diff --git a/CVE-2020/CVE-2020-122xx/CVE-2020-12272.json b/CVE-2020/CVE-2020-122xx/CVE-2020-12272.json index fed9ec19431..dda1ae6898e 100644 --- a/CVE-2020/CVE-2020-122xx/CVE-2020-12272.json +++ b/CVE-2020/CVE-2020-122xx/CVE-2020-12272.json @@ -2,8 +2,8 @@ "id": "CVE-2020-12272", "sourceIdentifier": "cve@mitre.org", "published": "2020-04-27T14:15:11.330", - "lastModified": "2022-11-16T03:20:50.287", - "vulnStatus": "Analyzed", + "lastModified": "2023-08-28T20:15:07.633", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -130,6 +130,10 @@ } ], "references": [ + { + "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00035.html", + "source": "cve@mitre.org" + }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2D4JGHMALEJEWWG56DKR5OZB22TK7W5B/", "source": "cve@mitre.org", diff --git a/CVE-2020/CVE-2020-216xx/CVE-2020-21699.json b/CVE-2020/CVE-2020-216xx/CVE-2020-21699.json index 45b38df82cb..8d17c1b0f59 100644 --- a/CVE-2020/CVE-2020-216xx/CVE-2020-21699.json +++ b/CVE-2020/CVE-2020-216xx/CVE-2020-21699.json @@ -2,19 +2,75 @@ "id": "CVE-2020-21699", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-22T19:16:15.847", - "lastModified": "2023-08-22T20:10:36.537", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-28T21:17:32.603", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "The web server Tengine 2.2.2 developed in the Nginx version from 0.5.6 thru 1.13.2 is vulnerable to an integer overflow vulnerability in the nginx range filter module, resulting in the leakage of potentially sensitive information triggered by specially crafted requests." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-190" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:alibaba:tengine:2.2.2:*:*:*:*:nginx:*:*", + "matchCriteriaId": "B93765C2-94DC-442F-9D73-D32A947A313F" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/ZxDecide/Nginx-variants/blob/master/%E9%99%84%E4%BB%B6(Tengine).docx", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2020/CVE-2020-241xx/CVE-2020-24113.json b/CVE-2020/CVE-2020-241xx/CVE-2020-24113.json index 3fb04f11420..5f3af767f9c 100644 --- a/CVE-2020/CVE-2020-241xx/CVE-2020-24113.json +++ b/CVE-2020/CVE-2020-241xx/CVE-2020-24113.json @@ -2,19 +2,86 @@ "id": "CVE-2020-24113", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-22T22:15:08.080", - "lastModified": "2023-08-23T13:17:22.070", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-28T20:09:43.660", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Directory Traversal vulnerability in Contacts File Upload Interface in Yealink W60B version 77.83.0.85, allows attackers to gain sensitive information and cause a denial of service (DoS)." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 9.1, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.2 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:yealink:w60b_firmware:77.83.0.85:*:*:*:*:*:*:*", + "matchCriteriaId": "C883A3A2-AAD9-4A86-B204-CCD8E83DF433" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:yealink:w60b:-:*:*:*:*:*:*:*", + "matchCriteriaId": "594D7F97-0A65-4479-AD50-B0D0CEB340AF" + } + ] + } + ] + } + ], "references": [ { "url": "https://fuo.fi/CVE-2020-24113/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2020/CVE-2020-241xx/CVE-2020-24165.json b/CVE-2020/CVE-2020-241xx/CVE-2020-24165.json new file mode 100644 index 00000000000..2f5d873fe16 --- /dev/null +++ b/CVE-2020/CVE-2020-241xx/CVE-2020-24165.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2020-24165", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-28T21:15:07.510", + "lastModified": "2023-08-28T21:15:07.510", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An issue was discovered in TCG Accelerator in QEMU 4.2.0, allows local attackers to execute arbitrary code, escalate privileges, and cause a denial of service (DoS)." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://bugs.launchpad.net/qemu/+bug/1863025", + "source": "cve@mitre.org" + }, + { + "url": "https://pastebin.com/iqCbjdT8", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2022/CVE-2022-485xx/CVE-2022-48538.json b/CVE-2022/CVE-2022-485xx/CVE-2022-48538.json index 7a67a9480dc..aa5f7fe94fb 100644 --- a/CVE-2022/CVE-2022-485xx/CVE-2022-48538.json +++ b/CVE-2022/CVE-2022-485xx/CVE-2022-48538.json @@ -2,23 +2,83 @@ "id": "CVE-2022-48538", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-22T19:16:31.230", - "lastModified": "2023-08-22T20:10:36.537", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-28T20:06:05.137", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "In Cacti 1.2.19, there is an authentication bypass in the web login functionality because of improper validation in the PHP code: cacti_ldap_auth() allows a zero as the password." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-863" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:cacti:cacti:1.2.19:*:*:*:*:*:*:*", + "matchCriteriaId": "A4BB8CCB-5F52-4248-947C-3F4F1211EF53" + } + ] + } + ] + } + ], "references": [ { "url": "https://docs.cacti.net/Settings-Auth-LDAP.md", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Technical Description" + ] }, { "url": "https://github.com/Cacti/cacti/issues/5189", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-485xx/CVE-2022-48545.json b/CVE-2022/CVE-2022-485xx/CVE-2022-48545.json index e48010bfef2..3a71a50448c 100644 --- a/CVE-2022/CVE-2022-485xx/CVE-2022-48545.json +++ b/CVE-2022/CVE-2022-485xx/CVE-2022-48545.json @@ -2,19 +2,74 @@ "id": "CVE-2022-48545", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-22T19:16:31.553", - "lastModified": "2023-08-22T20:10:36.537", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-28T20:40:51.623", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An infinite recursion in Catalog::findDestInTree can cause denial of service for xpdf 4.02." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-674" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:xpdfreader:xpdf:4.02:*:*:*:*:*:*:*", + "matchCriteriaId": "405F7593-5AB5-416A-A64D-846B3D9F5A94" + } + ] + } + ] + } + ], "references": [ { "url": "https://forum.xpdfreader.com/viewtopic.php?f=3&t=42092", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-321xx/CVE-2023-32119.json b/CVE-2023/CVE-2023-321xx/CVE-2023-32119.json index 47a242ca2ef..1e9bde39798 100644 --- a/CVE-2023/CVE-2023-321xx/CVE-2023-32119.json +++ b/CVE-2023/CVE-2023-321xx/CVE-2023-32119.json @@ -2,8 +2,8 @@ "id": "CVE-2023-32119", "sourceIdentifier": "audit@patchstack.com", "published": "2023-08-23T13:15:07.617", - "lastModified": "2023-08-23T13:17:18.197", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-28T21:24:05.680", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +66,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:wpo365:mail_integration_for_office_365_\\/_outlook:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "1.9.1", + "matchCriteriaId": "05341EB5-D9AE-4BA4-ABED-C888A60DB260" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/mail-integration-365/wordpress-wpo365-mail-integration-for-office-365-outlook-plugin-1-9-0-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-357xx/CVE-2023-35785.json b/CVE-2023/CVE-2023-357xx/CVE-2023-35785.json new file mode 100644 index 00000000000..839d156f88a --- /dev/null +++ b/CVE-2023/CVE-2023-357xx/CVE-2023-35785.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-35785", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-28T20:15:08.033", + "lastModified": "2023-08-28T20:15:08.033", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Zoho ManageEngine ADManager Plus through 7186 is vulnerable to 2FA bypass." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://manageengine.com", + "source": "cve@mitre.org" + }, + { + "url": "https://www.manageengine.com/security/advisory/CVE/CVE-2023-35785.html", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-36xx/CVE-2023-3699.json b/CVE-2023/CVE-2023-36xx/CVE-2023-3699.json index 4a6a8f35d3f..cf8e89ceec7 100644 --- a/CVE-2023/CVE-2023-36xx/CVE-2023-3699.json +++ b/CVE-2023/CVE-2023-36xx/CVE-2023-3699.json @@ -2,8 +2,8 @@ "id": "CVE-2023-3699", "sourceIdentifier": "security@asustor.com", "published": "2023-08-22T19:16:39.707", - "lastModified": "2023-08-22T20:10:36.537", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-28T21:12:52.317", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + }, { "source": "security@asustor.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + }, { "source": "security@asustor.com", "type": "Secondary", @@ -46,10 +76,32 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:asustor:data_master:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.0.6.ris1", + "versionEndExcluding": "4.2.3.rk91", + "matchCriteriaId": "123C0519-ADFD-4072-89EF-020992A9EA7F" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.asustor.com/security/security_advisory_detail?id=29", - "source": "security@asustor.com" + "source": "security@asustor.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-389xx/CVE-2023-38969.json b/CVE-2023/CVE-2023-389xx/CVE-2023-38969.json new file mode 100644 index 00000000000..c28c794674c --- /dev/null +++ b/CVE-2023/CVE-2023-389xx/CVE-2023-38969.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-38969", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-28T21:15:07.667", + "lastModified": "2023-08-28T21:15:07.667", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Cross Site Scripting vulnerabiltiy in Badaso v.2.9.7 allows a remote attacker to execute arbitrary code via a crafted payload to the title parameter in the new book and edit book function." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/anh91/uasoft-indonesia--badaso/blob/main/XSS2.md", + "source": "cve@mitre.org" + }, + { + "url": "https://panda002.hashnode.dev/badaso-version-297-has-an-xss-vulnerability-in-add-books", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-393xx/CVE-2023-39348.json b/CVE-2023/CVE-2023-393xx/CVE-2023-39348.json new file mode 100644 index 00000000000..99c709fd77b --- /dev/null +++ b/CVE-2023/CVE-2023-393xx/CVE-2023-39348.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2023-39348", + "sourceIdentifier": "security-advisories@github.com", + "published": "2023-08-28T20:15:08.107", + "lastModified": "2023-08-28T20:15:08.107", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Spinnaker is an open source, multi-cloud continuous delivery platform. Log output when updating GitHub status is improperly set to FULL always. It's recommended to apply the patch and rotate the GitHub token used for github status notifications. Given that this would output github tokens to a log system, the risk is slightly higher than a \"low\" since token exposure could grant elevated access to repositories outside of control. If using READ restricted tokens, the exposure is such that the token itself could be used to access resources otherwise restricted from reads. This only affects users of GitHub Status Notifications. This issue has been addressed in pull request 1316. Users are advised to upgrade. Users unable to upgrade should disable GH Status Notifications, Filter their logs for Echo log data and use read-only tokens that are limited in scope." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N", + "attackVector": "PHYSICAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.0, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.9, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-532" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/spinnaker/echo/pull/1316", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/spinnaker/spinnaker/security/advisories/GHSA-rq5c-hvw6-8pr7", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-395xx/CVE-2023-39578.json b/CVE-2023/CVE-2023-395xx/CVE-2023-39578.json new file mode 100644 index 00000000000..42ee9b2eead --- /dev/null +++ b/CVE-2023/CVE-2023-395xx/CVE-2023-39578.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-39578", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-28T20:15:08.207", + "lastModified": "2023-08-28T20:15:08.207", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A stored cross-site scripting (XSS) vulnerability in the Create function of Zenario CMS v9.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Menu navigation text field." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/anh91/Zenario-xss/issues/1", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-396xx/CVE-2023-39652.json b/CVE-2023/CVE-2023-396xx/CVE-2023-39652.json new file mode 100644 index 00000000000..19068f894fd --- /dev/null +++ b/CVE-2023/CVE-2023-396xx/CVE-2023-39652.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-39652", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-28T21:15:07.723", + "lastModified": "2023-08-28T21:15:07.723", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "theme volty tvcmsvideotab up to v4.0.0 was discovered to contain a SQL injection vulnerability via the component TvcmsVideoTabConfirmDeleteModuleFrontController::run()." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://security.friendsofpresta.org/modules/2023/08/24/tvcmsvideotab.html", + "source": "cve@mitre.org" + }, + { + "url": "https://themevolty.com/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-399xx/CVE-2023-39968.json b/CVE-2023/CVE-2023-399xx/CVE-2023-39968.json new file mode 100644 index 00000000000..7660d87d3bf --- /dev/null +++ b/CVE-2023/CVE-2023-399xx/CVE-2023-39968.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2023-39968", + "sourceIdentifier": "security-advisories@github.com", + "published": "2023-08-28T21:15:07.777", + "lastModified": "2023-08-28T21:15:07.777", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "jupyter-server is the backend for Jupyter web applications. Open Redirect Vulnerability. Maliciously crafted login links to known Jupyter Servers can cause successful login or an already logged-in session to be redirected to arbitrary sites, which should be restricted to Jupyter Server-served URLs. This issue has been addressed in commit `29036259` which is included in release 2.7.2. Users are advised to upgrade. There are no known workarounds for this vulnerability." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-601" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/jupyter-server/jupyter_server/commit/290362593b2ffb23c59f8114d76f77875de4b925", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/jupyter-server/jupyter_server/security/advisories/GHSA-r726-vmfq-j9j3", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-401xx/CVE-2023-40170.json b/CVE-2023/CVE-2023-401xx/CVE-2023-40170.json new file mode 100644 index 00000000000..c64e24ab62d --- /dev/null +++ b/CVE-2023/CVE-2023-401xx/CVE-2023-40170.json @@ -0,0 +1,63 @@ +{ + "id": "CVE-2023-40170", + "sourceIdentifier": "security-advisories@github.com", + "published": "2023-08-28T21:15:07.873", + "lastModified": "2023-08-28T21:15:07.873", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "jupyter-server is the backend for Jupyter web applications. Improper cross-site credential checks on `/files/` URLs could allow exposure of certain file contents, or accessing files when opening untrusted files via \"Open image in new tab\". This issue has been addressed in commit `87a49272728` which has been included in release `2.7.2`. Users are advised to upgrade. Users unable to upgrade may use the lower performance `--ContentsManager.files_handler_class=jupyter_server.files.handlers.FilesHandler`, which implements the correct checks." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.6, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.1, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-284" + }, + { + "lang": "en", + "value": "CWE-306" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/jupyter-server/jupyter_server/commit/87a4927272819f0b1cae1afa4c8c86ee2da002fd", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/jupyter-server/jupyter_server/security/advisories/GHSA-64x5-55rw-9974", + "source": "security-advisories@github.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-410xx/CVE-2023-41098.json b/CVE-2023/CVE-2023-410xx/CVE-2023-41098.json index 8c4e89ec6a5..91ce8cdea47 100644 --- a/CVE-2023/CVE-2023-410xx/CVE-2023-41098.json +++ b/CVE-2023/CVE-2023-410xx/CVE-2023-41098.json @@ -2,19 +2,78 @@ "id": "CVE-2023-41098", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-23T06:15:07.950", - "lastModified": "2023-08-23T13:17:18.197", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-28T21:21:37.023", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An issue was discovered in MISP 2.4.174. In app/Controller/DashboardsController.php, a reflected XSS issue exists via the id parameter upon a dashboard edit." + }, + { + "lang": "es", + "value": "Se ha descubierto un problema en MISP v2.4.174. En el fichero \"app/Controller/DashboardsController.php\" existe un problema de Cross-Site Scripting (XSS) reflejado a trav\u00e9s del par\u00e1metro \"id\" al editar un panel de control. " + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:misp:misp:2.4.174:*:*:*:*:*:*:*", + "matchCriteriaId": "41B6B5F0-5F19-48A8-BD25-08E4D3FD7665" + } + ] + } + ] } ], - "metrics": {}, "references": [ { "url": "https://github.com/MISP/MISP/commit/09fb0cba65eab9341e81f1cbebc2ae10be34a2b7", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-411xx/CVE-2023-41100.json b/CVE-2023/CVE-2023-411xx/CVE-2023-41100.json index 16ebbf3429e..2e4761d78b9 100644 --- a/CVE-2023/CVE-2023-411xx/CVE-2023-41100.json +++ b/CVE-2023/CVE-2023-411xx/CVE-2023-41100.json @@ -2,8 +2,8 @@ "id": "CVE-2023-41100", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-23T06:15:09.220", - "lastModified": "2023-08-23T13:17:18.197", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-28T21:27:36.420", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + }, { "source": "cve@mitre.org", "type": "Secondary", @@ -34,10 +54,44 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:hcaptcha_for_ext\\:form_project:hcaptcha_for_ext\\:form:*:*:*:*:*:typo3:*:*", + "versionEndExcluding": "2.1.2", + "matchCriteriaId": "6E550E30-E5A0-40A9-95E4-B8CF55BA9BAC" + } + ] + } + ] + } + ], "references": [ { "url": "https://typo3.org/security/advisory/typo3-ext-sa-2023-007", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-411xx/CVE-2023-41104.json b/CVE-2023/CVE-2023-411xx/CVE-2023-41104.json index 5f052c69b75..3b9cbef2384 100644 --- a/CVE-2023/CVE-2023-411xx/CVE-2023-41104.json +++ b/CVE-2023/CVE-2023-411xx/CVE-2023-41104.json @@ -2,27 +2,123 @@ "id": "CVE-2023-41104", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-23T07:15:08.417", - "lastModified": "2023-08-23T13:17:18.197", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-28T21:41:07.790", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "libvmod-digest before 1.0.3, as used in Varnish Enterprise 6.0.x before 6.0.11r5, has an out-of-bounds memory access during base64 decoding, leading to both authentication bypass and information disclosure; however, the exact attack surface will depend on the particular VCL (Varnish Configuration Language) configuration in use." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-119" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:varnish-software:varnish_enterprise:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.0.0", + "versionEndExcluding": "6.0.11", + "matchCriteriaId": "E51F4EF4-1AFE-4395-904D-FDDE83B19CFB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:varnish-software:varnish_enterprise:6.0.11:-:*:*:*:*:*:*", + "matchCriteriaId": "48190A61-CD4F-4C9D-8C82-13A14470BA58" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:varnish-software:varnish_enterprise:6.0.11:r1:*:*:*:*:*:*", + "matchCriteriaId": "943E3FE8-EA6D-4500-8014-697A9A0CEF91" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:varnish-software:varnish_enterprise:6.0.11:r2:*:*:*:*:*:*", + "matchCriteriaId": "F2CBF396-441D-44F2-BAFF-D3B2A981FBCD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:varnish-software:varnish_enterprise:6.0.11:r3:*:*:*:*:*:*", + "matchCriteriaId": "136343D5-80C1-4F83-8471-2C26F9FD492A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:varnish-software:varnish_enterprise:6.0.11:r4:*:*:*:*:*:*", + "matchCriteriaId": "A34B5F57-B86F-41CB-A3D8-9084960D3E45" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:varnish-software:vmod_digest:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.0.3", + "matchCriteriaId": "739EF024-4944-4B7B-8872-843CECF9F928" + } + ] + } + ] + } + ], "references": [ { "url": "https://docs.varnish-software.com/security/VSV00012/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Mitigation", + "Vendor Advisory" + ] }, { "url": "https://github.com/varnish/libvmod-digest/releases/tag/libvmod-digest-1.0.3", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Release Notes" + ] }, { "url": "https://www.varnish-cache.org/security/VSV00012.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-411xx/CVE-2023-41109.json b/CVE-2023/CVE-2023-411xx/CVE-2023-41109.json new file mode 100644 index 00000000000..99902dc42f8 --- /dev/null +++ b/CVE-2023/CVE-2023-411xx/CVE-2023-41109.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-41109", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-28T20:15:08.273", + "lastModified": "2023-08-28T20:15:08.273", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "SmartNode SN200 (aka SN200) 3.21.2-23021 allows unauthenticated OS Command Injection." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://www.syss.de/", + "source": "cve@mitre.org" + }, + { + "url": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2023-019.txt", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-44xx/CVE-2023-4404.json b/CVE-2023/CVE-2023-44xx/CVE-2023-4404.json index 1cba0d04291..9908f4beab8 100644 --- a/CVE-2023/CVE-2023-44xx/CVE-2023-4404.json +++ b/CVE-2023/CVE-2023-44xx/CVE-2023-4404.json @@ -2,8 +2,8 @@ "id": "CVE-2023-4404", "sourceIdentifier": "security@wordfence.com", "published": "2023-08-23T02:15:08.887", - "lastModified": "2023-08-23T13:17:18.197", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-28T20:46:11.667", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -17,7 +17,7 @@ "metrics": { "cvssMetricV31": [ { - "source": "security@wordfence.com", + "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "3.1", @@ -35,12 +35,32 @@ }, "exploitabilityScore": 3.9, "impactScore": 5.9 + }, + { + "source": "security@wordfence.