admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-09-21T20:00:24.924457+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-09-21 20:00:28 +00:00
parent 21e7da0caa
commit 891bf52eb4
37 changed files with 2211 additions and 162 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
CVE-2019/CVE-2019-10102xx/CVE-2019-1010283.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2019-1010283",
"sourceIdentifier": "josh@bress.net",
"published": "2019-07-17T21:15:11.013",
"lastModified": "2019-10-09T23:44:18.820",
"vulnStatus": "Modified",
"lastModified": "2023-09-21T18:27:26.013",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -15,13 +15,13 @@
}
],
"metrics": {
"cvssMetricV30": [
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
@ -94,9 +94,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:univention:univention_corporate_server:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:o:univention:univention_corporate_server:*:*:*:*:*:*:*:*",
"versionEndIncluding": "12.0.1-3",
"matchCriteriaId": "B90B497F-E2CC-400B-99E3-00EFB63A658A"
"matchCriteriaId": "3303CE7F-26C3-4317-9374-839FB391EB39"
}
]
}

99
CVE-2022/CVE-2022-475xx/CVE-2022-47554.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2022-47554",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2023-09-19T13:16:19.653",
"lastModified": "2023-09-19T13:23:09.283",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-21T19:44:10.443",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "** UNSUPPPORTED WHEN ASSIGNED ** Exposure of sensitive information in ekorCCP and ekorRCI, potentially allowing a remote attacker to obtain critical information from various .xml files, including .xml files containing credentials, without being authenticated within the web server."
},
{
"lang": "es",
"value": "** NO COMPATIBLE CUANDO EST\u00c1 ASIGNADO ** Exposici\u00f3n de informaci\u00f3n sensible en ekorCCP y ekorRCI, permitiendo potencialmente a un atacante remoto obtener informaci\u00f3n cr\u00edtica de varios archivos .xml, incluidos archivos .xml que contienen credenciales, sin estar autenticado dentro del servidor web."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
@ -35,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
@ -46,10 +80,69 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:ormazabal:ekorrci_firmware:601j:*:*:*:*:*:*:*",
"matchCriteriaId": "34615054-34DD-469E-80FC-F5C3F74850AC"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:ormazabal:ekorrci:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C5E73387-2229-4A85-A3A7-A0A2C1D74EA6"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:ormazabal:ekorccp_firmware:601j:*:*:*:*:*:*:*",
"matchCriteriaId": "3A8F0358-F8FA-4AEB-B88E-C56E2E965B7B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:ormazabal:ekorccp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "77B2D423-E767-495C-93C7-4C4B724BE3E3"
}
]
}
]
}
],
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso-sci/multiple-vulnerabilities-ormazabal-products",
"source": "cve-coordination@incibe.es"
"source": "cve-coordination@incibe.es",
"tags": [
"Third Party Advisory"
]
}
]
}

95
CVE-2022/CVE-2022-475xx/CVE-2022-47559.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-47559",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2023-09-19T14:15:15.807",
"lastModified": "2023-09-19T17:57:31.250",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-21T19:53:58.710",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
},
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
@ -50,10 +80,69 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:ormazabal:ekorrci_firmware:601j:*:*:*:*:*:*:*",
"matchCriteriaId": "34615054-34DD-469E-80FC-F5C3F74850AC"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:ormazabal:ekorrci:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C5E73387-2229-4A85-A3A7-A0A2C1D74EA6"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:ormazabal:ekorccp_firmware:601j:*:*:*:*:*:*:*",
"matchCriteriaId": "3A8F0358-F8FA-4AEB-B88E-C56E2E965B7B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:ormazabal:ekorccp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "77B2D423-E767-495C-93C7-4C4B724BE3E3"
}
]
}
]
}
],
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso-sci/multiple-vulnerabilities-ormazabal-products",
"source": "cve-coordination@incibe.es"
"source": "cve-coordination@incibe.es",
"tags": [
"Third Party Advisory"
]
}
]
}

354
CVE-2023/CVE-2023-07xx/CVE-2023-0773.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-0773",
"sourceIdentifier": "vdisclose@cert-in.org.in",
"published": "2023-09-19T10:15:07.743",
"lastModified": "2023-09-19T13:23:09.283",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-21T19:24:14.093",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "vdisclose@cert-in.org.in",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
},
{
"source": "vdisclose@cert-in.org.in",
"type": "Secondary",
@ -50,14 +80,330 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:uniview:ipc322lb-sf28-a_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "cipc-b2303.2.8.230105",
"matchCriteriaId": "B5C7EDBF-EB9D-442F-ADA7-100AFC0D7286"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:uniview:ipc322lb-sf28-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5298AFB-78CE-4658-8BBA-B8B493B888A0"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:uniview:ipc322lb-sf28-a_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "dipc-b1213.6.5.230215",
"matchCriteriaId": "D008165F-F5E4-4016-BDB2-0864E4F02A29"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:uniview:ipc322lb-sf28-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5298AFB-78CE-4658-8BBA-B8B493B888A0"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:uniview:ipc322lb-sf28-a_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "dipc-b1216.5.7.230109",
"matchCriteriaId": "1FFB54FF-9206-4C1D-8AAA-E42FE8BB0093"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:uniview:ipc322lb-sf28-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5298AFB-78CE-4658-8BBA-B8B493B888A0"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:uniview:ipc322lb-sf28-a_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "dipc-b1221.3.5.221202",
"matchCriteriaId": "52498C65-6EB4-42A5-BF79-13523E20A0C9"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:uniview:ipc322lb-sf28-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5298AFB-78CE-4658-8BBA-B8B493B888A0"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:uniview:ipc322lb-sf28-a_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "dipc-b1222.3.8.230223",
"matchCriteriaId": "56A662E6-FFF9-47EB-868D-DE16F886C581"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:uniview:ipc322lb-sf28-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5298AFB-78CE-4658-8BBA-B8B493B888A0"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:uniview:ipc322lb-sf28-a_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "dipc-b1225.3.3.221123",
"matchCriteriaId": "7E5B7EB5-E269-4185-BBF8-4D23A6E2E9BC"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:uniview:ipc322lb-sf28-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5298AFB-78CE-4658-8BBA-B8B493B888A0"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:uniview:ipc322lb-sf28-a_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "dipc-b1226.3.6.230105",
"matchCriteriaId": "BEF7FC48-2097-4194-A45B-E1F6347F33E9"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:uniview:ipc322lb-sf28-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5298AFB-78CE-4658-8BBA-B8B493B888A0"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:uniview:ipc322lb-sf28-a_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "dipc-b1219.2.67.221019",
"matchCriteriaId": "23F6F87F-223D-4957-82F9-21E756833871"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:uniview:ipc322lb-sf28-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5298AFB-78CE-4658-8BBA-B8B493B888A0"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:uniview:ipc322lb-sf28-a_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "dipc-b1223.3.3.221123",
"matchCriteriaId": "09393513-A9F8-4DC9-9492-2474C245E1D2"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:uniview:ipc322lb-sf28-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5298AFB-78CE-4658-8BBA-B8B493B888A0"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:uniview:ipc322lb-sf28-a_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "dipc-b1228.2.65.230207",
"matchCriteriaId": "36C5053B-2A20-423E-96B6-6D5CDCF76A1B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:uniview:ipc322lb-sf28-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5298AFB-78CE-4658-8BBA-B8B493B888A0"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:uniview:ipc322lb-sf28-a_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "dipc-b1229.1.67.230104",
"matchCriteriaId": "370A62EA-B1D2-4D52-A872-B974A2CA6CD5"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:uniview:ipc322lb-sf28-a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B5298AFB-78CE-4658-8BBA-B8B493B888A0"
}
]
}
]
}
],
"references": [
{
"url": "https://global.uniview.com/About_Us/Security/Notice/202309/976482_140493_0.htm",
"source": "vdisclose@cert-in.org.in"
"source": "vdisclose@cert-in.org.in",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2023-0270",
"source": "vdisclose@cert-in.org.in"
"source": "vdisclose@cert-in.org.in",
"tags": [
"Third Party Advisory"
]
}
]
}

