch:divar_ip_3000_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.5",
"versionEndIncluding": "8.0",
"matchCriteriaId": "167DFF9C-69C3-4C70-B8A7-992D8D2AAD95"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:divar_ip_3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F7EE760B-9B65-49A3-92E5-93880C58A628"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:bosch:divar_ip_6000_firmware:11.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D313D23C-C0A8-4F36-93F5-9CF39EF6463F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:divar_ip_6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "790EF36F-6C6B-477E-A2B8-369E6D113004"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:bosch:divar_ip_4000_firmware:11.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "92342086-0830-4ABE-A3CF-91255FB7D0B6"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:divar_ip_4000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CF7AC49B-19B5-474A-B2AD-8801440663B2"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:bosch:divar_ip_5000_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.0",
"versionEndIncluding": "11.1.1",
"matchCriteriaId": "4A981D11-E964-412C-A333-96BB930758CC"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:divar_ip_5000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AB0DE1C9-D3C0-49BF-9FFD-B765F9AF6691"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:bosch:divar_ip_7000_r2_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.5",
"versionEndIncluding": "11.1.1",
"matchCriteriaId": "D1622C8F-3DD5-4112-BE15-C8873EDFA67E"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:divar_ip_7000_r2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7C27C0C9-7FC8-4B0C-BBF1-C7833CA9B2DE"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:bosch:divar_ip_7000_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.5",
"versionEndIncluding": "8.0",
"matchCriteriaId": "69B16286-EF3B-4A4A-AB48-4149CFE6C862"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:divar_ip_7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10D23E90-110B-4ADC-8417-CD0149D126D2"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:bosch:divar_ip_7000_r3_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "10.1.1",
"versionEndIncluding": "11.1.1",
"matchCriteriaId": "D9BCD391-4552-4375-BCE7-0EF1BD81A03E"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:bosch:divar_ip_7000_r3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C021F78B-FBA2-4C35-8B26-FF0E3D4B9907"
}
]
}
]
}
],
"references": [
{
"url": "https://psirt.bosch.com/security-advisories/BOSCH-SA-025794-bt.html",
"source": "psirt@bosch.com"
"source": "psirt@bosch.com",
"tags": [
"Vendor Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-285xx/CVE-2023-28541.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28541",
"sourceIdentifier": "product-security@qualcomm.com",
"published": "2023-07-04T05:15:10.913",
"lastModified": "2023-07-04T05:15:10.913",
"vulnStatus": "Received",
"lastModified": "2023-07-05T13:00:31.237",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-285xx/CVE-2023-28542.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28542",
"sourceIdentifier": "product-security@qualcomm.com",
"published": "2023-07-04T05:15:10.970",
"lastModified": "2023-07-04T05:15:10.970",
"vulnStatus": "Received",
"lastModified": "2023-07-05T13:00:31.237",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

