admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-19 17:31:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-10-30T13:00:25.728456+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-10-30 13:00:29 +00:00
parent 61a9cfca56
commit 7bfcd6611c
53 changed files with 1541 additions and 163 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
CVE-2005/CVE-2005-100xx/CVE-2005-10002.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2005-10002",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-10-29T15:15:42.073",
"lastModified": "2023-10-29T15:15:42.073",
"vulnStatus": "Received",
"lastModified": "2023-10-30T11:54:30.703",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2007/CVE-2007-100xx/CVE-2007-10003.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2007-10003",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-10-29T18:15:38.687",
"lastModified": "2023-10-29T18:15:38.687",
"vulnStatus": "Received",
"lastModified": "2023-10-30T11:54:30.703",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2021/CVE-2021-257xx/CVE-2021-25736.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-25736",
"sourceIdentifier": "jordan@liggitt.net",
"published": "2023-10-30T03:15:07.653",
"lastModified": "2023-10-30T03:15:07.653",
"vulnStatus": "Received",
"lastModified": "2023-10-30T11:54:30.703",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2021/CVE-2021-336xx/CVE-2021-33634.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-33634",
"sourceIdentifier": "securities@openeuler.org",
"published": "2023-10-29T08:15:20.567",
"lastModified": "2023-10-29T08:15:20.567",
"vulnStatus": "Received",
"lastModified": "2023-10-30T11:54:30.703",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2021/CVE-2021-336xx/CVE-2021-33635.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-33635",
"sourceIdentifier": "securities@openeuler.org",
"published": "2023-10-29T08:15:20.647",
"lastModified": "2023-10-29T08:15:20.647",
"vulnStatus": "Received",
"lastModified": "2023-10-30T11:54:30.703",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2021/CVE-2021-336xx/CVE-2021-33636.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-33636",
"sourceIdentifier": "securities@openeuler.org",
"published": "2023-10-29T08:15:20.707",
"lastModified": "2023-10-29T08:15:20.707",
"vulnStatus": "Received",
"lastModified": "2023-10-30T11:54:30.703",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2021/CVE-2021-336xx/CVE-2021-33637.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-33637",
"sourceIdentifier": "securities@openeuler.org",
"published": "2023-10-29T08:15:20.763",
"lastModified": "2023-10-29T08:15:20.763",
"vulnStatus": "Received",
"lastModified": "2023-10-30T11:54:30.703",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2021/CVE-2021-336xx/CVE-2021-33638.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-33638",
"sourceIdentifier": "securities@openeuler.org",
"published": "2023-10-29T08:15:20.823",
"lastModified": "2023-10-29T08:15:20.823",
"vulnStatus": "Received",
"lastModified": "2023-10-30T11:54:30.703",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

8
CVE-2022/CVE-2022-05xx/CVE-2022-0529.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-0529",
"sourceIdentifier": "secalert@redhat.com",
"published": "2022-02-09T23:15:16.627",
"lastModified": "2022-09-30T14:46:50.750",
"vulnStatus": "Analyzed",
"lastModified": "2023-10-30T11:15:38.993",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -167,6 +167,10 @@
"Third Party Advisory"
]
},
{
"url": "https://security.gentoo.org/glsa/202310-17",
"source": "secalert@redhat.com"
},
{
"url": "https://www.debian.org/security/2022/dsa-5202",
"source": "secalert@redhat.com",

8
CVE-2022/CVE-2022-05xx/CVE-2022-0530.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-0530",
"sourceIdentifier": "secalert@redhat.com",
"published": "2022-02-09T23:15:16.677",
"lastModified": "2022-09-30T14:46:41.227",
"vulnStatus": "Analyzed",
"lastModified": "2023-10-30T11:15:39.153",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -297,6 +297,10 @@
"Third Party Advisory"
]
},
{
"url": "https://security.gentoo.org/glsa/202310-17",
"source": "secalert@redhat.com"
},
{
"url": "https://support.apple.com/kb/HT213255",
"source": "secalert@redhat.com",

