admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-06-26T14:00:34.416933+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-06-26 14:00:37 +00:00
parent e11dfa50db
commit 7419faa12a
38 changed files with 687 additions and 94 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
CVE-2015/CVE-2015-201xx/CVE-2015-20109.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2015-20109",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-25T17:15:14.187",
"lastModified": "2023-06-25T17:15:14.187",
"vulnStatus": "Received",
"lastModified": "2023-06-26T13:02:36.297",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-11xx/CVE-2023-1150.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-1150",
"sourceIdentifier": "info@cert.vde.com",
"published": "2023-06-26T07:15:08.877",
"lastModified": "2023-06-26T07:15:08.877",
"vulnStatus": "Received",
"lastModified": "2023-06-26T13:02:32.107",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-16xx/CVE-2023-1619.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-1619",
"sourceIdentifier": "info@cert.vde.com",
"published": "2023-06-26T07:15:09.090",
"lastModified": "2023-06-26T07:15:09.090",
"vulnStatus": "Received",
"lastModified": "2023-06-26T13:02:32.107",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-16xx/CVE-2023-1620.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-1620",
"sourceIdentifier": "info@cert.vde.com",
"published": "2023-06-26T07:15:09.197",
"lastModified": "2023-06-26T07:15:09.197",
"vulnStatus": "Received",
"lastModified": "2023-06-26T13:02:32.107",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-223xx/CVE-2023-22359.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-22359",
"sourceIdentifier": "security@checkmk.com",
"published": "2023-06-26T07:15:09.297",
"lastModified": "2023-06-26T07:15:09.297",
"vulnStatus": "Received",
"lastModified": "2023-06-26T13:02:32.107",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-289xx/CVE-2023-28988.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28988",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-06-26T06:15:09.127",
"lastModified": "2023-06-26T06:15:09.127",
"vulnStatus": "Received",
"lastModified": "2023-06-26T13:02:32.107",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-289xx/CVE-2023-28991.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28991",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-06-26T06:15:10.187",
"lastModified": "2023-06-26T06:15:10.187",
"vulnStatus": "Received",
"lastModified": "2023-06-26T13:02:32.107",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-289xx/CVE-2023-28992.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28992",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-06-26T06:15:10.593",
"lastModified": "2023-06-26T06:15:10.593",
"vulnStatus": "Received",
"lastModified": "2023-06-26T13:02:32.107",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-290xx/CVE-2023-29093.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-29093",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-06-26T06:15:10.773",
"lastModified": "2023-06-26T06:15:10.773",
"vulnStatus": "Received",
"lastModified": "2023-06-26T13:02:32.107",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-294xx/CVE-2023-29423.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-29423",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-06-26T08:15:09.050",
"lastModified": "2023-06-26T08:15:09.050",
"vulnStatus": "Received",
"lastModified": "2023-06-26T13:02:32.107",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-294xx/CVE-2023-29424.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-29424",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-06-26T08:15:09.137",
"lastModified": "2023-06-26T08:15:09.137",
"vulnStatus": "Received",
"lastModified": "2023-06-26T13:02:32.107",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-294xx/CVE-2023-29427.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-29427",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-06-26T09:15:09.620",
"lastModified": "2023-06-26T09:15:09.620",
"vulnStatus": "Received",
"lastModified": "2023-06-26T13:02:32.107",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

6
CVE-2023/CVE-2023-294xx/CVE-2023-29430.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-29430",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-06-26T10:15:09.353",
"lastModified": "2023-06-26T10:15:09.353",
"vulnStatus": "Received",
"lastModified": "2023-06-26T13:15:09.407",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in CTHthemes TheRoof plugin <=\u00a01.0.3 versions."
"value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in CTHthemes TheRoof theme <=\u00a01.0.3 versions."
}
],
"metrics": {

4
CVE-2023/CVE-2023-294xx/CVE-2023-29434.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-29434",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-06-26T11:15:09.760",
"lastModified": "2023-06-26T11:15:09.760",
"vulnStatus": "Received",
"lastModified": "2023-06-26T13:02:32.107",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

55
CVE-2023/CVE-2023-294xx/CVE-2023-29435.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-29435",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-06-26T12:15:09.440",
"lastModified": "2023-06-26T13:02:32.107",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Zwaply Cryptocurrency All-in-One plugin <=\u00a03.0.19 versions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/cryptocurrency-prices/wordpress-cryptocurrency-all-in-one-plugin-3-0-19-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

