admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-07 19:16:29 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-01-05T15:00:24.681055+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-01-05 15:00:28 +00:00
parent 7eb516a88e
commit 74e70d9a3f
37 changed files with 1120 additions and 130 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
CVE-2014/CVE-2014-60xx/CVE-2014-6059.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2014-6059",
"sourceIdentifier": "cve@mitre.org",
"published": "2020-01-13T13:15:12.380",
"lastModified": "2020-01-24T15:16:33.580",
"lastModified": "2024-01-05T14:36:21.020",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -84,9 +84,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:advanced_access_manager_project:advanced_access_manager:*:*:*:*:*:wordpress:*:*",
"criteria": "cpe:2.3:a:vasyltech:advanced_access_manager:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.8.2",
"matchCriteriaId": "B0EE2E7F-82CA-484B-8FBE-E99A6FD32D3D"
"matchCriteriaId": "3C6D0E1F-7791-4C73-A73F-3799A2262362"
}
]
}

6
CVE-2020/CVE-2020-359xx/CVE-2020-35934.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2020-35934",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-01-01T02:15:13.333",
"lastModified": "2021-07-21T11:39:23.747",
"lastModified": "2024-01-05T14:36:21.020",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -104,9 +104,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:advanced_access_manager_project:advanced_access_manager:*:*:*:*:*:wordpress:*:*",
"criteria": "cpe:2.3:a:vasyltech:advanced_access_manager:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "6.6.2",
"matchCriteriaId": "B99D4B5A-3CD2-4128-B75A-2DB5CEE46C11"
"matchCriteriaId": "ADE1D902-C8EF-4D7D-8E55-415F394565A3"
}
]
}

6
CVE-2020/CVE-2020-359xx/CVE-2020-35935.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2020-35935",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-01-01T02:15:13.393",
"lastModified": "2021-07-21T11:39:23.747",
"lastModified": "2024-01-05T14:36:21.020",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -104,9 +104,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:advanced_access_manager_project:advanced_access_manager:*:*:*:*:*:wordpress:*:*",
"criteria": "cpe:2.3:a:vasyltech:advanced_access_manager:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "6.6.2",
"matchCriteriaId": "B99D4B5A-3CD2-4128-B75A-2DB5CEE46C11"
"matchCriteriaId": "ADE1D902-C8EF-4D7D-8E55-415F394565A3"
}
]
}

6
CVE-2021/CVE-2021-248xx/CVE-2021-24830.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-24830",
"sourceIdentifier": "contact@wpscan.com",
"published": "2021-11-23T20:15:10.013",
"lastModified": "2021-11-24T17:25:37.837",
"lastModified": "2024-01-05T14:36:21.020",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -84,9 +84,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:advanced_access_manager_project:advanced_access_manager:*:*:*:*:*:wordpress:*:*",
"criteria": "cpe:2.3:a:vasyltech:advanced_access_manager:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "6.8.0",
"matchCriteriaId": "76B8A1A6-2961-487D-A9C5-681EAAA32F09"
"matchCriteriaId": "2F236E07-0A6D-4065-9B66-D7C8B36E6DB6"
}
]
}

10
CVE-2021/CVE-2021-317xx/CVE-2021-31799.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-31799",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-07-30T14:15:16.620",
"lastModified": "2022-06-28T14:11:45.273",
"vulnStatus": "Analyzed",
"lastModified": "2024-01-05T14:15:46.040",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -77,7 +77,6 @@
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
@ -128,7 +127,6 @@
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
@ -160,6 +158,10 @@
"Third Party Advisory"
]
},
{
"url": "https://security.gentoo.org/glsa/202401-05",
"source": "cve@mitre.org"
},
{
"url": "https://security.netapp.com/advisory/ntap-20210902-0004/",
"source": "cve@mitre.org",

47
CVE-2023/CVE-2023-226xx/CVE-2023-22676.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-22676",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-12-29T09:15:08.057",
"lastModified": "2023-12-29T13:56:33.383",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-05T13:56:25.487",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -50,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:andersthorborg:advanced_custom_fields\\:image_crop_add-on:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.4.12",
"matchCriteriaId": "58D131E4-1624-4DEF-91B2-8F82FCDE2CCA"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/acf-image-crop-add-on/wordpress-advanced-custom-fields-image-crop-add-on-plugin-1-4-12-broken-access-control?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