24
CVE-2022/CVE-2022-294xx/CVE-2022-29450.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-29450",
"sourceIdentifier": "audit@patchstack.com",
"published": "2022-06-15T19:15:11.030",
"lastModified": "2022-06-24T14:24:39.080",
"vulnStatus": "Analyzed",
"lastModified": "2023-10-30T12:15:08.617",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in Admin Management Xtended plugin <= 2.4.4 at WordPress."
"value": "Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in Admin Management Xtended plugin <= 2.4.4 at WordPress.\n\n"
},
{
"lang": "es",
@ -85,7 +85,7 @@
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
@ -95,7 +95,7 @@
]
},
{
"source": "audit@patchstack.com",
"source": "nvd@nist.gov",
"type": "Secondary",
"description": [
{
@ -125,18 +125,12 @@
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/admin-management-xtended/wordpress-admin-management-xtended-plugin-2-4-4-multiple-cross-site-request-forgery-csrf-vulnerabilities",
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
"url": "https://github.com/oliverschloebe/admin-management-xtended/commit/f94732d222414f10ce015e95b5c7c9fba13a8a20",
"source": "audit@patchstack.com"
},
{
"url": "https://wordpress.org/plugins/admin-management-xtended/#developers",
"source": "audit@patchstack.com",
"tags": [
"Product"
]
"url": "https://patchstack.com/database/vulnerability/admin-management-xtended/wordpress-admin-management-xtended-plugin-2-4-4-multiple-cross-site-request-forgery-csrf-vulnerabilities?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

6
CVE-2022/CVE-2022-301xx/CVE-2022-30122.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-30122",
"sourceIdentifier": "support@hackerone.com",
"published": "2022-12-05T22:15:10.227",
"lastModified": "2023-10-22T19:15:08.350",
"lastModified": "2023-10-30T12:15:08.747",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
@ -97,6 +97,10 @@
"Third Party Advisory"
]
},
{
"url": "https://security.gentoo.org/glsa/202310-18",
"source": "support@hackerone.com"
},
{
"url": "https://www.debian.org/security/2023/dsa-5530",
"source": "support@hackerone.com"

6
CVE-2022/CVE-2022-301xx/CVE-2022-30123.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-30123",
"sourceIdentifier": "support@hackerone.com",
"published": "2022-12-05T22:15:10.280",
"lastModified": "2023-10-22T19:15:08.450",
"lastModified": "2023-10-30T12:15:08.847",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
@ -96,6 +96,10 @@
"Third Party Advisory"
]
},
{
"url": "https://security.gentoo.org/glsa/202310-18",
"source": "support@hackerone.com"
},
{
"url": "https://www.debian.org/security/2023/dsa-5530",
"source": "support@hackerone.com"

8
CVE-2022/CVE-2022-305xx/CVE-2022-30550.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-30550",
"sourceIdentifier": "cve@mitre.org",
"published": "2022-07-17T19:15:18.540",
"lastModified": "2022-10-28T15:17:31.090",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-10-30T12:15:08.940",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -105,6 +105,10 @@
"Third Party Advisory"
]
},
{
"url": "https://security.gentoo.org/glsa/202310-19",
"source": "cve@mitre.org"
},
{
"url": "https://www.dovecot.org/download/",
"source": "cve@mitre.org",

8
CVE-2022/CVE-2022-41xx/CVE-2022-4170.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-4170",
"sourceIdentifier": "patrick@puiterwijk.org",
"published": "2022-12-09T18:15:20.327",
"lastModified": "2023-07-10T18:08:36.523",
"vulnStatus": "Analyzed",
"lastModified": "2023-10-30T12:15:09.027",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -107,6 +107,10 @@
"Third Party Advisory"
]
},
{
"url": "https://security.gentoo.org/glsa/202310-20",
"source": "patrick@puiterwijk.org"
},
{
"url": "https://www.openwall.com/lists/oss-security/2022/12/05/1",
"source": "patrick@puiterwijk.org",

63
CVE-2023/CVE-2023-32xx/CVE-2023-3254.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3254",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-10-18T05:15:07.937",
"lastModified": "2023-10-18T12:46:22.630",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-10-30T12:11:53.503",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -50,14 +80,39 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:trustedindex:widgets_for_google_reviews:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "10.9",
"matchCriteriaId": "D23DDBE8-11BB-47F5-A07A-E198E1EBADE6"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=2980022%40wp-reviews-plugin-for-google%2Ftrunk&old=2977531%40wp-reviews-plugin-for-google%2Ftrunk&sfp_email=&sfph_mail=#file8",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/70968476-b064-477f-999f-4aa2c51d89cc?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product",
"Third Party Advisory"
]
}
]
}

