admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-08 19:47:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-06-30T16:00:33.771640+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-06-30 16:00:37 +00:00
parent 74a969b5c0
commit 8bbba50dd5
28 changed files with 1755 additions and 147 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

66
CVE-2023/CVE-2023-238xx/CVE-2023-23841.json
View File

@ -2,16 +2,53 @@
"id": "CVE-2023-23841",
"sourceIdentifier": "psirt@solarwinds.com",
"published": "2023-06-15T22:15:09.227",
"lastModified": "2023-06-16T03:19:08.410",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-30T15:27:38.070",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "SolarWinds Serv-U is submitting an HTTP request when changing or updating the attributes for File Share or File request.? Part of the URL of the request discloses sensitive data."
},
{
"lang": "es",
"value": "SolarWinds Serv-U est\u00e1 enviando una solicitud HTTP al cambiar o actualizar los atributos de \"File Share\" o \"File Request?\". Parte de la URL de la solicitud revela datos confidenciales. "
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-319"
}
]
},
{
"source": "psirt@solarwinds.com",
"type": "Secondary",
@ -23,10 +60,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:solarwinds:serv-u:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.4",
"matchCriteriaId": "61C98D46-08C2-430A-B3DC-E01F6E3F75BA"
}
]
}
]
}
],
"references": [
{
"url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2023-23841",
"source": "psirt@solarwinds.com"
"source": "psirt@solarwinds.com",
"tags": [
"Vendor Advisory"
]
}
]
}

112
CVE-2023/CVE-2023-288xx/CVE-2023-28800.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28800",
"sourceIdentifier": "cve@zscaler.com",
"published": "2023-06-22T20:15:09.373",
"lastModified": "2023-06-23T13:03:39.067",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-30T15:08:41.290",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "cve@zscaler.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "cve@zscaler.com",
"type": "Secondary",
@ -46,30 +76,96 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zscaler:client_connector:*:*:*:*:*:linux:*:*",
"versionEndExcluding": "1.4",
"matchCriteriaId": "904F4E73-6782-4AD8-8521-FEB473BF11CF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zscaler:client_connector:*:*:*:*:*:iphone_os:*:*",
"versionEndExcluding": "1.9.3",
"matchCriteriaId": "8580E274-19E5-454B-9FA4-F79D6E67C244"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zscaler:client_connector:*:*:*:*:*:chrome_os:*:*",
"versionEndExcluding": "1.10.1",
"matchCriteriaId": "1A4B24E4-D317-4D64-8BBC-EF86290F812C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zscaler:client_connector:*:*:*:*:*:android:*:*",
"versionEndExcluding": "1.10.2",
"matchCriteriaId": "753A378D-ECC2-4CBD-B142-58F413AF5497"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zscaler:client_connector:*:*:*:*:*:windows:*:*",
"versionEndExcluding": "3.7",
"matchCriteriaId": "B549DC33-2238-4356-8079-A7D18323255E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zscaler:client_connector:*:*:*:*:*:macos:*:*",
"versionEndExcluding": "3.9",
"matchCriteriaId": "A2D8B3BE-B451-4596-8FDB-BD43BC2BB923"
}
]
}
]
}
],
"references": [
{
"url": "https://help.zscaler.com/client-connector/client-connector-app-release-summary-2022?applicable_category=Linux&applicable_version=1.4&deployment_date=2022-10-31&id=1420246",
"source": "cve@zscaler.com"
"source": "cve@zscaler.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://help.zscaler.com/client-connector/client-connector-app-release-summary-2023?applicable_category=Android&applicable_version=1.10.2&deployment_date=2023-03-09&id=1447706",
"source": "cve@zscaler.com"
"source": "cve@zscaler.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://help.zscaler.com/client-connector/client-connector-app-release-summary-2023?applicable_category=Chrome%20OS&applicable_version=1.10.1&deployment_date=2023-03-10&id=1447771",
"source": "cve@zscaler.com"
"source": "cve@zscaler.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://help.zscaler.com/client-connector/client-connector-app-release-summary-2023?applicable_category=iOS&applicable_version=1.9.3&deployment_date=2023-03-03&id=1447071",
"source": "cve@zscaler.com"
"source": "cve@zscaler.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://help.zscaler.com/client-connector/client-connector-app-release-summary-2023?applicable_category=macOS&applicable_version=3.9&deployment_date=2023-01-25&id=1443546",
"source": "cve@zscaler.com"
"source": "cve@zscaler.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://help.zscaler.com/zscaler-client-connector/client-connector-app-release-summary-2021?applicable_category=Windows&applicable_version=3.7&deployment_date=2021-11-26&id=1386541",
"source": "cve@zscaler.com"
"source": "cve@zscaler.com",
"tags": [
"Release Notes"
]
}
]
}

