admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-08-01T16:00:27.501449+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-08-01 16:00:31 +00:00
parent 95b5e51b1b
commit 866b3c5ffc
28 changed files with 1853 additions and 181 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
CVE-2022/CVE-2022-399xx/CVE-2022-39986.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2022-39986",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-01T14:15:09.877",
"lastModified": "2023-08-01T15:25:40.337",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A Command injection vulnerability in RaspAP 2.8.0 thru 2.8.7 allows unauthenticated attackers to execute arbitrary commands via the cfg_id parameter in /ajax/openvpn/activate_ovpncfg.php and /ajax/openvpn/del_ovpncfg.php."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/RaspAP/raspap-webgui/blob/master/ajax/openvpn/activate_ovpncfg.php",
"source": "cve@mitre.org"
},
{
"url": "https://medium.com/@ismael0x00/multiple-vulnerabilities-in-raspap-3c35e78809f2",
"source": "cve@mitre.org"
}
]
}

24
CVE-2022/CVE-2022-399xx/CVE-2022-39987.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2022-39987",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-01T14:15:09.937",
"lastModified": "2023-08-01T15:25:40.337",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A Command injection vulnerability in RaspAP 2.8.0 thru 2.9.2 allows an authenticated attacker to execute arbitrary OS commands as root via the \"entity\" POST parameters in /ajax/networking/get_wgkey.php."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/RaspAP/raspap-webgui/blob/master/ajax/networking/get_wgkey.php",
"source": "cve@mitre.org"
},
{
"url": "https://medium.com/@ismael0x00/multiple-vulnerabilities-in-raspap-3c35e78809f2",
"source": "cve@mitre.org"
}
]
}

51
CVE-2023/CVE-2023-258xx/CVE-2023-25841.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-25841",
"sourceIdentifier": "psirt@esri.com",
"published": "2023-07-21T19:15:10.260",
"lastModified": "2023-07-24T13:09:06.887",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-01T15:56:56.813",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -13,8 +13,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@esri.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "psirt@esri.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
@ -46,10 +66,33 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:esri:arcgis:*:*:*:*:*:*:*:*",
"versionStartIncluding": "10.8.1",
"versionEndExcluding": "11.1",
"matchCriteriaId": "B9E2953E-FE3E-41D1-8A88-638C3DEED27F"
}
]
}
]
}
],
"references": [
{
"url": "https://www.esri.com/arcgis-blog/products/trust-arcgis/announcements/arcgis-server-security-2023-update-1-patch-available/",
"source": "psirt@esri.com"
"source": "psirt@esri.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

14
CVE-2023/CVE-2023-301xx/CVE-2023-30151.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30151",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-13T17:15:09.207",
"lastModified": "2023-08-01T01:15:10.693",
"vulnStatus": "Modified",
"lastModified": "2023-08-01T14:02:19.910",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -17,19 +17,19 @@
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 2.8,
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]

20
CVE-2023/CVE-2023-317xx/CVE-2023-31710.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-31710",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-01T14:15:10.013",
"lastModified": "2023-08-01T15:25:40.337",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "TP-Link Archer AX21(US)_V3_1.1.4 Build 20230219 and AX21(US)_V3.6_1.1.4 Build 20230219 are vulnerable to Buffer Overflow."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/xiaobye-ctf/My-CVE/tree/main/TP-Link/CVE-2023-31710",
"source": "cve@mitre.org"
}
]
}