64
CVE-2023/CVE-2023-376xx/CVE-2023-37636.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-37636",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-23T21:15:08.800",
"lastModified": "2023-10-24T12:45:02.747",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-10-30T11:29:49.497",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,11 +14,67 @@
"value": "Una vulnerabilidad de Cross-Site Scripting (XSS) almacenada en UVDesk Community Skeleton v1.1.1 permite a los atacantes ejecutar scripts web o HTML arbitrarios a trav\u00e9s de un payload manipulado que se inyecta en el campo Mensaje al crear un ticket."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:webkul:uvdesk:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A533D6A4-3FC2-4D1A-B856-3D3DBBD8329B"
}
]
}
]
}
],
"references": [
{
"url": "https://www.esecforte.com/cve-2023-37636-stored-cross-site-scripting/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-406xx/CVE-2023-40685.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-40685",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-10-29T02:15:07.693",
"lastModified": "2023-10-29T02:15:07.693",
"vulnStatus": "Received",
"lastModified": "2023-10-30T11:54:30.703",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

55
CVE-2023/CVE-2023-424xx/CVE-2023-42431.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-42431",
"sourceIdentifier": "security@bluespice.com",
"published": "2023-10-30T11:15:39.267",
"lastModified": "2023-10-30T11:54:30.703",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Cross-site Scripting (XSS) vulnerability in BlueSpiceAvatars extension of BlueSpice allows logged in user to inject arbitrary HTML into the profile image dialog on Special:Preferences. This only applies to the genuine user context."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@bluespice.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:N",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"baseSeverity": "LOW"
},
"exploitabilityScore": 0.7,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security@bluespice.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"references": [
{
"url": "https://en.wiki.bluespice.com/wiki/Security:Security_Advisories/BSSA-2023-02",
"source": "security@bluespice.com"
}
]
}

70
CVE-2023/CVE-2023-433xx/CVE-2023-43358.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-43358",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-23T22:15:09.210",
"lastModified": "2023-10-24T12:45:02.747",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-10-30T11:28:44.280",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,15 +14,75 @@
"value": "Una vulnerabilidad de Cross Site Scripting en CMSmadesimple v.2.2.18 permite a un atacante local ejecutar c\u00f3digo arbitrario a trav\u00e9s de un script manipulado en el par\u00e1metro T\u00edtulo en el componente Men\u00fa de noticias."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:2.2.18:*:*:*:*:*:*:*",
"matchCriteriaId": "AEF989DA-0199-49AE-A793-1CE18C1E045A"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/sromanhu/CMSmadesimple-Stored-XSS---News",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://github.com/sromanhu/CVE-2023-43358-CMSmadesimple-Stored-XSS---News",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

57
CVE-2023/CVE-2023-438xx/CVE-2023-43800.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-43800",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-10-18T22:15:09.173",
"lastModified": "2023-10-19T12:59:35.787",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-10-30T12:25:25.967",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-345"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -50,10 +80,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:arduino:create_agent:*:*:*:*:*:go:*:*",
"versionEndExcluding": "1.3.3",
"matchCriteriaId": "EE4124F3-115A-42BA-B29E-24AD19764999"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/arduino/arduino-create-agent/security/advisories/GHSA-4x5q-q7wc-q22p",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
}
]
}

57
CVE-2023/CVE-2023-438xx/CVE-2023-43801.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-43801",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-10-18T22:15:09.247",
"lastModified": "2023-10-19T12:59:35.787",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-10-30T12:38:24.330",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -50,10 +80,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:arduino:create_agent:*:*:*:*:*:go:*:*",
"versionEndExcluding": "1.3.3",
"matchCriteriaId": "EE4124F3-115A-42BA-B29E-24AD19764999"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/arduino/arduino-create-agent/security/advisories/GHSA-mjq6-pv9c-qppq",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
}
]
}

