From 7c63fccea7c1d7c632f4241de7eed5ad80e10ebc Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Wed, 14 Jun 2023 10:00:33 +0000 Subject: [PATCH] Auto-Update: 2023-06-14T10:00:30.376135+00:00 --- CVE-2022/CVE-2022-471xx/CVE-2022-47184.json | 32 ++++++++ CVE-2023/CVE-2023-08xx/CVE-2023-0837.json | 55 +++++++++++++ CVE-2023/CVE-2023-10xx/CVE-2023-1049.json | 55 +++++++++++++ CVE-2023/CVE-2023-226xx/CVE-2023-22610.json | 14 ++-- CVE-2023/CVE-2023-25xx/CVE-2023-2569.json | 55 +++++++++++++ CVE-2023/CVE-2023-25xx/CVE-2023-2570.json | 55 +++++++++++++ CVE-2023/CVE-2023-280xx/CVE-2023-28069.json | 18 ++--- CVE-2023/CVE-2023-306xx/CVE-2023-30631.json | 32 ++++++++ CVE-2023/CVE-2023-30xx/CVE-2023-3001.json | 55 +++++++++++++ CVE-2023/CVE-2023-32xx/CVE-2023-3237.json | 88 +++++++++++++++++++++ CVE-2023/CVE-2023-32xx/CVE-2023-3238.json | 88 +++++++++++++++++++++ CVE-2023/CVE-2023-32xx/CVE-2023-3239.json | 88 +++++++++++++++++++++ CVE-2023/CVE-2023-32xx/CVE-2023-3240.json | 88 +++++++++++++++++++++ CVE-2023/CVE-2023-32xx/CVE-2023-3241.json | 88 +++++++++++++++++++++ CVE-2023/CVE-2023-339xx/CVE-2023-33933.json | 32 ++++++++ CVE-2023/CVE-2023-340xx/CVE-2023-34000.json | 59 ++++++++++++++ CVE-2023/CVE-2023-341xx/CVE-2023-34149.json | 55 +++++++++++++ CVE-2023/CVE-2023-343xx/CVE-2023-34396.json | 55 +++++++++++++ README.md | 42 +++++----- 19 files changed, 1019 insertions(+), 35 deletions(-) create mode 100644 CVE-2022/CVE-2022-471xx/CVE-2022-47184.json create mode 100644 CVE-2023/CVE-2023-08xx/CVE-2023-0837.json create mode 100644 CVE-2023/CVE-2023-10xx/CVE-2023-1049.json create mode 100644 CVE-2023/CVE-2023-25xx/CVE-2023-2569.json create mode 100644 CVE-2023/CVE-2023-25xx/CVE-2023-2570.json create mode 100644 CVE-2023/CVE-2023-306xx/CVE-2023-30631.json create mode 100644 CVE-2023/CVE-2023-30xx/CVE-2023-3001.json create mode 100644 CVE-2023/CVE-2023-32xx/CVE-2023-3237.json create mode 100644 CVE-2023/CVE-2023-32xx/CVE-2023-3238.json create mode 100644 CVE-2023/CVE-2023-32xx/CVE-2023-3239.json create mode 100644 CVE-2023/CVE-2023-32xx/CVE-2023-3240.json create mode 100644 CVE-2023/CVE-2023-32xx/CVE-2023-3241.json create mode 100644 CVE-2023/CVE-2023-339xx/CVE-2023-33933.json create mode 100644 CVE-2023/CVE-2023-340xx/CVE-2023-34000.json create mode 100644 CVE-2023/CVE-2023-341xx/CVE-2023-34149.json create mode 100644 CVE-2023/CVE-2023-343xx/CVE-2023-34396.json diff --git a/CVE-2022/CVE-2022-471xx/CVE-2022-47184.json b/CVE-2022/CVE-2022-471xx/CVE-2022-47184.json new file mode 100644 index 00000000000..d9a44db6e67 --- /dev/null +++ b/CVE-2022/CVE-2022-471xx/CVE-2022-47184.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2022-47184", + "sourceIdentifier": "security@apache.org", + "published": "2023-06-14T08:15:08.633", + "lastModified": "2023-06-14T08:15:08.633", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache Traffic Server.This issue affects Apache Traffic Server: 8.0.0 to 9.2.0.\n\n" + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "security@apache.org", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-200" + } + ] + } + ], + "references": [ + { + "url": "https://lists.apache.org/thread/tns2b4khyyncgs5v5p9y35pobg9z2bvs", + "source": "security@apache.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-08xx/CVE-2023-0837.json b/CVE-2023/CVE-2023-08xx/CVE-2023-0837.json new file mode 100644 index 00000000000..b1233fb9943 --- /dev/null +++ b/CVE-2023/CVE-2023-08xx/CVE-2023-0837.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-0837", + "sourceIdentifier": "psirt@teamviewer.com", + "published": "2023-06-14T08:15:08.703", + "lastModified": "2023-06-14T08:15:08.703", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "An improper authorization check of local device settings in TeamViewer Remote between version 15.41 and 15.42.7 for Windows and macOS allows an unprivileged user to change basic local device settings even though the options were locked. This can result in unwanted changes to the configuration." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@teamviewer.