From 78f5e2a53f5419e79afe77454b925642cedf10e1 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Fri, 18 Aug 2023 16:00:35 +0000 Subject: [PATCH] Auto-Update: 2023-08-18T16:00:32.175407+00:00 --- CVE-2019/CVE-2019-101xx/CVE-2019-10101.json | 8 +- CVE-2019/CVE-2019-101xx/CVE-2019-10102.json | 8 +- CVE-2019/CVE-2019-101xx/CVE-2019-10103.json | 8 +- CVE-2019/CVE-2019-124xx/CVE-2019-12402.json | 8 +- CVE-2020/CVE-2020-106xx/CVE-2020-10650.json | 6 +- CVE-2020/CVE-2020-351xx/CVE-2020-35139.json | 64 +- CVE-2020/CVE-2020-351xx/CVE-2020-35141.json | 64 +- CVE-2021/CVE-2021-234xx/CVE-2021-23463.json | 8 +- CVE-2021/CVE-2021-284xx/CVE-2021-28429.json | 63 +- CVE-2021/CVE-2021-293xx/CVE-2021-29378.json | 64 +- CVE-2021/CVE-2021-32xx/CVE-2021-3236.json | 65 +- CVE-2021/CVE-2021-406xx/CVE-2021-40690.json | 12 +- CVE-2022/CVE-2022-14xx/CVE-2022-1471.json | 14 +- CVE-2022/CVE-2022-232xx/CVE-2022-23221.json | 10 +- CVE-2022/CVE-2022-392xx/CVE-2022-39213.json | 6 +- CVE-2023/CVE-2023-239xx/CVE-2023-23934.json | 6 +- CVE-2023/CVE-2023-240xx/CVE-2023-24016.json | 77 ++- CVE-2023/CVE-2023-255xx/CVE-2023-25577.json | 6 +- CVE-2023/CVE-2023-275xx/CVE-2023-27558.json | 8 +- CVE-2023/CVE-2023-275xx/CVE-2023-27576.json | 20 + CVE-2023/CVE-2023-283xx/CVE-2023-28380.json | 59 +- CVE-2023/CVE-2023-283xx/CVE-2023-28385.json | 71 +- CVE-2023/CVE-2023-284xx/CVE-2023-28405.json | 59 +- CVE-2023/CVE-2023-287xx/CVE-2023-28711.json | 59 +- CVE-2023/CVE-2023-288xx/CVE-2023-28823.json | 227 ++++++- CVE-2023/CVE-2023-293xx/CVE-2023-29387.json | 55 ++ CVE-2023/CVE-2023-294xx/CVE-2023-29494.json | 691 +++++++++++++++++++- CVE-2023/CVE-2023-295xx/CVE-2023-29500.json | 340 +++++++++- CVE-2023/CVE-2023-29xx/CVE-2023-2976.json | 8 +- CVE-2023/CVE-2023-304xx/CVE-2023-30499.json | 55 ++ CVE-2023/CVE-2023-308xx/CVE-2023-30861.json | 6 +- CVE-2023/CVE-2023-310xx/CVE-2023-31094.json | 4 +- CVE-2023/CVE-2023-312xx/CVE-2023-31218.json | 59 ++ CVE-2023/CVE-2023-312xx/CVE-2023-31228.json | 4 +- CVE-2023/CVE-2023-312xx/CVE-2023-31232.json | 55 ++ CVE-2023/CVE-2023-321xx/CVE-2023-32103.json | 55 ++ CVE-2023/CVE-2023-321xx/CVE-2023-32105.json | 55 ++ CVE-2023/CVE-2023-321xx/CVE-2023-32106.json | 55 ++ CVE-2023/CVE-2023-321xx/CVE-2023-32107.json | 55 ++ CVE-2023/CVE-2023-321xx/CVE-2023-32108.json | 55 ++ CVE-2023/CVE-2023-321xx/CVE-2023-32109.json | 55 ++ CVE-2023/CVE-2023-326xx/CVE-2023-32617.json | 664 ++++++++++++++++++- CVE-2023/CVE-2023-33xx/CVE-2023-3390.json | 6 +- CVE-2023/CVE-2023-344xx/CVE-2023-34455.json | 8 +- CVE-2023/CVE-2023-34xx/CVE-2023-3452.json | 37 +- CVE-2023/CVE-2023-350xx/CVE-2023-35012.json | 8 +- CVE-2023/CVE-2023-366xx/CVE-2023-36672.json | 75 ++- CVE-2023/CVE-2023-36xx/CVE-2023-3609.json | 8 +- CVE-2023/CVE-2023-36xx/CVE-2023-3610.json | 6 +- CVE-2023/CVE-2023-384xx/CVE-2023-38403.json | 10 +- CVE-2023/CVE-2023-389xx/CVE-2023-38902.json | 4 +- CVE-2023/CVE-2023-38xx/CVE-2023-3817.json | 6 +- CVE-2023/CVE-2023-38xx/CVE-2023-3864.json | 71 +- CVE-2023/CVE-2023-39xx/CVE-2023-3937.json | 71 +- CVE-2023/CVE-2023-402xx/CVE-2023-40267.json | 70 +- CVE-2023/CVE-2023-44xx/CVE-2023-4407.json | 4 +- CVE-2023/CVE-2023-44xx/CVE-2023-4409.json | 4 +- CVE-2023/CVE-2023-44xx/CVE-2023-4410.json | 88 +++ CVE-2023/CVE-2023-44xx/CVE-2023-4411.json | 88 +++ CVE-2023/CVE-2023-44xx/CVE-2023-4412.json | 88 +++ CVE-2023/CVE-2023-44xx/CVE-2023-4413.json | 92 +++ README.md | 79 ++- 62 files changed, 3937 insertions(+), 157 deletions(-) create mode 100644 CVE-2023/CVE-2023-275xx/CVE-2023-27576.json create mode 100644 CVE-2023/CVE-2023-293xx/CVE-2023-29387.json create mode 100644 CVE-2023/CVE-2023-304xx/CVE-2023-30499.json create mode 100644 CVE-2023/CVE-2023-312xx/CVE-2023-31218.json create mode 100644 CVE-2023/CVE-2023-312xx/CVE-2023-31232.json create mode 100644 CVE-2023/CVE-2023-321xx/CVE-2023-32103.json create mode 100644 CVE-2023/CVE-2023-321xx/CVE-2023-32105.json create mode 100644 CVE-2023/CVE-2023-321xx/CVE-2023-32106.json create mode 100644 CVE-2023/CVE-2023-321xx/CVE-2023-32107.json create mode 100644 CVE-2023/CVE-2023-321xx/CVE-2023-32108.json create mode 100644 CVE-2023/CVE-2023-321xx/CVE-2023-32109.json create mode 100644 CVE-2023/CVE-2023-44xx/CVE-2023-4410.json create mode 100644 CVE-2023/CVE-2023-44xx/CVE-2023-4411.json create mode 100644 CVE-2023/CVE-2023-44xx/CVE-2023-4412.json create mode 100644 CVE-2023/CVE-2023-44xx/CVE-2023-4413.json diff --git a/CVE-2019/CVE-2019-101xx/CVE-2019-10101.json b/CVE-2019/CVE-2019-101xx/CVE-2019-10101.json index 75237fe44c4..470a87d9a82 100644 --- a/CVE-2019/CVE-2019-101xx/CVE-2019-10101.json +++ b/CVE-2019/CVE-2019-101xx/CVE-2019-10101.json @@ -2,8 +2,8 @@ "id": "CVE-2019-10101", "sourceIdentifier": "cve@mitre.org", "published": "2019-07-03T20:15:11.120", - "lastModified": "2022-04-18T17:18:08.680", - "vulnStatus": "Analyzed", + "lastModified": "2023-08-18T14:15:17.397", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -108,6 +108,10 @@ "Exploit", "Third Party Advisory" ] + }, + { + "url": "https://security.netapp.com/advisory/ntap-20230818-0012/", + "source": "cve@mitre.org" } ] } \ No newline at end of file diff --git a/CVE-2019/CVE-2019-101xx/CVE-2019-10102.json b/CVE-2019/CVE-2019-101xx/CVE-2019-10102.json index 98b72eb0a34..55952f0006e 100644 --- a/CVE-2019/CVE-2019-101xx/CVE-2019-10102.json +++ b/CVE-2019/CVE-2019-101xx/CVE-2019-10102.json @@ -2,8 +2,8 @@ "id": "CVE-2019-10102", "sourceIdentifier": "cve@mitre.org", "published": "2019-07-03T20:15:11.167", - "lastModified": "2020-08-24T17:37:01.140", - "vulnStatus": "Analyzed", + "lastModified": "2023-08-18T14:15:17.790", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -106,6 +106,10 @@ "tags": [ "Vendor Advisory" ] + }, + { + "url": "https://security.netapp.com/advisory/ntap-20230818-0012/", + "source": "cve@mitre.org" } ] } \ No newline at end of file diff --git a/CVE-2019/CVE-2019-101xx/CVE-2019-10103.json b/CVE-2019/CVE-2019-101xx/CVE-2019-10103.json index 03ab7783c06..28c778317a9 100644 --- a/CVE-2019/CVE-2019-101xx/CVE-2019-10103.json +++ b/CVE-2019/CVE-2019-101xx/CVE-2019-10103.json @@ -2,8 +2,8 @@ "id": "CVE-2019-10103", "sourceIdentifier": "cve@mitre.org", "published": "2019-07-03T20:15:11.227", - "lastModified": "2020-08-24T17:37:01.140", - "vulnStatus": "Analyzed", + "lastModified": "2023-08-18T14:15:17.873", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -100,6 +100,10 @@ "tags": [ "Vendor Advisory" ] + }, + { + "url": "https://security.netapp.com/advisory/ntap-20230818-0012/", + "source": "cve@mitre.org" } ] } \ No newline at end of file diff --git a/CVE-2019/CVE-2019-124xx/CVE-2019-12402.json b/CVE-2019/CVE-2019-124xx/CVE-2019-12402.json index af6ea78e6bc..156e5573a49 100644 --- a/CVE-2019/CVE-2019-124xx/CVE-2019-12402.json +++ b/CVE-2019/CVE-2019-124xx/CVE-2019-12402.json @@ -2,8 +2,8 @@ "id": "CVE-2019-12402", "sourceIdentifier": "security@apache.org", "published": "2019-08-30T09:15:17.910", - "lastModified": "2022-05-14T03:15:44.513", - "vulnStatus": "Analyzed", + "lastModified": "2023-08-18T14:15:17.953", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -496,6 +496,10 @@ "Third Party Advisory" ] }, + { + "url": "https://security.netapp.com/advisory/ntap-20230818-0001/", + "source": "security@apache.org" + }, { "url": "https://www.oracle.com//security-alerts/cpujul2021.html", "source": "security@apache.org", diff --git a/CVE-2020/CVE-2020-106xx/CVE-2020-10650.json b/CVE-2020/CVE-2020-106xx/CVE-2020-10650.json index 6c11690ac7c..f352f56348a 100644 --- a/CVE-2020/CVE-2020-106xx/CVE-2020-10650.json +++ b/CVE-2020/CVE-2020-106xx/CVE-2020-10650.json @@ -2,7 +2,7 @@ "id": "CVE-2020-10650", "sourceIdentifier": "cve@mitre.org", "published": "2022-12-26T20:15:10.433", - "lastModified": "2023-04-30T19:15:41.773", + "lastModified": "2023-08-18T14:15:18.573", "vulnStatus": "Modified", "descriptions": [ { @@ -120,6 +120,10 @@ "Third Party Advisory" ] }, + { + "url": "https://security.netapp.com/advisory/ntap-20230818-0007/", + "source": "cve@mitre.org" + }, { "url": "https://www.oracle.com/security-alerts/cpujan2021.html", "source": "cve@mitre.org", diff --git a/CVE-2020/CVE-2020-351xx/CVE-2020-35139.json b/CVE-2020/CVE-2020-351xx/CVE-2020-35139.json index 7983e0ace55..1fe53da93d5 100644 --- a/CVE-2020/CVE-2020-351xx/CVE-2020-35139.json +++ b/CVE-2020/CVE-2020-351xx/CVE-2020-35139.json @@ -2,19 +2,75 @@ "id": "CVE-2020-35139", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-11T14:15:11.297", - "lastModified": "2023-08-11T15:18:06.983", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-18T14:43:33.463", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An issue was discovered in OFPBundleCtrlMsg in parser.py in Faucet SDN Ryu version 4.34, allows remote attackers to cause a denial of service (DoS) (infinite loop)." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-835" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:facuet:ryu:4.34:*:*:*:*:*:*:*", + "matchCriteriaId": "8F9DAB45-CE95-4E78-B46B-88E7DC69CC99" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/faucetsdn/ryu/issues/118", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking" + ] } ] } \ No newline at end of file diff --git a/CVE-2020/CVE-2020-351xx/CVE-2020-35141.json b/CVE-2020/CVE-2020-351xx/CVE-2020-35141.json index 00b75fc3875..48376bfceb0 100644 --- a/CVE-2020/CVE-2020-351xx/CVE-2020-35141.json +++ b/CVE-2020/CVE-2020-351xx/CVE-2020-35141.json @@ -2,19 +2,75 @@ "id": "CVE-2020-35141", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-11T14:15:11.367", - "lastModified": "2023-08-11T15:18:06.983", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-18T14:46:13.147", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An issue was discovered in OFPQueueGetConfigReply in parser.py in Faucet SDN Ryu version 4.34, allows remote attackers to cause a denial of service (DoS) (infinite loop)." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-835" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:facuet:ryu:4.34:*:*:*:*:*:*:*", + "matchCriteriaId": "8F9DAB45-CE95-4E78-B46B-88E7DC69CC99" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/faucetsdn/ryu/issues/118", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking" + ] } ] } \ No newline at end of file diff --git a/CVE-2021/CVE-2021-234xx/CVE-2021-23463.json b/CVE-2021/CVE-2021-234xx/CVE-2021-23463.json index 8da255a82dc..6f0c8290917 100644 --- a/CVE-2021/CVE-2021-234xx/CVE-2021-23463.json +++ b/CVE-2021/CVE-2021-234xx/CVE-2021-23463.json @@ -2,8 +2,8 @@ "id": "CVE-2021-23463", "sourceIdentifier": "report@snyk.io", "published": "2021-12-10T20:15:07.917", - "lastModified": "2022-04-28T14:53:19.760", - "vulnStatus": "Analyzed", + "lastModified": "2023-08-18T14:15:19.227", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -141,6 +141,10 @@ "Third Party Advisory" ] }, + { + "url": "https://security.netapp.com/advisory/ntap-20230818-0010/", + "source": "report@snyk.io" + }, { "url": "https://snyk.io/vuln/SNYK-JAVA-COMH2DATABASE-1769238", "source": "report@snyk.io", diff --git a/CVE-2021/CVE-2021-284xx/CVE-2021-28429.json b/CVE-2021/CVE-2021-284xx/CVE-2021-28429.json index 52b6514f2bc..6ff152d8ab6 100644 --- a/CVE-2021/CVE-2021-284xx/CVE-2021-28429.json +++ b/CVE-2021/CVE-2021-284xx/CVE-2021-28429.json @@ -2,19 +2,74 @@ "id": "CVE-2021-28429", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-11T14:15:12.667", - "lastModified": "2023-08-11T15:18:01.437", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-18T14:55:33.060", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Integer overflow vulnerability in av_timecode_make_string in libavutil/timecode.c in FFmpeg version 4.3.2, allows local attackers to cause a denial of service (DoS) via crafted .mov file." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-190" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:4.3.2:*:*:*:*:*:*:*", + "matchCriteriaId": "BEA4991D-BE2F-4BB4-BFFE-8C4FC9A72763" + } + ] + } + ] + } + ], "references": [ { "url": "https://git.ffmpeg.org/gitweb/ffmpeg.git/commitdiff/c94875471e3ba3dc396c6919ff3ec9b14539cd71", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2021/CVE-2021-293xx/CVE-2021-29378.json b/CVE-2021/CVE-2021-293xx/CVE-2021-29378.json index eeff4db3a76..b8cd021b750 100644 --- a/CVE-2021/CVE-2021-293xx/CVE-2021-29378.json +++ b/CVE-2021/CVE-2021-293xx/CVE-2021-29378.json @@ -2,19 +2,75 @@ "id": "CVE-2021-29378", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-11T14:15:12.880", - "lastModified": "2023-08-11T15:18:01.437", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-18T15:22:20.870", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "SQL Injection in pear-admin-think version 2.1.2, allows attackers to execute arbitrary code and escalate privileges via crafted GET request to Crud.php." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:pearadmin:pear_admin_think:2.1.2:*:*:*:*:*:*:*", + "matchCriteriaId": "4A4C9978-E090-44AC-A311-22EEE231F220" + } + ] + } + ] + } + ], "references": [ { "url": "https://gitee.com/pear-admin/Pear-Admin-Think/issues/I3DIEC", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking" + ] } ] } \ No newline at end of file diff --git a/CVE-2021/CVE-2021-32xx/CVE-2021-3236.json b/CVE-2021/CVE-2021-32xx/CVE-2021-3236.json index a30b69f3a35..26ef653b16b 100644 --- a/CVE-2021/CVE-2021-32xx/CVE-2021-3236.json +++ b/CVE-2021/CVE-2021-32xx/CVE-2021-3236.json @@ -2,19 +2,76 @@ "id": "CVE-2021-3236", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-11T14:15:12.953", - "lastModified": "2023-08-11T15:18:01.437", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-18T15:37:30.867", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "vim 8.2.2348 is affected by null pointer dereference, allows local attackers to cause a denial of service (DoS) via the ex_buffer_all method." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:vim:vim:8.2.2348:*:*:*:*:*:*:*", + "matchCriteriaId": "A4B6286F-C311-4C5A-8A32-1603DF42436D" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/vim/vim/issues/7674", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking", + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2021/CVE-2021-406xx/CVE-2021-40690.json b/CVE-2021/CVE-2021-406xx/CVE-2021-40690.json index 9a8f05c8b59..4442036ef4d 100644 --- a/CVE-2021/CVE-2021-406xx/CVE-2021-40690.json +++ b/CVE-2021/CVE-2021-406xx/CVE-2021-40690.json @@ -2,8 +2,8 @@ "id": "CVE-2021-40690", "sourceIdentifier": "security@apache.org", "published": "2021-09-19T18:15:07.223", - "lastModified": "2023-04-28T18:27:19.780", - "vulnStatus": "Analyzed", + "lastModified": "2023-08-18T14:15:19.487", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -65,7 +65,7 @@ }, "weaknesses": [ { - "source": "nvd@nist.gov", + "source": "security@apache.org", "type": "Primary", "description": [ { @@ -75,7 +75,7 @@ ] }, { - "source": "security@apache.org", + "source": "nvd@nist.gov", "type": "Secondary", "description": [ { @@ -402,6 +402,10 @@ "Third Party Advisory" ] }, + { + "url": "https://security.netapp.com/advisory/ntap-20230818-0002/", + "source": "security@apache.org" + }, { "url": "https://www.debian.org/security/2021/dsa-5010", "source": "security@apache.org", diff --git a/CVE-2022/CVE-2022-14xx/CVE-2022-1471.json b/CVE-2022/CVE-2022-14xx/CVE-2022-1471.json index 0db21e25e45..a25802bf949 100644 --- a/CVE-2022/CVE-2022-14xx/CVE-2022-1471.json +++ b/CVE-2022/CVE-2022-14xx/CVE-2022-1471.json @@ -2,12 +2,12 @@ "id": "CVE-2022-1471", "sourceIdentifier": "cve-coordination@google.com", "published": "2022-12-01T11:15:10.553", - "lastModified": "2023-03-21T13:17:25.593", - "vulnStatus": "Analyzed", + "lastModified": "2023-08-18T14:15:20.077", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "SnakeYaml's Constructor() class does not restrict types which can be instantiated during deserialization. Deserializing yaml content provided by an attacker can lead to remote code execution. We recommend using SnakeYaml's SafeConsturctor when parsing untrusted content to restrict deserialization." + "value": "SnakeYaml's Constructor() class does not restrict types which can be instantiated during deserialization.\u00a0Deserializing yaml content provided by an attacker can lead to remote code execution. We recommend using SnakeYaml's SafeConsturctor when parsing untrusted content to restrict deserialization. We recommend upgrading to version 2.0 and beyond.\n" } ], "metrics": { @@ -119,6 +119,14 @@ "Third Party Advisory" ] }, + { + "url": "https://groups.google.com/g/kubernetes-security-announce/c/mwrakFaEdnc", + "source": "cve-coordination@google.com" + }, + { + "url": "https://security.netapp.com/advisory/ntap-20230818-0015/", + "source": "cve-coordination@google.com" + }, { "url": "https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true", "source": "cve-coordination@google.com", diff --git a/CVE-2022/CVE-2022-232xx/CVE-2022-23221.json b/CVE-2022/CVE-2022-232xx/CVE-2022-23221.json index f21b2735b86..bc1b3d61ceb 100644 --- a/CVE-2022/CVE-2022-232xx/CVE-2022-23221.json +++ b/CVE-2022/CVE-2022-232xx/CVE-2022-23221.json @@ -2,8 +2,8 @@ "id": "CVE-2022-23221", "sourceIdentifier": "cve@mitre.org", "published": "2022-01-19T17:15:09.000", - "lastModified": "2022-10-05T01:54:12.140", - "vulnStatus": "Analyzed", + "lastModified": "2023-08-18T14:15:20.417", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -70,7 +70,7 @@ "description": [ { "lang": "en", - "value": "CWE-94" + "value": "CWE-88" } ] } @@ -179,6 +179,10 @@ "Third Party Advisory" ] }, + { + "url": "https://security.netapp.com/advisory/ntap-20230818-0011/", + "source": "cve@mitre.org" + }, { "url": "https://twitter.com/d0nkey_man/status/1483824727936450564", "source": "cve@mitre.org", diff --git a/CVE-2022/CVE-2022-392xx/CVE-2022-39213.json b/CVE-2022/CVE-2022-392xx/CVE-2022-39213.json index 69d9943f5b2..449bfa9ca65 100644 --- a/CVE-2022/CVE-2022-392xx/CVE-2022-39213.json +++ b/CVE-2022/CVE-2022-392xx/CVE-2022-39213.json @@ -2,7 +2,7 @@ "id": "CVE-2022-39213", "sourceIdentifier": "security-advisories@github.com", "published": "2022-09-15T22:15:11.463", - "lastModified": "2022-09-19T19:57:59.820", + "lastModified": "2023-08-18T15:22:36.757", "vulnStatus": "Analyzed", "descriptions": [ { @@ -79,10 +79,10 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:go-cvss_project:go-cvss:*:*:*:*:*:go:*:*", + "criteria": "cpe:2.3:a:pandatix:go-cvss:*:*:*:*:*:go:*:*", "versionStartIncluding": "0.2.0", "versionEndExcluding": "0.4.0", - "matchCriteriaId": "07C5E2B9-4F01-4B4A-8BFD-CCF5B0B97534" + "matchCriteriaId": "28A62F97-906C-4EC0-AB63-E8F47A8E33D1" } ] } diff --git a/CVE-2023/CVE-2023-239xx/CVE-2023-23934.json b/CVE-2023/CVE-2023-239xx/CVE-2023-23934.json index 4314be0f6be..19d119c933b 100644 --- a/CVE-2023/CVE-2023-239xx/CVE-2023-23934.json +++ b/CVE-2023/CVE-2023-239xx/CVE-2023-23934.json @@ -2,7 +2,7 @@ "id": "CVE-2023-23934", "sourceIdentifier": "security-advisories@github.com", "published": "2023-02-14T20:15:17.370", - "lastModified": "2023-08-07T08:15:14.060", + "lastModified": "2023-08-18T14:15:20.553", "vulnStatus": "Modified", "descriptions": [ { @@ -116,6 +116,10 @@ "Vendor Advisory" ] }, + { + "url": "https://security.netapp.com/advisory/ntap-20230818-0003/", + "source": "security-advisories@github.com" + }, { "url": "https://www.debian.org/security/2023/dsa-5470", "source": "security-advisories@github.com" diff --git a/CVE-2023/CVE-2023-240xx/CVE-2023-24016.json b/CVE-2023/CVE-2023-240xx/CVE-2023-24016.json index 87db365503f..3dd83ec3f3c 100644 --- a/CVE-2023/CVE-2023-240xx/CVE-2023-24016.json +++ b/CVE-2023/CVE-2023-240xx/CVE-2023-24016.json @@ -2,8 +2,8 @@ "id": "CVE-2023-24016", "sourceIdentifier": "secure@intel.com", "published": "2023-08-11T03:15:18.587", - "lastModified": "2023-08-11T03:44:51.127", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-18T15:26:36.683", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.3, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.3, + "impactScore": 5.9 + }, { "source": "secure@intel.com", "type": "Secondary", @@ -34,10 +54,61 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-427" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:intel:quartus_prime:*:*:*:*:standard:*:*:*", + "versionEndExcluding": "22.1std", + "matchCriteriaId": "BC524317-C131-4391-A392-2513FB53FF8B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:intel:quartus_prime:*:*:*:*:pro:*:*:*", + "versionEndExcluding": "22.4", + "matchCriteriaId": "AC907F1A-35E9-4FCD-8748-240E83EB4900" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", + "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1" + } + ] + } + ] + } + ], "references": [ { "url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00800.html", - "source": "secure@intel.com" + "source": "secure@intel.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-255xx/CVE-2023-25577.json b/CVE-2023/CVE-2023-255xx/CVE-2023-25577.json index 9230d61a073..f64685157f2 100644 --- a/CVE-2023/CVE-2023-255xx/CVE-2023-25577.json +++ b/CVE-2023/CVE-2023-255xx/CVE-2023-25577.json @@ -2,7 +2,7 @@ "id": "CVE-2023-25577", "sourceIdentifier": "security-advisories@github.com", "published": "2023-02-14T20:15:17.543", - "lastModified": "2023-08-07T08:15:14.293", + "lastModified": "2023-08-18T14:15:21.097", "vulnStatus": "Modified", "descriptions": [ { @@ -116,6 +116,10 @@ "Vendor Advisory" ] }, + { + "url": "https://security.netapp.com/advisory/ntap-20230818-0003/", + "source": "security-advisories@github.com" + }, { "url": "https://www.debian.org/security/2023/dsa-5470", "source": "security-advisories@github.com" diff --git a/CVE-2023/CVE-2023-275xx/CVE-2023-27558.json b/CVE-2023/CVE-2023-275xx/CVE-2023-27558.json index 383470d3d1f..a2594093362 100644 --- a/CVE-2023/CVE-2023-275xx/CVE-2023-27558.json +++ b/CVE-2023/CVE-2023-275xx/CVE-2023-27558.json @@ -2,8 +2,8 @@ "id": "CVE-2023-27558", "sourceIdentifier": "psirt@us.ibm.com", "published": "2023-07-10T16:15:50.007", - "lastModified": "2023-07-13T18:49:01.447", - "vulnStatus": "Analyzed", + "lastModified": "2023-08-18T14:15:21.433", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -114,6 +114,10 @@ "Vendor Advisory" ] }, + { + "url": "https://security.netapp.com/advisory/ntap-20230818-0017/", + "source": "psirt@us.ibm.com" + }, { "url": "https://www.ibm.com/support/pages/node/7010571", "source": "psirt@us.ibm.com", diff --git a/CVE-2023/CVE-2023-275xx/CVE-2023-27576.json b/CVE-2023/CVE-2023-275xx/CVE-2023-27576.json new file mode 100644 index 00000000000..3b4a703fdf9 --- /dev/null +++ b/CVE-2023/CVE-2023-275xx/CVE-2023-27576.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-27576", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-18T15:15:09.723", + "lastModified": "2023-08-18T15:15:09.723", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An issue was discovered in phpList 3.6.12. Due to an access error, it was possible to manipulate and edit data of the system's super admin, allowing one to perform an account takeover of the user with super-admin permission." