admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-21 17:41:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-05-09T18:00:48.782033+00:00

Browse Source
This commit is contained in:
René Helmke 2023-05-09 20:00:51 +02:00
parent 464ea60bab
commit 8ef1de4353
93 changed files with 15733 additions and 336 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

61
CVE-2013/CVE-2013-100xx/CVE-2013-10026.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2013-10026",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-05-02T02:15:27.267",
"lastModified": "2023-05-02T12:56:18.213",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-09T17:18:59.857",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,18 +93,47 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:webfwd:mail_subscribe_list:*:*:*:*:*:wordpress:*:*",
"versionStartIncluding": "2.0.0",
"versionEndIncluding": "2.0.10",
"matchCriteriaId": "E1DD13F6-E603-4881-AC7E-6E8EF70A21F6"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/wp-plugins/mail-subscribe-list/commit/484970ef8285cae51d2de3bd4e4684d33c956c28",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Patch"
]
},
{
"url": "https://vuldb.com/?ctiid.227765",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.227765",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"VDB Entry"
]
}
]
}

96
CVE-2017/CVE-2017-99xx/CVE-2017-9946.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2017-9946",
"sourceIdentifier": "productcert@siemens.com",
"published": "2017-10-23T08:29:00.820",
"lastModified": "2022-10-28T16:15:10.453",
"vulnStatus": "Modified",
"lastModified": "2023-05-09T16:27:38.737",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -15,13 +15,13 @@
}
],
"metrics": {
"cvssMetricV30": [
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
@ -95,9 +95,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:apogee_pxc_bacnet_automation_controller_firmware:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:o:siemens:apogee_pxc_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.5",
"matchCriteriaId": "C0E9D71C-B7C2-441A-9B0E-86CE7324F95A"
"matchCriteriaId": "2449F533-CA42-44D4-B69E-B7B9F3A4EAD9"
}
]
},
@ -107,8 +107,8 @@
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:apogee_pxc_bacnet_automation_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0CFFD37-F58F-48D3-A466-06CAAC8BD580"
"criteria": "cpe:2.3:h:siemens:apogee_pxc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B73DAA70-4CFB-4E63-ADC7-EC8A93E0BBBB"
}
]
}
@ -123,9 +123,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:talon_tc_bacnet_automation_controller_firmware:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:o:siemens:apogee_pxc_modular_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.5",
"matchCriteriaId": "66E865A3-C5B8-4706-BE08-F7432A29470C"
"matchCriteriaId": "B1604D4C-3E06-46D0-8D39-0A5BC7CE5A1D"
}
]
},
@ -135,8 +135,64 @@
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:talon_tc_bacnet_automation_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FAF84B39-9B10-4955-8E18-B389D1E3003B"
"criteria": "cpe:2.3:h:siemens:apogee_pxc_modular:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D9485F0B-03E0-4442-B615-2DA91AE1CD00"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:talon_tc_compact_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.5",
"matchCriteriaId": "23756E05-4AD6-4888-AC07-C8E906CA5722"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:talon_tc_compact:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46D32EF0-8AEC-4594-8928-45F34DC60600"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:talon_tc_modular_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.5",
"matchCriteriaId": "AB1AF7BE-295B-4386-81F3-B08A1E15DD5F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:talon_tc_modular:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00C647D8-1725-42FA-8042-6C413EE67573"
}
]
}
@ -146,24 +202,34 @@
"references": [
{
"url": "http://packetstormsecurity.com/files/169544/Siemens-APOGEE-PXC-TALON-TC-Authentication-Bypass.html",
"source": "productcert@siemens.com"
"source": "productcert@siemens.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.securityfocus.com/bid/101248",
"source": "productcert@siemens.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-148078.pdf",
"source": "productcert@siemens.com"
"source": "productcert@siemens.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-148078.pdf",
"source": "productcert@siemens.com",
"tags": [
"Broken Link",
"Vendor Advisory"
]
}

