admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-21 17:41:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-10-12T23:55:25.917588+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-10-12 23:55:29 +00:00
parent 7e39698d86
commit 82bae9baef
51 changed files with 3735 additions and 143 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

55
CVE-2023/CVE-2023-223xx/CVE-2023-22392.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-22392",
"sourceIdentifier": "sirt@juniper.net",
"published": "2023-10-12T23:15:10.680",
"lastModified": "2023-10-12T23:15:10.680",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\nA Missing Release of Memory after Effective Lifetime vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an adjacent, unauthenticated attacker to cause a Denial of Service (DoS).\n\nPTX3000, PTX5000, QFX10000, PTX1000, PTX10002, and PTX10004, PTX10008 and PTX10016 with LC110x FPCs do not support certain flow-routes. Once a flow-route is received over an established BGP session and an attempt is made to install the resulting filter into the PFE, FPC heap memory is leaked. The FPC heap memory can be monitored using the CLI command \"show chassis fpc\".\n\nThe following syslog messages can be observed if the respective filter derived from a flow-route cannot be installed.\n\nexpr_dfw_sfm_range_add:661 SFM packet-length Unable to get a sfm entry for updating the hw\nexpr_dfw_hw_sfm_add:750 Unable to add the filter secondarymatch to the hardware\nexpr_dfw_base_hw_add:52 Failed to add h/w sfm data.\nexpr_dfw_base_hw_create:114 Failed to add h/w data.\nexpr_dfw_base_pfe_inst_create:241 Failed to create base inst for sfilter 0 on PFE 0 for __flowspec_default_inet__\nexpr_dfw_flt_inst_change:1368 Failed to create __flowspec_default_inet__ on PFE 0\nexpr_dfw_hw_pgm_fnum:465 dfw_pfe_inst_old not found for pfe_index 0!\nexpr_dfw_bp_pgm_flt_num:548 Failed to pgm bind-point in hw: generic failure\nexpr_dfw_bp_topo_handler:1102 Failed to program fnum.\nexpr_dfw_entry_process_change:679 Failed to change instance for filter __flowspec_default_inet__.\nThis issue affects Juniper Networks Junos OS:\n\non PTX1000, PTX10002, and PTX10004, PTX10008 and PTX10016 with LC110x FPCs:\n\n\n\n * All versions prior to 20.4R3-S5;\n * 21.1 versions prior to 21.1R3-S4;\n * 21.2 versions prior to 21.2R3-S2;\n * 21.3 versions prior to 21.3R3;\n * 21.4 versions prior to 21.4R2-S2, 21.4R3;\n * 22.1 versions prior to 22.1R1-S2, 22.1R2.\n\n\n\n\non PTX3000, PTX5000, QFX10000:\n\n\n\n * All versions prior to 20.4R3-S8;\n * 21.1 version 21.1R1 and later versions;\n * 21.2 versions prior to 21.2R3-S6;\n * 21.3 versions prior to 21.3R3-S5;\n * 21.4 versions prior to 21.4R3-S4;\n * 22.1 versions prior to 22.1R3-S3\n * 22.2 versions prior to 22.2R3-S1\n * 22.3 versions prior to 22.3R2-S2, 22.3R3\n * 22.4 versions prior to 22.4R2.\n\n\n\n\n\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "sirt@juniper.net",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "sirt@juniper.net",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-401"
}
]
}
],
"references": [
{
"url": "https://supportportal.juniper.net/JSA70188",
"source": "sirt@juniper.net"
}
]
}

68
CVE-2023/CVE-2023-244xx/CVE-2023-24479.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-24479",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-10-11T16:15:12.640",
"lastModified": "2023-10-11T16:37:00.913",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-12T22:25:43.207",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
},
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
@ -46,10 +76,42 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:yifanwireless:yf325_firmware:1.0_20221108:*:*:*:*:*:*:*",
"matchCriteriaId": "02E1A2C8-1B7D-4462-968F-1084B0C549C0"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:yifanwireless:yf325:-:*:*:*:*:*:*:*",
"matchCriteriaId": "399E6DFB-2752-4AE4-8BAA-F01E93AB5D33"
}
]
}
]
}
],
"references": [
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1762",
"source": "talos-cna@cisco.com"
"source": "talos-cna@cisco.com",
"tags": [
"Third Party Advisory"
]
}
]
}

59
CVE-2023/CVE-2023-273xx/CVE-2023-27316.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-27316",
"sourceIdentifier": "security-alert@netapp.com",
"published": "2023-10-12T22:15:09.640",
"lastModified": "2023-10-12T23:15:10.777",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "SnapCenter versions 4.8 through 4.9 are susceptible to a \nvulnerability which may allow an authenticated SnapCenter Server user to\n become an admin user on a remote system where a SnapCenter plug-in has \nbeen installed. \n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-alert@netapp.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.0,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "security-alert@netapp.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-269"
}
]
}
],
"references": [
{
"url": "https://security.netapp.com/advisory/NTAP-20231012-0001/",
"source": "security-alert@netapp.com"
},
{
"url": "https://security.netapp.com/advisory/ntap-20231012-0001/",
"source": "security-alert@netapp.com"
}
]
}

68
CVE-2023/CVE-2023-312xx/CVE-2023-31272.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-31272",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-10-11T16:15:12.913",
"lastModified": "2023-10-11T16:37:00.913",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-12T22:26:42.633",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
@ -46,10 +76,42 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:yifanwireless:yf325_firmware:1.0_20221108:*:*:*:*:*:*:*",
"matchCriteriaId": "02E1A2C8-1B7D-4462-968F-1084B0C549C0"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:yifanwireless:yf325:-:*:*:*:*:*:*:*",
"matchCriteriaId": "399E6DFB-2752-4AE4-8BAA-F01E93AB5D33"
}
]
}
]
}
],
"references": [
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1765",
"source": "talos-cna@cisco.com"
"source": "talos-cna@cisco.com",
"tags": [
"Third Party Advisory"
]
}
]
}

68
CVE-2023/CVE-2023-326xx/CVE-2023-32632.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32632",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-10-11T16:15:12.997",
"lastModified": "2023-10-11T16:37:00.913",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-12T22:26:55.673",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
},
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
@ -46,10 +76,42 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:yifanwireless:yf325_firmware:1.0_20221108:*:*:*:*:*:*:*",
"matchCriteriaId": "02E1A2C8-1B7D-4462-968F-1084B0C549C0"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:yifanwireless:yf325:-:*:*:*:*:*:*:*",
"matchCriteriaId": "399E6DFB-2752-4AE4-8BAA-F01E93AB5D33"
}
]
}
]
}
],
"references": [
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1767",
"source": "talos-cna@cisco.com"
"source": "talos-cna@cisco.com",
"tags": [
"Third Party Advisory"
]
}
]
}

68
CVE-2023/CVE-2023-326xx/CVE-2023-32645.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32645",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-10-11T16:15:13.073",
"lastModified": "2023-10-11T16:37:00.913",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-12T22:27:09.257",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
},
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
@ -46,10 +76,42 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:yifanwireless:yf325_firmware:1.0_20221108:*:*:*:*:*:*:*",
"matchCriteriaId": "02E1A2C8-1B7D-4462-968F-1084B0C549C0"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:yifanwireless:yf325:-:*:*:*:*:*:*:*",
"matchCriteriaId": "399E6DFB-2752-4AE4-8BAA-F01E93AB5D33"
}
]
}
]
}
],
"references": [
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1752",
"source": "talos-cna@cisco.com"
"source": "talos-cna@cisco.com",
"tags": [
"Third Party Advisory"
]
}
]
}

