Auto-Update: 2023-09-05T08:00:25.999709+00:00

This commit is contained in:
cad-safe-bot 2023-09-05 08:00:29 +00:00
parent 6253fe4795
commit 76bd8b4b0c
106 changed files with 1848 additions and 145 deletions

View File

@ -0,0 +1,43 @@
{
"id": "CVE-2022-33220",
"sourceIdentifier": "product-security@qualcomm.com",
"published": "2023-09-05T07:15:11.847",
"lastModified": "2023-09-05T07:15:11.847",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Information disclosure in Automotive multimedia due to buffer over-read."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "product-security@qualcomm.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:L",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 5.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 4.2
}
]
},
"references": [
{
"url": "https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin",
"source": "product-security@qualcomm.com"
}
]
}

View File

@ -0,0 +1,43 @@
{
"id": "CVE-2022-33275",
"sourceIdentifier": "product-security@qualcomm.com",
"published": "2023-09-05T07:15:11.983",
"lastModified": "2023-09-05T07:15:11.983",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Memory corruption due to improper validation of array index in WLAN HAL when received lm_itemNum is out of range."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "product-security@qualcomm.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.5,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin",
"source": "product-security@qualcomm.com"
}
]
}

View File

@ -0,0 +1,43 @@
{
"id": "CVE-2022-40524",
"sourceIdentifier": "product-security@qualcomm.com",
"published": "2023-09-05T07:15:12.073",
"lastModified": "2023-09-05T07:15:12.073",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Memory corruption due to buffer over-read in Modem while processing SetNativeHandle RTP service."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "product-security@qualcomm.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin",
"source": "product-security@qualcomm.com"
}
]
}

View File

@ -0,0 +1,43 @@
{
"id": "CVE-2022-40534",
"sourceIdentifier": "product-security@qualcomm.com",
"published": "2023-09-05T07:15:12.157",
"lastModified": "2023-09-05T07:15:12.157",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Memory corruption due to improper validation of array index in Audio."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "product-security@qualcomm.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.5,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin",
"source": "product-security@qualcomm.com"
}
]
}

View File

@ -2,8 +2,8 @@
"id": "CVE-2022-43903", "id": "CVE-2022-43903",
"sourceIdentifier": "psirt@us.ibm.com", "sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-09-05T00:15:07.347", "published": "2023-09-05T00:15:07.347",
"lastModified": "2023-09-05T00:15:07.347", "lastModified": "2023-09-05T06:50:39.603",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-21636",
"sourceIdentifier": "product-security@qualcomm.com",
"published": "2023-09-05T07:15:12.247",
"lastModified": "2023-09-05T07:15:12.247",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Memory Corruption due to improper validation of array index in Linux while updating adn record."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "product-security@qualcomm.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin",
"source": "product-security@qualcomm.com"
}
]
}

View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-21644",
"sourceIdentifier": "product-security@qualcomm.com",
"published": "2023-09-05T07:15:12.327",
"lastModified": "2023-09-05T07:15:12.327",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Memory corruption in RIL due to Integer Overflow while triggering qcril_uim_request_apdu request."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "product-security@qualcomm.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin",
"source": "product-security@qualcomm.com"
}
]
}

View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-21646",
"sourceIdentifier": "product-security@qualcomm.com",
"published": "2023-09-05T07:15:12.410",
"lastModified": "2023-09-05T07:15:12.410",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Transient DOS in Modem while processing invalid System Information Block 1."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "product-security@qualcomm.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin",
"source": "product-security@qualcomm.com"
}
]
}

View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-21653",
"sourceIdentifier": "product-security@qualcomm.com",
"published": "2023-09-05T07:15:12.490",
"lastModified": "2023-09-05T07:15:12.490",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Transient DOS in Modem while processing RRC reconfiguration message."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "product-security@qualcomm.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin",
"source": "product-security@qualcomm.com"
}
]
}

View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-21654",
"sourceIdentifier": "product-security@qualcomm.com",
"published": "2023-09-05T07:15:12.570",
"lastModified": "2023-09-05T07:15:12.570",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Memory corruption in Audio during playback session with audio effects enabled."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "product-security@qualcomm.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin",
"source": "product-security@qualcomm.com"
}
]
}

View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-21655",
"sourceIdentifier": "product-security@qualcomm.com",
"published": "2023-09-05T07:15:12.697",
"lastModified": "2023-09-05T07:15:12.697",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Memory corruption in Audio while validating and mapping metadata."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "product-security@qualcomm.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin",
"source": "product-security@qualcomm.com"
}
]
}