96
CVE-2017/CVE-2017-99xx/CVE-2017-9947.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2017-9947",
"sourceIdentifier": "productcert@siemens.com",
"published": "2017-10-23T08:29:00.867",
"lastModified": "2022-10-28T16:15:12.697",
"vulnStatus": "Modified",
"lastModified": "2023-05-09T16:27:57.397",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -15,13 +15,13 @@
}
],
"metrics": {
"cvssMetricV30": [
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
@ -95,9 +95,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:apogee_pxc_bacnet_automation_controller_firmware:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:o:siemens:apogee_pxc_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.5",
"matchCriteriaId": "C0E9D71C-B7C2-441A-9B0E-86CE7324F95A"
"matchCriteriaId": "2449F533-CA42-44D4-B69E-B7B9F3A4EAD9"
}
]
},
@ -107,8 +107,8 @@
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:apogee_pxc_bacnet_automation_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0CFFD37-F58F-48D3-A466-06CAAC8BD580"
"criteria": "cpe:2.3:h:siemens:apogee_pxc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B73DAA70-4CFB-4E63-ADC7-EC8A93E0BBBB"
}
]
}
@ -123,9 +123,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:apogee_pxc_bacnet_automation_controller_firmware:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:o:siemens:apogee_pxc_modular_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.5",
"matchCriteriaId": "C0E9D71C-B7C2-441A-9B0E-86CE7324F95A"
"matchCriteriaId": "B1604D4C-3E06-46D0-8D39-0A5BC7CE5A1D"
}
]
},
@ -135,8 +135,64 @@
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:talon_tc_bacnet_automation_controller:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FAF84B39-9B10-4955-8E18-B389D1E3003B"
"criteria": "cpe:2.3:h:siemens:apogee_pxc_modular:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D9485F0B-03E0-4442-B615-2DA91AE1CD00"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:talon_tc_compact_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.5",
"matchCriteriaId": "23756E05-4AD6-4888-AC07-C8E906CA5722"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:talon_tc_compact:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46D32EF0-8AEC-4594-8928-45F34DC60600"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:talon_tc_modular_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.5",
"matchCriteriaId": "AB1AF7BE-295B-4386-81F3-B08A1E15DD5F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:talon_tc_modular:-:*:*:*:*:*:*:*",
"matchCriteriaId": "00C647D8-1725-42FA-8042-6C413EE67573"
}
]
}
@ -146,24 +202,34 @@
"references": [
{
"url": "http://packetstormsecurity.com/files/169544/Siemens-APOGEE-PXC-TALON-TC-Authentication-Bypass.html",
"source": "productcert@siemens.com"
"source": "productcert@siemens.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.securityfocus.com/bid/101248",
"source": "productcert@siemens.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-148078.pdf",
"source": "productcert@siemens.com"
"source": "productcert@siemens.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-148078.pdf",
"source": "productcert@siemens.com",
"tags": [
"Broken Link",
"Vendor Advisory"
]
}