68
CVE-2023/CVE-2023-343xx/CVE-2023-34346.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34346",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-10-11T16:15:13.157",
"lastModified": "2023-10-11T16:37:00.913",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-12T22:27:26.273",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
@ -46,10 +76,42 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:yifanwireless:yf325_firmware:1.0_20221108:*:*:*:*:*:*:*",
"matchCriteriaId": "02E1A2C8-1B7D-4462-968F-1084B0C549C0"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:yifanwireless:yf325:-:*:*:*:*:*:*:*",
"matchCriteriaId": "399E6DFB-2752-4AE4-8BAA-F01E93AB5D33"
}
]
}
]
}
],
"references": [
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1764",
"source": "talos-cna@cisco.com"
"source": "talos-cna@cisco.com",
"tags": [
"Third Party Advisory"
]
}
]
}

68
CVE-2023/CVE-2023-343xx/CVE-2023-34365.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34365",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-10-11T16:15:13.400",
"lastModified": "2023-10-11T16:37:00.913",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-12T22:48:08.197",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
@ -46,10 +76,42 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:yifanwireless:yf325_firmware:1.0_20221108:*:*:*:*:*:*:*",
"matchCriteriaId": "02E1A2C8-1B7D-4462-968F-1084B0C549C0"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:yifanwireless:yf325:-:*:*:*:*:*:*:*",
"matchCriteriaId": "399E6DFB-2752-4AE4-8BAA-F01E93AB5D33"
}
]
}
]
}
],
"references": [
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1763",
"source": "talos-cna@cisco.com"
"source": "talos-cna@cisco.com",
"tags": [
"Third Party Advisory"
]
}
]
}

68
CVE-2023/CVE-2023-344xx/CVE-2023-34426.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34426",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-10-11T16:15:13.487",
"lastModified": "2023-10-11T16:37:00.913",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-12T22:47:54.743",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
@ -46,10 +76,42 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:yifanwireless:yf325_firmware:1.0_20221108:*:*:*:*:*:*:*",
"matchCriteriaId": "02E1A2C8-1B7D-4462-968F-1084B0C549C0"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:yifanwireless:yf325:-:*:*:*:*:*:*:*",
"matchCriteriaId": "399E6DFB-2752-4AE4-8BAA-F01E93AB5D33"
}
]
}
]
}
],
"references": [
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1766",
"source": "talos-cna@cisco.com"
"source": "talos-cna@cisco.com",
"tags": [
"Third Party Advisory"
]
}
]
}

68
CVE-2023/CVE-2023-350xx/CVE-2023-35055.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35055",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-10-11T16:15:13.567",
"lastModified": "2023-10-11T16:37:00.913",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-12T22:47:39.863",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
},
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
@ -46,10 +76,42 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:yifanwireless:yf325_firmware:1.0_20221108:*:*:*:*:*:*:*",
"matchCriteriaId": "02E1A2C8-1B7D-4462-968F-1084B0C549C0"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:yifanwireless:yf325:-:*:*:*:*:*:*:*",
"matchCriteriaId": "399E6DFB-2752-4AE4-8BAA-F01E93AB5D33"
}
]
}
]
}
],
"references": [
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1761",
"source": "talos-cna@cisco.com"
"source": "talos-cna@cisco.com",
"tags": [
"Third Party Advisory"
]
}
]
}

68
CVE-2023/CVE-2023-350xx/CVE-2023-35056.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35056",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-10-11T16:15:13.643",
"lastModified": "2023-10-11T16:37:00.913",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-12T22:47:22.200",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
},
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
@ -46,10 +76,42 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:yifanwireless:yf325_firmware:1.0_20221108:*:*:*:*:*:*:*",
"matchCriteriaId": "02E1A2C8-1B7D-4462-968F-1084B0C549C0"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:yifanwireless:yf325:-:*:*:*:*:*:*:*",
"matchCriteriaId": "399E6DFB-2752-4AE4-8BAA-F01E93AB5D33"
}
]
}
]
}
],
"references": [
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1761",
"source": "talos-cna@cisco.com"
"source": "talos-cna@cisco.com",
"tags": [
"Third Party Advisory"
]
}
]
}

68
CVE-2023/CVE-2023-359xx/CVE-2023-35965.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35965",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-10-11T16:15:13.883",
"lastModified": "2023-10-11T16:37:00.913",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-12T22:32:08.507",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
@ -46,10 +76,42 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:yifanwireless:yf325_firmware:1.0_20221108:*:*:*:*:*:*:*",
"matchCriteriaId": "02E1A2C8-1B7D-4462-968F-1084B0C549C0"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:yifanwireless:yf325:-:*:*:*:*:*:*:*",
"matchCriteriaId": "399E6DFB-2752-4AE4-8BAA-F01E93AB5D33"
}
]
}
]
}
],
"references": [
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1787",
"source": "talos-cna@cisco.com"
"source": "talos-cna@cisco.com",
"tags": [
"Third Party Advisory"
]
}
]
}

68
CVE-2023/CVE-2023-359xx/CVE-2023-35966.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35966",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-10-11T16:15:13.970",
"lastModified": "2023-10-11T16:37:00.913",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-12T22:28:21.513",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
@ -46,10 +76,42 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:yifanwireless:yf325_firmware:1.0_20221108:*:*:*:*:*:*:*",
"matchCriteriaId": "02E1A2C8-1B7D-4462-968F-1084B0C549C0"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:yifanwireless:yf325:-:*:*:*:*:*:*:*",
"matchCriteriaId": "399E6DFB-2752-4AE4-8BAA-F01E93AB5D33"
}
]
}
]
}
],
"references": [
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1787",
"source": "talos-cna@cisco.com"
"source": "talos-cna@cisco.com",
"tags": [
"Third Party Advisory"
]
}
]
}

68
CVE-2023/CVE-2023-359xx/CVE-2023-35967.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35967",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-10-11T16:15:14.050",
"lastModified": "2023-10-11T16:37:00.913",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-12T22:28:03.643",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
@ -46,10 +76,42 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:yifanwireless:yf325_firmware:1.0_20221108:*:*:*:*:*:*:*",
"matchCriteriaId": "02E1A2C8-1B7D-4462-968F-1084B0C549C0"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:yifanwireless:yf325:-:*:*:*:*:*:*:*",
"matchCriteriaId": "399E6DFB-2752-4AE4-8BAA-F01E93AB5D33"
}
]
}
]
}
],
"references": [
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1788",
"source": "talos-cna@cisco.com"
"source": "talos-cna@cisco.com",
"tags": [
"Third Party Advisory"
]
}
]
}

68
CVE-2023/CVE-2023-359xx/CVE-2023-35968.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35968",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-10-11T16:15:14.123",
"lastModified": "2023-10-11T16:37:00.913",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-12T22:27:41.250",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
@ -46,10 +76,42 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:yifanwireless:yf325_firmware:1.0_20221108:*:*:*:*:*:*:*",
"matchCriteriaId": "02E1A2C8-1B7D-4462-968F-1084B0C549C0"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:yifanwireless:yf325:-:*:*:*:*:*:*:*",
"matchCriteriaId": "399E6DFB-2752-4AE4-8BAA-F01E93AB5D33"
}
]
}
]
}
],
"references": [
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1788",
"source": "talos-cna@cisco.com"
"source": "talos-cna@cisco.com",
"tags": [
"Third Party Advisory"
]
}
]
}