View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-21662",
"sourceIdentifier": "product-security@qualcomm.com",
"published": "2023-09-05T07:15:12.780",
"lastModified": "2023-09-05T07:15:12.780",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Memory corruption in Core Platform while printing the response buffer in log."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "product-security@qualcomm.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin",
"source": "product-security@qualcomm.com"
}
]
}

View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-21663",
"sourceIdentifier": "product-security@qualcomm.com",
"published": "2023-09-05T07:15:12.863",
"lastModified": "2023-09-05T07:15:12.863",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Memory Corruption while accessing metadata in Display."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "product-security@qualcomm.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin",
"source": "product-security@qualcomm.com"
}
]
}

View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-21664",
"sourceIdentifier": "product-security@qualcomm.com",
"published": "2023-09-05T07:15:12.940",
"lastModified": "2023-09-05T07:15:12.940",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Memory Corruption in Core Platform while printing the response buffer in log."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "product-security@qualcomm.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin",
"source": "product-security@qualcomm.com"
}
]
}

View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-21667",
"sourceIdentifier": "product-security@qualcomm.com",
"published": "2023-09-05T07:15:13.020",
"lastModified": "2023-09-05T07:15:13.020",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Transient DOS in Bluetooth HOST while passing descriptor to validate the blacklisted BT keyboard."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "product-security@qualcomm.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin",
"source": "product-security@qualcomm.com"
}
]
}

View File

@ -2,8 +2,8 @@
"id": "CVE-2023-22870", "id": "CVE-2023-22870",
"sourceIdentifier": "psirt@us.ibm.com", "sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-09-05T01:15:07.360", "published": "2023-09-05T01:15:07.360",
"lastModified": "2023-09-05T01:15:07.360", "lastModified": "2023-09-05T06:50:39.603",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

View File

@ -2,8 +2,8 @@
"id": "CVE-2023-25465", "id": "CVE-2023-25465",
"sourceIdentifier": "audit@patchstack.com", "sourceIdentifier": "audit@patchstack.com",
"published": "2023-09-04T10:15:07.940", "published": "2023-09-04T10:15:07.940",
"lastModified": "2023-09-04T10:15:07.940", "lastModified": "2023-09-05T06:50:39.603",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28072", "id": "CVE-2023-28072",
"sourceIdentifier": "security_alert@emc.com", "sourceIdentifier": "security_alert@emc.com",
"published": "2023-09-04T16:15:07.767", "published": "2023-09-04T16:15:07.767",
"lastModified": "2023-09-04T16:15:07.767", "lastModified": "2023-09-05T06:50:39.603",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-28538",
"sourceIdentifier": "product-security@qualcomm.com",
"published": "2023-09-05T07:15:13.113",
"lastModified": "2023-09-05T07:15:13.113",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Memory corruption in WIN Product while invoking WinAcpi update driver in the UEFI region."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "product-security@qualcomm.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.5,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin",
"source": "product-security@qualcomm.com"
}
]
}

View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-28543",
"sourceIdentifier": "product-security@qualcomm.com",
"published": "2023-09-05T07:15:13.197",
"lastModified": "2023-09-05T07:15:13.197",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A malformed DLC can trigger Memory Corruption in SNPE library due to out of bounds read, such as by loading an untrusted model (e.g. from a remote source)."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "product-security@qualcomm.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin",
"source": "product-security@qualcomm.com"
}
]
}

View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-28544",
"sourceIdentifier": "product-security@qualcomm.com",
"published": "2023-09-05T07:15:13.280",
"lastModified": "2023-09-05T07:15:13.280",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Memory corruption in WLAN while sending transmit command from HLOS to UTF handlers."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "product-security@qualcomm.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin",
"source": "product-security@qualcomm.com"
}
]
}

View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-28548",
"sourceIdentifier": "product-security@qualcomm.com",
"published": "2023-09-05T07:15:13.360",
"lastModified": "2023-09-05T07:15:13.360",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Memory corruption in WLAN HAL while processing Tx/Rx commands from QDART."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "product-security@qualcomm.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin",
"source": "product-security@qualcomm.com"
}
]
}

View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-28549",
"sourceIdentifier": "product-security@qualcomm.com",
"published": "2023-09-05T07:15:13.437",
"lastModified": "2023-09-05T07:15:13.437",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Memory corruption in WLAN HAL while parsing Rx buffer in processing TLV payload."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "product-security@qualcomm.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin",
"source": "product-security@qualcomm.com"
}
]
}

View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-28557",
"sourceIdentifier": "product-security@qualcomm.com",
"published": "2023-09-05T07:15:13.517",
"lastModified": "2023-09-05T07:15:13.517",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Memory corruption in WLAN HAL while processing command parameters from untrusted WMI payload."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "product-security@qualcomm.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin",
"source": "product-security@qualcomm.com"
}
]
}

