admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-06-23T04:00:26.291121+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-06-23 04:00:29 +00:00
parent 5885053824
commit 6fc78e2e89
13 changed files with 421 additions and 31 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
CVE-2022/CVE-2022-471xx/CVE-2022-47184.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-47184",
"sourceIdentifier": "security@apache.org",
"published": "2023-06-14T08:15:08.633",
"lastModified": "2023-06-22T14:16:42.427",
"vulnStatus": "Analyzed",
"lastModified": "2023-06-23T03:15:08.847",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -110,6 +110,14 @@
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6GDCBNFDDW6ULW7CACJCPENI7BVDHM5O/",
"source": "security@apache.org"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FGWXNAEEVRUZ5JG4EJAIIFC3CI7LFETV/",
"source": "security@apache.org"
},
{
"url": "https://www.debian.org/security/2023/dsa-5435",
"source": "security@apache.org",

10
CVE-2023/CVE-2023-306xx/CVE-2023-30631.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-30631",
"sourceIdentifier": "security@apache.org",
"published": "2023-06-14T08:15:09.257",
"lastModified": "2023-06-22T04:15:08.770",
"lastModified": "2023-06-23T03:15:08.977",
"vulnStatus": "Modified",
"descriptions": [
{
@ -90,6 +90,14 @@
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6GDCBNFDDW6ULW7CACJCPENI7BVDHM5O/",
"source": "security@apache.org"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FGWXNAEEVRUZ5JG4EJAIIFC3CI7LFETV/",
"source": "security@apache.org"
},
{
"url": "https://www.debian.org/security/2023/dsa-5435",
"source": "security@apache.org"

67
CVE-2023/CVE-2023-311xx/CVE-2023-31142.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-31142",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-06-13T22:15:09.380",
"lastModified": "2023-06-14T03:37:44.217",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-23T02:10:50.210",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,10 +66,51 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:discourse:discourse:*:*:*:*:stable:*:*:*",
"versionEndExcluding": "3.0.4",
"matchCriteriaId": "E76C733A-34C7-43E4-8472-38BB12B2A746"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:discourse:discourse:3.1.0:beta1:*:*:beta:*:*:*",
"matchCriteriaId": "B9BBED17-A6BA-4F17-8814-8D8521F28375"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:discourse:discourse:3.1.0:beta2:*:*:beta:*:*:*",
"matchCriteriaId": "888B8ECF-EBE0-4821-82F6-B0026E95E407"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:discourse:discourse:3.1.0:beta3:*:*:beta:*:*:*",
"matchCriteriaId": "FD0302B1-C0BA-49EE-8E1B-E8A43879BFC2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:discourse:discourse:3.1.0:beta4:*:*:beta:*:*:*",
"matchCriteriaId": "1C4CEDDE-1495-4C7B-850A-0DABC6C3A42F"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/discourse/discourse/security/advisories/GHSA-286w-97m2-78x2",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
}
]
}

67
CVE-2023/CVE-2023-320xx/CVE-2023-32061.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32061",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-06-13T22:15:09.477",
"lastModified": "2023-06-14T03:37:44.217",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-23T02:07:34.340",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,10 +66,51 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:discourse:discourse:*:*:*:*:stable:*:*:*",
"versionEndExcluding": "3.0.4",
"matchCriteriaId": "E76C733A-34C7-43E4-8472-38BB12B2A746"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:discourse:discourse:3.1.0:beta1:*:*:beta:*:*:*",
"matchCriteriaId": "B9BBED17-A6BA-4F17-8814-8D8521F28375"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:discourse:discourse:3.1.0:beta2:*:*:beta:*:*:*",
"matchCriteriaId": "888B8ECF-EBE0-4821-82F6-B0026E95E407"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:discourse:discourse:3.1.0:beta3:*:*:beta:*:*:*",
"matchCriteriaId": "FD0302B1-C0BA-49EE-8E1B-E8A43879BFC2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:discourse:discourse:3.1.0:beta4:*:*:beta:*:*:*",
"matchCriteriaId": "1C4CEDDE-1495-4C7B-850A-0DABC6C3A42F"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/discourse/discourse/security/advisories/GHSA-prx4-49m8-874g",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
}
]
}