4
CVE-2023/CVE-2023-294xx/CVE-2023-29436.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-29436",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-06-26T11:15:09.833",
"lastModified": "2023-06-26T11:15:09.833",
"vulnStatus": "Received",
"lastModified": "2023-06-26T13:02:32.107",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

55
CVE-2023/CVE-2023-294xx/CVE-2023-29437.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-29437",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-06-26T13:15:09.493",
"lastModified": "2023-06-26T13:15:09.493",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Steven A. Zahm Connections Business Directory plugin <=\u00a010.4.36 versions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/connections/wordpress-connections-business-directory-plugin-10-4-36-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2023/CVE-2023-294xx/CVE-2023-29438.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-29438",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-06-26T13:15:09.560",
"lastModified": "2023-06-26T13:15:09.560",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Eric Martin SimpleModal Contact Form (SMCF) plugin <=\u00a01.2.9 versions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/simplemodal-contact-form-smcf/wordpress-simplemodal-contact-form-smcf-plugin-1-2-9-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

94
CVE-2023/CVE-2023-317xx/CVE-2023-31746.json
View File

@ -2,31 +2,111 @@
"id": "CVE-2023-31746",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-14T21:15:09.610",
"lastModified": "2023-06-14T21:27:19.783",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-26T13:50:53.057",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "There is a command injection vulnerability in the adslr VW2100 router with firmware version M1DV1.0. An unauthenticated attacker can exploit the vulnerability to execute system commands as the root user."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:vw2100_project:vw2100_firmware:m1dv1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "54F828F5-42F4-4E05-B678-F13BDF90CC6B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:vw2100_project:vw2100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8B8AF18C-9150-4081-99A4-BB7C17F0066C"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/D2y6p/CVE/blob/main/adslr/CVE-2023-31746/1/VW2100_RCE1.pdf",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory"
]
},
{
"url": "https://github.com/D2y6p/CVE/blob/main/adslr/CVE-2023-31746/2/VW2100_RCE2.pdf",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory"
]
},
{
"url": "https://github.com/D2y6p/CVE/blob/main/adslr/CVE-2023-31746/3/VW2100_RCE3.pdf",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory"
]
},
{
"url": "https://github.com/D2y6p/CVE/blob/main/adslr/CVE-2023-31746/4/VW2100_RCE4.pdf",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory"
]
}
]
}

81
CVE-2023/CVE-2023-321xx/CVE-2023-32115.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32115",
"sourceIdentifier": "cna@sap.com",
"published": "2023-06-13T03:15:09.473",
"lastModified": "2023-06-13T13:00:47.863",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-26T13:55:12.110",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 4.2
},
{
"source": "cna@sap.com",
"type": "Secondary",
@ -46,14 +66,67 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:master_data_synchronization:600:*:*:*:*:*:*:*",
"matchCriteriaId": "164BE6C3-871C-49C1-8CCD-FD2659F4C6EF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:master_data_synchronization:602:*:*:*:*:*:*:*",
"matchCriteriaId": "DEF40ABC-A7D1-408C-A281-DEA0BC688291"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:master_data_synchronization:603:*:*:*:*:*:*:*",
"matchCriteriaId": "85319F2E-8910-46EB-B6EE-FFF2425EE076"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:master_data_synchronization:604:*:*:*:*:*:*:*",
"matchCriteriaId": "195E9910-DFA1-44A9-86E2-B389B442CFE1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:master_data_synchronization:605:*:*:*:*:*:*:*",
"matchCriteriaId": "EC29B5FE-7642-4775-A74F-43B2E6A3F114"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:master_data_synchronization:606:*:*:*:*:*:*:*",
"matchCriteriaId": "95441179-BD7B-4E68-AB77-BC9739D28BE3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:master_data_synchronization:616:*:*:*:*:*:*:*",
"matchCriteriaId": "25F1FC67-7AA7-4E93-8A55-9C25CD7A051D"
}
]
}
]
}
],
"references": [
{
"url": "https://launchpad.support.sap.com/#/notes/1794761",
"source": "cna@sap.com"
"source": "cna@sap.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html",
"source": "cna@sap.com"
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-33xx/CVE-2023-3396.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3396",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-06-25T19:15:09.027",
"lastModified": "2023-06-25T19:15:09.027",
"vulnStatus": "Received",
"lastModified": "2023-06-26T13:02:36.297",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-33xx/CVE-2023-3398.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3398",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-06-26T11:15:09.917",
"lastModified": "2023-06-26T11:15:09.917",
"vulnStatus": "Received",
"lastModified": "2023-06-26T13:02:32.107",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