View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-28558",
"sourceIdentifier": "product-security@qualcomm.com",
"published": "2023-09-05T07:15:13.603",
"lastModified": "2023-09-05T07:15:13.603",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Memory corruption in WLAN handler while processing PhyID in Tx status handler."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "product-security@qualcomm.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin",
"source": "product-security@qualcomm.com"
}
]
}

View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-28559",
"sourceIdentifier": "product-security@qualcomm.com",
"published": "2023-09-05T07:15:13.687",
"lastModified": "2023-09-05T07:15:13.687",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Memory corruption in WLAN FW while processing command parameters from untrusted WMI payload."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "product-security@qualcomm.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin",
"source": "product-security@qualcomm.com"
}
]
}

View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-28560",
"sourceIdentifier": "product-security@qualcomm.com",
"published": "2023-09-05T07:15:13.763",
"lastModified": "2023-09-05T07:15:13.763",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Memory corruption in WLAN HAL while processing devIndex from untrusted WMI payload."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "product-security@qualcomm.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin",
"source": "product-security@qualcomm.com"
}
]
}

View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-28562",
"sourceIdentifier": "product-security@qualcomm.com",
"published": "2023-09-05T07:15:13.843",
"lastModified": "2023-09-05T07:15:13.843",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Memory corruption while handling payloads from remote ESL."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "product-security@qualcomm.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin",
"source": "product-security@qualcomm.com"
}
]
}

View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-28564",
"sourceIdentifier": "product-security@qualcomm.com",
"published": "2023-09-05T07:15:13.923",
"lastModified": "2023-09-05T07:15:13.923",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Memory corruption in WLAN HAL while passing command parameters through WMI interfaces."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "product-security@qualcomm.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin",
"source": "product-security@qualcomm.com"
}
]
}

View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-28565",
"sourceIdentifier": "product-security@qualcomm.com",
"published": "2023-09-05T07:15:14.000",
"lastModified": "2023-09-05T07:15:14.000",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Memory corruption in WLAN HAL while handling command streams through WMI interfaces."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "product-security@qualcomm.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin",
"source": "product-security@qualcomm.com"
}
]
}

View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-28567",
"sourceIdentifier": "product-security@qualcomm.com",
"published": "2023-09-05T07:15:14.083",
"lastModified": "2023-09-05T07:15:14.083",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Memory corruption in WLAN HAL while handling command through WMI interfaces."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "product-security@qualcomm.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin",
"source": "product-security@qualcomm.com"
}
]
}

View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-28573",
"sourceIdentifier": "product-security@qualcomm.com",
"published": "2023-09-05T07:15:14.167",
"lastModified": "2023-09-05T07:15:14.167",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Memory corruption in WLAN HAL while parsing WMI command parameters."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "product-security@qualcomm.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin",
"source": "product-security@qualcomm.com"
}
]
}

View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-28581",
"sourceIdentifier": "product-security@qualcomm.com",
"published": "2023-09-05T07:15:14.247",
"lastModified": "2023-09-05T07:15:14.247",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Memory corruption in WLAN Firmware while parsing receieved GTK Keys in GTK KDE."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "product-security@qualcomm.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin",
"source": "product-security@qualcomm.com"
}
]
}

View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-28584",
"sourceIdentifier": "product-security@qualcomm.com",
"published": "2023-09-05T07:15:14.323",
"lastModified": "2023-09-05T07:15:14.323",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Transient DOS in WLAN Host when a mobile station receives invalid channel in CSA IE while doing channel switch announcement (CSA)."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "product-security@qualcomm.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin",
"source": "product-security@qualcomm.com"
}
]
}

View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2813", "id": "CVE-2023-2813",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-09-04T12:15:08.997", "published": "2023-09-04T12:15:08.997",
"lastModified": "2023-09-04T12:15:08.997", "lastModified": "2023-09-05T06:50:39.603",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

View File

@ -2,8 +2,8 @@
"id": "CVE-2023-29261", "id": "CVE-2023-29261",
"sourceIdentifier": "psirt@us.ibm.com", "sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-09-05T01:15:07.783", "published": "2023-09-05T01:15:07.783",
"lastModified": "2023-09-05T01:15:07.783", "lastModified": "2023-09-05T06:50:39.603",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30485", "id": "CVE-2023-30485",
"sourceIdentifier": "audit@patchstack.com", "sourceIdentifier": "audit@patchstack.com",
"published": "2023-09-04T12:15:09.140", "published": "2023-09-04T12:15:09.140",
"lastModified": "2023-09-04T12:15:09.140", "lastModified": "2023-09-05T06:50:39.603",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30494", "id": "CVE-2023-30494",
"sourceIdentifier": "audit@patchstack.com", "sourceIdentifier": "audit@patchstack.com",
"published": "2023-09-04T11:15:39.627", "published": "2023-09-04T11:15:39.627",
"lastModified": "2023-09-04T11:15:39.627", "lastModified": "2023-09-05T06:50:39.603",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