100
CVE-2023/CVE-2023-366xx/CVE-2023-36698.json
View File

@ -2,19 +2,43 @@
"id": "CVE-2023-36698",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:15.250",
"lastModified": "2023-10-10T18:21:04.527",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-12T22:23:58.360",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Windows Kernel Security Feature Bypass Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de omisi\u00f3n de la funci\u00f3n de seguridad en el kernel de Windows"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 4.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 2.5
},
{
"source": "secure@microsoft.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L",
@ -34,10 +58,78 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.4974",
"matchCriteriaId": "E500D59C-6597-45E9-A57B-BE26C0C231D3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19041.3570",
"matchCriteriaId": "80F408E5-E550-44B4-88E3-BE11359C07CD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19045.3570",
"matchCriteriaId": "1814619C-ED07-49E0-A50A-E28D824D43BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22000.2538",
"matchCriteriaId": "100A27D3-87B0-4E72-83F6-7605E3F35E63"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22621.2428",
"matchCriteriaId": "C6A36795-0238-45C9-ABE6-3DCCF751915B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36698",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

117
CVE-2023/CVE-2023-367xx/CVE-2023-36701.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-36701",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:15.337",
"lastModified": "2023-10-10T18:21:04.527",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-12T22:23:22.620",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Resilient File System (ReFS) Elevation of Privilege Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de elevaci\u00f3n de privilegios en Microsoft Resilient File System (ReFS)"
}
],
"metrics": {
@ -34,10 +38,117 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.10240.20232",
"matchCriteriaId": "B344BCCF-1083-4E59-81CB-9431AE5FB79F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.10240.20232",
"matchCriteriaId": "7B7A6BBD-847F-492D-8C7F-F262E03F9CA3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.14393.6351",
"matchCriteriaId": "4CD49C41-6D90-47D3-AB4F-4A74169D3A8F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.14393.6351",
"matchCriteriaId": "BAEFEE13-9CD7-46A2-8AF6-0A33C79C05F1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.4974",
"matchCriteriaId": "E500D59C-6597-45E9-A57B-BE26C0C231D3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19041.3570",
"matchCriteriaId": "80F408E5-E550-44B4-88E3-BE11359C07CD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19045.3570",
"matchCriteriaId": "1814619C-ED07-49E0-A50A-E28D824D43BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22000.2538",
"matchCriteriaId": "100A27D3-87B0-4E72-83F6-7605E3F35E63"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22621.2428",
"matchCriteriaId": "C6A36795-0238-45C9-ABE6-3DCCF751915B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36701",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

122
CVE-2023/CVE-2023-367xx/CVE-2023-36702.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-36702",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:15.410",
"lastModified": "2023-10-10T18:21:04.527",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-12T22:23:09.707",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Microsoft DirectMusic Remote Code Execution Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo en Microsoft DirectMusic"
}
],
"metrics": {
@ -34,10 +38,122 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.10240.20232",
"matchCriteriaId": "B344BCCF-1083-4E59-81CB-9431AE5FB79F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.10240.20232",
"matchCriteriaId": "7B7A6BBD-847F-492D-8C7F-F262E03F9CA3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.14393.6351",
"matchCriteriaId": "4CD49C41-6D90-47D3-AB4F-4A74169D3A8F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "10.0.14393.6351",
"matchCriteriaId": "BAEFEE13-9CD7-46A2-8AF6-0A33C79C05F1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.4974",
"matchCriteriaId": "E500D59C-6597-45E9-A57B-BE26C0C231D3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19041.3570",
"matchCriteriaId": "80F408E5-E550-44B4-88E3-BE11359C07CD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19045.3570",
"matchCriteriaId": "1814619C-ED07-49E0-A50A-E28D824D43BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22000.2538",
"matchCriteriaId": "100A27D3-87B0-4E72-83F6-7605E3F35E63"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22621.2428",
"matchCriteriaId": "C6A36795-0238-45C9-ABE6-3DCCF751915B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36702",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

78
CVE-2023/CVE-2023-367xx/CVE-2023-36703.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-36703",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:15.483",
"lastModified": "2023-10-10T18:21:04.527",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-12T22:22:56.697",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "DHCP Server Service Denial of Service Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de denegaci\u00f3n de servicio en DHCP Server Service."
}
],
"metrics": {
@ -34,10 +38,78 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*",
"matchCriteriaId": "2127D10C-B6F3-4C1D-B9AA-5D78513CC996"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*",
"matchCriteriaId": "AB425562-C0A0-452E-AABE-F70522F15E1A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36703",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

49
CVE-2023/CVE-2023-367xx/CVE-2023-36704.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-36704",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:15.547",
"lastModified": "2023-10-10T18:21:04.527",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-12T22:22:46.590",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Windows Setup Files Cleanup Remote Code Execution Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo en Windows Setup Files Cleanup"
}
],
"metrics": {
@ -34,10 +38,49 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.4974",
"matchCriteriaId": "E500D59C-6597-45E9-A57B-BE26C0C231D3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36704",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

78
CVE-2023/CVE-2023-367xx/CVE-2023-36706.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-36706",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:15.607",
"lastModified": "2023-10-10T18:21:04.527",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-12T22:22:35.837",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Windows Deployment Services Information Disclosure Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n en Windows Deployment Services"
}
],
"metrics": {
@ -34,10 +38,78 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x64:*",
"matchCriteriaId": "2127D10C-B6F3-4C1D-B9AA-5D78513CC996"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:x86:*",
"matchCriteriaId": "AB425562-C0A0-452E-AABE-F70522F15E1A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36706",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

115
CVE-2023/CVE-2023-367xx/CVE-2023-36776.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-36776",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:17.467",
"lastModified": "2023-10-10T18:20:58.777",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-12T22:22:20.477",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Win32k Elevation of Privilege Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de elevaci\u00f3n de privilegios en Win32k"
}
],
"metrics": {
@ -34,10 +38,115 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-362"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.10240.20232",
"matchCriteriaId": "656B3DC8-9A4A-4386-A1F0-367E6B05C728"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.6351",
"matchCriteriaId": "2D523568-3488-439B-B008-025E99213147"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.4974",
"matchCriteriaId": "E500D59C-6597-45E9-A57B-BE26C0C231D3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19041.3570",
"matchCriteriaId": "80F408E5-E550-44B4-88E3-BE11359C07CD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19045.3570",
"matchCriteriaId": "1814619C-ED07-49E0-A50A-E28D824D43BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22000.2538",
"matchCriteriaId": "100A27D3-87B0-4E72-83F6-7605E3F35E63"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22621.2428",
"matchCriteriaId": "C6A36795-0238-45C9-ABE6-3DCCF751915B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*",
"matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36776",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

53
CVE-2023/CVE-2023-367xx/CVE-2023-36778.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-36778",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:17.523",
"lastModified": "2023-10-10T18:20:58.777",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-12T22:22:11.657",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Exchange Server Remote Code Execution Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo en Microsoft Exchange Server"
}
],
"metrics": {
@ -34,10 +38,53 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_23:*:*:*:*:*:*",
"matchCriteriaId": "FF76AEDA-E574-40ED-B64F-8FDEF8CAC802"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_12:*:*:*:*:*:*",
"matchCriteriaId": "B23C8E3E-5243-4DA6-B9AA-F6053084B55E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_13:*:*:*:*:*:*",
"matchCriteriaId": "583745C7-B802-4CBE-BD88-B5B9AF9B5371"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36778",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

