admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-09 03:57:14 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-06-23T14:00:26.879408+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-06-23 14:00:30 +00:00
parent b69555085b
commit 87e5698245
99 changed files with 1330 additions and 215 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
CVE-2022/CVE-2022-463xx/CVE-2022-46303.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-46303",
"sourceIdentifier": "security@checkmk.com",
"published": "2023-02-20T17:15:12.073",
"lastModified": "2023-03-06T15:31:07.063",
"lastModified": "2023-06-23T13:08:24.383",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -61,7 +61,7 @@
"description": [
{
"lang": "en",
"value": "CWE-77"
"value": "CWE-78"
}
]
},

4
CVE-2022/CVE-2022-479xx/CVE-2022-47909.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-47909",
"sourceIdentifier": "security@checkmk.com",
"published": "2023-02-20T17:15:12.230",
"lastModified": "2023-03-02T18:23:28.477",
"lastModified": "2023-06-23T13:12:17.483",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -61,7 +61,7 @@
"description": [
{
"lang": "en",
"value": "CWE-77"
"value": "NVD-CWE-Other"
}
]
},

4
CVE-2023/CVE-2023-233xx/CVE-2023-23343.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-23343",
"sourceIdentifier": "psirt@hcl.com",
"published": "2023-06-22T22:15:09.110",
"lastModified": "2023-06-22T22:15:09.110",
"vulnStatus": "Received",
"lastModified": "2023-06-23T13:03:31.027",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-233xx/CVE-2023-23344.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-23344",
"sourceIdentifier": "psirt@hcl.com",
"published": "2023-06-23T06:15:09.707",
"lastModified": "2023-06-23T06:15:09.707",
"vulnStatus": "Received",
"lastModified": "2023-06-23T13:03:31.027",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-259xx/CVE-2023-25936.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-25936",
"sourceIdentifier": "security_alert@emc.com",
"published": "2023-06-23T09:15:09.290",
"lastModified": "2023-06-23T09:15:09.290",
"vulnStatus": "Received",
"lastModified": "2023-06-23T13:03:31.027",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-259xx/CVE-2023-25937.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-25937",
"sourceIdentifier": "security_alert@emc.com",
"published": "2023-06-23T10:15:09.557",
"lastModified": "2023-06-23T10:15:09.557",
"vulnStatus": "Received",
"lastModified": "2023-06-23T13:03:31.027",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-259xx/CVE-2023-25938.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-25938",
"sourceIdentifier": "security_alert@emc.com",
"published": "2023-06-23T11:15:08.997",
"lastModified": "2023-06-23T11:15:08.997",
"vulnStatus": "Received",
"lastModified": "2023-06-23T13:03:24.293",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-270xx/CVE-2023-27083.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-27083",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-22T20:15:09.213",
"lastModified": "2023-06-22T20:15:09.213",
"vulnStatus": "Received",
"lastModified": "2023-06-23T13:03:44.217",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

55
CVE-2023/CVE-2023-274xx/CVE-2023-27427.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-27427",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-06-23T13:15:10.130",
"lastModified": "2023-06-23T13:15:10.130",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in NTZApps CRM Memberships plugin <=\u00a01.6 versions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/crm-memberships/wordpress-crm-memberships-plugin-1-6-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