67
CVE-2023/CVE-2023-239xx/CVE-2023-23957.json
View File

@ -2,19 +2,78 @@
"id": "CVE-2023-23957",
"sourceIdentifier": "secure@symantec.com",
"published": "2023-09-19T13:16:21.653",
"lastModified": "2023-09-19T13:23:09.283",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-21T19:50:10.113",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An authenticated user can see and modify the value for \u2018next\u2019 query parameter in Symantec Identity Portal 14.4"
},
{
"lang": "es",
"value": "Un usuario autenticado puede ver y modificar el valor del par\u00e1metro de consulta 'next' en Symantec Identity Portal 14.4"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-601"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:symantec:identity_portal:14.4:*:*:*:*:*:*:*",
"matchCriteriaId": "64E2DBBA-7E83-4EDA-9234-68A46C1B11C7"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://support.broadcom.com/external/content/SecurityAdvisories/0/22544",
"source": "secure@symantec.com"
"source": "secure@symantec.com",
"tags": [
"Vendor Advisory"
]
}
]
}

79
CVE-2023/CVE-2023-25xx/CVE-2023-2567.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2567",
"sourceIdentifier": "prodsec@nozominetworks.com",
"published": "2023-09-19T11:16:19.333",
"lastModified": "2023-09-19T13:23:09.283",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-21T18:59:18.827",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
},
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
@ -50,10 +80,53 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nozominetworks:cmc:*:*:*:*:*:*:*:*",
"versionStartIncluding": "22.6.0",
"versionEndExcluding": "22.6.3",
"matchCriteriaId": "6F56421F-B321-4FF0-BFE4-867649B582BB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nozominetworks:cmc:*:*:*:*:*:*:*:*",
"versionStartIncluding": "23.0.0",
"versionEndExcluding": "23.1.0",
"matchCriteriaId": "C27BB1A9-96D5-4B46-B187-670EABD91C48"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nozominetworks:guardian:*:*:*:*:*:*:*:*",
"versionStartIncluding": "22.6.0",
"versionEndExcluding": "22.6.3",
"matchCriteriaId": "4B3C9AEC-3A2D-4702-BC84-41595F30430D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nozominetworks:guardian:*:*:*:*:*:*:*:*",
"versionStartIncluding": "23.0.0",
"versionEndExcluding": "23.1.0",
"matchCriteriaId": "981F37FF-F82D-46CB-B9E7-F16F319583F4"
}
]
}
]
}
],
"references": [
{
"url": "https://security.nozominetworks.com/NN-2023:9-01",
"source": "prodsec@nozominetworks.com"
"source": "prodsec@nozominetworks.com",
"tags": [
"Vendor Advisory"
]
}
]
}

71
CVE-2023/CVE-2023-261xx/CVE-2023-26143.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-26143",
"sourceIdentifier": "report@snyk.io",
"published": "2023-09-19T05:17:10.443",
"lastModified": "2023-09-19T13:23:09.283",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-21T19:28:36.640",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2
},
{
"source": "report@snyk.io",
"type": "Secondary",
@ -38,18 +58,59 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-88"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:blamer_project:blamer:*:*:*:*:*:node.js:*:*",
"versionEndExcluding": "1.0.4",
"matchCriteriaId": "A8E6FC04-030F-4B2D-9484-213E324BBB7A"
}
]
}
]
}
],
"references": [
{
"url": "https://gist.github.com/lirantal/14c3686370a86461f555d3f0703e02f9",
"source": "report@snyk.io"
"source": "report@snyk.io",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://github.com/kucherenko/blamer/commit/0965877f115753371a2570f10a63c455d2b2cde3",
"source": "report@snyk.io"
"source": "report@snyk.io",
"tags": [
"Patch"
]
},
{
"url": "https://security.snyk.io/vuln/SNYK-JS-BLAMER-5731318",
"source": "report@snyk.io"
"source": "report@snyk.io",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

79
CVE-2023/CVE-2023-292xx/CVE-2023-29245.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-29245",
"sourceIdentifier": "prodsec@nozominetworks.com",
"published": "2023-09-19T11:16:18.100",
"lastModified": "2023-09-19T13:23:09.283",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-21T18:52:45.453",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 5.2
},
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
},
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
@ -50,10 +80,53 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nozominetworks:cmc:*:*:*:*:*:*:*:*",
"versionStartIncluding": "22.6.0",
"versionEndExcluding": "22.6.3",
"matchCriteriaId": "6F56421F-B321-4FF0-BFE4-867649B582BB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nozominetworks:cmc:*:*:*:*:*:*:*:*",
"versionStartIncluding": "23.0.0",
"versionEndExcluding": "23.1.0",
"matchCriteriaId": "C27BB1A9-96D5-4B46-B187-670EABD91C48"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nozominetworks:guardian:*:*:*:*:*:*:*:*",
"versionStartIncluding": "22.6.0",
"versionEndExcluding": "22.6.3",
"matchCriteriaId": "4B3C9AEC-3A2D-4702-BC84-41595F30430D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nozominetworks:guardian:*:*:*:*:*:*:*:*",
"versionStartIncluding": "23.0.0",
"versionEndExcluding": "23.1.0",
"matchCriteriaId": "981F37FF-F82D-46CB-B9E7-F16F319583F4"
}
]
}
]
}
],
"references": [
{
"url": "https://security.nozominetworks.com/NN-2023:11-01",
"source": "prodsec@nozominetworks.com"
"source": "prodsec@nozominetworks.com",
"tags": [
"Vendor Advisory"
]
}
]
}

8
CVE-2023/CVE-2023-300xx/CVE-2023-30013.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30013",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-05T14:15:09.147",
"lastModified": "2023-05-11T17:14:10.497",
"vulnStatus": "Analyzed",
"lastModified": "2023-09-21T18:15:11.887",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -81,6 +81,10 @@
}
],
"references": [
{
"url": "http://packetstormsecurity.com/files/174799/TOTOLINK-Wireless-Routers-Remote-Command-Execution.html",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/Kazamayc/vuln/tree/main/TOTOLINK/X5000R/2",
"source": "cve@mitre.org",