48
CVE-2023/CVE-2023-367xx/CVE-2023-36780.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-36780",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:17.587",
"lastModified": "2023-10-10T18:20:58.777",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-12T22:22:01.300",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Skype for Business Remote Code Execution Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo de Skype Empresarial"
}
],
"metrics": {
@ -34,10 +38,48 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:skype_for_business_server:2015:cumulative_update_13:*:*:*:*:*:*",
"matchCriteriaId": "590D1547-C998-4BDD-BE06-379099E2D9C7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:skype_for_business_server:2019:cumulative_update_7:*:*:*:*:*:*",
"matchCriteriaId": "4172BD0D-5F18-4E0C-8BAF-72A052432B2B"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36780",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

90
CVE-2023/CVE-2023-367xx/CVE-2023-36785.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-36785",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:17.650",
"lastModified": "2023-10-10T18:20:58.777",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-12T22:21:49.387",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo en Microsoft ODBC Driver para SQL Server"
}
],
"metrics": {
@ -34,10 +38,90 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:*:*:*:*:*:linux:*:*",
"versionStartIncluding": "17.0.1.1",
"versionEndExcluding": "17.10.5.1",
"matchCriteriaId": "02286626-8D46-4355-A964-936A9AC033FB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:*:*:*:*:*:macos:*:*",
"versionStartIncluding": "17.0.1.1",
"versionEndExcluding": "17.10.5.1",
"matchCriteriaId": "DA91530D-D1DB-4629-8C99-2AF54E1A0F35"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:*:*:*:*:*:windows:*:*",
"versionStartIncluding": "17.0.1.1",
"versionEndExcluding": "17.10.5.1",
"matchCriteriaId": "688F5FF7-599A-4326-A242-A9D69AEA9AF3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:*:*:*:*:*:linux:*:*",
"versionStartIncluding": "18.0.1.1",
"versionEndExcluding": "18.3.2.1",
"matchCriteriaId": "552E0F17-6A94-4506-8D27-3B0B41CE3A42"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:*:*:*:*:*:macos:*:*",
"versionStartIncluding": "18.0.1.1",
"versionEndExcluding": "18.3.2.1",
"matchCriteriaId": "5D99C0AC-0EFA-4621-83A9-7A5ED087DD5F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:odbc_driver_for_sql_server:*:*:*:*:*:windows:*:*",
"versionStartIncluding": "18.0.1.1",
"versionEndExcluding": "18.3.2.1",
"matchCriteriaId": "3194D825-8C6B-4B91-B874-6E65B2A038AD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server:2019:cumulative_update_22:*:*:*:*:*:*",
"matchCriteriaId": "60491E88-0654-439D-82D0-0FC61A055F9C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:sql_server:2022:cumulative_update_8:*:*:*:*:*:*",
"matchCriteriaId": "20B4845B-D063-49A9-BDC4-0CE60DFA1561"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36785",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

48
CVE-2023/CVE-2023-367xx/CVE-2023-36786.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-36786",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:17.710",
"lastModified": "2023-10-10T18:20:58.777",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-12T22:21:38.897",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Skype for Business Remote Code Execution Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo de Skype Empresarial"
}
],
"metrics": {
@ -34,10 +38,48 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:skype_for_business_server:2015:cumulative_update_13:*:*:*:*:*:*",
"matchCriteriaId": "590D1547-C998-4BDD-BE06-379099E2D9C7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:skype_for_business_server:2019:cumulative_update_7:*:*:*:*:*:*",
"matchCriteriaId": "4172BD0D-5F18-4E0C-8BAF-72A052432B2B"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36786",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

48
CVE-2023/CVE-2023-367xx/CVE-2023-36789.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-36789",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:17.767",
"lastModified": "2023-10-10T18:20:58.777",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-12T22:21:04.777",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Skype for Business Remote Code Execution Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo de Skype Empresarial"
}
],
"metrics": {
@ -34,10 +38,48 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:skype_for_business_server:2015:cumulative_update_13:*:*:*:*:*:*",
"matchCriteriaId": "590D1547-C998-4BDD-BE06-379099E2D9C7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:skype_for_business_server:2019:cumulative_update_7:*:*:*:*:*:*",
"matchCriteriaId": "4172BD0D-5F18-4E0C-8BAF-72A052432B2B"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36789",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

48
CVE-2023/CVE-2023-367xx/CVE-2023-36790.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-36790",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:17.827",
"lastModified": "2023-10-10T18:20:58.777",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-12T22:20:50.637",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Windows RDP Encoder Mirror Driver Elevation of Privilege Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de elevaci\u00f3n de privilegios en Windows RDP Encoder Mirror Driver"
}
],
"metrics": {
@ -34,10 +38,48 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*",
"matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36790",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

55
CVE-2023/CVE-2023-368xx/CVE-2023-36839.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-36839",
"sourceIdentifier": "sirt@juniper.net",
"published": "2023-10-12T23:15:10.883",
"lastModified": "2023-10-12T23:15:10.883",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\nAn Improper Validation of Specified Quantity in Input vulnerability in the Layer-2 control protocols daemon (l2cpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated adjacent attacker who sends specific LLDP packets to cause a Denial of Service(DoS).\n\nThis issue occurs when specific LLDP packets are received and telemetry polling is being done on the device. The impact of the l2cpd crash is reinitialization of STP protocols (RSTP, MSTP or VSTP), and MVRP and ERP. Also, if any services depend on LLDP state (like PoE or VoIP device recognition), then these will also be affected.\n\nThis issue affects:\n\nJuniper Networks Junos OS\n\n\n\n * All versions prior to 20.4R3-S8;\n * 21.1 version 21.1R1 and later versions;\n * 21.2 versions prior to 21.2R3-S5;\n * 21.3 versions prior to 21.3R3-S4;\n * 21.4 versions prior to 21.4R3-S3;\n * 22.1 versions prior to 22.1R3-S2;\n * 22.2 versions prior to 22.2R3;\n * 22.3 versions prior to 22.3R2-S2;\n * 22.4 versions prior to 22.4R2;\n\n\n\n\nJuniper Networks Junos OS Evolved\n\n\n\n * All versions prior to 20.4R3-S8-EVO;\n * 21.1 version 21.1R1-EVO and later versions;\n * 21.2 versions prior to 21.2R3-S5-EVO;\n * 21.3 versions prior to 21.3R3-S4-EVO;\n * 21.4 versions prior to 21.4R3-S3-EVO;\n * 22.1 versions prior to 22.1R3-S2-EVO;\n * 22.2 versions prior to 22.2R3-EVO;\n * 22.3 versions prior to 22.3R2-S2-EVO;\n * 22.4 versions prior to 22.4R1-S1-EVO;\n\n\n\n\n\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "sirt@juniper.net",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "sirt@juniper.net",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-1284"
}
]
}
],
"references": [
{
"url": "https://supportportal.juniper.net/JSA73171",
"source": "sirt@juniper.net"
}
]
}

55
CVE-2023/CVE-2023-368xx/CVE-2023-36841.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-36841",
"sourceIdentifier": "sirt@juniper.net",
"published": "2023-10-12T23:15:10.967",
"lastModified": "2023-10-12T23:15:10.967",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\nAn Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS on MX Series allows a unauthenticated network-based attacker to cause an infinite loop, resulting in a Denial of Service (DoS).\n\nAn attacker who sends malformed TCP traffic via an interface configured with PPPoE, causes an infinite loop on the respective PFE. This results in consuming all resources and a manual restart is needed to recover.\n\nThis issue affects interfaces with PPPoE configured and tcp-mss enabled.\n\nThis issue affects Juniper Networks Junos OS\n\n\n\n * All versions prior to 20.4R3-S7;\n * 21.1 version 21.1R1 and later versions;\n * 21.2 versions prior to 21.2R3-S6;\n * 21.3 versions prior to 21.3R3-S5;\n * 21.4 versions prior to 21.4R3-S3;\n * 22.1 versions prior to 22.1R3-S4;\n * 22.2 versions prior to 22.2R3;\n * 22.3 versions prior to 22.3R2-S2;\n * 22.4 versions prior to 22.4R2;\n\n\n\n\n\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "sirt@juniper.net",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "sirt@juniper.net",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
}
],
"references": [
{
"url": "https://supportportal.juniper.net/JSA73172",
"source": "sirt@juniper.net"
}
]
}