69
CVE-2023/CVE-2023-297xx/CVE-2023-29707.json
View File

@ -2,23 +2,82 @@
"id": "CVE-2023-29707",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-22T11:15:09.337",
"lastModified": "2023-06-22T12:51:23.447",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-30T14:03:49.057",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cross Site Scripting (XSS) vulnerability in GBCOM LAC WEB Control Center version lac-1.3.x, allows attackers to create an arbitrary device."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gbcom:lac_web_control_center:lac-1.3.x:*:*:*:*:*:*:*",
"matchCriteriaId": "C0D264BD-61FA-4B43-8385-35E5C632D64D"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/shellpei/GBCOM-XSS/blob/main/CVE-2023-29707",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://holistic-height-e6d.notion.site/GBCOM-LAC-WEB-Control-Center-cross-site-scripting-vulnerability-and-device-permanent-account-creatio-a4f128d7fb8b40e5b6130c6f97e71eaf",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

74
CVE-2023/CVE-2023-297xx/CVE-2023-29708.json
View File

@ -2,23 +2,87 @@
"id": "CVE-2023-29708",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-22T11:15:09.390",
"lastModified": "2023-06-22T12:51:23.447",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-30T15:36:24.177",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in /cgi-bin/adm.cgi in WavLink WavRouter version RPT70HA1.x, allows attackers to force a factory reset via crafted payload."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wavlink:wavrouter_app:rpt70ha1.x:*:*:*:*:android:*:*",
"matchCriteriaId": "0C307490-8DF2-4FF5-BFE5-C750D56688A0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wavlink:wavrouter_app:rpt70ha1.x:*:*:*:*:iphone_os:*:*",
"matchCriteriaId": "9470F923-6D7B-4A48-BC44-3F75DBE7AA29"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/shellpei/WAVLINK-Reset/blob/main/CVE-2023-29708",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://holistic-height-e6d.notion.site/WAVLINK-Wi-Fi-APP-Arbitrary-factory-reset-vulnerability-b2d747693a7442aaa8b045e57bbd8297",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

90
CVE-2023/CVE-2023-302xx/CVE-2023-30222.json
View File

@ -2,23 +2,103 @@
"id": "CVE-2023-30222",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-16T17:15:11.857",
"lastModified": "2023-06-16T18:24:22.883",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-30T15:52:51.067",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An information disclosure vulnerability in 4D SAS 4D Server Application v17, v18, v19 R7 and earlier allows attackers to retrieve password hashes for all users via eavesdropping."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-295"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:4d:server:17:*:*:*:*:*:*:*",
"matchCriteriaId": "D7342973-0BD3-4C09-87D4-BBCA31B84A88"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:4d:server:18:-:*:*:*:*:*:*",
"matchCriteriaId": "D1FA8D11-BBB0-4A10-95CE-FED4448A233C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:4d:server:18:r5:*:*:*:*:*:*",
"matchCriteriaId": "29C6A752-ACED-46A2-AAE7-534B19EC5735"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:4d:server:19:-:*:*:*:*:*:*",
"matchCriteriaId": "43EA872D-1084-4059-A0B4-A9272614B067"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:4d:server:19:r7:*:*:*:*:*:*",
"matchCriteriaId": "78924358-0364-436E-8642-890E2264EC41"
}
]
}
]
}
],
"references": [
{
"url": "https://packetstormsecurity.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Not Applicable",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://www.infigo.is/en/insights/42/information-disclosure-and-broken-authentication-in-4d-sas-4d-server/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
}
]
}

90
CVE-2023/CVE-2023-302xx/CVE-2023-30223.json
View File

@ -2,23 +2,103 @@
"id": "CVE-2023-30223",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-16T17:15:11.897",
"lastModified": "2023-06-16T18:24:22.883",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-30T15:58:40.550",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A broken authentication vulnerability in 4D SAS 4D Server software v17, v18, v19 R7, and earlier allows attackers to send crafted TCP packets containing requests to perform arbitrary actions."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:4d:server:17:*:*:*:*:*:*:*",
"matchCriteriaId": "D7342973-0BD3-4C09-87D4-BBCA31B84A88"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:4d:server:18:-:*:*:*:*:*:*",
"matchCriteriaId": "D1FA8D11-BBB0-4A10-95CE-FED4448A233C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:4d:server:18:r5:*:*:*:*:*:*",
"matchCriteriaId": "29C6A752-ACED-46A2-AAE7-534B19EC5735"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:4d:server:19:-:*:*:*:*:*:*",
"matchCriteriaId": "43EA872D-1084-4059-A0B4-A9272614B067"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:4d:server:19:r7:*:*:*:*:*:*",
"matchCriteriaId": "78924358-0364-436E-8642-890E2264EC41"
}
]
}
]
}
],
"references": [
{
"url": "https://packetstormsecurity.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Not Applicable",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://www.infigo.is/en/insights/42/information-disclosure-and-broken-authentication-in-4d-sas-4d-server/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
}
]
}