16
CVE-2023/CVE-2023-320xx/CVE-2023-32003.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-32003",
"sourceIdentifier": "support@hackerone.com",
"published": "2023-08-15T16:15:10.970",
"lastModified": "2023-09-15T14:15:09.857",
"vulnStatus": "Modified",
"lastModified": "2023-09-21T19:38:19.270",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "`fs.mkdtemp()` and `fs.mkdtempSync()` can be used to bypass the permission model check using a path traversal attack. This flaw arises from a missing check in the fs.mkdtemp() API and the impact is a malicious actor could create an arbitrary directory.\n\nThis vulnerability affects all users using the experimental permission model in Node.js 20.\n\nPlease note that at the time this CVE was issued, the permission model is an experimental feature of Node.js."
},
{
"lang": "es",
"value": "fs.mkdtemp()' y 'fs.mkdtempSync()' se pueden usar para omitir la comprobaci\u00f3n del modelo de permisos mediante un ataque Path Traversal. Esta falla surge de una comprobaci\u00f3n faltante en la API fs.mkdtemp() y el impacto es que un actor malicioso podr\u00eda crear un directorio arbitrario. Esta vulnerabilidad afecta a todos los usuarios que usan el modelo de permisos experimental en Node.js 20. Tenga en cuenta que en el momento en que se emiti\u00f3 este CVE, el modelo de permisos es una caracter\u00edstica experimental de Node.js."
}
],
"metrics": {
@ -56,8 +60,9 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*",
"versionStartIncluding": "20.0.0",
"versionEndIncluding": "20.5.0",
"matchCriteriaId": "C643F785-3B58-442C-802A-5ED5D5D6566A"
"matchCriteriaId": "145E971E-F0AF-49A7-8A9C-3AAFE01C076B"
}
]
}
@ -110,7 +115,10 @@
},
{
"url": "https://security.netapp.com/advisory/ntap-20230915-0009/",
"source": "support@hackerone.com"
"source": "support@hackerone.com",
"tags": [
"Third Party Advisory"
]
}
]
}

79
CVE-2023/CVE-2023-326xx/CVE-2023-32649.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32649",
"sourceIdentifier": "prodsec@nozominetworks.com",
"published": "2023-09-19T11:16:20.297",
"lastModified": "2023-09-19T13:23:09.283",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-21T19:04:51.733",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
},
{
"source": "prodsec@nozominetworks.com",
"type": "Secondary",
@ -50,10 +80,53 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nozominetworks:cmc:*:*:*:*:*:*:*:*",
"versionStartIncluding": "22.6.0",
"versionEndExcluding": "22.6.3",
"matchCriteriaId": "6F56421F-B321-4FF0-BFE4-867649B582BB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nozominetworks:cmc:*:*:*:*:*:*:*:*",
"versionStartIncluding": "23.0.0",
"versionEndExcluding": "23.1.0",
"matchCriteriaId": "C27BB1A9-96D5-4B46-B187-670EABD91C48"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nozominetworks:guardian:*:*:*:*:*:*:*:*",
"versionStartIncluding": "22.6.0",
"versionEndExcluding": "22.6.3",
"matchCriteriaId": "4B3C9AEC-3A2D-4702-BC84-41595F30430D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nozominetworks:guardian:*:*:*:*:*:*:*:*",
"versionStartIncluding": "23.0.0",
"versionEndExcluding": "23.1.0",
"matchCriteriaId": "981F37FF-F82D-46CB-B9E7-F16F319583F4"
}
]
}
]
}
],
"references": [
{
"url": "https://security.nozominetworks.com/NN-2023:10-01",
"source": "prodsec@nozominetworks.com"
"source": "prodsec@nozominetworks.com",
"tags": [
"Vendor Advisory"
]
}
]
}

63
CVE-2023/CVE-2023-385xx/CVE-2023-38582.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-38582",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2023-09-18T21:15:54.693",
"lastModified": "2023-09-19T03:37:34.150",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-21T19:39:11.370",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "** UNSUPPPORTED WHEN ASSIGNED ** \n\n\n\n\n\n\n\n\nPersistent cross-site scripting (XSS) in the web application of MOD3GP-SY-120K allows an authenticated remote attacker to introduce arbitrary JavaScript by injecting an XSS payload into the field MAIL_RCV. When a legitimate user attempts to access to the vulnerable page of the web application, the XSS payload will be executed.\n\n\n\n\n\n\n\n\n\n"
},
{
"lang": "es",
"value": "** NO COMPATIBLE CUANDO EST\u00c1 ASIGNADO ** Cross-Site Sripting persistente (XSS) en la aplicaci\u00f3n web de MOD3GP-SY-120K permite a un atacante remoto autenticado introducir JavaScript arbitrario inyectando un payload XSS en el campo MAIL_RCV. Cuando un usuario leg\u00edtimo intenta acceder a la p\u00e1gina vulnerable de la aplicaci\u00f3n web, se ejecutar\u00e1 un payload XSS. "
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
@ -46,10 +70,43 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:socomec:modulys_gp_firmware:01.12.10:*:*:*:*:*:*:*",
"matchCriteriaId": "A69C11D7-9B54-4F66-95F3-33B8E6F9E37B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:socomec:modulys_gp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7C795C90-1E56-4F38-B637-6C12DEAF6541"
}
]
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-250-03",
"source": "ics-cert@hq.dhs.gov"
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
]
}
]
}

74
CVE-2023/CVE-2023-390xx/CVE-2023-39058.json
View File

@ -2,23 +2,87 @@
"id": "CVE-2023-39058",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-18T21:15:55.103",
"lastModified": "2023-09-19T03:37:18.983",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-09-21T19:33:37.093",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An information leak in THE_B_members card v13.6.1 allows attackers to obtain the channel access token and send crafted messages."
},
{
"lang": "es",
"value": "Una fuga de informaci\u00f3n en THE_B_members tarjeta v13.6.1 permite a los atacantes obtener el token de acceso al canal y enviar mensajes manipulados."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-668"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:the_b_members_card_project:the_b_members_card:13.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FD5D8BD6-D9E4-4914-AA4C-87EADAAF0D44"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "http://thebmembers.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Not Applicable"
]
},
{
"url": "https://github.com/syz913/CVE-reports/blob/main/CVE-2023-39058.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

