diff --git a/CVE-2021/CVE-2021-312xx/CVE-2021-31294.json b/CVE-2021/CVE-2021-312xx/CVE-2021-31294.json index bffd599a13d..1712000370a 100644 --- a/CVE-2021/CVE-2021-312xx/CVE-2021-31294.json +++ b/CVE-2021/CVE-2021-312xx/CVE-2021-31294.json @@ -2,27 +2,90 @@ "id": "CVE-2021-31294", "sourceIdentifier": "cve@mitre.org", "published": "2023-07-15T23:15:09.203", - "lastModified": "2023-07-17T13:02:42.053", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-26T01:12:08.520", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Redis before 6cbea7d allows a replica to cause an assertion failure in a primary server by sending a non-administrative command (specifically, a SET command). NOTE: this was fixed for Redis 6.2.x and 7.x in 2021. Versions before 6.2 were not intended to have safety guarantees related to this." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-617" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:redis:redis:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.2.0", + "matchCriteriaId": "28E377D7-3E6B-40DE-B628-CABF8CFF59AB" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/redis/redis/commit/46f4ebbe842620f0976a36741a72482620aa4b48", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/redis/redis/commit/6cbea7d29b5285692843bc1c351abba1a7ef326f", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/redis/redis/issues/8712", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-364xx/CVE-2022-36424.json b/CVE-2022/CVE-2022-364xx/CVE-2022-36424.json index 20d4cce2eb8..afcf11a48e1 100644 --- a/CVE-2022/CVE-2022-364xx/CVE-2022-36424.json +++ b/CVE-2022/CVE-2022-364xx/CVE-2022-36424.json @@ -2,8 +2,8 @@ "id": "CVE-2022-36424", "sourceIdentifier": "audit@patchstack.com", "published": "2023-07-17T16:15:09.583", - "lastModified": "2023-07-17T17:31:42.010", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-26T00:36:43.983", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +66,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:easy_appointments_project:easy_appointments:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "3.11.9", + "matchCriteriaId": "6C1BF2EB-FC96-4F73-99FD-62964E49E895" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/easy-appointments/wordpress-easy-appointments-plugin-3-11-9-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-380xx/CVE-2022-38062.json b/CVE-2022/CVE-2022-380xx/CVE-2022-38062.json index 0e29e4b4bde..5c723060776 100644 --- a/CVE-2022/CVE-2022-380xx/CVE-2022-38062.json +++ b/CVE-2022/CVE-2022-380xx/CVE-2022-38062.json @@ -2,8 +2,8 @@ "id": "CVE-2022-38062", "sourceIdentifier": "audit@patchstack.com", "published": "2023-07-17T16:15:09.673", - "lastModified": "2023-07-17T17:31:42.010", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-26T00:35:11.427", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -36,7 +56,7 @@ }, "weaknesses": [ { - "source": "audit@patchstack.com", + "source": "nvd@nist.gov", "type": "Primary", "description": [ { @@ -44,12 +64,43 @@ "value": "CWE-352" } ] + }, + { + "source": "audit@patchstack.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:metagauss:download_theme:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "1.0.9", + "matchCriteriaId": "9B499A36-56AB-4FCF-AAA3-89F04A651AA7" + } + ] + } + ] } ], "references": [ { "url": "https://patchstack.com/database/vulnerability/download-theme/wordpress-download-theme-plugin-1-0-9-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-40xx/CVE-2022-4023.json b/CVE-2022/CVE-2022-40xx/CVE-2022-4023.json index 06e9f9ea2ce..dce8697cc53 100644 --- a/CVE-2022/CVE-2022-40xx/CVE-2022-4023.json +++ b/CVE-2022/CVE-2022-40xx/CVE-2022-4023.json @@ -2,15 +2,38 @@ "id": "CVE-2022-4023", "sourceIdentifier": "contact@wpscan.com", "published": "2023-07-17T14:15:09.477", - "lastModified": "2023-07-17T14:22:59.283", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-26T01:23:32.157", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "The 3DPrint WordPress plugin before 3.5.6.9 does not protect against CSRF attacks in the modified version of Tiny File Manager included with the plugin, allowing an attacker to craft a malicious request that will create an archive of any files or directories on the target server by tricking a logged in admin into submitting a form. Furthermore the created archive has a predictable location and name, allowing the attacker to download the file if they know the time at which the form was submitted, making it possible to leak sensitive files like the WordPress configuration containing database credentials and secrets." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.6, + "impactScore": 3.6 + } + ] + }, "weaknesses": [ { "source": "contact@wpscan.com", @@ -23,14 +46,39 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:3dprint_project:3dprint:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "3.5.6.9", + "matchCriteriaId": "4BD26B4C-B1A4-4B9E-9977-FCD70F940C6B" + } + ] + } + ] + } + ], "references": [ { "url": "https://jetpack.com/blog/vulnerabilities-found-in-the-3dprint-premium-plugin/", - "source": "contact@wpscan.com" + "source": "contact@wpscan.com", + "tags": [ + "Exploit" + ] }, { "url": "https://wpscan.com/vulnerability/859c6e7e-2381-4d93-a526-2000b4fb8fee", - "source": "contact@wpscan.com" + "source": "contact@wpscan.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-471xx/CVE-2022-47169.json b/CVE-2022/CVE-2022-471xx/CVE-2022-47169.json index 4bf29f61197..9ed2c672ef7 100644 --- a/CVE-2022/CVE-2022-471xx/CVE-2022-47169.json +++ b/CVE-2022/CVE-2022-471xx/CVE-2022-47169.json @@ -2,8 +2,8 @@ "id": "CVE-2022-47169", "sourceIdentifier": "audit@patchstack.com", "published": "2023-07-18T13:15:11.613", - "lastModified": "2023-07-18T14:11:49.930", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-26T00:32:21.927", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +66,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:staxwp:visibility_logic_for_elementor:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "2.3.4", + "matchCriteriaId": "DD5B5F74-8D42-4ACA-B2B4-84735AB28A23" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/visibility-logic-elementor/wordpress-visibility-logic-for-elementor-plugin-2-3-4-cross-site-request-forgery-csrf?