64
CVE-2023/CVE-2023-236xx/CVE-2023-23634.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-23634",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-12-29T07:15:10.430",
"lastModified": "2023-12-29T13:56:33.383",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-05T14:48:51.033",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,11 +14,67 @@
"value": "Vulnerabilidad de inyecci\u00f3n SQL en Documize versi\u00f3n 5.4.2, permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s del par\u00e1metro user del endpoint /api/dashboard/activity."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:documize:documize:5.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "436E773D-0076-4881-8A62-B59494DFF112"
}
]
}
]
}
],
"references": [
{
"url": "https://herolab.usd.de/en/security-advisories/usd-2022-0066/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

12
CVE-2023/CVE-2023-281xx/CVE-2023-28198.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-28198",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-08-14T23:15:10.830",
"lastModified": "2023-10-15T02:06:50.990",
"vulnStatus": "Analyzed",
"lastModified": "2024-01-05T14:15:46.227",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 16.4 and iPadOS 16.4, macOS Ventura 13.3. Processing web content may lead to arbitrary code execution."
},
{
"lang": "es",
"value": "Se ha solucionado un problema de use-after-free con una mejora en la gesti\u00f3n de memoria. Este problema se ha solucionado en iOS 16.4 y iPadOS 16.4, macOS Ventura 13.3. El procesamiento de contenido web puede dar lugar a la ejecuci\u00f3n de c\u00f3digo arbitrario."
}
],
"metrics": {
@ -108,6 +112,10 @@
"Third Party Advisory"
]
},
{
"url": "https://security.gentoo.org/glsa/202401-04",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213670",
"source": "product-security@apple.com",

6
CVE-2023/CVE-2023-282xx/CVE-2023-28204.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-28204",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:11.333",
"lastModified": "2023-07-27T04:15:22.920",
"lastModified": "2024-01-05T14:15:46.340",
"vulnStatus": "Modified",
"cisaExploitAdd": "2023-05-22",
"cisaActionDue": "2023-06-12",
@ -114,6 +114,10 @@
}
],
"references": [
{
"url": "https://security.gentoo.org/glsa/202401-04",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213757",
"source": "product-security@apple.com",

12
CVE-2023/CVE-2023-323xx/CVE-2023-32370.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-32370",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-09-06T02:15:09.070",
"lastModified": "2023-10-15T02:01:24.430",
"vulnStatus": "Analyzed",
"lastModified": "2024-01-05T14:15:46.447",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "A logic issue was addressed with improved validation. This issue is fixed in macOS Ventura 13.3. Content Security Policy to block domains with wildcards may fail."
},
{
"lang": "es",
"value": "Se abord\u00f3 un problema de l\u00f3gica con una comprobaci\u00f3n mejorada. Este problema es corregido en macOS Ventura 13.3. La pol\u00edtica de seguridad de contenido para bloquear dominios con wildcards podr\u00eda fallar."
}
],
"metrics": {
@ -96,6 +100,10 @@
"Third Party Advisory"
]
},
{
"url": "https://security.gentoo.org/glsa/202401-04",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213670",
"source": "product-security@apple.com",

8
CVE-2023/CVE-2023-323xx/CVE-2023-32373.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32373",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:12.007",
"lastModified": "2023-08-29T18:05:45.530",
"vulnStatus": "Analyzed",
"lastModified": "2024-01-05T14:15:46.537",
"vulnStatus": "Modified",
"cisaExploitAdd": "2023-05-22",
"cisaActionDue": "2023-06-12",
"cisaRequiredAction": "Apply updates per vendor instructions.",
@ -144,6 +144,10 @@
}
],
"references": [
{
"url": "https://security.gentoo.org/glsa/202401-04",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213757",
"source": "product-security@apple.com",

8
CVE-2023/CVE-2023-323xx/CVE-2023-32393.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32393",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-07-27T01:15:23.623",
"lastModified": "2023-08-01T19:53:34.003",
"vulnStatus": "Analyzed",
"lastModified": "2024-01-05T14:15:46.657",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -90,6 +90,10 @@
}
],
"references": [
{
"url": "https://security.gentoo.org/glsa/202401-04",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213599",
"source": "product-security@apple.com",

8
CVE-2023/CVE-2023-324xx/CVE-2023-32439.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32439",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:13.813",
"lastModified": "2023-11-10T05:15:08.367",
"vulnStatus": "Modified",
"lastModified": "2024-01-05T14:15:46.780",
"vulnStatus": "Undergoing Analysis",
"cisaExploitAdd": "2023-06-23",
"cisaActionDue": "2023-07-14",
"cisaRequiredAction": "Apply updates per vendor instructions.",
@ -102,6 +102,10 @@
}
],
"references": [
{
"url": "https://security.gentoo.org/glsa/202401-04",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213811",
"source": "product-security@apple.com",

