admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-06 02:32:40 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-09-13T16:00:25.208734+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-09-13 16:00:28 +00:00
parent 918631d6b9
commit 86d564caeb
75 changed files with 3538 additions and 575 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
CVE-2017/CVE-2017-150xx/CVE-2017-15095.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2017-15095",
"sourceIdentifier": "secalert@redhat.com",
"published": "2018-02-06T15:29:00.233",
"lastModified": "2022-10-25T20:21:41.423",
"lastModified": "2023-09-13T14:23:11.947",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -87,7 +87,6 @@
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
@ -96,9 +95,9 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.6.0",
"versionEndExcluding": "2.6.7.3",
"matchCriteriaId": "694CA8C9-6F69-4334-AE76-6C3C9F4D6DD6"
"versionStartIncluding": "2.0.0",
"versionEndExcluding": "2.6.7.2",
"matchCriteriaId": "1AF3A54B-F0A1-4929-976B-6C57090B5AD8"
},
{
"vulnerable": true,
@ -144,7 +143,6 @@
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
@ -165,7 +163,6 @@
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
@ -292,7 +289,6 @@
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
@ -328,7 +324,6 @@
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",

86
CVE-2018/CVE-2018-120xx/CVE-2018-12022.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2018-12022",
"sourceIdentifier": "cve@mitre.org",
"published": "2019-03-21T16:00:12.310",
"lastModified": "2020-10-20T22:15:23.873",
"vulnStatus": "Modified",
"lastModified": "2023-09-13T14:22:48.900",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -15,13 +15,13 @@
}
],
"metrics": {
"cvssMetricV30": [
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
@ -82,6 +82,13 @@
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.0.0",
"versionEndExcluding": "2.6.7.3",
"matchCriteriaId": "7036DA13-110D-40B3-8494-E361BBF4AFCD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*",
@ -276,31 +283,52 @@
},
{
"url": "https://access.redhat.com/errata/RHSA-2019:2804",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2019:2858",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2019:3002",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2019:3140",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2019:3149",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2019:3892",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2019:4037",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1671098",
@ -328,19 +356,35 @@
},
{
"url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.apache.org/thread.html/7fcf88aff0d1deaa5c3c7be8d58c05ad7ad5da94b59065d8e7c50c5d@%3Cissues.lucene.apache.org%3E",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZEDLDUYBSTDY4GWDBUXGJNS2RFYTFVRC/",
@ -388,11 +432,17 @@
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",

16
CVE-2018/CVE-2018-147xx/CVE-2018-14718.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2018-14718",
"sourceIdentifier": "cve@mitre.org",
"published": "2019-01-02T18:29:00.310",
"lastModified": "2021-05-21T15:30:02.990",
"lastModified": "2023-09-13T14:22:28.977",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -77,7 +77,6 @@
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
@ -86,9 +85,9 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.6.0",
"versionEndExcluding": "2.6.7.2",
"matchCriteriaId": "A1BA8F04-46A7-4804-A997-59080034013F"
"versionStartIncluding": "2.0.0",
"versionEndExcluding": "2.6.7.3",
"matchCriteriaId": "7036DA13-110D-40B3-8494-E361BBF4AFCD"
},
{
"vulnerable": true,
@ -116,7 +115,6 @@
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
@ -137,7 +135,6 @@
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
@ -380,7 +377,6 @@
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
@ -406,7 +402,6 @@
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
@ -708,6 +703,7 @@
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
]
},
@ -715,6 +711,7 @@
"url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html",
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
]
},
@ -722,6 +719,7 @@
"url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html",
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
]
}

17
CVE-2018/CVE-2018-147xx/CVE-2018-14719.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2018-14719",
"sourceIdentifier": "cve@mitre.org",
"published": "2019-01-02T18:29:00.387",
"lastModified": "2021-05-21T15:22:43.047",
"lastModified": "2023-09-13T14:22:18.630",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -77,7 +77,6 @@
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
@ -86,9 +85,9 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.6.0",
"versionEndExcluding": "2.6.7.2",
"matchCriteriaId": "A1BA8F04-46A7-4804-A997-59080034013F"
"versionStartIncluding": "2.0.0",
"versionEndExcluding": "2.6.7.3",
"matchCriteriaId": "7036DA13-110D-40B3-8494-E361BBF4AFCD"
},
{
"vulnerable": true,
@ -116,7 +115,6 @@
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
@ -137,7 +135,6 @@
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
@ -367,7 +364,6 @@
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
@ -421,7 +417,6 @@
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
@ -653,6 +648,7 @@
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
]
},
@ -660,6 +656,7 @@
"url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html",
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
]
},
@ -667,6 +664,7 @@
"url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
]
},
@ -674,6 +672,7 @@
"url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html",
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
]
}

10
CVE-2018/CVE-2018-59xx/CVE-2018-5968.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2018-5968",
"sourceIdentifier": "cve@mitre.org",
"published": "2018-01-22T04:29:00.327",
"lastModified": "2021-01-21T16:22:56.580",
"lastModified": "2023-09-13T14:19:04.790",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -81,7 +81,6 @@
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
@ -90,9 +89,9 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.6.0",
"versionStartIncluding": "2.0.0",
"versionEndExcluding": "2.6.7.3",
"matchCriteriaId": "694CA8C9-6F69-4334-AE76-6C3C9F4D6DD6"
"matchCriteriaId": "7036DA13-110D-40B3-8494-E361BBF4AFCD"
},
{
"vulnerable": true,
@ -120,7 +119,6 @@
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
@ -210,7 +208,6 @@
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
@ -226,7 +223,6 @@
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",

187
CVE-2019/CVE-2019-120xx/CVE-2019-12086.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2019-12086",
"sourceIdentifier": "cve@mitre.org",
"published": "2019-05-17T17:29:00.483",
"lastModified": "2022-04-20T00:15:18.113",
"vulnStatus": "Modified",
"lastModified": "2023-09-13T14:16:24.477",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -15,13 +15,13 @@
}
],
"metrics": {
"cvssMetricV30": [
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
@ -82,19 +82,26 @@
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.0.0",
"versionEndExcluding": "2.6.7.3",
"matchCriteriaId": "7036DA13-110D-40B3-8494-E361BBF4AFCD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.7.0",
"versionEndIncluding": "2.7.9.5",
"matchCriteriaId": "BED88917-A37B-4082-8F8F-A177331D9B91"
"versionEndExcluding": "2.7.9.6",
"matchCriteriaId": "89660FC3-9198-414C-B89D-C61A4438BA3B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.8.0",
"versionEndIncluding": "2.8.11.3",
"matchCriteriaId": "0DD47BB8-8E7F-4880-B4C8-1B75BACBEF9E"
"versionEndExcluding": "2.8.11.4",
"matchCriteriaId": "5DB8A2D4-0FDE-4216-896B-52824106B97B"
},
{
"vulnerable": true,
@ -147,51 +154,87 @@
},
{
"url": "https://access.redhat.com/errata/RHSA-2019:2858",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2019:2935",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2019:2936",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2019:2937",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2019:2938",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2019:2998",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2019:3044",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2019:3045",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2019:3046",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2019:3050",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2019:3149",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2019:3200",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://github.com/FasterXML/jackson-databind/issues/2326",
@ -211,11 +254,19 @@
},
{
"url": "https://lists.apache.org/thread.html/3f99ae8dcdbd69438cb733d745ee3ad5e852068490719a66509b4592@%3Ccommits.cassandra.apache.org%3E",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.apache.org/thread.html/88cd25375805950ae7337e669b0cb0eeda98b9604c1b8d806dccbad2@%3Creviews.spark.apache.org%3E",
@ -227,27 +278,51 @@
},
{
"url": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5@%3Csolr-user.lucene.apache.org%3E",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.apache.org/thread.html/rda99599896c3667f2cc9e9d34c7b6ef5d2bbed1f4801e1d75a2b0679@%3Ccommits.nifi.apache.org%3E",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00030.html",
@ -258,15 +333,27 @@
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OVRZDN2T6AZ6DJCZJ3VSIQIVHBVMVWBL/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXRVXNRFHJSQWFHPRJQRI5UPMZ63B544/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UKUALE2TUCKEKOHE2D342PQXN4MWCSLC/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062",
@ -300,27 +387,45 @@
},
{
"url": "https://www.oracle.com/security-alerts/cpuApr2021.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.oracle.com/security-alerts/cpujan2020.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.oracle.com/security-alerts/cpujul2020.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
@ -332,7 +437,11 @@
},
{
"url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
]
}
]
}

241
CVE-2019/CVE-2019-123xx/CVE-2019-12384.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2019-12384",
"sourceIdentifier": "cve@mitre.org",
"published": "2019-06-24T16:15:15.103",
"lastModified": "2020-10-20T22:15:30.607",
"vulnStatus": "Modified",
"lastModified": "2023-09-13T14:16:05.413",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -15,13 +15,13 @@
}
],
"metrics": {
"cvssMetricV30": [
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
@ -82,19 +82,26 @@
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.0.0",
"versionEndExcluding": "2.6.7.3",
"matchCriteriaId": "7036DA13-110D-40B3-8494-E361BBF4AFCD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.7.0",
"versionEndIncluding": "2.7.9.5",
"matchCriteriaId": "BED88917-A37B-4082-8F8F-A177331D9B91"
"versionEndExcluding": "2.7.9.6",
"matchCriteriaId": "89660FC3-9198-414C-B89D-C61A4438BA3B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.8.0",
"versionEndIncluding": "2.8.11.3",
"matchCriteriaId": "0DD47BB8-8E7F-4880-B4C8-1B75BACBEF9E"
"versionEndExcluding": "2.8.11.4",
"matchCriteriaId": "5DB8A2D4-0FDE-4216-896B-52824106B97B"
},
{
"vulnerable": true,
@ -168,55 +175,94 @@
},
{
"url": "https://access.redhat.com/errata/RHSA-2019:2720",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2019:2858",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2019:2935",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2019:2936",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2019:2937",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2019:2938",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2019:2998",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2019:3149",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2019:3200",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2019:3292",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2019:3297",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2019:3901",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2019:4352",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.doyensec.com/2019/07/22/jackson-gadgets.html",
@ -242,67 +288,131 @@
},
{
"url": "https://lists.apache.org/thread.html/0d4b630d9ee724aee50703397d9d1afa2b2befc9395ba7797d0ccea9@%3Cdev.tomee.apache.org%3E",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.apache.org/thread.html/2d2a76440becb610b9a9cb49b15eac3934b02c2dbcaacde1000353e4@%3Cdev.tomee.apache.org%3E",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.apache.org/thread.html/34717424b4d08b74f65c09a083d6dd1cb0763f37a15d6de135998c1d@%3Cdev.tomee.apache.org%3E",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.apache.org/thread.html/3f99ae8dcdbd69438cb733d745ee3ad5e852068490719a66509b4592@%3Ccommits.cassandra.apache.org%3E",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.apache.org/thread.html/56c8042873595b8c863054c7bfccab4bf2c01c6f5abedae249d914b9@%3Cdev.tomee.apache.org%3E",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.apache.org/thread.html/5ecc333113b139429f4f05000d4aa2886974d4df3269c1dd990bb319@%3Cdev.tomee.apache.org%3E",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.apache.org/thread.html/5fc0e16b7af2590bf1e97c76c136291c4fdb244ee63c65c485c9a7a1@%3Cdev.tomee.apache.org%3E",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.apache.org/thread.html/87e46591de8925f719664a845572d184027258c5a7af0a471b53c77b@%3Cdev.tomee.apache.org%3E",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.apache.org/thread.html/940b4c3fef002461b89a050935337056d4a036a65ef68e0bbd4621ef@%3Cdev.struts.apache.org%3E",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.apache.org/thread.html/e0733058c0366b703e6757d8d2a7a04b943581f659e9c271f0841dfe@%3Cnotifications.geode.apache.org%3E",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.apache.org/thread.html/ee0a051428d2c719acfa297d0854a189ea5e284ef3ed491fa672f4be@%3Cdev.tomee.apache.org%3E",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00019.html",
@ -314,19 +424,35 @@
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OVRZDN2T6AZ6DJCZJ3VSIQIVHBVMVWBL/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXRVXNRFHJSQWFHPRJQRI5UPMZ63B544/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UKUALE2TUCKEKOHE2D342PQXN4MWCSLC/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://seclists.org/bugtraq/2019/Oct/6",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20190703-0002/",
@ -337,27 +463,46 @@
},
{
"url": "https://www.debian.org/security/2019/dsa-4542",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.oracle.com/security-alerts/cpujan2020.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.oracle.com/security-alerts/cpujul2020.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
]
}
]
}