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-471xx/CVE-2022-47172.json b/CVE-2022/CVE-2022-471xx/CVE-2022-47172.json index d09d845d8f6..9d72a1c7745 100644 --- a/CVE-2022/CVE-2022-471xx/CVE-2022-47172.json +++ b/CVE-2022/CVE-2022-471xx/CVE-2022-47172.json @@ -2,8 +2,8 @@ "id": "CVE-2022-47172", "sourceIdentifier": "audit@patchstack.com", "published": "2023-07-17T15:15:09.530", - "lastModified": "2023-07-17T17:31:42.010", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-26T01:10:52.043", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +66,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:hasthemes:woolentor_-_woocommerce_elementor_addons_\\+_builder:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "2.6.2", + "matchCriteriaId": "A5C2E373-BEEF-41E0-A868-2B599EAA696C" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/woolentor-addons/wordpress-shoplentor-plugin-2-6-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-04xx/CVE-2023-0439.json b/CVE-2023/CVE-2023-04xx/CVE-2023-0439.json index 335403fdd82..9e2b47e2b08 100644 --- a/CVE-2023/CVE-2023-04xx/CVE-2023-0439.json +++ b/CVE-2023/CVE-2023-04xx/CVE-2023-0439.json @@ -2,15 +2,38 @@ "id": "CVE-2023-0439", "sourceIdentifier": "contact@wpscan.com", "published": "2023-07-17T14:15:09.553", - "lastModified": "2023-07-17T14:22:59.283", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-26T01:22:41.733", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "The NEX-Forms WordPress plugin before 8.4.4 does not escape its form name, which could lead to Stored Cross-Site Scripting issues. By default only SuperAdmins (in multisite) / admins (in single site) can create forms, however there is a settings allowing them to give lower roles access to such feature." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, "weaknesses": [ { "source": "contact@wpscan.com", @@ -23,10 +46,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:basixonline:nex-forms:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "8.4.4", + "matchCriteriaId": "5135FFE3-255D-493D-930C-72FD5D6A16D3" + } + ] + } + ] + } + ], "references": [ { "url": "https://wpscan.com/vulnerability/04cea9aa-b21c-49f8-836b-2d312253e09a", - "source": "contact@wpscan.com" + "source": "contact@wpscan.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-226xx/CVE-2023-22672.json b/CVE-2023/CVE-2023-226xx/CVE-2023-22672.json index 3cb95584aed..2cb07ab33c5 100644 --- a/CVE-2023/CVE-2023-226xx/CVE-2023-22672.json +++ b/CVE-2023/CVE-2023-226xx/CVE-2023-22672.json @@ -2,8 +2,8 @@ "id": "CVE-2023-22672", "sourceIdentifier": "audit@patchstack.com", "published": "2023-07-17T11:15:09.063", - "lastModified": "2023-07-17T13:02:37.237", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-26T01:22:09.480", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +66,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:vibethemes:vslider:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "4.1.2", + "matchCriteriaId": "50A90350-7A6A-43E9-AF16-D272C199C896" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/vslider/wordpress-vslider-multi-image-slider-for-wordpress-plugin-4-1-2-cross-site-request-forgery-csrf?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-22xx/CVE-2023-2268.json b/CVE-2023/CVE-2023-22xx/CVE-2023-2268.json index 0aad98b2027..a884c2ef3a7 100644 --- a/CVE-2023/CVE-2023-22xx/CVE-2023-2268.json +++ b/CVE-2023/CVE-2023-22xx/CVE-2023-2268.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2268", "sourceIdentifier": "help@fluidattacks.com", "published": "2023-07-15T19:15:09.450", - "lastModified": "2023-07-17T13:02:42.053", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-26T01:15:37.700", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + }, { "source": "help@fluidattacks.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + }, { "source": "help@fluidattacks.com", "type": "Secondary", @@ -46,14 +76,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:plane:plane:0.7.1:*:*:*:*:*:*:*", + "matchCriteriaId": "34694F35-B3F5-4743-AD9F-AEFB361C62D5" + } + ] + } + ] + } + ], "references": [ { "url": "https://fluidattacks.com/advisories/giardino/", - "source": "help@fluidattacks.com" + "source": "help@fluidattacks.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://github.com/makeplane/plane", - "source": "help@fluidattacks.com" + "source": "help@fluidattacks.com", + "tags": [ + "Product" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-236xx/CVE-2023-23646.json b/CVE-2023/CVE-2023-236xx/CVE-2023-23646.json index d248f2c6b99..10fed2c8c9d 100644 --- a/CVE-2023/CVE-2023-236xx/CVE-2023-23646.json +++ b/CVE-2023/CVE-2023-236xx/CVE-2023-23646.json @@ -2,8 +2,8 @@ "id": "CVE-2023-23646", "sourceIdentifier": "audit@patchstack.com", "published": "2023-07-17T11:15:09.183", - "lastModified": "2023-07-17T13:02:37.237", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-26T01:11:44.107", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +66,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:awplife:album_gallery:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "1.5.0", + "matchCriteriaId": "24787510-5F9D-4359-8023-FD2641400BE6" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/new-album-gallery/wordpress-album-gallery-wordpress-gallery-plugin-1-4-9-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-236xx/CVE-2023-23660.json b/CVE-2023/CVE-2023-236xx/CVE-2023-23660.json index c5298eda609..ba1f06653bc 100644 --- a/CVE-2023/CVE-2023-236xx/CVE-2023-23660.json +++ b/CVE-2023/CVE-2023-236xx/CVE-2023-23660.json @@ -2,8 +2,8 @@ "id": "CVE-2023-23660", "sourceIdentifier": "audit@patchstack.com", "published": "2023-07-18T13:15:11.713", - "lastModified": "2023-07-18T14:11:49.930", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-26T00:32:07.297", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,14 +66,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mainwp:mainwp_maintenance_extension:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "4.1.1", + "matchCriteriaId": "0F44B43B-0999-4FF1-AE31-229476ABEDB6" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/articles/multiple-vulnerabilities-affecting-mainwp-extensions?