63
CVE-2023/CVE-2023-394xx/CVE-2023-39446.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-39446",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2023-09-18T21:15:56.117",
"lastModified": "2023-09-19T03:37:18.983",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-21T18:36:06.497",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "** UNSUPPPORTED WHEN ASSIGNED ** \n\n\n\n\n\n\nThanks to the weaknesses that the web application has at the user management level, an attacker could obtain the information from the headers that is necessary to create specially designed URLs and originate malicious actions when a legitimate user is logged into the web application.\n\n\n\n\n\n\n\n"
},
{
"lang": "es",
"value": "** NO COMPATIBLE CUANDO EST\u00c1 ASIGNADO ** Gracias a las debilidades que tiene la aplicaci\u00f3n web a nivel de administraci\u00f3n de usuarios, un atacante podr\u00eda obtener la informaci\u00f3n de los encabezados necesaria para crear URL especialmente dise\u00f1adas y originar acciones maliciosas cuando un usuario leg\u00edtimo inicia sesi\u00f3n en la aplicaci\u00f3n web."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
@ -46,10 +70,43 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:socomec:modulys_gp_firmware:01.12.10:*:*:*:*:*:*:*",
"matchCriteriaId": "A69C11D7-9B54-4F66-95F3-33B8E6F9E37B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:socomec:modulys_gp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7C795C90-1E56-4F38-B637-6C12DEAF6541"
}
]
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-250-03",
"source": "ics-cert@hq.dhs.gov"
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
]
}
]
}

63
CVE-2023/CVE-2023-394xx/CVE-2023-39452.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-39452",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2023-09-18T21:16:04.367",
"lastModified": "2023-09-19T03:37:18.983",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-21T18:30:29.217",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "** UNSUPPPORTED WHEN ASSIGNED ** \n\n\n\n\n\n\n\n\n\n\n\n\n\n\nThe web application that owns the device clearly stores the credentials within the user management section. Obtaining this information can be done remotely due to the incorrect management of the sessions in the web application.\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n"
},
{
"lang": "es",
"value": "** NO COMPATIBLE CUANDO EST\u00c1 ASIGNADO ** La aplicaci\u00f3n web propietaria del dispositivo almacena claramente las credenciales dentro de la secci\u00f3n de administraci\u00f3n de usuarios. La obtenci\u00f3n de esta informaci\u00f3n se puede hacer de forma remota debido a la gesti\u00f3n incorrecta de las sesiones en la aplicaci\u00f3n web. "
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
@ -46,10 +70,43 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:socomec:modulys_gp_firmware:01.12.10:*:*:*:*:*:*:*",
"matchCriteriaId": "A69C11D7-9B54-4F66-95F3-33B8E6F9E37B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:socomec:modulys_gp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7C795C90-1E56-4F38-B637-6C12DEAF6541"
}
]
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-250-03",
"source": "ics-cert@hq.dhs.gov"
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
]
}
]
}

14
CVE-2023/CVE-2023-400xx/CVE-2023-40019.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-40019",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-09-15T20:15:09.637",
"lastModified": "2023-09-21T17:59:10.547",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-09-21T18:04:04.783",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -21,19 +21,19 @@
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{

10
CVE-2023/CVE-2023-404xx/CVE-2023-40442.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-40442",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-09-12T00:15:09.203",
"lastModified": "2023-09-13T03:47:53.460",
"vulnStatus": "Analyzed",
"lastModified": "2023-09-21T19:15:10.193",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in iOS 15.7.8 and iPadOS 15.7.8, macOS Big Sur 11.7.9, macOS Monterey 12.6.8. An app may be able to read sensitive location information."
"value": "A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Big Sur 11.7.9, iOS 15.7.8 and iPadOS 15.7.8, macOS Monterey 12.6.8. An app may be able to read sensitive location information."
},
{
"lang": "es",
"value": "Se solucion\u00f3 un problema de privacidad mejorando la redacci\u00f3n de datos privados para las entradas de registro. Este problema se solucion\u00f3 en iOS 15.7.8 y iPadOS 15.7.8, macOS Big Sur 11.7.9, macOS Monterey 12.6.8. Es posible que una aplicaci\u00f3n pueda leer informaci\u00f3n confidencial de ubicaci\u00f3n."
}
],
"metrics": {

68
CVE-2023/CVE-2023-406xx/CVE-2023-40619.json
View File

@ -2,19 +2,79 @@
"id": "CVE-2023-40619",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-20T18:15:12.433",
"lastModified": "2023-09-20T18:27:45.307",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-21T18:20:39.203",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "phpPgAdmin 7.14.4 and earlier is vulnerable to deserialization of untrusted data which may lead to remote code execution because user-controlled data is directly passed to the PHP 'unserialize()' function in multiple places. An example is the functionality to manage tables in 'tables.php' where the 'ma[]' POST parameter is deserialized."
},
{
"lang": "es",
"value": "phpPgAdmin 7.14.4 y versiones anteriores son vulnerables a la sanitizaci\u00f3n de datos que no son de confianza, lo que puede provocar la ejecuci\u00f3n remota de c\u00f3digo porque los datos controlados por el usuario se pasan directamente a la funci\u00f3n PHP 'unserialize()' en varios lugares. Un ejemplo es la funcionalidad para administrar tablas en 'tables.php' donde se deserializa el par\u00e1metro POST 'ma[]'."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-502"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:phppgadmin_project:phppgadmin:*:*:*:*:*:*:*:*",
"versionEndIncluding": "7.14.4",
"matchCriteriaId": "CFC4DC01-9BEB-43FC-A53B-FE23FBD57EAA"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/dub-flow/vulnerability-research/tree/main/CVE-2023-40619",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

56
CVE-2023/CVE-2023-40xx/CVE-2023-4094.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4094",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2023-09-19T14:15:22.833",
"lastModified": "2023-09-19T17:57:31.250",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-21T18:58:46.983",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 4.2
},
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
},
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
@ -50,10 +80,30 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fujitsu:arconte_aurea:1.5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5718D4D2-D570-4848-A1BA-031A0E8C548A"
}
]
}
]
}
],
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-fujitsu-arconte-aurea",
"source": "cve-coordination@incibe.es"
"source": "cve-coordination@incibe.es",
"tags": [
"Vendor Advisory"
]
}
]
}

58
CVE-2023/CVE-2023-40xx/CVE-2023-4096.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4096",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2023-09-19T14:15:25.567",
"lastModified": "2023-09-19T17:57:31.250",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-21T19:24:07.507",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 4.2
},
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
@ -38,10 +58,42 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-640"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fujitsu:arconte_aurea:1.5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5718D4D2-D570-4848-A1BA-031A0E8C548A"
}
]
}
]
}
],
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-fujitsu-arconte-aurea",
"source": "cve-coordination@incibe.es"
"source": "cve-coordination@incibe.es",
"tags": [
"Third Party Advisory"
]
}
]
}