229
CVE-2019/CVE-2019-128xx/CVE-2019-12814.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2019-12814",
"sourceIdentifier": "cve@mitre.org",
"published": "2019-06-19T14:15:10.897",
"lastModified": "2020-10-20T22:15:31.310",
"vulnStatus": "Modified",
"lastModified": "2023-09-13T14:15:44.777",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -15,13 +15,13 @@
}
],
"metrics": {
"cvssMetricV30": [
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
@ -82,26 +82,33 @@
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.0.0",
"versionEndExcluding": "2.6.7.3",
"matchCriteriaId": "7036DA13-110D-40B3-8494-E361BBF4AFCD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.7.0",
"versionEndIncluding": "2.7.9.5",
"matchCriteriaId": "BED88917-A37B-4082-8F8F-A177331D9B91"
"versionEndExcluding": "2.7.9.6",
"matchCriteriaId": "89660FC3-9198-414C-B89D-C61A4438BA3B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.8.0",
"versionEndIncluding": "2.8.11.3",
"matchCriteriaId": "0DD47BB8-8E7F-4880-B4C8-1B75BACBEF9E"
"versionEndExcluding": "2.8.11.4",
"matchCriteriaId": "5DB8A2D4-0FDE-4216-896B-52824106B97B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.9.0",
"versionEndExcluding": "2.9.9.1",
"matchCriteriaId": "29853D8C-7E61-4A9C-BDCC-7B8D1D0A2098"
"versionEndExcluding": "2.9.9.2",
"matchCriteriaId": "04641592-DAF4-47BB-A9DE-FC4C84A20401"
}
]
}
@ -126,55 +133,94 @@
"references": [
{
"url": "https://access.redhat.com/errata/RHSA-2019:2858",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2019:2935",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2019:2936",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2019:2937",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2019:2938",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2019:3044",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2019:3045",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2019:3046",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2019:3050",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2019:3149",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2019:3200",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2019:3292",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2019:3297",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://github.com/FasterXML/jackson-databind/issues/2341",
@ -185,7 +231,11 @@
},
{
"url": "https://lists.apache.org/thread.html/0d4b630d9ee724aee50703397d9d1afa2b2befc9395ba7797d0ccea9@%3Cdev.tomee.apache.org%3E",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.apache.org/thread.html/129da0204c876f746636018751a086cc581e0e07bcdeb3ee22ff5731@%3Cdev.zookeeper.apache.org%3E",
@ -221,7 +271,11 @@
},
{
"url": "https://lists.apache.org/thread.html/2d2a76440becb610b9a9cb49b15eac3934b02c2dbcaacde1000353e4@%3Cdev.tomee.apache.org%3E",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.apache.org/thread.html/2ff264b6a94c5363a35c4c88fa93216f60ec54d1d973ed6b76a9f560@%3Cissues.zookeeper.apache.org%3E",
@ -233,11 +287,19 @@
},
{
"url": "https://lists.apache.org/thread.html/34717424b4d08b74f65c09a083d6dd1cb0763f37a15d6de135998c1d@%3Cdev.tomee.apache.org%3E",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.apache.org/thread.html/3f99ae8dcdbd69438cb733d745ee3ad5e852068490719a66509b4592@%3Ccommits.cassandra.apache.org%3E",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.apache.org/thread.html/4b832d1327703d6b287a6d223307f8f884d798821209a10647e93324@%3Cnotifications.zookeeper.apache.org%3E",
@ -249,19 +311,35 @@
},
{
"url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.apache.org/thread.html/56c8042873595b8c863054c7bfccab4bf2c01c6f5abedae249d914b9@%3Cdev.tomee.apache.org%3E",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.apache.org/thread.html/5ecc333113b139429f4f05000d4aa2886974d4df3269c1dd990bb319@%3Cdev.tomee.apache.org%3E",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.apache.org/thread.html/5fc0e16b7af2590bf1e97c76c136291c4fdb244ee63c65c485c9a7a1@%3Cdev.tomee.apache.org%3E",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.apache.org/thread.html/71f9ffd92410a889e27b95a219eaa843fd820f8550898633d85d4ea3@%3Cissues.zookeeper.apache.org%3E",
@ -273,7 +351,11 @@
},
{
"url": "https://lists.apache.org/thread.html/87e46591de8925f719664a845572d184027258c5a7af0a471b53c77b@%3Cdev.tomee.apache.org%3E",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.apache.org/thread.html/8fe2983f6d9fee0aa737e4bd24483f8f5cf9b938b9adad0c4e79b2a4@%3Cnotifications.zookeeper.apache.org%3E",
@ -285,7 +367,11 @@
},
{
"url": "https://lists.apache.org/thread.html/940b4c3fef002461b89a050935337056d4a036a65ef68e0bbd4621ef@%3Cdev.struts.apache.org%3E",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.apache.org/thread.html/a3ae8a8c5e32c413cd27071d3a204166050bf79ce7f1299f6866338f@%3Cissues.zookeeper.apache.org%3E",
@ -313,7 +399,11 @@
},
{
"url": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.apache.org/thread.html/b0a2b2cca072650dbd5882719976c3d353972c44f6736ddf0ba95209@%3Cissues.zookeeper.apache.org%3E",
@ -333,7 +423,11 @@
},
{
"url": "https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.apache.org/thread.html/bf20574dbc2db255f1fd489942b5720f675e32a2c4f44eb6a36060cd@%3Ccommits.accumulo.apache.org%3E",
@ -345,11 +439,19 @@
},
{
"url": "https://lists.apache.org/thread.html/e0733058c0366b703e6757d8d2a7a04b943581f659e9c271f0841dfe@%3Cnotifications.geode.apache.org%3E",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.apache.org/thread.html/ee0a051428d2c719acfa297d0854a189ea5e284ef3ed491fa672f4be@%3Cdev.tomee.apache.org%3E",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.apache.org/thread.html/eff7280055fc717ea8129cd28a9dd57b8446d00b36260c1caee10b87@%3Cnotifications.zookeeper.apache.org%3E",
@ -361,11 +463,19 @@
},
{
"url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00019.html",
@ -377,15 +487,27 @@
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OVRZDN2T6AZ6DJCZJ3VSIQIVHBVMVWBL/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TXRVXNRFHJSQWFHPRJQRI5UPMZ63B544/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UKUALE2TUCKEKOHE2D342PQXN4MWCSLC/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20190625-0006/",
@ -396,15 +518,24 @@
},
{
"url": "https://www.oracle.com/security-alerts/cpujan2020.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.oracle.com/security-alerts/cpujul2020.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
@ -416,7 +547,11 @@
},
{
"url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
]
}
]
}

13
CVE-2019/CVE-2019-143xx/CVE-2019-14379.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2019-14379",
"sourceIdentifier": "cve@mitre.org",
"published": "2019-07-29T12:15:16.633",
"lastModified": "2022-12-02T19:23:09.247",
"lastModified": "2023-09-13T14:53:56.473",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -77,7 +77,6 @@
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
@ -86,9 +85,9 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.6.0",
"versionStartIncluding": "2.0.0",
"versionEndExcluding": "2.6.7.3",
"matchCriteriaId": "694CA8C9-6F69-4334-AE76-6C3C9F4D6DD6"
"matchCriteriaId": "7036DA13-110D-40B3-8494-E361BBF4AFCD"
},
{
"vulnerable": true,
@ -116,7 +115,6 @@
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
@ -132,7 +130,6 @@
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
@ -176,7 +173,6 @@
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
@ -244,7 +240,6 @@
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
@ -334,7 +329,6 @@
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
@ -512,7 +506,6 @@
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",

17
CVE-2019/CVE-2019-144xx/CVE-2019-14439.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2019-14439",
"sourceIdentifier": "cve@mitre.org",
"published": "2019-07-30T11:15:11.123",
"lastModified": "2023-02-28T15:21:28.103",
"lastModified": "2023-09-13T14:54:01.637",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -82,19 +82,26 @@
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.0.0",
"versionEndExcluding": "2.6.7.3",
"matchCriteriaId": "7036DA13-110D-40B3-8494-E361BBF4AFCD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.7.0",
"versionEndIncluding": "2.7.9.5",
"matchCriteriaId": "BED88917-A37B-4082-8F8F-A177331D9B91"
"versionEndExcluding": "2.7.9.6",
"matchCriteriaId": "89660FC3-9198-414C-B89D-C61A4438BA3B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.8.0",
"versionEndIncluding": "2.8.11.3",
"matchCriteriaId": "0DD47BB8-8E7F-4880-B4C8-1B75BACBEF9E"
"versionEndExcluding": "2.8.11.4",
"matchCriteriaId": "5DB8A2D4-0FDE-4216-896B-52824106B97B"
},
{
"vulnerable": true,

16
CVE-2019/CVE-2019-145xx/CVE-2019-14540.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2019-14540",
"sourceIdentifier": "cve@mitre.org",
"published": "2019-09-15T22:15:10.277",
"lastModified": "2021-02-22T21:38:47.547",
"lastModified": "2023-09-13T14:54:23.800",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -77,7 +77,6 @@
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
@ -86,16 +85,16 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.6.0",
"versionStartIncluding": "2.0.0",
"versionEndExcluding": "2.6.7.3",
"matchCriteriaId": "694CA8C9-6F69-4334-AE76-6C3C9F4D6DD6"
"matchCriteriaId": "7036DA13-110D-40B3-8494-E361BBF4AFCD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.8.0",
"versionStartIncluding": "2.7.0",
"versionEndExcluding": "2.8.11.5",
"matchCriteriaId": "BF323F3D-B2A4-41E7-94F9-5539C9B7025E"
"matchCriteriaId": "5F83B193-74CF-459A-8055-AE0F033D5BCB"
},
{
"vulnerable": true,
@ -109,7 +108,6 @@
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
@ -135,7 +133,6 @@
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
@ -156,7 +153,6 @@
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
@ -224,7 +220,6 @@
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
@ -692,6 +687,7 @@
"url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html",
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
]
}

10
CVE-2019/CVE-2019-148xx/CVE-2019-14892.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2019-14892",
"sourceIdentifier": "secalert@redhat.com",
"published": "2020-03-02T17:15:17.813",
"lastModified": "2023-02-02T14:50:54.487",
"lastModified": "2023-09-13T14:54:34.440",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -121,16 +121,16 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.6.7",
"versionStartIncluding": "2.0.0",
"versionEndExcluding": "2.6.7.3",
"matchCriteriaId": "83E6836B-8E95-4803-A140-5B3ED5771BA4"
"matchCriteriaId": "7036DA13-110D-40B3-8494-E361BBF4AFCD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.8.0",
"versionStartIncluding": "2.7.0",
"versionEndExcluding": "2.8.11.5",
"matchCriteriaId": "BF323F3D-B2A4-41E7-94F9-5539C9B7025E"
"matchCriteriaId": "5F83B193-74CF-459A-8055-AE0F033D5BCB"
},
{
"vulnerable": true,