111
CVE-2023/CVE-2023-31xx/CVE-2023-3117.json
View File

@ -2,115 +2,14 @@
"id": "CVE-2023-3117",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-06-30T22:15:10.127",
"lastModified": "2023-07-07T17:11:07.733",
"vulnStatus": "Analyzed",
"lastModified": "2023-08-01T14:15:11.253",
"vulnStatus": "Rejected",
"descriptions": [
{
"lang": "en",
"value": "A use-after-free flaw was found in the Netfilter subsystem of the Linux kernel when processing named and anonymous sets in batch requests, which can lead to performing arbitrary reads and writes in kernel memory. This flaw allows a local user with CAP_NET_ADMIN capability to crash or potentially escalate their privileges on the system."
"value": "** REJECT ** DO NOT USE THIS CVE RECORD. \u00a0ConsultIDs: CVE-2023-3390. \u00a0Reason: This record is a duplicate of CVE-2023-3390. \u00a0Notes: All CVE users should reference CVE-2023-3390 instead of this record. \u00a0All references and descriptions in this record have been removed to prevent accidental usage."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
},
{
"source": "secalert@redhat.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.4",
"matchCriteriaId": "18D12E25-2947-44E7-989D-24450E013A1F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.4:rc1:*:*:*:*:*:*",
"matchCriteriaId": "38BC6744-7D25-4C02-9966-B224CD071D30"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.4:rc2:*:*:*:*:*:*",
"matchCriteriaId": "76061B41-CAE9-4467-BEDE-0FFC7956F2A1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.4:rc3:*:*:*:*:*:*",
"matchCriteriaId": "A717BA5B-D535-46A0-A329-A25FE5CEC588"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.4:rc4:*:*:*:*:*:*",
"matchCriteriaId": "89CC80C6-F1EE-4AC7-BD21-DB3217BADE87"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.4:rc5:*:*:*:*:*:*",
"matchCriteriaId": "41EACEA1-FB69-4AF2-BC52-D39489858D42"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.4:rc6:*:*:*:*:*:*",
"matchCriteriaId": "9E1C36BE-F9D8-40B6-8281-5B8F9B42322D"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=1240eb93f0616b21c675416516ff3d74798fdc97",
"source": "secalert@redhat.com",
"tags": [
"Patch"
]
}
]
"metrics": {},
"references": []
}

32
CVE-2023/CVE-2023-346xx/CVE-2023-34634.json Normal file
View File

@ -0,0 +1,32 @@
{
"id": "CVE-2023-34634",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-01T14:15:10.070",
"lastModified": "2023-08-01T15:25:40.337",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Greenshot 1.2.10 and below allows arbitrary code execution because .NET content is insecurely deserialized when a .greenshot file is opened."
}
],
"metrics": {},
"references": [
{
"url": "http://packetstormsecurity.com/files/173825/GreenShot-1.2.10-Arbitrary-Code-Execution.html",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/greenshot/greenshot/commit/a152e2883fca7f78051b3bd6b1e5cc57355cb44c",
"source": "cve@mitre.org"
},
{
"url": "https://greenshot.atlassian.net/browse/BUG-3061",
"source": "cve@mitre.org"
},
{
"url": "https://www.exploit-db.com/exploits/51633",
"source": "cve@mitre.org"
}
]
}

40
CVE-2023/CVE-2023-353xx/CVE-2023-35392.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35392",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-21T18:15:10.247",
"lastModified": "2023-07-24T13:09:06.887",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-01T15:42:05.133",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -34,10 +34,44 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:edge_chromium:*:*:*:*:*:*:*:*",
"versionEndExcluding": "115.0.1901.183",
"matchCriteriaId": "24B18462-97A3-46C9-BC7D-77B9BFF39702"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35392",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

64
CVE-2023/CVE-2023-36xx/CVE-2023-3603.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3603",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-07-21T20:15:16.587",
"lastModified": "2023-07-24T13:09:06.887",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-01T14:44:42.517",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "secalert@redhat.com",
"type": "Secondary",
@ -34,14 +54,50 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-770"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:libssh:libssh:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9B0EB43D-D594-43B0-AB33-5E8E1A6C8BEF"
}
]
}
]
}
],
"references": [
{
"url": "https://access.redhat.com/security/cve/CVE-2023-3603",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2221791",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
]
}
]
}

64
CVE-2023/CVE-2023-379xx/CVE-2023-37915.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-37915",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-07-21T21:15:11.400",
"lastModified": "2023-07-24T13:09:06.887",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-01T15:47:10.000",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -36,8 +56,18 @@
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -46,14 +76,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:objectcomputing:opendds:3.23.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9F178EAB-899A-4A2A-8536-CDDEBF2BF129"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/OpenDDS/OpenDDS/releases/tag/DDS-3.25",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/OpenDDS/OpenDDS/security/advisories/GHSA-v5pp-7prc-5xq9",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
]
}
]
}

40
CVE-2023/CVE-2023-381xx/CVE-2023-38173.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-38173",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-21T18:15:10.347",
"lastModified": "2023-07-24T13:09:06.887",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-01T15:41:11.363",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -34,10 +34,44 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:edge_chromium:*:*:*:*:*:*:*:*",
"versionEndExcluding": "115.0.1901.183",
"matchCriteriaId": "24B18462-97A3-46C9-BC7D-77B9BFF39702"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38173",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