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://cupc4k3.lol/cve-2023-27576-hacking-phplist-how-i-gained-super-admin-access-44c7c90d82da", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-283xx/CVE-2023-28380.json b/CVE-2023/CVE-2023-283xx/CVE-2023-28380.json index 1bf12b8e29d..a901728b68d 100644 --- a/CVE-2023/CVE-2023-283xx/CVE-2023-28380.json +++ b/CVE-2023/CVE-2023-283xx/CVE-2023-28380.json @@ -2,8 +2,8 @@ "id": "CVE-2023-28380", "sourceIdentifier": "secure@intel.com", "published": "2023-08-11T03:15:24.467", - "lastModified": "2023-08-11T03:44:51.127", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-18T15:25:35.353", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + }, { "source": "secure@intel.com", "type": "Secondary", @@ -34,10 +54,43 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-427" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:intel:ai_hackathon:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.0.0", + "matchCriteriaId": "D22E77D9-1915-447D-BE3A-9C385B741C81" + } + ] + } + ] + } + ], "references": [ { "url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00877.html", - "source": "secure@intel.com" + "source": "secure@intel.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-283xx/CVE-2023-28385.json b/CVE-2023/CVE-2023-283xx/CVE-2023-28385.json index dc390478bc7..7ec00d756b0 100644 --- a/CVE-2023/CVE-2023-283xx/CVE-2023-28385.json +++ b/CVE-2023/CVE-2023-283xx/CVE-2023-28385.json @@ -2,8 +2,8 @@ "id": "CVE-2023-28385", "sourceIdentifier": "secure@intel.com", "published": "2023-08-11T03:15:24.543", - "lastModified": "2023-08-11T03:44:51.127", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-18T15:26:21.167", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 6.7, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.8, + "impactScore": 5.9 + }, { "source": "secure@intel.com", "type": "Secondary", @@ -34,10 +54,55 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-Other" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:intel:next_unit_of_computing_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.0.0.9", + "matchCriteriaId": "BDC5424F-903C-4F4D-899A-F64D35FC0437" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" + } + ] + } + ] + } + ], "references": [ { "url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00868.html", - "source": "secure@intel.com" + "source": "secure@intel.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-284xx/CVE-2023-28405.json b/CVE-2023/CVE-2023-284xx/CVE-2023-28405.json index c020ff71b8f..3eaa6c34870 100644 --- a/CVE-2023/CVE-2023-284xx/CVE-2023-28405.json +++ b/CVE-2023/CVE-2023-284xx/CVE-2023-28405.json @@ -2,8 +2,8 @@ "id": "CVE-2023-28405", "sourceIdentifier": "secure@intel.com", "published": "2023-08-11T03:15:24.853", - "lastModified": "2023-08-11T03:44:51.127", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-18T15:43:36.957", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + }, { "source": "secure@intel.com", "type": "Secondary", @@ -34,10 +54,43 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-427" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:intel:openvino:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2022.3.0", + "matchCriteriaId": "5C1F21DA-3451-4E13-A747-110FCE075303" + } + ] + } + ] + } + ], "references": [ { "url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00842.html", - "source": "secure@intel.com" + "source": "secure@intel.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-287xx/CVE-2023-28711.json b/CVE-2023/CVE-2023-287xx/CVE-2023-28711.json index ddab658a388..c6d3c550866 100644 --- a/CVE-2023/CVE-2023-287xx/CVE-2023-28711.json +++ b/CVE-2023/CVE-2023-287xx/CVE-2023-28711.json @@ -2,8 +2,8 @@ "id": "CVE-2023-28711", "sourceIdentifier": "secure@intel.com", "published": "2023-08-11T03:15:25.803", - "lastModified": "2023-08-11T03:44:51.127", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-18T15:15:38.937", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + }, { "source": "secure@intel.com", "type": "Secondary", @@ -34,10 +54,43 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-670" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:intel:hyperscan_library:*:*:*:*:*:*:*:*", + "versionEndExcluding": "5.4.1", + "matchCriteriaId": "E7DE8624-1CD2-47D5-8C9C-B7210DECA489" + } + ] + } + ] + } + ], "references": [ { "url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00879.html", - "source": "secure@intel.com" + "source": "secure@intel.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-288xx/CVE-2023-28823.json b/CVE-2023/CVE-2023-288xx/CVE-2023-28823.json index b24ee930c5f..56ea2fe87cd 100644 --- a/CVE-2023/CVE-2023-288xx/CVE-2023-28823.json +++ b/CVE-2023/CVE-2023-288xx/CVE-2023-28823.json @@ -2,8 +2,8 @@ "id": "CVE-2023-28823", "sourceIdentifier": "secure@intel.com", "published": "2023-08-11T03:15:26.530", - "lastModified": "2023-08-11T03:44:51.127", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-18T15:03:45.797", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.3, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.3, + "impactScore": 5.9 + }, { "source": "secure@intel.com", "type": "Secondary", @@ -34,10 +54,211 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-427" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:intel:advisor_for_oneapi:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.1", + "matchCriteriaId": "2193AD3C-C7CF-47BC-B9C7-043A44263881" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:intel:cpu_runtime_for_opencl_applications:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.1", + "matchCriteriaId": "268A0E9F-941F-4D2A-821D-4D1032458484" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:intel:distribution_for_python_programming_language:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.1", + "matchCriteriaId": "01C06498-09B0-434E-A9AB-F90225AEDF94" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:intel:dpc\\+\\+_compatibility_tool:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.1", + "matchCriteriaId": "5449D057-151E-49F1-A4F3-9B59BCABAAED" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:intel:embree_ray_tracing_kernel_library:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.1", + "matchCriteriaId": "EA34171F-6851-4C68-B9DD-E087DA9CD29D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:intel:fortran_compiler:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.1", + "matchCriteriaId": "CB6F5C5E-9330-4957-899F-EA81A7829FCE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:intel:implicit_spmd_program_compiler:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.19.1", + "matchCriteriaId": "309CC033-7419-45B0-B57E-EDB855D6ED8D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:intel:inspector_for_oneapi:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.1", + "matchCriteriaId": "B2EFA075-DD70-416E-9591-827FAC2AD89F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:intel:integrated_performance_primitives:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2021.8", + "matchCriteriaId": "BD85FB58-421A-4959-97BD-437D9445767B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:intel:ipp_cryptography:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2021.7.0", + "matchCriteriaId": "A27AABCE-03AA-4A04-8950-A7B3AA41829C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:intel:mpi_library:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2021.9.0", + "matchCriteriaId": "09DEC669-B8A6-4E41-B34C-F6D2F710D96F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:intel:oneapi_base_toolkit:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.1", + "matchCriteriaId": "E9B0E003-2303-4BAA-AAB5-E41672DD36A8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:intel:oneapi_data_analytics_library:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.1", + "matchCriteriaId": "CB4E3234-E4F4-4A1A-92C8-7A71741A2280" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:intel:oneapi_deep_neural_network_library:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.1", + "matchCriteriaId": "BB8E84AA-7C56-4F06-9CBD-0F8265EA164B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:intel:oneapi_dpc\\+\\+\\/c\\+\\+_compiler:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.1", + "matchCriteriaId": "86839DB5-6A37-456F-8527-E1D6CFF9592D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:intel:oneapi_dpc\\+\\+_library_\\(onedpl\\):*:*:*:*:*:*:*:*", + "versionEndExcluding": "2022.1", + "matchCriteriaId": "4F404777-A45E-4D04-A459-20440919DA6F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:intel:oneapi_hpc_toolkit:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.1", + "matchCriteriaId": "140E6A32-DD35-4BD9-8810-26359D76FEB7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:intel:oneapi_iot_toolkit:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.1", + "matchCriteriaId": "2F00829C-D33E-4BF6-A699-16C4E7A9E95B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:intel:oneapi_math_kernel_library:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.1", + "matchCriteriaId": "0D429AB0-77B9-4F05-B59B-95DFC3DF9D4F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:intel:oneapi_rendering_toolkit:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.1", + "matchCriteriaId": "7297C4CE-B6AB-4BBA-89DE-CA0865F8CCBB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:intel:oneapi_threading_building_blocks:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2021.9.0", + "matchCriteriaId": "72297C84-0B91-4D8E-A87F-235E3DC346E1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:intel:oneapi_toolkit_and_component_software_installer:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.3.1.493", + "matchCriteriaId": "7BFF1F97-F77D-496F-97F4-E2A706B6AB33" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:intel:oneapi_video_processing_library:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.1", + "matchCriteriaId": "E2CF5D27-1C7C-4FDF-B3A0-4EE4047195C6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:intel:open_image_denoise:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.4.3", + "matchCriteriaId": "65B820BD-07FB-48AC-B3E4-F3DCAB991C9B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:intel:open_volume_kernel_library:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.1", + "matchCriteriaId": "0158081D-D9FD-4918-ADCF-70AB92230B99" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:intel:ospray:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.1", + "matchCriteriaId": "D02EF185-A6E6-4820-A084-60AD061283A7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:intel:ospray_studio:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.1", + "matchCriteriaId": "FB7158BB-56CF-40BA-85CF-0B622CC49617" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:intel:trace_analyzer_and_collector:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2021.9.0", + "matchCriteriaId": "F034E3C1-6FA9-4F75-80AE-98857F323AA2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:intel:vtune_profiler_for_oneapi:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023.1", + "matchCriteriaId": "21CFEA3C-4017-44FB-9A25-193FE8D65375" + } + ] + } + ] + } + ], "references": [ { "url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00890.html", - "source": "secure@intel.com" + "source": "secure@intel.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-293xx/CVE-2023-29387.json b/CVE-2023/CVE-2023-293xx/CVE-2023-29387.json new file mode 100644 index 00000000000..12cc752adb1 --- /dev/null +++ b/CVE-2023/CVE-2023-293xx/CVE-2023-29387.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-29387", + "sourceIdentifier": "audit@patchstack.com", + "published": "2023-08-18T15:15:09.830", + "lastModified": "2023-08-18T15:15:09.830", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Julien Crego Manager for Icomoon plugin <=\u00a02.0 versions." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/manager-for-icomoon/wordpress-manager-for-icommon-plugin-2-0-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-294xx/CVE-2023-29494.json b/CVE-2023/CVE-2023-294xx/CVE-2023-29494.json index 5fb69bc0b30..4afedd5e362 100644 --- a/CVE-2023/CVE-2023-294xx/CVE-2023-29494.json +++ b/CVE-2023/CVE-2023-294xx/CVE-2023-29494.json @@ -2,8 +2,8 @@ "id": "CVE-2023-29494", "sourceIdentifier": "secure@intel.com", "published": "2023-08-11T03:15:30.820", - "lastModified": "2023-08-11T03:44:51.127", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-18T14:13:01.830", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 6.7, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.8, + "impactScore": 5.9 + }, { "source": "secure@intel.com", "type": "Secondary", @@ -34,10 +54,675 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:intel:nuc_11_pro_kit_nuc11tnhi70z_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "BF0B01D6-D9B5-44A4-8597-A8E3737B50F7" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:intel:nuc_11_pro_kit_nuc11tnhi70z:-:*:*:*:*:*:*:*", + "matchCriteriaId": "ED80AFBA-11FE-4207-9459-C4D3B817D953" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:intel:nuc_11_pro_kit_nuc11tnki70z_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A52B1363-8C29-4E34-97CA-C09BD18A2668" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:intel:nuc_11_pro_kit_nuc11tnki70z:-:*:*:*:*:*:*:*", + "matchCriteriaId": "266B088B-9E37-4FF4-BA5E-E8DA8E573267" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:intel:nuc_11_pro_kit_nuc11tnki30z_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3F523232-FE85-411A-943B-2BD9A2D74BC0" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:intel:nuc_11_pro_kit_nuc11tnki30z:-:*:*:*:*:*:*:*", + "matchCriteriaId": "948F8845-03D3-4BF7-8E73-28B8EEE91202" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:intel:nuc_11_pro_kit_nuc11tnhi30z_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "56474F86-2389-45D0-88EA-B132770E98D4" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:intel:nuc_11_pro_kit_nuc11tnhi30z:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DF048967-A60F-4B2F-9006-44A747B7315C" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:intel:nuc_11_pro_kit_nuc11tnki50z_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "530082BF-4A29-49EB-9286-12451133AA3E" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:intel:nuc_11_pro_kit_nuc11tnki50z:-:*:*:*:*:*:*:*", + "matchCriteriaId": "8592EBE4-93FE-4ECF-839E-67BD61EF0674" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:intel:nuc_11_pro_kit_nuc11tnhi50z_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D248846F-1CD8-47B4-9E73-C6AEF8A4CFB6" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:intel:nuc_11_pro_kit_nuc11tnhi50z:-:*:*:*:*:*:*:*", + "matchCriteriaId": "FF882AD9-8F45-4ACA-AD3B-0FDC5EC2337C" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:intel:nuc_11_pro_board_nuc11tnbi30z_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "95ED050C-4376-44DA-B127-B4AC062BF049" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:intel:nuc_11_pro_board_nuc11tnbi30z:-:*:*:*:*:*:*:*", + "matchCriteriaId": "71B0FAED-9CE3-436F-83A2-A4F6A6535755" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:intel:nuc_11_pro_board_nuc11tnbi50z_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "5BFA43B1-4621-4898-B48F-8BFE51336674" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:intel:nuc_11_pro_board_nuc11tnbi50z:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B91A8B36-5B81-4CDF-8811-60C33C5638BC" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:intel:nuc_11_pro_board_nuc11tnbi70z_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "43C82DF5-E248-4DB4-85F3-107F31703BA3" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:intel:nuc_11_pro_board_nuc11tnbi70z:-:*:*:*:*:*:*:*", + "matchCriteriaId": "AD064153-36F0-40FB-AEA3-624E339CDEAB" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:intel:nuc_11_pro_kit_nuc11tnhi3_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "36500648-76D6-48E2-8EAE-0F86A134820E" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:intel:nuc_11_pro_kit_nuc11tnhi3:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F34EF7F8-07DF-4A54-927D-D4329A68C291" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:intel:nuc_11_pro_kit_nuc11tnhi5_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "77D72A51-C3A9-464A-BA54-319EEFFFD9A9" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:intel:nuc_11_pro_kit_nuc11tnhi5:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B5FC742B-B63A-4EF3-AB0C-CE3FF0884342" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:intel:nuc_11_pro_kit_nuc11tnhi7_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "73EB6159-0C16-4BC7-B976-CA37747A3F02" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:intel:nuc_11_pro_kit_nuc11tnhi7:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6189486A-0407-403E-98FD-E7FD380C41C5" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:intel:nuc_11_pro_kit_nuc11tnki3_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F0D8717A-1D83-48BA-BC2F-57E17597B2C5" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:intel:nuc_11_pro_kit_nuc11tnki3:-:*:*:*:*:*:*:*", + "matchCriteriaId": "BEB9DCE8-E8C8-49A5-9A5B-9AF668AAD3A7" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:intel:nuc_11_pro_kit_nuc11tnki5_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B8F21DB0-008C-4900-AC41-E1FD5BD19C3F" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:intel:nuc_11_pro_kit_nuc11tnki5:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3F8C0CF5-FD9D-4956-88CD-F927F6BC85A3" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:intel:nuc_11_pro_kit_nuc11tnki7_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "D0103519-5C23-4532-AEEE-2DCF9FDDA9A5" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:intel:nuc_11_pro_kit_nuc11tnki7:-:*:*:*:*:*:*:*", + "matchCriteriaId": "1EC04ABE-B63E-4715-88F4-89B924D4A45F" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:intel:nuc_11_pro_board_nuc11tnbi3_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "446EB84D-1330-46B7-B254-17DA8FEFC673" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:intel:nuc_11_pro_board_nuc11tnbi3:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B90F1DCF-8910-4365-9590-594E564C9EC3" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:intel:nuc_11_pro_board_nuc11tnbi5_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "497D7E9C-427E-440D-8C9B-F86D58866458" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:intel:nuc_11_pro_board_nuc11tnbi5:-:*:*:*:*:*:*:*", + "matchCriteriaId": "7FC4E50B-FF0C-4E75-8CB7-BC0E66FB516F" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:intel:nuc_11_pro_board_nuc11tnbi7_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A3E444E2-E307-468F-86BC-F08163BD779A" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:intel:nuc_11_pro_board_nuc11tnbi7:-:*:*:*:*:*:*:*", + "matchCriteriaId": "8FBA410A-FF12-41CF-932B-13FBB2044B71" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:intel:nuc_11_pro_kit_nuc11tnhi50w_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "96697FBC-EEBA-4EDC-9EA2-A4E7374690C9" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:intel:nuc_11_pro_kit_nuc11tnhi50w:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DBF94267-3E51-48FC-942F-44D77503437B" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:intel:nuc_11_pro_kit_nuc11tnhi50l_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "1FEC727D-262D-4FCB-951A-49D2732E6E27" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:intel:nuc_11_pro_kit_nuc11tnhi50l:-:*:*:*:*:*:*:*", + "matchCriteriaId": "67985FBF-98BB-4C83-B345-82740B79DDD9" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:intel:nuc_11_pro_kit_nuc11tnhi30l_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "07D6687E-66EA-48BF-BC46-85D5F3B3EC49" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:intel:nuc_11_pro_kit_nuc11tnhi30l:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3FACAF2E-F8BA-4718-99AC-3CDE464FDBC4" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:intel:nuc_11_pro_kit_nuc11tnhi70q_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "7EFC0A89-E230-470A-BC51-54CB7AE6D1BB" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:intel:nuc_11_pro_kit_nuc11tnhi70q:-:*:*:*:*:*:*:*", + "matchCriteriaId": "256251BD-A8A0-4AE2-83B0-2306225AFED5" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:intel:nuc_11_pro_kit_nuc11tnhi30p_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "216FD1C3-CB43-498E-8A2D-3895BCF1D2AE" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:intel:nuc_11_pro_kit_nuc11tnhi30p:-:*:*:*:*:*:*:*", + "matchCriteriaId": "AAB3AEF7-1449-4976-81C5-912C8CE28498" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:intel:nuc_11_pro_kit_nuc11tnhi70l_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "036A3E28-5649-4AF2-B3EB-5C34A8CBEB60" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:intel:nuc_11_pro_kit_nuc11tnhi70l:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2642427-E476-4C72-A7E7-5A9B04CF2FE3" + } + ] + } + ] + } + ], "references": [ { "url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00892.html", - "source": "secure@intel.com" + "source": "secure@intel.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-295xx/CVE-2023-29500.json b/CVE-2023/CVE-2023-295xx/CVE-2023-29500.json index 80c20aed61f..141eeeda9f1 100644 --- a/CVE-2023/CVE-2023-295xx/CVE-2023-29500.json +++ b/CVE-2023/CVE-2023-295xx/CVE-2023-29500.json @@ -2,8 +2,8 @@ "id": "CVE-2023-29500", "sourceIdentifier": "secure@intel.com", "published": "2023-08-11T03:15:31.163", - "lastModified": "2023-08-11T03:44:51.127", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-18T14:33:50.697", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 4.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.8, + "impactScore": 3.6 + }, { "source": "secure@intel.com", "type": "Secondary", @@ -34,10 +54,324 