82
CVE-2023/CVE-2023-309xx/CVE-2023-30902.json
View File

@ -2,19 +2,93 @@
"id": "CVE-2023-30902",
"sourceIdentifier": "security@trendmicro.com",
"published": "2023-06-26T22:15:09.793",
"lastModified": "2023-06-26T22:22:38.173",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-30T14:15:33.933",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A privilege escalation vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker to unintentionally delete privileged Trend Micro registry keys including its own protected registry keys on affected installations."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:trendmicro:apex_one:*:*:*:*:saas:*:*:*",
"versionEndExcluding": "14.0.12105",
"matchCriteriaId": "2BEB6165-97A6-4EE9-B7D8-66D62469AE79"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:trendmicro:apex_one:2019:*:*:*:*:*:*:*",
"matchCriteriaId": "AF019D2D-C426-4D2D-A254-442CE777B41E"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://success.trendmicro.com/dcx/s/solution/000293108?language=en_US",
"source": "security@trendmicro.com"
"source": "security@trendmicro.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

142
CVE-2023/CVE-2023-323xx/CVE-2023-32388.json
View File

@ -2,39 +2,163 @@
"id": "CVE-2023-32388",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:12.417",
"lastModified": "2023-06-23T19:24:39.577",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-30T14:16:25.170",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in watchOS 9.5, iOS 15.7.6 and iPadOS 15.7.6, macOS Ventura 13.4, iOS 16.5 and iPadOS 16.5, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. An app may be able to bypass Privacy preferences"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.7.6",
"matchCriteriaId": "4EC9E481-57D3-4F4D-A8D2-7DA0272F0706"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0",
"versionEndExcluding": "16.5",
"matchCriteriaId": "830FA87A-4E89-4E04-A8AF-A1FF08D77B2E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.7.6",
"matchCriteriaId": "8B89F737-4ADD-424C-A946-F368A7ABBE6D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0",
"versionEndExcluding": "16.5",
"matchCriteriaId": "424F077B-6678-4CE3-A216-C98E6D48F8AC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "11.0",
"versionEndExcluding": "11.7.7",
"matchCriteriaId": "B59D22F2-6EBD-4943-A009-F740265938AA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "12.0.0",
"versionEndExcluding": "12.6.6",
"matchCriteriaId": "057C3BDA-4822-4256-A016-4B32A05DD3B7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.4",
"matchCriteriaId": "DA07361B-D827-471F-9443-4BE4265D6A3B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "9.5",
"matchCriteriaId": "BE5DB973-7B51-4232-8E1D-231078FE275C"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/HT213757",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213758",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213759",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213760",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213764",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213765",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

70
CVE-2023/CVE-2023-325xx/CVE-2023-32527.json
View File

@ -2,23 +2,83 @@
"id": "CVE-2023-32527",
"sourceIdentifier": "security@trendmicro.com",
"published": "2023-06-26T22:15:10.273",
"lastModified": "2023-06-26T22:22:38.173",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-30T15:19:55.490",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Trend Micro Mobile Security (Enterprise) 9.8 SP5 contains vulnerable .php files that could allow a remote attacker to execute arbitrary code on affected installations.\r\n\r\nPlease note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\r\n\r\nThis is similar to, but not identical to CVE-2023-32528."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:trendmicro:mobile_security:9.8:sp5:*:*:enterprise:windows:*:*",
"matchCriteriaId": "B72F17DB-148B-4426-968C-F7CF94DAF717"
}
]
}
]
}
],
"references": [
{
"url": "https://success.trendmicro.com/dcx/s/solution/000293106?language=en_US",
"source": "security@trendmicro.com"
"source": "security@trendmicro.com",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-590/",
"source": "security@trendmicro.com"
"source": "security@trendmicro.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

70
CVE-2023/CVE-2023-325xx/CVE-2023-32528.json
View File

@ -2,23 +2,83 @@
"id": "CVE-2023-32528",
"sourceIdentifier": "security@trendmicro.com",
"published": "2023-06-26T22:15:10.317",
"lastModified": "2023-06-26T22:22:38.173",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-30T15:17:43.777",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Trend Micro Mobile Security (Enterprise) 9.8 SP5 contains vulnerable .php files that could allow a remote attacker to execute arbitrary code on affected installations.\r\n\r\nPlease note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\r\n\r\nThis is similar to, but not identical to CVE-2023-32527."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:trendmicro:mobile_security:9.8:sp5:*:*:enterprise:windows:*:*",
"matchCriteriaId": "B72F17DB-148B-4426-968C-F7CF94DAF717"
}
]
}
]
}
],
"references": [
{
"url": "https://success.trendmicro.com/dcx/s/solution/000293106?language=en_US",
"source": "security@trendmicro.com"
"source": "security@trendmicro.com",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-591/",
"source": "security@trendmicro.com"
"source": "security@trendmicro.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