55
CVE-2023/CVE-2023-368xx/CVE-2023-36843.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-36843",
"sourceIdentifier": "sirt@juniper.net",
"published": "2023-10-12T23:15:11.053",
"lastModified": "2023-10-12T23:15:11.053",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\nAn Improper Handling of Inconsistent Special Elements vulnerability in the Junos Services Framework (jsf) module of Juniper Networks Junos OS allows an unauthenticated network based attacker to cause a crash in the Packet Forwarding Engine (pfe) and thereby resulting in a Denial of Service (DoS).\n\nUpon receiving malformed SSL traffic, the PFE crashes. A manual restart will be needed to recover the device.\n\nThis issue only affects devices with Juniper Networks Advanced Threat Prevention (ATP) Cloud enabled with Encrypted Traffic Insights (configured via \u2018security-metadata-streaming policy\u2019).\n\nThis issue affects Juniper Networks Junos OS:\n\n\n\n * All versions prior to 20.4R3-S8, 20.4R3-S9;\n * 21.1 version 21.1R1 and later versions;\n * 21.2 versions prior to 21.2R3-S6;\n * 21.3 versions prior to 21.3R3-S5;\n * 21.4 versions prior to 21.4R3-S5;\n * 22.1 versions prior to 22.1R3-S4;\n * 22.2 versions prior to 22.2R3-S2;\n * 22.3 versions prior to 22.3R2-S2, 22.3R3;\n * 22.4 versions prior to 22.4R2-S1, 22.4R3;\n\n\n\n\n\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "sirt@juniper.net",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "sirt@juniper.net",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-168"
}
]
}
],
"references": [
{
"url": "https://supportportal.juniper.net/JSA73174",
"source": "sirt@juniper.net"
}
]
}

89
CVE-2023/CVE-2023-369xx/CVE-2023-36902.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-36902",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:17.890",
"lastModified": "2023-10-10T18:20:50.797",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-12T22:19:39.957",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Windows Runtime Remote Code Execution Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo en Windows Runtime Remote"
}
],
"metrics": {
@ -34,10 +38,89 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-362"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.6351",
"matchCriteriaId": "2D523568-3488-439B-B008-025E99213147"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.4974",
"matchCriteriaId": "E500D59C-6597-45E9-A57B-BE26C0C231D3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19041.3570",
"matchCriteriaId": "80F408E5-E550-44B4-88E3-BE11359C07CD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19045.3570",
"matchCriteriaId": "1814619C-ED07-49E0-A50A-E28D824D43BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22000.2538",
"matchCriteriaId": "100A27D3-87B0-4E72-83F6-7605E3F35E63"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22621.2428",
"matchCriteriaId": "C6A36795-0238-45C9-ABE6-3DCCF751915B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36902",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

95
CVE-2023/CVE-2023-381xx/CVE-2023-38159.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-38159",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:17.957",
"lastModified": "2023-10-10T18:20:50.797",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-12T22:19:27.903",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Windows Graphics Component Elevation of Privilege Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de elevaci\u00f3n de privilegios en Windows Graphics Component"
}
],
"metrics": {
@ -34,10 +38,95 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-362"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.10240.20232",
"matchCriteriaId": "656B3DC8-9A4A-4386-A1F0-367E6B05C728"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.6351",
"matchCriteriaId": "2D523568-3488-439B-B008-025E99213147"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.4974",
"matchCriteriaId": "E500D59C-6597-45E9-A57B-BE26C0C231D3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19041.3570",
"matchCriteriaId": "80F408E5-E550-44B4-88E3-BE11359C07CD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19045.3570",
"matchCriteriaId": "1814619C-ED07-49E0-A50A-E28D824D43BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22000.2538",
"matchCriteriaId": "100A27D3-87B0-4E72-83F6-7605E3F35E63"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22621.2428",
"matchCriteriaId": "C6A36795-0238-45C9-ABE6-3DCCF751915B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38159",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

115
CVE-2023/CVE-2023-381xx/CVE-2023-38166.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-38166",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:18.017",
"lastModified": "2023-10-10T18:20:50.797",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-12T22:19:14.003",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Layer 2 Tunneling Protocol Remote Code Execution Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo en Layer 2 Tunneling Protocol"
}
],
"metrics": {
@ -34,10 +38,115 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-362"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.10240.20232",
"matchCriteriaId": "656B3DC8-9A4A-4386-A1F0-367E6B05C728"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.6351",
"matchCriteriaId": "2D523568-3488-439B-B008-025E99213147"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.4974",
"matchCriteriaId": "E500D59C-6597-45E9-A57B-BE26C0C231D3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19041.3570",
"matchCriteriaId": "80F408E5-E550-44B4-88E3-BE11359C07CD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19045.3570",
"matchCriteriaId": "1814619C-ED07-49E0-A50A-E28D824D43BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22000.2538",
"matchCriteriaId": "100A27D3-87B0-4E72-83F6-7605E3F35E63"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22621.2428",
"matchCriteriaId": "C6A36795-0238-45C9-ABE6-3DCCF751915B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*",
"matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38166",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

84
CVE-2023/CVE-2023-381xx/CVE-2023-38171.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-38171",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:18.087",
"lastModified": "2023-10-10T18:20:50.797",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-12T22:19:06.887",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Microsoft QUIC Denial of Service Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de denegaci\u00f3n de servicio en Microsoft QUIC"
}
],
"metrics": {
@ -34,10 +38,84 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.0.0",
"versionEndExcluding": "7.0.12",
"matchCriteriaId": "8DF7ECF6-178D-433C-AA21-BAE9EF248F37"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*",
"versionStartIncluding": "17.2.0",
"versionEndExcluding": "17.2.20",
"matchCriteriaId": "721D09CB-C00B-4436-A5DB-4C4E53ECBE5F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*",
"versionStartIncluding": "17.4.0",
"versionEndExcluding": "17.4.12",
"matchCriteriaId": "22ACD519-DFE4-4BB4-B0F7-9DECF6F7332F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*",
"versionStartIncluding": "17.6.0",
"versionEndExcluding": "17.6.8",
"matchCriteriaId": "B09DBD5A-9F00-43FF-8B9B-17F286A92402"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*",
"versionStartIncluding": "17.7.0",
"versionEndExcluding": "17.7.5",
"matchCriteriaId": "C561F14F-F4BF-4473-BD01-963A55F87E21"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22621.2428",
"matchCriteriaId": "C6A36795-0238-45C9-ABE6-3DCCF751915B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38171",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