16
CVE-2019/CVE-2019-163xx/CVE-2019-16335.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2019-16335",
"sourceIdentifier": "cve@mitre.org",
"published": "2019-09-15T22:15:10.590",
"lastModified": "2021-02-22T21:42:22.080",
"lastModified": "2023-09-13T14:55:03.723",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -77,7 +77,6 @@
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
@ -86,16 +85,16 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.6.0",
"versionStartIncluding": "2.0.0",
"versionEndExcluding": "2.6.7.3",
"matchCriteriaId": "694CA8C9-6F69-4334-AE76-6C3C9F4D6DD6"
"matchCriteriaId": "7036DA13-110D-40B3-8494-E361BBF4AFCD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.8.0",
"versionStartIncluding": "2.7.0",
"versionEndExcluding": "2.8.11.5",
"matchCriteriaId": "BF323F3D-B2A4-41E7-94F9-5539C9B7025E"
"matchCriteriaId": "5F83B193-74CF-459A-8055-AE0F033D5BCB"
},
{
"vulnerable": true,
@ -109,7 +108,6 @@
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
@ -130,7 +128,6 @@
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
@ -156,7 +153,6 @@
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
@ -224,7 +220,6 @@
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
@ -613,6 +608,7 @@
"url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html",
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
]
}

15
CVE-2019/CVE-2019-169xx/CVE-2019-16943.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2019-16943",
"sourceIdentifier": "cve@mitre.org",
"published": "2019-10-01T17:15:10.400",
"lastModified": "2022-10-29T02:33:07.887",
"lastModified": "2023-09-13T14:55:10.833",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -77,7 +77,6 @@
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
@ -86,16 +85,16 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.6.0",
"versionStartIncluding": "2.0.0",
"versionEndExcluding": "2.6.7.3",
"matchCriteriaId": "694CA8C9-6F69-4334-AE76-6C3C9F4D6DD6"
"matchCriteriaId": "7036DA13-110D-40B3-8494-E361BBF4AFCD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.8.0",
"versionStartIncluding": "2.7.0",
"versionEndExcluding": "2.8.11.5",
"matchCriteriaId": "BF323F3D-B2A4-41E7-94F9-5539C9B7025E"
"matchCriteriaId": "5F83B193-74CF-459A-8055-AE0F033D5BCB"
},
{
"vulnerable": true,
@ -109,7 +108,6 @@
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
@ -135,7 +133,6 @@
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
@ -225,7 +222,6 @@
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
@ -441,7 +437,6 @@
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",

10
CVE-2019/CVE-2019-172xx/CVE-2019-17267.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2019-17267",
"sourceIdentifier": "cve@mitre.org",
"published": "2019-10-07T00:15:10.490",
"lastModified": "2021-02-22T21:39:24.953",
"lastModified": "2023-09-13T14:58:29.883",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -77,7 +77,6 @@
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
@ -86,9 +85,9 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.8.0",
"versionStartIncluding": "2.0.0",
"versionEndExcluding": "2.8.11.5",
"matchCriteriaId": "BF323F3D-B2A4-41E7-94F9-5539C9B7025E"
"matchCriteriaId": "5101FEB1-D47B-4AFF-89A1-22F77AE13819"
},
{
"vulnerable": true,
@ -102,7 +101,6 @@
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
@ -151,7 +149,6 @@
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
@ -209,7 +206,6 @@
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",

14
CVE-2019/CVE-2019-175xx/CVE-2019-17531.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2019-17531",
"sourceIdentifier": "cve@mitre.org",
"published": "2019-10-12T21:15:08.570",
"lastModified": "2022-10-29T02:33:28.470",
"lastModified": "2023-09-13T14:53:48.160",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -77,7 +77,6 @@
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
@ -86,16 +85,16 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.6.0",
"versionStartIncluding": "2.0.0",
"versionEndExcluding": "2.6.7.3",
"matchCriteriaId": "694CA8C9-6F69-4334-AE76-6C3C9F4D6DD6"
"matchCriteriaId": "7036DA13-110D-40B3-8494-E361BBF4AFCD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.8.0",
"versionStartIncluding": "2.7.0",
"versionEndExcluding": "2.8.11.5",
"matchCriteriaId": "BF323F3D-B2A4-41E7-94F9-5539C9B7025E"
"matchCriteriaId": "5F83B193-74CF-459A-8055-AE0F033D5BCB"
},
{
"vulnerable": true,
@ -109,7 +108,6 @@
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
@ -167,7 +165,6 @@
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
@ -383,7 +380,6 @@
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",

6
CVE-2019/CVE-2019-203xx/CVE-2019-20330.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2019-20330",
"sourceIdentifier": "cve@mitre.org",
"published": "2020-01-03T04:15:12.137",
"lastModified": "2022-10-29T02:34:00.977",
"lastModified": "2023-09-13T14:55:40.503",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -85,9 +85,9 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.7.0",
"versionStartIncluding": "2.0.0",
"versionEndExcluding": "2.7.9.7",
"matchCriteriaId": "29BC94E0-FEBC-4E86-825C-0101DC339852"
"matchCriteriaId": "2F87CF67-6994-43F1-BEC3-DD7D122D0146"
},
{
"vulnerable": true,

6
CVE-2020/CVE-2020-106xx/CVE-2020-10673.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2020-10673",
"sourceIdentifier": "cve@mitre.org",
"published": "2020-03-18T22:15:12.407",
"lastModified": "2021-12-07T19:44:15.423",
"lastModified": "2023-09-13T14:56:04.233",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -85,9 +85,9 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.6.0",
"versionStartIncluding": "2.0.0",
"versionEndExcluding": "2.6.7.4",
"matchCriteriaId": "2C23395F-4438-4B80-9DA6-87E760F7459A"
"matchCriteriaId": "9FB021E3-0529-4F99-B880-66FDAC2F889D"
},
{
"vulnerable": true,

87
CVE-2020/CVE-2020-240xx/CVE-2020-24088.json
View File

@ -2,27 +2,102 @@
"id": "CVE-2020-24088",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-11T15:15:52.357",
"lastModified": "2023-09-11T18:02:20.103",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-13T15:03:46.090",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in MmMapIoSpace routine in Foxconn Live Update Utility 2.1.6.26, allows local attackers to escalate privileges."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:foxconn:live_update_utility:2.1.6.26:*:*:*:*:*:*:*",
"matchCriteriaId": "B62340FB-CD50-41D7-8F17-FC3859C4FE49"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "http://blog.rewolf.pl/blog/?p=1630",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "http://dronesec.pw/blog/2018/05/17/dell-supportassist-local-privilege-escalation/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://github.com/rjt-gupta/CVE-2020-24088",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

6
CVE-2020/CVE-2020-246xx/CVE-2020-24616.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2020-24616",
"sourceIdentifier": "cve@mitre.org",
"published": "2020-08-25T18:15:11.133",
"lastModified": "2022-05-12T14:42:49.047",
"lastModified": "2023-09-13T14:56:12.353",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -85,9 +85,9 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.9.0",
"versionStartIncluding": "2.0.0",
"versionEndExcluding": "2.9.10.6",
"matchCriteriaId": "747D68D5-2461-47E6-9619-DAC903E7AAD0"
"matchCriteriaId": "8395437B-348F-4291-B79B-2794C1A0B560"
}
]
}

13
CVE-2020/CVE-2020-247xx/CVE-2020-24750.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2020-24750",
"sourceIdentifier": "cve@mitre.org",
"published": "2020-09-17T19:15:13.580",
"lastModified": "2022-05-12T14:42:58.570",
"lastModified": "2023-09-13T14:56:17.593",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -85,9 +85,16 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.9.0",
"versionStartIncluding": "2.0.0",
"versionEndExcluding": "2.6.7.5",
"matchCriteriaId": "4892ABAA-57A0-43D3-965C-2D7F4A8A6024"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.7.0",
"versionEndExcluding": "2.9.10.6",
"matchCriteriaId": "747D68D5-2461-47E6-9619-DAC903E7AAD0"
"matchCriteriaId": "96DBACC5-AC30-4F2A-9615-DDC912A188B0"
}
]
}

43
CVE-2020/CVE-2020-361xx/CVE-2020-36179.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2020-36179",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-01-07T00:15:14.850",
"lastModified": "2022-09-02T15:35:43.507",
"lastModified": "2023-09-13T14:56:25.017",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -76,23 +76,6 @@
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.9.0",
"versionEndExcluding": "2.9.10.8",
"matchCriteriaId": "DB440540-715A-4764-9F9B-6181D32CE07C"
}
]
}
]
},
{
"nodes": [
{
@ -479,6 +462,30 @@
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.0.0",
"versionEndExcluding": "2.6.7.5",
"matchCriteriaId": "4892ABAA-57A0-43D3-965C-2D7F4A8A6024"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.7.0",
"versionEndExcluding": "2.9.10.8",
"matchCriteriaId": "EC9CC9C2-396F-408E-B0C4-D02D6D5BBEB8"
}
]
}
]
}
],
"references": [

43
CVE-2020/CVE-2020-361xx/CVE-2020-36180.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2020-36180",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-01-07T00:15:14.913",
"lastModified": "2022-09-02T15:35:49.757",
"lastModified": "2023-09-13T14:56:32.590",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -76,23 +76,6 @@
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.9.0",
"versionEndExcluding": "2.9.10.8",
"matchCriteriaId": "DB440540-715A-4764-9F9B-6181D32CE07C"
}
]
}
]
},
{
"nodes": [
{
@ -514,6 +497,30 @@
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.0.0",
"versionEndExcluding": "2.6.7.5",
"matchCriteriaId": "4892ABAA-57A0-43D3-965C-2D7F4A8A6024"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.7.0",
"versionEndExcluding": "2.9.10.8",
"matchCriteriaId": "EC9CC9C2-396F-408E-B0C4-D02D6D5BBEB8"
}
]
}
]
}
],
"references": [

45
CVE-2020/CVE-2020-361xx/CVE-2020-36181.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2020-36181",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-01-06T23:15:12.957",
"lastModified": "2022-09-02T14:51:30.710",
"lastModified": "2023-09-13T14:56:39.930",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -76,23 +76,6 @@
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.9.0",
"versionEndExcluding": "2.9.10.8",
"matchCriteriaId": "DB440540-715A-4764-9F9B-6181D32CE07C"
}
]
}
]
},
{
"nodes": [
{
@ -509,6 +492,30 @@
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.0.0",
"versionEndExcluding": "2.6.7.5",
"matchCriteriaId": "4892ABAA-57A0-43D3-965C-2D7F4A8A6024"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.7.0",
"versionEndExcluding": "2.9.10.8",
"matchCriteriaId": "EC9CC9C2-396F-408E-B0C4-D02D6D5BBEB8"
}
]
}
]
}
],
"references": [
@ -525,6 +532,8 @@
"url": "https://github.com/FasterXML/jackson-databind/issues/3004",
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
]
},

13
CVE-2020/CVE-2020-361xx/CVE-2020-36182.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2020-36182",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-01-07T00:15:14.960",
"lastModified": "2022-09-02T15:25:31.143",
"lastModified": "2023-09-13T14:56:46.657",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -85,9 +85,16 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.9.0",
"versionStartIncluding": "2.0.0",
"versionEndExcluding": "2.6.7.5",
"matchCriteriaId": "4892ABAA-57A0-43D3-965C-2D7F4A8A6024"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.7.0",
"versionEndExcluding": "2.9.10.8",
"matchCriteriaId": "DB440540-715A-4764-9F9B-6181D32CE07C"
"matchCriteriaId": "EC9CC9C2-396F-408E-B0C4-D02D6D5BBEB8"
}
]
}

13
CVE-2020/CVE-2020-361xx/CVE-2020-36183.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2020-36183",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-01-07T00:15:15.023",
"lastModified": "2022-09-02T15:25:48.817",
"lastModified": "2023-09-13T14:56:58.000",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -85,9 +85,16 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.9.0",
"versionStartIncluding": "2.0.0.",
"versionEndExcluding": "2.6.7.5",
"matchCriteriaId": "959574F9-E7A4-4738-A609-031488012274"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.7.0",
"versionEndExcluding": "2.9.10.8",
"matchCriteriaId": "DB440540-715A-4764-9F9B-6181D32CE07C"
"matchCriteriaId": "EC9CC9C2-396F-408E-B0C4-D02D6D5BBEB8"
}
]
}