57
CVE-2023/CVE-2023-438xx/CVE-2023-43802.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-43802",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-10-18T21:15:09.187",
"lastModified": "2023-10-19T12:59:40.337",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-10-30T12:58:20.887",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -50,10 +80,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:arduino:create_agent:*:*:*:*:*:go:*:*",
"versionEndExcluding": "1.3.3",
"matchCriteriaId": "EE4124F3-115A-42BA-B29E-24AD19764999"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/arduino/arduino-create-agent/security/advisories/GHSA-75j7-w798-cwwx",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
}
]
}

57
CVE-2023/CVE-2023-438xx/CVE-2023-43803.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-43803",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-10-18T21:15:09.260",
"lastModified": "2023-10-19T12:59:35.787",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-10-30T12:46:57.553",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -50,10 +80,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:arduino:create_agent:*:*:*:*:*:go:*:*",
"versionEndExcluding": "1.3.3",
"matchCriteriaId": "EE4124F3-115A-42BA-B29E-24AD19764999"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/arduino/arduino-create-agent/security/advisories/GHSA-m5jc-r4gf-c6p8",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-43xx/CVE-2023-4393.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4393",
"sourceIdentifier": "vdp@themissinglink.com.au",
"published": "2023-10-30T00:15:39.237",
"lastModified": "2023-10-30T00:15:39.237",
"vulnStatus": "Received",
"lastModified": "2023-10-30T11:54:30.703",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-441xx/CVE-2023-44141.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-44141",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2023-10-30T04:15:10.340",
"lastModified": "2023-10-30T04:15:10.340",
"vulnStatus": "Received",
"lastModified": "2023-10-30T11:54:30.703",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

64
CVE-2023/CVE-2023-447xx/CVE-2023-44760.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-44760",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-23T22:15:09.257",
"lastModified": "2023-10-24T12:45:02.747",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-10-30T11:36:19.077",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,11 +14,67 @@
"value": "M\u00faltiples vulnerabilidades de Cross Site Scripting (XSS) en Concrete CMS v.9.2.1 permiten a un atacante ejecutar c\u00f3digo arbitrario a trav\u00e9s de un script manipulado para los c\u00f3digos de seguimiento de encabezado y pie de p\u00e1gina de SEO y estad\u00edsticas."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:concretecms:concrete_cms:9.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C7B776E3-2D7A-4BD9-9800-01AED3141336"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/sromanhu/ConcreteCMS-Stored-XSS---TrackingCodes",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-450xx/CVE-2023-45008.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-45008",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-10-18T08:15:07.947",
"lastModified": "2023-10-18T12:46:22.630",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-10-30T12:14:10.967",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -50,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpjohnny:comment_reply_email:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.0.3",
"matchCriteriaId": "459C5605-AD9D-4260-BF8C-7703A1F9A329"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/comment-reply-email/wordpress-comment-reply-email-plugin-1-0-3-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

135
CVE-2023/CVE-2023-451xx/CVE-2023-45145.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-45145",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-10-18T21:15:09.560",
"lastModified": "2023-10-27T03:15:08.193",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-10-30T12:50:12.313",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 3.6,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.0,
"impactScore": 2.5
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-668"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -50,26 +80,117 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redis:redis:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.6.0",
"versionEndExcluding": "6.2.14",
"matchCriteriaId": "2BC37265-09C9-4A98-A97A-3950F80D2641"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redis:redis:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.0.0",
"versionEndExcluding": "7.0.14",
"matchCriteriaId": "869B9F5D-E5C4-4C43-8F3D-1ECB973A6E71"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redis:redis:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.2.0",
"versionEndExcluding": "7.2.2",
"matchCriteriaId": "484F4B31-F45C-4AD1-9D19-119E89039777"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redis:redis:2.6.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "988AF66E-727F-4579-9BA8-55B42D534FE0"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
"matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/redis/redis/commit/03345ddc7faf7af079485f2cbe5d17a1611cbce1",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/redis/redis/security/advisories/GHSA-ghmp-889m-7cvx",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00032.html",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/464JPNBWE433ZGYXO3KN72VR3KJPWHAW/",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BNEK2K4IE7MPKRD6H36JXZMJKYS6I5GQ/",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-457xx/CVE-2023-45746.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-45746",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2023-10-30T05:15:09.993",
"lastModified": "2023-10-30T05:15:09.993",
"vulnStatus": "Received",
"lastModified": "2023-10-30T11:54:30.703",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-457xx/CVE-2023-45797.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-45797",
"sourceIdentifier": "vuln@krcert.or.kr",
"published": "2023-10-30T07:15:12.677",
"lastModified": "2023-10-30T07:15:12.677",
"vulnStatus": "Received",
"lastModified": "2023-10-30T11:54:30.703",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-457xx/CVE-2023-45798.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-45798",
"sourceIdentifier": "vuln@krcert.or.kr",
"published": "2023-10-30T07:15:12.887",
"lastModified": "2023-10-30T07:15:12.887",
"vulnStatus": "Received",
"lastModified": "2023-10-30T11:54:30.703",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-457xx/CVE-2023-45799.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-45799",
"sourceIdentifier": "vuln@krcert.or.kr",
"published": "2023-10-30T07:15:12.977",
"lastModified": "2023-10-30T07:15:12.977",
"vulnStatus": "Received",
"lastModified": "2023-10-30T11:54:30.703",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