47
CVE-2023/CVE-2023-276xx/CVE-2023-27624.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-27624",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-06-13T16:15:12.847",
"lastModified": "2023-06-13T16:54:51.953",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-23T12:11:30.540",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redirect_after_login_project:redirect_after_login:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "0.1.9",
"matchCriteriaId": "9C9BD0D1-D6F8-4347-8C38-CB89CB54664B"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/redirect-after-login/wordpress-redirect-after-login-plugin-0-1-9-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-280xx/CVE-2023-28006.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28006",
"sourceIdentifier": "psirt@hcl.com",
"published": "2023-06-22T23:15:09.277",
"lastModified": "2023-06-22T23:15:09.277",
"vulnStatus": "Received",
"lastModified": "2023-06-23T13:03:31.027",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-280xx/CVE-2023-28016.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28016",
"sourceIdentifier": "psirt@hcl.com",
"published": "2023-06-22T23:15:09.343",
"lastModified": "2023-06-22T23:15:09.343",
"vulnStatus": "Received",
"lastModified": "2023-06-23T13:03:31.027",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-280xx/CVE-2023-28026.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28026",
"sourceIdentifier": "security_alert@emc.com",
"published": "2023-06-23T11:15:09.073",
"lastModified": "2023-06-23T11:15:09.073",
"vulnStatus": "Received",
"lastModified": "2023-06-23T13:03:24.293",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-280xx/CVE-2023-28027.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28027",
"sourceIdentifier": "security_alert@emc.com",
"published": "2023-06-23T11:15:09.143",
"lastModified": "2023-06-23T11:15:09.143",
"vulnStatus": "Received",
"lastModified": "2023-06-23T13:03:24.293",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-280xx/CVE-2023-28028.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28028",
"sourceIdentifier": "security_alert@emc.com",
"published": "2023-06-23T10:15:09.637",
"lastModified": "2023-06-23T10:15:09.637",
"vulnStatus": "Received",
"lastModified": "2023-06-23T13:03:31.027",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-280xx/CVE-2023-28029.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28029",
"sourceIdentifier": "security_alert@emc.com",
"published": "2023-06-23T10:15:09.710",
"lastModified": "2023-06-23T10:15:09.710",
"vulnStatus": "Received",
"lastModified": "2023-06-23T13:03:24.293",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-280xx/CVE-2023-28030.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28030",
"sourceIdentifier": "security_alert@emc.com",
"published": "2023-06-23T10:15:09.780",
"lastModified": "2023-06-23T10:15:09.780",
"vulnStatus": "Received",
"lastModified": "2023-06-23T13:03:24.293",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-280xx/CVE-2023-28031.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28031",
"sourceIdentifier": "security_alert@emc.com",
"published": "2023-06-23T11:15:09.210",
"lastModified": "2023-06-23T11:15:09.210",
"vulnStatus": "Received",
"lastModified": "2023-06-23T13:03:18.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-280xx/CVE-2023-28032.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28032",
"sourceIdentifier": "security_alert@emc.com",
"published": "2023-06-23T10:15:09.853",
"lastModified": "2023-06-23T10:15:09.853",
"vulnStatus": "Received",
"lastModified": "2023-06-23T13:03:24.293",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-280xx/CVE-2023-28033.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28033",
"sourceIdentifier": "security_alert@emc.com",
"published": "2023-06-23T10:15:09.927",
"lastModified": "2023-06-23T10:15:09.927",
"vulnStatus": "Received",
"lastModified": "2023-06-23T13:03:24.293",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-280xx/CVE-2023-28034.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28034",
"sourceIdentifier": "security_alert@emc.com",
"published": "2023-06-23T11:15:09.280",
"lastModified": "2023-06-23T11:15:09.280",
"vulnStatus": "Received",
"lastModified": "2023-06-23T13:03:18.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-280xx/CVE-2023-28035.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28035",
"sourceIdentifier": "security_alert@emc.com",
"published": "2023-06-23T10:15:10.000",
"lastModified": "2023-06-23T10:15:10.000",
"vulnStatus": "Received",
"lastModified": "2023-06-23T13:03:24.293",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-280xx/CVE-2023-28036.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28036",
"sourceIdentifier": "security_alert@emc.com",
"published": "2023-06-23T11:15:09.347",
"lastModified": "2023-06-23T11:15:09.347",
"vulnStatus": "Received",
"lastModified": "2023-06-23T13:03:18.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-280xx/CVE-2023-28039.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28039",
"sourceIdentifier": "security_alert@emc.com",
"published": "2023-06-23T10:15:10.067",
"lastModified": "2023-06-23T10:15:10.067",
"vulnStatus": "Received",
"lastModified": "2023-06-23T13:03:24.293",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-280xx/CVE-2023-28040.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28040",
"sourceIdentifier": "security_alert@emc.com",
"published": "2023-06-23T10:15:10.137",
"lastModified": "2023-06-23T10:15:10.137",
"vulnStatus": "Received",
"lastModified": "2023-06-23T13:03:24.293",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-280xx/CVE-2023-28041.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28041",
"sourceIdentifier": "security_alert@emc.com",
"published": "2023-06-23T10:15:10.207",
"lastModified": "2023-06-23T10:15:10.207",
"vulnStatus": "Received",
"lastModified": "2023-06-23T13:03:24.293",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-280xx/CVE-2023-28042.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28042",
"sourceIdentifier": "security_alert@emc.com",
"published": "2023-06-23T10:15:10.280",
"lastModified": "2023-06-23T10:15:10.280",
"vulnStatus": "Received",
"lastModified": "2023-06-23T13:03:24.293",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-280xx/CVE-2023-28044.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28044",
"sourceIdentifier": "security_alert@emc.com",
"published": "2023-06-23T11:15:09.417",
"lastModified": "2023-06-23T11:15:09.417",
"vulnStatus": "Received",
"lastModified": "2023-06-23T13:03:18.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-280xx/CVE-2023-28050.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28050",
"sourceIdentifier": "security_alert@emc.com",
"published": "2023-06-23T11:15:09.490",
"lastModified": "2023-06-23T11:15:09.490",
"vulnStatus": "Received",
"lastModified": "2023-06-23T13:03:18.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-280xx/CVE-2023-28052.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28052",
"sourceIdentifier": "security_alert@emc.com",
"published": "2023-06-23T10:15:10.353",
"lastModified": "2023-06-23T10:15:10.353",
"vulnStatus": "Received",
"lastModified": "2023-06-23T13:03:24.293",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-280xx/CVE-2023-28054.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28054",
"sourceIdentifier": "security_alert@emc.com",
"published": "2023-06-23T10:15:10.420",
"lastModified": "2023-06-23T10:15:10.420",
"vulnStatus": "Received",
"lastModified": "2023-06-23T13:03:24.293",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-280xx/CVE-2023-28056.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28056",
"sourceIdentifier": "security_alert@emc.com",
"published": "2023-06-23T10:15:10.490",
"lastModified": "2023-06-23T10:15:10.490",
"vulnStatus": "Received",
"lastModified": "2023-06-23T13:03:24.293",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-280xx/CVE-2023-28058.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28058",
"sourceIdentifier": "security_alert@emc.com",
"published": "2023-06-23T11:15:09.560",
"lastModified": "2023-06-23T11:15:09.560",
"vulnStatus": "Received",
"lastModified": "2023-06-23T13:03:18.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-280xx/CVE-2023-28059.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28059",
"sourceIdentifier": "security_alert@emc.com",
"published": "2023-06-23T10:15:10.563",
"lastModified": "2023-06-23T10:15:10.563",
"vulnStatus": "Received",
"lastModified": "2023-06-23T13:03:24.293",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-280xx/CVE-2023-28060.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28060",
"sourceIdentifier": "security_alert@emc.com",
"published": "2023-06-23T11:15:09.630",
"lastModified": "2023-06-23T11:15:09.630",
"vulnStatus": "Received",
"lastModified": "2023-06-23T13:03:18.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-280xx/CVE-2023-28061.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28061",
"sourceIdentifier": "security_alert@emc.com",
"published": "2023-06-23T10:15:10.630",
"lastModified": "2023-06-23T10:15:10.630",
"vulnStatus": "Received",
"lastModified": "2023-06-23T13:03:24.293",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-280xx/CVE-2023-28064.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28064",
"sourceIdentifier": "security_alert@emc.com",
"published": "2023-06-23T11:15:09.697",
"lastModified": "2023-06-23T11:15:09.697",
"vulnStatus": "Received",
"lastModified": "2023-06-23T13:03:18.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