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 6.6, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.3, + "impactScore": 5.2 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@teamviewer.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-285" + } + ] + } + ], + "references": [ + { + "url": "https://www.teamviewer.com/en/trust-center/security-bulletins/tv-2023-1001/", + "source": "psirt@teamviewer.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-10xx/CVE-2023-1049.json b/CVE-2023/CVE-2023-10xx/CVE-2023-1049.json new file mode 100644 index 00000000000..b1cb53e860f --- /dev/null +++ b/CVE-2023/CVE-2023-10xx/CVE-2023-1049.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-1049", + "sourceIdentifier": "cybersecurity@se.com", + "published": "2023-06-14T08:15:08.773", + "lastModified": "2023-06-14T08:15:08.773", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "\nA CWE-94: Improper Control of Generation of Code ('Code Injection') vulnerability exists that\ncould cause execution of malicious code when an unsuspicious user loads a project file from the\nlocal filesystem into the HMI.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cybersecurity@se.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "cybersecurity@se.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-94" + } + ] + } + ], + "references": [ + { + "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-164-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-164-01.pdf", + "source": "cybersecurity@se.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-226xx/CVE-2023-22610.json b/CVE-2023/CVE-2023-226xx/CVE-2023-22610.json index 52d086d2422..44ff4e5d9b6 100644 --- a/CVE-2023/CVE-2023-226xx/CVE-2023-22610.json +++ b/CVE-2023/CVE-2023-226xx/CVE-2023-22610.json @@ -2,12 +2,12 @@ "id": "CVE-2023-22610", "sourceIdentifier": "cybersecurity@se.com", "published": "2023-01-31T17:15:08.827", - "lastModified": "2023-02-07T19:52:35.487", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-14T08:15:08.860", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A CWE-285: Improper Authorization vulnerability exists that could cause Denial of Service against the Geo SCADA server when specific messages are sent to the server over the database server TCP port. Affected Products: EcoStruxure Geo SCADA Expert 2019 - 2021 (formerly known as ClearSCADA) (Versions prior to October 2022)" + "value": "\nA CWE-863: Incorrect Authorization vulnerability exists that could cause Denial of\nService against the Geo SCADA server when specific messages are sent to the server over the\ndatabase server TCP port. \n\n\n\n" } ], "metrics": { @@ -56,22 +56,22 @@ }, "weaknesses": [ { - "source": "nvd@nist.gov", + "source": "cybersecurity@se.com", "type": "Primary", "description": [ { "lang": "en", - "value": "NVD-CWE-Other" + "value": "CWE-863" } ] }, { - "source": "cybersecurity@se.com", + "source": "nvd@nist.gov", "type": "Secondary", "description": [ { "lang": "en", - "value": "CWE-285" + "value": "NVD-CWE-Other" } ] } diff --git a/CVE-2023/CVE-2023-25xx/CVE-2023-2569.json b/CVE-2023/CVE-2023-25xx/CVE-2023-2569.json new file mode 100644 index 00000000000..d82f4e5c864 --- /dev/null +++ b/CVE-2023/CVE-2023-25xx/CVE-2023-2569.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-2569", + "sourceIdentifier": "cybersecurity@se.com", + "published": "2023-06-14T08:15:09.113", + "lastModified": "2023-06-14T08:15:09.113", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "\nA CWE-787: Out-of-Bounds Write vulnerability exists that could cause local denial-of-service,\nelevation of privilege, and potentially kernel execution when a malicious actor with local user\naccess crafts a script/program using an IOCTL call in the Foxboro.sys driver.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cybersecurity@se.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "cybersecurity@se.