20
CVE-2023/CVE-2023-410xx/CVE-2023-41064.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-41064",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-09-07T18:15:07.727",
"lastModified": "2023-09-18T13:15:08.607",
"lastModified": "2023-09-21T19:15:10.657",
"vulnStatus": "Modified",
"cisaExploitAdd": "2023-09-11",
"cisaActionDue": "2023-10-02",
@ -11,7 +11,11 @@
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.6.9, macOS Big Sur 11.7.10, macOS Ventura 13.5.2, iOS 16.6.1 and iPadOS 16.6.1, iOS 15.7.9 and iPadOS 15.7.9. Processing a maliciously crafted image may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited."
"value": "A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 16.6.1 and iPadOS 16.6.1, macOS Monterey 12.6.9, macOS Ventura 13.5.2, iOS 15.7.9 and iPadOS 15.7.9, macOS Big Sur 11.7.10. Processing a maliciously crafted image may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited."
},
{
"lang": "es",
"value": "Se solucion\u00f3 un problema de Desbordamiento de B\u00fafer de manejo de la memoria mejorada. Este problema se solucion\u00f3 en macOS Monterey 12.6.9, macOS Big Sur 11.7.10, macOS Ventura 13.5.2, iOS 16.6.1 y iPadOS 16.6.1, iOS 15.7.9 y iPadOS 15.7.9. El procesamiento de una imagen creada con fines maliciosos puede provocar la ejecuci\u00f3n de c\u00f3digo arbitrario. Apple est\u00e1 al tanto de un informe de que este problema puede haber sido explotado activamente."
}
],
"metrics": {
@ -109,18 +113,6 @@
}
],
"references": [
{
"url": "http://seclists.org/fulldisclosure/2023/Sep/7",
"source": "product-security@apple.com"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Sep/8",
"source": "product-security@apple.com"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Sep/9",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213905",
"source": "product-security@apple.com",

10
CVE-2023/CVE-2023-419xx/CVE-2023-41990.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-41990",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-09-12T00:15:09.463",
"lastModified": "2023-09-13T03:47:13.607",
"vulnStatus": "Analyzed",
"lastModified": "2023-09-21T19:15:10.970",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "The issue was addressed with improved handling of caches. This issue is fixed in macOS Ventura 13.2, iOS 15.7.8 and iPadOS 15.7.8, watchOS 9.3, tvOS 16.3, iOS 16.3 and iPadOS 16.3, macOS Big Sur 11.7.9, macOS Monterey 12.6.8. Processing a font file may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7.1."
"value": "The issue was addressed with improved handling of caches. This issue is fixed in tvOS 16.3, iOS 16.3 and iPadOS 16.3, macOS Monterey 12.6.8, macOS Big Sur 11.7.9, iOS 15.7.8 and iPadOS 15.7.8, macOS Ventura 13.2, watchOS 9.3. Processing a font file may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7.1."
},
{
"lang": "es",
"value": "El problema se solucion\u00f3 mejorando el manejo de los cach\u00e9s. Este problema se solucion\u00f3 en macOS Ventura 13.2, iOS 15.7.8 y iPadOS 15.7.8, watchOS 9.3, tvOS 16.3, iOS 16.3 y iPadOS 16.3, macOS Big Sur 11.7.9, macOS Monterey 12.6.8. El procesamiento de un archivo de fuente puede provocar la ejecuci\u00f3n de c\u00f3digo arbitrario. Apple tiene conocimiento de un informe que indica que este problema puede haber sido explotado activamente en versiones de iOS lanzadas antes de iOS 15.7.1."
}
],
"metrics": {

36
CVE-2023/CVE-2023-419xx/CVE-2023-41991.json Normal file
View File

@ -0,0 +1,36 @@
{
"id": "CVE-2023-41991",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-09-21T19:15:11.283",
"lastModified": "2023-09-21T19:15:11.283",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A certificate validation issue was addressed. This issue is fixed in iOS 16.7 and iPadOS 16.7, OS 17.0.1 and iPadOS 17.0.1, watchOS 9.6.3, macOS Ventura 13.6, watchOS 10.0.1. A malicious app may be able to bypass signature validation. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7."
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/HT213926",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213927",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213928",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213929",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213931",
"source": "product-security@apple.com"
}
]
}

40
CVE-2023/CVE-2023-419xx/CVE-2023-41992.json Normal file
View File

@ -0,0 +1,40 @@
{
"id": "CVE-2023-41992",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-09-21T19:15:11.520",
"lastModified": "2023-09-21T19:15:11.520",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The issue was addressed with improved checks. This issue is fixed in iOS 16.7 and iPadOS 16.7, OS 17.0.1 and iPadOS 17.0.1, watchOS 9.6.3, macOS Ventura 13.6, macOS Monterey 12.7, watchOS 10.0.1. A local attacker may be able to elevate their privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7."
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/HT213926",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213927",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213928",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213929",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213931",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213932",
"source": "product-security@apple.com"
}
]
}

32
CVE-2023/CVE-2023-419xx/CVE-2023-41993.json Normal file
View File

@ -0,0 +1,32 @@
{
"id": "CVE-2023-41993",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-09-21T19:15:11.660",
"lastModified": "2023-09-21T19:15:11.660",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The issue was addressed with improved checks. This issue is fixed in Safari 16.6.1, macOS Ventura 13.6, OS 17.0.1 and iPadOS 17.0.1, iOS 16.7 and iPadOS 16.7. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7."
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/HT213926",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213927",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213930",
"source": "product-security@apple.com"
},
{
"url": "https://support.apple.com/en-us/HT213931",
"source": "product-security@apple.com"
}
]
}

24
CVE-2023/CVE-2023-422xx/CVE-2023-42279.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-42279",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-21T18:15:12.200",
"lastModified": "2023-09-21T18:15:12.200",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Dreamer CMS 4.1.3 is vulnerable to SQL Injection."
},
{
"lang": "es",
"value": "Dreamer CMS 4.1.3 es vulnerable a la inyecci\u00f3n SQL."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/zaizainani/-Vulnerability-recurrence-sorting/blob/main/sqlattack-en.pdf",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-422xx/CVE-2023-42280.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-42280",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-21T19:15:11.823",
"lastModified": "2023-09-21T19:15:11.823",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "mee-admin 1.5 is vulnerable to Directory Traversal. The download method in the CommonFileController.java file does not verify the incoming data, resulting in arbitrary file reading."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/zaizainani/-Vulnerability-recurrence-sorting/blob/main/anyfiledown-en.pdf",
"source": "cve@mitre.org"
}
]
}

73
CVE-2023/CVE-2023-423xx/CVE-2023-42399.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-42399",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-19T04:15:55.347",
"lastModified": "2023-09-19T13:23:09.283",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-21T18:39:59.043",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,19 +14,80 @@
"value": "La vulnerabilidad de Cross Site Scripting en xdsoft.net Jodit Editor v.4.0.0-beta.86 permite a un atacante remoto obtener informaci\u00f3n sensible a trav\u00e9s del componente editor de texto enriquecido."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:xdsoft:joditeditor:4.0.0:beta86:*:*:*:*:*:*",
"matchCriteriaId": "74969402-E432-4197-BF0A-E2B20187D58C"
}
]
}
]
}
],
"references": [
{
"url": "http://jodit.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://github.com/xdan/jodit/issues/1017",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://xdsoft.net",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
}
]
}