8
CVE-2023/CVE-2023-374xx/CVE-2023-37450.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-37450",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-07-27T00:15:15.497",
"lastModified": "2023-08-02T00:54:49.737",
"vulnStatus": "Analyzed",
"lastModified": "2024-01-05T14:15:46.917",
"vulnStatus": "Modified",
"cisaExploitAdd": "2023-07-13",
"cisaActionDue": "2023-08-03",
"cisaRequiredAction": "Apply updates per vendor instructions or discontinue use of the product if updates are unavailable.",
@ -100,6 +100,10 @@
}
],
"references": [
{
"url": "https://security.gentoo.org/glsa/202401-04",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213826",
"source": "product-security@apple.com",

6
CVE-2023/CVE-2023-381xx/CVE-2023-38133.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-38133",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-07-27T00:15:15.620",
"lastModified": "2023-08-18T03:15:15.633",
"lastModified": "2024-01-05T14:15:47.027",
"vulnStatus": "Modified",
"descriptions": [
{
@ -122,6 +122,10 @@
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KQXJYKTGLKI6TJEFJCKPHCNY7PS72OER/",
"source": "product-security@apple.com"
},
{
"url": "https://security.gentoo.org/glsa/202401-04",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213841",
"source": "product-security@apple.com",

6
CVE-2023/CVE-2023-385xx/CVE-2023-38572.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-38572",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-07-27T01:15:36.913",
"lastModified": "2023-08-18T03:15:15.847",
"lastModified": "2024-01-05T14:15:47.123",
"vulnStatus": "Modified",
"descriptions": [
{
@ -125,6 +125,10 @@
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KQXJYKTGLKI6TJEFJCKPHCNY7PS72OER/",
"source": "product-security@apple.com"
},
{
"url": "https://security.gentoo.org/glsa/202401-04",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213841",
"source": "product-security@apple.com",

6
CVE-2023/CVE-2023-385xx/CVE-2023-38592.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-38592",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-07-28T05:15:10.873",
"lastModified": "2023-08-18T03:15:18.470",
"lastModified": "2024-01-05T14:15:47.227",
"vulnStatus": "Modified",
"descriptions": [
{
@ -107,6 +107,10 @@
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KQXJYKTGLKI6TJEFJCKPHCNY7PS72OER/",
"source": "product-security@apple.com"
},
{
"url": "https://security.gentoo.org/glsa/202401-04",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213841",
"source": "product-security@apple.com",

6
CVE-2023/CVE-2023-385xx/CVE-2023-38594.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-38594",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-07-27T00:15:15.887",
"lastModified": "2023-08-18T03:15:20.620",
"lastModified": "2024-01-05T14:15:47.353",
"vulnStatus": "Modified",
"descriptions": [
{
@ -122,6 +122,10 @@
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KQXJYKTGLKI6TJEFJCKPHCNY7PS72OER/",
"source": "product-security@apple.com"
},
{
"url": "https://security.gentoo.org/glsa/202401-04",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213841",
"source": "product-security@apple.com",

6
CVE-2023/CVE-2023-385xx/CVE-2023-38595.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-38595",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-07-27T01:15:37.767",
"lastModified": "2023-08-18T03:15:21.080",
"lastModified": "2024-01-05T14:15:47.447",
"vulnStatus": "Modified",
"descriptions": [
{
@ -111,6 +111,10 @@
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KQXJYKTGLKI6TJEFJCKPHCNY7PS72OER/",
"source": "product-security@apple.com"
},
{
"url": "https://security.gentoo.org/glsa/202401-04",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213841",
"source": "product-security@apple.com",

6
CVE-2023/CVE-2023-385xx/CVE-2023-38597.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-38597",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-07-27T00:15:16.030",
"lastModified": "2023-08-18T03:15:21.277",
"lastModified": "2024-01-05T14:15:47.557",
"vulnStatus": "Modified",
"descriptions": [
{
@ -110,6 +110,10 @@
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KQXJYKTGLKI6TJEFJCKPHCNY7PS72OER/",
"source": "product-security@apple.com"
},
{
"url": "https://security.gentoo.org/glsa/202401-04",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213841",
"source": "product-security@apple.com",

6
CVE-2023/CVE-2023-385xx/CVE-2023-38599.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-38599",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-07-28T05:15:10.997",
"lastModified": "2023-08-18T03:15:21.417",
"lastModified": "2024-01-05T14:15:47.670",
"vulnStatus": "Modified",
"descriptions": [
{
@ -125,6 +125,10 @@
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KQXJYKTGLKI6TJEFJCKPHCNY7PS72OER/",
"source": "product-security@apple.com"
},
{
"url": "https://security.gentoo.org/glsa/202401-04",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213841",
"source": "product-security@apple.com",

