admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-06 18:52:58 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-09-14T04:00:25.753690+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-09-14 04:00:29 +00:00
parent a132388c9a
commit 8e4894e0c7
36 changed files with 2560 additions and 176 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

143
CVE-2019/CVE-2019-164xx/CVE-2019-16470.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2019-16470",
"sourceIdentifier": "psirt@adobe.com",
"published": "2023-09-11T14:15:07.740",
"lastModified": "2023-09-11T14:26:36.900",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-14T03:45:04.547",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -13,8 +13,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@adobe.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.3,
"impactScore": 5.9
},
{
"source": "psirt@adobe.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
@ -36,8 +56,18 @@
},
"weaknesses": [
{
"source": "psirt@adobe.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "psirt@adobe.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -46,10 +76,113 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"versionStartIncluding": "15.006.30060",
"versionEndIncluding": "15.006.30505",
"matchCriteriaId": "103F0502-6408-4FC8-93A7-7F2D753EEBBB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"versionStartIncluding": "15.008.20082",
"versionEndIncluding": "19.021.20056",
"matchCriteriaId": "5806A221-1A5E-4F8F-8080-C2F79437FDA1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"versionStartIncluding": "17.011.30059",
"versionEndIncluding": "17.011.30152",
"matchCriteriaId": "65A32370-51B1-416B-98F6-A29DD4A78256"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"versionStartIncluding": "15.006.30060",
"versionEndIncluding": "15.006.30505",
"matchCriteriaId": "9D1B0647-B9D4-4E6C-A334-FCFDBA9CBEA0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"versionStartIncluding": "15.008.20082",
"versionEndIncluding": "19.021.20056",
"matchCriteriaId": "0F7334B7-13A8-4BFE-8274-A6A18D027579"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"versionStartIncluding": "17.011.30059",
"versionEndIncluding": "17.011.30152",
"matchCriteriaId": "31BE32EC-8B5D-442F-8261-F996587E2769"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"versionStartIncluding": "17.011.30059",
"versionEndIncluding": "17.011.30155",
"matchCriteriaId": "EEFCF20D-EBF3-4086-8261-3B795CAEBDE9"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"
}
]
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/acrobat/apsb19-55.html",
"source": "psirt@adobe.com"
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
]
}
]
}

131
CVE-2019/CVE-2019-164xx/CVE-2019-16471.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2019-16471",
"sourceIdentifier": "psirt@adobe.com",
"published": "2023-09-11T14:15:07.887",
"lastModified": "2023-09-11T14:26:36.900",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-14T03:41:51.240",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -13,8 +13,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@adobe.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.3,
"impactScore": 5.9
},
{
"source": "psirt@adobe.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
@ -46,10 +66,113 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"versionStartIncluding": "15.006.30060",
"versionEndIncluding": "15.006.30505",
"matchCriteriaId": "103F0502-6408-4FC8-93A7-7F2D753EEBBB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"versionStartIncluding": "15.008.20082",
"versionEndIncluding": "19.021.20056",
"matchCriteriaId": "5806A221-1A5E-4F8F-8080-C2F79437FDA1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"versionStartIncluding": "17.011.30059",
"versionEndIncluding": "17.011.30152",
"matchCriteriaId": "65A32370-51B1-416B-98F6-A29DD4A78256"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"versionStartIncluding": "15.006.30060",
"versionEndIncluding": "15.006.30505",
"matchCriteriaId": "9D1B0647-B9D4-4E6C-A334-FCFDBA9CBEA0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"versionStartIncluding": "15.008.20082",
"versionEndIncluding": "19.021.20056",
"matchCriteriaId": "0F7334B7-13A8-4BFE-8274-A6A18D027579"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"versionStartIncluding": "17.011.30059",
"versionEndIncluding": "17.011.30152",
"matchCriteriaId": "31BE32EC-8B5D-442F-8261-F996587E2769"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"versionStartIncluding": "17.011.30059",
"versionEndIncluding": "17.011.30155",
"matchCriteriaId": "EEFCF20D-EBF3-4086-8261-3B795CAEBDE9"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"
}
]
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/acrobat/apsb19-55.html",
"source": "psirt@adobe.com"
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
]
}
]
}

80
CVE-2019/CVE-2019-78xx/CVE-2019-7819.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2019-7819",
"sourceIdentifier": "psirt@adobe.com",
"published": "2023-09-11T14:15:08.130",
"lastModified": "2023-09-11T14:26:36.900",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-14T03:41:42.797",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -46,10 +46,84 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"versionStartIncluding": "15.000.00000",
"versionEndIncluding": "15.006.30482",
"matchCriteriaId": "32769A05-BEC1-4C96-B4E9-E31B21149601"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*",
"versionStartIncluding": "17.000.00000",
"versionEndIncluding": "17.011.30127",
"matchCriteriaId": "73DFCB62-B2A6-40C2-A348-23DC430B6F1F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"versionStartIncluding": "19.000.00000",
"versionEndIncluding": "19.010.20098",
"matchCriteriaId": "5313AD4B-7795-424B-B6A8-D85B1FC29593"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"versionStartIncluding": "15.000.00000",
"versionEndIncluding": "15.006.30482",
"matchCriteriaId": "FCF860E7-FB92-489B-8FC7-D28E46E54F8D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*",
"versionStartIncluding": "17.000.00000",
"versionEndIncluding": "17.011.30127",
"matchCriteriaId": "39E72620-54ED-4DED-98A2-EE3967FA3742"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"versionStartIncluding": "19.000.00000",
"versionEndIncluding": "19.010.20098",
"matchCriteriaId": "44812A3D-B389-44DF-93E6-85E4B6D58C94"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/acrobat/apsb19-17.html",
"source": "psirt@adobe.com"
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
]
}
]
}

84
CVE-2022/CVE-2022-14xx/CVE-2022-1415.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-1415",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-09-11T21:15:41.483",
"lastModified": "2023-09-12T11:52:10.097",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-14T02:26:06.883",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "secalert@redhat.com",
"type": "Secondary",
@ -34,18 +54,72 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-502"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:decision_manager:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "68146098-58F8-417E-B165-5182527117C4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:drools:7.69.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C63D3269-9F0C-44C4-AC56-FEBD51D5E780"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:jboss_middleware_text-only_advisories:-:*:*:*:*:*:*:*",
"matchCriteriaId": "434B744A-9665-4340-B02D-7923FCB2B562"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:redhat:process_automation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "20A6B40D-F991-4712-8E30-5FE008505CB7"
}
]
}
]
}
],
"references": [
{
"url": "https://access.redhat.com/errata/RHSA-2022:6813",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://access.redhat.com/security/cve/CVE-2022-1415",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2065505",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
}
]
}