375
CVE-2019/CVE-2019-139xx/CVE-2019-13939.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2019-13939",
"sourceIdentifier": "productcert@siemens.com",
"published": "2020-01-16T16:15:16.277",
"lastModified": "2022-05-20T14:15:08.430",
"vulnStatus": "Modified",
"lastModified": "2023-05-09T16:27:15.257",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -323,6 +323,371 @@
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:desigo_pxc00-e.d_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.3.0",
"versionEndExcluding": "6.00.327",
"matchCriteriaId": "BC441789-6954-48E7-9A42-1A2993C93066"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:desigo_pxc00-e.d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1727849-2FD8-40A2-91D3-E0C9662B45BC"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:desigo_pxc00-u_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.3.0",
"versionEndExcluding": "6.00.327",
"matchCriteriaId": "E396F519-8055-486E-A2DB-F9E6DD5B1E2D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:desigo_pxc00-u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD39D011-8AE2-46FE-9207-C110E2FBC07C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:desigo_pxc001-e.d_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.3.0",
"versionEndExcluding": "6.00.327",
"matchCriteriaId": "8ACD8296-AC32-42CE-8B8D-A3F6FFD7A869"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:desigo_pxc001-e.d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCC50C13-FA05-4459-BA1E-482D886B842B"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:desigo_pxc12-e.d_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.3.0",
"versionEndExcluding": "6.00.327",
"matchCriteriaId": "F6B65BC2-7D65-4216-8B3A-773825297CFE"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:desigo_pxc12-e.d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDA404C0-FD6D-47CC-950C-E5DCC993C8E6"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:desigo_pxc22-e.d_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.3.0",
"versionEndExcluding": "6.00.327",
"matchCriteriaId": "9C4CDD0E-FAB0-4F44-96AB-9ADDEFB456EC"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:desigo_pxc22-e.d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4A4D84CE-07AB-4305-9C48-54392772D4EB"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:desigo_pxc22.1-e.d_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.3.0",
"versionEndExcluding": "6.00.327",
"matchCriteriaId": "F5B66D45-3F60-469D-ADF6-ECB02567970C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:desigo_pxc22.1-e.d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E67F374-BF75-4334-A6D5-AB570E0A70D8"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:desigo_pxc36.1-e.d_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.3.0",
"versionEndExcluding": "6.00.327",
"matchCriteriaId": "B1C11C33-5757-44C5-9CC2-4BC3F287DD75"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:desigo_pxc36.1-e.d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CA7EF94-2EE2-4B53-A544-F675306DF84F"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:desigopxc50-e.d_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "93AC0E5C-5A08-43E4-88E5-7681755126F0"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:desigopxc50-e.d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F2D5B24-63B5-41C8-B20B-98699C4979F9"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:desigopxc64-u_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BCB6399E-E7BD-4469-8166-B03B74E421BE"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:desigopxc64-u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "980885C3-B98A-4AC9-AB86-A8BBFF23F37D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:desigopxc100-e.d_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F9118355-1BBC-43C7-9923-0F8FAEA70D40"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:desigopxc100-e.d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "93E5FEC8-EAE9-4235-91EE-FE68CCE19C43"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:desigopxc128-u_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD7B8DC6-A346-4D4B-B6F6-9831E7D1F999"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:desigopxc128-u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BF17316C-DDD6-42F9-A147-6729632D9902"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:desigopxc200-e.d_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ED820905-73EA-41F8-A2C5-17CD6BCF1707"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:desigopxc200-e.d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E05F84E0-808C-4C40-9D50-9BE0117B791E"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:desigopxm20-e_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2EFE56A4-408F-4807-A76D-B54AD9C85C28"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:desigopxm20-e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "162C32E8-05CD-40A2-AB56-17CE4D85842F"
}
]
}
]
}
],
"references": [
@ -342,7 +707,11 @@
},
{
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-105-06",
"source": "productcert@siemens.com"
"source": "productcert@siemens.com",
"tags": [
"Third Party Advisory",
"US Government Resource"
]
}
]
}

20
CVE-2020/CVE-2020-182xx/CVE-2020-18280.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2020-18280",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-09T16:15:13.690",
"lastModified": "2023-05-09T17:37:00.247",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Cross Site Scripting vulnerability found in Phodal CMD v.1.0 allows a local attacker to execute arbitrary code via the EMBED SRC function."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/phodal/md/issues/20",
"source": "cve@mitre.org"
}
]
}

20
CVE-2020/CVE-2020-233xx/CVE-2020-23362.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2020-23362",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-09T16:15:13.963",
"lastModified": "2023-05-09T17:37:00.247",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Insecure Permissons vulnerability found in Shop_CMS YerShop all versions allows a remote attacker to escalate privileges via the cover_id parameter."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/huyiwill/shopcms_lang/issues/1",
"source": "cve@mitre.org"
}
]
}

20
CVE-2020/CVE-2020-233xx/CVE-2020-23363.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2020-23363",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-09T16:15:14.090",
"lastModified": "2023-05-09T17:37:00.247",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Cross Site Request Forgery (CSRF) vulnerability found in Verytops Verydows all versions that allows an attacker to execute arbitrary code via a crafted script."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/Verytops/verydows/issues/17",
"source": "cve@mitre.org"
}
]
}

20
CVE-2021/CVE-2021-312xx/CVE-2021-31240.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2021-31240",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-09T16:15:14.147",
"lastModified": "2023-05-09T17:37:00.247",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An issue found in libming v.0.4.8 allows a local attacker to execute arbitrary code via the parseSWF_IMPORTASSETS function in the parser.c file."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/libming/libming/issues/218",
"source": "cve@mitre.org"
}
]
}

20
CVE-2021/CVE-2021-317xx/CVE-2021-31711.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2021-31711",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-09T16:15:14.197",
"lastModified": "2023-05-09T17:37:00.247",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Cross Site Scripting vulnerability found in Trippo ResponsiveFilemanager v.9.14.0 and before allows a remote attacker to execute arbitrary code via the sort_by parameter in the dialog.php file."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/trippo/ResponsiveFilemanager/issues/661",
"source": "cve@mitre.org"
}
]
}