View File

@ -2,8 +2,8 @@
"id": "CVE-2023-31220", "id": "CVE-2023-31220",
"sourceIdentifier": "audit@patchstack.com", "sourceIdentifier": "audit@patchstack.com",
"published": "2023-09-04T11:15:40.123", "published": "2023-09-04T11:15:40.123",
"lastModified": "2023-09-04T11:15:40.123", "lastModified": "2023-09-05T06:50:39.603",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32102", "id": "CVE-2023-32102",
"sourceIdentifier": "audit@patchstack.com", "sourceIdentifier": "audit@patchstack.com",
"published": "2023-09-04T12:15:09.220", "published": "2023-09-04T12:15:09.220",
"lastModified": "2023-09-04T12:15:09.220", "lastModified": "2023-09-05T06:50:39.603",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32296", "id": "CVE-2023-32296",
"sourceIdentifier": "audit@patchstack.com", "sourceIdentifier": "audit@patchstack.com",
"published": "2023-09-04T12:15:09.313", "published": "2023-09-04T12:15:09.313",
"lastModified": "2023-09-04T12:15:09.313", "lastModified": "2023-09-05T06:50:39.603",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32338", "id": "CVE-2023-32338",
"sourceIdentifier": "psirt@us.ibm.com", "sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-09-05T00:15:07.750", "published": "2023-09-05T00:15:07.750",
"lastModified": "2023-09-05T00:15:07.750", "lastModified": "2023-09-05T06:50:39.603",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32578", "id": "CVE-2023-32578",
"sourceIdentifier": "audit@patchstack.com", "sourceIdentifier": "audit@patchstack.com",
"published": "2023-09-04T12:15:09.400", "published": "2023-09-04T12:15:09.400",
"lastModified": "2023-09-04T12:15:09.400", "lastModified": "2023-09-05T06:50:39.603",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3221", "id": "CVE-2023-3221",
"sourceIdentifier": "cve-coordination@incibe.es", "sourceIdentifier": "cve-coordination@incibe.es",
"published": "2023-09-04T13:15:32.853", "published": "2023-09-04T13:15:32.853",
"lastModified": "2023-09-04T13:15:32.853", "lastModified": "2023-09-05T06:50:39.603",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3222", "id": "CVE-2023-3222",
"sourceIdentifier": "cve-coordination@incibe.es", "sourceIdentifier": "cve-coordination@incibe.es",
"published": "2023-09-04T13:15:33.987", "published": "2023-09-04T13:15:33.987",
"lastModified": "2023-09-04T13:15:33.987", "lastModified": "2023-09-05T06:50:39.603",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-33015",
"sourceIdentifier": "product-security@qualcomm.com",
"published": "2023-09-05T07:15:14.407",
"lastModified": "2023-09-05T07:15:14.407",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Transient DOS in WLAN Firmware while interpreting MBSSID IE of a received beacon frame."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "product-security@qualcomm.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin",
"source": "product-security@qualcomm.com"
}
]
}

View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-33016",
"sourceIdentifier": "product-security@qualcomm.com",
"published": "2023-09-05T07:15:14.487",
"lastModified": "2023-09-05T07:15:14.487",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Transient DOS in WLAN firmware while parsing MLO (multi-link operation)."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "product-security@qualcomm.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin",
"source": "product-security@qualcomm.com"
}
]
}

View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-33019",
"sourceIdentifier": "product-security@qualcomm.com",
"published": "2023-09-05T07:15:14.560",
"lastModified": "2023-09-05T07:15:14.560",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Transient DOS in WLAN Host while doing channel switch announcement (CSA), when a mobile station receives invalid channel in CSA IE."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "product-security@qualcomm.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin",
"source": "product-security@qualcomm.com"
}
]
}

View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-33020",
"sourceIdentifier": "product-security@qualcomm.com",
"published": "2023-09-05T07:15:14.640",
"lastModified": "2023-09-05T07:15:14.640",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Transient DOS in WLAN Host when an invalid channel (like channel out of range) is received in STA during CSA IE."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "product-security@qualcomm.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin",
"source": "product-security@qualcomm.com"
}
]
}

View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-33021",
"sourceIdentifier": "product-security@qualcomm.com",
"published": "2023-09-05T07:15:14.717",
"lastModified": "2023-09-05T07:15:14.717",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Memory corruption in Graphics while processing user packets for command submission."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "product-security@qualcomm.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.5,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin",
"source": "product-security@qualcomm.com"
}
]
}