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:intel:nuc_11_performance_kit_nuc11pahi70z_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "59AE540D-F5E3-49CD-B4DE-A430488F7B2D" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:intel:nuc_11_performance_kit_nuc11pahi70z:-:*:*:*:*:*:*:*", + "matchCriteriaId": "83F1BB2C-00A9-44DE-ADE2-C910E12AC664" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:intel:nuc_11_performance_kit_nuc11pahi50z_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "505B638A-F333-470E-B810-33FC3F4F40AE" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:intel:nuc_11_performance_kit_nuc11pahi50z:-:*:*:*:*:*:*:*", + "matchCriteriaId": "45F55CB5-5E7C-460F-8B49-F2BA47102884" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:intel:nuc_11_performance_kit_nuc11pahi30z_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E8604BD6-E589-4917-A572-56208C42A082" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:intel:nuc_11_performance_kit_nuc11pahi30z:-:*:*:*:*:*:*:*", + "matchCriteriaId": "8756CBA9-24C8-49E0-8622-95E25DAB64AA" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:intel:nuc_11_performance_kit_nuc11pahi3_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "1DDB0B56-E7F9-4C36-B010-865F1A8363F0" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:intel:nuc_11_performance_kit_nuc11pahi3:-:*:*:*:*:*:*:*", + "matchCriteriaId": "53358E28-1529-478C-A1DC-39F05250C749" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:intel:nuc_11_performance_kit_nuc11pahi5_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "649AEF04-A296-48B6-9B97-2566039808A9" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:intel:nuc_11_performance_kit_nuc11pahi5:-:*:*:*:*:*:*:*", + "matchCriteriaId": "625FA81A-2E10-4910-8310-27C9577AB8D5" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:intel:nuc_11_performance_kit_nuc11pahi7_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "99A8EAEB-EBDA-41F9-94AC-EA2F3B6DFD93" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:intel:nuc_11_performance_kit_nuc11pahi7:-:*:*:*:*:*:*:*", + "matchCriteriaId": "15EA0B24-5433-4188-82A4-3019247C3AE4" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:intel:nuc_11_performance_kit_nuc11paki3_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "ED113CB5-0FB5-4C6D-A515-C23EBB406987" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:intel:nuc_11_performance_kit_nuc11paki3:-:*:*:*:*:*:*:*", + "matchCriteriaId": "20B7156E-602E-4335-A0B2-A1E679194E54" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:intel:nuc_11_performance_kit_nuc11paki5_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "764465AB-C78E-4AE0-B4C1-2D9DB51DD692" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:intel:nuc_11_performance_kit_nuc11paki5:-:*:*:*:*:*:*:*", + "matchCriteriaId": "46277E03-FB58-4FDB-834D-50E46D634800" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:intel:nuc_11_performance_kit_nuc11paki7_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "3BAE0B70-2541-4EF2-8A9E-8E46B1D917AB" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:intel:nuc_11_performance_kit_nuc11paki7:-:*:*:*:*:*:*:*", + "matchCriteriaId": "044D872A-7C4D-45C8-9B81-B40D1B05A5A5" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:intel:nuc_11_performance_mini_pc_nuc11paqi50wa_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "FD5CE18A-073A-4B39-AD43-56657EBDD9C2" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:intel:nuc_11_performance_mini_pc_nuc11paqi50wa:-:*:*:*:*:*:*:*", + "matchCriteriaId": "71878455-5816-4C4E-9595-B44DCFAAB80C" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:intel:nuc_11_performance_mini_pc_nuc11paqi70qa_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6FC4813F-A447-4558-96E1-0641036F3D4A" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:intel:nuc_11_performance_mini_pc_nuc11paqi70qa:-:*:*:*:*:*:*:*", + "matchCriteriaId": "5B23996D-1C22-42DF-8752-E5490D34AD64" + } + ] + } + ] + } + ], "references": [ { "url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00892.html", - "source": "secure@intel.com" + "source": "secure@intel.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-29xx/CVE-2023-2976.json b/CVE-2023/CVE-2023-29xx/CVE-2023-2976.json index fa8539795b5..ee81c2f4cc3 100644 --- a/CVE-2023/CVE-2023-29xx/CVE-2023-2976.json +++ b/CVE-2023/CVE-2023-29xx/CVE-2023-2976.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2976", "sourceIdentifier": "cve-coordination@google.com", "published": "2023-06-14T18:15:09.513", - "lastModified": "2023-06-29T18:22:00.287", - "vulnStatus": "Analyzed", + "lastModified": "2023-08-18T14:15:21.533", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -93,6 +93,10 @@ "Patch", "Vendor Advisory" ] + }, + { + "url": "https://security.netapp.com/advisory/ntap-20230818-0008/", + "source": "cve-coordination@google.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-304xx/CVE-2023-30499.json b/CVE-2023/CVE-2023-304xx/CVE-2023-30499.json new file mode 100644 index 00000000000..d75713124ce --- /dev/null +++ b/CVE-2023/CVE-2023-304xx/CVE-2023-30499.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-30499", + "sourceIdentifier": "audit@patchstack.com", + "published": "2023-08-18T15:15:09.933", + "lastModified": "2023-08-18T15:15:09.933", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in FolioVision FV Flowplayer Video Player plugin <=\u00a07.5.32.7212 versions." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/fv-wordpress-flowplayer/wordpress-fv-flowplayer-video-player-plugin-7-5-32-7212-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-308xx/CVE-2023-30861.json b/CVE-2023/CVE-2023-308xx/CVE-2023-30861.json index 9a1ae81b4cb..857dedfeb1d 100644 --- a/CVE-2023/CVE-2023-308xx/CVE-2023-30861.json +++ b/CVE-2023/CVE-2023-308xx/CVE-2023-30861.json @@ -2,7 +2,7 @@ "id": "CVE-2023-30861", "sourceIdentifier": "security-advisories@github.com", "published": "2023-05-02T18:15:52.373", - "lastModified": "2023-06-30T04:15:10.127", + "lastModified": "2023-08-18T14:15:21.893", "vulnStatus": "Modified", "descriptions": [ { @@ -127,6 +127,10 @@ "Vendor Advisory" ] }, + { + "url": "https://security.netapp.com/advisory/ntap-20230818-0006/", + "source": "security-advisories@github.com" + }, { "url": "https://www.debian.org/security/2023/dsa-5442", "source": "security-advisories@github.com" diff --git a/CVE-2023/CVE-2023-310xx/CVE-2023-31094.json b/CVE-2023/CVE-2023-310xx/CVE-2023-31094.json index 44927229d91..35a26f68207 100644 --- a/CVE-2023/CVE-2023-310xx/CVE-2023-31094.json +++ b/CVE-2023/CVE-2023-310xx/CVE-2023-31094.json @@ -2,8 +2,8 @@ "id": "CVE-2023-31094", "sourceIdentifier": "audit@patchstack.com", "published": "2023-08-18T13:15:09.593", - "lastModified": "2023-08-18T13:15:09.593", - "vulnStatus": "Received", + "lastModified": "2023-08-18T15:06:49.560", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-312xx/CVE-2023-31218.json b/CVE-2023/CVE-2023-312xx/CVE-2023-31218.json new file mode 100644 index 00000000000..f7b51c34db6 --- /dev/null +++ b/CVE-2023/CVE-2023-312xx/CVE-2023-31218.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2023-31218", + "sourceIdentifier": "audit@patchstack.com", + "published": "2023-08-18T14:15:22.330", + "lastModified": "2023-08-18T15:06:49.560", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Cross-Site Request Forgery (CSRF) leading to Stored Cross-Site Scripting (XSS) vulnerability in realmag777 WOLF \u2013 WordPress Posts Bulk Editor and Manager Professional plugin <=\u00a01.0.6 versions." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-352" + }, + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/bulk-editor/wordpress-wolf-wordpress-posts-bulk-editor-and-manager-professional-plugin-1-0-6-cross-site-scripting-xss-via-csrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-312xx/CVE-2023-31228.json b/CVE-2023/CVE-2023-312xx/CVE-2023-31228.json index b51e7426d25..a5a03e155f3 100644 --- a/CVE-2023/CVE-2023-312xx/CVE-2023-31228.json +++ b/CVE-2023/CVE-2023-312xx/CVE-2023-31228.json @@ -2,8 +2,8 @@ "id": "CVE-2023-31228", "sourceIdentifier": "audit@patchstack.com", "published": "2023-08-18T13:15:09.743", - "lastModified": "2023-08-18T13:15:09.743", - "vulnStatus": "Received", + "lastModified": "2023-08-18T15:06:49.560", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-312xx/CVE-2023-31232.json b/CVE-2023/CVE-2023-312xx/CVE-2023-31232.json new file mode 100644 index 00000000000..12955df7754 --- /dev/null +++ b/CVE-2023/CVE-2023-312xx/CVE-2023-31232.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-31232", + "sourceIdentifier": "audit@patchstack.com", + "published": "2023-08-18T14:15:22.467", + "lastModified": "2023-08-18T15:06:49.560", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in David Artiss Plugins List plugin <=\u00a02.5 versions." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 5.9, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/plugins-list/wordpress-plugins-list-plugin-2-5-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-321xx/CVE-2023-32103.json b/CVE-2023/CVE-2023-321xx/CVE-2023-32103.json new file mode 100644 index 00000000000..91c4c3c6f7b --- /dev/null +++ b/CVE-2023/CVE-2023-321xx/CVE-2023-32103.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-32103", + "sourceIdentifier": "audit@patchstack.com", + "published": "2023-08-18T14:15:22.550", + "lastModified": "2023-08-18T15:06:49.560", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Theme Palace TP Education plugin <=\u00a04.4 versions." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/tp-education/wordpress-tp-education-plugin-4-4-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-321xx/CVE-2023-32105.json b/CVE-2023/CVE-2023-321xx/CVE-2023-32105.json new file mode 100644 index 00000000000..343a6090e6f --- /dev/null +++ b/CVE-2023/CVE-2023-321xx/CVE-2023-32105.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-32105", + "sourceIdentifier": "audit@patchstack.com", + "published": "2023-08-18T14:15:22.633", + "lastModified": "2023-08-18T15:06:49.560", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in ollybach WPPizza \u2013 A Restaurant Plugin plugin <=\u00a03.17.1 versions." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/wppizza/wordpress-wppizza-a-restaurant-plugin-plugin-3-17-1-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-321xx/CVE-2023-32106.json b/CVE-2023/CVE-2023-321xx/CVE-2023-32106.json new file mode 100644 index 00000000000..f694b67fff2 --- /dev/null +++ b/CVE-2023/CVE-2023-321xx/CVE-2023-32106.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-32106", + "sourceIdentifier": "audit@patchstack.com", + "published": "2023-08-18T14:15:22.890", + "lastModified": "2023-08-18T15:06:49.560", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Fahad Mahmood WP Docs plugin <=\u00a01.9.9 versions." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/wp-docs/wordpress-wp-docs-plugin-1-9-9-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-321xx/CVE-2023-32107.json b/CVE-2023/CVE-2023-321xx/CVE-2023-32107.json new file mode 100644 index 00000000000..a2acfa1b89f --- /dev/null +++ b/CVE-2023/CVE-2023-321xx/CVE-2023-32107.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-32107", + "sourceIdentifier": "audit@patchstack.com", + "published": "2023-08-18T14:15:23.347", + "lastModified": "2023-08-18T15:06:49.560", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Photo Gallery Team Photo Gallery by Ays \u2013 Responsive Image Gallery plugin <=\u00a05.1.3 versions." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/gallery-photo-gallery/wordpress-photo-gallery-by-ays-responsive-image-gallery-plugin-5-1-3-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-321xx/CVE-2023-32108.json b/CVE-2023/CVE-2023-321xx/CVE-2023-32108.json new file mode 100644 index 00000000000..6648e4d6d2e --- /dev/null +++ b/CVE-2023/CVE-2023-321xx/CVE-2023-32108.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-32108", + "sourceIdentifier": "audit@patchstack.com", + "published": "2023-08-18T15:15:10.033", + "lastModified": "2023-08-18T15:15:10.033", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Ignazio Scimone Albo Pretorio On line plugin <=\u00a04.6.3 versions." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/albo-pretorio-on-line/wordpress-albo-pretorio-on-line-plugin-4-6-3-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-321xx/CVE-2023-32109.json b/CVE-2023/CVE-2023-321xx/CVE-2023-32109.json new file mode 100644 index 00000000000..1ed9e6d523b --- /dev/null +++ b/CVE-2023/CVE-2023-321xx/CVE-2023-32109.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-32109", + "sourceIdentifier": "audit@patchstack.com", + "published": "2023-08-18T15:15:10.137", + "lastModified": "2023-08-18T15:15:10.137", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Ignazio Scimone Albo Pretorio On line plugin <=\u00a04.6.3 versions." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/vulnerability/albo-pretorio-on-line/wordpress-albo-pretorio-on-line-plugin-4-6-3-reflected-cross-site-scripting-xss-vulnerability-2?