70
CVE-2023/CVE-2023-325xx/CVE-2023-32530.json
View File

@ -2,23 +2,83 @@
"id": "CVE-2023-32530",
"sourceIdentifier": "security@trendmicro.com",
"published": "2023-06-26T22:15:10.407",
"lastModified": "2023-06-26T22:22:38.173",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-30T14:33:26.047",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Vulnerable modules of Trend Micro Apex Central (on-premise) contain vulnerabilities which would allow authenticated users to perform a SQL injection that could lead to remote code execution.\r\n\r\nPlease note: an attacker must first obtain authentication on the target system in order to exploit these vulnerabilities.\r\n\r\nThis is similar to, but not identical to CVE-2023-32529."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:trendmicro:apex_central:2019:-:*:*:*:windows:*:*",
"matchCriteriaId": "7F2620DA-8727-43FF-8A4D-72145CDDE4CD"
}
]
}
]
}
],
"references": [
{
"url": "https://success.trendmicro.com/dcx/s/solution/000293107?language=en_US",
"source": "security@trendmicro.com"
"source": "security@trendmicro.com",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-654/",
"source": "security@trendmicro.com"
"source": "security@trendmicro.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

70
CVE-2023/CVE-2023-325xx/CVE-2023-32531.json
View File

@ -2,23 +2,83 @@
"id": "CVE-2023-32531",
"sourceIdentifier": "security@trendmicro.com",
"published": "2023-06-26T22:15:10.450",
"lastModified": "2023-06-26T22:22:38.173",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-30T14:38:23.707",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may allow an attacker to achieve remote code execution on affected servers.\r\n\r\nThis is similar to, but not identical to CVE-2023-32532 through 32535."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:trendmicro:apex_central:2019:-:*:*:*:windows:*:*",
"matchCriteriaId": "7F2620DA-8727-43FF-8A4D-72145CDDE4CD"
}
]
}
]
}
],
"references": [
{
"url": "https://success.trendmicro.com/dcx/s/solution/000293107?language=en_US",
"source": "security@trendmicro.com"
"source": "security@trendmicro.com",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-724/",
"source": "security@trendmicro.com"
"source": "security@trendmicro.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

70
CVE-2023/CVE-2023-325xx/CVE-2023-32532.json
View File

@ -2,23 +2,83 @@
"id": "CVE-2023-32532",
"sourceIdentifier": "security@trendmicro.com",
"published": "2023-06-26T22:15:10.497",
"lastModified": "2023-06-26T22:22:38.173",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-30T14:38:02.893",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may allow an attacker to achieve remote code execution on affected servers.\r\n\r\nThis is similar to, but not identical to CVE-2023-32531 through 32535."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:trendmicro:apex_central:2019:-:*:*:*:windows:*:*",
"matchCriteriaId": "7F2620DA-8727-43FF-8A4D-72145CDDE4CD"
}
]
}
]
}
],
"references": [
{
"url": "https://success.trendmicro.com/dcx/s/solution/000293107?language=en_US",
"source": "security@trendmicro.com"
"source": "security@trendmicro.com",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-723/",
"source": "security@trendmicro.com"
"source": "security@trendmicro.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

70
CVE-2023/CVE-2023-325xx/CVE-2023-32533.json
View File

@ -2,23 +2,83 @@
"id": "CVE-2023-32533",
"sourceIdentifier": "security@trendmicro.com",
"published": "2023-06-26T22:15:10.540",
"lastModified": "2023-06-26T22:22:30.843",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-30T14:37:55.680",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may allow an attacker to achieve remote code execution on affected servers.\r\n\r\nThis is similar to, but not identical to CVE-2023-32531 through 32535."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:trendmicro:apex_central:2019:-:*:*:*:windows:*:*",
"matchCriteriaId": "7F2620DA-8727-43FF-8A4D-72145CDDE4CD"
}
]
}
]
}
],
"references": [
{
"url": "https://success.trendmicro.com/dcx/s/solution/000293107?language=en_US",
"source": "security@trendmicro.com"
"source": "security@trendmicro.com",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-726/",
"source": "security@trendmicro.com"
"source": "security@trendmicro.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

70
CVE-2023/CVE-2023-325xx/CVE-2023-32534.json
View File

@ -2,23 +2,83 @@
"id": "CVE-2023-32534",
"sourceIdentifier": "security@trendmicro.com",
"published": "2023-06-26T22:15:10.587",
"lastModified": "2023-06-26T22:22:30.843",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-30T14:37:48.250",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may allow an attacker to achieve remote code execution on affected servers.\r\n\r\nThis is similar to, but not identical to CVE-2023-32531 through 32535."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:trendmicro:apex_central:2019:-:*:*:*:windows:*:*",
"matchCriteriaId": "7F2620DA-8727-43FF-8A4D-72145CDDE4CD"
}
]
}
]
}
],
"references": [
{
"url": "https://success.trendmicro.com/dcx/s/solution/000293107?language=en_US",
"source": "security@trendmicro.com"
"source": "security@trendmicro.com",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-725/",
"source": "security@trendmicro.com"
"source": "security@trendmicro.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