1528
CVE-2022/CVE-2022-257xx/CVE-2022-25713.json
View File

File diff suppressed because it is too large Load Diff

165
CVE-2022/CVE-2022-309xx/CVE-2022-30995.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-30995",
"sourceIdentifier": "security@acronis.com",
"published": "2023-05-03T11:15:11.193",
"lastModified": "2023-05-03T14:41:11.100",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-09T17:03:06.093",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "security@acronis.com",
@ -35,6 +57,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
},
{
"source": "security@acronis.com",
"type": "Secondary",
@ -46,10 +78,137 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_backup:12.5:-:*:*:*:*:*:*",
"matchCriteriaId": "3117B8C4-C8E6-4F50-923D-5BF50222337D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_backup:12.5:10130:*:*:*:*:*:*",
"matchCriteriaId": "C2ECE37D-291E-4D07-9D8B-79D09D78FA35"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_backup:12.5:10330:*:*:*:*:*:*",
"matchCriteriaId": "9826E331-15CB-454D-80E6-B39B380894F7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_backup:12.5:11010:*:*:*:*:*:*",
"matchCriteriaId": "89A4839A-EF22-4E28-82ED-5828207D7ADE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_backup:12.5:13160:*:*:*:*:*:*",
"matchCriteriaId": "A847D357-EB6F-4CBF-AEB7-20ABF6B6A0E3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_backup:12.5:13400:*:*:*:*:*:*",
"matchCriteriaId": "6677430F-19A5-4D7A-91F5-9D906DC48174"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_backup:12.5:14280:*:*:*:*:*:*",
"matchCriteriaId": "C38873F8-EB4E-4B20-B4BB-A8E9CC2E4FC2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_backup:12.5:14330:*:*:*:*:*:*",
"matchCriteriaId": "00644AD1-6114-4470-8AD6-C2D975329A71"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_backup:12.5:16180:*:*:*:*:*:*",
"matchCriteriaId": "49694CEB-C054-4D02-A7BA-D57E7A1538C3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_backup:12.5:16318:*:*:*:*:*:*",
"matchCriteriaId": "3FE3F243-202A-4EF5-B4B8-F912B6763F22"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_backup:12.5:16327:*:*:*:*:*:*",
"matchCriteriaId": "D5831900-150B-4DAD-A17D-C974F8F91C8D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_backup:12.5:7641:*:*:*:*:*:*",
"matchCriteriaId": "3F540D84-5562-41AE-9294-64F19596149E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_backup:12.5:7970:*:*:*:*:*:*",
"matchCriteriaId": "122DEB91-6506-4F94-9C79-887EECE68A7A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_backup:12.5:8850:*:*:*:*:*:*",
"matchCriteriaId": "0B6EA731-C344-424E-B5FB-291CD59DDAB5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_backup:12.5:9010:*:*:*:*:*:*",
"matchCriteriaId": "EF144B8E-E42F-41E3-8E23-88B1F862D14A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:-:*:*:*:*:*:*",
"matchCriteriaId": "89899D10-1343-4276-919A-9C1DF2DB8B55"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update1:*:*:*:*:*:*",
"matchCriteriaId": "A77B2499-B3A4-4278-BA0D-59AB59C60352"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update2:*:*:*:*:*:*",
"matchCriteriaId": "BAF6A576-C320-4550-B7F8-4FCAE82FB06A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update3:*:*:*:*:*:*",
"matchCriteriaId": "9740A956-D589-4846-8717-B6182EB65F8B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://security-advisory.acronis.com/advisories/SEC-3855",
"source": "security@acronis.com"
"source": "security@acronis.com",
"tags": [
"Vendor Advisory"
]
}
]
}