View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3499", "id": "CVE-2023-3499",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-09-04T12:15:09.493", "published": "2023-09-04T12:15:09.493",
"lastModified": "2023-09-04T12:15:09.493", "lastModified": "2023-09-05T06:50:39.603",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35892", "id": "CVE-2023-35892",
"sourceIdentifier": "psirt@us.ibm.com", "sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-09-05T00:15:07.833", "published": "2023-09-05T00:15:07.833",
"lastModified": "2023-09-05T00:15:07.833", "lastModified": "2023-09-05T06:50:39.603",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35906", "id": "CVE-2023-35906",
"sourceIdentifier": "psirt@us.ibm.com", "sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-09-05T01:15:07.920", "published": "2023-09-05T01:15:07.920",
"lastModified": "2023-09-05T01:15:07.920", "lastModified": "2023-09-05T06:50:39.603",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36307", "id": "CVE-2023-36307",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-09-05T05:15:07.983", "published": "2023-09-05T05:15:07.983",
"lastModified": "2023-09-05T05:15:07.983", "lastModified": "2023-09-05T06:50:39.603",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36308", "id": "CVE-2023-36308",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-09-05T04:15:08.703", "published": "2023-09-05T04:15:08.703",
"lastModified": "2023-09-05T04:15:08.703", "lastModified": "2023-09-05T06:50:39.603",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36382", "id": "CVE-2023-36382",
"sourceIdentifier": "audit@patchstack.com", "sourceIdentifier": "audit@patchstack.com",
"published": "2023-09-04T10:15:08.730", "published": "2023-09-04T10:15:08.730",
"lastModified": "2023-09-04T10:15:08.730", "lastModified": "2023-09-05T06:50:39.603",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

View File

@ -2,8 +2,8 @@
"id": "CVE-2023-37393", "id": "CVE-2023-37393",
"sourceIdentifier": "audit@patchstack.com", "sourceIdentifier": "audit@patchstack.com",
"published": "2023-09-04T11:15:40.383", "published": "2023-09-04T11:15:40.383",
"lastModified": "2023-09-04T11:15:40.383", "lastModified": "2023-09-05T06:50:39.603",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3814", "id": "CVE-2023-3814",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-09-04T12:15:09.570", "published": "2023-09-04T12:15:09.570",
"lastModified": "2023-09-04T12:15:09.570", "lastModified": "2023-09-05T06:50:39.603",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

View File

@ -2,8 +2,8 @@
"id": "CVE-2023-39162", "id": "CVE-2023-39162",
"sourceIdentifier": "audit@patchstack.com", "sourceIdentifier": "audit@patchstack.com",
"published": "2023-09-04T10:15:08.913", "published": "2023-09-04T10:15:08.913",
"lastModified": "2023-09-04T10:15:08.913", "lastModified": "2023-09-05T06:50:39.603",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

View File

@ -2,8 +2,8 @@
"id": "CVE-2023-39164", "id": "CVE-2023-39164",
"sourceIdentifier": "audit@patchstack.com", "sourceIdentifier": "audit@patchstack.com",
"published": "2023-09-04T10:15:09.097", "published": "2023-09-04T10:15:09.097",
"lastModified": "2023-09-04T10:15:09.097", "lastModified": "2023-09-05T06:50:39.603",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

View File

@ -2,8 +2,8 @@
"id": "CVE-2023-39918", "id": "CVE-2023-39918",
"sourceIdentifier": "audit@patchstack.com", "sourceIdentifier": "audit@patchstack.com",
"published": "2023-09-04T11:15:40.483", "published": "2023-09-04T11:15:40.483",
"lastModified": "2023-09-04T11:15:40.483", "lastModified": "2023-09-05T06:50:39.603",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

View File

@ -2,8 +2,8 @@
"id": "CVE-2023-39919", "id": "CVE-2023-39919",
"sourceIdentifier": "audit@patchstack.com", "sourceIdentifier": "audit@patchstack.com",
"published": "2023-09-04T11:15:40.627", "published": "2023-09-04T11:15:40.627",
"lastModified": "2023-09-04T11:15:40.627", "lastModified": "2023-09-05T06:50:39.603",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

View File

@ -2,8 +2,8 @@
"id": "CVE-2023-39987", "id": "CVE-2023-39987",
"sourceIdentifier": "audit@patchstack.com", "sourceIdentifier": "audit@patchstack.com",
"published": "2023-09-04T11:15:40.737", "published": "2023-09-04T11:15:40.737",
"lastModified": "2023-09-04T11:15:40.737", "lastModified": "2023-09-05T06:50:39.603",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