51
CVE-2022/CVE-2022-288xx/CVE-2022-28831.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-28831",
"sourceIdentifier": "psirt@adobe.com",
"published": "2023-09-11T14:15:08.267",
"lastModified": "2023-09-11T14:26:36.900",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-14T03:41:28.657",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -46,10 +46,55 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:indesign:*:*:*:*:*:*:*:*",
"versionEndIncluding": "16.4.1",
"matchCriteriaId": "645B9BDF-4084-4305-ABA2-17FC6BB3F6B0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:indesign:*:*:*:*:*:*:*:*",
"versionStartIncluding": "17.0",
"versionEndIncluding": "17.1",
"matchCriteriaId": "265196CC-0E42-484F-8B95-EEC8750BA2D8"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/indesign/apsb22-23.html",
"source": "psirt@adobe.com"
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
]
}
]
}

51
CVE-2022/CVE-2022-288xx/CVE-2022-28832.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-28832",
"sourceIdentifier": "psirt@adobe.com",
"published": "2023-09-11T14:15:08.367",
"lastModified": "2023-09-11T14:26:36.900",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-14T03:41:11.190",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -46,10 +46,55 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:indesign:*:*:*:*:*:*:*:*",
"versionEndIncluding": "16.4.1",
"matchCriteriaId": "645B9BDF-4084-4305-ABA2-17FC6BB3F6B0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:indesign:*:*:*:*:*:*:*:*",
"versionStartIncluding": "17.0",
"versionEndIncluding": "17.1",
"matchCriteriaId": "265196CC-0E42-484F-8B95-EEC8750BA2D8"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/indesign/apsb22-23.html",
"source": "psirt@adobe.com"
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
]
}
]
}

51
CVE-2022/CVE-2022-288xx/CVE-2022-28833.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-28833",
"sourceIdentifier": "psirt@adobe.com",
"published": "2023-09-11T14:15:08.457",
"lastModified": "2023-09-11T14:26:36.900",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-14T03:40:59.527",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -46,10 +46,55 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:indesign:*:*:*:*:*:*:*:*",
"versionEndIncluding": "16.4.1",
"matchCriteriaId": "645B9BDF-4084-4305-ABA2-17FC6BB3F6B0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:indesign:*:*:*:*:*:*:*:*",
"versionStartIncluding": "17.0",
"versionEndIncluding": "17.1",
"matchCriteriaId": "265196CC-0E42-484F-8B95-EEC8750BA2D8"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/indesign/apsb22-23.html",
"source": "psirt@adobe.com"
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
]
}
]
}

51
CVE-2022/CVE-2022-288xx/CVE-2022-28834.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-28834",
"sourceIdentifier": "psirt@adobe.com",
"published": "2023-09-11T14:15:08.557",
"lastModified": "2023-09-11T14:26:36.900",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-14T03:40:45.313",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -46,10 +46,55 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:incopy:*:*:*:*:*:*:*:*",
"versionEndIncluding": "16.4.1",
"matchCriteriaId": "46F2516E-55AA-4248-BC56-24691645DE7B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:incopy:*:*:*:*:*:*:*:*",
"versionStartIncluding": "17.0",
"versionEndIncluding": "17.1",
"matchCriteriaId": "48237D55-61F4-4705-AB14-CF93E50C39D3"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/incopy/apsb22-28.html",
"source": "psirt@adobe.com"
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
]
}
]
}

197
CVE-2022/CVE-2022-342xx/CVE-2022-34224.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-34224",
"sourceIdentifier": "psirt@adobe.com",
"published": "2023-09-11T14:15:08.850",
"lastModified": "2023-09-11T14:26:36.900",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-14T03:40:24.193",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -46,10 +46,201 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"versionStartIncluding": "15.008.20082",
"versionEndIncluding": "22.001.20142",
"matchCriteriaId": "78D29530-BD15-46E8-9DFA-279D37D004B2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"versionStartIncluding": "15.008.20082",
"versionEndIncluding": "22.001.20142",
"matchCriteriaId": "9232D141-2B41-47ED-A4AB-E6EF5D288CF3"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:classic:*:*:*",
"versionStartIncluding": "20.001.30005",
"versionEndIncluding": "20.005.30334",
"matchCriteriaId": "1A65C52B-8500-4E39-BB50-38D6D2368F38"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:classic:*:*:*",
"versionStartIncluding": "20.001.30005",
"versionEndIncluding": "20.005.30334",
"matchCriteriaId": "B369FDBE-C0B5-48E1-90F7-414678A7D01E"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:classic:*:*:*",
"versionStartIncluding": "20.001.30005",
"versionEndIncluding": "20.005.30331",
"matchCriteriaId": "0775193D-04D8-4EB1-9A41-7E8F4FD13EAC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:classic:*:*:*",
"versionStartIncluding": "20.001.30005",
"versionEndIncluding": "20.005.30331",
"matchCriteriaId": "5C00A821-3446-4FEF-B68A-C012AD40A897"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:classic:*:*:*",
"versionStartIncluding": "17.011.30059",
"versionEndIncluding": "17.012.30229",
"matchCriteriaId": "6E458647-70FD-4967-98E2-DAEBC90318CE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:classic:*:*:*",
"versionStartIncluding": "17.011.30059",
"versionEndIncluding": "17.012.30229",
"matchCriteriaId": "A21E36BC-B982-4FAD-BFBF-CCC77E202241"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:classic:*:*:*",
"versionStartIncluding": "17.011.30059",
"versionEndIncluding": "17.012.30227",
"matchCriteriaId": "BC3939D0-7CCC-4D3D-A016-98AEDFA8AD1F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:classic:*:*:*",
"versionStartIncluding": "17.011.30059",
"versionEndIncluding": "17.012.30227",
"matchCriteriaId": "CFFAA29B-FCEF-4E49-A755-8F18D58C3AC4"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"
}
]
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-32.html",
"source": "psirt@adobe.com"
"source": "psirt@adobe.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