260
CVE-2022/CVE-2022-332xx/CVE-2022-33281.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-33281",
"sourceIdentifier": "product-security@qualcomm.com",
"published": "2023-05-02T06:15:09.507",
"lastModified": "2023-05-02T12:56:18.213",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-09T16:37:34.280",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "product-security@qualcomm.com",
"type": "Secondary",
@ -34,10 +54,244 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-129"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wcn685x-5_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A3CF46D-E1CB-447E-8371-15C3F49B1AA9"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wcn685x-5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B74FDAF1-82D0-4136-BF97-25C56FCEE77C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wcn685x-1_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A07C2049-B227-4849-85D0-B53D690C7697"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wcn685x-1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "88D2DB07-B72B-4D44-A373-0C7EAB35F388"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wcn785x-1_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C41266FF-5555-4522-AD55-6A7CF8BA33D5"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wcn785x-1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E9C428C-7470-4178-9029-3234086D93F1"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wcn785x-5_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "04EA12D4-24E2-4FE9-8CD6-06A8E36DEB2F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wcn785x-5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2AED978B-0330-4B9B-B662-AA8E9E621996"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:sm8450_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A38C0AFD-D666-423C-8903-BB026965D97C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:sm8450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "59DBE92C-D428-4952-B94F-B46B3A627DFD"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "70292B01-617F-44AD-AF77-1AFC1450523D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FA94C6D6-85DB-4031-AAF4-C399019AE16D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wsa8830_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11B69595-E488-4590-A150-CE5BE08B5E13"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wsa8830:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BF680174-5FA6-47D9-8EAB-CC2A37A7BD42"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wsa8835_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F80BC68E-7476-4A40-9F48-53722FE9A5BF"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wsa8835:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B36F4B2-BAA3-45AD-9967-0EB482C99708"
}
]
}
]
}
],
"references": [
{
"url": "https://www.qualcomm.com/company/product-security/bulletins/may-2023-bulletin",
"source": "product-security@qualcomm.com"
"source": "product-security@qualcomm.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

260
CVE-2022/CVE-2022-332xx/CVE-2022-33292.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-33292",
"sourceIdentifier": "product-security@qualcomm.com",
"published": "2023-05-02T06:15:09.757",
"lastModified": "2023-05-02T12:56:18.213",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-09T16:37:09.067",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "product-security@qualcomm.com",
"type": "Secondary",
@ -34,10 +54,244 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:sg4150p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9279F02F-6C30-4891-8941-97003DE9C8C7"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:sg4150p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FFA7BB42-305C-451F-92D8-0718DF68A012"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:sm6225_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EC2668D5-623D-4E13-AF37-6F7040A14007"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:sm6225:-:*:*:*:*:*:*:*",
"matchCriteriaId": "72B0F4C7-CA0F-4B9C-A6AA-60934B2AB2C2"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:sm6225-ad_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E089DC83-3849-4671-95B9-E4C958EC79FB"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:sm6225-ad:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E38F8F04-F841-492B-A555-96DBD7461380"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wcd9370_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1295D869-F4DD-4766-B4AA-3513752F43B4"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wcd9370:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B98784DC-3143-4D38-AD28-DBBDCCAB4272"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wcd9375_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "34143ABA-7D09-429F-A65C-3A33438BF62C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wcd9375:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9D56DFE3-5EF1-4B23-BBD5-0203FBF9CCEC"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wcn3950_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3FEF2DB6-00F5-4B07-953B-EF58B31267F1"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wcn3950:-:*:*:*:*:*:*:*",
"matchCriteriaId": "120E8F0F-EBEB-4565-9927-2D473F783EF7"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wcn3988_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E4BFB25F-013B-48E3-99FF-3E8687F94423"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wcn3988:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BF676C5B-838B-446C-A689-6A25AB8A87E2"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15307882-7039-43E9-9BA3-035045988B99"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AA85B322-E593-4499-829A-CC6D70BAE884"
}
]
}
]
}
],
"references": [
{
"url": "https://www.qualcomm.com/company/product-security/bulletins/may-2023-bulletin",
"source": "product-security@qualcomm.com"
"source": "product-security@qualcomm.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