105
CVE-2023/CVE-2023-28xx/CVE-2023-2847.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2847",
"sourceIdentifier": "security@eset.com",
"published": "2023-06-15T08:15:09.150",
"lastModified": "2023-06-15T12:39:17.910",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-05T13:28:26.223",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "security@eset.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-269"
}
]
},
{
"source": "security@eset.com",
"type": "Secondary",
@ -46,10 +76,79 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:eset:cyber_security:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.3.0",
"versionEndExcluding": "7.3.3700.0",
"matchCriteriaId": "98364EAC-A092-43AD-9E40-07461C2C88CC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:eset:endpoint_antivirus:*:*:*:*:*:linux_kernel:*:*",
"versionEndExcluding": "8.1.12.0",
"matchCriteriaId": "3790FBC6-9B62-4793-B247-8A5EC1E3A44C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:eset:endpoint_antivirus:*:*:*:*:*:macos:*:*",
"versionStartIncluding": "7.0.0",
"versionEndExcluding": "7.3.3600.0",
"matchCriteriaId": "0F0477F7-831B-43E7-BC10-F4271394A1AE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:eset:endpoint_antivirus:*:*:*:*:*:linux_kernel:*:*",
"versionStartIncluding": "9.0.5.0",
"versionEndExcluding": "9.0.10.0",
"matchCriteriaId": "654CCEB1-6BAC-41E3-85AD-A1FA17BD194D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:eset:endpoint_antivirus:*:*:*:*:*:linux_kernel:*:*",
"versionStartIncluding": "9.1.4.0",
"versionEndExcluding": "9.1.11.0",
"matchCriteriaId": "4223FD72-EA39-4656-B268-FF23319F55E1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:eset:server_security:*:*:*:*:*:linux_kernel:*:*",
"versionEndExcluding": "8.1.823.0",
"matchCriteriaId": "BF425CAB-6E2E-4D3F-B4BC-951D58D16A5B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:eset:server_security:*:*:*:*:*:linux_kernel:*:*",
"versionStartIncluding": "9.0.464.0",
"versionEndExcluding": "9.0.466.0",
"matchCriteriaId": "E3BC0EF1-1CA5-4071-8D8E-259D49868EDE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:eset:server_security:*:*:*:*:*:linux_kernel:*:*",
"versionStartIncluding": "9.1.96.0",
"versionEndExcluding": "9.1.98.0",
"matchCriteriaId": "6A51D2FC-FD35-45B9-B293-2663EE84380F"
}
]
}
]
}
],
"references": [
{
"url": "https://support.eset.com/en/ca8447",
"source": "security@eset.com"
"source": "security@eset.com",
"tags": [
"Vendor Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-28xx/CVE-2023-2880.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2880",
"sourceIdentifier": "info@cert.vde.com",
"published": "2023-07-05T10:15:09.567",
"lastModified": "2023-07-05T10:15:09.567",
"vulnStatus": "Received",
"lastModified": "2023-07-05T13:00:26.547",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-29xx/CVE-2023-2974.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2974",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-07-04T14:15:09.473",
"lastModified": "2023-07-04T14:15:09.473",
"vulnStatus": "Received",
"lastModified": "2023-07-05T13:00:31.237",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

71
CVE-2023/CVE-2023-303xx/CVE-2023-30362.json
View File

@ -2,23 +2,84 @@
"id": "CVE-2023-30362",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-23T12:15:09.573",
"lastModified": "2023-06-23T13:03:18.900",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-05T12:34:54.553",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Buffer Overflow vulnerability in coap_send function in libcoap library 4.3.1-103-g52cfd56 fixed in 4.3.1-120-ge242200 allows attackers to obtain sensitive information via malformed pdu."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:libcoap:libcoap:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.3.1-120-ge242200",
"matchCriteriaId": "391B2A5A-4707-484C-A2FB-933CF66D9F2E"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/obgm/libcoap/issues/1063",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
]
},
{
"url": "https://github.com/obgm/libcoap/pull/1065",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Patch"
]
}
]
}

4
CVE-2023/CVE-2023-309xx/CVE-2023-30990.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30990",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-07-04T00:15:09.927",
"lastModified": "2023-07-04T00:15:09.927",
"vulnStatus": "Received",
"lastModified": "2023-07-05T13:00:42.097",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

47
CVE-2023/CVE-2023-30xx/CVE-2023-3089.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2023-3089",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-07-05T13:15:09.707",
"lastModified": "2023-07-05T13:15:09.707",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-validated."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secalert@redhat.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 4.7
}
]
},
"references": [
{
"url": "https://access.redhat.com/security/cve/CVE-2023-3089",
"source": "secalert@redhat.com"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2212085",
"source": "secalert@redhat.com"
}
]
}

54
CVE-2023/CVE-2023-314xx/CVE-2023-31469.json
View File

@ -2,15 +2,38 @@
"id": "CVE-2023-31469",
"sourceIdentifier": "security@apache.org",
"published": "2023-06-23T08:15:09.220",
"lastModified": "2023-06-23T13:03:31.027",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-05T13:21:25.333",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "\nA REST interface in Apache StreamPipes (versions 0.69.0 to 0.91.0) was not properly restricted to admin-only access. This allowed a non-admin user with valid login credentials to elevate privileges beyond the initially assigned roles.\nThe issue is resolved by upgrading to StreamPipes 0.92.0.\n\n"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security@apache.org",
@ -23,10 +46,33 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:streampipes:*:*:*:*:*:*:*:*",
"versionStartIncluding": "0.69.0",
"versionEndIncluding": "0.91.0",
"matchCriteriaId": "8795B46E-989D-4D94-B8B0-C2DAAA7E4823"
}
]
}
]
}
],
"references": [
{
"url": "https://lists.apache.org/thread/c4y8kf9bzpf36v4bottfmd8tc9cxo19m",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Mailing List",
"Vendor Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-319xx/CVE-2023-31999.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-31999",
"sourceIdentifier": "support@hackerone.com",
"published": "2023-07-04T17:15:10.657",
"lastModified": "2023-07-04T17:15:10.657",
"vulnStatus": "Received",
"lastModified": "2023-07-05T13:00:31.237",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-31xx/CVE-2023-3133.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3133",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-07-04T08:15:10.460",
"lastModified": "2023-07-04T08:15:10.460",
"vulnStatus": "Received",
"lastModified": "2023-07-05T13:00:31.237",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-31xx/CVE-2023-3139.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3139",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-07-04T08:15:10.517",
"lastModified": "2023-07-04T08:15:10.517",
"vulnStatus": "Received",
"lastModified": "2023-07-05T13:00:31.237",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