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 } ] }, "weaknesses": [ { - "source": "security@wordfence.com", + "source": "nvd@nist.gov", "type": "Primary", "description": [ { @@ -48,16 +68,50 @@ "value": "CWE-269" } ] + }, + { + "source": "security@wordfence.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-269" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:wpcharitable:charitable:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "1.7.0.12", + "matchCriteriaId": "FF5A9FF4-AC5A-491F-9BAF-9A25859A0068" + } + ] + } + ] } ], "references": [ { "url": "https://plugins.trac.wordpress.org/browser/charitable/tags/1.7.0.12/includes/users/class-charitable-user.php#L866", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Product" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/522ecc1c-5834-4325-9234-79cf712213f3?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-44xx/CVE-2023-4475.json b/CVE-2023/CVE-2023-44xx/CVE-2023-4475.json index 5247f710110..272f875959a 100644 --- a/CVE-2023/CVE-2023-44xx/CVE-2023-4475.json +++ b/CVE-2023/CVE-2023-44xx/CVE-2023-4475.json @@ -2,8 +2,8 @@ "id": "CVE-2023-4475", "sourceIdentifier": "security@asustor.com", "published": "2023-08-22T19:16:41.753", - "lastModified": "2023-08-22T20:10:36.537", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-28T20:33:24.607", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + }, { "source": "security@asustor.com", "type": "Secondary", @@ -35,6 +55,16 @@ ] }, "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-552" + } + ] + }, { "source": "security@asustor.com", "type": "Secondary", @@ -46,10 +76,32 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:asustor:data_master:*:*:*:*:*:*:*:*", + "versionStartIncluding": "4.0.6.ris1", + "versionEndExcluding": "4.2.2.ri61", + "matchCriteriaId": "DB0DBC18-2FD7-4870-AF9F-1B44EAB81B75" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.asustor.com/security/security_advisory_detail?id=30", - "source": "security@asustor.com" + "source": "security@asustor.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/README.md b/README.md index 634a122723a..0e209e917f4 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-08-28T20:00:25.281014+00:00 +2023-08-28T22:00:25.408660+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-08-28T19:55:42.107000+00:00 +2023-08-28T21:41:07.790000+00:00 ``` ### Last Data Feed Release @@ -29,50 +29,40 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -223567 +223576 ``` ### CVEs added in the last Commit -Recently added CVEs: `6` +Recently added CVEs: `9` -* [CVE-2020-27366](CVE-2020/CVE-2020-273xx/CVE-2020-27366.json) (`2023-08-28T18:15:08.593`) -* [CVE-2023-39062](CVE-2023/CVE-2023-390xx/CVE-2023-39062.json) (`2023-08-28T18:15:08.863`) -* [CVE-2023-40590](CVE-2023/CVE-2023-405xx/CVE-2023-40590.json) (`2023-08-28T18:15:08.937`) -* [CVE-2023-39562](CVE-2023/CVE-2023-395xx/CVE-2023-39562.json) (`2023-08-28T19:15:07.747`) -* [CVE-2023-39709](CVE-2023/CVE-2023-397xx/CVE-2023-39709.json) (`2023-08-28T19:15:07.830`) -* [CVE-2023-39810](CVE-2023/CVE-2023-398xx/CVE-2023-39810.json) (`2023-08-28T19:15:07.893`) +* [CVE-2020-24165](CVE-2020/CVE-2020-241xx/CVE-2020-24165.json) (`2023-08-28T21:15:07.510`) +* [CVE-2023-35785](CVE-2023/CVE-2023-357xx/CVE-2023-35785.json) (`2023-08-28T20:15:08.033`) +* [CVE-2023-39348](CVE-2023/CVE-2023-393xx/CVE-2023-39348.json) (`2023-08-28T20:15:08.107`) +* [CVE-2023-39578](CVE-2023/CVE-2023-395xx/CVE-2023-39578.json) (`2023-08-28T20:15:08.207`) +* [CVE-2023-41109](CVE-2023/CVE-2023-411xx/CVE-2023-41109.json) (`2023-08-28T20:15:08.273`) +* [CVE-2023-38969](CVE-2023/CVE-2023-389xx/CVE-2023-38969.json) (`2023-08-28T21:15:07.667`) +* [CVE-2023-39652](CVE-2023/CVE-2023-396xx/CVE-2023-39652.json) (`2023-08-28T21:15:07.723`) +* [CVE-2023-39968](CVE-2023/CVE-2023-399xx/CVE-2023-39968.json) (`2023-08-28T21:15:07.777`) +* [CVE-2023-40170](CVE-2023/CVE-2023-401xx/CVE-2023-40170.json) (`2023-08-28T21:15:07.873`) ### CVEs