71
CVE-2023/CVE-2023-459xx/CVE-2023-45966.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-45966",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-23T21:15:08.847",
"lastModified": "2023-10-24T12:45:02.747",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-10-30T11:36:04.983",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,15 +14,76 @@
"value": "umputun remark42 versi\u00f3n 1.12.1 y anteriores tiene una vulnerabilidad de Blind Server-Side Request Forgery (SSRF)."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-918"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:remark42:remark42:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.12.1",
"matchCriteriaId": "22D32364-59CB-4880-AEEA-36CFE60EF9E6"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/jet-pentest/CVE-2023-45966",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://github.com/umputun/remark42/issues/1677",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
]
}
]
}

63
CVE-2023/CVE-2023-459xx/CVE-2023-45998.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-45998",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-23T22:15:09.300",
"lastModified": "2023-10-24T12:45:02.747",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-10-30T11:36:31.693",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,11 +14,66 @@
"value": "kodbox 1.44 es vulnerable a Cross Site Scripting (XSS). La personalizaci\u00f3n de HTML global da como resultado el almacenamiento de XSS."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:kodcloud:kodbox:1.44:*:*:*:*:*:*:*",
"matchCriteriaId": "B9980E0B-F79B-4640-B9D8-C1D07B51BB05"
}
]
}
]
}
],
"references": [
{
"url": "https://gist.github.com/fangjiuye/703fdb643db558640f23e4e7c9532348",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

64
CVE-2023/CVE-2023-460xx/CVE-2023-46058.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-46058",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-24T00:15:08.773",
"lastModified": "2023-10-24T12:45:02.747",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-10-30T11:37:02.710",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,11 +14,67 @@
"value": "Vulnerabilidad de Cross Site Scripting (XSS) en Geeklog-Core geeklog v.2.2.2 permite a un atacante remoto ejecutar c\u00f3digo arbitrario a trav\u00e9s de un payload manipulado en el par\u00e1metro grp_desc del componente admin/group.php."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:geeklog:geeklog:2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AB2BD897-EEF2-4806-8DCE-E1F3E11F3C39"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/CrownZTX/vulnerabilities/blob/main/geeklog/Stored_XSS_in_group.php.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