40
CVE-2023/CVE-2023-381xx/CVE-2023-38187.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-38187",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-21T18:15:10.420",
"lastModified": "2023-07-24T13:09:06.887",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-01T15:35:07.063",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -34,10 +34,44 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:edge_chromium:*:*:*:*:*:*:*:*",
"versionEndExcluding": "115.0.1901.183",
"matchCriteriaId": "24B18462-97A3-46C9-BC7D-77B9BFF39702"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38187",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

28
CVE-2023/CVE-2023-383xx/CVE-2023-38357.json Normal file
View File

@ -0,0 +1,28 @@
{
"id": "CVE-2023-38357",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-01T15:15:09.703",
"lastModified": "2023-08-01T15:25:40.337",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Session tokens in RWS WorldServer 11.7.3 and earlier have a low entropy and can be enumerated, leading to unauthorized access to user sessions."
}
],
"metrics": {},
"references": [
{
"url": "http://packetstormsecurity.com/files/173609/RWS-WorldServer-11.7.3-Session-Token-Enumeration.html",
"source": "cve@mitre.org"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Jul/30",
"source": "cve@mitre.org"
},
{
"url": "https://www.redteam-pentesting.de/en/advisories/rt-sa-2023-001/-session-token-enumeration-in-rws-worldserver",
"source": "cve@mitre.org"
}
]
}

1023
CVE-2023/CVE-2023-385xx/CVE-2023-38523.json
View File

File diff suppressed because it is too large Load Diff

73
CVE-2023/CVE-2023-38xx/CVE-2023-3802.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3802",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-21T00:15:10.537",
"lastModified": "2023-07-21T12:52:32.633",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-01T15:07:06.753",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -61,7 +83,7 @@
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
@ -69,20 +91,59 @@
"value": "CWE-434"
}
]
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cdwanjiang:flash_flood_disaster_monitoring_and_warning_system:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "80BB5315-77A8-4369-84A4-D29CA1622991"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/GUIqizsq/cve/blob/main/upload_1.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.235070",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.235070",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
}
]
}

20
CVE-2023/CVE-2023-391xx/CVE-2023-39108.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-39108",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-01T14:15:10.137",
"lastModified": "2023-08-01T15:25:40.337",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "rconfig v3.9.4 was discovered to contain a Server-Side Request Forgery (SSRF) via the path_b parameter in the doDiff Function of /classes/compareClass.php. This vulnerability allows authenticated attackers to make arbitrary requests via injection of crafted URLs."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/zer0yu/CVE_Request/blob/master/rConfig/rConfig_path_b.md",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-391xx/CVE-2023-39109.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-39109",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-01T14:15:10.193",
"lastModified": "2023-08-01T15:25:40.337",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "rconfig v3.9.4 was discovered to contain a Server-Side Request Forgery (SSRF) via the path_a parameter in the doDiff Function of /classes/compareClass.php. This vulnerability allows authenticated attackers to make arbitrary requests via injection of crafted URLs."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/zer0yu/CVE_Request/blob/master/rConfig/rConfig_path_a.md",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-391xx/CVE-2023-39110.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-39110",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-01T14:15:10.247",
"lastModified": "2023-08-01T15:25:40.337",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "rconfig v3.9.4 was discovered to contain a Server-Side Request Forgery (SSRF) via the path parameter at /ajaxGetFileByPath.php. This vulnerability allows authenticated attackers to make arbitrary requests via injection of crafted URLs."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/zer0yu/CVE_Request/blob/master/rConfig/rConfig_%20ajaxGetFileByPath.md",
"source": "cve@mitre.org"
}
]
}

32
CVE-2023/CVE-2023-40xx/CVE-2023-4045.json Normal file
View File

@ -0,0 +1,32 @@
{
"id": "CVE-2023-4045",
"sourceIdentifier": "security@mozilla.org",
"published": "2023-08-01T15:15:09.783",
"lastModified": "2023-08-01T15:25:40.337",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Offscreen Canvas did not properly track cross-origin tainting, which could have been used to access image data from another site in violation of same-origin policy. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1."
}
],
"metrics": {},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1833876",
"source": "security@mozilla.org"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-29/",
"source": "security@mozilla.org"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-30/",
"source": "security@mozilla.org"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-31/",
"source": "security@mozilla.org"
}
]
}