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-326xx/CVE-2023-32617.json b/CVE-2023/CVE-2023-326xx/CVE-2023-32617.json index 8f7d9e9aea7..601cec3f63f 100644 --- a/CVE-2023/CVE-2023-326xx/CVE-2023-32617.json +++ b/CVE-2023/CVE-2023-326xx/CVE-2023-32617.json @@ -2,8 +2,8 @@ "id": "CVE-2023-32617", "sourceIdentifier": "secure@intel.com", "published": "2023-08-11T03:15:32.687", - "lastModified": "2023-08-11T03:44:51.127", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-18T15:02:51.067", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 6.7, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.8, + "impactScore": 5.9 + }, { "source": "secure@intel.com", "type": "Secondary", @@ -34,10 +54,648 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:intel:nuc_kit_nuc7i7bnhx1_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DA3B790D-1462-41CF-B188-59D2903C02D3" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:intel:nuc_kit_nuc7i7bnhx1:-:*:*:*:*:*:*:*", + "matchCriteriaId": "7873614F-168F-4307-B38B-672262623985" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:intel:nuc_7_home_nuc7i5bnkp_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "E5B6CC54-AB90-4DCC-8FF5-C465447ADD93" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:intel:nuc_7_home_nuc7i5bnkp:-:*:*:*:*:*:*:*", + "matchCriteriaId": "19389975-C699-4F08-BE73-2C7D47F8E820" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:intel:nuc_7_home_nuc7i3bnhxf_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "C90528F9-9C3D-433F-B88F-FA1DC0997956" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:intel:nuc_7_home_nuc7i3bnhxf:-:*:*:*:*:*:*:*", + "matchCriteriaId": "4B41E2FE-EB38-49B1-9C51-8FF050FE2BB6" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:intel:nuc_7_enthusiast_nuc7i7bnkq_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9A5A3413-991E-4A66-A99F-DC94DB0D9526" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:intel:nuc_7_enthusiast_nuc7i7bnkq:-:*:*:*:*:*:*:*", + "matchCriteriaId": "1C2A2DCF-D3E0-4483-A0E1-7A6D51D8D3D0" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:intel:nuc_kit_nuc7i3bnhx1_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F962C80E-7A51-4219-93B0-BE412F8742CB" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:intel:nuc_kit_nuc7i3bnhx1:-:*:*:*:*:*:*:*", + "matchCriteriaId": "AEF4AE10-4F3E-4182-AFF2-8B13B035CC92" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:intel:nuc_7_enthusiast_nuc7i7bnhxg_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "067400DD-63DF-46CC-83F4-AE2CD02AE829" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:intel:nuc_7_enthusiast_nuc7i7bnhxg:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2560D6C-BA13-40E7-B3DC-DCF86D57C875" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:intel:nuc_7_home_nuc7i5bnhxf_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "10E47572-D104-44A3-A5F0-D75759B6D3CD" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:intel:nuc_7_home_nuc7i5bnhxf:-:*:*:*:*:*:*:*", + "matchCriteriaId": "463D9247-C8C5-4A1C-A876-3777C43850D9" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:intel:nuc_kit_nuc7i5bnhx1_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "4D00D724-60A9-4B56-83BE-FE39E0FACA38" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:intel:nuc_kit_nuc7i5bnhx1:-:*:*:*:*:*:*:*", + "matchCriteriaId": "C0B4DEC1-6AB3-4142-9435-EAE87DB1E4A0" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:intel:nuc_board_nuc7i7bnb_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "0BFD15B4-802D-407F-9647-CC59E60735B0" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:intel:nuc_board_nuc7i7bnb:-:*:*:*:*:*:*:*", + "matchCriteriaId": "24B9A4D6-7550-4114-83BF-CA58060BEA0A" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:intel:nuc_board_nuc7i5bnb_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "0CBEC113-9DBF-4277-A98F-2A84025A6B88" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:intel:nuc_board_nuc7i5bnb:-:*:*:*:*:*:*:*", + "matchCriteriaId": "AA36E316-A0D1-4D7C-B793-7EE5166A7D0B" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:intel:nuc_board_nuc7i3bnb_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "EB320E41-9D1B-450E-8F73-6C8353B174CE" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:intel:nuc_board_nuc7i3bnb:-:*:*:*:*:*:*:*", + "matchCriteriaId": "DF05F366-9CD4-439E-9D60-6F9D6AAC65E3" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:intel:nuc_kit_nuc7i5bnh_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A79127AD-AF8B-4C93-AAB9-741703448EC0" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:intel:nuc_kit_nuc7i5bnh:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F735D1DB-9676-490C-93C3-AAAD3F05AEBD" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:intel:nuc_kit_nuc7i3bnk_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "FFD48BED-604A-4225-B8D5-1B77B06F7A94" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:intel:nuc_kit_nuc7i3bnk:-:*:*:*:*:*:*:*", + "matchCriteriaId": "97229EAB-0D96-42FD-B1CD-ADE4616187D3" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:intel:nuc_kit_nuc7i5bnk_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "5329CB04-060B-4D4C-A5B4-B6788FD5DC0F" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:intel:nuc_kit_nuc7i5bnk:-:*:*:*:*:*:*:*", + "matchCriteriaId": "AD132751-6882-4C70-8ED9-AFFE0A771326" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:intel:nuc_kit_nuc7i7bnh_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "AE36CFFB-07F6-4E42-86F4-CDE408B790F6" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:intel:nuc_kit_nuc7i7bnh:-:*:*:*:*:*:*:*", + "matchCriteriaId": "B0DE3105-8418-4CA3-80B0-5EE4E394D58F" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:intel:nuc_kit_nuc7i3bnh_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "24C0A55F-1F37-4DED-94F3-A513D473701B" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:intel:nuc_kit_nuc7i3bnh:-:*:*:*:*:*:*:*", + "matchCriteriaId": "24A5364F-B4EB-44C3-8B23-3F410F9CE30D" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:intel:nuc_8_rugged_kit_nuc8cchkrn_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "EB90C1F7-4DAE-40B5-90AA-76000B4BFE20" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:intel:nuc_8_rugged_kit_nuc8cchkrn:-:*:*:*:*:*:*:*", + "matchCriteriaId": "5D7F2839-5138-4E20-9DF9-93DA0F1CAD07" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:intel:nuc_8_rugged_board_nuc8cchbn_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "22E519BA-A66A-4507-AF47-3DBB551150F5" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:intel:nuc_8_rugged_board_nuc8cchbn:-:*:*:*:*:*:*:*", + "matchCriteriaId": "1CF64F57-839A-4911-BCEA-7083B67F6D68" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:intel:nuc_8_rugged_kit_nuc8cchkr_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F62E5293-CDFA-4EDB-AD33-0D8F72FD9E06" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:intel:nuc_8_rugged_kit_nuc8cchkr:-:*:*:*:*:*:*:*", + "matchCriteriaId": "63F604D7-3A72-412C-8FA6-9C9076AE8F2A" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:intel:nuc_board_nuc8cchb_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "463C2810-EF94-49BC-B62B-F712212C6415" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:intel:nuc_board_nuc8cchb:-:*:*:*:*:*:*:*", + "matchCriteriaId": "FEDDEDB3-82C2-4A71-B72C-14028894A71A" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:intel:nuc_kit_nuc6cayh_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "1FA9AD2D-D081-4675-8F4D-94E832C67E1A" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:intel:nuc_kit_nuc6cayh:-:*:*:*:*:*:*:*", + "matchCriteriaId": "9414F307-9A2F-4591-8098-7C52F919F9A5" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:intel:nuc_kit_nuc6cays_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "EA1DE8F9-9716-4A8E-B355-080CFB3E3696" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:intel:nuc_kit_nuc6cays:-:*:*:*:*:*:*:*", + "matchCriteriaId": "5A261B82-5F54-4556-B1D1-53F0CFDF1830" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:intel:compute_stick_stk2mv64cc_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "F9EDC137-8198-4EC9-A3C9-FFF505CD0848" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:intel:compute_stick_stk2mv64cc:-:*:*:*:*:*:*:*", + "matchCriteriaId": "6B0C9D80-37A3-43E5-B818-55532F613436" + } + ] + } + ] + } + ], "references": [ { "url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00917.html", - "source": "secure@intel.com" + "source": "secure@intel.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-33xx/CVE-2023-3390.json b/CVE-2023/CVE-2023-33xx/CVE-2023-3390.json index 3ec4c7a2f9f..554af4b3038 100644 --- a/CVE-2023/CVE-2023-33xx/CVE-2023-3390.json +++ b/CVE-2023/CVE-2023-33xx/CVE-2023-3390.json @@ -2,7 +2,7 @@ "id": "CVE-2023-3390", "sourceIdentifier": "cve-coordination@google.com", "published": "2023-06-28T21:15:10.447", - "lastModified": "2023-08-02T17:15:11.497", + "lastModified": "2023-08-18T14:15:28.593", "vulnStatus": "Modified", "descriptions": [ { @@ -115,6 +115,10 @@ "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00001.html", "source": "cve-coordination@google.com" }, + { + "url": "https://security.netapp.com/advisory/ntap-20230818-0004/", + "source": "cve-coordination@google.com" + }, { "url": "https://www.debian.org/security/2023/dsa-5448", "source": "cve-coordination@google.com", diff --git a/CVE-2023/CVE-2023-344xx/CVE-2023-34455.json b/CVE-2023/CVE-2023-344xx/CVE-2023-34455.json index cf9ecdabb24..e9cc9132281 100644 --- a/CVE-2023/CVE-2023-344xx/CVE-2023-34455.json +++ b/CVE-2023/CVE-2023-344xx/CVE-2023-34455.json @@ -2,8 +2,8 @@ "id": "CVE-2023-34455", "sourceIdentifier": "security-advisories@github.com", "published": "2023-06-15T18:15:09.347", - "lastModified": "2023-06-27T16:08:01.317", - "vulnStatus": "Analyzed", + "lastModified": "2023-08-18T14:15:23.960", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -112,6 +112,10 @@ "tags": [ "Vendor Advisory" ] + }, + { + "url": "https://security.netapp.com/advisory/ntap-20230818-0009/", + "source": "security-advisories@github.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-34xx/CVE-2023-3452.json b/CVE-2023/CVE-2023-34xx/CVE-2023-3452.json index aaeb21f0217..d106516f380 100644 --- a/CVE-2023/CVE-2023-34xx/CVE-2023-3452.json +++ b/CVE-2023/CVE-2023-34xx/CVE-2023-3452.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3452", "sourceIdentifier": "security@wordfence.com", "published": "2023-08-12T03:15:09.330", - "lastModified": "2023-08-14T00:36:59.677", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-18T15:03:13.747", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -46,18 +46,45 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:canto:canto:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "3.0.4", + "matchCriteriaId": "DC0B1396-0E46-46D8-856D-B4E5B0018B77" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/browser/canto/trunk/includes/lib/tree.php?rev=2841358#L5", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset/2951888/canto/trunk/includes/lib/tree.php", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a76077c6-700a-4d21-a930-b0d6455d959c?