197
CVE-2022/CVE-2022-342xx/CVE-2022-34238.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-34238",
"sourceIdentifier": "psirt@adobe.com",
"published": "2023-09-11T14:15:09.053",
"lastModified": "2023-09-11T14:26:36.900",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-14T03:38:54.967",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -46,10 +46,201 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*",
"versionStartIncluding": "15.008.20082",
"versionEndIncluding": "22.001.20142",
"matchCriteriaId": "78D29530-BD15-46E8-9DFA-279D37D004B2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*",
"versionStartIncluding": "15.008.20082",
"versionEndIncluding": "22.001.20142",
"matchCriteriaId": "9232D141-2B41-47ED-A4AB-E6EF5D288CF3"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:classic:*:*:*",
"versionStartIncluding": "20.001.30005",
"versionEndIncluding": "20.005.30334",
"matchCriteriaId": "1A65C52B-8500-4E39-BB50-38D6D2368F38"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:classic:*:*:*",
"versionStartIncluding": "20.001.30005",
"versionEndIncluding": "20.005.30334",
"matchCriteriaId": "B369FDBE-C0B5-48E1-90F7-414678A7D01E"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:classic:*:*:*",
"versionStartIncluding": "20.001.30005",
"versionEndIncluding": "20.005.30331",
"matchCriteriaId": "0775193D-04D8-4EB1-9A41-7E8F4FD13EAC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:classic:*:*:*",
"versionStartIncluding": "20.001.30005",
"versionEndIncluding": "20.005.30331",
"matchCriteriaId": "5C00A821-3446-4FEF-B68A-C012AD40A897"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:classic:*:*:*",
"versionStartIncluding": "17.011.30059",
"versionEndIncluding": "17.012.30229",
"matchCriteriaId": "6E458647-70FD-4967-98E2-DAEBC90318CE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:classic:*:*:*",
"versionStartIncluding": "17.011.30059",
"versionEndIncluding": "17.012.30229",
"matchCriteriaId": "A21E36BC-B982-4FAD-BFBF-CCC77E202241"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:classic:*:*:*",
"versionStartIncluding": "17.011.30059",
"versionEndIncluding": "17.012.30227",
"matchCriteriaId": "BC3939D0-7CCC-4D3D-A016-98AEDFA8AD1F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:classic:*:*:*",
"versionStartIncluding": "17.011.30059",
"versionEndIncluding": "17.012.30227",
"matchCriteriaId": "CFFAA29B-FCEF-4E49-A755-8F18D58C3AC4"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"
}
]
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/acrobat/apsb22-32.html",
"source": "psirt@adobe.com"
"source": "psirt@adobe.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

6
CVE-2023/CVE-2023-208xx/CVE-2023-20867.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-20867",
"sourceIdentifier": "security@vmware.com",
"published": "2023-06-13T17:15:14.070",
"lastModified": "2023-09-11T04:15:09.557",
"lastModified": "2023-09-14T03:15:07.567",
"vulnStatus": "Modified",
"cisaExploitAdd": "2023-06-23",
"cisaActionDue": "2023-07-14",
@ -104,6 +104,10 @@
"url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00020.html",
"source": "security@vmware.com"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZJM6HDRQYS74JA7YNKQBFH2XSZ52HEWH/",
"source": "security@vmware.com"
},
{
"url": "https://security.netapp.com/advisory/ntap-20230725-0001/",
"source": "security@vmware.com"

8
CVE-2023/CVE-2023-208xx/CVE-2023-20897.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-20897",
"sourceIdentifier": "security@vmware.com",
"published": "2023-09-05T11:15:32.973",
"lastModified": "2023-09-07T19:40:05.767",
"vulnStatus": "Analyzed",
"lastModified": "2023-09-14T03:15:08.073",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -92,6 +92,10 @@
}
],
"references": [
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OMWJIHQZXHK6FH2E3IWAZCYIRI7FLVOL/",
"source": "security@vmware.com"
},
{
"url": "https://saltproject.io/security-announcements/2023-08-10-advisory/",
"source": "security@vmware.com",

8
CVE-2023/CVE-2023-208xx/CVE-2023-20898.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-20898",
"sourceIdentifier": "security@vmware.com",
"published": "2023-09-05T11:15:33.300",
"lastModified": "2023-09-08T19:18:12.497",
"vulnStatus": "Analyzed",
"lastModified": "2023-09-14T03:15:08.180",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -92,6 +92,10 @@
}
],
"references": [
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OMWJIHQZXHK6FH2E3IWAZCYIRI7FLVOL/",
"source": "security@vmware.com"
},
{
"url": "https://saltproject.io/security-announcements/2023-08-10-advisory/",
"source": "security@vmware.com",

6
CVE-2023/CVE-2023-209xx/CVE-2023-20900.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-20900",
"sourceIdentifier": "security@vmware.com",
"published": "2023-08-31T10:15:08.247",
"lastModified": "2023-09-11T04:15:10.330",
"lastModified": "2023-09-14T03:15:08.267",
"vulnStatus": "Modified",
"descriptions": [
{
@ -164,6 +164,10 @@
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZJM6HDRQYS74JA7YNKQBFH2XSZ52HEWH/",
"source": "security@vmware.com"
},
{
"url": "https://www.debian.org/security/2023/dsa-5493",
"source": "security@vmware.com"

6
CVE-2023/CVE-2023-312xx/CVE-2023-31284.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-31284",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-04T20:15:10.717",
"lastModified": "2023-09-14T00:15:08.960",
"lastModified": "2023-09-14T03:15:08.403",
"vulnStatus": "Modified",
"descriptions": [
{
@ -69,6 +69,10 @@
"url": "http://www.openwall.com/lists/oss-security/2023/09/13/4",
"source": "cve@mitre.org"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/09/13/5",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/illumos/illumos-gate/tree/16b76d3cb933ff92018a2a75594449010192eacb",
"source": "cve@mitre.org",