55
CVE-2023/CVE-2023-280xx/CVE-2023-28065.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-28065",
"sourceIdentifier": "security_alert@emc.com",
"published": "2023-06-23T12:15:09.340",
"lastModified": "2023-06-23T13:03:18.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "\nDell Command | Update, Dell Update, and Alienware Update versions 4.8.0 and prior contain an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could potentially exploit this vulnerability leading to privilege escalation.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security_alert@emc.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security_alert@emc.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-1386"
}
]
}
],
"references": [
{
"url": "https://www.dell.com/support/kbdoc/en-us/000212574/dsa-2023-146",
"source": "security_alert@emc.com"
}
]
}

4
CVE-2023/CVE-2023-280xx/CVE-2023-28071.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28071",
"sourceIdentifier": "security_alert@emc.com",
"published": "2023-06-23T11:15:09.790",
"lastModified": "2023-06-23T11:15:09.790",
"vulnStatus": "Received",
"lastModified": "2023-06-23T13:03:18.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-280xx/CVE-2023-28073.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28073",
"sourceIdentifier": "security_alert@emc.com",
"published": "2023-06-23T11:15:09.863",
"lastModified": "2023-06-23T11:15:09.863",
"vulnStatus": "Received",
"lastModified": "2023-06-23T13:03:18.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-280xx/CVE-2023-28094.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28094",
"sourceIdentifier": "security@pega.com",
"published": "2023-06-22T21:15:09.163",
"lastModified": "2023-06-22T21:15:09.163",
"vulnStatus": "Received",
"lastModified": "2023-06-23T13:03:39.067",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

55
CVE-2023/CVE-2023-287xx/CVE-2023-28751.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-28751",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-06-23T13:15:10.277",
"lastModified": "2023-06-23T13:15:10.277",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Wpmet Wp Ultimate Review plugin <=\u00a02.0.3 versions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wp-ultimate-review/wordpress-wp-ultimate-review-plugin-2-0-3-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

4
CVE-2023/CVE-2023-287xx/CVE-2023-28799.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28799",
"sourceIdentifier": "cve@zscaler.com",
"published": "2023-06-22T20:15:09.283",
"lastModified": "2023-06-22T20:15:09.283",
"vulnStatus": "Received",
"lastModified": "2023-06-23T13:03:39.067",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-288xx/CVE-2023-28800.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28800",
"sourceIdentifier": "cve@zscaler.com",
"published": "2023-06-22T20:15:09.373",
"lastModified": "2023-06-22T20:15:09.373",
"vulnStatus": "Received",
"lastModified": "2023-06-23T13:03:39.067",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

55
CVE-2023/CVE-2023-291xx/CVE-2023-29100.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-29100",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-06-23T13:15:10.350",
"lastModified": "2023-06-23T13:15:10.350",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Dream-Theme The7 plugin <=\u00a011.6.0 versions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/dt-the7/wordpress-the7-theme-11-6-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

20
CVE-2023/CVE-2023-298xx/CVE-2023-29860.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-29860",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-23T12:15:09.420",
"lastModified": "2023-06-23T13:03:18.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An insecure permissions in /Taier/API/tenant/listTenant interface in DTStack Taier 1.3.0 allows attackers to view sensitive information via the getCookie method."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/DTStack/Taier/issues/1003",
"source": "cve@mitre.org"
}
]
}

4
CVE-2023/CVE-2023-29xx/CVE-2023-2989.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2989",
"sourceIdentifier": "cve@rapid7.con",
"published": "2023-06-22T20:15:09.453",
"lastModified": "2023-06-22T20:15:09.453",
"vulnStatus": "Received",
"lastModified": "2023-06-23T13:03:39.067",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-29xx/CVE-2023-2990.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2990",
"sourceIdentifier": "cve@rapid7.con",
"published": "2023-06-22T20:15:09.520",
"lastModified": "2023-06-22T20:15:09.520",
"vulnStatus": "Received",
"lastModified": "2023-06-23T13:03:39.067",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-29xx/CVE-2023-2991.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2991",
"sourceIdentifier": "cve@rapid7.con",
"published": "2023-06-22T20:15:09.580",
"lastModified": "2023-06-22T20:15:09.580",
"vulnStatus": "Received",
"lastModified": "2023-06-23T13:03:39.067",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

24
CVE-2023/CVE-2023-302xx/CVE-2023-30258.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-30258",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-23T12:15:09.473",
"lastModified": "2023-06-23T13:03:18.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Command Injection vulnerability in MagnusSolution magnusbilling 6.x and 7.x allows remote attackers to run arbitrary commands via unauthenticated HTTP request."
}
],
"metrics": {},
"references": [
{
"url": "https://eldstal.se/advisories/230327-magnusbilling.html",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/magnussolution/magnusbilling7/commit/ccff9f6370f530cc41ef7de2e31d7590a0fdb8c3",
"source": "cve@mitre.org"
}
]
}

24
CVE-2023/CVE-2023-302xx/CVE-2023-30260.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-30260",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-23T12:15:09.520",
"lastModified": "2023-06-23T13:03:18.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Command injection vulnerability in RaspAP raspap-webgui 2.8.8 and earlier allows remote attackers to run arbitrary commands via crafted POST request to hostapd settings form."
}
],
"metrics": {},
"references": [
{
"url": "https://eldstal.se/advisories/230328-raspap.html",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/RaspAP/raspap-webgui/pull/1322",
"source": "cve@mitre.org"
}
]
}

4
CVE-2023/CVE-2023-303xx/CVE-2023-30347.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30347",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-22T21:15:09.240",
"lastModified": "2023-06-22T21:15:09.240",
"vulnStatus": "Received",
"lastModified": "2023-06-23T13:03:39.067",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

24
CVE-2023/CVE-2023-303xx/CVE-2023-30362.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-30362",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-23T12:15:09.573",
"lastModified": "2023-06-23T13:03:18.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Buffer Overflow vulnerability in coap_send function in libcoap library 4.3.1-103-g52cfd56 fixed in 4.3.1-120-ge242200 allows attackers to obtain sensitive information via malformed pdu."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/obgm/libcoap/issues/1063",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/obgm/libcoap/pull/1065",
"source": "cve@mitre.org"
}
]
}