43
CVE-2020/CVE-2020-361xx/CVE-2020-36184.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2020-36184",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-01-06T23:15:13.017",
"lastModified": "2022-09-02T15:26:34.827",
"lastModified": "2023-09-13T14:57:10.147",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -76,23 +76,6 @@
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.9.0",
"versionEndExcluding": "2.9.10.8",
"matchCriteriaId": "DB440540-715A-4764-9F9B-6181D32CE07C"
}
]
}
]
},
{
"nodes": [
{
@ -514,6 +497,30 @@
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.0.0",
"versionEndExcluding": "2.6.7.5",
"matchCriteriaId": "4892ABAA-57A0-43D3-965C-2D7F4A8A6024"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.7.0",
"versionEndExcluding": "2.9.10.8",
"matchCriteriaId": "EC9CC9C2-396F-408E-B0C4-D02D6D5BBEB8"
}
]
}
]
}
],
"references": [

13
CVE-2020/CVE-2020-361xx/CVE-2020-36185.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2020-36185",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-01-06T23:15:13.077",
"lastModified": "2022-09-02T15:26:54.933",
"lastModified": "2023-09-13T14:57:03.383",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -85,9 +85,16 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.9.0",
"versionStartIncluding": "2.0.0",
"versionEndExcluding": "2.6.7.5",
"matchCriteriaId": "4892ABAA-57A0-43D3-965C-2D7F4A8A6024"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.7.0",
"versionEndExcluding": "2.9.10.8",
"matchCriteriaId": "DB440540-715A-4764-9F9B-6181D32CE07C"
"matchCriteriaId": "EC9CC9C2-396F-408E-B0C4-D02D6D5BBEB8"
}
]
}

13
CVE-2020/CVE-2020-361xx/CVE-2020-36186.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2020-36186",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-01-06T23:15:13.123",
"lastModified": "2022-09-02T15:27:17.623",
"lastModified": "2023-09-13T14:57:19.297",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -85,9 +85,16 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.9.0",
"versionStartIncluding": "2.0.0",
"versionEndExcluding": "2.6.7.5",
"matchCriteriaId": "4892ABAA-57A0-43D3-965C-2D7F4A8A6024"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.7.0",
"versionEndExcluding": "2.9.10.8",
"matchCriteriaId": "DB440540-715A-4764-9F9B-6181D32CE07C"
"matchCriteriaId": "EC9CC9C2-396F-408E-B0C4-D02D6D5BBEB8"
}
]
}

13
CVE-2020/CVE-2020-361xx/CVE-2020-36187.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2020-36187",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-01-06T23:15:13.170",
"lastModified": "2022-09-02T15:27:38.090",
"lastModified": "2023-09-13T14:57:25.667",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -85,9 +85,16 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.9.0",
"versionStartIncluding": "2.0.0",
"versionEndExcluding": "2.6.7.5",
"matchCriteriaId": "4892ABAA-57A0-43D3-965C-2D7F4A8A6024"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.7.0",
"versionEndExcluding": "2.9.10.8",
"matchCriteriaId": "DB440540-715A-4764-9F9B-6181D32CE07C"
"matchCriteriaId": "EC9CC9C2-396F-408E-B0C4-D02D6D5BBEB8"
}
]
}

13
CVE-2020/CVE-2020-361xx/CVE-2020-36188.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2020-36188",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-01-06T23:15:13.233",
"lastModified": "2022-09-02T15:35:46.713",
"lastModified": "2023-09-13T14:57:31.733",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -85,9 +85,16 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.9.0",
"versionStartIncluding": "2.0.0",
"versionEndExcluding": "2.6.7.5",
"matchCriteriaId": "4892ABAA-57A0-43D3-965C-2D7F4A8A6024"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.7.0",
"versionEndExcluding": "2.9.10.8",
"matchCriteriaId": "DB440540-715A-4764-9F9B-6181D32CE07C"
"matchCriteriaId": "EC9CC9C2-396F-408E-B0C4-D02D6D5BBEB8"
}
]
}

13
CVE-2020/CVE-2020-361xx/CVE-2020-36189.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2020-36189",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-01-06T23:15:13.280",
"lastModified": "2022-09-08T21:31:34.477",
"lastModified": "2023-09-13T14:57:37.650",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -85,9 +85,16 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.9.0",
"versionStartIncluding": "2.0.0",
"versionEndExcluding": "2.6.7.5",
"matchCriteriaId": "4892ABAA-57A0-43D3-965C-2D7F4A8A6024"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.7.0",
"versionEndExcluding": "2.9.10.8",
"matchCriteriaId": "DB440540-715A-4764-9F9B-6181D32CE07C"
"matchCriteriaId": "EC9CC9C2-396F-408E-B0C4-D02D6D5BBEB8"
}
]
}

6
CVE-2020/CVE-2020-95xx/CVE-2020-9547.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2020-9547",
"sourceIdentifier": "cve@mitre.org",
"published": "2020-03-02T04:15:11.017",
"lastModified": "2021-12-02T21:22:43.787",
"lastModified": "2023-09-13T14:57:41.867",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -85,9 +85,9 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.7.0",
"versionStartIncluding": "2.0.0",
"versionEndExcluding": "2.7.9.7",
"matchCriteriaId": "29BC94E0-FEBC-4E86-825C-0101DC339852"
"matchCriteriaId": "2F87CF67-6994-43F1-BEC3-DD7D122D0146"
},
{
"vulnerable": true,

6
CVE-2020/CVE-2020-95xx/CVE-2020-9548.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2020-9548",
"sourceIdentifier": "cve@mitre.org",
"published": "2020-03-02T04:15:11.077",
"lastModified": "2021-12-02T21:23:14.333",
"lastModified": "2023-09-13T14:57:46.770",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -85,9 +85,9 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.7.0",
"versionStartIncluding": "2.0.0",
"versionEndExcluding": "2.7.9.7",
"matchCriteriaId": "29BC94E0-FEBC-4E86-825C-0101DC339852"
"matchCriteriaId": "2F87CF67-6994-43F1-BEC3-DD7D122D0146"
},
{
"vulnerable": true,

12
CVE-2021/CVE-2021-201xx/CVE-2021-20190.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-20190",
"sourceIdentifier": "secalert@redhat.com",
"published": "2021-01-19T17:15:13.427",
"lastModified": "2022-06-03T13:07:55.373",
"lastModified": "2023-09-13T14:58:09.567",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -85,9 +85,15 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.9.0",
"versionEndExcluding": "2.6.7.5",
"matchCriteriaId": "92CF0272-B961-44D2-95F6-162A23169E1D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.7.0",
"versionEndExcluding": "2.9.10.7",
"matchCriteriaId": "7703D07D-5784-47D1-9391-D376A24D7C5A"
"matchCriteriaId": "8D404972-B307-4BF1-A261-8E8E317301ED"
}
]
}

59
CVE-2022/CVE-2022-233xx/CVE-2022-23382.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-23382",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-11T15:15:52.553",
"lastModified": "2023-09-11T18:02:20.103",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-13T15:03:13.777",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2
},
{
"source": "cve@mitre.org",
"type": "Secondary",
@ -34,10 +54,43 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:hichip:shenzhen_hichip_vision_technology_firmware:11.4.8.1.1-20170926:*:*:*:*:*:*:*",
"matchCriteriaId": "AA45D72A-15C1-4A31-92CE-ED2E426ED42E"
}
]
}
]
}
],
"references": [
{
"url": "http://lackylab.pl/articles/CVE-2022-23382.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

6
CVE-2023/CVE-2023-309xx/CVE-2023-30908.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-30908",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2023-09-07T22:15:07.500",
"lastModified": "2023-09-12T00:09:54.460",
"vulnStatus": "Analyzed",
"lastModified": "2023-09-13T15:15:07.517",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Potential security vulnerability have been identified in Hewlett Packard Enterprise OneView Software. This vulnerability could be remotely exploited to allow authentication bypass, disclosure of sensitive information, and denial of service.\n\n"
"value": "A remote authentication bypass issue exists in a OneView API.\n\n"
}
],
"metrics": {

48
CVE-2023/CVE-2023-324xx/CVE-2023-32470.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32470",
"sourceIdentifier": "security_alert@emc.com",
"published": "2023-09-08T06:15:07.437",
"lastModified": "2023-09-08T12:58:39.247",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-13T14:37:24.530",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "security_alert@emc.com",
"type": "Secondary",
@ -46,10 +66,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dell:digital_delivery:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.0.82.0",
"matchCriteriaId": "EB547A1A-15EB-41DE-8E6E-786FD66DFEFA"
}
]
}
]
}
],
"references": [
{
"url": "https://www.dell.com/support/kbdoc/en-us/000216243/dsa-2023-224",
"source": "security_alert@emc.com"
"source": "security_alert@emc.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

72
CVE-2023/CVE-2023-356xx/CVE-2023-35681.json
View File

@ -2,23 +2,85 @@
"id": "CVE-2023-35681",
"sourceIdentifier": "security@android.com",
"published": "2023-09-11T21:15:42.543",
"lastModified": "2023-09-12T11:52:10.097",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-13T14:39:48.377",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In eatt_l2cap_reconfig_completed of eatt_impl.h, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-190"
},
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469"
}
]
}
]
}
],
"references": [
{
"url": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/d8d95291f16a8f18f8ffbd6322c14686897c5730",
"source": "security@android.com"
"source": "security@android.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://source.android.com/security/bulletin/2023-09-01",
"source": "security@android.com"
"source": "security@android.com",
"tags": [
"Vendor Advisory"
]
}
]
}

83
CVE-2023/CVE-2023-356xx/CVE-2023-35682.json
View File

@ -2,23 +2,96 @@
"id": "CVE-2023-35682",
"sourceIdentifier": "security@android.com",
"published": "2023-09-11T21:15:42.597",
"lastModified": "2023-09-12T11:52:10.097",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-13T14:39:22.120",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In hasPermissionForActivity of PackageManagerHelper.java, there is a possible way to start arbitrary components due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C64C1583-CDE0-4C1F-BDE6-05643C1BDD72"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469"
}
]
}
]
}
],
"references": [
{
"url": "https://android.googlesource.com/platform/packages/apps/Launcher3/+/09f8b0e52e45a0b39bab457534ba2e5ae91ffad0",
"source": "security@android.com"
"source": "security@android.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://source.android.com/security/bulletin/2023-09-01",
"source": "security@android.com"
"source": "security@android.com",
"tags": [
"Vendor Advisory"
]
}
]
}

75
CVE-2023/CVE-2023-358xx/CVE-2023-35845.json
View File

@ -2,19 +2,86 @@
"id": "CVE-2023-35845",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-11T08:15:07.493",
"lastModified": "2023-09-11T12:41:46.007",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-13T14:29:33.450",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Anaconda 3 2023.03-1-Linux allows local users to disrupt TLS certificate validation by modifying the cacert.pem file used by the installed pip program. This occurs because many files are installed as world-writable on Linux, ignoring umask, even when these files are installed as root. Miniconda is also affected."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 4.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.0,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-295"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:anaconda:anaconda3:2023.03-1:*:*:*:*:*:*:*",
"matchCriteriaId": "B52D6696-E01B-4ED4-A488-ED4136B7F785"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
}
]
}
]
}
],
"references": [
{
"url": "https://uponfurtherinvestigation.blogspot.com/2023/06/cve-2023-35845-anaconda3-creates.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
}
]
}

55
CVE-2023/CVE-2023-382xx/CVE-2023-38214.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-38214",
"sourceIdentifier": "psirt@adobe.com",
"published": "2023-09-13T14:15:08.127",
"lastModified": "2023-09-13T14:15:08.127",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Adobe Experience Manager versions 6.5.17 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-43.html",
"source": "psirt@adobe.com"
}
]
}

55
CVE-2023/CVE-2023-382xx/CVE-2023-38215.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-38215",
"sourceIdentifier": "psirt@adobe.com",
"published": "2023-09-13T14:15:09.027",
"lastModified": "2023-09-13T14:15:09.027",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Adobe Experience Manager versions 6.5.17 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "psirt@adobe.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/experience-manager/apsb23-43.html",
"source": "psirt@adobe.com"
}
]
}