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://patchstack.com/database/vulnerability/mainwp-maintenance-extension/wordpress-mainwp-maintenance-extension-plugin-4-1-1-subscriber-sql-injection-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-237xx/CVE-2023-23719.json b/CVE-2023/CVE-2023-237xx/CVE-2023-23719.json index 8b2dd7fe215..7e000e182ec 100644 --- a/CVE-2023/CVE-2023-237xx/CVE-2023-23719.json +++ b/CVE-2023/CVE-2023-237xx/CVE-2023-23719.json @@ -2,8 +2,8 @@ "id": "CVE-2023-23719", "sourceIdentifier": "audit@patchstack.com", "published": "2023-07-17T11:15:09.250", - "lastModified": "2023-07-17T13:02:37.237", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-26T01:19:00.190", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +66,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:premmerce:premmerce:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "1.3.17", + "matchCriteriaId": "C73B04CA-B9B1-4AC3-B4A0-804FBDA808F0" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/premmerce/wordpress-premmerce-plugin-1-3-17-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-250xx/CVE-2023-25036.json b/CVE-2023/CVE-2023-250xx/CVE-2023-25036.json index 2b011753be6..9c8d8e76868 100644 --- a/CVE-2023/CVE-2023-250xx/CVE-2023-25036.json +++ b/CVE-2023/CVE-2023-250xx/CVE-2023-25036.json @@ -2,8 +2,8 @@ "id": "CVE-2023-25036", "sourceIdentifier": "audit@patchstack.com", "published": "2023-07-18T13:15:11.810", - "lastModified": "2023-07-18T14:11:49.930", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-26T00:31:35.797", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +66,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:social_media_icons_widget_project:social_media_icons_widget:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "1.6", + "matchCriteriaId": "11E99F08-B728-4CD8-AEC3-FA7BDD2EAAD7" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/spoontalk-social-media-icons-widget/wordpress-social-media-icons-widget-plugin-1-6-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-25xx/CVE-2023-2507.json b/CVE-2023/CVE-2023-25xx/CVE-2023-2507.json index 97decdda4e5..9ae3904f0d1 100644 --- a/CVE-2023/CVE-2023-25xx/CVE-2023-2507.json +++ b/CVE-2023/CVE-2023-25xx/CVE-2023-2507.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2507", "sourceIdentifier": "help@fluidattacks.com", "published": "2023-07-15T19:15:09.527", - "lastModified": "2023-07-17T13:02:42.053", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-26T01:15:28.117", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + }, { "source": "help@fluidattacks.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + }, { "source": "help@fluidattacks.com", "type": "Secondary", @@ -46,14 +76,38 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:clevertap:clevertap:2.6.2:*:*:*:*:cordova:*:*", + "matchCriteriaId": "2EEC3FB3-3FF2-40BB-B1E0-BC257CAE38D6" + } + ] + } + ] + } + ], "references": [ { "url": "https://fluidattacks.com/advisories/maiden/", - "source": "help@fluidattacks.com" + "source": "help@fluidattacks.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://github.com/CleverTap/clevertap-cordova", - "source": "help@fluidattacks.com" + "source": "help@fluidattacks.com", + "tags": [ + "Product" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-274xx/CVE-2023-27424.json b/CVE-2023/CVE-2023-274xx/CVE-2023-27424.json index 4e56712f8a2..fecdf8db5f0 100644 --- a/CVE-2023/CVE-2023-274xx/CVE-2023-27424.json +++ b/CVE-2023/CVE-2023-274xx/CVE-2023-27424.json @@ -2,8 +2,8 @@ "id": "CVE-2023-27424", "sourceIdentifier": "audit@patchstack.com", "published": "2023-07-17T13:15:10.240", - "lastModified": "2023-07-17T14:22:59.283", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-26T01:18:42.467", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +66,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:inactive_user_deleter_project:inactive_user_deleter:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "1.60", + "matchCriteriaId": "E105AA71-1C79-4DB4-BB4C-D6D99E755CC7" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/inactive-user-deleter/wordpress-inactive-user-deleter-plugin-1-58-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-276xx/CVE-2023-27606.json b/CVE-2023/CVE-2023-276xx/CVE-2023-27606.json index 4b8a568b76a..db2169afc37 100644 --- a/CVE-2023/CVE-2023-276xx/CVE-2023-27606.json +++ b/CVE-2023/CVE-2023-276xx/CVE-2023-27606.json @@ -2,8 +2,8 @@ "id": "CVE-2023-27606", "sourceIdentifier": "audit@patchstack.com", "published": "2023-07-17T11:15:09.323", - "lastModified": "2023-07-17T13:02:37.237", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-26T01:18:52.087", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +66,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:wp_reroute_email_project:wp_reroute_email:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "1.4.6", + "matchCriteriaId": "442B2DD7-E143-41EE-9FDE-82578E4D830C" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/wp-reroute-email/wordpress-wp-reroute-email-plugin-1-4-6-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-29xx/CVE-2023-2912.json b/CVE-2023/CVE-2023-29xx/CVE-2023-2912.json index 652d8fc8045..aabcbda320e 100644 --- a/CVE-2023/CVE-2023-29xx/CVE-2023-2912.json +++ b/CVE-2023/CVE-2023-29xx/CVE-2023-2912.