6
CVE-2023/CVE-2023-386xx/CVE-2023-38600.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-38600",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-07-27T01:15:38.187",
"lastModified": "2023-08-18T03:15:21.557",
"lastModified": "2024-01-05T14:15:47.753",
"vulnStatus": "Modified",
"descriptions": [
{
@ -111,6 +111,10 @@
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KQXJYKTGLKI6TJEFJCKPHCNY7PS72OER/",
"source": "product-security@apple.com"
},
{
"url": "https://security.gentoo.org/glsa/202401-04",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213841",
"source": "product-security@apple.com",

6
CVE-2023/CVE-2023-386xx/CVE-2023-38611.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-38611",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-07-27T01:15:39.303",
"lastModified": "2023-08-18T03:15:21.647",
"lastModified": "2024-01-05T14:15:47.830",
"vulnStatus": "Modified",
"descriptions": [
{
@ -111,6 +111,10 @@
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KQXJYKTGLKI6TJEFJCKPHCNY7PS72OER/",
"source": "product-security@apple.com"
},
{
"url": "https://security.gentoo.org/glsa/202401-04",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213841",
"source": "product-security@apple.com",

8
CVE-2023/CVE-2023-403xx/CVE-2023-40397.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-40397",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-09-06T21:15:13.850",
"lastModified": "2023-10-15T02:01:02.130",
"vulnStatus": "Analyzed",
"lastModified": "2024-01-05T14:15:47.920",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -99,6 +99,10 @@
"Third Party Advisory"
]
},
{
"url": "https://security.gentoo.org/glsa/202401-04",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213843",
"source": "product-security@apple.com",

6
CVE-2023/CVE-2023-429xx/CVE-2023-42916.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-42916",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-11-30T23:15:07.223",
"lastModified": "2023-12-13T03:15:47.770",
"lastModified": "2024-01-05T14:15:48.030",
"vulnStatus": "Modified",
"cisaExploitAdd": "2023-12-04",
"cisaActionDue": "2023-12-25",
@ -132,6 +132,10 @@
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P5LQS6VEI7VIZNC7QGQ62EOV45R5RJIR/",
"source": "product-security@apple.com"
},
{
"url": "https://security.gentoo.org/glsa/202401-04",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT214031",
"source": "product-security@apple.com",

6
CVE-2023/CVE-2023-429xx/CVE-2023-42917.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-42917",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-11-30T23:15:07.280",
"lastModified": "2023-12-13T03:15:47.857",
"lastModified": "2024-01-05T14:15:48.143",
"vulnStatus": "Modified",
"cisaExploitAdd": "2023-12-04",
"cisaActionDue": "2023-12-25",
@ -131,6 +131,10 @@
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P5LQS6VEI7VIZNC7QGQ62EOV45R5RJIR/",
"source": "product-security@apple.com"
},
{
"url": "https://security.gentoo.org/glsa/202401-04",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT214031",
"source": "product-security@apple.com",

6
CVE-2023/CVE-2023-458xx/CVE-2023-45866.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-45866",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-12-08T06:15:45.690",
"lastModified": "2023-12-22T01:15:11.510",
"lastModified": "2024-01-05T13:15:08.603",
"vulnStatus": "Modified",
"descriptions": [
{
@ -440,6 +440,10 @@
"Mailing List"
]
},
{
"url": "https://security.gentoo.org/glsa/202401-03",
"source": "cve@mitre.org"
},
{
"url": "https://support.apple.com/kb/HT214035",
"source": "cve@mitre.org",