84
CVE-2023/CVE-2023-356xx/CVE-2023-35658.json
View File

@ -2,23 +2,97 @@
"id": "CVE-2023-35658",
"sourceIdentifier": "security@android.com",
"published": "2023-09-11T21:15:41.660",
"lastModified": "2023-09-12T11:52:10.097",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-14T02:18:53.670",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In gatt_process_prep_write_rsp of gatt_cl.cc, there is a possible privilege escalation due to a use after free. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C64C1583-CDE0-4C1F-BDE6-05643C1BDD72"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469"
}
]
}
]
}
],
"references": [
{
"url": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/d03a3020de69143b1fe8129d75e55f14951dd192",
"source": "security@android.com"
"source": "security@android.com",
"tags": [
"Issue Tracking",
"Patch"
]
},
{
"url": "https://source.android.com/security/bulletin/2023-09-01",
"source": "security@android.com"
"source": "security@android.com",
"tags": [
"Vendor Advisory"
]
}
]
}

84
CVE-2023/CVE-2023-356xx/CVE-2023-35684.json
View File

@ -2,23 +2,97 @@
"id": "CVE-2023-35684",
"sourceIdentifier": "security@android.com",
"published": "2023-09-11T21:15:42.717",
"lastModified": "2023-09-12T11:52:10.097",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-14T02:02:15.467",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In avdt_msg_asmbl of avdt_msg.cc, there is a possible out of bounds write due to an integer overflow. This could lead to paired device escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C64C1583-CDE0-4C1F-BDE6-05643C1BDD72"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469"
}
]
}
]
}
],
"references": [
{
"url": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/668bbca29797728004d88db4c9b69102f3939008",
"source": "security@android.com"
"source": "security@android.com",
"tags": [
"Issue Tracking",
"Patch"
]
},
{
"url": "https://source.android.com/security/bulletin/2023-09-01",
"source": "security@android.com"
"source": "security@android.com",
"tags": [
"Vendor Advisory"
]
}
]
}

84
CVE-2023/CVE-2023-356xx/CVE-2023-35687.json
View File

@ -2,23 +2,97 @@
"id": "CVE-2023-35687",
"sourceIdentifier": "security@android.com",
"published": "2023-09-11T21:15:42.773",
"lastModified": "2023-09-12T11:52:05.517",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-14T02:03:49.147",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In MtpPropertyValue of MtpProperty.h, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C64C1583-CDE0-4C1F-BDE6-05643C1BDD72"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469"
}
]
}
]
}
],
"references": [
{
"url": "https://android.googlesource.com/platform/frameworks/av/+/ea6131efa76a0b2a12724ffd157909e2c6fb4036",
"source": "security@android.com"
"source": "security@android.com",
"tags": [
"Issue Tracking",
"Patch"
]
},
{
"url": "https://source.android.com/security/bulletin/2023-09-01",
"source": "security@android.com"
"source": "security@android.com",
"tags": [
"Vendor Advisory"
]
}
]
}

57
CVE-2023/CVE-2023-374xx/CVE-2023-37489.json
View File

@ -1,9 +1,9 @@
{
"id": "CVE-2023-37489",
"sourceIdentifier": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"sourceIdentifier": "cna@sap.com",
"published": "2023-09-12T02:15:12.160",
"lastModified": "2023-09-12T11:52:05.517",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-14T02:07:38.067",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -13,7 +13,27 @@
"metrics": {
"cvssMetricV31": [
{
"source": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "cna@sap.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -36,7 +56,7 @@
},
"weaknesses": [
{
"source": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"source": "cna@sap.com",
"type": "Primary",
"description": [
{
@ -46,14 +66,37 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:businessobjects_business_intelligence:430:*:*:*:*:*:*:*",
"matchCriteriaId": "85CBCF48-5478-4EE5-8F69-6E59EFDB707D"
}
]
}
]
}
],
"references": [
{
"url": "https://me.sap.com/notes/3352453",
"source": "e4686d1a-f260-4930-ac4c-2f5c992778dd"
"source": "cna@sap.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html",
"source": "e4686d1a-f260-4930-ac4c-2f5c992778dd"
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
]
}
]
}

41
CVE-2023/CVE-2023-381xx/CVE-2023-38163.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-38163",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-09-12T17:15:23.840",
"lastModified": "2023-09-12T19:38:09.050",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-14T02:34:29.220",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -34,10 +34,45 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:windows_defender_security_intelligence_updates:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.0.0",
"versionEndExcluding": "1.391.1332.0",
"matchCriteriaId": "DD02F4AE-B37D-487E-AB24-157C92B7BEC6"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38163",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

70
CVE-2023/CVE-2023-381xx/CVE-2023-38164.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-38164",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-09-12T17:15:24.080",
"lastModified": "2023-09-12T19:38:09.050",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-14T02:30:40.417",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -13,8 +13,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "secure@microsoft.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N",
@ -34,10 +54,52 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:dynamics_365:*:*:*:*:on-premises:*:*:*",
"versionStartIncluding": "9.0",
"versionEndExcluding": "9.0.49.04",
"matchCriteriaId": "D82EE042-2FBD-4B57-B159-053DC80E726C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:dynamics_365:*:*:*:*:on-premises:*:*:*",
"versionStartIncluding": "9.1",
"versionEndExcluding": "9.1.21.05",
"matchCriteriaId": "69ACF461-9B62-46A5-AFEC-FFF2F87CF716"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38164",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

82
CVE-2023/CVE-2023-413xx/CVE-2023-41368.json
View File

@ -1,9 +1,9 @@
{
"id": "CVE-2023-41368",
"sourceIdentifier": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"sourceIdentifier": "cna@sap.com",
"published": "2023-09-12T02:15:12.847",
"lastModified": "2023-09-12T11:52:05.517",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-14T02:09:01.010",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -13,7 +13,27 @@
"metrics": {
"cvssMetricV31": [
{
"source": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "cna@sap.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -36,7 +56,7 @@
},
"weaknesses": [
{
"source": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"source": "cna@sap.com",
"type": "Primary",
"description": [
{
@ -46,14 +66,62 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:s\\/4_hana:102:*:*:*:*:*:*:*",
"matchCriteriaId": "7EE80980-12A5-40D7-8992-5C81FC82935E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:s\\/4_hana:103:*:*:*:*:*:*:*",
"matchCriteriaId": "82AAE66A-7112-4E83-9094-2AA571144F64"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:s\\/4_hana:104:*:*:*:*:*:*:*",
"matchCriteriaId": "CFF0FD31-F4F3-470A-9CB5-DE339D7334FF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:s\\/4_hana:105:*:*:*:*:*:*:*",
"matchCriteriaId": "A52E5AE7-D16E-4122-A39E-20A2CAB9A146"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:s\\/4_hana:106:*:*:*:*:*:*:*",
"matchCriteriaId": "EAEF60F9-E053-4D22-AA65-9C1CA5130374"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:s\\/4_hana:107:*:*:*:*:*:*:*",
"matchCriteriaId": "8606117E-F864-474F-8839-F6BAB51113E0"
}
]
}
]
}
],
"references": [
{
"url": "https://me.sap.com/notes/3355675",
"source": "e4686d1a-f260-4930-ac4c-2f5c992778dd"
"source": "cna@sap.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html",
"source": "e4686d1a-f260-4930-ac4c-2f5c992778dd"
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
]
}
]
}