32
CVE-2023/CVE-2023-40xx/CVE-2023-4046.json Normal file
View File

@ -0,0 +1,32 @@
{
"id": "CVE-2023-4046",
"sourceIdentifier": "security@mozilla.org",
"published": "2023-08-01T15:15:09.847",
"lastModified": "2023-08-01T15:25:40.337",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In some circumstances, a stale value could have been used for a global variable in WASM JIT analysis. This resulted in incorrect compilation and a potentially exploitable crash in the content process. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1."
}
],
"metrics": {},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1837686",
"source": "security@mozilla.org"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-29/",
"source": "security@mozilla.org"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-30/",
"source": "security@mozilla.org"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-31/",
"source": "security@mozilla.org"
}
]
}

32
CVE-2023/CVE-2023-40xx/CVE-2023-4047.json Normal file
View File

@ -0,0 +1,32 @@
{
"id": "CVE-2023-4047",
"sourceIdentifier": "security@mozilla.org",
"published": "2023-08-01T15:15:09.903",
"lastModified": "2023-08-01T15:25:40.337",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A bug in popup notifications delay calculation could have made it possible for an attacker to trick a user into granting permissions. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1."
}
],
"metrics": {},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1839073",
"source": "security@mozilla.org"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-29/",
"source": "security@mozilla.org"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-30/",
"source": "security@mozilla.org"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-31/",
"source": "security@mozilla.org"
}
]
}

32
CVE-2023/CVE-2023-40xx/CVE-2023-4048.json Normal file
View File

@ -0,0 +1,32 @@
{
"id": "CVE-2023-4048",
"sourceIdentifier": "security@mozilla.org",
"published": "2023-08-01T15:15:09.967",
"lastModified": "2023-08-01T15:25:40.337",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds read could have led to an exploitable crash when parsing HTML with DOMParser in low memory situations. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1."
}
],
"metrics": {},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1841368",
"source": "security@mozilla.org"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-29/",
"source": "security@mozilla.org"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-30/",
"source": "security@mozilla.org"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-31/",
"source": "security@mozilla.org"
}
]
}

32
CVE-2023/CVE-2023-40xx/CVE-2023-4049.json Normal file
View File

@ -0,0 +1,32 @@
{
"id": "CVE-2023-4049",
"sourceIdentifier": "security@mozilla.org",
"published": "2023-08-01T15:15:10.030",
"lastModified": "2023-08-01T15:25:40.337",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Race conditions in reference counting code were found through code inspection. These could have resulted in potentially exploitable use-after-free vulnerabilities. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1."
}
],
"metrics": {},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1842658",
"source": "security@mozilla.org"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-29/",
"source": "security@mozilla.org"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-30/",
"source": "security@mozilla.org"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-31/",
"source": "security@mozilla.org"
}
]
}

32
CVE-2023/CVE-2023-40xx/CVE-2023-4050.json Normal file
View File

@ -0,0 +1,32 @@
{
"id": "CVE-2023-4050",
"sourceIdentifier": "security@mozilla.org",
"published": "2023-08-01T15:15:10.090",
"lastModified": "2023-08-01T15:25:40.337",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In some cases, an untrusted input stream was copied to a stack buffer without checking its size. This resulted in a potentially exploitable crash which could have led to a sandbox escape. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1."
}
],
"metrics": {},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1843038",
"source": "security@mozilla.org"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-29/",
"source": "security@mozilla.org"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-30/",
"source": "security@mozilla.org"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-31/",
"source": "security@mozilla.org"
}
]
}

24
CVE-2023/CVE-2023-40xx/CVE-2023-4051.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-4051",
"sourceIdentifier": "security@mozilla.org",
"published": "2023-08-01T15:15:10.147",
"lastModified": "2023-08-01T15:25:40.337",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A website could have obscured the full screen notification by using the file open dialog. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 116."
}
],
"metrics": {},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1821884",
"source": "security@mozilla.org"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-29/",
"source": "security@mozilla.org"
}
]
}

28
CVE-2023/CVE-2023-40xx/CVE-2023-4052.json Normal file
View File

@ -0,0 +1,28 @@
{
"id": "CVE-2023-4052",
"sourceIdentifier": "security@mozilla.org",
"published": "2023-08-01T15:15:10.207",
"lastModified": "2023-08-01T15:25:40.337",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "The Firefox updater created a directory writable by non-privileged users. When uninstalling Firefox, any files in that directory would be recursively deleted with the permissions of the uninstalling user account. This could be combined with creation of a junction (a form of symbolic link) to allow arbitrary file deletion controlled by the non-privileged user. \n*This bug only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects Firefox < 116 and Firefox ESR < 115.1."
}
],
"metrics": {},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1824420",
"source": "security@mozilla.org"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-29/",
"source": "security@mozilla.org"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-31/",
"source": "security@mozilla.org"
}
]
}