373
CVE-2023/CVE-2023-504xx/CVE-2023-50445.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-50445",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-12-28T05:15:08.427",
"lastModified": "2023-12-28T15:09:53.403",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-05T14:37:38.527",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,11 +14,376 @@
"value": "Vulnerabilidad de inyecci\u00f3n de Shell\nGL.iNet A1300 v4.4.6\nAX1800 v4.4.6\nAXT1800 v4.4.6\nMT3000 v4.4.6\nMT2500 v4.4.6\nMT6000 v4.5.0\nMT1300 v4.3.7\nMT300N-V2 v4.3.7\nAR750S v4 .3.7\nAR750 v4.3.7\nAR300M v4.3.7\nB1300 v4.3.7.\nPermite a atacantes locales ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de las funciones get_system_log y get_crash_log del m\u00f3dulo logread, as\u00ed como la funci\u00f3n Upgrade_online del m\u00f3dulo de actualizaci\u00f3n."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:gl-mt1300_firmware:4.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D462B247-60E8-4044-B413-D145F342F8BA"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:gl-mt1300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65A8D1C9-9EAE-4EDF-A1D4-D45E9EE65585"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:gl-mt300n-v2_firmware:4.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7469E6FA-07DB-430D-BAD8-21AF64C55FBA"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:gl-mt300n-v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA4A042E-2C80-4EF9-93CA-D2756216BB0C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:gl-ar750s_firmware:4.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "4037EFB4-EA0A-4C89-800A-2990AA8BC185"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:gl-ar750s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8C939D70-5353-43B7-AEF9-8F1D784DD4EF"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:gl-ar750_firmware:4.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "ACAAD071-0070-48B9-9797-26B1D5CAC962"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:gl-ar750:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6FE176E8-8CB1-429B-9B3B-E1F58EC0C8F5"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:gl-ar300m_firmware:4.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "E267A0D1-8D9B-43A9-88F0-3CA961403FBC"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:gl-ar300m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10C965DA-2D49-4ED6-B028-3A23164EDC14"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:gl-b1300_firmware:4.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "9E6AF4D2-8BD0-4536-82AA-A9A06441DB59"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:gl-b1300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "10D84ECB-35CB-42B0-B925-8B631C235CC2"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:gl-mt6000_firmware:4.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "86FF086A-A9F0-4027-AAE4-0940D451CA8A"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:gl-mt6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0480E0BD-DAEE-42E7-A6EB-BC09889CC7B9"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:gl-a1300_firmware:4.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "789782AD-CCC9-403C-810A-F634B09EEB5B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:gl-a1300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2365517B-F8AF-490D-9282-36679EB484D2"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:gl-ax1800_firmware:4.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "CC12DFE3-F634-4737-AEF7-82685634F65E"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:gl-ax1800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "459CA3AD-7D9A-4E72-8847-9F989232CDCD"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:gl-axt1800_firmware:4.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "2321AEF1-B475-439F-A936-581337CB5181"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:gl-axt1800:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49448661-9D95-4218-B2FA-73610AA5523C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:gl-mt3000_firmware:4.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "12F39096-F3A6-4240-9CCF-3CEB44A549D4"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:gl-mt3000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D832083-488B-40F2-8D7A-66E917DF67F9"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:gl-inet:gl-mt2500_firmware:4.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D78DCE77-BBC1-4702-89F3-A2064A82ED85"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gl-inet:gl-mt2500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "88C600EF-AF68-45F0-B9C0-7ECA0D33179C"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/gl-inet/CVE-issues/blob/main/4.0.0/Using%20Shell%20Metacharacter%20Injection%20via%20API.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

59
CVE-2023/CVE-2023-71xx/CVE-2023-7147.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-7147",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-12-29T03:15:11.847",
"lastModified": "2023-12-29T13:56:44.347",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-05T13:45:10.057",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -75,18 +95,47 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:masterlab:masterlab:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3.10",
"matchCriteriaId": "650AE4B5-39D2-4607-8455-957955DF48AB"
}
]
}
]
}
],
"references": [
{
"url": "https://note.zhaoj.in/share/affd8cjn50HC",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Broken Link"
]
},
{
"url": "https://vuldb.com/?ctiid.249150",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.249150",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
}
]
}

56
CVE-2023/CVE-2023-71xx/CVE-2023-7148.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-7148",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-12-29T03:15:12.110",
"lastModified": "2023-12-29T13:56:44.347",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-05T13:41:02.593",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -75,18 +95,44 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:shifuml:shifu:0.12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "72D8744B-69F9-4318-8B35-E9FA227C446A"
}
]
}
]
}
],
"references": [
{
"url": "https://drive.google.com/file/d/1ST3dD-iwUBgBNZ8tGaBbqVi1zRh5rLND/view",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
},
{
"url": "https://vuldb.com/?ctiid.249151",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://vuldb.com/?id.249151",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required"
]
}
]
}

57
CVE-2023/CVE-2023-71xx/CVE-2023-7156.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-7156",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-12-29T06:15:43.727",
"lastModified": "2023-12-29T13:56:33.383",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-05T14:53:54.850",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -75,18 +95,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:campcodes:online_college_library_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4D331640-536F-4A3E-A438-540A67CDC849"
}
]
}
]
}
],
"references": [
{
"url": "https://medium.com/@heishou/libsystem-foreground-sql-injection-vulnerability-95b95ab64ccc",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.249178",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.249178",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