67
CVE-2023/CVE-2023-347xx/CVE-2023-34797.json
View File

@ -2,19 +2,78 @@
"id": "CVE-2023-34797",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-15T21:15:09.637",
"lastModified": "2023-06-16T03:19:08.410",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-26T13:24:20.443",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Broken access control in the Registration page (/Registration.aspx) of Termenos CWX v8.5.6 allows attackers to access sensitive information."
},
{
"lang": "es",
"value": "Un control de acceso defectuoso en la p\u00e1gina de registro (/Registration.aspx) de Termenos CWX v8.5.6 permite a los atacantes acceder a informaci\u00f3n confidencial. "
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-732"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:temenos:cwx:8.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "6FF60BBC-5444-474E-AD80-2C22E21FD71A"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/WhiteBearVN/CWX-Registration-Broken-Access-Control",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
}
]
}

63
CVE-2023/CVE-2023-348xx/CVE-2023-34833.json
View File

@ -2,19 +2,74 @@
"id": "CVE-2023-34833",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-15T18:15:09.427",
"lastModified": "2023-06-15T20:46:39.603",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-26T13:44:48.833",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An arbitrary file upload vulnerability in the component /api/upload.php of ThinkAdmin v6 allows attackers to execute arbitrary code via a crafted file."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ctolog:thinkadmin:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3577B4F6-D4E9-4834-8761-D18D387276AD"
}
]
}
]
}
],
"references": [
{
"url": "https://note.youdao.com/s/3tge43wH",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
}
]
}

64
CVE-2023/CVE-2023-348xx/CVE-2023-34880.json
View File

@ -2,19 +2,75 @@
"id": "CVE-2023-34880",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-15T17:15:09.987",
"lastModified": "2023-06-15T20:46:39.603",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-26T13:29:58.467",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "cmseasy v7.7.7.7 20230520 was discovered to contain a path traversal vulnerability via the add_action method at lib/admin/language_admin.php. This vulnerability allows attackers to execute arbitrary code and perform a local file inclusion."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cmseasy:cmseasy:7.7.7.7:20230520:*:*:*:*:*:*",
"matchCriteriaId": "462A1882-80AC-4BFE-8A66-344EF5B6835E"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.pumpk1n.com/2023/06/06/cmseasy-v7-7-7-7-20230520-path-traversal/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

69
CVE-2023/CVE-2023-351xx/CVE-2023-35148.json
View File

@ -2,23 +2,82 @@
"id": "CVE-2023-35148",
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"published": "2023-06-14T13:15:12.220",
"lastModified": "2023-06-14T15:30:58.900",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-26T12:55:34.460",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A cross-site request forgery (CSRF) vulnerability in Jenkins Digital.ai App Management Publisher Plugin 2.6 and earlier allows attackers to connect to an attacker-specified URL, capturing credentials stored in Jenkins."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:jenkins:digital.ai_app_management_publisher:*:*:*:*:*:jenkins:*:*",
"versionEndIncluding": "2.6",
"matchCriteriaId": "31136FAA-31BD-4EA7-90BA-7CB4E6989737"
}
]
}
]
}
],
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2023/06/14/5",
"source": "jenkinsci-cert@googlegroups.com"
"source": "jenkinsci-cert@googlegroups.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://www.jenkins.io/security/advisory/2023-06-14/#SECURITY-2911",
"source": "jenkinsci-cert@googlegroups.com"
"source": "jenkinsci-cert@googlegroups.com",
"tags": [
"Vendor Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-366xx/CVE-2023-36612.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36612",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-25T03:15:46.183",
"lastModified": "2023-06-25T03:15:46.183",
"vulnStatus": "Received",
"lastModified": "2023-06-26T13:02:36.297",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-366xx/CVE-2023-36630.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36630",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-25T16:15:09.480",
"lastModified": "2023-06-25T16:15:09.480",
"vulnStatus": "Received",
"lastModified": "2023-06-26T13:02:36.297",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