76
CVE-2023/CVE-2023-388xx/CVE-2023-38829.json
View File

@ -2,19 +2,87 @@
"id": "CVE-2023-38829",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-11T19:15:42.957",
"lastModified": "2023-09-12T11:52:22.703",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-13T14:40:32.463",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue in NETIS SYSTEMS WF2409E v.3.6.42541 allows a remote attacker to execute arbitrary code via the ping and traceroute functions of the diagnostic tools component in the admin management interface."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:netis-systems:wf2409e_firmware:3.6.42541:*:*:*:*:*:*:*",
"matchCriteriaId": "928BAC1D-16AD-4531-B532-00F41A022262"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:netis-systems:wf2409e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0A69F659-8AA9-4E72-AA08-B18F9F8F42D4"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/adhikara13/CVE-2023-38829-NETIS-WF2409E",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

75
CVE-2023/CVE-2023-390xx/CVE-2023-39076.json
View File

@ -2,19 +2,86 @@
"id": "CVE-2023-39076",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-08T13:15:07.827",
"lastModified": "2023-09-08T17:36:26.487",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-13T14:33:30.147",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Injecting random data into the USB memory area on a General Motors (GM) Chevrolet Equinox 2021 Software. 2021.03.26 (build version) vehicle causes a Denial of Service (DoS) in the in-car infotainment system."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 4.6,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gm:mylink_infotainment_system:2021.3.26:*:*:*:*:*:*:*",
"matchCriteriaId": "5D92838E-E17F-429C-8E61-2D5EC8ACBACB"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:gm:chevrolet_equinox:2021:*:*:*:*:*:*:*",
"matchCriteriaId": "D14DEB54-FA5B-4DF0-BB34-35EC6CE2CB56"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.jhyeon.dev/posts/vuln/202307/gm-chevrolet/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
}
]
}

55
CVE-2023/CVE-2023-399xx/CVE-2023-39914.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-39914",
"sourceIdentifier": "sep@nlnetlabs.nl",
"published": "2023-09-13T15:15:07.657",
"lastModified": "2023-09-13T15:15:07.657",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "NLnet Labs\u2019 bcder library up to and including version 0.7.2 panics while decoding certain invalid input data rather than rejecting the data with an error. This can affect both the actual decoding stage as well as accessing content of types that utilized delayed decoding."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "sep@nlnetlabs.nl",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "sep@nlnetlabs.nl",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-228"
}
]
}
],
"references": [
{
"url": "https://nlnetlabs.nl/downloads/bcder/CVE-2023-39914.txt",
"source": "sep@nlnetlabs.nl"
}
]
}

55
CVE-2023/CVE-2023-399xx/CVE-2023-39915.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-39915",
"sourceIdentifier": "sep@nlnetlabs.nl",
"published": "2023-09-13T15:15:07.763",
"lastModified": "2023-09-13T15:15:07.763",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "NLnet Labs\u2019 Routinator up to and including version 0.12.1 may crash when trying to parse certain malformed RPKI objects. This is due to insufficient input checking in the bcder library covered by CVE-2023-39914."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "sep@nlnetlabs.nl",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "sep@nlnetlabs.nl",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-228"
}
]
}
],
"references": [
{
"url": "https://nlnetlabs.nl/downloads/routinator/CVE-2023-39915.txt",
"source": "sep@nlnetlabs.nl"
}
]
}

55
CVE-2023/CVE-2023-399xx/CVE-2023-39916.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-39916",
"sourceIdentifier": "sep@nlnetlabs.nl",
"published": "2023-09-13T15:15:07.837",
"lastModified": "2023-09-13T15:15:07.837",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "NLnet Labs\u2019 Routinator 0.9.0 up to and including 0.12.1 contains a possible path traversal vulnerability in the optional, off-by-default keep-rrdp-responses feature that allows users to store the content of responses received for RRDP requests. The location of these stored responses is constructed from the URL of the request. Due to insufficient sanitation of the URL, it is possible for an attacker to craft a URL that results in the response being stored outside of the directory specified for it."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "sep@nlnetlabs.nl",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.3,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 2.8,
"impactScore": 5.8
}
]
},
"weaknesses": [
{
"source": "sep@nlnetlabs.nl",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-35"
}
]
}
],
"references": [
{
"url": "https://nlnetlabs.nl/downloads/routinator/CVE-2023-39916.txt",
"source": "sep@nlnetlabs.nl"
}
]
}

59
CVE-2023/CVE-2023-39xx/CVE-2023-3935.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-3935",
"sourceIdentifier": "info@cert.vde.com",
"published": "2023-09-13T14:15:09.147",
"lastModified": "2023-09-13T14:15:09.147",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A heap buffer overflow vulnerability in Wibu CodeMeter Runtime network service up to version 7.60b allows an unauthenticated, remote attacker to achieve RCE and gain full access of the host system."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "info@cert.vde.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 10.0,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "info@cert.vde.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"references": [
{
"url": "https://cdn.wibu.com/fileadmin/wibu_downloads/security_advisories/AdvisoryWIBU-230704-01-v3.0.pdf",
"source": "info@cert.vde.com"
},
{
"url": "https://cert.vde.com/en/advisories/VDE-2023-031/",
"source": "info@cert.vde.com"
}
]
}

86
CVE-2023/CVE-2023-400xx/CVE-2023-40029.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-40029",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-09-07T23:15:09.763",
"lastModified": "2023-09-08T12:58:44.673",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-13T14:49:32.197",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -36,8 +56,18 @@
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-532"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -46,18 +76,62 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:linuxfoundation:argo_continuous_delivery:*:*:*:*:*:kubernetes:*:*",
"versionStartIncluding": "2.2.0",
"versionEndExcluding": "2.6.15",
"matchCriteriaId": "58CD5BCA-BEB8-4FD1-A0A7-79C77BB9D3FB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:linuxfoundation:argo_continuous_delivery:*:*:*:*:*:kubernetes:*:*",
"versionStartIncluding": "2.7.0",
"versionEndExcluding": "2.7.14",
"matchCriteriaId": "C6C6D955-4989-4E0A-A8FF-96B580EB0328"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:linuxfoundation:argo_continuous_delivery:*:*:*:*:*:kubernetes:*:*",
"versionStartIncluding": "2.8.0",
"versionEndExcluding": "2.8.3",
"matchCriteriaId": "DDAB88E7-A10B-4437-9FAE-8BBA6AB1689C"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/argoproj/argo-cd/commit/4b2e5b06bff2ffd8ed1970654ddd8e55fc4a41c4",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/argoproj/argo-cd/pull/7139",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-fwr2-64vr-xv9m",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
]
}
]
}

139
CVE-2023/CVE-2023-400xx/CVE-2023-40039.json
View File

@ -2,27 +2,154 @@
"id": "CVE-2023-40039",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-11T07:15:08.123",
"lastModified": "2023-09-11T12:41:46.007",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-13T14:30:58.217",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered on ARRIS TG852G, TG862G, and TG1672G devices. A remote attacker (in proximity to a Wi-Fi network) can derive the default WPA2-PSK value by observing a beacon frame."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:arris:tg852g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8EABAC0-71D7-46FE-AB5F-10BBD5B3FC76"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arris:tg852g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "584B9F3B-7F6E-456D-B565-26CC69807A66"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:arris:tg862g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0965F2C-824E-403E-8A0D-87AA74B50723"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arris:tg862g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "446FE1F0-CA71-487F-9027-6EFC1A6F6AA3"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:arris:tg1672g_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DFA1BE57-DD35-4EDE-A4E5-BB775159275D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arris:tg1672g:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26765359-B66A-48F5-B670-83AB46FF3BDD"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/actuator/cve/blob/main/Arris/CVE-2023-40039",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://i.ebayimg.com/images/g/-UcAAOSwDe1kyD-Z/s-l1600.png",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://i.ebayimg.com/images/g/4P0AAOSwdhxkrZtt/s-l1600.jpg",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
}
]
}

77
CVE-2023/CVE-2023-400xx/CVE-2023-40040.json
View File

@ -2,19 +2,88 @@
"id": "CVE-2023-40040",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-11T06:15:43.830",
"lastModified": "2023-09-11T12:41:46.007",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-13T14:31:47.480",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in the MyCrops HiGrade \"THC Testing & Cannabi\" application 1.0.337 for Android. A remote attacker can start the camera feed via the com.cordovaplugincamerapreview.CameraActivity component in some situations. NOTE: this is only exploitable on Android versions that lack runtime permission checks, and of those only Android SDK 5.1.1 API 22 is consistent with the manifest. Thus, this applies only to Android Lollipop, affecting less than five percent of Android devices as of 2023."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mycrops:higrade:1.0.337:*:*:*:*:*:*:*",
"matchCriteriaId": "80F3D3AB-302E-468B-A629-7D1FEC180109"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.0",
"versionEndIncluding": "5.1.1",
"matchCriteriaId": "FC72A6B1-2BD5-4548-B495-3890C6197500"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/actuator/cve/blob/main/CVE-2023-40040",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

67
CVE-2023/CVE-2023-405xx/CVE-2023-40584.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-40584",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-09-07T23:15:10.240",
"lastModified": "2023-09-08T12:58:44.673",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-13T14:47:24.317",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,14 +66,53 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:linuxfoundation:argo_continuous_delivery:*:*:*:*:*:kubernetes:*:*",
"versionStartIncluding": "2.4.0",
"versionEndExcluding": "2.6.15",
"matchCriteriaId": "E532345C-5361-4BCE-8821-D9A8FC144D17"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:linuxfoundation:argo_continuous_delivery:*:*:*:*:*:kubernetes:*:*",
"versionStartIncluding": "2.7.0",
"versionEndExcluding": "2.7.14",
"matchCriteriaId": "C6C6D955-4989-4E0A-A8FF-96B580EB0328"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:linuxfoundation:argo_continuous_delivery:*:*:*:*:*:kubernetes:*:*",
"versionStartIncluding": "2.8.0",
"versionEndExcluding": "2.8.3",
"matchCriteriaId": "DDAB88E7-A10B-4437-9FAE-8BBA6AB1689C"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/argoproj/argo-cd/commit/b8f92c4ff226346624f43de3f25d81dac6386674",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-g687-f2gx-6wm8",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
}
]
}

57
CVE-2023/CVE-2023-406xx/CVE-2023-40621.json
View File

@ -1,9 +1,9 @@
{
"id": "CVE-2023-40621",
"sourceIdentifier": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"sourceIdentifier": "cna@sap.com",
"published": "2023-09-12T03:15:12.627",
"lastModified": "2023-09-12T11:52:00.047",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-13T14:46:22.113",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -13,7 +13,27 @@
"metrics": {
"cvssMetricV31": [
{
"source": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
},
{
"source": "cna@sap.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -36,7 +56,7 @@
},
"weaknesses": [
{
"source": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"source": "cna@sap.com",
"type": "Primary",
"description": [
{
@ -46,14 +66,37 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:powerdesigner:16.7:*:*:*:*:*:*:*",
"matchCriteriaId": "E17F2B57-5B4A-4718-8123-CBF87F1CCFE0"
}
]
}
]
}
],
"references": [
{
"url": "https://me.sap.com/notes/3357163",
"source": "e4686d1a-f260-4930-ac4c-2f5c992778dd"
"source": "cna@sap.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html",
"source": "e4686d1a-f260-4930-ac4c-2f5c992778dd"
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
]
}
]
}