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2912", "sourceIdentifier": "VulnerabilityReporting@secomea.com", "published": "2023-07-17T13:15:10.323", - "lastModified": "2023-07-17T14:22:59.283", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-26T01:24:28.907", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + }, { "source": "VulnerabilityReporting@secomea.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + }, { "source": "VulnerabilityReporting@secomea.com", "type": "Secondary", @@ -46,10 +76,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:secomea:sitemanager_embedded:*:*:*:*:*:*:*:*", + "versionEndExcluding": "11.0", + "matchCriteriaId": "10DED568-0660-49EF-868C-16FB67043EBE" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.secomea.com/support/cybersecurity-advisory/", - "source": "VulnerabilityReporting@secomea.com" + "source": "VulnerabilityReporting@secomea.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-29xx/CVE-2023-2958.json b/CVE-2023/CVE-2023-29xx/CVE-2023-2958.json index 9dde1a55207..a1f766315df 100644 --- a/CVE-2023/CVE-2023-29xx/CVE-2023-2958.json +++ b/CVE-2023/CVE-2023-29xx/CVE-2023-2958.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2958", "sourceIdentifier": "cve@usom.gov.tr", "published": "2023-07-17T15:15:09.610", - "lastModified": "2023-07-17T17:31:42.010", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-26T00:39:09.300", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -13,8 +13,28 @@ "metrics": { "cvssMetricV31": [ { - "source": "cve@usom.gov.tr", + "source": "nvd@nist.gov", "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, + { + "source": "cve@usom.gov.tr", + "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", @@ -46,10 +66,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:orjinyazilim:ats_pro:*:*:*:*:*:*:*:*", + "versionEndExcluding": "20230714", + "matchCriteriaId": "A69F0298-13A0-4145-9C86-00C68B70E36E" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.usom.gov.tr/bildirim/tr-23-0410", - "source": "cve@usom.gov.tr" + "source": "cve@usom.gov.tr", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-30xx/CVE-2023-3041.json b/CVE-2023/CVE-2023-30xx/CVE-2023-3041.json index d59df77e835..33e67e8a90d 100644 --- a/CVE-2023/CVE-2023-30xx/CVE-2023-3041.json +++ b/CVE-2023/CVE-2023-30xx/CVE-2023-3041.json @@ -2,15 +2,38 @@ "id": "CVE-2023-3041", "sourceIdentifier": "contact@wpscan.com", "published": "2023-07-17T14:15:10.783", - "lastModified": "2023-07-17T14:22:52.003", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-26T01:11:27.043", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "The Autochat Automatic Conversation WordPress plugin through 1.1.7 does not sanitise and escape user input before outputting it back on the page, leading to a cross-site Scripting attack." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, "weaknesses": [ { "source": "contact@wpscan.com", @@ -23,10 +46,32 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:autochat:automatic_conversation:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "1.1.7", + "matchCriteriaId": "D222661A-79B7-42FC-A911-175623E440D6" + } + ] + } + ] + } + ], "references": [ { "url": "https://wpscan.com/vulnerability/93cad990-b6be-4ee1-9cdf-0211a7fe6c96", - "source": "contact@wpscan.com" + "source": "contact@wpscan.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-318xx/CVE-2023-31851.json b/CVE-2023/CVE-2023-318xx/CVE-2023-31851.json index d5c78277eba..b803923c8ab 100644 --- a/CVE-2023/CVE-2023-318xx/CVE-2023-31851.json +++ b/CVE-2023/CVE-2023-318xx/CVE-2023-31851.json @@ -2,23 +2,104 @@ "id": "CVE-2023-31851", "sourceIdentifier": "cve@mitre.org", "published": "2023-07-17T15:15:09.683", - "lastModified": "2023-07-17T17:31:42.010", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-26T00:38:11.730", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Cudy LT400 1.13.4 is has a cross-site scripting (XSS) vulnerability in /cgi-bin/luci/admin/network/wireless/status via the iface parameter." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:cudy:lt400_firmware:1.13.4:*:*:*:*:*:*:*", + "matchCriteriaId": "2759B9C5-DCE0-4072-9C18-B9048593A184" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:cudy:lt400_firmware:1.15.18:*:*:*:*:*:*:*", + "matchCriteriaId": "875825A7-D2F1-4AA7-885E-EBD3306EA1F4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:cudy:lt400_firmware:1.15.27:*:*:*:*:*:*:*", + "matchCriteriaId": "2528C721-BB61-4825-AE3A-7629331D2D72" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:cudy:lt400:-:*:*:*:*:*:*:*", + "matchCriteriaId": "11844C8A-99FE-4715-8F47-68BE1603D007" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/CalfCrusher/CVE-2023-31851", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://www.cudy.com", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Product" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-318xx/CVE-2023-31852.json b/CVE-2023/CVE-2023-318xx/CVE-2023-31852.json index ef82d6d9114..b23e80ffc97 100644 --- a/CVE-2023/CVE-2023-318xx/CVE-2023-31852.json +++ b/CVE-2023/CVE-2023-318xx/CVE-2023-31852.json @@ -2,23 +2,93 @@ "id": "CVE-2023-31852", "sourceIdentifier": "cve@mitre.org", "published": "2023-07-17T14:15:10.450", - "lastModified": "2023-07-17T14:22:52.003", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-26T01:22:23.670", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Cudy LT400 1.13.4 is vulnerable to Cross Site Scripting (XSS) in cgi-bin/luci/admin/network/wireless/config via the iface parameter." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:cuby:lt400_firmware:1.13.4:*:*:*:*:*:*:*", + "matchCriteriaId": "325FA8D2-65B3-471C-A19A-5C8DB365BBA2" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:cuby:lt400:-:*:*:*:*:*:*:*", + "matchCriteriaId": "4B7DB32F-7CD6-4659-B5BE-963E3EA74959" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/CalfCrusher/CVE-2023-31852", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit" + ] }, { "url": "https://www.cudy.com", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Product" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-318xx/CVE-2023-31853.json b/CVE-2023/CVE-2023-318xx/CVE-2023-31853.json index e2834132658..80ce2592be7 100644 --- a/CVE-2023/CVE-2023-318xx/CVE-2023-31853.json +++ b/CVE-2023/CVE-2023-318xx/CVE-2023-31853.json @@ -2,23 +2,94 @@ "id": "CVE-2023-31853", "sourceIdentifier": "cve@mitre.org", "published": "2023-07-17T15:15:09.727", - "lastModified": "2023-07-17T17:31:42.010", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-26T00:38:02.020", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Cudy LT400 1.13.4 is vulnerable Cross Site Scripting (XSS) in /cgi-bin/luci/admin/network/bandwidth via the icon parameter." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:cudy:lt400_firmware:1.13.4:*:*:*:*:*:*:*", + "matchCriteriaId": "2759B9C5-DCE0-4072-9C18-B9048593A184" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:cudy:lt400:-:*:*:*:*:*:*:*", + "matchCriteriaId": "11844C8A-99FE-4715-8F47-68BE1603D007" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/CalfCrusher/CVE-2023-31853", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://www.cudy.com", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Product" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-31xx/CVE-2023-3179.json b/CVE-2023/CVE-2023-31xx/CVE-2023-3179.json index e4ec1871104..084a20f2c5c 100644 --- a/CVE-2023/CVE-2023-31xx/CVE-2023-3179.json +++ b/CVE-2023/CVE-2023-31xx/CVE-2023-3179.json @@ -2,15 +2,38 @@ "id": "CVE-2023-3179", "sourceIdentifier": "contact@wpscan.com", "published": "2023-07-17T14:15:10.843", - "lastModified": "2023-07-17T14:22:52.003", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-26T01:28:20.900", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "The POST SMTP Mailer WordPress plugin before 2.5.7 does not have proper CSRF checks in some AJAX actions, which could allow attackers to make logged in users with the manage_postman_smtp capability resend an email to an arbitrary address (for example a password reset email could be resent to an attacker controlled email, and allow them to take over an account)." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, "weaknesses": [ { "source": "contact@wpscan.com", @@ -23,10 +46,32 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:wpexperts:post_smtp_mailer:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "2.5.7", + "matchCriteriaId": "BEDAD609-58E9-4841-A9C9-2CF8935580CA" + } + ] + } + ] + } + ], "references": [ { "url": "https://wpscan.com/vulnerability/542caa40-b199-4397-90bb-4fdb693ebb24", - "source": "contact@wpscan.com" + "source": "contact@wpscan.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-31xx/CVE-2023-3182.json b/CVE-2023/CVE-2023-31xx/CVE-2023-3182.json index d250316cb6a..56b1ee91558 100644 --- a/CVE-2023/CVE-2023-31xx/CVE-2023-3182.json +++ b/CVE-2023/CVE-2023-31xx/CVE-2023-3182.json @@ -2,15 +2,38 @@ "id": "CVE-2023-3182", "sourceIdentifier": "contact@wpscan.com", "published": "2023-07-17T14:15:10.900", - "lastModified": "2023-07-17T14:22:52.003", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-26T01:27:47.130", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "The Membership WordPress plugin before 3.2.3 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin" } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, "weaknesses": [ { "source": "contact@wpscan.com", @@ -23,10 +46,32 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:liquidweb:restrict_content:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "3.2.3", + "matchCriteriaId": "0004FC71-D9AC-4336-8A0B-15A918CDA56A" + } + ] + } + ] + } + ], "references": [ { "url": "https://wpscan.com/vulnerability/655a68ee-9447-41ca-899e-986a419fb7ed", - "source": "contact@wpscan.com" + "source": "contact@wpscan.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-33xx/CVE-2023-3376.json b/CVE-2023/CVE-2023-33xx/CVE-2023-3376.json index f044d5f2ce4..ea3aa80b04f 100644 --- a/CVE-2023/CVE-2023-33xx/CVE-2023-3376.json +++ b/CVE-2023/CVE-2023-33xx/CVE-2023-3376.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3376", "sourceIdentifier": "cve@usom.gov.tr", "published": "2023-07-17T14:15:11.083", - "lastModified": "2023-07-17T14:22:52.003", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-26T01:11:04.367", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,10 +46,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:dijital:zekiweb:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.0", + "matchCriteriaId": "B7F5DC71-4D38-4051-9181-EEE7E3997EC7" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.usom.gov.tr/bildirim/tr-23-0408", - "source": "cve@usom.gov.tr" + "source": "cve@usom.gov.tr", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-340xx/CVE-2023-34005.json b/CVE-2023/CVE-2023-340xx/CVE-2023-34005.json index 97540e8a60d..203b3c39903 100644 --- a/CVE-2023/CVE-2023-340xx/CVE-2023-34005.json +++ b/CVE-2023/CVE-2023-340xx/CVE-2023-34005.json @@ -2,8 +2,8 @@ "id": "CVE-2023-34005", "sourceIdentifier": "audit@patchstack.com", "published": "2023-07-17T15:15:09.770", - "lastModified": "2023-07-17T17:31:42.010", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-26T00:37:17.753", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +66,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:etoilewebdesign:front_end_users:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "3.2.24", + "matchCriteriaId": "5C8A4125-AD98-44E4-87DB-9A29426C454C" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/front-end-only-users/wordpress-front-end-users-plugin-3-2-24-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-346xx/CVE-2023-34669.json b/CVE-2023/CVE-2023-346xx/CVE-2023-34669.json index 4a4f98dda1e..057a4dc6d1a 100644 --- a/CVE-2023/CVE-2023-346xx/CVE-2023-34669.json +++ b/CVE-2023/CVE-2023-346xx/CVE-2023-34669.json @@ -2,19 +2,87 @@ "id": "CVE-2023-34669", "sourceIdentifier": "cve@mitre.org", "published": "2023-07-17T17:15:09.993", - "lastModified": "2023-07-17T17:31:42.010", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-26T00:33:37.767", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "TOTOLINK CP300+ V5.2cu.7594 contains a Denial of Service vulnerability in function RebootSystem of the file lib/cste_modules/system which can reboot the system." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:totolink:cp300\\+_firmware:5.2cu.7594:*:*:*:*:*:*:*", + "matchCriteriaId": "BAA08C79-663B-4C09-976E-60D5ED73D341" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:totolink:cp300\\+:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B07884CE-EB34-46ED-9361-F0228D3EB758" + } + ] + } + ] + } + ], "references": [ { "url": "https://w3b5h3ll.notion.site/w3b5h3ll/TOTOLINK-CP300-c96d775881f0476b9ef465dba9c6d9b8", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-34xx/CVE-2023-3418.json b/CVE-2023/CVE-2023-34xx/CVE-2023-3418.json index 64ccfc0a51a..8820f912534 100644 --- a/CVE-2023/CVE-2023-34xx/CVE-2023-3418.json +++ b/CVE-2023/CVE-2023-34xx/CVE-2023-3418.json @@ -2,15 +2,38 @@ "id": "CVE-2023-3418", "sourceIdentifier": "contact@wpscan.com", "published": "2023-07-17T14:15:11.153", - "lastModified": "2023-07-17T14:22:52.003", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-26T00:52:04.647", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "The Querlo Chatbot WordPress plugin through 1.2.4 does not escape or sanitize chat messages, leading to a stored Cross-Site Scripting vulnerability." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, "weaknesses": [ { "source": "contact@wpscan.com", @@ -23,10 +46,32 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:querlo:chatbot:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "1.2.4", + "matchCriteriaId": "16D0E557-3504-43F4-8DE0-CF4A6ECC171C" + } + ] + } + ] + } + ], "references": [ { "url": "https://wpscan.com/vulnerability/407edb21-8fcb-484a-babb-fce96a6aede7", - "source": "contact@wpscan.com" + "source": "contact@wpscan.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-350xx/CVE-2023-35038.json b/CVE-2023/CVE-2023-350xx/CVE-2023-35038.json index 41855f2e839..d263001dad0 100644 --- a/CVE-2023/CVE-2023-350xx/CVE-2023-35038.json +++ b/CVE-2023/CVE-2023-350xx/CVE-2023-35038.json @@ -2,8 +2,8 @@ "id": "CVE-2023-35038", "sourceIdentifier": "audit@patchstack.com", "published": "2023-07-17T14:15:10.500", - "lastModified": "2023-07-17T14:22:52.003", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-26T01:11:36.390", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +66,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:wpexperts:wp_pdf_generator:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "1.2.3", + "matchCriteriaId": "742776C6-1506-4C53-A969-F00FB94850D4" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/wp-pdf-generator/wordpress-wp-pdf-generator-plugin-1-2-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-350xx/CVE-2023-35089.json b/CVE-2023/CVE-2023-350xx/CVE-2023-35089.json index 0508d560a74..5bf3cb96612 100644 --- a/CVE-2023/CVE-2023-350xx/CVE-2023-35089.json +++ b/CVE-2023/CVE-2023-350xx/CVE-2023-35089.json @@ -2,8 +2,8 @@ "id": "CVE-2023-35089", "sourceIdentifier": "audit@patchstack.com", "published": "2023-07-17T14:15:10.570", - "lastModified": "2023-07-17T14:22:52.003", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-26T00:53:17.233", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -36,7 +56,7 @@ }, "weaknesses": [ { - "source": "audit@patchstack.com", + "source": "nvd@nist.gov", "type": "Primary", "description": [ { @@ -44,12 +64,43 @@ "value": "CWE-352" } ] + }, + { + "source": "audit@patchstack.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:really-simple-plugins:recipe_maker_for_your_food_blog_from_zip_recipes:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "8.0.8", + "matchCriteriaId": "CE1904F5-CD3F-43D1-8E47-6CF9025F8712" + } + ] + } + ] } ], "references": [ { "url": "https://patchstack.com/database/vulnerability/zip-recipes/wordpress-recipe-maker-for-your-food-blog-from-zip-recipes-plugin-8-0-7-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-350xx/CVE-2023-35096.json b/CVE-2023/CVE-2023-350xx/CVE-2023-35096.json index a4ebddccd4d..bb88f75ae8c 100644 --- a/CVE-2023/CVE-2023-350xx/CVE-2023-35096.json +++ b/CVE-2023/CVE-2023-350xx/CVE-2023-35096.json @@ -2,8 +2,8 @@ "id": "CVE-2023-35096", "sourceIdentifier": "audit@patchstack.com", "published": "2023-07-17T14:15:10.640", - "lastModified": "2023-07-17T14:22:52.003", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-26T00:52:51.873", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +66,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:mycred:mycred:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "2.5.1", + "matchCriteriaId": "97C2EE2A-11E6-471F-8674-0E7DCEA66BBD" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/mycred/wordpress-mycred-plugin-2-5-cross-site-request-forgery-csrf?