1123
CVE-2022/CVE-2022-333xx/CVE-2022-33304.json
View File

File diff suppressed because it is too large Load Diff

2230
CVE-2022/CVE-2022-333xx/CVE-2022-33305.json
View File

File diff suppressed because it is too large Load Diff

1879
CVE-2022/CVE-2022-341xx/CVE-2022-34144.json
View File

File diff suppressed because it is too large Load Diff

171
CVE-2022/CVE-2022-34xx/CVE-2022-3405.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-3405",
"sourceIdentifier": "security@acronis.com",
"published": "2023-05-03T11:15:11.650",
"lastModified": "2023-05-03T14:41:11.100",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-09T17:02:27.727",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "security@acronis.com",
@ -35,6 +57,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "security@acronis.com",
"type": "Secondary",
@ -46,14 +78,145 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_backup:12.5:-:*:*:*:*:*:*",
"matchCriteriaId": "3117B8C4-C8E6-4F50-923D-5BF50222337D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_backup:12.5:10130:*:*:*:*:*:*",
"matchCriteriaId": "C2ECE37D-291E-4D07-9D8B-79D09D78FA35"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_backup:12.5:10330:*:*:*:*:*:*",
"matchCriteriaId": "9826E331-15CB-454D-80E6-B39B380894F7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_backup:12.5:11010:*:*:*:*:*:*",
"matchCriteriaId": "89A4839A-EF22-4E28-82ED-5828207D7ADE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_backup:12.5:13160:*:*:*:*:*:*",
"matchCriteriaId": "A847D357-EB6F-4CBF-AEB7-20ABF6B6A0E3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_backup:12.5:13400:*:*:*:*:*:*",
"matchCriteriaId": "6677430F-19A5-4D7A-91F5-9D906DC48174"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_backup:12.5:14280:*:*:*:*:*:*",
"matchCriteriaId": "C38873F8-EB4E-4B20-B4BB-A8E9CC2E4FC2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_backup:12.5:14330:*:*:*:*:*:*",
"matchCriteriaId": "00644AD1-6114-4470-8AD6-C2D975329A71"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_backup:12.5:16180:*:*:*:*:*:*",
"matchCriteriaId": "49694CEB-C054-4D02-A7BA-D57E7A1538C3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_backup:12.5:16318:*:*:*:*:*:*",
"matchCriteriaId": "3FE3F243-202A-4EF5-B4B8-F912B6763F22"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_backup:12.5:16327:*:*:*:*:*:*",
"matchCriteriaId": "D5831900-150B-4DAD-A17D-C974F8F91C8D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_backup:12.5:7641:*:*:*:*:*:*",
"matchCriteriaId": "3F540D84-5562-41AE-9294-64F19596149E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_backup:12.5:7970:*:*:*:*:*:*",
"matchCriteriaId": "122DEB91-6506-4F94-9C79-887EECE68A7A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_backup:12.5:8850:*:*:*:*:*:*",
"matchCriteriaId": "0B6EA731-C344-424E-B5FB-291CD59DDAB5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_backup:12.5:9010:*:*:*:*:*:*",
"matchCriteriaId": "EF144B8E-E42F-41E3-8E23-88B1F862D14A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:-:*:*:*:*:*:*",
"matchCriteriaId": "89899D10-1343-4276-919A-9C1DF2DB8B55"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update1:*:*:*:*:*:*",
"matchCriteriaId": "A77B2499-B3A4-4278-BA0D-59AB59C60352"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update2:*:*:*:*:*:*",
"matchCriteriaId": "BAF6A576-C320-4550-B7F8-4FCAE82FB06A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:cyber_protect:15:update3:*:*:*:*:*:*",
"matchCriteriaId": "9740A956-D589-4846-8717-B6182EB65F8B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://herolab.usd.de/security-advisories/usd-2022-0008/",
"source": "security@acronis.com"
"source": "security@acronis.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://security-advisory.acronis.com/advisories/SEC-4092",
"source": "security@acronis.com"
"source": "security@acronis.com",
"tags": [
"Vendor Advisory"
]
}
]
}