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-350xx/CVE-2023-35012.json b/CVE-2023/CVE-2023-350xx/CVE-2023-35012.json index a93e06cabc0..eb31870c7bc 100644 --- a/CVE-2023/CVE-2023-350xx/CVE-2023-35012.json +++ b/CVE-2023/CVE-2023-350xx/CVE-2023-35012.json @@ -2,8 +2,8 @@ "id": "CVE-2023-35012", "sourceIdentifier": "psirt@us.ibm.com", "published": "2023-07-17T01:15:08.693", - "lastModified": "2023-07-27T04:04:20.053", - "vulnStatus": "Analyzed", + "lastModified": "2023-08-18T14:15:26.743", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -124,6 +124,10 @@ "Vendor Advisory" ] }, + { + "url": "https://security.netapp.com/advisory/ntap-20230818-0013/", + "source": "psirt@us.ibm.com" + }, { "url": "https://www.ibm.com/support/pages/node/7010747", "source": "psirt@us.ibm.com", diff --git a/CVE-2023/CVE-2023-366xx/CVE-2023-36672.json b/CVE-2023/CVE-2023-366xx/CVE-2023-36672.json index d371567453e..11ecaa112f5 100644 --- a/CVE-2023/CVE-2023-366xx/CVE-2023-36672.json +++ b/CVE-2023/CVE-2023-366xx/CVE-2023-36672.json @@ -2,27 +2,90 @@ "id": "CVE-2023-36672", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-09T23:15:10.823", - "lastModified": "2023-08-10T01:51:18.907", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-18T15:54:46.543", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An issue was discovered in the Clario VPN client through 5.9.1.1662 for macOS. The VPN client insecurely configures the operating system such that traffic to the local network is sent in plaintext outside the VPN tunnel even if the local network is using a non-RFC1918 IP subnet. This allows an adversary to trick the victim into sending arbitrary IP traffic in plaintext outside the VPN tunnel. NOTE: the tunnelcrack.mathyvanhoef.com website uses this CVE ID to refer more generally to \"LocalNet attack resulting in leakage of traffic in plaintext\" rather than to only Clario." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.7, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.1, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-319" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:clario:vpn:*:*:*:*:*:macos:*:*", + "versionEndIncluding": "5.9.1.1662", + "matchCriteriaId": "9822EA93-223D-40F0-9F9A-25B42857A97E" + } + ] + } + ] + } + ], "references": [ { "url": "https://clario.co/vpn-for-mac/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Product" + ] }, { "url": "https://mullvad.net/de/blog/2023/8/9/response-to-tunnelcrack-vulnerability-disclosure/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://tunnelcrack.mathyvanhoef.com/details.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-36xx/CVE-2023-3609.json b/CVE-2023/CVE-2023-36xx/CVE-2023-3609.json index 45051bc51b8..881e689ae37 100644 --- a/CVE-2023/CVE-2023-36xx/CVE-2023-3609.json +++ b/CVE-2023/CVE-2023-36xx/CVE-2023-3609.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3609", "sourceIdentifier": "cve-coordination@google.com", "published": "2023-07-21T21:15:11.743", - "lastModified": "2023-07-31T17:25:47.483", - "vulnStatus": "Analyzed", + "lastModified": "2023-08-18T14:15:29.803", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -141,6 +141,10 @@ "tags": [ "Vendor Advisory" ] + }, + { + "url": "https://security.netapp.com/advisory/ntap-20230818-0005/", + "source": "cve-coordination@google.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-36xx/CVE-2023-3610.json b/CVE-2023/CVE-2023-36xx/CVE-2023-3610.json index 564fd5c62ee..54da56f2101 100644 --- a/CVE-2023/CVE-2023-36xx/CVE-2023-3610.json +++ b/CVE-2023/CVE-2023-36xx/CVE-2023-3610.json @@ -2,7 +2,7 @@ "id": "CVE-2023-3610", "sourceIdentifier": "cve-coordination@google.com", "published": "2023-07-21T21:15:11.820", - "lastModified": "2023-08-02T17:15:11.637", + "lastModified": "2023-08-18T14:15:33.450", "vulnStatus": "Modified", "descriptions": [ { @@ -167,6 +167,10 @@ "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00001.html", "source": "cve-coordination@google.com" }, + { + "url": "https://security.netapp.com/advisory/ntap-20230818-0005/", + "source": "cve-coordination@google.com" + }, { "url": "https://www.debian.org/security/2023/dsa-5461", "source": "cve-coordination@google.com", diff --git a/CVE-2023/CVE-2023-384xx/CVE-2023-38403.json b/CVE-2023/CVE-2023-384xx/CVE-2023-38403.json index 55c98ac43e6..58087396e45 100644 --- a/CVE-2023/CVE-2023-384xx/CVE-2023-38403.json +++ b/CVE-2023/CVE-2023-384xx/CVE-2023-38403.json @@ -2,8 +2,8 @@ "id": "CVE-2023-38403", "sourceIdentifier": "cve@mitre.org", "published": "2023-07-17T21:15:09.800", - "lastModified": "2023-08-15T17:26:21.567", - "vulnStatus": "Analyzed", + "lastModified": "2023-08-18T14:15:28.227", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -76,7 +76,6 @@ ] }, { - "operator": "AND", "nodes": [ { "operator": "OR", @@ -92,7 +91,6 @@ ] }, { - "operator": "AND", "nodes": [ { "operator": "OR", @@ -173,6 +171,10 @@ "Mailing List", "Third Party Advisory" ] + }, + { + "url": "https://security.netapp.com/advisory/ntap-20230818-0016/", + "source": "cve@mitre.org" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-389xx/CVE-2023-38902.json b/CVE-2023/CVE-2023-389xx/CVE-2023-38902.json index 5ac4d6245c3..a7a64a23a4b 100644 --- a/CVE-2023/CVE-2023-389xx/CVE-2023-38902.json +++ b/CVE-2023/CVE-2023-389xx/CVE-2023-38902.json @@ -2,12 +2,12 @@ "id": "CVE-2023-38902", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-17T13:15:11.347", - "lastModified": "2023-08-17T16:20:42.683", + "lastModified": "2023-08-18T14:15:28.480", "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", - "value": "An issue in RG-EW series home routers and repeaters v.EW_3.0(1)B11P204, RG-NBS and RG-S1930 series switches v.SWITCH_3.0(1)B11P218, RG-EG series business VPN routers v.EG_3.0(1)B11P216, EAP and RAP series wireless access points v.AP_3.0(1)B11P218, and NBC series wireless controllers v.AC_3.0(1)B11P86 allows a remote attacker to execute arbitrary code via the unifyframe-sgi.elf component in sub_40DA38." + "value": "A command injection vulnerability in RG-EW series home routers and repeaters v.EW_3.0(1)B11P219, RG-NBS and RG-S1930 series switches v.SWITCH_3.0(1)B11P219, RG-EG series business VPN routers v.EG_3.0(1)B11P219, EAP and RAP series wireless access points v.AP_3.0(1)B11P219, and NBC series wireless controllers v.AC_3.0(1)B11P219 allows an authorized attacker to execute arbitrary commands on remote devices by sending a POST request to /cgi-bin/luci/api/cmd via the remoteIp field." } ], "metrics": {}, diff --git a/CVE-2023/CVE-2023-38xx/CVE-2023-3817.json b/CVE-2023/CVE-2023-38xx/CVE-2023-3817.json index 12bbba62226..6e3a8744f5b 100644 --- a/CVE-2023/CVE-2023-38xx/CVE-2023-3817.json +++ b/CVE-2023/CVE-2023-38xx/CVE-2023-3817.json @@ -2,7 +2,7 @@ "id": "CVE-2023-3817", "sourceIdentifier": "openssl-security@openssl.org", "published": "2023-07-31T16:15:10.497", - "lastModified": "2023-08-16T08:15:41.760", + "lastModified": "2023-08-18T14:15:33.647", "vulnStatus": "Modified", "descriptions": [ { @@ -463,6 +463,10 @@ "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00019.html", "source": "openssl-security@openssl.org" }, + { + "url": "https://security.netapp.com/advisory/ntap-20230818-0014/", + "source": "openssl-security@openssl.org" + }, { "url": "https://www.openssl.org/news/secadv/20230731.txt", "source": "openssl-security@openssl.org", diff --git a/CVE-2023/CVE-2023-38xx/CVE-2023-3864.json b/CVE-2023/CVE-2023-38xx/CVE-2023-3864.json index 5bf7ed60e1a..617527b37ad 100644 --- a/CVE-2023/CVE-2023-38xx/CVE-2023-3864.json +++ b/CVE-2023/CVE-2023-38xx/CVE-2023-3864.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3864", "sourceIdentifier": "security@snowsoftware.com", "published": "2023-08-11T12:15:09.293", - "lastModified": "2023-08-11T12:58:22.393", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-18T14:16:40.163", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.9 + }, { "source": "security@snowsoftware.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + }, { "source": "security@snowsoftware.com", "type": "Secondary", @@ -46,10 +76,45 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:snowsoftware:snow_license_manager:*:*:*:*:service_provider:*:*:*", + "versionStartIncluding": "8.0.0", + "versionEndIncluding": "9.30.1", + "matchCriteriaId": "9D4B877A-8A0A-44AE-8BB2-6861A38FC46E" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" + } + ] + } + ] + } + ], "references": [ { "url": "https://community.snowsoftware.com/s/feed/0D56M00009gUexuSAC", - "source": "security@snowsoftware.com" + "source": "security@snowsoftware.com", + "tags": [ + "Issue Tracking", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-39xx/CVE-2023-3937.json b/CVE-2023/CVE-2023-39xx/CVE-2023-3937.json index 603454995ac..d1514fe3861 100644 --- a/CVE-2023/CVE-2023-39xx/CVE-2023-3937.json +++ b/CVE-2023/CVE-2023-39xx/CVE-2023-3937.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3937", "sourceIdentifier": "security@snowsoftware.com", "published": "2023-08-11T12:15:09.637", - "lastModified": "2023-08-11T12:58:22.393", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-18T14:30:09.183", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + }, { "source": "security@snowsoftware.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + }, { "source": "security@snowsoftware.com", "type": "Secondary", @@ -46,10 +76,45 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:snowsoftware:snow_license_manager:*:*:*:*:service_provider:*:*:*", + "versionStartIncluding": "9.0.0", + "versionEndIncluding": "9.30.1", + "matchCriteriaId": "37BB220A-0027-4C55-9EE3-25815A917061" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", + "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA" + } + ] + } + ] + } + ], "references": [ { "url": "https://community.snowsoftware.com/s/feed/0D56M00009gUexuSAC", - "source": "security@snowsoftware.com" + "source": "security@snowsoftware.com", + "tags": [ + "Issue Tracking", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-402xx/CVE-2023-40267.json b/CVE-2023/CVE-2023-402xx/CVE-2023-40267.json index 0a5f41b01dd..1e328a30b4d 100644 --- a/CVE-2023/CVE-2023-402xx/CVE-2023-40267.json +++ b/CVE-2023/CVE-2023-402xx/CVE-2023-40267.json @@ -2,23 +2,83 @@ "id": "CVE-2023-40267", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-11T07:15:09.647", - "lastModified": "2023-08-11T12:58:22.393", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-18T15:29:27.313", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "GitPython before 3.1.32 does not block insecure non-multi options in clone and clone_from. NOTE: this issue exists because of an incomplete fix for CVE-2022-24439." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gitpython_project:gitpython:*:*:*:*:*:python:*:*", + "versionEndExcluding": "3.1.32", + "matchCriteriaId": "06EB5A55-DB8A-4F86-9C77-F1FE464525FF" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/gitpython-developers/GitPython/commit/ca965ecc81853bca7675261729143f54e5bf4cdd", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/gitpython-developers/GitPython/pull/1609", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Issue Tracking", + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-44xx/CVE-2023-4407.json b/CVE-2023/CVE-2023-44xx/CVE-2023-4407.json index edfcb309649..76778b77cf8 100644 --- a/CVE-2023/CVE-2023-44xx/CVE-2023-4407.json +++ b/CVE-2023/CVE-2023-44xx/CVE-2023-4407.json @@ -2,8 +2,8 @@ "id": "CVE-2023-4407", "sourceIdentifier": "cna@vuldb.com", "published": "2023-08-18T13:15:09.830", - "lastModified": "2023-08-18T13:15:09.830", - "vulnStatus": "Received", + "lastModified": "2023-08-18T15:06:49.560", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-44xx/CVE-2023-4409.json b/CVE-2023/CVE-2023-44xx/CVE-2023-4409.json index 9a57a60ac98..4272d6a9f84 100644 --- a/CVE-2023/CVE-2023-44xx/CVE-2023-4409.json +++ b/CVE-2023/CVE-2023-44xx/CVE-2023-4409.json @@ -2,8 +2,8 @@ "id": "CVE-2023-4409", "sourceIdentifier": "cna@vuldb.com", "published": "2023-08-18T13:15:09.980", - "lastModified": "2023-08-18T13:15:09.980", - "vulnStatus": "Received", + "lastModified": "2023-08-18T15:06:49.560", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-44xx/CVE-2023-4410.json b/CVE-2023/CVE-2023-44xx/CVE-2023-4410.json new file mode 100644 index 00000000000..261a4929524 --- /dev/null +++ b/CVE-2023/CVE-2023-44xx/CVE-2023-4410.json @@ -0,0 +1,88 @@ +{ + "id": "CVE-2023-4410", + "sourceIdentifier": "cna@vuldb.com", + "published": "2023-08-18T14:15:34.147", + "lastModified": "2023-08-18T15:06:49.560", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability, which was classified as critical, was found in TOTOLINK EX1200L EN_V9.3.5u.6146_B20201023. This affects the function setDiagnosisCfg. The manipulation leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-237513 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL", + "baseScore": 6.5 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-78" + } + ] + } + ], + "references": [ + { + "url": "https://gist.github.com/dmknght/02a29e1c5ae18b45eacc2085d22068e8", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.237513", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.237513", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-44xx/CVE-2023-4411.json b/CVE-2023/CVE-2023-44xx/CVE-2023-4411.json new file mode 100644 index 00000000000..9e1a30ef678 --- /dev/null +++ b/CVE-2023/CVE-2023-44xx/CVE-2023-4411.json @@ -0,0 +1,88 @@ +{ + "id": "CVE-2023-4411", + "sourceIdentifier": "cna@vuldb.com", + "published": "2023-08-18T14:15:35.227", + "lastModified": "2023-08-18T15:06:49.560", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability has been found in TOTOLINK EX1200L EN_V9.3.5u.6146_B20201023 and classified as critical. This vulnerability affects the function setTracerouteCfg. The manipulation leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-237514 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL", + "baseScore": 6.5 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-78" + } + ] + } + ], + "references": [ + { + "url": "https://gist.github.com/dmknght/02a29e1c5ae18b45eacc2085d22068e8", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.237514", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.237514", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-44xx/CVE-2023-4412.json b/CVE-2023/CVE-2023-44xx/CVE-2023-4412.json new file mode 100644 index 00000000000..dcbf286fd25 --- /dev/null +++ b/CVE-2023/CVE-2023-44xx/CVE-2023-4412.json @@ -0,0 +1,88 @@ +{ + "id": "CVE-2023-4412", + "sourceIdentifier": "cna@vuldb.com", + "published": "2023-08-18T15:15:10.240", + "lastModified": "2023-08-18T15:15:10.240", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in TOTOLINK EX1200L EN_V9.3.5u.6146_B20201023 and classified as critical. This issue affects the function setWanCfg. The manipulation leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-237515. NOTE: The vendor was contacted early about this disclosure but did not respond in any way." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL", + "baseScore": 6.5 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-78" + } + ] + } + ], + "references": [ + { + "url": "https://gist.github.com/dmknght/02a29e1c5ae18b45eacc2085d22068e8", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.237515", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.237515", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-44xx/CVE-2023-4413.json b/CVE-2023/CVE-2023-44xx/CVE-2023-4413.json new file mode 100644 index 00000000000..5a7c3d9dca9 --- /dev/null +++ b/CVE-2023/CVE-2023-44xx/CVE-2023-4413.json @@ -0,0 +1,92 @@ +{ + "id": "CVE-2023-4413", + "sourceIdentifier": "cna@vuldb.com", + "published": "2023-08-18T15:15:10.353", + "lastModified": "2023-08-18T15:15:10.353", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in rkhunter Rootkit Hunter 1.4.4/1.4.6. It has been classified as problematic. Affected is an unknown function of the file /var/log/rkhunter.log. The manipulation leads to sensitive information in log files. An attack has to be approached locally. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-237516." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 2.5, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 1.0, + "impactScore": 1.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:L/AC:H/Au:S/C:P/I:N/A:N", + "accessVector": "LOCAL", + "accessComplexity": "HIGH", + "authentication": "SINGLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 1.0 + }, + "baseSeverity": "LOW", + "exploitabilityScore": 1.5, + "impactScore": 2.9, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-532" + } + ] + } + ], + "references": [ + { + "url": "https://gist.github.com/MatheuZSecurity/16ef0219db8f85f49f945a25d5eb42d7", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.237516", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.237516", + "source": "cna@vuldb.com" + }, + { + "url": "https://youtu.be/etHt1TNAgs8", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index dfa9a28cf7b..2a146df17c1 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-08-18T14:00:31.687159+00:00 +2023-08-18T16:00:32.175407+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-08-18T13:21:02.430000+00:00 +2023-08-18T15:54:46.543000+00:00 ``` ### Last Data Feed Release @@ -29,48 +29,59 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -222971 +222986 ``` ### CVEs added in the last Commit -Recently added CVEs: `4` +Recently added CVEs: `15` -* [CVE-2023-31094](CVE-2023/CVE-2023-310xx/CVE-2023-31094.json) (`2023-08-18T13:15:09.593`) -* [CVE-2023-31228](CVE-2023/CVE-2023-312xx/CVE-2023-31228.json) (`2023-08-18T13:15:09.743`) -* [CVE-2023-4407](CVE-2023/CVE-2023-44xx/CVE-2023-4407.json) (`2023-08-18T13:15:09.830`) -* [CVE-2023-4409](CVE-2023/CVE-2023-44xx/CVE-2023-4409.json) (`2023-08-18T13:15:09.980`) +* [CVE-2023-31218](CVE-2023/CVE-2023-312xx/CVE-2023-31218.json) (`2023-08-18T14:15:22.330`) +* [CVE-2023-31232](CVE-2023/CVE-2023-312xx/CVE-2023-31232.json) (`2023-08-18T14:15:22.467`) +* [CVE-2023-32103](CVE-2023/CVE-2023-321xx/CVE-2023-32103.json) (`2023-08-18T14:15:22.550`) +* [CVE-2023-32105](CVE-2023/CVE-2023-321xx/CVE-2023-32105.json) (`2023-08-18T14:15:22.633`) +* [CVE-2023-32106](CVE-2023/CVE-2023-321xx/CVE-2023-32106.json) (`2023-08-18T14:15:22.890`) +* [CVE-2023-32107](CVE-2023/CVE-2023-321xx/CVE-2023-32107.json) (`2023-08-18T14:15:23.347`) +* [CVE-2023-4410](CVE-2023/CVE-2023-44xx/CVE-2023-4410.json) (`2023-08-18T14:15:34.147`) +* [CVE-2023-4411](CVE-2023/CVE-2023-44xx/CVE-2023-4411.json) (`2023-08-18T14:15:35.227`) +* [CVE-2023-27576](CVE-2023/CVE-2023-275xx/CVE-2023-27576.json) (`2023-08-18T15:15:09.723`) +* [CVE-2023-29387](CVE-2023/CVE-2023-293xx/CVE-2023-29387.json) (`2023-08-18T15:15:09.830`) +* [CVE-2023-30499](CVE-2023/CVE-2023-304xx/CVE-2023-30499.json) (`2023-08-18T15:15:09.933`) +* [CVE-2023-32108](CVE-2023/CVE-2023-321xx/CVE-2023-32108.json) (`2023-08-18T15:15:10.033`) +* [CVE-2023-32109](CVE-2023/CVE-2023-321xx/CVE-2023-32109.json) (`2023-08-18T15:15:10.137`) +* [CVE-2023-4412](CVE-2023/CVE-2023-44xx/CVE-2023-4412.json) (`2023-08-18T15:15:10.240`) +* [CVE-2023-4413](CVE-2023/CVE-2023-44xx/CVE-2023-4413.json) (`2023-08-18T15:15:10.353`) ### CVEs modified in the last Commit -Recently modified CVEs: `59` +Recently modified CVEs: `46` -* [CVE-2023-39666](CVE-2023/CVE-2023-396xx/CVE-2023-39666.json) (`2023-08-18T12:43:51.207`) -* [CVE-2023-39667](CVE-2023/CVE-2023-396xx/CVE-2023-39667.json) (`2023-08-18T12:43:51.207`) -* [CVE-2023-39668](CVE-2023/CVE-2023-396xx/CVE-2023-39668.json) (`2023-08-18T12:43:51.207`) -* [CVE-2023-39669](CVE-2023/CVE-2023-396xx/CVE-2023-39669.json) (`2023-08-18T12:43:51.207`) -* [CVE-2023-39670](CVE-2023/CVE-2023-396xx/CVE-2023-39670.json) (`2023-08-18T12:43:51.207`) -* [CVE-2023-39671](CVE-2023/CVE-2023-396xx/CVE-2023-39671.json) (`2023-08-18T12:43:51.207`) -* [CVE-2023-39672](CVE-2023/CVE-2023-396xx/CVE-2023-39672.json) (`2023-08-18T12:43:51.207`) -* [CVE-2023-39673](CVE-2023/CVE-2023-396xx/CVE-2023-39673.json) (`2023-08-18T12:43:51.207`) -* [CVE-2023-39674](CVE-2023/CVE-2023-396xx/CVE-2023-39674.json) (`2023-08-18T12:43:51.207`) -* [CVE-2023-4040](CVE-2023/CVE-2023-40xx/CVE-2023-4040.json) (`2023-08-18T12:43:51.207`) -* [CVE-2023-30875](CVE-2023/CVE-2023-308xx/CVE-2023-30875.json) (`2023-08-18T12:43:51.207`) -* [CVE-2023-32626](CVE-2023/CVE-2023-326xx/CVE-2023-32626.json) (`2023-08-18T12:43:51.207`) -* [CVE-2023-35991](CVE-2023/CVE-2023-359xx/CVE-2023-35991.json) (`2023-08-18T12:43:51.207`) -* [CVE-2023-38132](CVE-2023/CVE-2023-381xx/CVE-2023-38132.json) (`2023-08-18T12:43:51.207`) -* [CVE-2023-38576](CVE-2023/CVE-2023-385xx/CVE-2023-38576.json) (`2023-08-18T12:43:51.207`) -* [CVE-2023-39415](CVE-2023/CVE-2023-394xx/CVE-2023-39415.json) (`2023-08-18T12:43:51.207`) -* [CVE-2023-39416](CVE-2023/CVE-2023-394xx/CVE-2023-39416.json) (`2023-08-18T12:43:51.207`) -* [CVE-2023-39445](CVE-2023/CVE-2023-394xx/CVE-2023-39445.json) (`2023-08-18T12:43:51.207`) -* [CVE-2023-39454](CVE-2023/CVE-2023-394xx/CVE-2023-39454.json) (`2023-08-18T12:43:51.207`) -* [CVE-2023-39455](CVE-2023/CVE-2023-394xx/CVE-2023-39455.json) (`2023-08-18T12:43:51.207`) -* [CVE-2023-39944](CVE-2023/CVE-2023-399xx/CVE-2023-39944.json) (`2023-08-18T12:43:51.207`) -* [CVE-2023-40069](CVE-2023/CVE-2023-400xx/CVE-2023-40069.json) (`2023-08-18T12:43:51.207`) -* [CVE-2023-40072](CVE-2023/CVE-2023-400xx/CVE-2023-40072.json) (`2023-08-18T12:43:51.207`) -* [CVE-2023-27515](CVE-2023/CVE-2023-275xx/CVE-2023-27515.json) (`2023-08-18T13:07:17.787`) -* [CVE-2023-32543](CVE-2023/CVE-2023-325xx/CVE-2023-32543.json) (`2023-08-18T13:15:36.243`) +* [CVE-2023-34455](CVE-2023/CVE-2023-344xx/CVE-2023-34455.json) (`2023-08-18T14:15:23.960`) +* [CVE-2023-35012](CVE-2023/CVE-2023-350xx/CVE-2023-35012.json) (`2023-08-18T14:15:26.743`) +* [CVE-2023-38403](CVE-2023/CVE-2023-384xx/CVE-2023-38403.json) (`2023-08-18T14:15:28.227`) +* [CVE-2023-38902](CVE-2023/CVE-2023-389xx/CVE-2023-38902.json) (`2023-08-18T14:15:28.480`) +* [CVE-2023-3390](CVE-2023/CVE-2023-33xx/CVE-2023-3390.json) (`2023-08-18T14:15:28.593`) +* [CVE-2023-3609](CVE-2023/CVE-2023-36xx/CVE-2023-3609.json) (`2023-08-18T14:15:29.803`) +* [CVE-2023-3610](CVE-2023/CVE-2023-36xx/CVE-2023-3610.json) (`2023-08-18T14:15:33.450`) +* [CVE-2023-3817](CVE-2023/CVE-2023-38xx/CVE-2023-3817.json) (`2023-08-18T14:15:33.647`) +* [CVE-2023-3864](CVE-2023/CVE-2023-38xx/CVE-2023-3864.json) (`2023-08-18T14:16:40.163`) +* [CVE-2023-3937](CVE-2023/CVE-2023-39xx/CVE-2023-3937.json) (`2023-08-18T14:30:09.183`) +* [CVE-2023-29500](CVE-2023/CVE-2023-295xx/CVE-2023-29500.json) (`2023-08-18T14:33:50.697`) +* [CVE-2023-32617](CVE-2023/CVE-2023-326xx/CVE-2023-32617.json) (`2023-08-18T15:02:51.067`) +* [CVE-2023-3452](CVE-2023/CVE-2023-34xx/CVE-2023-3452.json) (`2023-08-18T15:03:13.747`) +* [CVE-2023-28823](CVE-2023/CVE-2023-288xx/CVE-2023-28823.json) (`2023-08-18T15:03:45.797`) +* [CVE-2023-31094](CVE-2023/CVE-2023-310xx/CVE-2023-31094.json) (`2023-08-18T15:06:49.560`) +* [CVE-2023-31228](CVE-2023/CVE-2023-312xx/CVE-2023-31228.json) (`2023-08-18T15:06:49.560`) +* [CVE-2023-4407](CVE-2023/CVE-2023-44xx/CVE-2023-4407.json) (`2023-08-18T15:06:49.560`) +* [CVE-2023-4409](CVE-2023/CVE-2023-44xx/CVE-2023-4409.json) (`2023-08-18T15:06:49.560`) +* [CVE-2023-28711](CVE-2023/CVE-2023-287xx/CVE-2023-28711.json) (`2023-08-18T15:15:38.937`) +* [CVE-2023-28380](CVE-2023/CVE-2023-283xx/CVE-2023-28380.json) (`2023-08-18T15:25:35.353`) +* [CVE-2023-28385](CVE-2023/CVE-2023-283xx/CVE-2023-28385.json) (`2023-08-18T15:26:21.167`) +* [CVE-2023-24016](CVE-2023/CVE-2023-240xx/CVE-2023-24016.json) (`2023-08-18T15:26:36.683`) +* [CVE-2023-40267](CVE-2023/CVE-2023-402xx/CVE-2023-40267.json) (`2023-08-18T15:29:27.313`) +* [CVE-2023-28405](CVE-2023/CVE-2023-284xx/CVE-2023-28405.json) (`2023-08-18T15:43:36.957`) +* [CVE-2023-36672](CVE-2023/CVE-2023-366xx/CVE-2023-36672.json) (`2023-08-18T15:54:46.543`) ## Download and Usage