modified in the last Commit -Recently modified CVEs: `44` +Recently modified CVEs: `12` -* [CVE-2023-40759](CVE-2023/CVE-2023-407xx/CVE-2023-40759.json) (`2023-08-28T19:28:54.367`) -* [CVE-2023-40760](CVE-2023/CVE-2023-407xx/CVE-2023-40760.json) (`2023-08-28T19:28:54.367`) -* [CVE-2023-40761](CVE-2023/CVE-2023-407xx/CVE-2023-40761.json) (`2023-08-28T19:28:54.367`) -* [CVE-2023-40762](CVE-2023/CVE-2023-407xx/CVE-2023-40762.json) (`2023-08-28T19:28:54.367`) -* [CVE-2023-40763](CVE-2023/CVE-2023-407xx/CVE-2023-40763.json) (`2023-08-28T19:28:54.367`) -* [CVE-2023-40764](CVE-2023/CVE-2023-407xx/CVE-2023-40764.json) (`2023-08-28T19:28:54.367`) -* [CVE-2023-40765](CVE-2023/CVE-2023-407xx/CVE-2023-40765.json) (`2023-08-28T19:28:54.367`) -* [CVE-2023-40766](CVE-2023/CVE-2023-407xx/CVE-2023-40766.json) (`2023-08-28T19:28:54.367`) -* [CVE-2023-40767](CVE-2023/CVE-2023-407xx/CVE-2023-40767.json) (`2023-08-28T19:28:54.367`) -* [CVE-2023-39708](CVE-2023/CVE-2023-397xx/CVE-2023-39708.json) (`2023-08-28T19:28:54.367`) -* [CVE-2023-40846](CVE-2023/CVE-2023-408xx/CVE-2023-40846.json) (`2023-08-28T19:28:54.367`) -* [CVE-2023-1997](CVE-2023/CVE-2023-19xx/CVE-2023-1997.json) (`2023-08-28T19:28:54.367`) -* [CVE-2023-39560](CVE-2023/CVE-2023-395xx/CVE-2023-39560.json) (`2023-08-28T19:28:54.367`) -* [CVE-2023-40748](CVE-2023/CVE-2023-407xx/CVE-2023-40748.json) (`2023-08-28T19:28:54.370`) -* [CVE-2023-40749](CVE-2023/CVE-2023-407xx/CVE-2023-40749.json) (`2023-08-28T19:28:54.370`) -* [CVE-2023-40750](CVE-2023/CVE-2023-407xx/CVE-2023-40750.json) (`2023-08-28T19:28:54.370`) -* [CVE-2023-40751](CVE-2023/CVE-2023-407xx/CVE-2023-40751.json) (`2023-08-28T19:28:54.370`) -* [CVE-2023-40752](CVE-2023/CVE-2023-407xx/CVE-2023-40752.json) (`2023-08-28T19:28:54.370`) -* [CVE-2023-40753](CVE-2023/CVE-2023-407xx/CVE-2023-40753.json) (`2023-08-28T19:28:54.370`) -* [CVE-2023-40754](CVE-2023/CVE-2023-407xx/CVE-2023-40754.json) (`2023-08-28T19:28:54.370`) -* [CVE-2023-38668](CVE-2023/CVE-2023-386xx/CVE-2023-38668.json) (`2023-08-28T19:38:54.383`) -* [CVE-2023-38667](CVE-2023/CVE-2023-386xx/CVE-2023-38667.json) (`2023-08-28T19:40:03.987`) -* [CVE-2023-38666](CVE-2023/CVE-2023-386xx/CVE-2023-38666.json) (`2023-08-28T19:46:35.200`) -* [CVE-2023-33850](CVE-2023/CVE-2023-338xx/CVE-2023-33850.json) (`2023-08-28T19:51:25.020`) -* [CVE-2023-4427](CVE-2023/CVE-2023-44xx/CVE-2023-4427.json) (`2023-08-28T19:55:42.107`) +* [CVE-2020-24113](CVE-2020/CVE-2020-241xx/CVE-2020-24113.json) (`2023-08-28T20:09:43.660`) +* [CVE-2020-12272](CVE-2020/CVE-2020-122xx/CVE-2020-12272.json) (`2023-08-28T20:15:07.633`) +* [CVE-2020-21699](CVE-2020/CVE-2020-216xx/CVE-2020-21699.json) (`2023-08-28T21:17:32.603`) +* [CVE-2022-48538](CVE-2022/CVE-2022-485xx/CVE-2022-48538.json) (`2023-08-28T20:06:05.137`) +* [CVE-2022-48545](CVE-2022/CVE-2022-485xx/CVE-2022-48545.json) (`2023-08-28T20:40:51.623`) +* [CVE-2023-4475](CVE-2023/CVE-2023-44xx/CVE-2023-4475.json) (`2023-08-28T20:33:24.607`) +* [CVE-2023-4404](CVE-2023/CVE-2023-44xx/CVE-2023-4404.json) (`2023-08-28T20:46:11.667`) +* [CVE-2023-3699](CVE-2023/CVE-2023-36xx/CVE-2023-3699.json) (`2023-08-28T21:12:52.317`) +* [CVE-2023-41098](CVE-2023/CVE-2023-410xx/CVE-2023-41098.json) (`2023-08-28T21:21:37.023`) +* [CVE-2023-32119](CVE-2023/CVE-2023-321xx/CVE-2023-32119.json) (`2023-08-28T21:24:05.680`) +* [CVE-2023-41100](CVE-2023/CVE-2023-411xx/CVE-2023-41100.json) (`2023-08-28T21:27:36.420`) +* [CVE-2023-41104](CVE-2023/CVE-2023-411xx/CVE-2023-41104.json) (`2023-08-28T21:41:07.790`) ## Download and Usage