57
CVE-2023/CVE-2023-71xx/CVE-2023-7157.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-7157",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-12-29T06:15:43.953",
"lastModified": "2023-12-29T13:56:33.383",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-05T14:53:02.590",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -75,18 +95,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mayurik:free_and_open_source_inventory_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D414DE2C-F2F3-4159-9D7F-A81930652C97"
}
]
}
]
}
],
"references": [
{
"url": "https://medium.com/@heishou/inventory-management-system-sql-injection-7b955b5707eb",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.249179",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.249179",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

86
CVE-2023/CVE-2023-71xx/CVE-2023-7158.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-7158",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-12-29T07:15:11.060",
"lastModified": "2023-12-29T13:56:33.383",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-05T14:47:39.737",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,11 +11,31 @@
},
{
"lang": "es",
"value": "Se encontr\u00f3 una vulnerabilidad en MicroPython hasta 1.21.0. Ha sido clasificado como cr\u00edtico. La funci\u00f3n slice_indices del archivo objslice.c es afectada por la vulnerabilidad. La manipulaci\u00f3n conduce a un desbordamiento de b\u00fafer de almacenamiento din\u00e1mico. Es posible lanzar el ataque de forma remota. La explotaci\u00f3n ha sido divulgada al p\u00fablico y puede utilizarse. La actualizaci\u00f3n a la versi\u00f3n 1.22.0 puede solucionar este problema. Se recomienda actualizar el componente afectado. El identificador de esta vulnerabilidad es VDB-249180."
"value": "Se encontr\u00f3 una vulnerabilidad en MicroPython hasta 1.21.0. Ha sido clasificada como cr\u00edtica. La funci\u00f3n slice_indices del archivo objslice.c es afectada por la vulnerabilidad. La manipulaci\u00f3n conduce a un desbordamiento de b\u00fafer de almacenamiento din\u00e1mico. Es posible lanzar el ataque de forma remota. La explotaci\u00f3n ha sido divulgada al p\u00fablico y puede utilizarse. La actualizaci\u00f3n a la versi\u00f3n 1.22.0 puede solucionar este problema. Se recomienda actualizar el componente afectado. El identificador de esta vulnerabilidad es VDB-249180."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -64,6 +84,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -75,30 +105,68 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:micropython:micropython:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.22.0",
"matchCriteriaId": "98250EF6-59E9-440F-95EB-5A5BB2B54639"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/micropython/micropython/issues/13007",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Issue Tracking"
]
},
{
"url": "https://github.com/micropython/micropython/pull/13039",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://github.com/micropython/micropython/pull/13039/commits/f397a3ec318f3ad05aa287764ae7cef32202380f",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/micropython/micropython/releases/tag/v1.22.0",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://vuldb.com/?ctiid.249180",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.249180",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

53
CVE-2023/CVE-2023-71xx/CVE-2023-7160.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-7160",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-12-29T08:15:36.850",
"lastModified": "2023-12-29T13:56:33.383",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-05T14:03:10.677",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -75,14 +95,39 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:janobe:engineers_online_portal:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "461D780B-1D99-40B8-BE65-497FAD073EBE"
}
]
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?ctiid.249182",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.249182",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
}
]
}

69
CVE-2023/CVE-2023-71xx/CVE-2023-7161.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-7161",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-12-29T08:15:37.260",
"lastModified": "2023-12-29T13:56:33.383",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2024-01-05T13:57:32.080",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
@ -75,18 +95,57 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:netentsec:application_security_gateway_firmware:6.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "65E29A4B-A93E-46D2-8F8E-7C2695C1D75B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:netentsec:application_security_gateway:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4C1E67E9-CFF7-496F-830C-69FB2F109CB7"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/fixitc/cve/blob/main/sql.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
},
{
"url": "https://vuldb.com/?ctiid.249183",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.249183",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

84
CVE-2024/CVE-2024-02xx/CVE-2024-0246.json Normal file
View File

@ -0,0 +1,84 @@
{
"id": "CVE-2024-0246",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-01-05T14:15:48.250",
"lastModified": "2024-01-05T14:15:48.250",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as problematic has been found in IceWarp 12.0.2.1/12.0.3.1. This affects an unknown part of the file /install/ of the component Utility Download Handler. The manipulation of the argument lang with the input 1%27\"()%26%25<zzz><ScRiPt>alert(document.domain)</ScRiPt> leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-249759. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE",
"baseScore": 5.0
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?ctiid.249759",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.249759",
"source": "cna@vuldb.com"
}
]
}