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-787" + } + ] + } + ], + "references": [ + { + "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-164-04&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-164-04.pdf", + "source": "cybersecurity@se.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-25xx/CVE-2023-2570.json b/CVE-2023/CVE-2023-25xx/CVE-2023-2570.json new file mode 100644 index 00000000000..f8cbcf9e049 --- /dev/null +++ b/CVE-2023/CVE-2023-25xx/CVE-2023-2570.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-2570", + "sourceIdentifier": "cybersecurity@se.com", + "published": "2023-06-14T08:15:09.187", + "lastModified": "2023-06-14T08:15:09.187", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "\n\n\nA CWE-129: Improper Validation of Array Index vulnerability exists that could cause local\ndenial-of-service, and potentially kernel execution when a malicious actor with local user access\ncrafts a script/program using an unpredictable index to an IOCTL call in the Foxboro.sys driver.\n\n\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cybersecurity@se.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.0, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.0, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "cybersecurity@se.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-129" + } + ] + } + ], + "references": [ + { + "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-164-04&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-164-04.pdf", + "source": "cybersecurity@se.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-280xx/CVE-2023-28069.json b/CVE-2023/CVE-2023-280xx/CVE-2023-28069.json index 4e3b4d30e01..ec53ee309ec 100644 --- a/CVE-2023/CVE-2023-280xx/CVE-2023-28069.json +++ b/CVE-2023/CVE-2023-280xx/CVE-2023-28069.json @@ -2,12 +2,12 @@ "id": "CVE-2023-28069", "sourceIdentifier": "security_alert@emc.com", "published": "2023-04-05T08:15:07.863", - "lastModified": "2023-04-11T14:44:43.673", - "vulnStatus": "Analyzed", + "lastModified": "2023-06-14T08:15:08.997", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Dell Streaming Data Platform prior to 1.4 contains Open Redirect vulnerability. An attacker with privileges same as a legitimate user can phish the legitimate the user to redirect to malicious website leading to information disclosure and launch of phishing attacks." + "value": "\nDell Streaming Data Platform prior to 1.4 contains Open Redirect vulnerability. A remote unauthenticated attacker can phish the legitimate user to redirect to malicious website leading to information disclosure and launch of phishing attacks.\n\n" } ], "metrics": { @@ -37,20 +37,20 @@ "type": "Secondary", "cvssData": { "version": "3.1", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", - "scope": "UNCHANGED", - "confidentialityImpact": "HIGH", + "scope": "CHANGED", + "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "NONE", - "baseScore": 7.1, - "baseSeverity": "HIGH" + "baseScore": 6.1, + "baseSeverity": "MEDIUM" }, "exploitabilityScore": 2.8, - "impactScore": 4.2 + "impactScore": 2.7 } ] }, diff --git a/CVE-2023/CVE-2023-306xx/CVE-2023-30631.json b/CVE-2023/CVE-2023-306xx/CVE-2023-30631.json new file mode 100644 index 00000000000..3697f532ab1 --- /dev/null +++ b/CVE-2023/CVE-2023-306xx/CVE-2023-30631.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2023-30631", + "sourceIdentifier": "security@apache.org", + "published": "2023-06-14T08:15:09.257", + "lastModified": "2023-06-14T08:15:09.257", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Input Validation vulnerability in Apache Software Foundation Apache Traffic Server.\u00a0 The configuration option\u00a0proxy.config.http.push_method_enabled didn't function.\u00a0 However, by default the PUSH method is blocked in the ip_allow configuration file.This issue affects Apache Traffic Server: from 8.0.0 through 9.2.0.\n\n8.x users should upgrade to 8.1.7 or later versions\n9.x users should upgrade to 9.2.1 or later versions\n\n\n" + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "security@apache.org", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-20" + } + ] + } + ], + "references": [ + { + "url": "https://lists.apache.org/thread/tns2b4khyyncgs5v5p9y35pobg9z2bvs", + "source": "security@apache.