70
CVE-2023/CVE-2023-325xx/CVE-2023-32535.json
View File

@ -2,23 +2,83 @@
"id": "CVE-2023-32535",
"sourceIdentifier": "security@trendmicro.com",
"published": "2023-06-26T22:15:10.630",
"lastModified": "2023-06-26T22:22:30.843",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-30T14:37:40.420",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may allow an attacker to achieve remote code execution on affected servers.\r\n\r\nThis is similar to, but not identical to CVE-2023-32531 through 32534."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:trendmicro:apex_central:2019:-:*:*:*:windows:*:*",
"matchCriteriaId": "7F2620DA-8727-43FF-8A4D-72145CDDE4CD"
}
]
}
]
}
],
"references": [
{
"url": "https://success.trendmicro.com/dcx/s/solution/000293107?language=en_US",
"source": "security@trendmicro.com"
"source": "security@trendmicro.com",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-857/",
"source": "security@trendmicro.com"
"source": "security@trendmicro.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

64
CVE-2023/CVE-2023-325xx/CVE-2023-32536.json
View File

@ -2,19 +2,75 @@
"id": "CVE-2023-32536",
"sourceIdentifier": "security@trendmicro.com",
"published": "2023-06-26T22:15:10.670",
"lastModified": "2023-06-26T22:22:30.843",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-30T14:37:22.800",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Affected versions Trend Micro Apex Central (on-premise) are vulnerable to potential authenticated reflected cross-site scripting (XSS) attacks due to user input validation and sanitization issues. \r\n\r\nPlease note: an attacker must first obtain authentication to Apex Central on the target system in order to exploit this vulnerability.\r\n\r\nThis is similar to, but not identical to CVE-2023-32537."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:trendmicro:apex_central:2019:-:*:*:*:windows:*:*",
"matchCriteriaId": "7F2620DA-8727-43FF-8A4D-72145CDDE4CD"
}
]
}
]
}
],
"references": [
{
"url": "https://success.trendmicro.com/dcx/s/solution/000293107?language=en_US",
"source": "security@trendmicro.com"
"source": "security@trendmicro.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

64
CVE-2023/CVE-2023-325xx/CVE-2023-32537.json
View File

@ -2,19 +2,75 @@
"id": "CVE-2023-32537",
"sourceIdentifier": "security@trendmicro.com",
"published": "2023-06-26T22:15:10.713",
"lastModified": "2023-06-26T22:22:30.843",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-30T14:37:11.727",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Affected versions Trend Micro Apex Central (on-premise) are vulnerable to potential authenticated reflected cross-site scripting (XSS) attacks due to user input validation and sanitization issues. \r\n\r\nPlease note: an attacker must first obtain authentication to Apex Central on the target system in order to exploit this vulnerability.\r\n\r\nThis is similar to, but not identical to CVE-2023-32536."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:trendmicro:apex_central:2019:-:*:*:*:windows:*:*",
"matchCriteriaId": "7F2620DA-8727-43FF-8A4D-72145CDDE4CD"
}
]
}
]
}
],
"references": [
{
"url": "https://success.trendmicro.com/dcx/s/solution/000293107?language=en_US",
"source": "security@trendmicro.com"
"source": "security@trendmicro.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

88
CVE-2023/CVE-2023-325xx/CVE-2023-32552.json
View File

@ -2,23 +2,101 @@
"id": "CVE-2023-32552",
"sourceIdentifier": "security@trendmicro.com",
"published": "2023-06-26T22:15:10.757",
"lastModified": "2023-06-26T22:22:30.843",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-30T14:36:57.970",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An Improper access control vulnerability in Trend Micro Apex One and Apex One as a Service could allow an unauthenticated user under certain circumstances to disclose sensitive information on agents.\r\n\r\nThis is similar to, but not identical to CVE-2023-32553"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:trendmicro:apex_one:*:*:*:*:saas:*:*:*",
"versionEndExcluding": "14.0.12105",
"matchCriteriaId": "2BEB6165-97A6-4EE9-B7D8-66D62469AE79"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:trendmicro:apex_one:2019:*:*:*:*:*:*:*",
"matchCriteriaId": "AF019D2D-C426-4D2D-A254-442CE777B41E"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://success.trendmicro.com/dcx/s/solution/000293108?language=en_US",
"source": "security@trendmicro.com"
"source": "security@trendmicro.com",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-655/",
"source": "security@trendmicro.com"
"source": "security@trendmicro.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

88
CVE-2023/CVE-2023-325xx/CVE-2023-32553.json
View File

@ -2,23 +2,101 @@
"id": "CVE-2023-32553",
"sourceIdentifier": "security@trendmicro.com",
"published": "2023-06-26T22:15:10.803",
"lastModified": "2023-06-26T22:22:30.843",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-30T14:27:02.910",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An Improper access control vulnerability in Trend Micro Apex One and Apex One as a Service could allow an unauthenticated user under certain circumstances to disclose sensitive information on agents.\r\n\r\nThis is similar to, but not identical to CVE-2023-32552."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:trendmicro:apex_one:*:*:*:*:saas:*:*:*",
"versionEndExcluding": "14.0.12105",
"matchCriteriaId": "2BEB6165-97A6-4EE9-B7D8-66D62469AE79"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:trendmicro:apex_one:2019:*:*:*:*:*:*:*",
"matchCriteriaId": "AF019D2D-C426-4D2D-A254-442CE777B41E"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://success.trendmicro.com/dcx/s/solution/000293108?language=en_US",
"source": "security@trendmicro.com"
"source": "security@trendmicro.com",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-653/",
"source": "security@trendmicro.com"
"source": "security@trendmicro.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