64
CVE-2023/CVE-2023-460xx/CVE-2023-46059.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-46059",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-24T00:15:08.823",
"lastModified": "2023-10-24T12:45:02.747",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-10-30T11:37:14.247",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,11 +14,67 @@
"value": "Vulnerabilidad de Cross Site Scripting (XSS) en Geeklog-Core geeklog v.2.2.2 permite a un atacante remoto ejecutar c\u00f3digo arbitrario a trav\u00e9s de un payload manipulado para el Servicio y la URL del sitio web para los par\u00e1metros de Ping del componente admin/trackback.php."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:geeklog:geeklog:2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AB2BD897-EEF2-4806-8DCE-E1F3E11F3C39"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/CrownZTX/vulnerabilities/blob/main/geeklog/reflected_XSS_in_editservice.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-468xx/CVE-2023-46862.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-46862",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-29T04:15:11.363",
"lastModified": "2023-10-29T04:15:11.363",
"vulnStatus": "Received",
"lastModified": "2023-10-30T11:54:30.703",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-468xx/CVE-2023-46863.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-46863",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-30T00:15:39.157",
"lastModified": "2023-10-30T00:15:39.157",
"vulnStatus": "Received",
"lastModified": "2023-10-30T11:54:30.703",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-468xx/CVE-2023-46864.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-46864",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-30T00:15:39.200",
"lastModified": "2023-10-30T00:15:39.200",
"vulnStatus": "Received",
"lastModified": "2023-10-30T11:54:30.703",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-468xx/CVE-2023-46865.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-46865",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-30T01:15:21.967",
"lastModified": "2023-10-30T01:15:21.967",
"vulnStatus": "Received",
"lastModified": "2023-10-30T11:54:30.703",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-468xx/CVE-2023-46866.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-46866",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-30T03:15:07.783",
"lastModified": "2023-10-30T03:15:07.783",
"vulnStatus": "Received",
"lastModified": "2023-10-30T11:54:30.703",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-468xx/CVE-2023-46867.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-46867",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-30T03:15:07.830",
"lastModified": "2023-10-30T03:15:07.830",
"vulnStatus": "Received",
"lastModified": "2023-10-30T11:54:30.703",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

63
CVE-2023/CVE-2023-51xx/CVE-2023-5121.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-5121",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-10-20T08:15:13.187",
"lastModified": "2023-10-20T11:27:04.140",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-10-30T11:37:47.037",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -50,14 +80,39 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpvivid:migration\\,_backup\\,_staging:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "0.9.89",
"matchCriteriaId": "34D10B34-6A2E-43C0-8D0A-CEF6DDC345D6"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=2956458%40wpvivid-backuprestore%2Ftrunk&old=2948265%40wpvivid-backuprestore%2Ftrunk&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/cdcac5f9-a744-4853-8a80-ed38fec81dbb?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product",
"Third Party Advisory"
]
}
]
}

63
CVE-2023/CVE-2023-52xx/CVE-2023-5231.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-5231",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-10-20T08:15:13.250",
"lastModified": "2023-10-20T11:27:04.140",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-10-30T11:12:11.063",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -50,14 +80,39 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pogidude:magic_action_box:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.17.2",
"matchCriteriaId": "4B636A80-AEE1-4562-9D0C-1AB0DC7259B2"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/magic-action-box/tags/2.17.2/lib/functions.php#L287",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ce9b908b-1388-41fb-915c-e4e29eaf57ed?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product",
"Third Party Advisory"
]
}
]
}

73
CVE-2023/CVE-2023-52xx/CVE-2023-5292.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-5292",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-10-20T08:15:13.317",
"lastModified": "2023-10-20T11:27:04.140",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-10-30T11:12:36.500",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -50,22 +80,53 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acfextended:advanced_custom_fields_extended:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "0.8.9.3",
"matchCriteriaId": "E70BA0F4-B8B5-49B7-800C-064834ADE245"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/acf-extended/tags/0.8.9.3/includes/modules/form/module-form-front.php#L669",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/acf-extended/tags/0.8.9.4/includes/modules/form/module-form-front.php#L669",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/2972880/acf-extended#file4",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/dcbe0c72-d518-45d3-a220-896a51071b26?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product",
"Third Party Advisory"
]
}
]
}

63
CVE-2023/CVE-2023-53xx/CVE-2023-5337.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-5337",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-10-20T08:15:13.383",
"lastModified": "2023-10-20T11:27:04.140",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-10-30T11:15:11.693",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -50,14 +80,39 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:formforall:formforall:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.2",
"matchCriteriaId": "367B244C-45FC-4E4C-A3A8-8F9977F6B16F"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/formforall/trunk/formforall_common.php#L21",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/abe2f596-b2c3-49d3-b646-0f4b64f15674?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product",
"Third Party Advisory"
]
}
]
}