62
CVE-2023/CVE-2023-406xx/CVE-2023-40622.json
View File

@ -1,9 +1,9 @@
{
"id": "CVE-2023-40622",
"sourceIdentifier": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"sourceIdentifier": "cna@sap.com",
"published": "2023-09-12T03:15:12.813",
"lastModified": "2023-09-12T11:52:00.047",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-13T14:45:47.617",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -13,7 +13,27 @@
"metrics": {
"cvssMetricV31": [
{
"source": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.1,
"impactScore": 6.0
},
{
"source": "cna@sap.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -36,7 +56,7 @@
},
"weaknesses": [
{
"source": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"source": "cna@sap.com",
"type": "Primary",
"description": [
{
@ -46,14 +66,42 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:businessobjects_business_intelligence:420:*:*:*:*:*:*:*",
"matchCriteriaId": "38BA0DF9-D893-4AF9-923E-E47EA5C02C52"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:businessobjects_business_intelligence:430:*:*:*:*:*:*:*",
"matchCriteriaId": "85CBCF48-5478-4EE5-8F69-6E59EFDB707D"
}
]
}
]
}
],
"references": [
{
"url": "https://me.sap.com/notes/3320355",
"source": "e4686d1a-f260-4930-ac4c-2f5c992778dd"
"source": "cna@sap.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html",
"source": "e4686d1a-f260-4930-ac4c-2f5c992778dd"
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
]
}
]
}

62
CVE-2023/CVE-2023-406xx/CVE-2023-40623.json
View File

@ -1,9 +1,9 @@
{
"id": "CVE-2023-40623",
"sourceIdentifier": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"sourceIdentifier": "cna@sap.com",
"published": "2023-09-12T03:15:13.003",
"lastModified": "2023-09-12T11:52:00.047",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-13T14:45:19.633",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -13,7 +13,27 @@
"metrics": {
"cvssMetricV31": [
{
"source": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 4.2
},
{
"source": "cna@sap.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -36,7 +56,7 @@
},
"weaknesses": [
{
"source": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"source": "cna@sap.com",
"type": "Primary",
"description": [
{
@ -46,14 +66,42 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:businessobjects:420:*:*:*:-:*:*:*",
"matchCriteriaId": "1937280E-4E75-4D85-A0B6-7AF4A5BEB8D3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:businessobjects:430:*:*:*:-:*:*:*",
"matchCriteriaId": "1DFDC013-B6C9-4F90-B5DA-8CEB9972759D"
}
]
}
]
}
],
"references": [
{
"url": "https://me.sap.com/notes/3317702",
"source": "e4686d1a-f260-4930-ac4c-2f5c992778dd"
"source": "cna@sap.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html",
"source": "e4686d1a-f260-4930-ac4c-2f5c992778dd"
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
]
}
]
}

82
CVE-2023/CVE-2023-406xx/CVE-2023-40625.json
View File

@ -1,9 +1,9 @@
{
"id": "CVE-2023-40625",
"sourceIdentifier": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"sourceIdentifier": "cna@sap.com",
"published": "2023-09-12T03:15:14.147",
"lastModified": "2023-09-12T11:52:00.047",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-13T14:59:43.357",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -13,7 +13,27 @@
"metrics": {
"cvssMetricV31": [
{
"source": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
},
{
"source": "cna@sap.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -36,7 +56,7 @@
},
"weaknesses": [
{
"source": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"source": "cna@sap.com",
"type": "Primary",
"description": [
{
@ -46,14 +66,62 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:s4core:102:*:*:*:*:*:*:*",
"matchCriteriaId": "04C95A73-48EB-446C-A5F0-20E1D6BC1779"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:s4core:103:*:*:*:*:*:*:*",
"matchCriteriaId": "1C3C9003-68A6-4886-8979-9B7D01A35E40"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:s4core:104:*:*:*:*:*:*:*",
"matchCriteriaId": "964023CE-6EA4-42BB-93B2-DCE6B36D3F89"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:s4core:105:*:*:*:*:*:*:*",
"matchCriteriaId": "84B775EF-6C11-4FAB-B5E7-8F6C4C5674BE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:s4core:106:*:*:*:*:*:*:*",
"matchCriteriaId": "14D17245-5B6D-4024-AFA6-8E0A70B294BF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:s4core:107:*:*:*:*:*:*:*",
"matchCriteriaId": "5DEFABE8-1797-4C7B-941C-3205AE90914B"
}
]
}
]
}
],
"references": [
{
"url": "https://me.sap.com/notes/3326361",
"source": "e4686d1a-f260-4930-ac4c-2f5c992778dd"
"source": "cna@sap.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html",
"source": "e4686d1a-f260-4930-ac4c-2f5c992778dd"
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
]
}
]
}

53
CVE-2023/CVE-2023-413xx/CVE-2023-41316.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-41316",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-09-07T20:15:07.677",
"lastModified": "2023-09-07T20:17:06.860",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-13T14:36:54.837",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -50,14 +70,39 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tolgee:tolgee:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.29.2",
"matchCriteriaId": "BCE2D82E-9E18-41BE-B995-A87D5BCF9356"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/tolgee/tolgee-platform/commit/bab718b1c9b3e90327bfb10d27b9799996e5c35b",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/tolgee/tolgee-platform/security/advisories/GHSA-gx3w-rwh5-w5cg",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
]
}
]
}

54
CVE-2023/CVE-2023-413xx/CVE-2023-41319.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-41319",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-09-06T18:15:08.937",
"lastModified": "2023-09-07T01:10:21.083",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-13T14:25:28.587",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -50,14 +70,40 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ethyca:fides:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.11.0",
"versionEndExcluding": "2.19.0",
"matchCriteriaId": "7987098A-C17F-4C91-9406-7B5BAD1786DD"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/ethyca/fides/commit/5989b5fa744c8d8c340963b895a054883549358a",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/ethyca/fides/security/advisories/GHSA-p6p2-qq95-vq5h",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Mitigation",
"Third Party Advisory"
]
}
]
}

57
CVE-2023/CVE-2023-413xx/CVE-2023-41367.json
View File

@ -1,9 +1,9 @@
{
"id": "CVE-2023-41367",
"sourceIdentifier": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"sourceIdentifier": "cna@sap.com",
"published": "2023-09-12T02:15:12.733",
"lastModified": "2023-09-12T11:52:05.517",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-13T15:02:11.297",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -13,7 +13,27 @@
"metrics": {
"cvssMetricV31": [
{
"source": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "cna@sap.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -36,7 +56,7 @@
},
"weaknesses": [
{
"source": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"source": "cna@sap.com",
"type": "Primary",
"description": [
{
@ -46,14 +66,37 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver:7.50:*:*:*:*:*:*:*",
"matchCriteriaId": "F2B37045-2FB7-49BB-AE38-B84FAA6ADFB0"
}
]
}
]
}
],
"references": [
{
"url": "https://me.sap.com/notes/3348142",
"source": "e4686d1a-f260-4930-ac4c-2f5c992778dd"
"source": "cna@sap.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html",
"source": "e4686d1a-f260-4930-ac4c-2f5c992778dd"
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
]
}
]
}

79
CVE-2023/CVE-2023-419xx/CVE-2023-41915.json
View File

@ -2,27 +2,94 @@
"id": "CVE-2023-41915",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-09T22:15:09.530",
"lastModified": "2023-09-10T19:45:57.130",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-13T14:32:53.017",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "OpenPMIx PMIx before 4.2.6 and 5.0.x before 5.0.1 allows attackers to obtain ownership of arbitrary files via a race condition during execution of library code with UID 0."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-362"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openpmix:openpmix:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2.6",
"matchCriteriaId": "51DFCE2C-36A6-49EA-87C2-3B7E4033DA13"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openpmix:openpmix:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "69D73F5F-2B17-4185-AA62-5056C88D15CE"
}
]
}
]
}
],
"references": [
{
"url": "https://docs.openpmix.org/en/latest/security.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Not Applicable"
]
},
{
"url": "https://github.com/openpmix/openpmix/releases/tag/v4.2.6",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/openpmix/openpmix/releases/tag/v5.0.1",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Release Notes"
]
}
]
}

71
CVE-2023/CVE-2023-424xx/CVE-2023-42467.json
View File

@ -2,23 +2,84 @@
"id": "CVE-2023-42467",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-11T04:15:10.720",
"lastModified": "2023-09-11T12:41:46.007",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-13T14:32:20.067",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "QEMU through 8.0.0 could trigger a division by zero in scsi_disk_reset in hw/scsi/scsi-disk.c because scsi_disk_emulate_mode_select does not prevent s->qdev.blocksize from being 256. This stops QEMU and the guest immediately."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-369"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*",
"versionEndIncluding": "8.0.0",
"matchCriteriaId": "5172ED53-5D28-4A36-8A5E-61EF17F0ED53"
}
]
}
]
}
],
"references": [
{
"url": "https://gitlab.com/qemu-project/qemu/-/issues/1813",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
]
},
{
"url": "https://gitlab.com/thuth/qemu/-/commit/3f91104484e5bf55b56d7e1b039a4a5a17d0c1a7",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Patch"
]
}
]
}

74
CVE-2023/CVE-2023-424xx/CVE-2023-42470.json
View File

@ -2,27 +2,89 @@
"id": "CVE-2023-42470",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-11T08:15:07.647",
"lastModified": "2023-09-12T20:15:10.200",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-13T14:36:22.290",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The Imou Life com.mm.android.smartlifeiot application through 6.8.0 for Android allows Remote Code Execution via a crafted intent to an exported component. This relates to the com.mm.android.easy4ip.MainActivity activity. JavaScript execution is enabled in the WebView, and direct web content loading occurs."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:imoulife:life:*:*:*:*:*:android:*:*",
"versionEndIncluding": "6.8.0",
"matchCriteriaId": "0D5254BE-6E8D-44F0-A5D1-198B7439AA19"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/actuator/cve/blob/main/CVE-2023-42470",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://github.com/actuator/imou/blob/main/imou-life-6.8.0.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
},
{
"url": "https://github.com/actuator/imou/blob/main/poc.apk",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
}
]
}

74
CVE-2023/CVE-2023-424xx/CVE-2023-42471.json
View File

@ -2,27 +2,89 @@
"id": "CVE-2023-42471",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-11T08:15:07.703",
"lastModified": "2023-09-12T22:15:08.183",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-13T14:36:04.363",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The wave.ai.browser application through 1.0.35 for Android allows a remote attacker to execute arbitrary JavaScript code via a crafted intent. It contains a manifest entry that exports the wave.ai.browser.ui.splash.SplashScreen activity. This activity uses a WebView component to display web content and doesn't adequately validate or sanitize the URI or any extra data passed in the intent by a third party application (with no permissions)."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wave-ai:wave:*:*:*:*:*:android:*:*",
"versionEndIncluding": "1.0.35",
"matchCriteriaId": "A713BC34-4A7C-4404-930F-BDA0B899AB31"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/actuator/cve/blob/main/CVE-2023-42471",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://github.com/actuator/wave.ai.browser/blob/main/CWE-94.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
},
{
"url": "https://github.com/actuator/wave.ai.browser/blob/main/poc.apk",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
}
]
}

57
CVE-2023/CVE-2023-424xx/CVE-2023-42472.json
View File

@ -1,9 +1,9 @@
{
"id": "CVE-2023-42472",
"sourceIdentifier": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"sourceIdentifier": "cna@sap.com",
"published": "2023-09-12T02:15:13.160",
"lastModified": "2023-09-12T11:52:05.517",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-13T15:01:22.793",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -13,7 +13,27 @@
"metrics": {
"cvssMetricV31": [
{
"source": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.1,
"impactScore": 5.2
},
{
"source": "cna@sap.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -36,7 +56,7 @@
},
"weaknesses": [
{
"source": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"source": "cna@sap.com",
"type": "Primary",
"description": [
{
@ -46,14 +66,37 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:businessobjects_business_intelligence_platform:420:*:*:*:*:*:*:*",
"matchCriteriaId": "F2909B78-C7F9-4267-B9A0-B6A1F776EB73"
}
]
}
]
}
],
"references": [
{
"url": "https://me.sap.com/notes/3370490",
"source": "e4686d1a-f260-4930-ac4c-2f5c992778dd"
"source": "cna@sap.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html",
"source": "e4686d1a-f260-4930-ac4c-2f5c992778dd"
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
]
}
]
}