97
CVE-2023/CVE-2023-413xx/CVE-2023-41369.json
View File

@ -1,9 +1,9 @@
{
"id": "CVE-2023-41369",
"sourceIdentifier": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"sourceIdentifier": "cna@sap.com",
"published": "2023-09-12T02:15:12.983",
"lastModified": "2023-09-12T11:52:05.517",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-14T02:11:35.203",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -13,7 +13,27 @@
"metrics": {
"cvssMetricV31": [
{
"source": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "cna@sap.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -36,7 +56,7 @@
},
"weaknesses": [
{
"source": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"source": "cna@sap.com",
"type": "Primary",
"description": [
{
@ -46,14 +66,77 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:s\\/4_hana:100:*:*:*:*:*:*:*",
"matchCriteriaId": "D978AA69-72A7-4A7E-B3A1-8D342B4B77CE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:s\\/4_hana:101:*:*:*:*:*:*:*",
"matchCriteriaId": "7A800EB9-BD11-46B8-9866-31088F01D433"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:s\\/4_hana:102:*:*:*:*:*:*:*",
"matchCriteriaId": "7EE80980-12A5-40D7-8992-5C81FC82935E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:s\\/4_hana:103:*:*:*:*:*:*:*",
"matchCriteriaId": "82AAE66A-7112-4E83-9094-2AA571144F64"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:s\\/4_hana:104:*:*:*:*:*:*:*",
"matchCriteriaId": "CFF0FD31-F4F3-470A-9CB5-DE339D7334FF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:s\\/4_hana:105:*:*:*:*:*:*:*",
"matchCriteriaId": "A52E5AE7-D16E-4122-A39E-20A2CAB9A146"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:s\\/4_hana:106:*:*:*:*:*:*:*",
"matchCriteriaId": "EAEF60F9-E053-4D22-AA65-9C1CA5130374"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:s\\/4_hana:107:*:*:*:*:*:*:*",
"matchCriteriaId": "8606117E-F864-474F-8839-F6BAB51113E0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:s\\/4_hana:108:*:*:*:*:*:*:*",
"matchCriteriaId": "F794CB63-BF34-42D5-9998-CD2F2B2FF25F"
}
]
}
]
}
],
"references": [
{
"url": "https://me.sap.com/notes/3369680",
"source": "e4686d1a-f260-4930-ac4c-2f5c992778dd"
"source": "cna@sap.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html",
"source": "e4686d1a-f260-4930-ac4c-2f5c992778dd"
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
]
}
]
}

92
CVE-2023/CVE-2023-45xx/CVE-2023-4578.json
View File

@ -2,31 +2,109 @@
"id": "CVE-2023-4578",
"sourceIdentifier": "security@mozilla.org",
"published": "2023-09-11T09:15:09.347",
"lastModified": "2023-09-11T12:41:46.007",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-14T03:53:09.187",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "When calling `JS::CheckRegExpSyntax` a Syntax Error could have been set which would end in calling `convertToRuntimeErrorAndClear`. A path in the function could attempt to allocate memory when none is available which would have caused a newly created Out of Memory exception to be mishandled as a Syntax Error. This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-770"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
"versionEndExcluding": "117.0",
"matchCriteriaId": "97397EB0-B9CD-4C1F-B2DC-92F03D4DC61B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*",
"versionEndExcluding": "115.2",
"matchCriteriaId": "3DB778E6-50ED-4395-AFA5-A0043AEB4382"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*",
"versionEndExcluding": "115.2",
"matchCriteriaId": "F88F4161-8C10-4753-BE49-8AE5FB965EE4"
}
]
}
]
}
],
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1839007",
"source": "security@mozilla.org"
"source": "security@mozilla.org",
"tags": [
"Issue Tracking",
"Permissions Required"
]
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-34/",
"source": "security@mozilla.org"
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-36/",
"source": "security@mozilla.org"
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-38/",
"source": "security@mozilla.org"
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
]
}
]
}

70
CVE-2023/CVE-2023-45xx/CVE-2023-4579.json
View File

@ -2,23 +2,83 @@
"id": "CVE-2023-4579",
"sourceIdentifier": "security@mozilla.org",
"published": "2023-09-11T09:15:09.407",
"lastModified": "2023-09-11T12:41:46.007",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-14T03:53:02.330",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Search queries in the default search engine could appear to have been the currently navigated URL if the search query itself was a well formed URL. This could have led to a site spoofing another if it had been maliciously set as the default search engine. This vulnerability affects Firefox < 117."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.6,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
"versionEndExcluding": "117.0",
"matchCriteriaId": "97397EB0-B9CD-4C1F-B2DC-92F03D4DC61B"
}
]
}
]
}
],
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1842766",
"source": "security@mozilla.org"
"source": "security@mozilla.org",
"tags": [
"Issue Tracking",
"Permissions Required"
]
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-34/",
"source": "security@mozilla.org"
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
]
}
]
}

