diff --git a/CVE-2022/CVE-2022-428xx/CVE-2022-42880.json b/CVE-2022/CVE-2022-428xx/CVE-2022-42880.json index 386d5678296..977cfa98fc0 100644 --- a/CVE-2022/CVE-2022-428xx/CVE-2022-42880.json +++ b/CVE-2022/CVE-2022-428xx/CVE-2022-42880.json @@ -2,8 +2,8 @@ "id": "CVE-2022-42880", "sourceIdentifier": "audit@patchstack.com", "published": "2023-06-13T15:15:11.607", - "lastModified": "2023-06-13T16:54:51.953", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-20T13:23:12.263", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +66,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:auto_upload_images_project:auto_upload_images:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "3.3.1", + "matchCriteriaId": "7CBA2610-4EAC-4717-8A61-860CF1B3336B" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/auto-upload-images/wordpress-auto-upload-images-plugin-3-3-cross-site-request-forgery-csrf-vulnerability-leading-to-stored-cross-site-scripting-xss?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-18xx/CVE-2023-1862.json b/CVE-2023/CVE-2023-18xx/CVE-2023-1862.json index 2b4c43299eb..29d114487de 100644 --- a/CVE-2023/CVE-2023-18xx/CVE-2023-1862.json +++ b/CVE-2023/CVE-2023-18xx/CVE-2023-1862.json @@ -2,8 +2,8 @@ "id": "CVE-2023-1862", "sourceIdentifier": "cna@cloudflare.com", "published": "2023-06-20T09:15:09.463", - "lastModified": "2023-06-20T09:15:09.463", - "vulnStatus": "Received", + "lastModified": "2023-06-20T13:03:08.293", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-19xx/CVE-2023-1999.json b/CVE-2023/CVE-2023-19xx/CVE-2023-1999.json new file mode 100644 index 00000000000..0b1ca3ef3b4 --- /dev/null +++ b/CVE-2023/CVE-2023-19xx/CVE-2023-1999.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-1999", + "sourceIdentifier": "cve-coordination@google.com", + "published": "2023-06-20T12:15:09.600", + "lastModified": "2023-06-20T13:03:08.293", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "There exists a use after free/double free in libwebp. An attacker can use the\u00a0ApplyFiltersAndEncode() function and loop through to free best.bw and assign best = trial pointer. The second loop will then return 0 because of an Out of memory error in VP8 encoder, the pointer is still assigned to trial and the AddressSanitizer will attempt a double free.\u00a0\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cve-coordination@google.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.6, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "cve-coordination@google.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "references": [ + { + "url": "https://chromium.googlesource.com/webm/libwebp", + "source": "cve-coordination@google.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-238xx/CVE-2023-23831.json b/CVE-2023/CVE-2023-238xx/CVE-2023-23831.json index 0bac83b41c1..fec9a8d1564 100644 --- a/CVE-2023/CVE-2023-238xx/CVE-2023-23831.json +++ b/CVE-2023/CVE-2023-238xx/CVE-2023-23831.json @@ -2,8 +2,8 @@ "id": "CVE-2023-23831", "sourceIdentifier": "audit@patchstack.com", "published": "2023-06-13T15:15:12.523", - "lastModified": "2023-06-13T16:54:51.953", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-20T13:54:10.147", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +66,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:rating-widget:ratingwidget:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "3.1.9", + "matchCriteriaId": "A7065779-97AA-440E-8871-0E5FCB5E920A" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/rating-widget/wordpress-rating-widget-star-review-system-plugin-3-1-9-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-264xx/CVE-2023-26427.json