192
CVE-2023/CVE-2023-42xx/CVE-2023-4296.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4296",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2023-08-29T22:15:09.297",
"lastModified": "2023-08-31T15:15:08.637",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-13T14:50:08.323",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
@ -46,14 +66,178 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:intland:codebeamer:21.09.0:-:*:*:*:*:*:*",
"matchCriteriaId": "D8842BD8-5ADE-4F4C-892B-C7FD0BD00549"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:intland:codebeamer:21.09.0:sp1:*:*:*:*:*:*",
"matchCriteriaId": "4A96C543-780C-4FB8-9B66-E3A970284157"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:intland:codebeamer:21.09.0:sp10:*:*:*:*:*:*",
"matchCriteriaId": "869FDFD2-B254-46F1-977C-8C45FC53CF4C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:intland:codebeamer:21.09.0:sp11:*:*:*:*:*:*",
"matchCriteriaId": "E162A5AA-DF07-4DB9-A0ED-15CD181B3E8B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:intland:codebeamer:21.09.0:sp12:*:*:*:*:*:*",
"matchCriteriaId": "61E616EF-4DD8-4F24-8132-069D1839CC44"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:intland:codebeamer:21.09.0:sp13:*:*:*:*:*:*",
"matchCriteriaId": "4E1FFA2A-5A02-4D3E-AF1A-49F9CB751B29"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:intland:codebeamer:21.09.0:sp2:*:*:*:*:*:*",
"matchCriteriaId": "8EC6A60D-1117-45A3-B64F-6A3C99CCCBF2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:intland:codebeamer:21.09.0:sp3:*:*:*:*:*:*",
"matchCriteriaId": "82586B4B-1876-4F6A-903A-B89A50CB13DC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:intland:codebeamer:21.09.0:sp4:*:*:*:*:*:*",
"matchCriteriaId": "EF54ED5C-B686-4036-8EC4-C2C65D4463FD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:intland:codebeamer:21.09.0:sp5:*:*:*:*:*:*",
"matchCriteriaId": "D8162D88-A7D0-4BC0-A2D9-D83EC620C009"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:intland:codebeamer:21.09.0:sp6:*:*:*:*:*:*",
"matchCriteriaId": "FE271018-6A6F-4CDD-97AA-12F8A9DE9640"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:intland:codebeamer:21.09.0:sp7:*:*:*:*:*:*",
"matchCriteriaId": "21A2D6ED-17D8-4DAD-9775-02419D79DD3F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:intland:codebeamer:21.09.0:sp8:*:*:*:*:*:*",
"matchCriteriaId": "A099E310-FBA2-4EB1-BD86-C52686E7FA89"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:intland:codebeamer:21.09.0:sp9:*:*:*:*:*:*",
"matchCriteriaId": "0291CE0C-97E3-4933-9B13-6DBB616DAA60"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:intland:codebeamer:22.04.0:-:*:*:*:*:*:*",
"matchCriteriaId": "334D6C73-8DED-4C77-9222-5534D1F3503D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:intland:codebeamer:22.04.0:sp1:*:*:*:*:*:*",
"matchCriteriaId": "7F517B94-96C4-4FD0-BB84-73CA2BA0F88B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:intland:codebeamer:22.04.0:sp2:*:*:*:*:*:*",
"matchCriteriaId": "65EA30F3-F924-42B3-BFCC-875411C0A7C7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:intland:codebeamer:22.04.0:sp3:*:*:*:*:*:*",
"matchCriteriaId": "42357940-98B9-4966-9B85-E5AB495560A6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:intland:codebeamer:22.04.0:sp4:*:*:*:*:*:*",
"matchCriteriaId": "EB8DB5F9-1972-4F06-9060-E95F8C462681"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:intland:codebeamer:22.04.0:sp5:*:*:*:*:*:*",
"matchCriteriaId": "6AD9CDC5-D62C-4CC4-9328-2C0E41300CDD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:intland:codebeamer:22.10.0:-:*:*:*:*:*:*",
"matchCriteriaId": "A54ADF57-985E-41AB-B1DF-77E9303531E8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:intland:codebeamer:22.10.0:sp1:*:*:*:*:*:*",
"matchCriteriaId": "F94411ED-3CDA-4432-8487-2EE2DD072D6D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:intland:codebeamer:22.10.0:sp2:*:*:*:*:*:*",
"matchCriteriaId": "E4050B8C-FBA8-48CA-AF45-BC7C70235E37"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:intland:codebeamer:22.10.0:sp3:*:*:*:*:*:*",
"matchCriteriaId": "19490284-BC6A-45A0-B68D-743E139EB067"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:intland:codebeamer:22.10.0:sp4:*:*:*:*:*:*",
"matchCriteriaId": "D5CF8652-238F-4442-9AA2-B8A6FD9B681C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:intland:codebeamer:22.10.0:sp5:*:*:*:*:*:*",
"matchCriteriaId": "FC9DEE58-BD1A-47DB-918B-CE1A1D7A7866"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:intland:codebeamer:22.10.0:sp6:*:*:*:*:*:*",
"matchCriteriaId": "8948D8AB-8392-4CD8-8F8B-F59410A37BBF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:intland:codebeamer:22.10.0:sp7:*:*:*:*:*:*",
"matchCriteriaId": "A3E14B5E-A1CF-402C-B56A-C745DE28BF91"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:intland:codebeamer:22.10.0:sp8:*:*:*:*:*:*",
"matchCriteriaId": "0B1F1CCA-B937-4AFB-8363-554D74DE71BD"
}
]
}
]
}
],
"references": [
{
"url": "https://codebeamer.com/cb/wiki/31346480",
"source": "ics-cert@hq.dhs.gov"
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-241-01",
"source": "ics-cert@hq.dhs.gov"
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
]
}
]
}

59
CVE-2023/CVE-2023-47xx/CVE-2023-4701.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-4701",
"sourceIdentifier": "info@cert.vde.com",
"published": "2023-09-13T14:15:09.297",
"lastModified": "2023-09-13T14:15:09.297",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A Improper Privilege Management vulnerability through an incorrect use of privileged APIs in CodeMeter Runtime versions prior to 7.60c allow a local, low privileged attacker to use an API call for escalation of privileges in order gain full admin access on the host system."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "info@cert.vde.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.0,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "info@cert.vde.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-269"
}
]
}
],
"references": [
{
"url": "https://cdn.wibu.com/fileadmin/wibu_downloads/security_advisories/AdvisoryWIBU-230704-01-v3.0.pdf",
"source": "info@cert.vde.com"
},
{
"url": "https://cert.vde.com/en/advisories/VDE-2023-031/",
"source": "info@cert.vde.com"
}
]
}

62
CVE-2023/CVE-2023-48xx/CVE-2023-4816.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4816",
"sourceIdentifier": "cybersecurity@hitachienergy.com",
"published": "2023-09-11T08:15:07.917",
"lastModified": "2023-09-11T12:41:46.007",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-13T14:35:05.177",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "cybersecurity@hitachienergy.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
},
{
"source": "cybersecurity@hitachienergy.com",
"type": "Secondary",
@ -46,10 +76,36 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hitachienergy:asset_suite:*:*:*:*:*:*:*:*",
"versionEndIncluding": "9.6.3.11.1",
"matchCriteriaId": "FAC84DA0-C8A5-433E-A812-7E182295CD06"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hitachienergy:asset_suite:9.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6D04B485-9331-43B1-A8D9-4C245E20738A"
}
]
}
]
}
],
"references": [
{
"url": "https://images.go.hitachienergy.com/Web/ABBEnterpriseSoftware/%7B70b3d323-4866-42e1-8a75-58996729c1d4%7D_8DBD000172-VU-2023-23_Asset_Suite_Tagout_vulnerability_Rev1.pdf",
"source": "cybersecurity@hitachienergy.com"
"source": "cybersecurity@hitachienergy.com",
"tags": [
"Vendor Advisory"
]
}
]
}

60
CVE-2023/CVE-2023-48xx/CVE-2023-4864.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4864",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-09-09T21:15:43.717",
"lastModified": "2023-09-10T19:45:57.130",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-13T14:11:30.347",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,18 +93,46 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:take-note_app_project:take-note_app:1.0:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "06BF6545-DEDE-4860-BD56-868091981782"
}
]
}
]
}
],
"references": [
{
"url": "https://skypoc.wordpress.com/2023/09/05/sourcecodester-take-note-app-v1-0-has-multiple-vulnerabilities/",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.239349",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.239349",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

60
CVE-2023/CVE-2023-48xx/CVE-2023-4865.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4865",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-09-09T23:15:40.483",
"lastModified": "2023-09-10T19:45:57.130",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-13T14:08:14.067",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,18 +93,46 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:take-note_app_project:take-note_app:1.0:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "06BF6545-DEDE-4860-BD56-868091981782"
}
]
}
]
}
],
"references": [
{
"url": "https://skypoc.wordpress.com/2023/09/05/sourcecodester-take-note-app-v1-0-has-multiple-vulnerabilities/",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.239350",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.239350",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

72
CVE-2023/CVE-2023-48xx/CVE-2023-4866.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4866",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-09-10T00:15:07.330",
"lastModified": "2023-09-10T19:45:57.130",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-13T14:01:38.873",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -61,7 +83,7 @@
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
@ -69,20 +91,58 @@
"value": "CWE-89"
}
]
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:online_tours_\\&_travels_management_system_project:online_tours_\\&_travels_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5468F32-0596-4448-BE96-F06564FC0831"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.csdn.net/weixin_43864034/article/details/132697070",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.239351",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.239351",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

88
CVE-2023/CVE-2023-48xx/CVE-2023-4874.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4874",
"sourceIdentifier": "cve@gitlab.com",
"published": "2023-09-09T15:15:34.623",
"lastModified": "2023-09-11T04:15:10.833",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-13T14:30:57.767",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "cve@gitlab.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
},
{
"source": "cve@gitlab.com",
"type": "Secondary",
@ -46,18 +76,66 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*",
"versionStartExcluding": "1.5.2",
"versionEndExcluding": "2.2.12",
"matchCriteriaId": "A42057D9-7C22-41AA-AD4F-040CE0B8CD4E"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "46D69DCC-AE4D-4EA5-861C-D60951444C6C"
}
]
}
]
}
],
"references": [
{
"url": "https://gitlab.com/muttmua/mutt/-/commit/452ee330e094bfc7c9a68555e5152b1826534555.patch",
"source": "cve@gitlab.com"
"source": "cve@gitlab.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://gitlab.com/muttmua/mutt/-/commit/a4752eb0ae0a521eec02e59e51ae5daedf74fda0.patch",
"source": "cve@gitlab.com"
"source": "cve@gitlab.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.debian.org/security/2023/dsa-5494",
"source": "cve@gitlab.com"
"source": "cve@gitlab.com",
"tags": [
"Third Party Advisory"
]
}
]
}

88
CVE-2023/CVE-2023-48xx/CVE-2023-4875.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4875",
"sourceIdentifier": "cve@gitlab.com",
"published": "2023-09-09T15:15:35.500",
"lastModified": "2023-09-11T04:15:11.010",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-13T14:24:29.823",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.1,
"impactScore": 3.6
},
{
"source": "cve@gitlab.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
},
{
"source": "cve@gitlab.com",
"type": "Secondary",
@ -46,18 +76,66 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mutt:mutt:*:*:*:*:*:*:*:*",
"versionStartExcluding": "1.5.2",
"versionEndExcluding": "2.2.12",
"matchCriteriaId": "A42057D9-7C22-41AA-AD4F-040CE0B8CD4E"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "46D69DCC-AE4D-4EA5-861C-D60951444C6C"
}
]
}
]
}
],
"references": [
{
"url": "https://gitlab.com/muttmua/mutt/-/commit/452ee330e094bfc7c9a68555e5152b1826534555.patch",
"source": "cve@gitlab.com"
"source": "cve@gitlab.com",
"tags": [
"Patch"
]
},
{
"url": "https://gitlab.com/muttmua/mutt/-/commit/4cc3128abdf52c615911589394a03271fddeefc6.patch",
"source": "cve@gitlab.com"
"source": "cve@gitlab.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.debian.org/security/2023/dsa-5494",
"source": "cve@gitlab.com"
"source": "cve@gitlab.com",
"tags": [
"Third Party Advisory"
]
}
]
}