92
CVE-2023/CVE-2023-45xx/CVE-2023-4580.json
View File

@ -2,31 +2,109 @@
"id": "CVE-2023-4580",
"sourceIdentifier": "security@mozilla.org",
"published": "2023-09-11T09:15:09.477",
"lastModified": "2023-09-11T12:41:46.007",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-14T03:53:15.150",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Push notifications stored on disk in private browsing mode were not being encrypted potentially allowing the leak of sensitive information. This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-311"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
"versionEndExcluding": "117.0",
"matchCriteriaId": "97397EB0-B9CD-4C1F-B2DC-92F03D4DC61B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*",
"versionEndExcluding": "115.2",
"matchCriteriaId": "3DB778E6-50ED-4395-AFA5-A0043AEB4382"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*",
"versionEndExcluding": "115.2",
"matchCriteriaId": "F88F4161-8C10-4753-BE49-8AE5FB965EE4"
}
]
}
]
}
],
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1843046",
"source": "security@mozilla.org"
"source": "security@mozilla.org",
"tags": [
"Issue Tracking",
"Permissions Required"
]
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-34/",
"source": "security@mozilla.org"
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-36/",
"source": "security@mozilla.org"
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-38/",
"source": "security@mozilla.org"
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
]
}
]
}

109
CVE-2023/CVE-2023-45xx/CVE-2023-4581.json
View File

@ -2,39 +2,130 @@
"id": "CVE-2023-4581",
"sourceIdentifier": "security@mozilla.org",
"published": "2023-09-11T09:15:09.550",
"lastModified": "2023-09-13T11:15:11.037",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-09-14T03:52:57.273",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Excel `.xll` add-in files did not have a blocklist entry in Firefox's executable blocklist which allowed them to be downloaded without any warning of their potential harm. This vulnerability affects Firefox < 117, Firefox ESR < 102.15, Firefox ESR < 115.2, Thunderbird < 102.15, and Thunderbird < 115.2."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
"versionEndExcluding": "117.0",
"matchCriteriaId": "97397EB0-B9CD-4C1F-B2DC-92F03D4DC61B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*",
"versionEndExcluding": "102.15",
"matchCriteriaId": "066F8E6C-E629-4F70-8925-CB5C901E3A07"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*",
"versionStartIncluding": "115.0",
"versionEndExcluding": "115.2",
"matchCriteriaId": "67258574-7F75-45A3-A8B9-6AF93E20C1CC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*",
"versionEndExcluding": "115.2",
"matchCriteriaId": "F88F4161-8C10-4753-BE49-8AE5FB965EE4"
}
]
}
]
}
],
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1843758",
"source": "security@mozilla.org"
"source": "security@mozilla.org",
"tags": [
"Issue Tracking",
"Permissions Required"
]
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-34/",
"source": "security@mozilla.org"
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-35/",
"source": "security@mozilla.org"
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-36/",
"source": "security@mozilla.org"
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-37/",
"source": "security@mozilla.org"
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-38/",
"source": "security@mozilla.org"
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
]
}
]
}

104
CVE-2023/CVE-2023-45xx/CVE-2023-4582.json
View File

@ -2,31 +2,121 @@
"id": "CVE-2023-4582",
"sourceIdentifier": "security@mozilla.org",
"published": "2023-09-11T09:15:09.617",
"lastModified": "2023-09-11T12:41:46.007",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-14T03:52:38.367",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Due to large allocation checks in Angle for glsl shaders being too lenient a buffer overflow could have occured when allocating too much private shader memory on mac OS. \n*This bug only affects Firefox on macOS. Other operating systems are unaffected.* This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
"versionEndExcluding": "117.0",
"matchCriteriaId": "97397EB0-B9CD-4C1F-B2DC-92F03D4DC61B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*",
"versionEndExcluding": "115.2",
"matchCriteriaId": "3DB778E6-50ED-4395-AFA5-A0043AEB4382"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*",
"versionEndExcluding": "115.2",
"matchCriteriaId": "F88F4161-8C10-4753-BE49-8AE5FB965EE4"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"
}
]
}
]
}
],
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1773874",
"source": "security@mozilla.org"
"source": "security@mozilla.org",
"tags": [
"Issue Tracking",
"Permissions Required"
]
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-34/",
"source": "security@mozilla.org"
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-36/",
"source": "security@mozilla.org"
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-38/",
"source": "security@mozilla.org"
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
]
}
]
}

91
CVE-2023/CVE-2023-45xx/CVE-2023-4583.json
View File

@ -2,31 +2,108 @@
"id": "CVE-2023-4583",
"sourceIdentifier": "security@mozilla.org",
"published": "2023-09-11T09:15:09.680",
"lastModified": "2023-09-11T12:41:46.007",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-14T03:52:30.463",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "When checking if the Browsing Context had been discarded in `HttpBaseChannel`, if the load group was not available then it was assumed to have already been discarded which was not always the case for private channels after the private session had ended. This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
"versionEndExcluding": "117.0",
"matchCriteriaId": "97397EB0-B9CD-4C1F-B2DC-92F03D4DC61B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*",
"versionEndExcluding": "115.2",
"matchCriteriaId": "3DB778E6-50ED-4395-AFA5-A0043AEB4382"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*",
"versionEndExcluding": "115.2",
"matchCriteriaId": "F88F4161-8C10-4753-BE49-8AE5FB965EE4"
}
]
}
]
}
],
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1842030",
"source": "security@mozilla.org"
"source": "security@mozilla.org",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-34/",
"source": "security@mozilla.org"
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-36/",
"source": "security@mozilla.org"
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-38/",
"source": "security@mozilla.org"
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
]
}
]
}

108
CVE-2023/CVE-2023-45xx/CVE-2023-4584.json
View File

@ -2,39 +2,129 @@
"id": "CVE-2023-4584",
"sourceIdentifier": "security@mozilla.org",
"published": "2023-09-11T09:15:09.740",
"lastModified": "2023-09-13T11:15:11.450",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-09-14T03:45:38.877",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Memory safety bugs present in Firefox 116, Firefox ESR 102.14, Firefox ESR 115.1, Thunderbird 102.14, and Thunderbird 115.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 117, Firefox ESR < 102.15, Firefox ESR < 115.2, Thunderbird < 102.15, and Thunderbird < 115.2."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
"versionEndExcluding": "117.0",
"matchCriteriaId": "97397EB0-B9CD-4C1F-B2DC-92F03D4DC61B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*",
"versionEndExcluding": "102.15",
"matchCriteriaId": "066F8E6C-E629-4F70-8925-CB5C901E3A07"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*",
"versionStartIncluding": "115.0",
"versionEndExcluding": "115.2",
"matchCriteriaId": "67258574-7F75-45A3-A8B9-6AF93E20C1CC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*",
"versionEndExcluding": "115.2",
"matchCriteriaId": "F88F4161-8C10-4753-BE49-8AE5FB965EE4"
}
]
}
]
}
],
"references": [
{
"url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1843968%2C1845205%2C1846080%2C1846526%2C1847529",
"source": "security@mozilla.org"
"source": "security@mozilla.org",
"tags": [
"Broken Link"
]
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-34/",
"source": "security@mozilla.org"
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-35/",
"source": "security@mozilla.org"
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-36/",
"source": "security@mozilla.org"
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-37/",
"source": "security@mozilla.org"
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-38/",
"source": "security@mozilla.org"
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
]
}
]
}