4
CVE-2023/CVE-2023-314xx/CVE-2023-31469.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-31469",
"sourceIdentifier": "security@apache.org",
"published": "2023-06-23T08:15:09.220",
"lastModified": "2023-06-23T08:15:09.220",
"vulnStatus": "Received",
"lastModified": "2023-06-23T13:03:31.027",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

6
CVE-2023/CVE-2023-319xx/CVE-2023-31975.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-31975",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-09T13:15:18.590",
"lastModified": "2023-06-23T09:15:09.957",
"lastModified": "2023-06-23T12:15:09.623",
"vulnStatus": "Modified",
"descriptions": [
{
@ -116,6 +116,10 @@
"url": "http://www.openwall.com/lists/oss-security/2023/06/23/2",
"source": "cve@mitre.org"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/06/23/4",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/yasm/yasm/issues/210",
"source": "cve@mitre.org",

4
CVE-2023/CVE-2023-31xx/CVE-2023-3114.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3114",
"sourceIdentifier": "security@hashicorp.com",
"published": "2023-06-22T22:15:09.197",
"lastModified": "2023-06-22T22:15:09.197",
"vulnStatus": "Received",
"lastModified": "2023-06-23T13:03:31.027",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-31xx/CVE-2023-3128.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3128",
"sourceIdentifier": "security@grafana.com",
"published": "2023-06-22T21:15:09.573",
"lastModified": "2023-06-22T21:15:09.573",
"vulnStatus": "Received",
"lastModified": "2023-06-23T13:03:39.067",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-323xx/CVE-2023-32320.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32320",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-06-22T21:15:09.287",
"lastModified": "2023-06-22T21:15:09.287",
"vulnStatus": "Received",
"lastModified": "2023-06-23T13:03:39.067",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-324xx/CVE-2023-32463.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32463",
"sourceIdentifier": "security_alert@emc.com",
"published": "2023-06-23T08:15:09.313",
"lastModified": "2023-06-23T08:15:09.313",
"vulnStatus": "Received",
"lastModified": "2023-06-23T13:03:31.027",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-324xx/CVE-2023-32464.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32464",
"sourceIdentifier": "security_alert@emc.com",
"published": "2023-06-23T08:15:09.400",
"lastModified": "2023-06-23T08:15:09.400",
"vulnStatus": "Received",
"lastModified": "2023-06-23T13:03:31.027",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-324xx/CVE-2023-32480.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32480",
"sourceIdentifier": "security_alert@emc.com",
"published": "2023-06-23T11:15:09.937",
"lastModified": "2023-06-23T11:15:09.937",
"vulnStatus": "Received",
"lastModified": "2023-06-23T13:03:18.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-325xx/CVE-2023-32571.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32571",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-22T20:15:09.640",
"lastModified": "2023-06-22T20:15:09.640",
"vulnStatus": "Received",
"lastModified": "2023-06-23T13:03:39.067",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

55
CVE-2023/CVE-2023-325xx/CVE-2023-32580.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-32580",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-06-23T13:15:10.427",
"lastModified": "2023-06-23T13:15:10.427",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WPExperts Password Protected plugin <=\u00a02.6.2 versions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/password-protected/wordpress-password-protected-plugin-2-6-2-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

76
CVE-2023/CVE-2023-32xx/CVE-2023-3237.json
View File

@ -2,15 +2,41 @@
"id": "CVE-2023-3237",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-06-14T08:15:09.640",
"lastModified": "2023-06-14T12:54:19.587",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-23T13:35:23.420",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical was found in OTCMS up to 6.62. This vulnerability affects unknown code. The manipulation of the argument username/password with the input admin leads to use of hard-coded password. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-231508."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad clasificada como cr\u00edtica en OTCMS hasta la versi\u00f3n 6.62. Esta vulnerabilidad afecta a c\u00f3digo desconocido. La manipulaci\u00f3n del argumento \"username/password\" con el input \"admin\" lleva al uso de una contrase\u00f1a embebida. El exploit ha sido revelado al p\u00fablico y puede ser utilizado. El identificador de esta vulnerabilidad es VDB-231508. "
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -61,8 +87,18 @@
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-798"
}
]
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -71,18 +107,46 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:otcms:otcms:*:*:*:*:*:*:*:*",
"versionEndIncluding": "6.62",
"matchCriteriaId": "D15D5B62-76C4-47E8-8039-402DDCC3E233"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/HuBenLab/HuBenVulList/blob/main/OTCMS%20contains%20a%20weak%20default%20password%20which%20gives%20attackers%20to%20access%20backstage%20management%20system.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
},
{
"url": "https://vuldb.com/?ctiid.231508",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.231508",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

64
CVE-2023/CVE-2023-32xx/CVE-2023-3238.json
View File

@ -2,15 +2,41 @@
"id": "CVE-2023-3238",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-06-14T08:15:09.713",
"lastModified": "2023-06-14T12:54:19.587",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-23T13:39:37.757",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, has been found in OTCMS up to 6.62. This issue affects some unknown processing of the file /admin/read.php?mudi=getSignal. The manipulation of the argument signalUrl leads to server-side request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-231509 was assigned to this vulnerability."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad, clasificada como cr\u00edtica, en OTCMS hasta la versi\u00f3n 6.62. Este problema afecta a alg\u00fan procesamiento desconocido del archivo \"/admin/read.php?mudi=getSignal\". La manipulaci\u00f3n del argumento \"signalUrl\" conduce a la falsificaci\u00f3n de peticiones del lado del servidor. El ataque puede iniciarse de forma remota. El exploit ha sido revelado al p\u00fablico y puede ser utilizado. Se ha asignado el identificador VDB-231509 a esta vulnerabilidad. "
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,18 +97,46 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:otcms:otcms:*:*:*:*:*:*:*:*",
"versionEndIncluding": "6.62",
"matchCriteriaId": "D15D5B62-76C4-47E8-8039-402DDCC3E233"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/HuBenLab/HuBenVulList/blob/main/OTCMS%20is%20vulnerable%20to%20Server-side%20request%20forgery%20(SSRF).md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
},
{
"url": "https://vuldb.com/?ctiid.231509",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.231509",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