57
CVE-2023/CVE-2023-48xx/CVE-2023-4897.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4897",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-09-11T21:15:42.870",
"lastModified": "2023-09-12T11:52:05.517",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-13T14:41:12.663",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -46,14 +68,41 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mintplexlabs:anythingllm:*:*:*:*:*:*:*:*",
"versionEndExcluding": "0.0.1",
"matchCriteriaId": "43AD14DE-65DD-44BC-AA11-3F1A4EC531D2"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/mintplex-labs/anything-llm/commit/3c88aec034934bcbad30c5ef1cab62cbbdb98e64",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Patch"
]
},
{
"url": "https://huntr.dev/bounties/0631af48-84a3-4019-85db-f0f8b12cb0ab",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Third Party Advisory"
]
}
]
}

79
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-09-13T14:00:26.661139+00:00
2023-09-13T16:00:25.208734+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-09-13T13:57:45.667000+00:00
2023-09-13T15:15:07.837000+00:00
```
### Last Data Feed Release
@ -29,56 +29,51 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
224863
224870
```
### CVEs added in the last Commit
Recently added CVEs: `12`
Recently added CVEs: `7`
* [CVE-2021-44172](CVE-2021/CVE-2021-441xx/CVE-2021-44172.json) (`2023-09-13T13:15:07.537`)
* [CVE-2022-35849](CVE-2022/CVE-2022-358xx/CVE-2022-35849.json) (`2023-09-13T13:15:07.823`)
* [CVE-2023-25608](CVE-2023/CVE-2023-256xx/CVE-2023-25608.json) (`2023-09-13T13:15:08.040`)
* [CVE-2023-27998](CVE-2023/CVE-2023-279xx/CVE-2023-27998.json) (`2023-09-13T13:15:08.200`)
* [CVE-2023-29183](CVE-2023/CVE-2023-291xx/CVE-2023-29183.json) (`2023-09-13T13:15:08.367`)
* [CVE-2023-34984](CVE-2023/CVE-2023-349xx/CVE-2023-34984.json) (`2023-09-13T13:15:08.527`)
* [CVE-2023-36551](CVE-2023/CVE-2023-365xx/CVE-2023-36551.json) (`2023-09-13T13:15:08.697`)
* [CVE-2023-36634](CVE-2023/CVE-2023-366xx/CVE-2023-36634.json) (`2023-09-13T13:15:08.883`)
* [CVE-2023-36638](CVE-2023/CVE-2023-366xx/CVE-2023-36638.json) (`2023-09-13T13:15:09.033`)
* [CVE-2023-36642](CVE-2023/CVE-2023-366xx/CVE-2023-36642.json) (`2023-09-13T13:15:09.127`)
* [CVE-2023-40715](CVE-2023/CVE-2023-407xx/CVE-2023-40715.json) (`2023-09-13T13:15:09.320`)
* [CVE-2023-40717](CVE-2023/CVE-2023-407xx/CVE-2023-40717.json) (`2023-09-13T13:15:09.507`)
* [CVE-2023-38214](CVE-2023/CVE-2023-382xx/CVE-2023-38214.json) (`2023-09-13T14:15:08.127`)
* [CVE-2023-38215](CVE-2023/CVE-2023-382xx/CVE-2023-38215.json) (`2023-09-13T14:15:09.027`)
* [CVE-2023-3935](CVE-2023/CVE-2023-39xx/CVE-2023-3935.json) (`2023-09-13T14:15:09.147`)
* [CVE-2023-4701](CVE-2023/CVE-2023-47xx/CVE-2023-4701.json) (`2023-09-13T14:15:09.297`)
* [CVE-2023-39914](CVE-2023/CVE-2023-399xx/CVE-2023-39914.json) (`2023-09-13T15:15:07.657`)
* [CVE-2023-39915](CVE-2023/CVE-2023-399xx/CVE-2023-39915.json) (`2023-09-13T15:15:07.763`)
* [CVE-2023-39916](CVE-2023/CVE-2023-399xx/CVE-2023-39916.json) (`2023-09-13T15:15:07.837`)
### CVEs modified in the last Commit
Recently modified CVEs: `35`
Recently modified CVEs: `67`
* [CVE-2023-4905](CVE-2023/CVE-2023-49xx/CVE-2023-4905.json) (`2023-09-13T12:55:59.447`)
* [CVE-2023-4906](CVE-2023/CVE-2023-49xx/CVE-2023-4906.json) (`2023-09-13T12:55:59.447`)
* [CVE-2023-4907](CVE-2023/CVE-2023-49xx/CVE-2023-4907.json) (`2023-09-13T12:55:59.447`)
* [CVE-2023-4908](CVE-2023/CVE-2023-49xx/CVE-2023-4908.json) (`2023-09-13T12:55:59.447`)
* [CVE-2023-4909](CVE-2023/CVE-2023-49xx/CVE-2023-4909.json) (`2023-09-13T12:55:59.447`)
* [CVE-2023-39073](CVE-2023/CVE-2023-390xx/CVE-2023-39073.json) (`2023-09-13T12:55:59.447`)
* [CVE-2023-41423](CVE-2023/CVE-2023-414xx/CVE-2023-41423.json) (`2023-09-13T12:55:59.447`)
* [CVE-2023-4813](CVE-2023/CVE-2023-48xx/CVE-2023-4813.json) (`2023-09-13T12:55:59.447`)
* [CVE-2023-4928](CVE-2023/CVE-2023-49xx/CVE-2023-4928.json) (`2023-09-13T12:55:59.447`)
* [CVE-2023-4153](CVE-2023/CVE-2023-41xx/CVE-2023-4153.json) (`2023-09-13T12:55:59.447`)
* [CVE-2023-4213](CVE-2023/CVE-2023-42xx/CVE-2023-4213.json) (`2023-09-13T12:55:59.447`)
* [CVE-2023-4915](CVE-2023/CVE-2023-49xx/CVE-2023-4915.json) (`2023-09-13T12:55:59.447`)
* [CVE-2023-4916](CVE-2023/CVE-2023-49xx/CVE-2023-4916.json) (`2023-09-13T12:55:59.447`)
* [CVE-2023-4917](CVE-2023/CVE-2023-49xx/CVE-2023-4917.json) (`2023-09-13T12:55:59.447`)
* [CVE-2023-4400](CVE-2023/CVE-2023-44xx/CVE-2023-4400.json) (`2023-09-13T12:55:59.447`)
* [CVE-2023-26369](CVE-2023/CVE-2023-263xx/CVE-2023-26369.json) (`2023-09-13T12:55:59.447`)
* [CVE-2023-29305](CVE-2023/CVE-2023-293xx/CVE-2023-29305.json) (`2023-09-13T12:55:59.447`)
* [CVE-2023-29306](CVE-2023/CVE-2023-293xx/CVE-2023-29306.json) (`2023-09-13T12:55:59.447`)
* [CVE-2023-4039](CVE-2023/CVE-2023-40xx/CVE-2023-4039.json) (`2023-09-13T12:55:59.447`)
* [CVE-2023-41081](CVE-2023/CVE-2023-410xx/CVE-2023-41081.json) (`2023-09-13T12:55:59.447`)
* [CVE-2023-4873](CVE-2023/CVE-2023-48xx/CVE-2023-4873.json) (`2023-09-13T13:13:00.357`)
* [CVE-2023-4877](CVE-2023/CVE-2023-48xx/CVE-2023-4877.json) (`2023-09-13T13:26:10.990`)
* [CVE-2023-4876](CVE-2023/CVE-2023-48xx/CVE-2023-4876.json) (`2023-09-13T13:36:42.887`)
* [CVE-2023-4869](CVE-2023/CVE-2023-48xx/CVE-2023-4869.json) (`2023-09-13T13:48:50.580`)
* [CVE-2023-4868](CVE-2023/CVE-2023-48xx/CVE-2023-4868.json) (`2023-09-13T13:49:59.687`)
* [CVE-2023-4874](CVE-2023/CVE-2023-48xx/CVE-2023-4874.json) (`2023-09-13T14:30:57.767`)
* [CVE-2023-40039](CVE-2023/CVE-2023-400xx/CVE-2023-40039.json) (`2023-09-13T14:30:58.217`)
* [CVE-2023-40040](CVE-2023/CVE-2023-400xx/CVE-2023-40040.json) (`2023-09-13T14:31:47.480`)
* [CVE-2023-42467](CVE-2023/CVE-2023-424xx/CVE-2023-42467.json) (`2023-09-13T14:32:20.067`)
* [CVE-2023-41915](CVE-2023/CVE-2023-419xx/CVE-2023-41915.json) (`2023-09-13T14:32:53.017`)
* [CVE-2023-39076](CVE-2023/CVE-2023-390xx/CVE-2023-39076.json) (`2023-09-13T14:33:30.147`)
* [CVE-2023-4816](CVE-2023/CVE-2023-48xx/CVE-2023-4816.json) (`2023-09-13T14:35:05.177`)
* [CVE-2023-42471](CVE-2023/CVE-2023-424xx/CVE-2023-42471.json) (`2023-09-13T14:36:04.363`)
* [CVE-2023-42470](CVE-2023/CVE-2023-424xx/CVE-2023-42470.json) (`2023-09-13T14:36:22.290`)
* [CVE-2023-41316](CVE-2023/CVE-2023-413xx/CVE-2023-41316.json) (`2023-09-13T14:36:54.837`)
* [CVE-2023-32470](CVE-2023/CVE-2023-324xx/CVE-2023-32470.json) (`2023-09-13T14:37:24.530`)
* [CVE-2023-35682](CVE-2023/CVE-2023-356xx/CVE-2023-35682.json) (`2023-09-13T14:39:22.120`)
* [CVE-2023-35681](CVE-2023/CVE-2023-356xx/CVE-2023-35681.json) (`2023-09-13T14:39:48.377`)
* [CVE-2023-38829](CVE-2023/CVE-2023-388xx/CVE-2023-38829.json) (`2023-09-13T14:40:32.463`)
* [CVE-2023-4897](CVE-2023/CVE-2023-48xx/CVE-2023-4897.json) (`2023-09-13T14:41:12.663`)
* [CVE-2023-40623](CVE-2023/CVE-2023-406xx/CVE-2023-40623.json) (`2023-09-13T14:45:19.633`)
* [CVE-2023-40622](CVE-2023/CVE-2023-406xx/CVE-2023-40622.json) (`2023-09-13T14:45:47.617`)
* [CVE-2023-40621](CVE-2023/CVE-2023-406xx/CVE-2023-40621.json) (`2023-09-13T14:46:22.113`)
* [CVE-2023-40584](CVE-2023/CVE-2023-405xx/CVE-2023-40584.json) (`2023-09-13T14:47:24.317`)
* [CVE-2023-40029](CVE-2023/CVE-2023-400xx/CVE-2023-40029.json) (`2023-09-13T14:49:32.197`)
* [CVE-2023-4296](CVE-2023/CVE-2023-42xx/CVE-2023-4296.json) (`2023-09-13T14:50:08.323`)
* [CVE-2023-40625](CVE-2023/CVE-2023-406xx/CVE-2023-40625.json) (`2023-09-13T14:59:43.357`)
* [CVE-2023-42472](CVE-2023/CVE-2023-424xx/CVE-2023-42472.json) (`2023-09-13T15:01:22.793`)
* [CVE-2023-41367](CVE-2023/CVE-2023-413xx/CVE-2023-41367.json) (`2023-09-13T15:02:11.297`)
* [CVE-2023-30908](CVE-2023/CVE-2023-309xx/CVE-2023-30908.json) (`2023-09-13T15:15:07.517`)
## Download and Usage