91
CVE-2023/CVE-2023-45xx/CVE-2023-4585.json
View File

@ -2,31 +2,108 @@
"id": "CVE-2023-4585",
"sourceIdentifier": "security@mozilla.org",
"published": "2023-09-11T09:15:09.797",
"lastModified": "2023-09-11T12:41:46.007",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-14T03:45:17.523",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Memory safety bugs present in Firefox 116, Firefox ESR 115.1, and Thunderbird 115.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
"versionEndExcluding": "117.0",
"matchCriteriaId": "97397EB0-B9CD-4C1F-B2DC-92F03D4DC61B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*",
"versionEndExcluding": "115.2",
"matchCriteriaId": "3DB778E6-50ED-4395-AFA5-A0043AEB4382"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*",
"versionEndExcluding": "115.2",
"matchCriteriaId": "F88F4161-8C10-4753-BE49-8AE5FB965EE4"
}
]
}
]
}
],
"references": [
{
"url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1751583%2C1833504%2C1841082%2C1847904%2C1848999",
"source": "security@mozilla.org"
"source": "security@mozilla.org",
"tags": [
"Broken Link"
]
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-34/",
"source": "security@mozilla.org"
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-36/",
"source": "security@mozilla.org"
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-38/",
"source": "security@mozilla.org"
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
]
}
]
}

63
CVE-2023/CVE-2023-48xx/CVE-2023-4840.json
View File

@ -1,9 +1,9 @@
{
"id": "CVE-2023-4840",
"sourceIdentifier": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-09-12T02:15:13.360",
"lastModified": "2023-09-12T11:52:05.517",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-09-14T02:15:48.717",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -13,8 +13,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
@ -36,7 +56,7 @@
},
"weaknesses": [
{
"source": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
@ -46,18 +66,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mappresspro:mappress_maps_for_wordpress:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.88.4",
"matchCriteriaId": "5D355EC2-5AA4-45A9-AF7D-495859D8A347"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/mappress-google-maps-for-wordpress/tags/2.88.4/mappress_map.php#L381",
"source": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/mappress-google-maps-for-wordpress/tags/2.88.5/mappress.php?rev=2965022#L919",
"source": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c3d2c9a4-32f7-484f-86ce-a33ef1174b28?source=cve",
"source": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

63
CVE-2023/CVE-2023-48xx/CVE-2023-4841.json Normal file
View File

@ -0,0 +1,63 @@
{
"id": "CVE-2023-4841",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-09-14T03:15:08.583",
"lastModified": "2023-09-14T03:15:08.583",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Feeds for YouTube for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'youtube-feed' shortcode in versions up to, and including, 2.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/feeds-for-youtube/tags/2.1/templates/feed.php#L33",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/2966017/feeds-for-youtube#file564",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/376e2638-a873-4142-ad7d-067ae3333709?source=cve",
"source": "security@wordfence.com"
}
]
}

63
CVE-2023/CVE-2023-49xx/CVE-2023-4944.json Normal file
View File

@ -0,0 +1,63 @@
{
"id": "CVE-2023-4944",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-09-14T03:15:08.777",
"lastModified": "2023-09-14T03:15:08.777",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Awesome Weather Widget for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'awesome-weather' shortcode in versions up to, and including, 3.0.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/awesome-weather/tags/3.0.2/awesome-weather.php#L117",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/awesome-weather/tags/3.0.2/awesome-weather.php#L133",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/3bf77988-370b-437f-83a0-18a147e3e087?source=cve",
"source": "security@wordfence.com"
}
]
}

63
CVE-2023/CVE-2023-49xx/CVE-2023-4945.json Normal file
View File

@ -0,0 +1,63 @@
{
"id": "CVE-2023-4945",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-09-14T03:15:08.877",
"lastModified": "2023-09-14T03:15:08.877",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Booster for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple shortcodes in versions up to, and including, 7.1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/woocommerce-jetpack/tags/7.1.0/includes/shortcodes/class-wcj-general-shortcodes.php#L1035",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/2966325/woocommerce-jetpack",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/981639a3-63c4-4b3f-827f-4d770bd44806?source=cve",
"source": "security@wordfence.com"
}
]
}

