admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-08-10T08:00:28.903345+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-08-10 08:00:32 +00:00
parent 9e9290fb10
commit 6f098bed6b
4 changed files with 132 additions and 57 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
CVE-2023/CVE-2023-37xx/CVE-2023-3772.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3772",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-07-25T16:15:11.660",
"lastModified": "2023-08-02T15:33:46.097",
"vulnStatus": "Analyzed",
"lastModified": "2023-08-10T06:15:42.903",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -119,6 +119,10 @@
}
],
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2023/08/10/1",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-3772",
"source": "secalert@redhat.com",

59
CVE-2023/CVE-2023-42xx/CVE-2023-4276.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-4276",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-08-10T07:15:37.463",
"lastModified": "2023-08-10T07:15:37.463",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Absolute Privacy plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.1. This is due to missing nonce validation on the 'abpr_profileShortcode' function. This makes it possible for unauthenticated attackers to change user email and password via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/absolute-privacy/trunk/profile_page.php",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f3855e84-b97e-4729-8a48-55f2a2444e2c?source=cve",
"source": "security@wordfence.com"
}
]
}

59
CVE-2023/CVE-2023-42xx/CVE-2023-4277.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-4277",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-08-10T07:15:37.797",
"lastModified": "2023-08-10T07:15:37.797",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Realia plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.4.0. This is due to missing nonce validation on the 'process_change_profile_form' function. This makes it possible for unauthenticated attackers to change user email via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/realia/tags/1.4.0/includes/post-types/class-realia-post-type-user.php#L112",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/06f33e18-0bdd-4c56-a8df-fc1969b9ecf8?source=cve",
"source": "security@wordfence.com"
}
]
}