77
CVE-2023/CVE-2023-424xx/CVE-2023-42441.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-42441",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-09-18T21:16:09.750",
"lastModified": "2023-09-19T03:37:18.983",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-21T18:19:21.420",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Vyper is a Pythonic Smart Contract Language for the Ethereum Virtual Machine (EVM). Starting in version 0.2.9 and prior to version 0.3.10, locks of the type `@nonreentrant(\"\")` or `@nonreentrant('')` do not produce reentrancy checks at runtime. This issue is fixed in version 0.3.10. As a workaround, ensure the lock name is a non-empty string."
},
{
"lang": "es",
"value": "Vyper es un Lenguaje de Contrato Inteligente de Python para la M\u00e1quina Virtual Ethereum (EVM). A partir de la versi\u00f3n 0.2.9 y anteriores a la versi\u00f3n 0.3.10, los bloqueos del tipo '@nonreentrant(\"\")' o '@nonreentrant('')' no producen comprobaciones de reentrada en tiempo de ejecuci\u00f3n. Este problema se corrigi\u00f3 en la versi\u00f3n 0.3.10. Como workaround, aseg\u00farese de que el nombre del bloqueo sea una cadena no vac\u00eda."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -36,8 +60,18 @@
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-667"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -46,18 +80,49 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vyperlang:vyper:*:*:*:*:*:python:*:*",
"versionStartIncluding": "0.2.9",
"versionEndExcluding": "0.3.10",
"matchCriteriaId": "A72ADE58-4A32-4163-9E4D-E79413B0AEFE"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/vyperlang/vyper/commit/0b740280c1e3c5528a20d47b29831948ddcc6d83",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/vyperlang/vyper/pull/3605",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Issue Tracking",
"Patch"
]
},
{
"url": "https://github.com/vyperlang/vyper/security/advisories/GHSA-3hg2-r75x-g69m",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
]
}
]
}

171
CVE-2023/CVE-2023-425xx/CVE-2023-42520.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-42520",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-18T06:15:08.060",
"lastModified": "2023-09-18T13:26:56.797",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-21T18:13:17.640",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,11 +14,174 @@
"value": "Ciertos productos WithSecure permiten un bloqueo remoto de un motor de escaneo mediante el desempaquetado de archivos de datos manipulados. Esto afecta a WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email y Server Security 15, WithSecure Elements Endpoint Protection 17 y versiones posteriores, WithSecure Client Security para Mac 15, WithSecure Elements Endpoint Protection para Mac 17 y versiones posteriores, Linux Security 64 12.0, Linux Protection 12.0 y WithSecure Atlant (anteriormente F-Secure Atlant) 1.0.35-1. "
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:withsecure:client_security:15:*:*:*:*:*:*:*",
"matchCriteriaId": "1755AB17-E9C9-4616-98B4-843B75668CA4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:withsecure:elements_endpoint_protection:*:*:*:*:*:*:*:*",
"versionStartIncluding": "17",
"matchCriteriaId": "B92950AC-F16B-4935-93D8-39E6DC6B0B5A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:withsecure:email_and_server_security:15:*:*:*:*:*:*:*",
"matchCriteriaId": "2E1B31DD-3C88-4826-8E24-588FED197C5D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:withsecure:server_security:15:*:*:*:*:*:*:*",
"matchCriteriaId": "015D02AD-F46F-46DF-9CD8-E0DB78CE17DD"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:withsecure:client_security:15:*:*:*:*:*:*:*",
"matchCriteriaId": "1755AB17-E9C9-4616-98B4-843B75668CA4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:withsecure:elements_endpoint_protection:*:*:*:*:*:*:*:*",
"versionStartIncluding": "17",
"matchCriteriaId": "B92950AC-F16B-4935-93D8-39E6DC6B0B5A"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:withsecure:linux_protection:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FCA1C33E-551B-4CBF-A0C0-663A32611D29"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:withsecure:linux_security_64:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "ACBC6F42-8F62-4599-83F3-9E9147D46129"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:withsecure:atlant:1.0.35-1:*:*:*:*:*:*:*",
"matchCriteriaId": "3BA1712F-D879-44CA-BCAD-49D6533D1E8E"
}
]
}
]
}
],
"references": [
{
"url": "https://www.withsecure.com/en/support/security-advisories",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
}
]
}

67
CVE-2023/CVE-2023-428xx/CVE-2023-42810.json Normal file
View File

@ -0,0 +1,67 @@
{
"id": "CVE-2023-42810",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-09-21T18:15:12.327",
"lastModified": "2023-09-21T18:15:12.327",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "systeminformation is a System Information Library for Node.JS. Versions 5.0.0 through 5.21.6 have a SSID Command Injection Vulnerability. The problem was fixed with a parameter check in version 5.21.7. As a workaround, check or sanitize parameter strings that are passed to `wifiConnections()`, `wifiNetworks()` (string only)."
},
{
"lang": "es",
"value": "systeminformation es System Information Library para Node.JS. Las versiones 5.0.0 a 5.21.6 tienen una vulnerabilidad de inyecci\u00f3n de comando SSID. El problema se solucion\u00f3 con una verificaci\u00f3n de par\u00e1metros en la versi\u00f3n 5.21.7. Como workaround, verifique o sanitize las cadenas de par\u00e1metros que se pasan a `wifiConnections()`, `wifiNetworks()` (solo cadena)."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
}
],
"references": [
{
"url": "https://github.com/sebhildebrandt/systeminformation/commit/7972565812ccb2a610a22911c54c3446f4171392",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/sebhildebrandt/systeminformation/security/advisories/GHSA-gx6r-qc2v-3p3v",
"source": "security-advisories@github.com"
},
{
"url": "https://systeminformation.io/security.html",
"source": "security-advisories@github.com"
}
]
}

67
CVE-2023/CVE-2023-433xx/CVE-2023-43375.json
View File

@ -2,19 +2,78 @@
"id": "CVE-2023-43375",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-20T19:15:12.413",
"lastModified": "2023-09-20T20:18:37.780",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-09-21T18:41:49.407",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Hoteldruid v3.0.5 was discovered to contain multiple SQL injection vulnerabilities at /hoteldruid/clienti.php via the annonascita, annoscaddoc, giornonascita, giornoscaddoc, lingua_cli, mesenascita, and mesescaddoc parameters."
},
{
"lang": "es",
"value": "Se descubri\u00f3 que Hoteldruid v3.0.5 contiene m\u00faltiples vulnerabilidades de inyecci\u00f3n SQL en /hoteldruid/clienti.php a trav\u00e9s de los par\u00e1metros annonascita, annoscaddoc, giornonascita, giornoscaddoc, lingua_cli, mesenascita y mesescaddoc."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:digitaldruid:hoteldruid:3.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D702D98A-1616-4D1A-90F0-CEE49FB8707F"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://flashy-lemonade-192.notion.site/Cross-site-scripting-in-hoteldruid-version-3-0-5-via-multiple-post-parameter-ddbd9a9011744ed2b8fc995bbc9de56d?pvs=4",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Not Applicable"
]
}
]
}