24
CVE-2023/CVE-2023-40xx/CVE-2023-4053.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-4053",
"sourceIdentifier": "security@mozilla.org",
"published": "2023-08-01T15:15:10.267",
"lastModified": "2023-08-01T15:25:40.337",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A website could have obscured the full screen notification by using a URL with a scheme handled by an external program, such as a mailto URL. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 116."
}
],
"metrics": {},
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1839079",
"source": "security@mozilla.org"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-29/",
"source": "security@mozilla.org"
}
]
}

58
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-08-01T14:00:29.325562+00:00
2023-08-01T16:00:27.501449+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-08-01T13:50:50.473000+00:00
2023-08-01T15:56:56.813000+00:00
```
### Last Data Feed Release
@ -29,40 +29,46 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
221358
221375
```
### CVEs added in the last Commit
Recently added CVEs: `1`
Recently added CVEs: `17`
* [CVE-2023-37478](CVE-2023/CVE-2023-374xx/CVE-2023-37478.json) (`2023-08-01T12:15:09.937`)
* [CVE-2022-39986](CVE-2022/CVE-2022-399xx/CVE-2022-39986.json) (`2023-08-01T14:15:09.877`)
* [CVE-2022-39987](CVE-2022/CVE-2022-399xx/CVE-2022-39987.json) (`2023-08-01T14:15:09.937`)
* [CVE-2023-31710](CVE-2023/CVE-2023-317xx/CVE-2023-31710.json) (`2023-08-01T14:15:10.013`)
* [CVE-2023-34634](CVE-2023/CVE-2023-346xx/CVE-2023-34634.json) (`2023-08-01T14:15:10.070`)
* [CVE-2023-39108](CVE-2023/CVE-2023-391xx/CVE-2023-39108.json) (`2023-08-01T14:15:10.137`)
* [CVE-2023-39109](CVE-2023/CVE-2023-391xx/CVE-2023-39109.json) (`2023-08-01T14:15:10.193`)
* [CVE-2023-39110](CVE-2023/CVE-2023-391xx/CVE-2023-39110.json) (`2023-08-01T14:15:10.247`)
* [CVE-2023-38357](CVE-2023/CVE-2023-383xx/CVE-2023-38357.json) (`2023-08-01T15:15:09.703`)
* [CVE-2023-4045](CVE-2023/CVE-2023-40xx/CVE-2023-4045.json) (`2023-08-01T15:15:09.783`)
* [CVE-2023-4046](CVE-2023/CVE-2023-40xx/CVE-2023-4046.json) (`2023-08-01T15:15:09.847`)
* [CVE-2023-4047](CVE-2023/CVE-2023-40xx/CVE-2023-4047.json) (`2023-08-01T15:15:09.903`)
* [CVE-2023-4048](CVE-2023/CVE-2023-40xx/CVE-2023-4048.json) (`2023-08-01T15:15:09.967`)
* [CVE-2023-4049](CVE-2023/CVE-2023-40xx/CVE-2023-4049.json) (`2023-08-01T15:15:10.030`)
* [CVE-2023-4050](CVE-2023/CVE-2023-40xx/CVE-2023-4050.json) (`2023-08-01T15:15:10.090`)
* [CVE-2023-4051](CVE-2023/CVE-2023-40xx/CVE-2023-4051.json) (`2023-08-01T15:15:10.147`)
* [CVE-2023-4052](CVE-2023/CVE-2023-40xx/CVE-2023-4052.json) (`2023-08-01T15:15:10.207`)
* [CVE-2023-4053](CVE-2023/CVE-2023-40xx/CVE-2023-4053.json) (`2023-08-01T15:15:10.267`)
### CVEs modified in the last Commit
Recently modified CVEs: `20`