394
CVE-2022/CVE-2022-405xx/CVE-2022-40505.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-40505",
"sourceIdentifier": "product-security@qualcomm.com",
"published": "2023-05-02T06:15:10.173",
"lastModified": "2023-05-02T12:56:18.213",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-09T16:34:33.830",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "product-security@qualcomm.com",
"type": "Secondary",
@ -34,10 +54,378 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:9205_lte_modem_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "920F873B-F52D-4754-9726-BECCAD0CAC45"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:9205_lte_modem:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5EB573E2-C2B9-4B12-9EEF-9152FBFE3927"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:9206_lte_modem_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E2C2632A-02F2-4C59-AF96-E2C77940360F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:9206_lte_modem:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D10A104D-951A-4FA9-938A-1324640A998D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:9207_lte_modem_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CB54B6E-0AAE-428D-A264-4BF58A852645"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:9207_lte_modem:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E12F5DF9-4D12-4321-A92C-86862A91E816"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:mdm8207_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE3BA789-3EC2-474D-BD5F-AD67BAE64413"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:mdm8207:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5954E2E1-3A62-4601-8D7F-21B7B2D02370"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:qca4004_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DFB39496-8699-4DAF-BD7B-AE69260B20CB"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:qca4004:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E9CFBC24-5F15-40DE-806E-62C1EE808992"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:qca4010_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "04F1CE4C-CAF8-4AB9-B44D-ADC2F2E7CF4C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:qca4010:-:*:*:*:*:*:*:*",
"matchCriteriaId": "30C10881-C26D-452D-A2D1-8617C2709D60"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:qts110_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2D4B026-2118-448D-A48D-36864DE715B8"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:qts110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5ED10480-E005-452C-A03C-D669CE94ABE4"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:snapdragon_1100_wearable_platform_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E7760D19-1CE2-4EB1-A81A-EA2DE1E142D2"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:snapdragon_1100_wearable_platform:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E19FA5E-24D1-4E7B-B8A3-BFAA09E4A40C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:snapdragon_1200_wearable_platform_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E89870DD-3B20-4B06-9A51-755E204ECCDB"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:snapdragon_1200_wearable_platform:-:*:*:*:*:*:*:*",
"matchCriteriaId": "955F15D0-2F36-45E7-9828-96593DA7DA80"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:snapdragon_wear_1300_platform_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5A402233-B76F-41D5-B7C2-325C8FC4D560"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:snapdragon_wear_1300_platform:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C8643194-C881-408A-AAA1-78572075120A"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:snapdragon_x5_lte_modem_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "312A5688-2508-4609-835F-F0957C511AE8"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:snapdragon_x5_lte_modem:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADD6DFCE-2D24-4A68-8B46-FB47ABEC6694"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wcd9306_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC012AD0-BCEE-4B1E-9B15-5D77D78CEA01"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wcd9306:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F51C69B9-F0AB-4BF5-A8C2-64FEB7075593"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:wcd9330_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43A90019-4E96-40B5-9E4D-CCBDD51ACA34"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:wcd9330:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BC3D23FE-B3D5-4EC3-8268-98F12181966D"
}
]
}
]
}
],
"references": [
{
"url": "https://www.qualcomm.com/company/product-security/bulletins/may-2023-bulletin",
"source": "product-security@qualcomm.com"
"source": "product-security@qualcomm.com",
"tags": [
"Vendor Advisory"
]
}
]
}

1879
CVE-2022/CVE-2022-405xx/CVE-2022-40508.json
View File

File diff suppressed because it is too large Load Diff

14
CVE-2022/CVE-2022-411xx/CVE-2022-41104.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-41104",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-11-09T22:15:23.557",
"lastModified": "2023-04-11T21:15:15.003",
"lastModified": "2023-05-09T17:15:09.413",
"vulnStatus": "Modified",
"descriptions": [
{
@ -17,20 +17,20 @@
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",

14
CVE-2022/CVE-2022-411xx/CVE-2022-41120.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2022-41120",
"sourceIdentifier": "secure@microsoft.com",
"published": "2022-11-09T22:15:24.960",
"lastModified": "2022-11-16T02:45:52.217",
"vulnStatus": "Analyzed",
"lastModified": "2023-05-09T17:15:09.613",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Microsoft Windows Sysmon Elevation of Privilege Vulnerability."
"value": "Microsoft Windows System Monitor (Sysmon) Elevation of Privilege Vulnerability"
}
],
"metrics": {
@ -65,12 +65,8 @@
],
"references": [
{
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41120",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41120",
"source": "secure@microsoft.com"
}
]
}

129
CVE-2023/CVE-2023-13xx/CVE-2023-1387.json Normal file
View File

@ -0,0 +1,129 @@
{
"id": "CVE-2023-1387",
"sourceIdentifier": "security@grafana.com",
"published": "2023-04-26T14:15:09.430",
"lastModified": "2023-05-09T16:39:27.417",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Grafana is an open-source platform for monitoring and observability. \n\nStarting with the 9.1 branch, Grafana introduced the ability to search for a JWT in the URL query parameter auth_token and use it as the authentication token. \n\nBy enabling the \"url_login\" configuration option (disabled by default), a JWT might be sent to data sources. If an attacker has access to the data source, the leaked token could be used to authenticate to Grafana.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "security@grafana.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.2,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.5,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "security@grafana.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.1.0",
"versionEndExcluding": "9.2.17",
"matchCriteriaId": "5664FC02-E4AA-41EC-8EAA-300AD2272CC2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.3.0",
"versionEndExcluding": "9.3.13",
"matchCriteriaId": "5A544263-545D-4D86-B29F-F7FC12E9A34F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.4.0",
"versionEndExcluding": "9.4.9",
"matchCriteriaId": "99EBCA47-A3CD-4C20-B151-300D43426EB2"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/grafana/bugbounty/security/advisories/GHSA-5585-m9r5-p86j",
"source": "security@grafana.com",
"tags": [
"Exploit",
"Vendor Advisory"
]
},
{
"url": "https://grafana.com/security/security-advisories/cve-2023-1387/",
"source": "security@grafana.com",
"tags": [
"Vendor Advisory"
]
}
]
}