24
CVE-2023/CVE-2023-366xx/CVE-2023-36631.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-36631",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-26T12:15:09.523",
"lastModified": "2023-06-26T13:02:32.107",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "** DISPUTED ** Lack of access control in wfc.exe in Malwarebytes Binisoft Windows Firewall Control 6.9.2.0 allows local unprivileged users to bypass Windows Firewall restrictions via the user interface's rules tab. NOTE: the vendor's perspective is \"this is intended behavior as the application can be locked using a password.\""
}
],
"metrics": {},
"references": [
{
"url": "https://hackerone.com/reports/2000375",
"source": "cve@mitre.org"
},
{
"url": "https://www.bencteux.fr/posts/malwarebytes_wfc/",
"source": "cve@mitre.org"
}
]
}

4
CVE-2023/CVE-2023-366xx/CVE-2023-36632.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36632",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-25T18:15:09.313",
"lastModified": "2023-06-25T18:15:09.313",
"vulnStatus": "Received",
"lastModified": "2023-06-26T13:02:36.297",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-366xx/CVE-2023-36660.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36660",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-25T22:15:21.337",
"lastModified": "2023-06-25T22:15:21.337",
"vulnStatus": "Received",
"lastModified": "2023-06-26T13:02:36.297",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-366xx/CVE-2023-36661.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36661",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-25T22:15:21.403",
"lastModified": "2023-06-25T22:15:21.403",
"vulnStatus": "Received",
"lastModified": "2023-06-26T13:02:36.297",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-366xx/CVE-2023-36662.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36662",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-26T01:15:09.110",
"lastModified": "2023-06-26T01:15:09.110",
"vulnStatus": "Received",
"lastModified": "2023-06-26T13:02:32.107",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-366xx/CVE-2023-36663.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36663",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-25T21:15:11.967",
"lastModified": "2023-06-25T21:15:11.967",
"vulnStatus": "Received",
"lastModified": "2023-06-26T13:02:36.297",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-366xx/CVE-2023-36664.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36664",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-25T22:15:21.463",
"lastModified": "2023-06-25T22:15:21.463",
"vulnStatus": "Received",
"lastModified": "2023-06-26T13:02:36.297",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-366xx/CVE-2023-36666.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36666",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-25T22:15:21.527",
"lastModified": "2023-06-25T22:15:21.527",
"vulnStatus": "Received",
"lastModified": "2023-06-26T13:02:32.107",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-366xx/CVE-2023-36675.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36675",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-26T01:15:09.203",
"lastModified": "2023-06-26T01:15:09.203",
"vulnStatus": "Received",
"lastModified": "2023-06-26T13:02:32.107",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