64
CVE-2023/CVE-2023-32xx/CVE-2023-3239.json
View File

@ -2,15 +2,41 @@
"id": "CVE-2023-3239",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-06-14T09:15:09.333",
"lastModified": "2023-06-14T12:54:19.587",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-23T13:28:51.677",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as problematic, was found in OTCMS up to 6.62. Affected is an unknown function of the file admin/readDeal.php?mudi=readQrCode. The manipulation of the argument img leads to path traversal: '../filedir'. The exploit has been disclosed to the public and may be used. VDB-231510 is the identifier assigned to this vulnerability."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad, clasificada como problem\u00e1tica, en OTCMS hasta la versi\u00f3n 6.62. Se ve afectada una funci\u00f3n desconocida del archivo \"admin/readDeal.php?mudi=readQrCode\". La manipulaci\u00f3n del argumento \"img\" conduce a un salto de ruta: \"../filedir\". El exploit ha sido revelado al p\u00fablico y puede ser utilizado. El identificador asignado a esta vulnerabilidad es: VDB-231510. "
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,18 +97,46 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:otcms:otcms:*:*:*:*:*:*:*:*",
"versionEndIncluding": "6.62",
"matchCriteriaId": "D15D5B62-76C4-47E8-8039-402DDCC3E233"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/HuBenLab/HuBenVulList/blob/main/OTCMS%20was%20discovered%20obtain%20the%20web%20directory%20path%20and%20other%20information%20leaked%20.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
},
{
"url": "https://vuldb.com/?ctiid.231510",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.231510",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

64
CVE-2023/CVE-2023-32xx/CVE-2023-3240.json
View File

@ -2,15 +2,41 @@
"id": "CVE-2023-3240",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-06-14T09:15:09.717",
"lastModified": "2023-06-14T12:54:19.587",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-23T12:48:35.727",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in OTCMS up to 6.62 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file usersNews_deal.php. The manipulation of the argument file leads to path traversal: '../filedir'. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-231511."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad en OTCMS hasta la versi\u00f3n 6.62 y se ha clasificado como problem\u00e1tica. Una funcionalidad desconocida del archivo \"usersNews_deal.php\" est\u00e1 afectada por esta vulnerabilidad. La manipulaci\u00f3n del argumento \"file\" conduce a un salto de ruta: \"../filedir\". El exploit ha sido revelado al p\u00fablico y puede ser utilizado. El identificador asociado de esta vulnerabilidad es VDB-231511. "
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,18 +97,46 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:otcms:otcms:*:*:*:*:*:*:*:*",
"versionEndIncluding": "6.62",
"matchCriteriaId": "D15D5B62-76C4-47E8-8039-402DDCC3E233"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/HuBenLab/HuBenVulList/blob/main/OTCMS%20was%20discovered%20to%20contain%20an%20arbitrary%20file%20download%20vulenrability%20via%20the%20filename.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
},
{
"url": "https://vuldb.com/?ctiid.231511",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.231511",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

76
CVE-2023/CVE-2023-32xx/CVE-2023-3241.json
View File

@ -2,15 +2,41 @@
"id": "CVE-2023-3241",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-06-14T09:15:09.783",
"lastModified": "2023-06-14T12:54:19.587",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-23T12:58:31.977",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in OTCMS up to 6.62 and classified as problematic. Affected by this issue is some unknown functionality of the file /admin/read.php?mudi=announContent. The manipulation of the argument url leads to path traversal. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-231512."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad en OTCMS hasta la versi\u00f3n 6.62 y se ha clasificado como problem\u00e1tica. Este problema afecta a una funcionalidad desconocida del archivo \"/admin/read.php?mudi=announContent\". La manipulaci\u00f3n del argumento url conduce a un salto de ruta. El exploit ha sido revelado al p\u00fablico y puede ser utilizado. El identificador de esta vulnerabilidad es VDB-231512. "
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -61,7 +87,7 @@
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
@ -69,20 +95,58 @@
"value": "CWE-22"
}
]
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:otcms:otcms:*:*:*:*:*:*:*:*",
"versionEndIncluding": "6.62",
"matchCriteriaId": "D15D5B62-76C4-47E8-8039-402DDCC3E233"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/HuBenLab/HuBenVulList/blob/main/OTCMS%20was%20discovered%20to%20contain%20an%20arbitrary%20file%20read%20vulenrability%20via%20the%20filename.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
},
{
"url": "https://vuldb.com/?ctiid.231512",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.231512",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-331xx/CVE-2023-33141.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-33141",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-06-23T02:15:09.513",
"lastModified": "2023-06-23T02:15:09.513",
"vulnStatus": "Received",
"lastModified": "2023-06-23T13:03:31.027",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-332xx/CVE-2023-33299.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-33299",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2023-06-23T08:15:09.483",
"lastModified": "2023-06-23T08:15:09.483",
"vulnStatus": "Received",
"lastModified": "2023-06-23T13:03:31.027",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

59
CVE-2023/CVE-2023-33xx/CVE-2023-3302.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-3302",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-06-23T13:15:10.517",
"lastModified": "2023-06-23T13:15:10.517",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Formula Elements in a CSV File in GitHub repository admidio/admidio prior to 4.2.9."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.6,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.3,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-1236"
}
]
}
],
"references": [
{
"url": "https://github.com/admidio/admidio/commit/c87a7074a1a73c4851263060afd76aa4d5b6415f",
"source": "security@huntr.dev"
},
{
"url": "https://huntr.dev/bounties/5e18619f-8379-464a-aad2-65883bb4e81a",
"source": "security@huntr.dev"
}
]
}

59
CVE-2023/CVE-2023-33xx/CVE-2023-3303.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-3303",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-06-23T13:15:10.587",
"lastModified": "2023-06-23T13:15:10.587",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Improper Access Control in GitHub repository admidio/admidio prior to 4.2.9."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.6,
"impactScore": 4.7
}
]
},
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"references": [
{
"url": "https://github.com/admidio/admidio/commit/3d8bafaa4e9b7a314ffdf548622a8c7b38faee8a",
"source": "security@huntr.dev"
},
{
"url": "https://huntr.dev/bounties/65d260cc-55a9-4e71-888d-cb2f66c071af",
"source": "security@huntr.dev"
}
]
}