View File

@ -2,8 +2,8 @@
"id": "CVE-2023-39988", "id": "CVE-2023-39988",
"sourceIdentifier": "audit@patchstack.com", "sourceIdentifier": "audit@patchstack.com",
"published": "2023-09-04T11:15:40.840", "published": "2023-09-04T11:15:40.840",
"lastModified": "2023-09-04T11:15:40.840", "lastModified": "2023-09-05T06:50:39.603",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

View File

@ -2,8 +2,8 @@
"id": "CVE-2023-39991", "id": "CVE-2023-39991",
"sourceIdentifier": "audit@patchstack.com", "sourceIdentifier": "audit@patchstack.com",
"published": "2023-09-04T11:15:40.933", "published": "2023-09-04T11:15:40.933",
"lastModified": "2023-09-04T11:15:40.933", "lastModified": "2023-09-05T06:50:39.603",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

View File

@ -2,8 +2,8 @@
"id": "CVE-2023-39992", "id": "CVE-2023-39992",
"sourceIdentifier": "audit@patchstack.com", "sourceIdentifier": "audit@patchstack.com",
"published": "2023-09-04T11:15:41.030", "published": "2023-09-04T11:15:41.030",
"lastModified": "2023-09-04T11:15:41.030", "lastModified": "2023-09-05T06:50:39.603",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

View File

@ -2,8 +2,8 @@
"id": "CVE-2023-40015", "id": "CVE-2023-40015",
"sourceIdentifier": "security-advisories@github.com", "sourceIdentifier": "security-advisories@github.com",
"published": "2023-09-04T18:15:07.880", "published": "2023-09-04T18:15:07.880",
"lastModified": "2023-09-04T18:15:07.880", "lastModified": "2023-09-05T06:50:39.603",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

View File

@ -2,8 +2,8 @@
"id": "CVE-2023-40196", "id": "CVE-2023-40196",
"sourceIdentifier": "audit@patchstack.com", "sourceIdentifier": "audit@patchstack.com",
"published": "2023-09-04T12:15:09.647", "published": "2023-09-04T12:15:09.647",
"lastModified": "2023-09-04T12:15:09.647", "lastModified": "2023-09-05T06:50:39.603",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

View File

@ -2,8 +2,8 @@
"id": "CVE-2023-40197", "id": "CVE-2023-40197",
"sourceIdentifier": "audit@patchstack.com", "sourceIdentifier": "audit@patchstack.com",
"published": "2023-09-04T12:15:09.737", "published": "2023-09-04T12:15:09.737",
"lastModified": "2023-09-04T12:15:09.737", "lastModified": "2023-09-05T06:50:39.603",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

View File

@ -2,8 +2,8 @@
"id": "CVE-2023-40205", "id": "CVE-2023-40205",
"sourceIdentifier": "audit@patchstack.com", "sourceIdentifier": "audit@patchstack.com",
"published": "2023-09-04T12:15:09.823", "published": "2023-09-04T12:15:09.823",
"lastModified": "2023-09-04T12:15:09.823", "lastModified": "2023-09-05T06:50:39.603",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

View File

@ -2,8 +2,8 @@
"id": "CVE-2023-40206", "id": "CVE-2023-40206",
"sourceIdentifier": "audit@patchstack.com", "sourceIdentifier": "audit@patchstack.com",
"published": "2023-09-04T11:15:41.133", "published": "2023-09-04T11:15:41.133",
"lastModified": "2023-09-04T11:15:41.133", "lastModified": "2023-09-05T06:50:39.603",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

View File

@ -2,8 +2,8 @@
"id": "CVE-2023-40208", "id": "CVE-2023-40208",
"sourceIdentifier": "audit@patchstack.com", "sourceIdentifier": "audit@patchstack.com",
"published": "2023-09-04T11:15:41.227", "published": "2023-09-04T11:15:41.227",
"lastModified": "2023-09-04T11:15:41.227", "lastModified": "2023-09-05T06:50:39.603",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

View File

@ -2,8 +2,8 @@
"id": "CVE-2023-40214", "id": "CVE-2023-40214",
"sourceIdentifier": "audit@patchstack.com", "sourceIdentifier": "audit@patchstack.com",
"published": "2023-09-04T12:15:09.917", "published": "2023-09-04T12:15:09.917",
"lastModified": "2023-09-04T12:15:09.917", "lastModified": "2023-09-05T06:50:39.603",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4019", "id": "CVE-2023-4019",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-09-04T12:15:10.037", "published": "2023-09-04T12:15:10.037",
"lastModified": "2023-09-04T12:15:10.037", "lastModified": "2023-09-05T06:50:39.603",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4059", "id": "CVE-2023-4059",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-09-04T12:15:10.110", "published": "2023-09-04T12:15:10.110",
"lastModified": "2023-09-04T12:15:10.110", "lastModified": "2023-09-05T06:50:39.603",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