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-358xx/CVE-2023-35880.json b/CVE-2023/CVE-2023-358xx/CVE-2023-35880.json index 35b6af98476..fda017ecc35 100644 --- a/CVE-2023/CVE-2023-358xx/CVE-2023-35880.json +++ b/CVE-2023/CVE-2023-358xx/CVE-2023-35880.json @@ -2,8 +2,8 @@ "id": "CVE-2023-35880", "sourceIdentifier": "audit@patchstack.com", "published": "2023-07-17T14:15:10.707", - "lastModified": "2023-07-17T14:22:52.003", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-26T00:52:36.047", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +66,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:woocommerce:brands:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "1.6.50", + "matchCriteriaId": "5945817C-EA3C-41D4-9CBF-3C090A3B82FD" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/woocommerce-brands/wordpress-woocommerce-brands-plugin-1-6-49-cross-site-request-forgery-csrf-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-36xx/CVE-2023-3691.json b/CVE-2023/CVE-2023-36xx/CVE-2023-3691.json index 8877441e7c0..049a6f78098 100644 --- a/CVE-2023/CVE-2023-36xx/CVE-2023-3691.json +++ b/CVE-2023/CVE-2023-36xx/CVE-2023-3691.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3691", "sourceIdentifier": "cna@vuldb.com", "published": "2023-07-16T17:15:09.387", - "lastModified": "2023-07-17T13:02:37.237", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-26T01:25:57.313", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -15,6 +15,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ], "cvssMetricV30": [ { "source": "cna@vuldb.com", @@ -75,22 +97,149 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:layui:layui:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.8.0", + "matchCriteriaId": "0B3256B4-B32D-4237-BDD9-DF8D90A93AEA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:layui:layui:2.8.0:beta1:*:*:*:*:*:*", + "matchCriteriaId": "400D3377-F7A4-4136-B0CC-2796FD688FA6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:layui:layui:2.8.0:beta2:*:*:*:*:*:*", + "matchCriteriaId": "F1268077-DCB9-4F3D-9D0F-6C5AF8E782BE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:layui:layui:2.8.0:beta3:*:*:*:*:*:*", + "matchCriteriaId": "CAD0CAC3-C2E8-48AB-B5A1-D0A3C2B9CDF8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:layui:layui:2.8.0:rc1:*:*:*:*:*:*", + "matchCriteriaId": "72A61981-2E97-4578-AEEF-921AFE14B346" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:layui:layui:2.8.0:rc10:*:*:*:*:*:*", + "matchCriteriaId": "AC973BDB-6524-4FBF-8432-4E4B408DFE99" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:layui:layui:2.8.0:rc11:*:*:*:*:*:*", + "matchCriteriaId": "35E86BDC-C874-4F39-B144-8E7AD4D7F817" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:layui:layui:2.8.0:rc12:*:*:*:*:*:*", + "matchCriteriaId": "5E5916DB-FAF7-4724-A7B3-4AE2FE1DCC87" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:layui:layui:2.8.0:rc13:*:*:*:*:*:*", + "matchCriteriaId": "9E738227-E1D8-43C8-8865-872A48F48E14" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:layui:layui:2.8.0:rc14:*:*:*:*:*:*", + "matchCriteriaId": "F06FE1CE-39B7-44F2-A81C-7A7B2FFA2BC4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:layui:layui:2.8.0:rc15:*:*:*:*:*:*", + "matchCriteriaId": "A7984341-C4C4-4D37-8329-3A68FB380DF9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:layui:layui:2.8.0:rc16:*:*:*:*:*:*", + "matchCriteriaId": "E9CF7538-117A-4739-9FF9-752A1B6155AA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:layui:layui:2.8.0:rc2:*:*:*:*:*:*", + "matchCriteriaId": "359734D1-CA04-4F18-93AC-8B2B9DA97D36" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:layui:layui:2.8.0:rc3:*:*:*:*:*:*", + "matchCriteriaId": "C2B5A5B3-14F4-42DE-AA54-39A2EEE1E73B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:layui:layui:2.8.0:rc4:*:*:*:*:*:*", + "matchCriteriaId": "8EE63500-485B-4338-BDB3-FC0C01ABC80E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:layui:layui:2.8.0:rc5:*:*:*:*:*:*", + "matchCriteriaId": "E939550B-FF22-4809-A8F5-147A23002269" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:layui:layui:2.8.0:rc6:*:*:*:*:*:*", + "matchCriteriaId": "59F5C3EC-93B3-468B-BCDA-CE539D4E0200" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:layui:layui:2.8.0:rc7:*:*:*:*:*:*", + "matchCriteriaId": "702165A3-073F-4DBC-A996-4888BDBD676D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:layui:layui:2.8.0:rc8:*:*:*:*:*:*", + "matchCriteriaId": "13E7D692-D7BD-4E4F-81A4-1E2B04B4C3C4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:layui:layui:2.8.0:rc9:*:*:*:*:*:*", + "matchCriteriaId": "D04EB7C7-CD39-48E0-9872-84CDF89A89B6" + } + ] + } + ] + } + ], "references": [ { "url": "https://gitee.com/layui/layui/issues/I7HDXZ", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Issue Tracking", + "Third Party Advisory" + ] }, { "url": "https://gitee.com/layui/layui/tree/v2.8.0", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Product" + ] }, { "url": "https://vuldb.com/?ctiid.234237", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?id.234237", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-373xx/CVE-2023-37386.json b/CVE-2023/CVE-2023-373xx/CVE-2023-37386.json index 4214896c845..a26808fcdb3 100644 --- a/CVE-2023/CVE-2023-373xx/CVE-2023-37386.json +++ b/CVE-2023/CVE-2023-373xx/CVE-2023-37386.json @@ -2,8 +2,8 @@ "id": "CVE-2023-37386", "sourceIdentifier": "audit@patchstack.com", "published": "2023-07-18T13:15:12.013", - "lastModified": "2023-07-18T14:11:49.930", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-26T01:10:16.190", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +66,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:codexin:media_library_helper:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "1.2.0", + "matchCriteriaId": "8BB0CD68-3958-4FB8-8CF2-9B6B99B99C23" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/media-library-helper/wordpress-media-library-helper-by-codexin-plugin-1-2-0-cross-site-request-forgery-csrf?