12
CVE-2023/CVE-2023-329xx/CVE-2023-32961.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32961",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-06-12T15:15:09.703",
"lastModified": "2023-06-16T16:30:36.837",
"vulnStatus": "Analyzed",
"lastModified": "2023-07-05T13:15:09.610",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -56,7 +56,7 @@
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
@ -66,7 +66,7 @@
]
},
{
"source": "audit@patchstack.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
@ -95,6 +95,10 @@
}
],
"references": [
{
"url": "https://lourcode.kr/posts/CVE-2023-32961-Analysis/",
"source": "audit@patchstack.com"
},
{
"url": "https://patchstack.com/database/vulnerability/zotpress/wordpress-zotpress-plugin-7-3-3-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com",

4
CVE-2023/CVE-2023-332xx/CVE-2023-33201.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-33201",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-05T03:15:09.197",
"lastModified": "2023-07-05T03:15:09.197",
"vulnStatus": "Received",
"lastModified": "2023-07-05T13:00:26.547",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-33xx/CVE-2023-3336.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3336",
"sourceIdentifier": "psirt@moxa.com",
"published": "2023-07-05T10:15:10.193",
"lastModified": "2023-07-05T10:15:10.193",
"vulnStatus": "Received",
"lastModified": "2023-07-05T13:00:26.547",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-33xx/CVE-2023-3395.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3395",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2023-07-03T21:15:10.107",
"lastModified": "2023-07-03T21:15:10.107",
"vulnStatus": "Received",
"lastModified": "2023-07-05T13:00:47.037",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-341xx/CVE-2023-34150.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34150",
"sourceIdentifier": "security@apache.org",
"published": "2023-07-05T08:15:09.143",
"lastModified": "2023-07-05T08:15:09.143",
"vulnStatus": "Received",
"lastModified": "2023-07-05T13:00:26.547",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

90
CVE-2023/CVE-2023-342xx/CVE-2023-34203.json
View File

@ -2,19 +2,101 @@
"id": "CVE-2023-34203",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-23T20:15:09.103",
"lastModified": "2023-06-24T12:41:30.800",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-05T13:29:17.093",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In Progress OpenEdge OEM (OpenEdge Management) and OEE (OpenEdge Explorer) before 12.7, a remote user (who has any OEM or OEE role) could perform a URL injection attack to change identity or role membership, e.g., escalate to admin. This affects OpenEdge LTS before 11.7.16, 12.x before 12.2.12, and 12.3.x through 12.6.x before 12.7."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-74"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:progress:openedge:*:*:*:*:lts:*:*:*",
"versionEndExcluding": "11.7.16",
"matchCriteriaId": "4F02D029-AF83-440A-8A8C-C6DB853A13F6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:progress:openedge:*:*:*:*:lts:*:*:*",
"versionStartIncluding": "12.0",
"versionEndExcluding": "12.2.12",
"matchCriteriaId": "A58060B0-9B48-470B-8766-967583071933"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:progress:openedge:*:*:*:*:lts:*:*:*",
"versionStartIncluding": "12.3",
"versionEndExcluding": "12.7",
"matchCriteriaId": "18CC54ED-4D25-4D66-8565-96AFDB8B4A8C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:progress:openedge_explorer:*:*:*:*:*:*:*:*",
"versionEndExcluding": "12.7",
"matchCriteriaId": "156C92E9-00BE-419F-971E-C475EF6ED8C9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:progress:openedge_management:*:*:*:*:*:*:*:*",
"versionEndExcluding": "12.7",
"matchCriteriaId": "10CFA60E-7888-4C90-9536-B94B771F2079"
}
]
}
]
}
],
"references": [
{
"url": "https://www.progress.com/openedge",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
}
]
}