b/CVE-2023/CVE-2023-264xx/CVE-2023-26427.json index a1534a2d537..fba66736e58 100644 --- a/CVE-2023/CVE-2023-264xx/CVE-2023-26427.json +++ b/CVE-2023/CVE-2023-264xx/CVE-2023-26427.json @@ -2,8 +2,8 @@ "id": "CVE-2023-26427", "sourceIdentifier": "security@open-xchange.com", "published": "2023-06-20T08:15:09.073", - "lastModified": "2023-06-20T08:15:09.073", - "vulnStatus": "Received", + "lastModified": "2023-06-20T13:03:08.293", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-264xx/CVE-2023-26428.json b/CVE-2023/CVE-2023-264xx/CVE-2023-26428.json index c41a0167cea..61987506d01 100644 --- a/CVE-2023/CVE-2023-264xx/CVE-2023-26428.json +++ b/CVE-2023/CVE-2023-264xx/CVE-2023-26428.json @@ -2,8 +2,8 @@ "id": "CVE-2023-26428", "sourceIdentifier": "security@open-xchange.com", "published": "2023-06-20T08:15:09.163", - "lastModified": "2023-06-20T08:15:09.163", - "vulnStatus": "Received", + "lastModified": "2023-06-20T13:03:08.293", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-264xx/CVE-2023-26429.json b/CVE-2023/CVE-2023-264xx/CVE-2023-26429.json index 69e6b9d19fe..d9e47ff85a9 100644 --- a/CVE-2023/CVE-2023-264xx/CVE-2023-26429.json +++ b/CVE-2023/CVE-2023-264xx/CVE-2023-26429.json @@ -2,8 +2,8 @@ "id": "CVE-2023-26429", "sourceIdentifier": "security@open-xchange.com", "published": "2023-06-20T08:15:09.230", - "lastModified": "2023-06-20T08:15:09.230", - "vulnStatus": "Received", + "lastModified": "2023-06-20T13:03:08.293", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-264xx/CVE-2023-26431.json b/CVE-2023/CVE-2023-264xx/CVE-2023-26431.json index d7d22183167..bb9cb67eee5 100644 --- a/CVE-2023/CVE-2023-264xx/CVE-2023-26431.json +++ b/CVE-2023/CVE-2023-264xx/CVE-2023-26431.json @@ -2,8 +2,8 @@ "id": "CVE-2023-26431", "sourceIdentifier": "security@open-xchange.com", "published": "2023-06-20T08:15:09.297", - "lastModified": "2023-06-20T08:15:09.297", - "vulnStatus": "Received", + "lastModified": "2023-06-20T13:03:08.293", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-264xx/CVE-2023-26432.json b/CVE-2023/CVE-2023-264xx/CVE-2023-26432.json index d1420882cc2..8ed57df6c07 100644 --- a/CVE-2023/CVE-2023-264xx/CVE-2023-26432.json +++ b/CVE-2023/CVE-2023-264xx/CVE-2023-26432.json @@ -2,8 +2,8 @@ "id": "CVE-2023-26432", "sourceIdentifier": "security@open-xchange.com", "published": "2023-06-20T08:15:09.360", - "lastModified": "2023-06-20T08:15:09.360", - "vulnStatus": "Received", + "lastModified": "2023-06-20T13:03:08.293", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-264xx/CVE-2023-26433.json b/CVE-2023/CVE-2023-264xx/CVE-2023-26433.json index 4149eebd947..44cfee39fc1 100644 --- a/CVE-2023/CVE-2023-264xx/CVE-2023-26433.json +++ b/CVE-2023/CVE-2023-264xx/CVE-2023-26433.json @@ -2,8 +2,8 @@ "id": "CVE-2023-26433", "sourceIdentifier": "security@open-xchange.com", "published": "2023-06-20T08:15:09.427", - "lastModified": "2023-06-20T08:15:09.427", - "vulnStatus": "Received", + "lastModified": "2023-06-20T13:03:08.293", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-264xx/CVE-2023-26434.json b/CVE-2023/CVE-2023-264xx/CVE-2023-26434.json index 882a520c76f..3e73f11636f 100644 --- a/CVE-2023/CVE-2023-264xx/CVE-2023-26434.json +++ b/CVE-2023/CVE-2023-264xx/CVE-2023-26434.json @@ -2,8 +2,8 @@ "id": "CVE-2023-26434", "sourceIdentifier": "security@open-xchange.com", "published": "2023-06-20T08:15:09.487", - "lastModified": "2023-06-20T08:15:09.487", - "vulnStatus": "Received", + "lastModified": "2023-06-20T13:03:08.293", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-264xx/CVE-2023-26435.json b/CVE-2023/CVE-2023-264xx/CVE-2023-26435.json index f361737aeca..cf2a9202836 100644 --- a/CVE-2023/CVE-2023-264xx/CVE-2023-26435.json +++ b/CVE-2023/CVE-2023-264xx/CVE-2023-26435.json @@ -2,8 +2,8 @@ "id": "CVE-2023-26435", "sourceIdentifier": "security@open-xchange.com", "published": "2023-06-20T08:15:09.547", - "lastModified": "2023-06-20T08:15:09.547", - "vulnStatus": "Received", + "lastModified": "2023-06-20T13:03:08.293", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-264xx/CVE-2023-26436.json b/CVE-2023/CVE-2023-264xx/CVE-2023-26436.json index 5043fa9b538..5bb2deecdf3 100644 --- a/CVE-2023/CVE-2023-264xx/CVE-2023-26436.json +++ b/CVE-2023/CVE-2023-264xx/CVE-2023-26436.json @@ -2,8 +2,8 @@ "id": "CVE-2023-26436", "sourceIdentifier": "security@open-xchange.com", "published": "2023-06-20T08:15:09.607", - "lastModified": "2023-06-20T08:15:09.607", - "vulnStatus": "Received", + "lastModified": "2023-06-20T13:03:08.293", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-334xx/CVE-2023-33495.json b/CVE-2023/CVE-2023-334xx/CVE-2023-33495.json new file mode 100644 index 00000000000..42e844030c3 --- /dev/null +++ b/CVE-2023/CVE-2023-334xx/CVE-2023-33495.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-33495", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-06-20T13:15:09.627", + "lastModified": "2023-06-20T13:15:09.627", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Craft CMS through 4.4.9 is vulnerable to HTML Injection." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://medium.com/@mondalsomnath9135/html-injection-in-craft-cms-application-e2b28f746212", + "source": "cve@mitre.org" + }, + { + "url": "https://owasp.org/www-project-web-security-testing-guide/latest/4-Web_Application_Security_Testing/11-Client-side_Testing/03-Testing_for_HTML_Injection", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-33xx/CVE-2023-3337.json b/CVE-2023/CVE-2023-33xx/CVE-2023-3337.json new file mode 100644 index 00000000000..d29203fd602 --- /dev/null +++ b/CVE-2023/CVE-2023-33xx/CVE-2023-3337.json @@ -0,0 +1,84 @@ +{ + "id": "CVE-2023-3337", + "sourceIdentifier": "cna@vuldb.com", + "published": "2023-06-20T12:15:09.743", + "lastModified": "2023-06-20T13:03:08.293", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in PuneethReddyHC Online Shopping System Advanced 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/reg.php of the component Admin Registration. The manipulation leads to improper authentication. The attack can be launched remotely. The identifier VDB-232009 was assigned to this vulnerability." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.3, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "NONE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL", + "baseScore": 7.5 + }, + "baseSeverity": "HIGH", + "exploitabilityScore": 10.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-287" + } + ] + } + ], + "references": [ + { + "url": "https://vuldb.com/?ctiid.232009", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.232009", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-343xx/CVE-2023-34342.json b/CVE-2023/CVE-2023-343xx/CVE-2023-34342.json index 885b56de5ce..0dc5e2f50e0 100644 --- a/CVE-2023/CVE-2023-343xx/CVE-2023-34342.json +++ b/CVE-2023/CVE-2023-343xx/CVE-2023-34342.json @@ -2,8 +2,8 @@ "id": "CVE-2023-34342", "sourceIdentifier": "biossecurity@ami.com", "published": "2023-06-12T18:15:10.463", - "lastModified": "2023-06-12T18:22:56.843", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-20T13:46:35.057", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.2 + }, { "source": "biossecurity@ami.