69
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2024-01-05T13:00:25.647462+00:00
2024-01-05T15:00:24.681055+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2024-01-05T12:15:11.707000+00:00
2024-01-05T14:53:54.850000+00:00
```
### Last Data Feed Release
@ -29,52 +29,45 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
234932
234933
```
### CVEs added in the last Commit
Recently added CVEs: `8`
Recently added CVEs: `1`
* [CVE-2022-46839](CVE-2022/CVE-2022-468xx/CVE-2022-46839.json) (`2024-01-05T11:15:09.433`)
* [CVE-2023-52143](CVE-2023/CVE-2023-521xx/CVE-2023-52143.json) (`2024-01-05T11:15:10.103`)
* [CVE-2023-52146](CVE-2023/CVE-2023-521xx/CVE-2023-52146.json) (`2024-01-05T11:15:10.650`)
* [CVE-2023-52148](CVE-2023/CVE-2023-521xx/CVE-2023-52148.json) (`2024-01-05T11:15:11.250`)
* [CVE-2023-52151](CVE-2023/CVE-2023-521xx/CVE-2023-52151.json) (`2024-01-05T11:15:11.817`)
* [CVE-2023-52124](CVE-2023/CVE-2023-521xx/CVE-2023-52124.json) (`2024-01-05T12:15:09.877`)
* [CVE-2023-52125](CVE-2023/CVE-2023-521xx/CVE-2023-52125.json) (`2024-01-05T12:15:10.750`)
* [CVE-2023-52126](CVE-2023/CVE-2023-521xx/CVE-2023-52126.json) (`2024-01-05T12:15:11.707`)
* [CVE-2024-0246](CVE-2024/CVE-2024-02xx/CVE-2024-0246.json) (`2024-01-05T14:15:48.250`)
### CVEs modified in the last Commit
Recently modified CVEs: `77`
Recently modified CVEs: `35`
* [CVE-2023-32889](CVE-2023/CVE-2023-328xx/CVE-2023-32889.json) (`2024-01-05T12:13:41.860`)
* [CVE-2023-32890](CVE-2023/CVE-2023-328xx/CVE-2023-32890.json) (`2024-01-05T12:13:43.827`)
* [CVE-2023-32891](CVE-2023/CVE-2023-328xx/CVE-2023-32891.json) (`2024-01-05T12:13:46.007`)
* [CVE-2023-38674](CVE-2023/CVE-2023-386xx/CVE-2023-38674.json) (`2024-01-05T12:14:14.417`)
* [CVE-2023-38675](CVE-2023/CVE-2023-386xx/CVE-2023-38675.json) (`2024-01-05T12:14:31.273`)
* [CVE-2023-38676](CVE-2023/CVE-2023-386xx/CVE-2023-38676.json) (`2024-01-05T12:14:33.513`)
* [CVE-2023-38677](CVE-2023/CVE-2023-386xx/CVE-2023-38677.json) (`2024-01-05T12:14:35.590`)
* [CVE-2023-38678](CVE-2023/CVE-2023-386xx/CVE-2023-38678.json) (`2024-01-05T12:14:37.553`)
* [CVE-2023-52302](CVE-2023/CVE-2023-523xx/CVE-2023-52302.json) (`2024-01-05T12:14:39.403`)
* [CVE-2023-52303](CVE-2023/CVE-2023-523xx/CVE-2023-52303.json) (`2024-01-05T12:14:41.567`)
* [CVE-2023-52304](CVE-2023/CVE-2023-523xx/CVE-2023-52304.json) (`2024-01-05T12:14:43.940`)
* [CVE-2023-52305](CVE-2023/CVE-2023-523xx/CVE-2023-52305.json) (`2024-01-05T12:14:45.727`)
* [CVE-2023-52306](CVE-2023/CVE-2023-523xx/CVE-2023-52306.json) (`2024-01-05T12:14:47.657`)
* [CVE-2023-52307](CVE-2023/CVE-2023-523xx/CVE-2023-52307.json) (`2024-01-05T12:14:49.853`)
* [CVE-2023-52308](CVE-2023/CVE-2023-523xx/CVE-2023-52308.json) (`2024-01-05T12:14:51.707`)
* [CVE-2023-52309](CVE-2023/CVE-2023-523xx/CVE-2023-52309.json) (`2024-01-05T12:14:54.590`)
* [CVE-2023-52310](CVE-2023/CVE-2023-523xx/CVE-2023-52310.json) (`2024-01-05T12:14:56.697`)
* [CVE-2023-52311](CVE-2023/CVE-2023-523xx/CVE-2023-52311.json) (`2024-01-05T12:14:59.153`)