66
CVE-2023/CVE-2023-433xx/CVE-2023-43376.json
View File

@ -2,19 +2,79 @@
"id": "CVE-2023-43376",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-20T19:15:12.487",
"lastModified": "2023-09-20T20:18:37.780",
"lastModified": "2023-09-21T18:36:11.620",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
"lang": "en",
"value": "A cross-site scripting (XSS) vulnerability in /hoteldruid/clienti.php of Hoteldruid v3.0.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the nometipotariffa1 parameter."
},
{
"lang": "es",
"value": "Una vulnerabilidad de Cross-Site Scripting (XSS) en /hoteldruid/clienti.php de Hoteldruid v3.0.5 permite a los atacantes ejecutar scrips web o HTML de su elecci\u00f3n a trav\u00e9s de un payload manipulado inyectada en el par\u00e1metro nometiporiffa1."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:digitaldruid:hoteldruid:3.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D702D98A-1616-4D1A-90F0-CEE49FB8707F"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://flashy-lemonade-192.notion.site/Cross-site-scripting-in-hoteldruid-version-3-0-5-via-nometipotariffa1-post-parameter-703fde27462c43a1aaa1097fb3416cdc?pvs=4",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

68
CVE-2023/CVE-2023-433xx/CVE-2023-43377.json
View File

@ -2,19 +2,79 @@
"id": "CVE-2023-43377",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-20T19:15:12.723",
"lastModified": "2023-09-20T20:18:37.780",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-09-21T18:35:37.720",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A cross-site scripting (XSS) vulnerability in /hoteldruid/visualizza_contratto.php of Hoteldruid v3.0.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the destinatario_email1 parameter."
},
{
"lang": "es",
"value": "Una vulnerabilidad de Cross-Site Scripting (XSS) en /hoteldruid/visualizza_contratto.php de Hoteldruid v3.0.5 permite a los atacantes ejecutar scripts web o HTML de su elecci\u00f3n a trav\u00e9s de un payload manipulado inyectado en el par\u00e1metro destinatario_email1.\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:digitaldruid:hoteldruid:3.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D702D98A-1616-4D1A-90F0-CEE49FB8707F"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://flashy-lemonade-192.notion.site/Cross-site-scripting-in-hoteldruid-version-3-0-5-via-destinatario_email1-post-parameter-0ac6596d5b534dd1b2a49987ad065d1c?pvs=4",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

70
CVE-2023/CVE-2023-50xx/CVE-2023-5009.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-5009",
"sourceIdentifier": "cve@gitlab.com",
"published": "2023-09-19T08:16:07.203",
"lastModified": "2023-09-19T13:23:09.283",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-21T18:44:15.703",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "cve@gitlab.com",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
},
{
"source": "cve@gitlab.com",
"type": "Secondary",
@ -50,14 +80,46 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "13.12",
"versionEndExcluding": "16.2.7",
"matchCriteriaId": "705EDAB3-930B-4B00-BAD7-B5035FB0B1F6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "16.3",
"versionEndExcluding": "16.3.4",
"matchCriteriaId": "5CCAE929-1AE7-4E4E-BBF9-3D2A7D1ACBDA"
}
]
}
]
}
],
"references": [
{
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/425304",
"source": "cve@gitlab.com"
"source": "cve@gitlab.com",
"tags": [
"Broken Link"
]
},
{
"url": "https://hackerone.com/reports/2147126",
"source": "cve@gitlab.com"
"source": "cve@gitlab.com",
"tags": [
"Permissions Required"
]
}
]
}

32
CVE-2023/CVE-2023-50xx/CVE-2023-5054.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-5054",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-09-19T07:15:51.917",
"lastModified": "2023-09-19T13:23:09.283",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-21T18:41:03.767",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -50,14 +50,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:superstorefinder:super_store_finder:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "6.9.2",
"matchCriteriaId": "0E4FE222-85BB-4D75-92B9-CF331B60348A"
}
]
}
]
}
],
"references": [
{
"url": "https://superstorefinder.net/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d31d0553-9378-4c7e-a258-12562aa6b388?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