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + }, { "source": "biossecurity@ami.com", "type": "Secondary", @@ -46,10 +76,39 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ami:megarac_sp-x:*:*:*:*:*:*:*:*", + "versionStartIncluding": "12.0", + "versionEndExcluding": "12.7", + "matchCriteriaId": "BBB7BA77-D5E4-4A28-A164-246D13264E74" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ami:megarac_sp-x:*:*:*:*:*:*:*:*", + "versionStartIncluding": "13.0", + "versionEndExcluding": "13.5", + "matchCriteriaId": "7A29A821-0C82-47A1-8345-7B367F88EEF8" + } + ] + } + ] + } + ], "references": [ { "url": "https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023005.pdf", - "source": "biossecurity@ami.com" + "source": "biossecurity@ami.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-343xx/CVE-2023-34343.json b/CVE-2023/CVE-2023-343xx/CVE-2023-34343.json index 33876f937c6..2456a2099c6 100644 --- a/CVE-2023/CVE-2023-343xx/CVE-2023-34343.json +++ b/CVE-2023/CVE-2023-343xx/CVE-2023-34343.json @@ -2,8 +2,8 @@ "id": "CVE-2023-34343", "sourceIdentifier": "biossecurity@ami.com", "published": "2023-06-12T18:15:10.533", - "lastModified": "2023-06-12T18:22:56.843", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-06-20T13:46:15.263", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "biossecurity@ami.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-78" + } + ] + }, { "source": "biossecurity@ami.com", "type": "Secondary", @@ -46,10 +76,39 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ami:megarac_sp-x:*:*:*:*:*:*:*:*", + "versionStartIncluding": "12.0", + "versionEndExcluding": "12.7", + "matchCriteriaId": "BBB7BA77-D5E4-4A28-A164-246D13264E74" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ami:megarac_sp-x:*:*:*:*:*:*:*:*", + "versionStartIncluding": "13.0", + "versionEndExcluding": "13.5", + "matchCriteriaId": "7A29A821-0C82-47A1-8345-7B367F88EEF8" + } + ] + } + ] + } + ], "references": [ { "url": "https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023005.pdf", - "source": "biossecurity@ami.com" + "source": "biossecurity@ami.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-345xx/CVE-2023-34596.json b/CVE-2023/CVE-2023-345xx/CVE-2023-34596.json new file mode 100644 index 00000000000..62a052318f1 --- /dev/null +++ b/CVE-2023/CVE-2023-345xx/CVE-2023-34596.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-34596", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-06-20T13:15:09.683", + "lastModified": "2023-06-20T13:15:09.683", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability in Aeotec WallMote Switch firmware v2.3 allows attackers to cause a Denial of Service (DoS) via a crafted Z-Wave message." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://aeotec.com/products/aeotec-wallmote-quad/;", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/iot-sec23/IoT-CVE/blob/main/Aeotec%20WallMote%20Switch%20Vulnerability%20Report.pdf", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-345xx/CVE-2023-34597.json b/CVE-2023/CVE-2023-345xx/CVE-2023-34597.json new file mode 100644 index 00000000000..381bcf5cd02 --- /dev/null +++ b/CVE-2023/CVE-2023-345xx/CVE-2023-34597.