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-373xx/CVE-2023-37387.json b/CVE-2023/CVE-2023-373xx/CVE-2023-37387.json index 05727ab9622..abfc11f6a05 100644 --- a/CVE-2023/CVE-2023-373xx/CVE-2023-37387.json +++ b/CVE-2023/CVE-2023-373xx/CVE-2023-37387.json @@ -2,8 +2,8 @@ "id": "CVE-2023-37387", "sourceIdentifier": "audit@patchstack.com", "published": "2023-07-18T13:15:12.103", - "lastModified": "2023-07-18T14:11:49.930", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-26T01:09:59.490", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +66,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:radiustheme:classified_listing_pro_-_classified_ads_\\&_business_directory:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "2.4.5", + "matchCriteriaId": "CD0F849B-6122-49F0-BC99-A7F688EDE1B9" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/classified-listing/wordpress-classified-listing-plugin-2-4-5-cross-site-request-forgery-csrf-leading-to-thumbnail-removal-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-383xx/CVE-2023-38378.json b/CVE-2023/CVE-2023-383xx/CVE-2023-38378.json index 5a388ed5739..a9716eba8a3 100644 --- a/CVE-2023/CVE-2023-383xx/CVE-2023-38378.json +++ b/CVE-2023/CVE-2023-383xx/CVE-2023-38378.json @@ -2,23 +2,95 @@ "id": "CVE-2023-38378", "sourceIdentifier": "cve@mitre.org", "published": "2023-07-16T17:15:09.277", - "lastModified": "2023-07-17T13:02:42.053", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-07-26T01:11:51.500", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "The web interface on the RIGOL MSO5000 digital oscilloscope with firmware 00.01.03.00.03 allows remote attackers to execute arbitrary code via shell metacharacters in pass1 to the webcontrol changepwd.cgi application." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-78" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:rigol:mso5000_firmware:00.01.03.00.03:*:*:*:*:*:*:*", + "matchCriteriaId": "920405F8-02DD-4F7C-B54F-CF5FBB0CE92A" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:rigol:mso5000:-:*:*:*:*:*:*:*", + "matchCriteriaId": "AAEEF5D1-DEE7-45BB-B048-725BDD8E6B51" + } + ] + } + ] + } + ], "references": [ { "url": "https://news.ycombinator.com/item?id=36745664", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Issue Tracking", + "Third Party Advisory" + ] }, { "url": "https://tortel.li/post/insecure-scope/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/README.md b/README.md index 017167bfe91..7973575027d 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-07-25T23:55:25.534260+00:00 +2023-07-26T02:00:26.865078+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-07-25T23:15:10.183000+00:00 +2023-07-26T01:28:20.900000+00:00 ``` ### Last Data Feed Release @@ -23,7 +23,7 @@ Repository synchronizes with the NVD every 2 hours. Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/releases/latest) ```plain -2023-07-25T00:00:13.559776+00:00 +2023-07-26T00:00:13.564517+00:00 ``` ### Total Number of included CVEs @@ -34,21 +34,39 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### CVEs added in the last Commit -Recently added CVEs: `6` +Recently added CVEs: `0` -* [CVE-2022-31457](CVE-2022/CVE-2022-314xx/CVE-2022-31457.json) (`2023-07-25T22:15:10.410`) -* [CVE-2023-38496](CVE-2023/CVE-2023-384xx/CVE-2023-38496.json) (`2023-07-25T22:15:10.503`) -* [CVE-2023-38501](CVE-2023/CVE-2023-385xx/CVE-2023-38501.json) (`2023-07-25T22:15:10.600`) -* [CVE-2023-38502](CVE-2023/CVE-2023-385xx/CVE-2023-38502.json) (`2023-07-25T22:15:10.693`) -* [CVE-2023-3945](CVE-2023/CVE-2023-39xx/CVE-2023-3945.json) (`2023-07-25T22:15:10.780`) -* [CVE-2023-38503](CVE-2023/CVE-2023-385xx/CVE-2023-38503.json) (`2023-07-25T23:15:10.183`) ### CVEs modified in the last Commit -Recently modified CVEs: `1` +Recently modified CVEs: `36` -* [CVE-2022-41906](CVE-2022/CVE-2022-419xx/CVE-2022-41906.json) (`2023-07-25T23:15:10.037`) +* [CVE-2023-31851](CVE-2023/CVE-2023-318xx/CVE-2023-31851.json) (`2023-07-26T00:38:11.730`) +* [CVE-2023-2958](CVE-2023/CVE-2023-29xx/CVE-2023-2958.json) (`2023-07-26T00:39:09.300`) +* [CVE-2023-3418](CVE-2023/CVE-2023-34xx/CVE-2023-3418.json) (`2023-07-26T00:52:04.647`) +* [CVE-2023-35880](CVE-2023/CVE-2023-358xx/CVE-2023-35880.json) (`2023-07-26T00:52:36.047`) +* [CVE-2023-35096](CVE-2023/CVE-2023-350xx/CVE-2023-35096.json) (`2023-07-26T00:52:51.873`) +* [CVE-2023-35089](CVE-2023/CVE-2023-350xx/CVE-2023-35089.json) (`2023-07-26T00:53:17.233`) +* [CVE-2023-37387](CVE-2023/CVE-2023-373xx/CVE-2023-37387.json) (`2023-07-26T01:09:59.490`) +* [CVE-2023-37386](CVE-2023/CVE-2023-373xx/CVE-2023-37386.json) (`2023-07-26T01:10:16.190`) +* [CVE-2023-3376](CVE-2023/CVE-2023-33xx/CVE-2023-3376.json) (`2023-07-26T01:11:04.367`) +* [CVE-2023-3041](CVE-2023/CVE-2023-30xx/CVE-2023-3041.json) (`2023-07-26T01:11:27.043`) +* [CVE-2023-35038](CVE-2023/CVE-2023-350xx/CVE-2023-35038.json) (`2023-07-26T01:11:36.390`) +* [CVE-2023-23646](CVE-2023/CVE-2023-236xx/CVE-2023-23646.json) (`2023-07-26T01:11:44.107`) +* [CVE-2023-38378](CVE-2023/CVE-2023-383xx/CVE-2023-38378.json) (`2023-07-26T01:11:51.500`) +* [CVE-2023-2507](CVE-2023/CVE-2023-25xx/CVE-2023-2507.json) (`2023-07-26T01:15:28.117`) +* [CVE-2023-2268](CVE-2023/CVE-2023-22xx/CVE-2023-2268.json) (`2023-07-26T01:15:37.700`) +* [CVE-2023-27424](CVE-2023/CVE-2023-274xx/CVE-2023-27424.json) (`2023-07-26T01:18:42.467`) +* [CVE-2023-27606](CVE-2023/CVE-2023-276xx/CVE-2023-27606.json) (`2023-07-26T01:18:52.087`) +* [CVE-2023-23719](CVE-2023/CVE-2023-237xx/CVE-2023-23719.json) (`2023-07-26T01:19:00.190`) +* [CVE-2023-22672](CVE-2023/CVE-2023-226xx/CVE-2023-22672.json) (`2023-07-26T01:22:09.480`) +* [CVE-2023-31852](CVE-2023/CVE-2023-318xx/CVE-2023-31852.json) (`2023-07-26T01:22:23.670`) +* [CVE-2023-0439](CVE-2023/CVE-2023-04xx/CVE-2023-0439.json) (`2023-07-26T01:22:41.733`) +* [CVE-2023-2912](CVE-2023/CVE-2023-29xx/CVE-2023-2912.json) (`2023-07-26T01:24:28.907`) +* [CVE-2023-3691](CVE-2023/CVE-2023-36xx/CVE-2023-3691.json) (`2023-07-26T01:25:57.313`) +* [CVE-2023-3182](CVE-2023/CVE-2023-31xx/CVE-2023-3182.json) (`2023-07-26T01:27:47.130`) +* [CVE-2023-3179](CVE-2023/CVE-2023-31xx/CVE-2023-3179.json) (`2023-07-26T01:28:20.900`) ## Download and Usage