68
CVE-2023/CVE-2023-55xx/CVE-2023-5533.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-5533",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-10-20T08:15:13.450",
"lastModified": "2023-10-23T13:15:09.177",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-10-30T11:17:01.197",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -50,14 +80,44 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:quantumcloud:ai_chatbot:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "4.8.9",
"matchCriteriaId": "725153FA-A9CC-493C-A8FE-275434AAF09F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:quantumcloud:ai_chatbot:4.9.2:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "C54E19C0-77EE-4C3A-9DCD-4740E77D6D89"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=2977505%40chatbot%2Ftrunk&old=2967435%40chatbot%2Ftrunk&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a9db002f-ff41-493a-87b1-5f0b4b07cfc2?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product",
"Third Party Advisory"
]
}
]
}

68
CVE-2023/CVE-2023-55xx/CVE-2023-5534.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-5534",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-10-20T08:15:13.513",
"lastModified": "2023-10-23T13:15:09.257",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-10-30T11:17:24.893",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -50,14 +80,44 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:quantumcloud:ai_chatbot:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "4.8.9",
"matchCriteriaId": "725153FA-A9CC-493C-A8FE-275434AAF09F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:quantumcloud:ai_chatbot:4.9.2:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "C54E19C0-77EE-4C3A-9DCD-4740E77D6D89"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=2977505%40chatbot%2Ftrunk&old=2967435%40chatbot%2Ftrunk&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/846bd929-45cd-4e91-b232-ae16dd2b12a0?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product",
"Third Party Advisory"
]
}
]
}

63
CVE-2023/CVE-2023-56xx/CVE-2023-5602.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-5602",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-10-20T08:15:13.577",
"lastModified": "2023-10-20T11:27:04.140",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-10-30T11:18:03.813",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -50,14 +80,39 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ultimatelysocial:social_media_share_buttons_\\&_social_sharing_icons:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.8.5",
"matchCriteriaId": "2C87C087-81E3-46EB-BB3C-CDE9E6D87F6F"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/2975574/ultimate-social-media-icons/tags/2.8.6/libs/controllers/sfsi_buttons_controller.php?old=2956446&old_path=ultimate-social-media-icons%2Ftags%2F2.8.5%2Flibs%2Fcontrollers%2Fsfsi_buttons_controller.php",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d44a45fb-3bff-4a1f-8319-a58a47a9d76b?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product",
"Third Party Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-58xx/CVE-2023-5842.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-5842",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-10-30T01:15:22.013",
"lastModified": "2023-10-30T01:15:22.013",
"vulnStatus": "Received",
"lastModified": "2023-10-30T11:54:30.703",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

59
CVE-2023/CVE-2023-58xx/CVE-2023-5844.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-5844",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-10-30T11:15:39.347",
"lastModified": "2023-10-30T11:54:30.703",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Unverified Password Change in GitHub repository pimcore/admin-ui-classic-bundle prior to 1.2.0."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-620"
}
]
}
],
"references": [
{
"url": "https://github.com/pimcore/admin-ui-classic-bundle/commit/498ac77e54541177be27b0c710e387c47b3836ea",
"source": "security@huntr.dev"
},
{
"url": "https://huntr.com/bounties/b031199d-192a-46e5-8c02-f7284ad74021",
"source": "security@huntr.dev"
}
]
}