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-34597", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-06-20T13:15:09.727", + "lastModified": "2023-06-20T13:15:09.727", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability in Fibaro Motion Sensor firmware v3.4 allows attackers to cause a Denial of Service (DoS) via a crafted Z-Wave message." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/iot-sec23/IoT-CVE/blob/main/Fibaro%20Motion%20Sensor%20Vulnerability%20Report.pdf", + "source": "cve@mitre.org" + }, + { + "url": "https://www.fibaro.com/en/products/motion-sensor/;", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-350xx/CVE-2023-35097.json b/CVE-2023/CVE-2023-350xx/CVE-2023-35097.json index 29fa8957982..bb8a33fb92f 100644 --- a/CVE-2023/CVE-2023-350xx/CVE-2023-35097.json +++ b/CVE-2023/CVE-2023-350xx/CVE-2023-35097.json @@ -2,8 +2,8 @@ "id": "CVE-2023-35097", "sourceIdentifier": "audit@patchstack.com", "published": "2023-06-20T10:15:09.657", - "lastModified": "2023-06-20T10:15:09.657", - "vulnStatus": "Received", + "lastModified": "2023-06-20T13:03:08.293", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-350xx/CVE-2023-35098.json b/CVE-2023/CVE-2023-350xx/CVE-2023-35098.json index 1c8ebcc2cd0..7146a1e947d 100644 --- a/CVE-2023/CVE-2023-350xx/CVE-2023-35098.json +++ b/CVE-2023/CVE-2023-350xx/CVE-2023-35098.json @@ -2,8 +2,8 @@ "id": "CVE-2023-35098", "sourceIdentifier": "audit@patchstack.com", "published": "2023-06-20T10:15:09.737", - "lastModified": "2023-06-20T10:15:09.737", - "vulnStatus": "Received", + "lastModified": "2023-06-20T13:03:08.293", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-358xx/CVE-2023-35854.json b/CVE-2023/CVE-2023-358xx/CVE-2023-35854.json new file mode 100644 index 00000000000..b9b040982fb --- /dev/null +++ b/CVE-2023/CVE-2023-358xx/CVE-2023-35854.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-35854", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-06-20T12:15:09.690", + "lastModified": "2023-06-20T13:03:08.293", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Zoho ManageEngine ADSelfService Plus through 6113 has an authentication bypass that can be exploited to steal the domain controller session token for identity spoofing, thereby achieving the privileges of the domain controller administrator." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/970198175/Simply-use", + "source": "cve@mitre.org" + }, + { + "url": "https://www.manageengine.com", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-358xx/CVE-2023-35878.json b/CVE-2023/CVE-2023-358xx/CVE-2023-35878.json index 509c98302d6..b1899c03cea 100644 --- a/CVE-2023/CVE-2023-358xx/CVE-2023-35878.json +++ b/CVE-2023/CVE-2023-358xx/CVE-2023-35878.json @@ -2,8 +2,8 @@ "id": "CVE-2023-35878", "sourceIdentifier": "audit@patchstack.com", "published": "2023-06-20T08:15:09.670", - "lastModified": "2023-06-20T08:15:09.670", - "vulnStatus": "Received", + "lastModified": "2023-06-20T13:03:08.293", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-358xx/CVE-2023-35882.json b/CVE-2023/CVE-2023-358xx/CVE-2023-35882.json index 9fa9a8addcc..74742863a3c 100644 --- a/CVE-2023/CVE-2023-358xx/CVE-2023-35882.json +++ b/CVE-2023/CVE-2023-358xx/CVE-2023-35882.json @@ -2,8 +2,8 @@ "id": "CVE-2023-35882", "sourceIdentifier": "audit@patchstack.com", "published": "2023-06-20T08:15:09.733", - "lastModified": "2023-06-20T08:15:09.733", - "vulnStatus": "Received", + "lastModified": "2023-06-20T13:03:08.293", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-358xx/CVE-2023-35884.json b/CVE-2023/CVE-2023-358xx/CVE-2023-35884.json index