59
CVE-2023/CVE-2023-33xx/CVE-2023-3304.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-3304",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-06-23T13:15:10.663",
"lastModified": "2023-06-23T13:15:10.663",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Improper Access Control in GitHub repository admidio/admidio prior to 4.2.9."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.6,
"impactScore": 4.2
}
]
},
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"references": [
{
"url": "https://github.com/admidio/admidio/commit/3b248b7d5e0e60a00ee2f9a6908d538d62a5837f",
"source": "security@huntr.dev"
},
{
"url": "https://huntr.dev/bounties/721fae61-3c8c-4e4b-8407-64321bc0ed17",
"source": "security@huntr.dev"
}
]
}

4
CVE-2023/CVE-2023-33xx/CVE-2023-3380.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3380",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-06-23T10:15:10.717",
"lastModified": "2023-06-23T10:15:10.717",
"vulnStatus": "Received",
"lastModified": "2023-06-23T13:03:24.293",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-33xx/CVE-2023-3381.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3381",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-06-23T10:15:10.803",
"lastModified": "2023-06-23T10:15:10.803",
"vulnStatus": "Received",
"lastModified": "2023-06-23T13:03:24.293",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-33xx/CVE-2023-3382.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3382",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-06-23T10:15:10.880",
"lastModified": "2023-06-23T10:15:10.880",
"vulnStatus": "Received",
"lastModified": "2023-06-23T13:03:24.293",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-33xx/CVE-2023-3383.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3383",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-06-23T11:15:10.030",
"lastModified": "2023-06-23T11:15:10.030",
"vulnStatus": "Received",
"lastModified": "2023-06-23T13:03:18.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

55
CVE-2023/CVE-2023-340xx/CVE-2023-34012.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-34012",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-06-23T12:15:09.687",
"lastModified": "2023-06-23T13:03:18.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Premium Addons for Elementor Premium Addons PRO plugin <=\u00a02.8.24 versions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/premium-addons-pro/wordpress-premium-addons-pro-plugin-2-8-24-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

55
CVE-2023/CVE-2023-340xx/CVE-2023-34021.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-34021",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-06-23T12:15:09.760",
"lastModified": "2023-06-23T13:03:18.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Andy Moyle Church Admin plugin <=\u00a03.7.29 versions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/church-admin/wordpress-church-admin-plugin-3-7-29-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

4
CVE-2023/CVE-2023-341xx/CVE-2023-34110.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34110",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-06-22T23:15:09.410",
"lastModified": "2023-06-22T23:15:09.410",
"vulnStatus": "Received",
"lastModified": "2023-06-23T13:03:31.027",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-342xx/CVE-2023-34241.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34241",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-06-22T23:15:09.493",
"lastModified": "2023-06-22T23:15:09.493",
"vulnStatus": "Received",
"lastModified": "2023-06-23T13:03:31.027",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-344xx/CVE-2023-34462.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34462",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-06-22T23:15:09.573",
"lastModified": "2023-06-22T23:15:09.573",
"vulnStatus": "Received",
"lastModified": "2023-06-23T13:03:31.027",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

64
CVE-2023/CVE-2023-345xx/CVE-2023-34540.json
View File

@ -2,19 +2,75 @@
"id": "CVE-2023-34540",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-14T15:15:10.287",
"lastModified": "2023-06-14T15:30:49.300",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-23T13:55:51.820",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Langchain 0.0.171 is vulnerable to Arbitrary Code Execution."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:langchain_project:langchain:0.0.171:*:*:*:*:*:*:*",
"matchCriteriaId": "DADE011B-56AA-406F-92CC-9F4311C26EFC"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/hwchase17/langchain/issues/4833",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking"
]
}
]
}

4
CVE-2023/CVE-2023-345xx/CVE-2023-34553.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34553",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-22T21:15:09.367",
"lastModified": "2023-06-22T21:15:09.367",
"vulnStatus": "Received",
"lastModified": "2023-06-23T13:03:39.067",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

55
CVE-2023/CVE-2023-350xx/CVE-2023-35048.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-35048",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-06-23T12:15:09.833",
"lastModified": "2023-06-23T13:03:18.900",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in MagePeople Team Booking and Rental Manager for Bike plugin <=\u00a01.2.1 versions."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "audit@patchstack.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/booking-and-rental-manager-for-woocommerce/wordpress-booking-and-rental-manager-plugin-1-2-1-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
}
]
}