* [CVE-2023-52312](CVE-2023/CVE-2023-523xx/CVE-2023-52312.json) (`2024-01-05T12:15:01.330`)
* [CVE-2023-52313](CVE-2023/CVE-2023-523xx/CVE-2023-52313.json) (`2024-01-05T12:15:03.560`)
* [CVE-2023-52314](CVE-2023/CVE-2023-523xx/CVE-2023-52314.json) (`2024-01-05T12:15:05.973`)
* [CVE-2024-22075](CVE-2024/CVE-2024-220xx/CVE-2024-22075.json) (`2024-01-05T11:54:11.040`)
* [CVE-2024-22086](CVE-2024/CVE-2024-220xx/CVE-2024-22086.json) (`2024-01-05T11:54:11.040`)
* [CVE-2024-22087](CVE-2024/CVE-2024-220xx/CVE-2024-22087.json) (`2024-01-05T11:54:11.040`)
* [CVE-2024-22088](CVE-2024/CVE-2024-220xx/CVE-2024-22088.json) (`2024-01-05T11:54:11.040`)
* [CVE-2023-7160](CVE-2023/CVE-2023-71xx/CVE-2023-7160.json) (`2024-01-05T14:03:10.677`)
* [CVE-2023-28198](CVE-2023/CVE-2023-281xx/CVE-2023-28198.json) (`2024-01-05T14:15:46.227`)
* [CVE-2023-28204](CVE-2023/CVE-2023-282xx/CVE-2023-28204.json) (`2024-01-05T14:15:46.340`)
* [CVE-2023-32370](CVE-2023/CVE-2023-323xx/CVE-2023-32370.json) (`2024-01-05T14:15:46.447`)
* [CVE-2023-32373](CVE-2023/CVE-2023-323xx/CVE-2023-32373.json) (`2024-01-05T14:15:46.537`)
* [CVE-2023-32393](CVE-2023/CVE-2023-323xx/CVE-2023-32393.json) (`2024-01-05T14:15:46.657`)
* [CVE-2023-32439](CVE-2023/CVE-2023-324xx/CVE-2023-32439.json) (`2024-01-05T14:15:46.780`)
* [CVE-2023-37450](CVE-2023/CVE-2023-374xx/CVE-2023-37450.json) (`2024-01-05T14:15:46.917`)
* [CVE-2023-38133](CVE-2023/CVE-2023-381xx/CVE-2023-38133.json) (`2024-01-05T14:15:47.027`)
* [CVE-2023-38572](CVE-2023/CVE-2023-385xx/CVE-2023-38572.json) (`2024-01-05T14:15:47.123`)
* [CVE-2023-38592](CVE-2023/CVE-2023-385xx/CVE-2023-38592.json) (`2024-01-05T14:15:47.227`)
* [CVE-2023-38594](CVE-2023/CVE-2023-385xx/CVE-2023-38594.json) (`2024-01-05T14:15:47.353`)
* [CVE-2023-38595](CVE-2023/CVE-2023-385xx/CVE-2023-38595.json) (`2024-01-05T14:15:47.447`)
* [CVE-2023-38597](CVE-2023/CVE-2023-385xx/CVE-2023-38597.json) (`2024-01-05T14:15:47.557`)
* [CVE-2023-38599](CVE-2023/CVE-2023-385xx/CVE-2023-38599.json) (`2024-01-05T14:15:47.670`)
* [CVE-2023-38600](CVE-2023/CVE-2023-386xx/CVE-2023-38600.json) (`2024-01-05T14:15:47.753`)
* [CVE-2023-38611](CVE-2023/CVE-2023-386xx/CVE-2023-38611.json) (`2024-01-05T14:15:47.830`)
* [CVE-2023-40397](CVE-2023/CVE-2023-403xx/CVE-2023-40397.json) (`2024-01-05T14:15:47.920`)
* [CVE-2023-42916](CVE-2023/CVE-2023-429xx/CVE-2023-42916.json) (`2024-01-05T14:15:48.030`)
* [CVE-2023-42917](CVE-2023/CVE-2023-429xx/CVE-2023-42917.json) (`2024-01-05T14:15:48.143`)
* [CVE-2023-50445](CVE-2023/CVE-2023-504xx/CVE-2023-50445.json) (`2024-01-05T14:37:38.527`)
* [CVE-2023-7158](CVE-2023/CVE-2023-71xx/CVE-2023-7158.json) (`2024-01-05T14:47:39.737`)
* [CVE-2023-23634](CVE-2023/CVE-2023-236xx/CVE-2023-23634.json) (`2024-01-05T14:48:51.033`)
* [CVE-2023-7157](CVE-2023/CVE-2023-71xx/CVE-2023-7157.json) (`2024-01-05T14:53:02.590`)
* [CVE-2023-7156](CVE-2023/CVE-2023-71xx/CVE-2023-7156.json) (`2024-01-05T14:53:54.850`)
## Download and Usage