View File

@ -2,8 +2,8 @@
"id": "CVE-2023-41052", "id": "CVE-2023-41052",
"sourceIdentifier": "security-advisories@github.com", "sourceIdentifier": "security-advisories@github.com",
"published": "2023-09-04T18:15:08.657", "published": "2023-09-04T18:15:08.657",
"lastModified": "2023-09-04T18:15:08.657", "lastModified": "2023-09-05T06:50:39.603",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

View File

@ -2,8 +2,8 @@
"id": "CVE-2023-41054", "id": "CVE-2023-41054",
"sourceIdentifier": "security-advisories@github.com", "sourceIdentifier": "security-advisories@github.com",
"published": "2023-09-04T18:15:08.977", "published": "2023-09-04T18:15:08.977",
"lastModified": "2023-09-04T18:15:08.977", "lastModified": "2023-09-05T06:50:39.603",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

View File

@ -2,8 +2,8 @@
"id": "CVE-2023-41055", "id": "CVE-2023-41055",
"sourceIdentifier": "security-advisories@github.com", "sourceIdentifier": "security-advisories@github.com",
"published": "2023-09-04T18:15:09.203", "published": "2023-09-04T18:15:09.203",
"lastModified": "2023-09-04T18:15:09.203", "lastModified": "2023-09-05T06:50:39.603",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

View File

@ -2,8 +2,8 @@
"id": "CVE-2023-41057", "id": "CVE-2023-41057",
"sourceIdentifier": "security-advisories@github.com", "sourceIdentifier": "security-advisories@github.com",
"published": "2023-09-04T18:15:09.397", "published": "2023-09-04T18:15:09.397",
"lastModified": "2023-09-04T18:15:09.397", "lastModified": "2023-09-05T06:50:39.603",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

View File

@ -2,8 +2,8 @@
"id": "CVE-2023-41058", "id": "CVE-2023-41058",
"sourceIdentifier": "security-advisories@github.com", "sourceIdentifier": "security-advisories@github.com",
"published": "2023-09-04T23:15:47.513", "published": "2023-09-04T23:15:47.513",
"lastModified": "2023-09-04T23:15:47.513", "lastModified": "2023-09-05T06:50:39.603",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-41908",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-05T07:15:14.810",
"lastModified": "2023-09-05T07:15:14.810",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Cerebrate before 1.15 lacks the Secure attribute for the session cookie."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/cerebrate-project/cerebrate/commit/9be81055651649658243b5aa274b175064bfc6db",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/cerebrate-project/cerebrate/compare/v1.14...v1.15",
"source": "cve@mitre.org"
}
]
}

View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-41909",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-05T07:15:14.877",
"lastModified": "2023-09-05T07:15:14.877",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in FRRouting FRR through 9.0. bgp_nlri_parse_flowspec in bgpd/bgp_flowspec.c processes malformed requests with no attributes, leading to a NULL pointer dereference."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/FRRouting/frr/pull/13222/commits/cfd04dcb3e689754a72507d086ba3b9709fc5ed8",
"source": "cve@mitre.org"
}
]
}

View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-41910",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-05T07:15:14.927",
"lastModified": "2023-09-05T07:15:14.927",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in lldpd before 1.0.17. By crafting a CDP PDU packet with specific CDP_TLV_ADDRESSES TLVs, a malicious actor can remotely force the lldpd daemon to perform an out-of-bounds read on heap memory. This occurs in cdp_decode in daemon/protocols/cdp.c."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/lldpd/lldpd/commit/a9aeabdf879c25c584852a0bb5523837632f099b",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/lldpd/lldpd/releases/tag/1.0.17",
"source": "cve@mitre.org"
}
]
}