58
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-09-14T02:00:25.134907+00:00
2023-09-14T04:00:25.753690+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-09-14T01:52:27.907000+00:00
2023-09-14T03:53:15.150000+00:00
```
### Last Data Feed Release
@ -29,39 +29,47 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
224899
224902
```
### CVEs added in the last Commit
Recently added CVEs: `0`
Recently added CVEs: `3`
* [CVE-2023-4841](CVE-2023/CVE-2023-48xx/CVE-2023-4841.json) (`2023-09-14T03:15:08.583`)
* [CVE-2023-4944](CVE-2023/CVE-2023-49xx/CVE-2023-4944.json) (`2023-09-14T03:15:08.777`)
* [CVE-2023-4945](CVE-2023/CVE-2023-49xx/CVE-2023-4945.json) (`2023-09-14T03:15:08.877`)
### CVEs modified in the last Commit
Recently modified CVEs: `20`
Recently modified CVEs: `32`
* [CVE-2012-2098](CVE-2012/CVE-2012-20xx/CVE-2012-2098.json) (`2023-09-14T00:15:07.623`)
* [CVE-2023-31284](CVE-2023/CVE-2023-312xx/CVE-2023-31284.json) (`2023-09-14T00:15:08.960`)
* [CVE-2023-36805](CVE-2023/CVE-2023-368xx/CVE-2023-36805.json) (`2023-09-14T00:30:46.650`)
* [CVE-2023-4914](CVE-2023/CVE-2023-49xx/CVE-2023-4914.json) (`2023-09-14T00:43:57.353`)
* [CVE-2023-4913](CVE-2023/CVE-2023-49xx/CVE-2023-4913.json) (`2023-09-14T00:44:04.400`)
* [CVE-2023-40784](CVE-2023/CVE-2023-407xx/CVE-2023-40784.json) (`2023-09-14T00:44:12.470`)
* [CVE-2023-40218](CVE-2023/CVE-2023-402xx/CVE-2023-40218.json) (`2023-09-14T00:45:00.417`)
* [CVE-2023-2071](CVE-2023/CVE-2023-20xx/CVE-2023-2071.json) (`2023-09-14T00:45:17.207`)
* [CVE-2023-40834](CVE-2023/CVE-2023-408xx/CVE-2023-40834.json) (`2023-09-14T00:45:48.203`)
* [CVE-2023-39150](CVE-2023/CVE-2023-391xx/CVE-2023-39150.json) (`2023-09-14T00:45:57.777`)
* [CVE-2023-4890](CVE-2023/CVE-2023-48xx/CVE-2023-4890.json) (`2023-09-14T00:46:23.910`)
* [CVE-2023-36886](CVE-2023/CVE-2023-368xx/CVE-2023-36886.json) (`2023-09-14T00:47:57.027`)
* [CVE-2023-35674](CVE-2023/CVE-2023-356xx/CVE-2023-35674.json) (`2023-09-14T01:28:46.143`)
* [CVE-2023-35673](CVE-2023/CVE-2023-356xx/CVE-2023-35673.json) (`2023-09-14T01:30:16.627`)
* [CVE-2023-35671](CVE-2023/CVE-2023-356xx/CVE-2023-35671.json) (`2023-09-14T01:31:36.297`)
* [CVE-2023-35670](CVE-2023/CVE-2023-356xx/CVE-2023-35670.json) (`2023-09-14T01:41:38.713`)
* [CVE-2023-35669](CVE-2023/CVE-2023-356xx/CVE-2023-35669.json) (`2023-09-14T01:44:54.843`)
* [CVE-2023-35667](CVE-2023/CVE-2023-356xx/CVE-2023-35667.json) (`2023-09-14T01:46:29.760`)
* [CVE-2023-35666](CVE-2023/CVE-2023-356xx/CVE-2023-35666.json) (`2023-09-14T01:51:25.017`)
* [CVE-2023-35664](CVE-2023/CVE-2023-356xx/CVE-2023-35664.json) (`2023-09-14T01:52:27.907`)
* [CVE-2022-28833](CVE-2022/CVE-2022-288xx/CVE-2022-28833.json) (`2023-09-14T03:40:59.527`)
* [CVE-2022-28832](CVE-2022/CVE-2022-288xx/CVE-2022-28832.json) (`2023-09-14T03:41:11.190`)
* [CVE-2022-28831](CVE-2022/CVE-2022-288xx/CVE-2022-28831.json) (`2023-09-14T03:41:28.657`)
* [CVE-2023-35684](CVE-2023/CVE-2023-356xx/CVE-2023-35684.json) (`2023-09-14T02:02:15.467`)
* [CVE-2023-35687](CVE-2023/CVE-2023-356xx/CVE-2023-35687.json) (`2023-09-14T02:03:49.147`)
* [CVE-2023-37489](CVE-2023/CVE-2023-374xx/CVE-2023-37489.json) (`2023-09-14T02:07:38.067`)
* [CVE-2023-41368](CVE-2023/CVE-2023-413xx/CVE-2023-41368.json) (`2023-09-14T02:09:01.010`)
* [CVE-2023-41369](CVE-2023/CVE-2023-413xx/CVE-2023-41369.json) (`2023-09-14T02:11:35.203`)
* [CVE-2023-4840](CVE-2023/CVE-2023-48xx/CVE-2023-4840.json) (`2023-09-14T02:15:48.717`)
* [CVE-2023-35658](CVE-2023/CVE-2023-356xx/CVE-2023-35658.json) (`2023-09-14T02:18:53.670`)
* [CVE-2023-38164](CVE-2023/CVE-2023-381xx/CVE-2023-38164.json) (`2023-09-14T02:30:40.417`)
* [CVE-2023-38163](CVE-2023/CVE-2023-381xx/CVE-2023-38163.json) (`2023-09-14T02:34:29.220`)
* [CVE-2023-20867](CVE-2023/CVE-2023-208xx/CVE-2023-20867.json) (`2023-09-14T03:15:07.567`)
* [CVE-2023-20897](CVE-2023/CVE-2023-208xx/CVE-2023-20897.json) (`2023-09-14T03:15:08.073`)
* [CVE-2023-20898](CVE-2023/CVE-2023-208xx/CVE-2023-20898.json) (`2023-09-14T03:15:08.180`)
* [CVE-2023-20900](CVE-2023/CVE-2023-209xx/CVE-2023-20900.json) (`2023-09-14T03:15:08.267`)
* [CVE-2023-31284](CVE-2023/CVE-2023-312xx/CVE-2023-31284.json) (`2023-09-14T03:15:08.403`)
* [CVE-2023-4585](CVE-2023/CVE-2023-45xx/CVE-2023-4585.json) (`2023-09-14T03:45:17.523`)
* [CVE-2023-4584](CVE-2023/CVE-2023-45xx/CVE-2023-4584.json) (`2023-09-14T03:45:38.877`)
* [CVE-2023-4583](CVE-2023/CVE-2023-45xx/CVE-2023-4583.json) (`2023-09-14T03:52:30.463`)
* [CVE-2023-4582](CVE-2023/CVE-2023-45xx/CVE-2023-4582.json) (`2023-09-14T03:52:38.367`)
* [CVE-2023-4581](CVE-2023/CVE-2023-45xx/CVE-2023-4581.json) (`2023-09-14T03:52:57.273`)
* [CVE-2023-4579](CVE-2023/CVE-2023-45xx/CVE-2023-4579.json) (`2023-09-14T03:53:02.330`)
* [CVE-2023-4578](CVE-2023/CVE-2023-45xx/CVE-2023-4578.json) (`2023-09-14T03:53:09.187`)
* [CVE-2023-4580](CVE-2023/CVE-2023-45xx/CVE-2023-4580.json) (`2023-09-14T03:53:15.150`)
## Download and Usage