20
CVE-2023/CVE-2023-412xx/CVE-2023-41261.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-41261",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-12T23:15:11.137",
"lastModified": "2023-10-12T23:15:11.137",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in /fcgi/scrut_fcgi.fcgi in Plixer Scrutinizer before 19.3.1. The csvExportReport endpoint action generateCSV does not require authentication and allows an unauthenticated user to export a report and access the results."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/atredispartners/advisories/blob/master/ATREDIS-2023-0001.md",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-412xx/CVE-2023-41262.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-41262",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-12T23:15:11.190",
"lastModified": "2023-10-12T23:15:11.190",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in /fcgi/scrut_fcgi.fcgi in Plixer Scrutinizer before 19.3.1. The csvExportReport endpoint action generateCSV is vulnerable to SQL injection through the sorting parameter, allowing an unauthenticated user to execute arbitrary SQL statements in the context of the application's backend database server."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/atredispartners/advisories/blob/master/ATREDIS-2023-0001.md",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-412xx/CVE-2023-41263.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-41263",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-12T23:15:11.243",
"lastModified": "2023-10-12T23:15:11.243",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Plixer Scrutinizer before 19.3.1. It exposes debug logs to unauthenticated users at the /debug/ URL path. With knowledge of valid IP addresses and source types, an unauthenticated attacker can download debug logs containing application-related information."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/atredispartners/advisories/blob/master/ATREDIS-2023-0001.md",
"source": "cve@mitre.org"
}
]
}

52
CVE-2023/CVE-2023-417xx/CVE-2023-41763.json
View File

@ -2,12 +2,20 @@
"id": "CVE-2023-41763",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:18.150",
"lastModified": "2023-10-10T18:20:50.797",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-12T22:18:56.990",
"vulnStatus": "Analyzed",
"cisaExploitAdd": "2023-10-10",
"cisaActionDue": "2023-10-31",
"cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"cisaVulnerabilityName": "Microsoft Skype for Business Privilege Escalation Vulnerability",
"descriptions": [
{
"lang": "en",
"value": "Skype for Business Elevation of Privilege Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de elevaci\u00f3n de privilegios en Skype Empresarial"
}
],
"metrics": {
@ -34,10 +42,48 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:skype_for_business_server:2015:cumulative_update_13:*:*:*:*:*:*",
"matchCriteriaId": "590D1547-C998-4BDD-BE06-379099E2D9C7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:skype_for_business_server:2019:cumulative_update_7:*:*:*:*:*:*",
"matchCriteriaId": "4172BD0D-5F18-4E0C-8BAF-72A052432B2B"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-41763",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

115
CVE-2023/CVE-2023-417xx/CVE-2023-41765.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-41765",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:18.210",
"lastModified": "2023-10-10T18:20:50.797",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-12T22:18:13.460",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Layer 2 Tunneling Protocol Remote Code Execution Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo en Layer 2 Tunneling Protocol"
}
],
"metrics": {
@ -34,10 +38,115 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-362"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.10240.20232",
"matchCriteriaId": "656B3DC8-9A4A-4386-A1F0-367E6B05C728"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.6351",
"matchCriteriaId": "2D523568-3488-439B-B008-025E99213147"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.4974",
"matchCriteriaId": "E500D59C-6597-45E9-A57B-BE26C0C231D3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19041.3570",
"matchCriteriaId": "80F408E5-E550-44B4-88E3-BE11359C07CD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19045.3570",
"matchCriteriaId": "1814619C-ED07-49E0-A50A-E28D824D43BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22000.2538",
"matchCriteriaId": "100A27D3-87B0-4E72-83F6-7605E3F35E63"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22621.2428",
"matchCriteriaId": "C6A36795-0238-45C9-ABE6-3DCCF751915B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*",
"matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-41765",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

115
CVE-2023/CVE-2023-417xx/CVE-2023-41766.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-41766",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:18.270",
"lastModified": "2023-10-10T18:20:50.797",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-12T22:18:04.967",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de elevaci\u00f3n de privilegios en Windows Client Server Run-Time Subsystem (CSRSS)"
}
],
"metrics": {
@ -34,10 +38,115 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.10240.20232",
"matchCriteriaId": "656B3DC8-9A4A-4386-A1F0-367E6B05C728"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.6351",
"matchCriteriaId": "2D523568-3488-439B-B008-025E99213147"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.4974",
"matchCriteriaId": "E500D59C-6597-45E9-A57B-BE26C0C231D3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19041.3570",
"matchCriteriaId": "80F408E5-E550-44B4-88E3-BE11359C07CD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19045.3570",
"matchCriteriaId": "1814619C-ED07-49E0-A50A-E28D824D43BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22000.2538",
"matchCriteriaId": "100A27D3-87B0-4E72-83F6-7605E3F35E63"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22621.2428",
"matchCriteriaId": "C6A36795-0238-45C9-ABE6-3DCCF751915B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*",
"matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-41766",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

115
CVE-2023/CVE-2023-417xx/CVE-2023-41767.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-41767",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:18.333",
"lastModified": "2023-10-10T18:20:50.797",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-12T22:17:57.187",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Layer 2 Tunneling Protocol Remote Code Execution Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo en Layer 2 Tunneling Protocol"
}
],
"metrics": {
@ -34,10 +38,115 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-362"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.10240.20232",
"matchCriteriaId": "656B3DC8-9A4A-4386-A1F0-367E6B05C728"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.6351",
"matchCriteriaId": "2D523568-3488-439B-B008-025E99213147"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.4974",
"matchCriteriaId": "E500D59C-6597-45E9-A57B-BE26C0C231D3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19041.3570",
"matchCriteriaId": "80F408E5-E550-44B4-88E3-BE11359C07CD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19045.3570",
"matchCriteriaId": "1814619C-ED07-49E0-A50A-E28D824D43BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22000.2538",
"matchCriteriaId": "100A27D3-87B0-4E72-83F6-7605E3F35E63"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22621.2428",
"matchCriteriaId": "C6A36795-0238-45C9-ABE6-3DCCF751915B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*",
"matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-41767",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

115
CVE-2023/CVE-2023-417xx/CVE-2023-41768.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-41768",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:18.393",
"lastModified": "2023-10-10T18:20:50.797",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-12T22:17:48.180",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Layer 2 Tunneling Protocol Remote Code Execution Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo en Layer 2 Tunneling Protocol"
}
],
"metrics": {
@ -34,10 +38,115 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-362"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.10240.20232",
"matchCriteriaId": "656B3DC8-9A4A-4386-A1F0-367E6B05C728"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.6351",
"matchCriteriaId": "2D523568-3488-439B-B008-025E99213147"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.4974",
"matchCriteriaId": "E500D59C-6597-45E9-A57B-BE26C0C231D3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19041.3570",
"matchCriteriaId": "80F408E5-E550-44B4-88E3-BE11359C07CD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19045.3570",
"matchCriteriaId": "1814619C-ED07-49E0-A50A-E28D824D43BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22000.2538",
"matchCriteriaId": "100A27D3-87B0-4E72-83F6-7605E3F35E63"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22621.2428",
"matchCriteriaId": "C6A36795-0238-45C9-ABE6-3DCCF751915B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*",
"matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-41768",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

115
CVE-2023/CVE-2023-417xx/CVE-2023-41769.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-41769",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:18.470",
"lastModified": "2023-10-10T18:20:50.797",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-12T22:17:35.533",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Layer 2 Tunneling Protocol Remote Code Execution Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo en Layer 2 Tunneling Protocol"
}
],
"metrics": {
@ -34,10 +38,115 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-362"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.10240.20232",
"matchCriteriaId": "656B3DC8-9A4A-4386-A1F0-367E6B05C728"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.6351",
"matchCriteriaId": "2D523568-3488-439B-B008-025E99213147"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.4974",
"matchCriteriaId": "E500D59C-6597-45E9-A57B-BE26C0C231D3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19041.3570",
"matchCriteriaId": "80F408E5-E550-44B4-88E3-BE11359C07CD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19045.3570",
"matchCriteriaId": "1814619C-ED07-49E0-A50A-E28D824D43BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22000.2538",
"matchCriteriaId": "100A27D3-87B0-4E72-83F6-7605E3F35E63"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22621.2428",
"matchCriteriaId": "C6A36795-0238-45C9-ABE6-3DCCF751915B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*",
"matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-41769",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