67
CVE-2023/CVE-2023-323xx/CVE-2023-32301.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32301",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-06-13T22:15:09.560",
"lastModified": "2023-06-14T03:37:44.217",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-23T02:05:03.373",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,10 +66,51 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:discourse:discourse:*:*:*:*:stable:*:*:*",
"versionEndExcluding": "3.0.4",
"matchCriteriaId": "E76C733A-34C7-43E4-8472-38BB12B2A746"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:discourse:discourse:3.1.0:beta1:*:*:beta:*:*:*",
"matchCriteriaId": "B9BBED17-A6BA-4F17-8814-8D8521F28375"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:discourse:discourse:3.1.0:beta2:*:*:beta:*:*:*",
"matchCriteriaId": "888B8ECF-EBE0-4821-82F6-B0026E95E407"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:discourse:discourse:3.1.0:beta3:*:*:beta:*:*:*",
"matchCriteriaId": "FD0302B1-C0BA-49EE-8E1B-E8A43879BFC2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:discourse:discourse:3.1.0:beta4:*:*:beta:*:*:*",
"matchCriteriaId": "1C4CEDDE-1495-4C7B-850A-0DABC6C3A42F"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/discourse/discourse/security/advisories/GHSA-p2jx-m2j5-hqh4",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
}
]
}

6
CVE-2023/CVE-2023-331xx/CVE-2023-33140.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-33140",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-06-14T00:15:12.433",
"lastModified": "2023-06-22T15:15:13.153",
"lastModified": "2023-06-23T02:15:09.383",
"vulnStatus": "Modified",
"descriptions": [
{
@ -84,10 +84,6 @@
}
],
"references": [
{
"url": "http://packetstormsecurity.com/files/173064/Microsoft-OneNote-2305-Build-16.0.16501.20074-Spoofing.html",
"source": "secure@microsoft.com"
},
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33140",
"source": "secure@microsoft.com",

43
CVE-2023/CVE-2023-331xx/CVE-2023-33141.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-33141",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-06-23T02:15:09.513",
"lastModified": "2023-06-23T02:15:09.513",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Yet Another Reverse Proxy (YARP) Denial of Service Vulnerability"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33141",
"source": "secure@microsoft.com"
}
]
}

86
CVE-2023/CVE-2023-336xx/CVE-2023-33620.json
View File

@ -2,27 +2,101 @@
"id": "CVE-2023-33620",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-13T17:15:14.863",
"lastModified": "2023-06-13T18:27:41.330",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-23T02:14:55.850",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "GL.iNET GL-AR750S-Ext firmware v3.215 uses an insecure protocol in its communications which allows attackers to eavesdrop via a man-in-the-middle attack."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-522"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:gl-ar750s_firmware:3.215:*:*:*:*:*:*:*",
"matchCriteriaId": "99E78333-5DE5-4577-8DE2-5C0C8B4EE5BB"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:gl-ar750s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8C939D70-5353-43B7-AEF9-8F1D784DD4EF"
}
]
}
]
}
],
"references": [
{
"url": "http://gl-ar750s-ext.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
},
{
"url": "http://glinet.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://justinapplegate.me/2023/glinet-CVE-2023-33620/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

10
CVE-2023/CVE-2023-339xx/CVE-2023-33933.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-33933",
"sourceIdentifier": "security@apache.org",
"published": "2023-06-14T08:15:09.323",
"lastModified": "2023-06-22T04:15:08.917",
"lastModified": "2023-06-23T03:15:09.067",
"vulnStatus": "Modified",
"descriptions": [
{
@ -90,6 +90,14 @@
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6GDCBNFDDW6ULW7CACJCPENI7BVDHM5O/",
"source": "security@apache.org"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FGWXNAEEVRUZ5JG4EJAIIFC3CI7LFETV/",
"source": "security@apache.org"
},
{
"url": "https://www.debian.org/security/2023/dsa-5435",
"source": "security@apache.org"