44
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-06-26T12:00:37.293177+00:00
2023-06-26T14:00:34.416933+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-06-26T11:15:09.917000+00:00
2023-06-26T13:55:12.110000+00:00
```
### Last Data Feed Release
@ -29,26 +29,48 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
218537
218541
```
### CVEs added in the last Commit
Recently added CVEs: `4`
* [CVE-2023-29430](CVE-2023/CVE-2023-294xx/CVE-2023-29430.json) (`2023-06-26T10:15:09.353`)
* [CVE-2023-29434](CVE-2023/CVE-2023-294xx/CVE-2023-29434.json) (`2023-06-26T11:15:09.760`)
* [CVE-2023-29436](CVE-2023/CVE-2023-294xx/CVE-2023-29436.json) (`2023-06-26T11:15:09.833`)
* [CVE-2023-3398](CVE-2023/CVE-2023-33xx/CVE-2023-3398.json) (`2023-06-26T11:15:09.917`)
* [CVE-2023-29435](CVE-2023/CVE-2023-294xx/CVE-2023-29435.json) (`2023-06-26T12:15:09.440`)
* [CVE-2023-36631](CVE-2023/CVE-2023-366xx/CVE-2023-36631.json) (`2023-06-26T12:15:09.523`)
* [CVE-2023-29437](CVE-2023/CVE-2023-294xx/CVE-2023-29437.json) (`2023-06-26T13:15:09.493`)
* [CVE-2023-29438](CVE-2023/CVE-2023-294xx/CVE-2023-29438.json) (`2023-06-26T13:15:09.560`)
### CVEs modified in the last Commit
Recently modified CVEs: `3`
Recently modified CVEs: `33`
* [CVE-2022-25168](CVE-2022/CVE-2022-251xx/CVE-2022-25168.json) (`2023-06-26T11:15:09.370`)
* [CVE-2022-25371](CVE-2022/CVE-2022-253xx/CVE-2022-25371.json) (`2023-06-26T11:15:09.543`)
* [CVE-2022-45802](CVE-2022/CVE-2022-458xx/CVE-2022-45802.json) (`2023-06-26T11:15:09.653`)
* [CVE-2023-29093](CVE-2023/CVE-2023-290xx/CVE-2023-29093.json) (`2023-06-26T13:02:32.107`)
* [CVE-2023-1150](CVE-2023/CVE-2023-11xx/CVE-2023-1150.json) (`2023-06-26T13:02:32.107`)
* [CVE-2023-1619](CVE-2023/CVE-2023-16xx/CVE-2023-1619.json) (`2023-06-26T13:02:32.107`)
* [CVE-2023-1620](CVE-2023/CVE-2023-16xx/CVE-2023-1620.json) (`2023-06-26T13:02:32.107`)
* [CVE-2023-22359](CVE-2023/CVE-2023-223xx/CVE-2023-22359.json) (`2023-06-26T13:02:32.107`)
* [CVE-2023-29423](CVE-2023/CVE-2023-294xx/CVE-2023-29423.json) (`2023-06-26T13:02:32.107`)
* [CVE-2023-29424](CVE-2023/CVE-2023-294xx/CVE-2023-29424.json) (`2023-06-26T13:02:32.107`)
* [CVE-2023-29427](CVE-2023/CVE-2023-294xx/CVE-2023-29427.json) (`2023-06-26T13:02:32.107`)
* [CVE-2023-29434](CVE-2023/CVE-2023-294xx/CVE-2023-29434.json) (`2023-06-26T13:02:32.107`)
* [CVE-2023-29436](CVE-2023/CVE-2023-294xx/CVE-2023-29436.json) (`2023-06-26T13:02:32.107`)
* [CVE-2023-3398](CVE-2023/CVE-2023-33xx/CVE-2023-3398.json) (`2023-06-26T13:02:32.107`)
* [CVE-2023-36612](CVE-2023/CVE-2023-366xx/CVE-2023-36612.json) (`2023-06-26T13:02:36.297`)
* [CVE-2023-36630](CVE-2023/CVE-2023-366xx/CVE-2023-36630.json) (`2023-06-26T13:02:36.297`)
* [CVE-2023-36632](CVE-2023/CVE-2023-366xx/CVE-2023-36632.json) (`2023-06-26T13:02:36.297`)
* [CVE-2023-3396](CVE-2023/CVE-2023-33xx/CVE-2023-3396.json) (`2023-06-26T13:02:36.297`)
* [CVE-2023-36663](CVE-2023/CVE-2023-366xx/CVE-2023-36663.json) (`2023-06-26T13:02:36.297`)
* [CVE-2023-36660](CVE-2023/CVE-2023-366xx/CVE-2023-36660.json) (`2023-06-26T13:02:36.297`)
* [CVE-2023-36661](CVE-2023/CVE-2023-366xx/CVE-2023-36661.json) (`2023-06-26T13:02:36.297`)
* [CVE-2023-36664](CVE-2023/CVE-2023-366xx/CVE-2023-36664.json) (`2023-06-26T13:02:36.297`)
* [CVE-2023-29430](CVE-2023/CVE-2023-294xx/CVE-2023-29430.json) (`2023-06-26T13:15:09.407`)
* [CVE-2023-34797](CVE-2023/CVE-2023-347xx/CVE-2023-34797.json) (`2023-06-26T13:24:20.443`)
* [CVE-2023-34880](CVE-2023/CVE-2023-348xx/CVE-2023-34880.json) (`2023-06-26T13:29:58.467`)
* [CVE-2023-34833](CVE-2023/CVE-2023-348xx/CVE-2023-34833.json) (`2023-06-26T13:44:48.833`)
* [CVE-2023-31746](CVE-2023/CVE-2023-317xx/CVE-2023-31746.json) (`2023-06-26T13:50:53.057`)
* [CVE-2023-32115](CVE-2023/CVE-2023-321xx/CVE-2023-32115.json) (`2023-06-26T13:55:12.110`)
## Download and Usage