115
CVE-2023/CVE-2023-417xx/CVE-2023-41770.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-41770",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:18.537",
"lastModified": "2023-10-10T18:20:50.797",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-12T22:17:27.357",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Layer 2 Tunneling Protocol Remote Code Execution Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo en Layer 2 Tunneling Protocol"
}
],
"metrics": {
@ -34,10 +38,115 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-362"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.10240.20232",
"matchCriteriaId": "656B3DC8-9A4A-4386-A1F0-367E6B05C728"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.6351",
"matchCriteriaId": "2D523568-3488-439B-B008-025E99213147"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.4974",
"matchCriteriaId": "E500D59C-6597-45E9-A57B-BE26C0C231D3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19041.3570",
"matchCriteriaId": "80F408E5-E550-44B4-88E3-BE11359C07CD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19045.3570",
"matchCriteriaId": "1814619C-ED07-49E0-A50A-E28D824D43BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22000.2538",
"matchCriteriaId": "100A27D3-87B0-4E72-83F6-7605E3F35E63"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22621.2428",
"matchCriteriaId": "C6A36795-0238-45C9-ABE6-3DCCF751915B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*",
"matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-41770",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

115
CVE-2023/CVE-2023-417xx/CVE-2023-41771.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-41771",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:18.600",
"lastModified": "2023-10-10T18:20:50.797",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-12T22:17:19.243",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Layer 2 Tunneling Protocol Remote Code Execution Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo en Layer 2 Tunneling Protocol"
}
],
"metrics": {
@ -34,10 +38,115 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-362"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.10240.20232",
"matchCriteriaId": "656B3DC8-9A4A-4386-A1F0-367E6B05C728"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.6351",
"matchCriteriaId": "2D523568-3488-439B-B008-025E99213147"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.4974",
"matchCriteriaId": "E500D59C-6597-45E9-A57B-BE26C0C231D3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19041.3570",
"matchCriteriaId": "80F408E5-E550-44B4-88E3-BE11359C07CD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19045.3570",
"matchCriteriaId": "1814619C-ED07-49E0-A50A-E28D824D43BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22000.2538",
"matchCriteriaId": "100A27D3-87B0-4E72-83F6-7605E3F35E63"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22621.2428",
"matchCriteriaId": "C6A36795-0238-45C9-ABE6-3DCCF751915B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*",
"matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-41771",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

78
CVE-2023/CVE-2023-417xx/CVE-2023-41772.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-41772",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:18.667",
"lastModified": "2023-10-10T18:20:50.797",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-12T22:17:09.880",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Win32k Elevation of Privilege Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de elevaci\u00f3n de privilegios en Win32k"
}
],
"metrics": {
@ -34,10 +38,78 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.4974",
"matchCriteriaId": "E500D59C-6597-45E9-A57B-BE26C0C231D3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19041.3570",
"matchCriteriaId": "80F408E5-E550-44B4-88E3-BE11359C07CD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19045.3570",
"matchCriteriaId": "1814619C-ED07-49E0-A50A-E28D824D43BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22000.2538",
"matchCriteriaId": "100A27D3-87B0-4E72-83F6-7605E3F35E63"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22621.2428",
"matchCriteriaId": "C6A36795-0238-45C9-ABE6-3DCCF751915B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-41772",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

115
CVE-2023/CVE-2023-417xx/CVE-2023-41773.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-41773",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:18.733",
"lastModified": "2023-10-10T18:20:50.797",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-12T22:16:50.640",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Layer 2 Tunneling Protocol Remote Code Execution Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo en Layer 2 Tunneling Protocol"
}
],
"metrics": {
@ -34,10 +38,115 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-362"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.10240.20232",
"matchCriteriaId": "656B3DC8-9A4A-4386-A1F0-367E6B05C728"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.6351",
"matchCriteriaId": "2D523568-3488-439B-B008-025E99213147"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.4974",
"matchCriteriaId": "E500D59C-6597-45E9-A57B-BE26C0C231D3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19041.3570",
"matchCriteriaId": "80F408E5-E550-44B4-88E3-BE11359C07CD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19045.3570",
"matchCriteriaId": "1814619C-ED07-49E0-A50A-E28D824D43BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22000.2538",
"matchCriteriaId": "100A27D3-87B0-4E72-83F6-7605E3F35E63"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22621.2428",
"matchCriteriaId": "C6A36795-0238-45C9-ABE6-3DCCF751915B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*",
"matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-41773",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

115
CVE-2023/CVE-2023-417xx/CVE-2023-41774.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-41774",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-10-10T18:15:18.800",
"lastModified": "2023-10-10T18:20:50.797",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-12T22:16:36.377",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Layer 2 Tunneling Protocol Remote Code Execution Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo en Layer 2 Tunneling Protocol"
}
],
"metrics": {
@ -34,10 +38,115 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-362"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.10240.20232",
"matchCriteriaId": "656B3DC8-9A4A-4386-A1F0-367E6B05C728"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.6351",
"matchCriteriaId": "2D523568-3488-439B-B008-025E99213147"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.4974",
"matchCriteriaId": "E500D59C-6597-45E9-A57B-BE26C0C231D3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19041.3570",
"matchCriteriaId": "80F408E5-E550-44B4-88E3-BE11359C07CD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19045.3570",
"matchCriteriaId": "1814619C-ED07-49E0-A50A-E28D824D43BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22000.2538",
"matchCriteriaId": "100A27D3-87B0-4E72-83F6-7605E3F35E63"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22621.2428",
"matchCriteriaId": "C6A36795-0238-45C9-ABE6-3DCCF751915B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*",
"matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-41774",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

55
CVE-2023/CVE-2023-441xx/CVE-2023-44175.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-44175",
"sourceIdentifier": "sirt@juniper.net",
"published": "2023-10-12T23:15:11.307",
"lastModified": "2023-10-12T23:15:11.307",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\nA Reachable Assertion vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows to send specific genuine PIM packets to the device resulting in rpd to crash causing a Denial of Service (DoS).\n\nContinued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition.\n\nNote: This issue is not noticed when all the devices in the network are Juniper devices.\n\nThis issue affects Juniper Networks:\n\nJunos OS:\n\n\n\n * All versions prior to 20.4R3-S7;\n * 21.2 versions prior to 21.2R3-S5;\n * 21.3 versions prior to 21.3R3-S4;\n * 21.4 versions prior to 21.4R3-S4;\n * 22.1 versions prior to 22.1R3-S4;\n * 22.2 versions prior to 22.2R3;\n * 22.3 versions prior to 22.3R3;\n * 22.4 versions prior to 22.4R3.\n\n\n\n\nJunos OS Evolved:\n\n\n\n * All versions prior to 22.3R3-EVO;\n * 22.4-EVO versions prior to 22.4R3-EVO;\n * 23.2-EVO versions prior to 23.2R1-EVO.\n\n\n\n\n\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "sirt@juniper.net",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "sirt@juniper.net",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-617"
}
]
}
],
"references": [
{
"url": "https://supportportal.juniper.net/JSA73141",
"source": "sirt@juniper.net"
}
]
}