20
CVE-2023/CVE-2023-361xx/CVE-2023-36191.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-36191",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-23T02:15:09.597",
"lastModified": "2023-06-23T02:15:09.597",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "sqlite3 v3.40.1 was discovered to contain a segmentation violation at /sqlite3_aflpp/shell.c."
}
],
"metrics": {},
"references": [
{
"url": "https://www.sqlite.org/forum/forumpost/19f55ef73b",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-361xx/CVE-2023-36192.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-36192",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-23T02:15:09.650",
"lastModified": "2023-06-23T02:15:09.650",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Sngrep v1.6.0 was discovered to contain a heap buffer overflow via the function capture_ws_check_packet at /src/capture.c."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/irontec/sngrep/issues/438",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-361xx/CVE-2023-36193.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-36193",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-23T02:15:09.703",
"lastModified": "2023-06-23T02:15:09.703",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Gifsicle v1.9.3 was discovered to contain a heap buffer overflow via the ambiguity_error component at /src/clp.c."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/kohler/gifsicle/issues/191",
"source": "cve@mitre.org"
}
]
}

24
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-06-23T02:00:26.476982+00:00
2023-06-23T04:00:26.291121+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-06-23T01:15:11.723000+00:00
2023-06-23T03:15:09.067000+00:00
```
### Last Data Feed Release
@ -29,21 +29,31 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
218312
218316
```
### CVEs added in the last Commit
Recently added CVEs: `0`
Recently added CVEs: `4`
* [CVE-2023-33141](CVE-2023/CVE-2023-331xx/CVE-2023-33141.json) (`2023-06-23T02:15:09.513`)
* [CVE-2023-36191](CVE-2023/CVE-2023-361xx/CVE-2023-36191.json) (`2023-06-23T02:15:09.597`)
* [CVE-2023-36192](CVE-2023/CVE-2023-361xx/CVE-2023-36192.json) (`2023-06-23T02:15:09.650`)
* [CVE-2023-36193](CVE-2023/CVE-2023-361xx/CVE-2023-36193.json) (`2023-06-23T02:15:09.703`)
### CVEs modified in the last Commit
Recently modified CVEs: `2`
Recently modified CVEs: `8`
* [CVE-2019-6706](CVE-2019/CVE-2019-67xx/CVE-2019-6706.json) (`2023-06-23T01:15:11.383`)
* [CVE-2020-24370](CVE-2020/CVE-2020-243xx/CVE-2020-24370.json) (`2023-06-23T01:15:11.723`)
* [CVE-2022-47184](CVE-2022/CVE-2022-471xx/CVE-2022-47184.json) (`2023-06-23T03:15:08.847`)
* [CVE-2023-32301](CVE-2023/CVE-2023-323xx/CVE-2023-32301.json) (`2023-06-23T02:05:03.373`)
* [CVE-2023-32061](CVE-2023/CVE-2023-320xx/CVE-2023-32061.json) (`2023-06-23T02:07:34.340`)
* [CVE-2023-31142](CVE-2023/CVE-2023-311xx/CVE-2023-31142.json) (`2023-06-23T02:10:50.210`)
* [CVE-2023-33620](CVE-2023/CVE-2023-336xx/CVE-2023-33620.json) (`2023-06-23T02:14:55.850`)
* [CVE-2023-33140](CVE-2023/CVE-2023-331xx/CVE-2023-33140.json) (`2023-06-23T02:15:09.383`)
* [CVE-2023-30631](CVE-2023/CVE-2023-306xx/CVE-2023-30631.json) (`2023-06-23T03:15:08.977`)
* [CVE-2023-33933](CVE-2023/CVE-2023-339xx/CVE-2023-33933.json) (`2023-06-23T03:15:09.067`)
## Download and Usage