70
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-09-21T18:00:25.216347+00:00
2023-09-21T20:00:24.924457+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-09-21T17:59:10.547000+00:00
2023-09-21T19:53:58.710000+00:00
```
### Last Data Feed Release
@ -29,50 +29,50 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
226005
226011
```
### CVEs added in the last Commit
Recently added CVEs: `6`
* [CVE-2023-42456](CVE-2023/CVE-2023-424xx/CVE-2023-42456.json) (`2023-09-21T16:15:09.980`)
* [CVE-2023-34577](CVE-2023/CVE-2023-345xx/CVE-2023-34577.json) (`2023-09-21T17:15:16.050`)
* [CVE-2023-42458](CVE-2023/CVE-2023-424xx/CVE-2023-42458.json) (`2023-09-21T17:15:22.483`)
* [CVE-2023-42805](CVE-2023/CVE-2023-428xx/CVE-2023-42805.json) (`2023-09-21T17:15:23.353`)
* [CVE-2023-42806](CVE-2023/CVE-2023-428xx/CVE-2023-42806.json) (`2023-09-21T17:15:23.583`)
* [CVE-2023-42807](CVE-2023/CVE-2023-428xx/CVE-2023-42807.json) (`2023-09-21T17:15:23.950`)
* [CVE-2023-42279](CVE-2023/CVE-2023-422xx/CVE-2023-42279.json) (`2023-09-21T18:15:12.200`)
* [CVE-2023-42810](CVE-2023/CVE-2023-428xx/CVE-2023-42810.json) (`2023-09-21T18:15:12.327`)
* [CVE-2023-41991](CVE-2023/CVE-2023-419xx/CVE-2023-41991.json) (`2023-09-21T19:15:11.283`)
* [CVE-2023-41992](CVE-2023/CVE-2023-419xx/CVE-2023-41992.json) (`2023-09-21T19:15:11.520`)
* [CVE-2023-41993](CVE-2023/CVE-2023-419xx/CVE-2023-41993.json) (`2023-09-21T19:15:11.660`)
* [CVE-2023-42280](CVE-2023/CVE-2023-422xx/CVE-2023-42280.json) (`2023-09-21T19:15:11.823`)
### CVEs modified in the last Commit
Recently modified CVEs: `36`
Recently modified CVEs: `30`
* [CVE-2023-43274](CVE-2023/CVE-2023-432xx/CVE-2023-43274.json) (`2023-09-21T16:08:49.637`)
* [CVE-2023-43309](CVE-2023/CVE-2023-433xx/CVE-2023-43309.json) (`2023-09-21T16:08:49.637`)
* [CVE-2023-43631](CVE-2023/CVE-2023-436xx/CVE-2023-43631.json) (`2023-09-21T16:08:49.637`)
* [CVE-2023-43632](CVE-2023/CVE-2023-436xx/CVE-2023-43632.json) (`2023-09-21T16:08:49.637`)
* [CVE-2023-43633](CVE-2023/CVE-2023-436xx/CVE-2023-43633.json) (`2023-09-21T16:08:49.637`)
* [CVE-2023-43634](CVE-2023/CVE-2023-436xx/CVE-2023-43634.json) (`2023-09-21T16:08:49.637`)
* [CVE-2023-43637](CVE-2023/CVE-2023-436xx/CVE-2023-43637.json) (`2023-09-21T16:08:49.637`)
* [CVE-2023-40183](CVE-2023/CVE-2023-401xx/CVE-2023-40183.json) (`2023-09-21T16:08:49.637`)
* [CVE-2023-41048](CVE-2023/CVE-2023-410xx/CVE-2023-41048.json) (`2023-09-21T16:08:49.637`)
* [CVE-2023-42457](CVE-2023/CVE-2023-424xx/CVE-2023-42457.json) (`2023-09-21T16:08:49.637`)
* [CVE-2023-38557](CVE-2023/CVE-2023-385xx/CVE-2023-38557.json) (`2023-09-21T16:12:01.620`)
* [CVE-2023-41880](CVE-2023/CVE-2023-418xx/CVE-2023-41880.json) (`2023-09-21T16:17:54.780`)
* [CVE-2023-43115](CVE-2023/CVE-2023-431xx/CVE-2023-43115.json) (`2023-09-21T16:27:00.170`)
* [CVE-2023-1409](CVE-2023/CVE-2023-14xx/CVE-2023-1409.json) (`2023-09-21T17:15:15.390`)
* [CVE-2023-35011](CVE-2023/CVE-2023-350xx/CVE-2023-35011.json) (`2023-09-21T17:15:16.340`)
* [CVE-2023-41080](CVE-2023/CVE-2023-410xx/CVE-2023-41080.json) (`2023-09-21T17:15:21.673`)
* [CVE-2023-4807](CVE-2023/CVE-2023-48xx/CVE-2023-4807.json) (`2023-09-21T17:15:24.233`)
* [CVE-2023-34195](CVE-2023/CVE-2023-341xx/CVE-2023-34195.json) (`2023-09-21T17:22:14.967`)
* [CVE-2023-42371](CVE-2023/CVE-2023-423xx/CVE-2023-42371.json) (`2023-09-21T17:26:09.130`)
* [CVE-2023-42387](CVE-2023/CVE-2023-423xx/CVE-2023-42387.json) (`2023-09-21T17:29:49.900`)
* [CVE-2023-41595](CVE-2023/CVE-2023-415xx/CVE-2023-41595.json) (`2023-09-21T17:31:59.773`)
* [CVE-2023-42320](CVE-2023/CVE-2023-423xx/CVE-2023-42320.json) (`2023-09-21T17:37:44.687`)
* [CVE-2023-42328](CVE-2023/CVE-2023-423xx/CVE-2023-42328.json) (`2023-09-21T17:48:17.520`)
* [CVE-2023-4527](CVE-2023/CVE-2023-45xx/CVE-2023-4527.json) (`2023-09-21T17:55:12.113`)
* [CVE-2023-40019](CVE-2023/CVE-2023-400xx/CVE-2023-40019.json) (`2023-09-21T17:59:10.547`)
* [CVE-2023-30013](CVE-2023/CVE-2023-300xx/CVE-2023-30013.json) (`2023-09-21T18:15:11.887`)
* [CVE-2023-42441](CVE-2023/CVE-2023-424xx/CVE-2023-42441.json) (`2023-09-21T18:19:21.420`)
* [CVE-2023-40619](CVE-2023/CVE-2023-406xx/CVE-2023-40619.json) (`2023-09-21T18:20:39.203`)
* [CVE-2023-39452](CVE-2023/CVE-2023-394xx/CVE-2023-39452.json) (`2023-09-21T18:30:29.217`)
* [CVE-2023-43377](CVE-2023/CVE-2023-433xx/CVE-2023-43377.json) (`2023-09-21T18:35:37.720`)
* [CVE-2023-39446](CVE-2023/CVE-2023-394xx/CVE-2023-39446.json) (`2023-09-21T18:36:06.497`)
* [CVE-2023-43376](CVE-2023/CVE-2023-433xx/CVE-2023-43376.json) (`2023-09-21T18:36:11.620`)
* [CVE-2023-42399](CVE-2023/CVE-2023-423xx/CVE-2023-42399.json) (`2023-09-21T18:39:59.043`)
* [CVE-2023-5054](CVE-2023/CVE-2023-50xx/CVE-2023-5054.json) (`2023-09-21T18:41:03.767`)
* [CVE-2023-43375](CVE-2023/CVE-2023-433xx/CVE-2023-43375.json) (`2023-09-21T18:41:49.407`)
* [CVE-2023-5009](CVE-2023/CVE-2023-50xx/CVE-2023-5009.json) (`2023-09-21T18:44:15.703`)
* [CVE-2023-29245](CVE-2023/CVE-2023-292xx/CVE-2023-29245.json) (`2023-09-21T18:52:45.453`)
* [CVE-2023-4094](CVE-2023/CVE-2023-40xx/CVE-2023-4094.json) (`2023-09-21T18:58:46.983`)
* [CVE-2023-2567](CVE-2023/CVE-2023-25xx/CVE-2023-2567.json) (`2023-09-21T18:59:18.827`)
* [CVE-2023-32649](CVE-2023/CVE-2023-326xx/CVE-2023-32649.json) (`2023-09-21T19:04:51.733`)
* [CVE-2023-40442](CVE-2023/CVE-2023-404xx/CVE-2023-40442.json) (`2023-09-21T19:15:10.193`)
* [CVE-2023-41064](CVE-2023/CVE-2023-410xx/CVE-2023-41064.json) (`2023-09-21T19:15:10.657`)
* [CVE-2023-41990](CVE-2023/CVE-2023-419xx/CVE-2023-41990.json) (`2023-09-21T19:15:10.970`)
* [CVE-2023-4096](CVE-2023/CVE-2023-40xx/CVE-2023-4096.json) (`2023-09-21T19:24:07.507`)
* [CVE-2023-0773](CVE-2023/CVE-2023-07xx/CVE-2023-0773.json) (`2023-09-21T19:24:14.093`)
* [CVE-2023-26143](CVE-2023/CVE-2023-261xx/CVE-2023-26143.json) (`2023-09-21T19:28:36.640`)
* [CVE-2023-39058](CVE-2023/CVE-2023-390xx/CVE-2023-39058.json) (`2023-09-21T19:33:37.093`)
* [CVE-2023-32003](CVE-2023/CVE-2023-320xx/CVE-2023-32003.json) (`2023-09-21T19:38:19.270`)
* [CVE-2023-38582](CVE-2023/CVE-2023-385xx/CVE-2023-38582.json) (`2023-09-21T19:39:11.370`)
* [CVE-2023-23957](CVE-2023/CVE-2023-239xx/CVE-2023-23957.json) (`2023-09-21T19:50:10.113`)
## Download and Usage