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-30xx/CVE-2023-3001.json b/CVE-2023/CVE-2023-30xx/CVE-2023-3001.json new file mode 100644 index 00000000000..e34359ae784 --- /dev/null +++ b/CVE-2023/CVE-2023-30xx/CVE-2023-3001.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-3001", + "sourceIdentifier": "cybersecurity@se.com", + "published": "2023-06-14T08:15:09.577", + "lastModified": "2023-06-14T08:15:09.577", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "\nA CWE-502: Deserialization of Untrusted Data vulnerability exists in the Dashboard module that\ncould cause an interpretation of malicious payload data, potentially leading to remote code\nexecution when an attacker gets the user to open a malicious file. \n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cybersecurity@se.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "cybersecurity@se.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-502" + } + ] + } + ], + "references": [ + { + "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-164-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-164-02.pdf", + "source": "cybersecurity@se.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-32xx/CVE-2023-3237.json b/CVE-2023/CVE-2023-32xx/CVE-2023-3237.json new file mode 100644 index 00000000000..03a5ca629ff --- /dev/null +++ b/CVE-2023/CVE-2023-32xx/CVE-2023-3237.json @@ -0,0 +1,88 @@ +{ + "id": "CVE-2023-3237", + "sourceIdentifier": "cna@vuldb.com", + "published": "2023-06-14T08:15:09.640", + "lastModified": "2023-06-14T08:15:09.640", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability classified as critical was found in OTCMS up to 6.62. This vulnerability affects unknown code. The manipulation of the argument username/password with the input admin leads to use of hard-coded password. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-231508." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P", + "accessVector": "ADJACENT_NETWORK", + "accessComplexity": "LOW", + "authentication": "NONE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL", + "baseScore": 5.8 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 6.5, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-259" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/HuBenLab/HuBenVulList/blob/main/OTCMS%20contains%20a%20weak%20default%20password%20which%20gives%20attackers%20to%20access%20backstage%20management%20system.md", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.231508", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.231508", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-32xx/CVE-2023-3238.json b/CVE-2023/CVE-2023-32xx/CVE-2023-3238.json new file mode 100644 index 00000000000..b6bc0aeb368 --- /dev/null +++ b/CVE-2023/CVE-2023-32xx/CVE-2023-3238.json @@ -0,0 +1,88 @@ +{ + "id": "CVE-2023-3238", + "sourceIdentifier": "cna@vuldb.com", + "published": "2023-06-14T08:15:09.713", + "lastModified": "2023-06-14T08:15:09.713", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability, which was classified as critical, has been found in OTCMS up to 6.62. This issue affects some unknown processing of the file /admin/read.php?mudi=getSignal. The manipulation of the argument signalUrl leads to server-side request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-231509 was assigned to this vulnerability." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL", + "baseScore": 6.5 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-918" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/HuBenLab/HuBenVulList/blob/main/OTCMS%20is%20vulnerable%20to%20Server-side%20request%20forgery%20(SSRF).md", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.231509", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.231509", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-32xx/CVE-2023-3239.json b/CVE-2023/CVE-2023-32xx/CVE-2023-3239.json new file mode 100644 index 00000000000..d66dfee49b9 --- /dev/null +++ b/CVE-2023/CVE-2023-32xx/CVE-2023-3239.json @@ -0,0 +1,88 @@ +{ + "id": "CVE-2023-3239", + "sourceIdentifier": "cna@vuldb.com", + "published": "2023-06-14T09:15:09.333", + "lastModified": "2023-06-14T09:15:09.333", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability, which was classified as problematic, was found in OTCMS up to 6.62. Affected is an unknown function of the file admin/readDeal.php?mudi=readQrCode. The manipulation of the argument img leads to path traversal: '../filedir'. The exploit has been disclosed to the public and may be used. VDB-231510 is the identifier assigned to this vulnerability." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 3.5, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 2.1, + "impactScore": 1.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:A/AC:L/Au:S/C:P/I:N/A:N", + "accessVector": "ADJACENT_NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 2.7 + }, + "baseSeverity": "LOW", + "exploitabilityScore": 5.1, + "impactScore": 2.9, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-24" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/HuBenLab/HuBenVulList/blob/main/OTCMS%20was%20discovered%20obtain%20the%20web%20directory%20path%20and%20other%20information%20leaked%20.md", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.231510", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.231510", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-32xx/CVE-2023-3240.json b/CVE-2023/CVE-2023-32xx/CVE-2023-3240.json new file mode 100644 index 00000000000..fce97481b94 --- /dev/null +++ b/CVE-2023/CVE-2023-32xx/CVE-2023-3240.json @@ -0,0 +1,88 @@ +{ + "id": "CVE-2023-3240", + "sourceIdentifier": "cna@vuldb.com", + "published": "2023-06-14T09:15:09.717", + "lastModified": "2023-06-14T09:15:09.717", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability has been found in OTCMS up to 6.62 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file usersNews_deal.php. The manipulation of the argument file leads to path traversal: '../filedir'. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-231511." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 3.5, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 2.1, + "impactScore": 1.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:A/AC:L/Au:S/C:P/I:N/A:N", + "accessVector": "ADJACENT_NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 2.7 + }, + "baseSeverity": "LOW", + "exploitabilityScore": 5.1, + "impactScore": 2.9, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-24" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/HuBenLab/HuBenVulList/blob/main/OTCMS%20was%20discovered%20to%20contain%20an%20arbitrary%20file%20download%20vulenrability%20via%20the%20filename.md", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.231511", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.231511", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-32xx/CVE-2023-3241.json b/CVE-2023/CVE-2023-32xx/CVE-2023-3241.json new file mode 100644 index 00000000000..9c714265f48 --- /dev/null +++ b/CVE-2023/CVE-2023-32xx/CVE-2023-3241.json @@ -0,0 +1,88 @@ +{ + "id": "CVE-2023-3241", + "sourceIdentifier": "cna@vuldb.com", + "published": "2023-06-14T09:15:09.783", + "lastModified": "2023-06-14T09:15:09.783", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in OTCMS up to 6.62 and classified as problematic. Affected by this issue is some unknown functionality of the file /admin/read.php?mudi=announContent. The manipulation of the argument url leads to path traversal. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-231512." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 3.5, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 2.1, + "impactScore": 1.