88
CVE-2023/CVE-2023-325xx/CVE-2023-32554.json
View File

@ -2,23 +2,101 @@
"id": "CVE-2023-32554",
"sourceIdentifier": "security@trendmicro.com",
"published": "2023-06-26T22:15:10.847",
"lastModified": "2023-06-26T22:22:30.843",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-30T14:26:36.230",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker to escalate privileges on affected installations.\r\n\r\nPlease note: a local attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\r\n\r\nThis is similar to, but not identical to CVE-2023-32555."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-367"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:trendmicro:apex_one:*:*:*:*:saas:*:*:*",
"versionEndExcluding": "14.0.12105",
"matchCriteriaId": "2BEB6165-97A6-4EE9-B7D8-66D62469AE79"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:trendmicro:apex_one:2019:*:*:*:*:*:*:*",
"matchCriteriaId": "AF019D2D-C426-4D2D-A254-442CE777B41E"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://success.trendmicro.com/dcx/s/solution/000293108?language=en_US",
"source": "security@trendmicro.com"
"source": "security@trendmicro.com",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-657/",
"source": "security@trendmicro.com"
"source": "security@trendmicro.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

8
CVE-2023/CVE-2023-331xx/CVE-2023-33190.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-33190",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-06-29T19:15:08.977",
"lastModified": "2023-06-29T23:57:54.363",
"lastModified": "2023-06-30T14:15:09.353",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Sealos is an open source cloud operating system distribution based on the Kubernetes kernel. In versions of Sealos prior to 4.2.0 an improper configuration of role based access control (RBAC) permissions resulted in an attacker being able to obtain cluster control permissions, which could control the entire cluster deployed with Sealos, as well as hundreds of pods and other resources within the cluster. This issue has been addressed in version 4.2.0. Users are advised to upgrade. There are no known workarounds for this vulnerability."
"value": "Sealos is an open source cloud operating system distribution based on the Kubernetes kernel. In versions of Sealos prior to 4.2.1-rc4 an improper configuration of role based access control (RBAC) permissions resulted in an attacker being able to obtain cluster control permissions, which could control the entire cluster deployed with Sealos, as well as hundreds of pods and other resources within the cluster. This issue has been addressed in version 4.2.1-rc4. Users are advised to upgrade. There are no known workarounds for this vulnerability."
}
],
"metrics": {
@ -47,6 +47,10 @@
}
],
"references": [
{
"url": "https://github.com/labring/sealos/commit/4cdf52e55666864e5f90ed502e9fc13e18985b7b",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/labring/sealos/security/advisories/GHSA-74j8-w7f9-pp62",
"source": "security-advisories@github.com"

24
CVE-2023/CVE-2023-332xx/CVE-2023-33276.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-33276",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-30T14:15:09.427",
"lastModified": "2023-06-30T15:29:21.147",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "The web interface of Gira Giersiepen Gira KNX/IP-Router 3.1.3683.0 and 3.3.8.0 responds with a \"404 - Not Found\" status code if a path is accessed that does not exist. However, the value of the path is reflected in the response. As the application will reflect the supplied path without context-sensitive HTML encoding, it is vulnerable to reflective cross-site scripting (XSS)."
}
],
"metrics": {},
"references": [
{
"url": "https://www.syss.de/en/responsible-disclosure-policy",
"source": "cve@mitre.org"
},
{
"url": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2023-016.txt",
"source": "cve@mitre.org"
}
]
}

66
CVE-2023/CVE-2023-346xx/CVE-2023-34601.json
View File

@ -2,19 +2,77 @@
"id": "CVE-2023-34601",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-22T11:15:09.663",
"lastModified": "2023-06-22T12:51:23.447",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-30T14:05:14.080",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Jeesite before commit 10742d3 was discovered to contain a SQL injection vulnerability via the component ${businessTable} at /act/ActDao.xml."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:jeesite:jeesite:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2023-05-27",
"matchCriteriaId": "66F58E1E-7F49-4A55-8B19-EF7D3EE21E2B"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/thinkgem/jeesite/issues/515",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
]
}
]
}

8
CVE-2023/CVE-2023-346xx/CVE-2023-34642.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34642",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-19T05:15:09.670",
"lastModified": "2023-06-27T12:50:28.597",
"vulnStatus": "Analyzed",
"lastModified": "2023-06-30T14:15:09.480",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -65,6 +65,10 @@
}
],
"references": [
{
"url": "https://github.com/huntergregal/CVE/tree/main/CVE-2023-34642",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/huntergregal/CVE/tree/main/TBD-KIOWARE-002",
"source": "cve@mitre.org",