58
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-10-12T22:00:24.410600+00:00
2023-10-12T23:55:25.917588+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-10-12T21:15:11.437000+00:00
2023-10-12T23:15:11.307000+00:00
```
### Last Data Feed Release
@ -29,33 +29,53 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
227690
227699
```
### CVEs added in the last Commit
Recently added CVEs: `4`
Recently added CVEs: `9`
* [CVE-2023-23632](CVE-2023/CVE-2023-236xx/CVE-2023-23632.json) (`2023-10-12T20:15:12.187`)
* [CVE-2023-5562](CVE-2023/CVE-2023-55xx/CVE-2023-5562.json) (`2023-10-12T20:15:12.583`)
* [CVE-2023-45510](CVE-2023/CVE-2023-455xx/CVE-2023-45510.json) (`2023-10-12T21:15:11.373`)
* [CVE-2023-45511](CVE-2023/CVE-2023-455xx/CVE-2023-45511.json) (`2023-10-12T21:15:11.437`)
* [CVE-2023-22392](CVE-2023/CVE-2023-223xx/CVE-2023-22392.json) (`2023-10-12T23:15:10.680`)
* [CVE-2023-27316](CVE-2023/CVE-2023-273xx/CVE-2023-27316.json) (`2023-10-12T22:15:09.640`)
* [CVE-2023-36839](CVE-2023/CVE-2023-368xx/CVE-2023-36839.json) (`2023-10-12T23:15:10.883`)
* [CVE-2023-36841](CVE-2023/CVE-2023-368xx/CVE-2023-36841.json) (`2023-10-12T23:15:10.967`)
* [CVE-2023-36843](CVE-2023/CVE-2023-368xx/CVE-2023-36843.json) (`2023-10-12T23:15:11.053`)
* [CVE-2023-41261](CVE-2023/CVE-2023-412xx/CVE-2023-41261.json) (`2023-10-12T23:15:11.137`)
* [CVE-2023-41262](CVE-2023/CVE-2023-412xx/CVE-2023-41262.json) (`2023-10-12T23:15:11.190`)
* [CVE-2023-41263](CVE-2023/CVE-2023-412xx/CVE-2023-41263.json) (`2023-10-12T23:15:11.243`)
* [CVE-2023-44175](CVE-2023/CVE-2023-441xx/CVE-2023-44175.json) (`2023-10-12T23:15:11.307`)
### CVEs modified in the last Commit
Recently modified CVEs: `10`
Recently modified CVEs: `41`
* [CVE-2022-22988](CVE-2022/CVE-2022-229xx/CVE-2022-22988.json) (`2023-10-12T21:15:11.057`)
* [CVE-2022-22989](CVE-2022/CVE-2022-229xx/CVE-2022-22989.json) (`2023-10-12T21:15:11.200`)
* [CVE-2023-43191](CVE-2023/CVE-2023-431xx/CVE-2023-43191.json) (`2023-10-12T20:15:12.287`)
* [CVE-2023-43192](CVE-2023/CVE-2023-431xx/CVE-2023-43192.json) (`2023-10-12T20:15:12.387`)
* [CVE-2023-5072](CVE-2023/CVE-2023-50xx/CVE-2023-5072.json) (`2023-10-12T20:15:12.477`)
* [CVE-2023-37939](CVE-2023/CVE-2023-379xx/CVE-2023-37939.json) (`2023-10-12T20:21:29.103`)
* [CVE-2023-25604](CVE-2023/CVE-2023-256xx/CVE-2023-25604.json) (`2023-10-12T20:23:02.177`)
* [CVE-2023-25607](CVE-2023/CVE-2023-256xx/CVE-2023-25607.json) (`2023-10-12T20:30:55.903`)
* [CVE-2023-44249](CVE-2023/CVE-2023-442xx/CVE-2023-44249.json) (`2023-10-12T20:35:13.497`)
* [CVE-2023-41841](CVE-2023/CVE-2023-418xx/CVE-2023-41841.json) (`2023-10-12T20:38:09.057`)
* [CVE-2023-36789](CVE-2023/CVE-2023-367xx/CVE-2023-36789.json) (`2023-10-12T22:21:04.777`)
* [CVE-2023-36786](CVE-2023/CVE-2023-367xx/CVE-2023-36786.json) (`2023-10-12T22:21:38.897`)
* [CVE-2023-36785](CVE-2023/CVE-2023-367xx/CVE-2023-36785.json) (`2023-10-12T22:21:49.387`)
* [CVE-2023-36780](CVE-2023/CVE-2023-367xx/CVE-2023-36780.json) (`2023-10-12T22:22:01.300`)
* [CVE-2023-36778](CVE-2023/CVE-2023-367xx/CVE-2023-36778.json) (`2023-10-12T22:22:11.657`)
* [CVE-2023-36776](CVE-2023/CVE-2023-367xx/CVE-2023-36776.json) (`2023-10-12T22:22:20.477`)
* [CVE-2023-36706](CVE-2023/CVE-2023-367xx/CVE-2023-36706.json) (`2023-10-12T22:22:35.837`)
* [CVE-2023-36704](CVE-2023/CVE-2023-367xx/CVE-2023-36704.json) (`2023-10-12T22:22:46.590`)
* [CVE-2023-36703](CVE-2023/CVE-2023-367xx/CVE-2023-36703.json) (`2023-10-12T22:22:56.697`)
* [CVE-2023-36702](CVE-2023/CVE-2023-367xx/CVE-2023-36702.json) (`2023-10-12T22:23:09.707`)
* [CVE-2023-36701](CVE-2023/CVE-2023-367xx/CVE-2023-36701.json) (`2023-10-12T22:23:22.620`)
* [CVE-2023-36698](CVE-2023/CVE-2023-366xx/CVE-2023-36698.json) (`2023-10-12T22:23:58.360`)
* [CVE-2023-24479](CVE-2023/CVE-2023-244xx/CVE-2023-24479.json) (`2023-10-12T22:25:43.207`)
* [CVE-2023-31272](CVE-2023/CVE-2023-312xx/CVE-2023-31272.json) (`2023-10-12T22:26:42.633`)
* [CVE-2023-32632](CVE-2023/CVE-2023-326xx/CVE-2023-32632.json) (`2023-10-12T22:26:55.673`)
* [CVE-2023-32645](CVE-2023/CVE-2023-326xx/CVE-2023-32645.json) (`2023-10-12T22:27:09.257`)
* [CVE-2023-34346](CVE-2023/CVE-2023-343xx/CVE-2023-34346.json) (`2023-10-12T22:27:26.273`)
* [CVE-2023-35968](CVE-2023/CVE-2023-359xx/CVE-2023-35968.json) (`2023-10-12T22:27:41.250`)
* [CVE-2023-35967](CVE-2023/CVE-2023-359xx/CVE-2023-35967.json) (`2023-10-12T22:28:03.643`)
* [CVE-2023-35966](CVE-2023/CVE-2023-359xx/CVE-2023-35966.json) (`2023-10-12T22:28:21.513`)
* [CVE-2023-35965](CVE-2023/CVE-2023-359xx/CVE-2023-35965.json) (`2023-10-12T22:32:08.507`)
* [CVE-2023-35056](CVE-2023/CVE-2023-350xx/CVE-2023-35056.json) (`2023-10-12T22:47:22.200`)
* [CVE-2023-35055](CVE-2023/CVE-2023-350xx/CVE-2023-35055.json) (`2023-10-12T22:47:39.863`)
* [CVE-2023-34426](CVE-2023/CVE-2023-344xx/CVE-2023-34426.json) (`2023-10-12T22:47:54.743`)
* [CVE-2023-34365](CVE-2023/CVE-2023-343xx/CVE-2023-34365.json) (`2023-10-12T22:48:08.197`)
## Download and Usage