40
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-10-30T09:00:24.386241+00:00
2023-10-30T13:00:25.728456+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-10-30T07:15:12.977000+00:00
2023-10-30T12:58:20.887000+00:00
```
### Last Data Feed Release
@ -29,22 +29,46 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
229132
229134
```
### CVEs added in the last Commit
Recently added CVEs: `3`
Recently added CVEs: `2`
* [CVE-2023-45797](CVE-2023/CVE-2023-457xx/CVE-2023-45797.json) (`2023-10-30T07:15:12.677`)
* [CVE-2023-45798](CVE-2023/CVE-2023-457xx/CVE-2023-45798.json) (`2023-10-30T07:15:12.887`)
* [CVE-2023-45799](CVE-2023/CVE-2023-457xx/CVE-2023-45799.json) (`2023-10-30T07:15:12.977`)
* [CVE-2023-42431](CVE-2023/CVE-2023-424xx/CVE-2023-42431.json) (`2023-10-30T11:15:39.267`)
* [CVE-2023-5844](CVE-2023/CVE-2023-58xx/CVE-2023-5844.json) (`2023-10-30T11:15:39.347`)
### CVEs modified in the last Commit
Recently modified CVEs: `0`
Recently modified CVEs: `50`
* [CVE-2023-45998](CVE-2023/CVE-2023-459xx/CVE-2023-45998.json) (`2023-10-30T11:36:31.693`)
* [CVE-2023-46058](CVE-2023/CVE-2023-460xx/CVE-2023-46058.json) (`2023-10-30T11:37:02.710`)
* [CVE-2023-46059](CVE-2023/CVE-2023-460xx/CVE-2023-46059.json) (`2023-10-30T11:37:14.247`)
* [CVE-2023-5121](CVE-2023/CVE-2023-51xx/CVE-2023-5121.json) (`2023-10-30T11:37:47.037`)
* [CVE-2023-40685](CVE-2023/CVE-2023-406xx/CVE-2023-40685.json) (`2023-10-30T11:54:30.703`)
* [CVE-2023-46862](CVE-2023/CVE-2023-468xx/CVE-2023-46862.json) (`2023-10-30T11:54:30.703`)
* [CVE-2023-46863](CVE-2023/CVE-2023-468xx/CVE-2023-46863.json) (`2023-10-30T11:54:30.703`)
* [CVE-2023-46864](CVE-2023/CVE-2023-468xx/CVE-2023-46864.json) (`2023-10-30T11:54:30.703`)
* [CVE-2023-4393](CVE-2023/CVE-2023-43xx/CVE-2023-4393.json) (`2023-10-30T11:54:30.703`)
* [CVE-2023-46865](CVE-2023/CVE-2023-468xx/CVE-2023-46865.json) (`2023-10-30T11:54:30.703`)
* [CVE-2023-5842](CVE-2023/CVE-2023-58xx/CVE-2023-5842.json) (`2023-10-30T11:54:30.703`)
* [CVE-2023-46866](CVE-2023/CVE-2023-468xx/CVE-2023-46866.json) (`2023-10-30T11:54:30.703`)
* [CVE-2023-46867](CVE-2023/CVE-2023-468xx/CVE-2023-46867.json) (`2023-10-30T11:54:30.703`)
* [CVE-2023-44141](CVE-2023/CVE-2023-441xx/CVE-2023-44141.json) (`2023-10-30T11:54:30.703`)
* [CVE-2023-45746](CVE-2023/CVE-2023-457xx/CVE-2023-45746.json) (`2023-10-30T11:54:30.703`)
* [CVE-2023-45797](CVE-2023/CVE-2023-457xx/CVE-2023-45797.json) (`2023-10-30T11:54:30.703`)
* [CVE-2023-45798](CVE-2023/CVE-2023-457xx/CVE-2023-45798.json) (`2023-10-30T11:54:30.703`)
* [CVE-2023-45799](CVE-2023/CVE-2023-457xx/CVE-2023-45799.json) (`2023-10-30T11:54:30.703`)
* [CVE-2023-3254](CVE-2023/CVE-2023-32xx/CVE-2023-3254.json) (`2023-10-30T12:11:53.503`)
* [CVE-2023-45008](CVE-2023/CVE-2023-450xx/CVE-2023-45008.json) (`2023-10-30T12:14:10.967`)
* [CVE-2023-43800](CVE-2023/CVE-2023-438xx/CVE-2023-43800.json) (`2023-10-30T12:25:25.967`)
* [CVE-2023-43801](CVE-2023/CVE-2023-438xx/CVE-2023-43801.json) (`2023-10-30T12:38:24.330`)
* [CVE-2023-43803](CVE-2023/CVE-2023-438xx/CVE-2023-43803.json) (`2023-10-30T12:46:57.553`)
* [CVE-2023-45145](CVE-2023/CVE-2023-451xx/CVE-2023-45145.json) (`2023-10-30T12:50:12.313`)
* [CVE-2023-43802](CVE-2023/CVE-2023-438xx/CVE-2023-43802.json) (`2023-10-30T12:58:20.887`)
## Download and Usage