28
CVE-2023/CVE-2023-372xx/CVE-2023-37298.json Normal file
View File

@ -0,0 +1,28 @@
{
"id": "CVE-2023-37298",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-30T15:15:09.007",
"lastModified": "2023-06-30T15:29:21.147",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Joplin before 2.11.5 allows XSS via a USE element in an SVG document."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/laurent22/joplin/commit/caf66068bfc474bbfd505013076ed173cd90ca83",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/laurent22/joplin/releases/tag/v2.11.5",
"source": "cve@mitre.org"
},
{
"url": "https://vuln.ryotak.net/advisories/69",
"source": "cve@mitre.org"
}
]
}

28
CVE-2023/CVE-2023-372xx/CVE-2023-37299.json Normal file
View File

@ -0,0 +1,28 @@
{
"id": "CVE-2023-37299",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-30T15:15:09.053",
"lastModified": "2023-06-30T15:29:21.147",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Joplin before 2.11.5 allows XSS via an AREA element of an image map."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/laurent22/joplin/commit/9e90d9016daf79b5414646a93fd369aedb035071",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/laurent22/joplin/releases/tag/v2.11.5",
"source": "cve@mitre.org"
},
{
"url": "https://vuln.ryotak.net/advisories/68",
"source": "cve@mitre.org"
}
]
}