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:A/AC:L/Au:S/C:P/I:N/A:N", + "accessVector": "ADJACENT_NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 2.7 + }, + "baseSeverity": "LOW", + "exploitabilityScore": 5.1, + "impactScore": 2.9, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/HuBenLab/HuBenVulList/blob/main/OTCMS%20was%20discovered%20to%20contain%20an%20arbitrary%20file%20read%20vulenrability%20via%20the%20filename.md", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.231512", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.231512", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-339xx/CVE-2023-33933.json b/CVE-2023/CVE-2023-339xx/CVE-2023-33933.json new file mode 100644 index 00000000000..835f2b5a81d --- /dev/null +++ b/CVE-2023/CVE-2023-339xx/CVE-2023-33933.json @@ -0,0 +1,32 @@ +{ + "id": "CVE-2023-33933", + "sourceIdentifier": "security@apache.org", + "published": "2023-06-14T08:15:09.323", + "lastModified": "2023-06-14T08:15:09.323", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache Traffic Server.This issue affects Apache Traffic Server: from 8.0.0 through 9.2.0.\n\n8.x users should upgrade to 8.1.7 or later versions\n9.x users should upgrade to 9.2.1 or later versions\n\n\n" + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "security@apache.org", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-200" + } + ] + } + ], + "references": [ + { + "url": "https://lists.apache.org/thread/tns2b4khyyncgs5v5p9y35pobg9z2bvs", + "source": "security@apache.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-340xx/CVE-2023-34000.json b/CVE-2023/CVE-2023-340xx/CVE-2023-34000.json new file mode 100644 index 00000000000..7cd5682d3ad --- /dev/null +++ b/CVE-2023/CVE-2023-340xx/CVE-2023-34000.json @@ -0,0 +1,59 @@ +{ + "id": "CVE-2023-34000", + "sourceIdentifier": "audit@patchstack.com", + "published": "2023-06-14T08:15:09.377", + "lastModified": "2023-06-14T08:15:09.377", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Unauth. IDOR vulnerability leading to PII Disclosure in\u00a0WooCommerce Stripe Payment Gateway plugin <= 7.4.0 versions." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-639" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/articles/unauthenticated-idor-to-pii-disclosure-vulnerability-in-woocommerce-stripe-gateway-plugin?_s_id=cve", + "source": "audit@patchstack.com" + }, + { + "url": "https://patchstack.com/database/vulnerability/woocommerce-gateway-stripe/wordpress-woocommerce-stripe-payment-gateway-plugin-7-4-0-insecure-direct-object-references-idor-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-341xx/CVE-2023-34149.json b/CVE-2023/CVE-2023-341xx/CVE-2023-34149.json new file mode 100644 index 00000000000..2d57d6d94d4 --- /dev/null +++ b/CVE-2023/CVE-2023-341xx/CVE-2023-34149.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-34149", + "sourceIdentifier": "security@apache.org", + "published": "2023-06-14T08:15:09.450", + "lastModified": "2023-06-14T08:15:09.450", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Allocation of Resources Without Limits or Throttling vulnerability in Apache Software Foundation Apache Struts.This issue affects Apache Struts: through 2.5.30, through 6.1.2.\n\nUpgrade to Struts 2.5.31 or 6.1.2.1 or greater.\n\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@apache.org", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "LOW", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "security@apache.org", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-770" + } + ] + } + ], + "references": [ + { + "url": "https://cwiki.apache.org/confluence/display/WW/S2-063", + "source": "security@apache.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-343xx/CVE-2023-34396.json b/CVE-2023/CVE-2023-343xx/CVE-2023-34396.json new file mode 100644 index 00000000000..32cb4e7e02c --- /dev/null +++ b/CVE-2023/CVE-2023-343xx/CVE-2023-34396.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-34396", + "sourceIdentifier": "security@apache.org", + "published": "2023-06-14T08:15:09.520", + "lastModified": "2023-06-14T08:15:09.520", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Allocation of Resources Without Limits or Throttling vulnerability in Apache Software Foundation Apache Struts.This issue affects Apache Struts: through 2.5.30, through 6.1.2.