View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4151", "id": "CVE-2023-4151",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-09-04T12:15:10.187", "published": "2023-09-04T12:15:10.187",
"lastModified": "2023-09-04T12:15:10.187", "lastModified": "2023-09-05T06:50:39.603",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4216", "id": "CVE-2023-4216",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-09-04T12:15:10.257", "published": "2023-09-04T12:15:10.257",
"lastModified": "2023-09-04T12:15:10.257", "lastModified": "2023-09-05T06:50:39.603",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4253", "id": "CVE-2023-4253",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-09-04T12:15:10.333", "published": "2023-09-04T12:15:10.333",
"lastModified": "2023-09-04T12:15:10.333", "lastModified": "2023-09-05T06:50:39.603",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4254", "id": "CVE-2023-4254",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-09-04T12:15:10.403", "published": "2023-09-04T12:15:10.403",
"lastModified": "2023-09-04T12:15:10.403", "lastModified": "2023-09-05T06:50:39.603",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4269", "id": "CVE-2023-4269",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-09-04T12:15:10.470", "published": "2023-09-04T12:15:10.470",
"lastModified": "2023-09-04T12:15:10.470", "lastModified": "2023-09-05T06:50:39.603",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4279", "id": "CVE-2023-4279",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-09-04T12:15:10.547", "published": "2023-09-04T12:15:10.547",
"lastModified": "2023-09-04T12:15:10.547", "lastModified": "2023-09-05T06:50:39.603",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4284", "id": "CVE-2023-4284",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-09-04T12:15:10.627", "published": "2023-09-04T12:15:10.627",
"lastModified": "2023-09-04T12:15:10.627", "lastModified": "2023-09-05T06:50:39.603",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4298", "id": "CVE-2023-4298",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-09-04T12:15:10.693", "published": "2023-09-04T12:15:10.693",
"lastModified": "2023-09-04T12:15:10.693", "lastModified": "2023-09-05T06:50:39.603",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4587", "id": "CVE-2023-4587",
"sourceIdentifier": "cve-coordination@incibe.es", "sourceIdentifier": "cve-coordination@incibe.es",
"published": "2023-09-04T12:15:10.760", "published": "2023-09-04T12:15:10.760",
"lastModified": "2023-09-04T12:15:10.760", "lastModified": "2023-09-05T06:50:39.603",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4613", "id": "CVE-2023-4613",
"sourceIdentifier": "product.security@lge.com", "sourceIdentifier": "product.security@lge.com",
"published": "2023-09-04T09:15:07.510", "published": "2023-09-04T09:15:07.510",
"lastModified": "2023-09-04T11:15:41.360", "lastModified": "2023-09-05T06:50:39.603",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4614", "id": "CVE-2023-4614",
"sourceIdentifier": "product.security@lge.com", "sourceIdentifier": "product.security@lge.com",
"published": "2023-09-04T11:15:41.560", "published": "2023-09-04T11:15:41.560",
"lastModified": "2023-09-04T11:15:41.560", "lastModified": "2023-09-05T06:50:39.603",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4615", "id": "CVE-2023-4615",
"sourceIdentifier": "product.security@lge.com", "sourceIdentifier": "product.security@lge.com",
"published": "2023-09-04T11:15:41.657", "published": "2023-09-04T11:15:41.657",
"lastModified": "2023-09-04T11:15:41.657", "lastModified": "2023-09-05T06:50:39.603",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4616", "id": "CVE-2023-4616",
"sourceIdentifier": "product.security@lge.com", "sourceIdentifier": "product.security@lge.com",
"published": "2023-09-04T11:15:41.747", "published": "2023-09-04T11:15:41.747",
"lastModified": "2023-09-04T11:15:41.747", "lastModified": "2023-09-05T06:50:39.603",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4636", "id": "CVE-2023-4636",
"sourceIdentifier": "security@wordfence.com", "sourceIdentifier": "security@wordfence.com",
"published": "2023-09-05T03:15:12.293", "published": "2023-09-05T03:15:12.293",
"lastModified": "2023-09-05T03:15:12.293", "lastModified": "2023-09-05T06:50:39.603",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4733", "id": "CVE-2023-4733",
"sourceIdentifier": "security@huntr.dev", "sourceIdentifier": "security@huntr.dev",
"published": "2023-09-04T14:15:07.563", "published": "2023-09-04T14:15:07.563",
"lastModified": "2023-09-04T14:15:07.563", "lastModified": "2023-09-05T06:50:39.603",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

View File

@ -0,0 +1,88 @@
{
"id": "CVE-2023-4748",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-09-05T06:15:07.760",
"lastModified": "2023-09-05T06:50:39.603",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, has been found in Yongyou UFIDA-NC up to 20230807. This issue affects some unknown processing of the file PrintTemplateFileServlet.java. The manipulation of the argument filePath leads to path traversal. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-238637 was assigned to this vulnerability."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"references": [
{
"url": "https://github.com/houseoforange/mybugs/blob/main/Yongyou-UFIDA-NC-Arbitrary-File-Read.pdf",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.238637",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.238637",
"source": "cna@vuldb.com"
}
]
}

View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4750", "id": "CVE-2023-4750",
"sourceIdentifier": "security@huntr.dev", "sourceIdentifier": "security@huntr.dev",
"published": "2023-09-04T14:15:08.263", "published": "2023-09-04T14:15:08.263",
"lastModified": "2023-09-04T14:15:08.263", "lastModified": "2023-09-05T06:50:39.603",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

Some files were not shown because too many files have changed in this diff Show More