36
CVE-2023/CVE-2023-34xx/CVE-2023-3455.json Normal file
View File

@ -0,0 +1,36 @@
{
"id": "CVE-2023-3455",
"sourceIdentifier": "psirt@huawei.com",
"published": "2023-07-05T13:15:09.770",
"lastModified": "2023-07-05T13:15:09.770",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Key management vulnerability on system. Successful exploitation of this vulnerability may affect service availability and integrity."
}
],
"metrics": {},
"weaknesses": [
{
"source": "psirt@huawei.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"references": [
{
"url": "https://consumer.huawei.com/en/support/bulletin/2023/7/",
"source": "psirt@huawei.com"
},
{
"url": "https://device.harmonyos.com/en/docs/security/update/security-bulletins-202307-0000001587168858",
"source": "psirt@huawei.com"
}
]
}

4
CVE-2023/CVE-2023-34xx/CVE-2023-3460.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3460",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-07-04T08:15:10.573",
"lastModified": "2023-07-04T08:15:10.573",
"vulnStatus": "Received",
"lastModified": "2023-07-05T13:00:31.237",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-34xx/CVE-2023-3482.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3482",
"sourceIdentifier": "security@mozilla.org",
"published": "2023-07-05T10:15:10.273",
"lastModified": "2023-07-05T10:15:10.273",
"vulnStatus": "Received",
"lastModified": "2023-07-05T13:00:26.547",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

107
CVE-2023/CVE-2023-351xx/CVE-2023-35172.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35172",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-06-23T21:15:09.777",
"lastModified": "2023-06-24T12:41:30.800",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-05T13:34:36.727",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,18 +66,95 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "21.0.0",
"versionEndExcluding": "21.0.9.12",
"matchCriteriaId": "C3851B67-74A7-4D1D-8B7C-F5A0075B2700"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "22.0.0",
"versionEndExcluding": "22.2.10.12",
"matchCriteriaId": "C5FA775A-1796-4C82-B943-CEC91FDA6A00"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "23.0.0",
"versionEndExcluding": "23.0.12.7",
"matchCriteriaId": "57E82EBA-930D-4B32-B2B5-3B7119C2EF8F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "24.0.0",
"versionEndExcluding": "24.0.12.2",
"matchCriteriaId": "9603AC3F-5104-4C18-BF51-25B52BC7E146"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:-:*:*:*",
"versionStartIncluding": "25.0.0",
"versionEndExcluding": "25.0.7",
"matchCriteriaId": "DD58A3B6-945E-4AFC-AE5C-A374C884167B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "25.0.0",
"versionEndExcluding": "25.0.7",
"matchCriteriaId": "7AC695D0-BD79-42B5-BA1D-3356791E4DEC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:-:*:*:*",
"versionStartIncluding": "26.0.0",
"versionEndExcluding": "26.0.2",
"matchCriteriaId": "CB3473C7-E5B9-44B1-AC74-F7224D9AB78B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "26.0.0",
"versionEndExcluding": "26.0.2",
"matchCriteriaId": "AE95CF9F-D964-4857-8805-2CE4CF2F6328"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-mjf5-p765-qmr6",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://github.com/nextcloud/server/pull/38267",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://hackerone.com/reports/1987062",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Permissions Required"
]
}
]
}

70
CVE-2023/CVE-2023-351xx/CVE-2023-35173.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35173",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-06-23T21:15:09.853",
"lastModified": "2023-06-24T12:41:30.800",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-05T13:33:57.170",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -36,8 +56,18 @@
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -46,18 +76,46 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nextcloud:end-to-end_encryption:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.12.0",
"versionEndExcluding": "1.12.4",
"matchCriteriaId": "5557AFFA-1E0A-4168-AFCE-C437D7F1E4C8"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/nextcloud/end_to_end_encryption/pull/435",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-x7c7-v5r3-mg37",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://hackerone.com/reports/1914115",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-357xx/CVE-2023-35786.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35786",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-05T06:15:21.090",
"lastModified": "2023-07-05T06:15:21.090",
"vulnStatus": "Received",
"lastModified": "2023-07-05T13:00:26.547",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