\n\nUpgrade to Struts 2.5.31 or 6.1.2.1 or greater\n\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@apache.org", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "LOW", + "baseScore": 4.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "security@apache.org", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-770" + } + ] + } + ], + "references": [ + { + "url": "https://cwiki.apache.org/confluence/display/WW/S2-064", + "source": "security@apache.org" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index daf4175af6f..29741dd2a3f 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-06-14T08:00:27.416894+00:00 +2023-06-14T10:00:30.376135+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-06-14T07:15:09.580000+00:00 +2023-06-14T09:15:09.783000+00:00 ``` ### Last Data Feed Release @@ -29,33 +29,37 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -217691 +217707 ``` ### CVEs added in the last Commit -Recently added CVEs: `11` +Recently added CVEs: `16` -* [CVE-2023-3189](CVE-2023/CVE-2023-31xx/CVE-2023-3189.json) (`2023-06-14T06:15:08.507`) -* [CVE-2023-3227](CVE-2023/CVE-2023-32xx/CVE-2023-3227.json) (`2023-06-14T06:15:08.720`) -* [CVE-2023-3228](CVE-2023/CVE-2023-32xx/CVE-2023-3228.json) (`2023-06-14T06:15:08.800`) -* [CVE-2023-3229](CVE-2023/CVE-2023-32xx/CVE-2023-3229.json) (`2023-06-14T06:15:08.877`) -* [CVE-2023-3230](CVE-2023/CVE-2023-32xx/CVE-2023-3230.json) (`2023-06-14T06:15:08.937`) -* [CVE-2023-3231](CVE-2023/CVE-2023-32xx/CVE-2023-3231.json) (`2023-06-14T06:15:09.007`) -* [CVE-2023-3232](CVE-2023/CVE-2023-32xx/CVE-2023-3232.json) (`2023-06-14T06:15:09.080`) -* [CVE-2023-3233](CVE-2023/CVE-2023-32xx/CVE-2023-3233.json) (`2023-06-14T07:15:09.337`) -* [CVE-2023-3234](CVE-2023/CVE-2023-32xx/CVE-2023-3234.json) (`2023-06-14T07:15:09.437`) -* [CVE-2023-3235](CVE-2023/CVE-2023-32xx/CVE-2023-3235.json) (`2023-06-14T07:15:09.510`) -* [CVE-2023-3236](CVE-2023/CVE-2023-32xx/CVE-2023-3236.json) (`2023-06-14T07:15:09.580`) +* [CVE-2022-47184](CVE-2022/CVE-2022-471xx/CVE-2022-47184.json) (`2023-06-14T08:15:08.633`) +* [CVE-2023-0837](CVE-2023/CVE-2023-08xx/CVE-2023-0837.json) (`2023-06-14T08:15:08.703`) +* [CVE-2023-1049](CVE-2023/CVE-2023-10xx/CVE-2023-1049.json) (`2023-06-14T08:15:08.773`) +* [CVE-2023-2569](CVE-2023/CVE-2023-25xx/CVE-2023-2569.json) (`2023-06-14T08:15:09.113`) +* [CVE-2023-2570](CVE-2023/CVE-2023-25xx/CVE-2023-2570.json) (`2023-06-14T08:15:09.187`) +* [CVE-2023-30631](CVE-2023/CVE-2023-306xx/CVE-2023-30631.json) (`2023-06-14T08:15:09.257`) +* [CVE-2023-33933](CVE-2023/CVE-2023-339xx/CVE-2023-33933.json) (`2023-06-14T08:15:09.323`) +* [CVE-2023-34000](CVE-2023/CVE-2023-340xx/CVE-2023-34000.json) (`2023-06-14T08:15:09.377`) +* [CVE-2023-34149](CVE-2023/CVE-2023-341xx/CVE-2023-34149.json) (`2023-06-14T08:15:09.450`) +* [CVE-2023-34396](CVE-2023/CVE-2023-343xx/CVE-2023-34396.json) (`2023-06-14T08:15:09.520`) +* [CVE-2023-3001](CVE-2023/CVE-2023-30xx/CVE-2023-3001.json) (`2023-06-14T08:15:09.577`) +* [CVE-2023-3237](CVE-2023/CVE-2023-32xx/CVE-2023-3237.json) (`2023-06-14T08:15:09.640`) +* [CVE-2023-3238](CVE-2023/CVE-2023-32xx/CVE-2023-3238.json) (`2023-06-14T08:15:09.713`) +* [CVE-2023-3239](CVE-2023/CVE-2023-32xx/CVE-2023-3239.json) (`2023-06-14T09:15:09.333`) +* [CVE-2023-3240](CVE-2023/CVE-2023-32xx/CVE-2023-3240.json) (`2023-06-14T09:15:09.717`) +* [CVE-2023-3241](CVE-2023/CVE-2023-32xx/CVE-2023-3241.json) (`2023-06-14T09:15:09.783`) ### CVEs modified in the last Commit -Recently modified CVEs: `3` +Recently modified CVEs: `2` -* [CVE-2022-40022](CVE-2022/CVE-2022-400xx/CVE-2022-40022.json) (`2023-06-14T07:15:08.870`) -* [CVE-2023-3184](CVE-2023/CVE-2023-31xx/CVE-2023-3184.json) (`2023-06-14T07:15:09.120`) -* [CVE-2023-3187](CVE-2023/CVE-2023-31xx/CVE-2023-3187.json) (`2023-06-14T07:15:09.257`) +* [CVE-2023-22610](CVE-2023/CVE-2023-226xx/CVE-2023-22610.json) (`2023-06-14T08:15:08.860`) +* [CVE-2023-28069](CVE-2023/CVE-2023-280xx/CVE-2023-28069.json) (`2023-06-14T08:15:08.997`) ## Download and Usage