63
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-08-10T04:00:41.070797+00:00
2023-08-10T08:00:28.903345+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-08-10T03:53:57.297000+00:00
2023-08-10T07:15:37.797000+00:00
```
### Last Data Feed Release
@ -29,69 +29,22 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
222239
222241
```
### CVEs added in the last Commit
Recently added CVEs: `26`
Recently added CVEs: `2`
* [CVE-2023-30679](CVE-2023/CVE-2023-306xx/CVE-2023-30679.json) (`2023-08-10T02:15:10.610`)
* [CVE-2023-30680](CVE-2023/CVE-2023-306xx/CVE-2023-30680.json) (`2023-08-10T02:15:10.713`)
* [CVE-2023-30681](CVE-2023/CVE-2023-306xx/CVE-2023-30681.json) (`2023-08-10T02:15:10.807`)
* [CVE-2023-30682](CVE-2023/CVE-2023-306xx/CVE-2023-30682.json) (`2023-08-10T02:15:10.913`)
* [CVE-2023-30683](CVE-2023/CVE-2023-306xx/CVE-2023-30683.json) (`2023-08-10T02:15:11.007`)
* [CVE-2023-30684](CVE-2023/CVE-2023-306xx/CVE-2023-30684.json) (`2023-08-10T02:15:11.097`)
* [CVE-2023-30685](CVE-2023/CVE-2023-306xx/CVE-2023-30685.json) (`2023-08-10T02:15:11.190`)
* [CVE-2023-30686](CVE-2023/CVE-2023-306xx/CVE-2023-30686.json) (`2023-08-10T02:15:11.273`)
* [CVE-2023-30687](CVE-2023/CVE-2023-306xx/CVE-2023-30687.json) (`2023-08-10T02:15:11.367`)
* [CVE-2023-30688](CVE-2023/CVE-2023-306xx/CVE-2023-30688.json) (`2023-08-10T02:15:11.457`)
* [CVE-2023-30689](CVE-2023/CVE-2023-306xx/CVE-2023-30689.json) (`2023-08-10T02:15:11.547`)
* [CVE-2023-30691](CVE-2023/CVE-2023-306xx/CVE-2023-30691.json) (`2023-08-10T02:15:11.630`)
* [CVE-2023-30693](CVE-2023/CVE-2023-306xx/CVE-2023-30693.json) (`2023-08-10T02:15:11.730`)
* [CVE-2023-30694](CVE-2023/CVE-2023-306xx/CVE-2023-30694.json) (`2023-08-10T02:15:11.817`)
* [CVE-2023-30695](CVE-2023/CVE-2023-306xx/CVE-2023-30695.json) (`2023-08-10T02:15:11.903`)
* [CVE-2023-30696](CVE-2023/CVE-2023-306xx/CVE-2023-30696.json) (`2023-08-10T02:15:12.000`)
* [CVE-2023-30697](CVE-2023/CVE-2023-306xx/CVE-2023-30697.json) (`2023-08-10T02:15:12.077`)
* [CVE-2023-30698](CVE-2023/CVE-2023-306xx/CVE-2023-30698.json) (`2023-08-10T02:15:12.173`)
* [CVE-2023-30699](CVE-2023/CVE-2023-306xx/CVE-2023-30699.json) (`2023-08-10T02:15:12.267`)
* [CVE-2023-30700](CVE-2023/CVE-2023-307xx/CVE-2023-30700.json) (`2023-08-10T02:15:12.360`)
* [CVE-2023-30701](CVE-2023/CVE-2023-307xx/CVE-2023-30701.json) (`2023-08-10T02:15:12.453`)
* [CVE-2023-30702](CVE-2023/CVE-2023-307xx/CVE-2023-30702.json) (`2023-08-10T02:15:12.547`)
* [CVE-2023-30703](CVE-2023/CVE-2023-307xx/CVE-2023-30703.json) (`2023-08-10T02:15:12.650`)
* [CVE-2023-30704](CVE-2023/CVE-2023-307xx/CVE-2023-30704.json) (`2023-08-10T02:15:12.737`)
* [CVE-2023-30705](CVE-2023/CVE-2023-307xx/CVE-2023-30705.json) (`2023-08-10T02:15:12.827`)
* [CVE-2023-4276](CVE-2023/CVE-2023-42xx/CVE-2023-4276.json) (`2023-08-10T07:15:37.463`)
* [CVE-2023-4277](CVE-2023/CVE-2023-42xx/CVE-2023-4277.json) (`2023-08-10T07:15:37.797`)
### CVEs modified in the last Commit
Recently modified CVEs: `50`
Recently modified CVEs: `1`
* [CVE-2023-37689](CVE-2023/CVE-2023-376xx/CVE-2023-37689.json) (`2023-08-10T03:51:21.860`)
* [CVE-2023-37688](CVE-2023/CVE-2023-376xx/CVE-2023-37688.json) (`2023-08-10T03:51:26.577`)
* [CVE-2023-37687](CVE-2023/CVE-2023-376xx/CVE-2023-37687.json) (`2023-08-10T03:51:33.523`)
* [CVE-2023-3716](CVE-2023/CVE-2023-37xx/CVE-2023-3716.json) (`2023-08-10T03:51:39.830`)
* [CVE-2023-37686](CVE-2023/CVE-2023-376xx/CVE-2023-37686.json) (`2023-08-10T03:51:45.753`)
* [CVE-2023-37685](CVE-2023/CVE-2023-376xx/CVE-2023-37685.json) (`2023-08-10T03:51:51.393`)
* [CVE-2023-37684](CVE-2023/CVE-2023-376xx/CVE-2023-37684.json) (`2023-08-10T03:51:56.033`)
* [CVE-2023-37683](CVE-2023/CVE-2023-376xx/CVE-2023-37683.json) (`2023-08-10T03:52:02.250`)
* [CVE-2023-37682](CVE-2023/CVE-2023-376xx/CVE-2023-37682.json) (`2023-08-10T03:52:19.250`)
* [CVE-2023-27627](CVE-2023/CVE-2023-276xx/CVE-2023-27627.json) (`2023-08-10T03:52:24.867`)
* [CVE-2023-27415](CVE-2023/CVE-2023-274xx/CVE-2023-27415.json) (`2023-08-10T03:52:29.523`)
* [CVE-2023-25459](CVE-2023/CVE-2023-254xx/CVE-2023-25459.json) (`2023-08-10T03:52:36.750`)
* [CVE-2023-25063](CVE-2023/CVE-2023-250xx/CVE-2023-25063.json) (`2023-08-10T03:52:42.060`)
* [CVE-2023-24413](CVE-2023/CVE-2023-244xx/CVE-2023-24413.json) (`2023-08-10T03:52:49.223`)
* [CVE-2023-24409](CVE-2023/CVE-2023-244xx/CVE-2023-24409.json) (`2023-08-10T03:52:54.860`)
* [CVE-2023-23880](CVE-2023/CVE-2023-238xx/CVE-2023-23880.json) (`2023-08-10T03:53:01.917`)
* [CVE-2023-23877](CVE-2023/CVE-2023-238xx/CVE-2023-23877.json) (`2023-08-10T03:53:07.383`)
* [CVE-2023-23829](CVE-2023/CVE-2023-238xx/CVE-2023-23829.json) (`2023-08-10T03:53:11.417`)
* [CVE-2023-36692](CVE-2023/CVE-2023-366xx/CVE-2023-36692.json) (`2023-08-10T03:53:20.880`)
* [CVE-2023-32503](CVE-2023/CVE-2023-325xx/CVE-2023-32503.json) (`2023-08-10T03:53:30.737`)
* [CVE-2023-29099](CVE-2023/CVE-2023-290xx/CVE-2023-29099.json) (`2023-08-10T03:53:35.043`)
* [CVE-2023-27422](CVE-2023/CVE-2023-274xx/CVE-2023-27422.json) (`2023-08-10T03:53:43.490`)
* [CVE-2023-27421](CVE-2023/CVE-2023-274xx/CVE-2023-27421.json) (`2023-08-10T03:53:46.863`)
* [CVE-2023-27416](CVE-2023/CVE-2023-274xx/CVE-2023-27416.json) (`2023-08-10T03:53:51.343`)
* [CVE-2023-27412](CVE-2023/CVE-2023-274xx/CVE-2023-27412.json) (`2023-08-10T03:53:57.297`)
* [CVE-2023-3772](CVE-2023/CVE-2023-37xx/CVE-2023-3772.json) (`2023-08-10T06:15:42.903`)
## Download and Usage