4
CVE-2023/CVE-2023-351xx/CVE-2023-35131.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35131",
"sourceIdentifier": "patrick@puiterwijk.org",
"published": "2023-06-22T21:15:09.413",
"lastModified": "2023-06-22T21:15:09.413",
"vulnStatus": "Received",
"lastModified": "2023-06-23T13:03:39.067",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-351xx/CVE-2023-35132.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35132",
"sourceIdentifier": "patrick@puiterwijk.org",
"published": "2023-06-22T21:15:09.470",
"lastModified": "2023-06-22T21:15:09.470",
"vulnStatus": "Received",
"lastModified": "2023-06-23T13:03:39.067",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-351xx/CVE-2023-35133.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35133",
"sourceIdentifier": "patrick@puiterwijk.org",
"published": "2023-06-22T21:15:09.520",
"lastModified": "2023-06-22T21:15:09.520",
"vulnStatus": "Received",
"lastModified": "2023-06-23T13:03:39.067",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-358xx/CVE-2023-35801.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35801",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-23T06:15:11.767",
"lastModified": "2023-06-23T06:15:11.767",
"vulnStatus": "Received",
"lastModified": "2023-06-23T13:03:31.027",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-361xx/CVE-2023-36191.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36191",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-23T02:15:09.597",
"lastModified": "2023-06-23T02:15:09.597",
"vulnStatus": "Received",
"lastModified": "2023-06-23T13:03:31.027",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-361xx/CVE-2023-36192.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36192",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-23T02:15:09.650",
"lastModified": "2023-06-23T02:15:09.650",
"vulnStatus": "Received",
"lastModified": "2023-06-23T13:03:31.027",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-361xx/CVE-2023-36193.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36193",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-23T02:15:09.703",
"lastModified": "2023-06-23T02:15:09.703",
"vulnStatus": "Received",
"lastModified": "2023-06-23T13:03:31.027",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-363xx/CVE-2023-36354.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36354",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-22T20:15:09.687",
"lastModified": "2023-06-22T20:15:09.687",
"vulnStatus": "Received",
"lastModified": "2023-06-23T13:03:39.067",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-363xx/CVE-2023-36355.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36355",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-22T20:15:09.733",
"lastModified": "2023-06-22T20:15:09.733",
"vulnStatus": "Received",
"lastModified": "2023-06-23T13:03:39.067",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-363xx/CVE-2023-36356.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36356",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-22T20:15:09.780",
"lastModified": "2023-06-22T20:15:09.780",
"vulnStatus": "Received",
"lastModified": "2023-06-23T13:03:39.067",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-363xx/CVE-2023-36357.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36357",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-22T20:15:09.823",
"lastModified": "2023-06-22T20:15:09.823",
"vulnStatus": "Received",
"lastModified": "2023-06-23T13:03:39.067",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-363xx/CVE-2023-36358.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36358",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-22T20:15:09.873",
"lastModified": "2023-06-22T20:15:09.873",
"vulnStatus": "Received",
"lastModified": "2023-06-23T13:03:39.067",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-363xx/CVE-2023-36359.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36359",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-22T20:15:09.920",
"lastModified": "2023-06-22T20:15:09.920",
"vulnStatus": "Received",
"lastModified": "2023-06-23T13:03:39.067",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