Recently modified CVEs: `10`
* [CVE-2020-10962](CVE-2020/CVE-2020-109xx/CVE-2020-10962.json) (`2023-08-01T12:55:38.437`)
* [CVE-2022-42182](CVE-2022/CVE-2022-421xx/CVE-2022-42182.json) (`2023-08-01T12:55:38.437`)
* [CVE-2022-42183](CVE-2022/CVE-2022-421xx/CVE-2022-42183.json) (`2023-08-01T12:55:38.437`)
* [CVE-2023-37903](CVE-2023/CVE-2023-379xx/CVE-2023-37903.json) (`2023-08-01T12:55:19.457`)
* [CVE-2023-3983](CVE-2023/CVE-2023-39xx/CVE-2023-3983.json) (`2023-08-01T12:55:38.437`)
* [CVE-2023-39122](CVE-2023/CVE-2023-391xx/CVE-2023-39122.json) (`2023-08-01T12:55:38.437`)
* [CVE-2023-3462](CVE-2023/CVE-2023-34xx/CVE-2023-3462.json) (`2023-08-01T12:55:38.437`)
* [CVE-2023-3825](CVE-2023/CVE-2023-38xx/CVE-2023-3825.json) (`2023-08-01T12:55:38.437`)
* [CVE-2023-37496](CVE-2023/CVE-2023-374xx/CVE-2023-37496.json) (`2023-08-01T12:55:38.437`)
* [CVE-2023-37772](CVE-2023/CVE-2023-377xx/CVE-2023-37772.json) (`2023-08-01T12:55:38.437`)
* [CVE-2023-4033](CVE-2023/CVE-2023-40xx/CVE-2023-4033.json) (`2023-08-01T12:55:38.437`)
* [CVE-2023-34960](CVE-2023/CVE-2023-349xx/CVE-2023-34960.json) (`2023-08-01T12:55:38.437`)
* [CVE-2023-36983](CVE-2023/CVE-2023-369xx/CVE-2023-36983.json) (`2023-08-01T12:55:38.437`)
* [CVE-2023-36984](CVE-2023/CVE-2023-369xx/CVE-2023-36984.json) (`2023-08-01T12:55:38.437`)
* [CVE-2023-26139](CVE-2023/CVE-2023-261xx/CVE-2023-26139.json) (`2023-08-01T12:55:38.437`)
* [CVE-2023-23548](CVE-2023/CVE-2023-235xx/CVE-2023-23548.json) (`2023-08-01T12:55:38.437`)
* [CVE-2023-32302](CVE-2023/CVE-2023-323xx/CVE-2023-32302.json) (`2023-08-01T12:55:38.437`)
* [CVE-2023-37905](CVE-2023/CVE-2023-379xx/CVE-2023-37905.json) (`2023-08-01T13:39:10.290`)
* [CVE-2023-38195](CVE-2023/CVE-2023-381xx/CVE-2023-38195.json) (`2023-08-01T13:46:25.913`)
* [CVE-2023-38632](CVE-2023/CVE-2023-386xx/CVE-2023-38632.json) (`2023-08-01T13:50:50.473`)
* [CVE-2023-30151](CVE-2023/CVE-2023-301xx/CVE-2023-30151.json) (`2023-08-01T14:02:19.910`)
* [CVE-2023-3117](CVE-2023/CVE-2023-31xx/CVE-2023-3117.json) (`2023-08-01T14:15:11.253`)
* [CVE-2023-3603](CVE-2023/CVE-2023-36xx/CVE-2023-3603.json) (`2023-08-01T14:44:42.517`)
* [CVE-2023-3802](CVE-2023/CVE-2023-38xx/CVE-2023-3802.json) (`2023-08-01T15:07:06.753`)
* [CVE-2023-38523](CVE-2023/CVE-2023-385xx/CVE-2023-38523.json) (`2023-08-01T15:24:35.470`)
* [CVE-2023-38187](CVE-2023/CVE-2023-381xx/CVE-2023-38187.json) (`2023-08-01T15:35:07.063`)
* [CVE-2023-38173](CVE-2023/CVE-2023-381xx/CVE-2023-38173.json) (`2023-08-01T15:41:11.363`)
* [CVE-2023-35392](CVE-2023/CVE-2023-353xx/CVE-2023-35392.json) (`2023-08-01T15:42:05.133`)
* [CVE-2023-37915](CVE-2023/CVE-2023-379xx/CVE-2023-37915.json) (`2023-08-01T15:47:10.000`)
* [CVE-2023-25841](CVE-2023/CVE-2023-258xx/CVE-2023-25841.json) (`2023-08-01T15:56:56.813`)
## Download and Usage