63
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-06-30T14:00:36.275108+00:00
2023-06-30T16:00:33.771640+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-06-30T13:49:36.123000+00:00
2023-06-30T15:58:40.550000+00:00
```
### Last Data Feed Release
@ -29,45 +29,46 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
218942
218945
```
### CVEs added in the last Commit
Recently added CVEs: `1`
Recently added CVEs: `3`
* [CVE-2023-3478](CVE-2023/CVE-2023-34xx/CVE-2023-3478.json) (`2023-06-30T12:15:09.250`)
* [CVE-2023-33276](CVE-2023/CVE-2023-332xx/CVE-2023-33276.json) (`2023-06-30T14:15:09.427`)
* [CVE-2023-37298](CVE-2023/CVE-2023-372xx/CVE-2023-37298.json) (`2023-06-30T15:15:09.007`)
* [CVE-2023-37299](CVE-2023/CVE-2023-372xx/CVE-2023-37299.json) (`2023-06-30T15:15:09.053`)
### CVEs modified in the last Commit
Recently modified CVEs: `77`
Recently modified CVEs: `24`
* [CVE-2023-35158](CVE-2023/CVE-2023-351xx/CVE-2023-35158.json) (`2023-06-30T13:10:25.870`)
* [CVE-2023-35159](CVE-2023/CVE-2023-351xx/CVE-2023-35159.json) (`2023-06-30T13:10:48.407`)
* [CVE-2023-35160](CVE-2023/CVE-2023-351xx/CVE-2023-35160.json) (`2023-06-30T13:11:43.243`)
* [CVE-2023-35161](CVE-2023/CVE-2023-351xx/CVE-2023-35161.json) (`2023-06-30T13:12:23.500`)
* [CVE-2023-35162](CVE-2023/CVE-2023-351xx/CVE-2023-35162.json) (`2023-06-30T13:12:39.790`)
* [CVE-2023-34467](CVE-2023/CVE-2023-344xx/CVE-2023-34467.json) (`2023-06-30T13:13:05.633`)
* [CVE-2023-34466](CVE-2023/CVE-2023-344xx/CVE-2023-34466.json) (`2023-06-30T13:13:28.530`)
* [CVE-2023-34465](CVE-2023/CVE-2023-344xx/CVE-2023-34465.json) (`2023-06-30T13:14:05.650`)
* [CVE-2023-34464](CVE-2023/CVE-2023-344xx/CVE-2023-34464.json) (`2023-06-30T13:14:34.203`)
* [CVE-2023-32386](CVE-2023/CVE-2023-323xx/CVE-2023-32386.json) (`2023-06-30T13:41:23.760`)
* [CVE-2023-32382](CVE-2023/CVE-2023-323xx/CVE-2023-32382.json) (`2023-06-30T13:41:44.287`)
* [CVE-2023-32380](CVE-2023/CVE-2023-323xx/CVE-2023-32380.json) (`2023-06-30T13:46:31.057`)
* [CVE-2023-32376](CVE-2023/CVE-2023-323xx/CVE-2023-32376.json) (`2023-06-30T13:46:42.150`)
* [CVE-2023-32375](CVE-2023/CVE-2023-323xx/CVE-2023-32375.json) (`2023-06-30T13:47:10.780`)
* [CVE-2023-32371](CVE-2023/CVE-2023-323xx/CVE-2023-32371.json) (`2023-06-30T13:47:21.360`)
* [CVE-2023-32368](CVE-2023/CVE-2023-323xx/CVE-2023-32368.json) (`2023-06-30T13:47:36.053`)
* [CVE-2023-36358](CVE-2023/CVE-2023-363xx/CVE-2023-36358.json) (`2023-06-30T13:47:39.297`)
* [CVE-2023-32367](CVE-2023/CVE-2023-323xx/CVE-2023-32367.json) (`2023-06-30T13:47:44.797`)
* [CVE-2023-32365](CVE-2023/CVE-2023-323xx/CVE-2023-32365.json) (`2023-06-30T13:48:00.060`)
* [CVE-2023-32363](CVE-2023/CVE-2023-323xx/CVE-2023-32363.json) (`2023-06-30T13:48:13.423`)
* [CVE-2023-36355](CVE-2023/CVE-2023-363xx/CVE-2023-36355.json) (`2023-06-30T13:48:32.287`)
* [CVE-2023-32360](CVE-2023/CVE-2023-323xx/CVE-2023-32360.json) (`2023-06-30T13:48:53.420`)
* [CVE-2023-32357](CVE-2023/CVE-2023-323xx/CVE-2023-32357.json) (`2023-06-30T13:49:10.683`)
* [CVE-2023-32355](CVE-2023/CVE-2023-323xx/CVE-2023-32355.json) (`2023-06-30T13:49:20.797`)
* [CVE-2023-32354](CVE-2023/CVE-2023-323xx/CVE-2023-32354.json) (`2023-06-30T13:49:36.123`)
* [CVE-2023-29707](CVE-2023/CVE-2023-297xx/CVE-2023-29707.json) (`2023-06-30T14:03:49.057`)
* [CVE-2023-34601](CVE-2023/CVE-2023-346xx/CVE-2023-34601.json) (`2023-06-30T14:05:14.080`)
* [CVE-2023-33190](CVE-2023/CVE-2023-331xx/CVE-2023-33190.json) (`2023-06-30T14:15:09.353`)
* [CVE-2023-34642](CVE-2023/CVE-2023-346xx/CVE-2023-34642.json) (`2023-06-30T14:15:09.480`)
* [CVE-2023-30902](CVE-2023/CVE-2023-309xx/CVE-2023-30902.json) (`2023-06-30T14:15:33.933`)
* [CVE-2023-32388](CVE-2023/CVE-2023-323xx/CVE-2023-32388.json) (`2023-06-30T14:16:25.170`)
* [CVE-2023-32554](CVE-2023/CVE-2023-325xx/CVE-2023-32554.json) (`2023-06-30T14:26:36.230`)
* [CVE-2023-32553](CVE-2023/CVE-2023-325xx/CVE-2023-32553.json) (`2023-06-30T14:27:02.910`)
* [CVE-2023-32530](CVE-2023/CVE-2023-325xx/CVE-2023-32530.json) (`2023-06-30T14:33:26.047`)
* [CVE-2023-32552](CVE-2023/CVE-2023-325xx/CVE-2023-32552.json) (`2023-06-30T14:36:57.970`)
* [CVE-2023-32537](CVE-2023/CVE-2023-325xx/CVE-2023-32537.json) (`2023-06-30T14:37:11.727`)
* [CVE-2023-32536](CVE-2023/CVE-2023-325xx/CVE-2023-32536.json) (`2023-06-30T14:37:22.800`)
* [CVE-2023-32535](CVE-2023/CVE-2023-325xx/CVE-2023-32535.json) (`2023-06-30T14:37:40.420`)
* [CVE-2023-32534](CVE-2023/CVE-2023-325xx/CVE-2023-32534.json) (`2023-06-30T14:37:48.250`)
* [CVE-2023-32533](CVE-2023/CVE-2023-325xx/CVE-2023-32533.json) (`2023-06-30T14:37:55.680`)
* [CVE-2023-32532](CVE-2023/CVE-2023-325xx/CVE-2023-32532.json) (`2023-06-30T14:38:02.893`)
* [CVE-2023-32531](CVE-2023/CVE-2023-325xx/CVE-2023-32531.json) (`2023-06-30T14:38:23.707`)
* [CVE-2023-28800](CVE-2023/CVE-2023-288xx/CVE-2023-28800.json) (`2023-06-30T15:08:41.290`)
* [CVE-2023-32528](CVE-2023/CVE-2023-325xx/CVE-2023-32528.json) (`2023-06-30T15:17:43.777`)
* [CVE-2023-32527](CVE-2023/CVE-2023-325xx/CVE-2023-32527.json) (`2023-06-30T15:19:55.490`)
* [CVE-2023-23841](CVE-2023/CVE-2023-238xx/CVE-2023-23841.json) (`2023-06-30T15:27:38.070`)
* [CVE-2023-29708](CVE-2023/CVE-2023-297xx/CVE-2023-29708.json) (`2023-06-30T15:36:24.177`)
* [CVE-2023-30222](CVE-2023/CVE-2023-302xx/CVE-2023-30222.json) (`2023-06-30T15:52:51.067`)
* [CVE-2023-30223](CVE-2023/CVE-2023-302xx/CVE-2023-30223.json) (`2023-06-30T15:58:40.550`)
## Download and Usage