75
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-06-23T12:00:24.848174+00:00
2023-06-23T14:00:26.879408+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-06-23T11:15:10.030000+00:00
2023-06-23T13:55:51.820000+00:00
```
### Last Data Feed Release
@ -29,44 +29,59 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
218357
218372
```
### CVEs added in the last Commit
Recently added CVEs: `34`
Recently added CVEs: `15`
* [CVE-2023-28041](CVE-2023/CVE-2023-280xx/CVE-2023-28041.json) (`2023-06-23T10:15:10.207`)
* [CVE-2023-28042](CVE-2023/CVE-2023-280xx/CVE-2023-28042.json) (`2023-06-23T10:15:10.280`)
* [CVE-2023-28052](CVE-2023/CVE-2023-280xx/CVE-2023-28052.json) (`2023-06-23T10:15:10.353`)
* [CVE-2023-28054](CVE-2023/CVE-2023-280xx/CVE-2023-28054.json) (`2023-06-23T10:15:10.420`)
* [CVE-2023-28056](CVE-2023/CVE-2023-280xx/CVE-2023-28056.json) (`2023-06-23T10:15:10.490`)
* [CVE-2023-28059](CVE-2023/CVE-2023-280xx/CVE-2023-28059.json) (`2023-06-23T10:15:10.563`)
* [CVE-2023-28061](CVE-2023/CVE-2023-280xx/CVE-2023-28061.json) (`2023-06-23T10:15:10.630`)
* [CVE-2023-3380](CVE-2023/CVE-2023-33xx/CVE-2023-3380.json) (`2023-06-23T10:15:10.717`)
* [CVE-2023-3381](CVE-2023/CVE-2023-33xx/CVE-2023-3381.json) (`2023-06-23T10:15:10.803`)
* [CVE-2023-3382](CVE-2023/CVE-2023-33xx/CVE-2023-3382.json) (`2023-06-23T10:15:10.880`)
* [CVE-2023-25938](CVE-2023/CVE-2023-259xx/CVE-2023-25938.json) (`2023-06-23T11:15:08.997`)
* [CVE-2023-28026](CVE-2023/CVE-2023-280xx/CVE-2023-28026.json) (`2023-06-23T11:15:09.073`)
* [CVE-2023-28027](CVE-2023/CVE-2023-280xx/CVE-2023-28027.json) (`2023-06-23T11:15:09.143`)
* [CVE-2023-28031](CVE-2023/CVE-2023-280xx/CVE-2023-28031.json) (`2023-06-23T11:15:09.210`)
* [CVE-2023-28034](CVE-2023/CVE-2023-280xx/CVE-2023-28034.json) (`2023-06-23T11:15:09.280`)
* [CVE-2023-28036](CVE-2023/CVE-2023-280xx/CVE-2023-28036.json) (`2023-06-23T11:15:09.347`)
* [CVE-2023-28044](CVE-2023/CVE-2023-280xx/CVE-2023-28044.json) (`2023-06-23T11:15:09.417`)
* [CVE-2023-28050](CVE-2023/CVE-2023-280xx/CVE-2023-28050.json) (`2023-06-23T11:15:09.490`)
* [CVE-2023-28058](CVE-2023/CVE-2023-280xx/CVE-2023-28058.json) (`2023-06-23T11:15:09.560`)
* [CVE-2023-28060](CVE-2023/CVE-2023-280xx/CVE-2023-28060.json) (`2023-06-23T11:15:09.630`)
* [CVE-2023-28064](CVE-2023/CVE-2023-280xx/CVE-2023-28064.json) (`2023-06-23T11:15:09.697`)
* [CVE-2023-28071](CVE-2023/CVE-2023-280xx/CVE-2023-28071.json) (`2023-06-23T11:15:09.790`)
* [CVE-2023-28073](CVE-2023/CVE-2023-280xx/CVE-2023-28073.json) (`2023-06-23T11:15:09.863`)
* [CVE-2023-32480](CVE-2023/CVE-2023-324xx/CVE-2023-32480.json) (`2023-06-23T11:15:09.937`)
* [CVE-2023-3383](CVE-2023/CVE-2023-33xx/CVE-2023-3383.json) (`2023-06-23T11:15:10.030`)
* [CVE-2023-28065](CVE-2023/CVE-2023-280xx/CVE-2023-28065.json) (`2023-06-23T12:15:09.340`)
* [CVE-2023-29860](CVE-2023/CVE-2023-298xx/CVE-2023-29860.json) (`2023-06-23T12:15:09.420`)
* [CVE-2023-30258](CVE-2023/CVE-2023-302xx/CVE-2023-30258.json) (`2023-06-23T12:15:09.473`)
* [CVE-2023-30260](CVE-2023/CVE-2023-302xx/CVE-2023-30260.json) (`2023-06-23T12:15:09.520`)
* [CVE-2023-30362](CVE-2023/CVE-2023-303xx/CVE-2023-30362.json) (`2023-06-23T12:15:09.573`)
* [CVE-2023-34012](CVE-2023/CVE-2023-340xx/CVE-2023-34012.json) (`2023-06-23T12:15:09.687`)
* [CVE-2023-34021](CVE-2023/CVE-2023-340xx/CVE-2023-34021.json) (`2023-06-23T12:15:09.760`)
* [CVE-2023-35048](CVE-2023/CVE-2023-350xx/CVE-2023-35048.json) (`2023-06-23T12:15:09.833`)
* [CVE-2023-27427](CVE-2023/CVE-2023-274xx/CVE-2023-27427.json) (`2023-06-23T13:15:10.130`)
* [CVE-2023-28751](CVE-2023/CVE-2023-287xx/CVE-2023-28751.json) (`2023-06-23T13:15:10.277`)
* [CVE-2023-29100](CVE-2023/CVE-2023-291xx/CVE-2023-29100.json) (`2023-06-23T13:15:10.350`)
* [CVE-2023-32580](CVE-2023/CVE-2023-325xx/CVE-2023-32580.json) (`2023-06-23T13:15:10.427`)
* [CVE-2023-3302](CVE-2023/CVE-2023-33xx/CVE-2023-3302.json) (`2023-06-23T13:15:10.517`)
* [CVE-2023-3303](CVE-2023/CVE-2023-33xx/CVE-2023-3303.json) (`2023-06-23T13:15:10.587`)
* [CVE-2023-3304](CVE-2023/CVE-2023-33xx/CVE-2023-3304.json) (`2023-06-23T13:15:10.663`)
### CVEs modified in the last Commit
Recently modified CVEs: `0`
Recently modified CVEs: `83`
* [CVE-2023-28799](CVE-2023/CVE-2023-287xx/CVE-2023-28799.json) (`2023-06-23T13:03:39.067`)
* [CVE-2023-28800](CVE-2023/CVE-2023-288xx/CVE-2023-28800.json) (`2023-06-23T13:03:39.067`)
* [CVE-2023-2989](CVE-2023/CVE-2023-29xx/CVE-2023-2989.json) (`2023-06-23T13:03:39.067`)
* [CVE-2023-2990](CVE-2023/CVE-2023-29xx/CVE-2023-2990.json) (`2023-06-23T13:03:39.067`)
* [CVE-2023-2991](CVE-2023/CVE-2023-29xx/CVE-2023-2991.json) (`2023-06-23T13:03:39.067`)
* [CVE-2023-32571](CVE-2023/CVE-2023-325xx/CVE-2023-32571.json) (`2023-06-23T13:03:39.067`)
* [CVE-2023-36354](CVE-2023/CVE-2023-363xx/CVE-2023-36354.json) (`2023-06-23T13:03:39.067`)
* [CVE-2023-36355](CVE-2023/CVE-2023-363xx/CVE-2023-36355.json) (`2023-06-23T13:03:39.067`)
* [CVE-2023-36356](CVE-2023/CVE-2023-363xx/CVE-2023-36356.json) (`2023-06-23T13:03:39.067`)
* [CVE-2023-36357](CVE-2023/CVE-2023-363xx/CVE-2023-36357.json) (`2023-06-23T13:03:39.067`)
* [CVE-2023-36358](CVE-2023/CVE-2023-363xx/CVE-2023-36358.json) (`2023-06-23T13:03:39.067`)
* [CVE-2023-36359](CVE-2023/CVE-2023-363xx/CVE-2023-36359.json) (`2023-06-23T13:03:39.067`)
* [CVE-2023-28094](CVE-2023/CVE-2023-280xx/CVE-2023-28094.json) (`2023-06-23T13:03:39.067`)
* [CVE-2023-30347](CVE-2023/CVE-2023-303xx/CVE-2023-30347.json) (`2023-06-23T13:03:39.067`)
* [CVE-2023-32320](CVE-2023/CVE-2023-323xx/CVE-2023-32320.json) (`2023-06-23T13:03:39.067`)
* [CVE-2023-34553](CVE-2023/CVE-2023-345xx/CVE-2023-34553.json) (`2023-06-23T13:03:39.067`)
* [CVE-2023-35131](CVE-2023/CVE-2023-351xx/CVE-2023-35131.json) (`2023-06-23T13:03:39.067`)
* [CVE-2023-35132](CVE-2023/CVE-2023-351xx/CVE-2023-35132.json) (`2023-06-23T13:03:39.067`)
* [CVE-2023-35133](CVE-2023/CVE-2023-351xx/CVE-2023-35133.json) (`2023-06-23T13:03:39.067`)
* [CVE-2023-3128](CVE-2023/CVE-2023-31xx/CVE-2023-3128.json) (`2023-06-23T13:03:39.067`)
* [CVE-2023-27083](CVE-2023/CVE-2023-270xx/CVE-2023-27083.json) (`2023-06-23T13:03:44.217`)
* [CVE-2023-3239](CVE-2023/CVE-2023-32xx/CVE-2023-3239.json) (`2023-06-23T13:28:51.677`)
* [CVE-2023-3237](CVE-2023/CVE-2023-32xx/CVE-2023-3237.json) (`2023-06-23T13:35:23.420`)
* [CVE-2023-3238](CVE-2023/CVE-2023-32xx/CVE-2023-3238.json) (`2023-06-23T13:39:37.757`)
* [CVE-2023-34540](CVE-2023/CVE-2023-345xx/CVE-2023-34540.json) (`2023-06-23T13:55:51.820`)
## Download and Usage