a463e08dc3a..aaec87ead7e 100644 --- a/CVE-2023/CVE-2023-358xx/CVE-2023-35884.json +++ b/CVE-2023/CVE-2023-358xx/CVE-2023-35884.json @@ -2,8 +2,8 @@ "id": "CVE-2023-35884", "sourceIdentifier": "audit@patchstack.com", "published": "2023-06-20T07:15:08.993", - "lastModified": "2023-06-20T07:15:08.993", - "vulnStatus": "Received", + "lastModified": "2023-06-20T13:03:08.293", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/README.md b/README.md index 3105f80c953..a73a40b68d1 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-06-20T12:00:25.701847+00:00 +2023-06-20T14:00:26.470541+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-06-20T10:15:09.737000+00:00 +2023-06-20T13:54:10.147000+00:00 ``` ### Last Data Feed Release @@ -29,21 +29,44 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -218124 +218130 ``` ### CVEs added in the last Commit -Recently added CVEs: `2` +Recently added CVEs: `6` -* [CVE-2023-35097](CVE-2023/CVE-2023-350xx/CVE-2023-35097.json) (`2023-06-20T10:15:09.657`) -* [CVE-2023-35098](CVE-2023/CVE-2023-350xx/CVE-2023-35098.json) (`2023-06-20T10:15:09.737`) +* [CVE-2023-1999](CVE-2023/CVE-2023-19xx/CVE-2023-1999.json) (`2023-06-20T12:15:09.600`) +* [CVE-2023-35854](CVE-2023/CVE-2023-358xx/CVE-2023-35854.json) (`2023-06-20T12:15:09.690`) +* [CVE-2023-3337](CVE-2023/CVE-2023-33xx/CVE-2023-3337.json) (`2023-06-20T12:15:09.743`) +* [CVE-2023-33495](CVE-2023/CVE-2023-334xx/CVE-2023-33495.json) (`2023-06-20T13:15:09.627`) +* [CVE-2023-34596](CVE-2023/CVE-2023-345xx/CVE-2023-34596.json) (`2023-06-20T13:15:09.683`) +* [CVE-2023-34597](CVE-2023/CVE-2023-345xx/CVE-2023-34597.json) (`2023-06-20T13:15:09.727`) ### CVEs modified in the last Commit -Recently modified CVEs: `0` +Recently modified CVEs: `19` +* [CVE-2022-42880](CVE-2022/CVE-2022-428xx/CVE-2022-42880.json) (`2023-06-20T13:23:12.263`) +* [CVE-2023-35884](CVE-2023/CVE-2023-358xx/CVE-2023-35884.json) (`2023-06-20T13:03:08.293`) +* [CVE-2023-26427](CVE-2023/CVE-2023-264xx/CVE-2023-26427.json) (`2023-06-20T13:03:08.293`) +* [CVE-2023-26428](CVE-2023/CVE-2023-264xx/CVE-2023-26428.json) (`2023-06-20T13:03:08.293`) +* [CVE-2023-26429](CVE-2023/CVE-2023-264xx/CVE-2023-26429.json) (`2023-06-20T13:03:08.293`) +* [CVE-2023-26431](CVE-2023/CVE-2023-264xx/CVE-2023-26431.json) (`2023-06-20T13:03:08.293`) +* [CVE-2023-26432](CVE-2023/CVE-2023-264xx/CVE-2023-26432.json) (`2023-06-20T13:03:08.293`) +* [CVE-2023-26433](CVE-2023/CVE-2023-264xx/CVE-2023-26433.json) (`2023-06-20T13:03:08.293`) +* [CVE-2023-26434](CVE-2023/CVE-2023-264xx/CVE-2023-26434.json) (`2023-06-20T13:03:08.293`) +* [CVE-2023-26435](CVE-2023/CVE-2023-264xx/CVE-2023-26435.json) (`2023-06-20T13:03:08.293`) +* [CVE-2023-26436](CVE-2023/CVE-2023-264xx/CVE-2023-26436.json) (`2023-06-20T13:03:08.293`) +* [CVE-2023-35878](CVE-2023/CVE-2023-358xx/CVE-2023-35878.json) (`2023-06-20T13:03:08.293`) +* [CVE-2023-35882](CVE-2023/CVE-2023-358xx/CVE-2023-35882.json) (`2023-06-20T13:03:08.293`) +* [CVE-2023-1862](CVE-2023/CVE-2023-18xx/CVE-2023-1862.json) (`2023-06-20T13:03:08.293`) +* [CVE-2023-35097](CVE-2023/CVE-2023-350xx/CVE-2023-35097.json) (`2023-06-20T13:03:08.293`) +* [CVE-2023-35098](CVE-2023/CVE-2023-350xx/CVE-2023-35098.json) (`2023-06-20T13:03:08.293`) +* [CVE-2023-34343](CVE-2023/CVE-2023-343xx/CVE-2023-34343.json) (`2023-06-20T13:46:15.263`) +* [CVE-2023-34342](CVE-2023/CVE-2023-343xx/CVE-2023-34342.json) (`2023-06-20T13:46:35.057`) +* [CVE-2023-23831](CVE-2023/CVE-2023-238xx/CVE-2023-23831.json) (`2023-06-20T13:54:10.147`) ## Download and Usage