70
CVE-2023/CVE-2023-357xx/CVE-2023-35799.json
View File

@ -2,23 +2,83 @@
"id": "CVE-2023-35799",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-27T17:15:10.110",
"lastModified": "2023-06-27T18:34:43.840",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-05T13:42:25.120",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Stormshield Endpoint Security Evolution 2.0.0 through 2.3.2 has Insecure Permissions. An interactive user can use the SES Evolution agent to create arbitrary files with local system privileges."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-732"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:stormshield:endpoint_security:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.0.0",
"versionEndIncluding": "2.3.2",
"matchCriteriaId": "BAD1675D-5BA6-41EA-80B5-6EE0C638641D"
}
]
}
]
}
],
"references": [
{
"url": "https://advisories.stormshield.eu",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://advisories.stormshield.eu/2023-022/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
}
]
}

70
CVE-2023/CVE-2023-358xx/CVE-2023-35800.json
View File

@ -2,23 +2,83 @@
"id": "CVE-2023-35800",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-27T17:15:10.170",
"lastModified": "2023-06-27T18:34:43.840",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-05T13:40:17.047",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Stormshield Endpoint Security Evolution 2.0.0 through 2.4.2 has Insecure Permissions. An ACL entry on the SES Evolution agent directory that contains the agent logs displayed in the GUI allows interactive users to read data, which could allow access to information reserved to administrators."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-732"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:stormshield:endpoint_security:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.0.0",
"versionEndIncluding": "2.4.2",
"matchCriteriaId": "24E99B5B-053C-424F-83C4-8C500831E20C"
}
]
}
]
}
],
"references": [
{
"url": "https://advisories.stormshield.eu",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://advisories.stormshield.eu/2023-021/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
}
]
}

133
CVE-2023/CVE-2023-359xx/CVE-2023-35927.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35927",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-06-23T21:15:09.927",
"lastModified": "2023-06-24T12:41:30.800",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-05T13:32:05.113",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -36,8 +56,18 @@
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -46,18 +76,109 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "16.0.0",
"versionEndExcluding": "19.0.13.9",
"matchCriteriaId": "D7CBF405-5C3C-4479-9530-4D13C15D081D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "20.0.0",
"versionEndExcluding": "20.0.14.14",
"matchCriteriaId": "1F2E75AF-BECF-4A13-A2F4-6882F4AFE8F6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "21.0.0",
"versionEndExcluding": "21.0.9.12",
"matchCriteriaId": "C3851B67-74A7-4D1D-8B7C-F5A0075B2700"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "22.0.0",
"versionEndExcluding": "22.2.10.12",
"matchCriteriaId": "C5FA775A-1796-4C82-B943-CEC91FDA6A00"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "23.0.0",
"versionEndExcluding": "23.0.12.7",
"matchCriteriaId": "57E82EBA-930D-4B32-B2B5-3B7119C2EF8F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "24.0.0",
"versionEndExcluding": "24.0.12.2",
"matchCriteriaId": "9603AC3F-5104-4C18-BF51-25B52BC7E146"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:-:*:*:*",
"versionStartIncluding": "25.0.0",
"versionEndExcluding": "25.0.7",
"matchCriteriaId": "DD58A3B6-945E-4AFC-AE5C-A374C884167B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "25.0.0",
"versionEndExcluding": "25.0.7",
"matchCriteriaId": "7AC695D0-BD79-42B5-BA1D-3356791E4DEC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:-:*:*:*",
"versionStartIncluding": "26.0.0",
"versionEndExcluding": "26.0.2",
"matchCriteriaId": "CB3473C7-E5B9-44B1-AC74-F7224D9AB78B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nextcloud:nextcloud_server:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "26.0.0",
"versionEndExcluding": "26.0.2",
"matchCriteriaId": "AE95CF9F-D964-4857-8805-2CE4CF2F6328"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/nextcloud/security-advisories/security/advisories/GHSA-h7f7-535f-7q87",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://github.com/nextcloud/server/pull/38247",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://hackerone.com/reports/1976754",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Permissions Required"
]
}
]
}

Some files were not shown because too many files have changed in this diff Show More