376
CVE-2023/CVE-2023-19xx/CVE-2023-1966.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-1966",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2023-04-28T19:15:16.573",
"lastModified": "2023-04-28T22:22:40.580",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-09T17:53:51.073",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-269"
}
]
},
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
@ -46,14 +76,352 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:illumina:iscan_firmware:4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B5000279-D40B-4526-B911-9E0641736EE1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:illumina:iscan_firmware:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "BD7BE281-02B5-4B87-A7E2-D0E3BB5309CF"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:illumina:iscan:-:*:*:*:*:*:*:*",
"matchCriteriaId": "08732A94-734B-486E-AB2C-A2E2CA3C66AE"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:illumina:iseq_100_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D22304CE-8F36-4B51-BAA2-E2C564C04CDF"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:illumina:iseq_100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0136ED72-BF05-404D-910A-DA5B73F69771"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:illumina:miniseq_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.0",
"matchCriteriaId": "E4B7C1F7-D185-4C72-B23C-A21103267CD6"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:illumina:miniseq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DA69772-E795-4A64-A6A1-0BDD503D263B"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:illumina:miseq_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.0",
"matchCriteriaId": "CC028805-6ED3-455B-8F4C-95A8B8C5E756"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:illumina:miseq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8AFB0D5A-AF5A-4A84-963F-C6307ADCFF4E"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:illumina:miseqdx_firmware:*:*:*:*:-:*:*:*",
"versionStartIncluding": "4.0.1",
"matchCriteriaId": "E97A49E3-4B87-4FE5-8FD4-5B36C61A0650"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:illumina:miseqdx_firmware:4.0:*:*:*:ruo:*:*:*",
"matchCriteriaId": "BE1CBD4E-42B1-42C6-9B3F-4F715A5DBF6D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:illumina:miseqdx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CBD56D9E-B16C-4ED4-A2E4-E73A3A9A599B"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:illumina:nextseq_500_firmware:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "22E34BB5-591C-4889-851E-9A66212C8B8C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:illumina:nextseq_500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1C7AEA5A-707D-4BF4-9DF6-BDE6E6D97B60"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:illumina:nextseq_550_firmware:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D0D02B5D-7E8A-41CD-BE27-5B012BE5C016"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:illumina:nextseq_550:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BF742B4D-0FC5-443A-8040-7B0A1B298707"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:illumina:nextseq_550dx_firmware:*:*:*:*:-:*:*:*",
"versionStartIncluding": "1.0.0",
"versionEndIncluding": "1.3.1",
"matchCriteriaId": "93DC004D-271D-4075-9828-E88CD7FFC403"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:illumina:nextseq_550dx_firmware:*:*:*:*:-:*:*:*",
"versionStartIncluding": "1.3.3",
"matchCriteriaId": "E199B789-BF31-40AC-B15E-31A97257002B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:illumina:nextseq_550dx_firmware:4.0:*:*:*:ruo:*:*:*",
"matchCriteriaId": "78D581A6-38A5-4F0A-A5CB-B25A9337EE78"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:illumina:nextseq_550dx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B3D5AB9D-7EAA-45F2-A10F-A2D142B20D3D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:illumina:nextseq_1000_firmware:1.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "94B82675-AA38-4584-82BD-9C376F80EA49"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:illumina:nextseq_1000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "93589C3C-F577-4C67-962F-166E28911ED2"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:illumina:nextseq_2000_firmware:1.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6671E6F8-85D5-4970-98FE-6189C8F98852"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:illumina:nextseq_2000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "753D8FDF-5D25-46B9-8E66-30FB8E8A9A87"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:illumina:novaseq_6000_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.7",
"matchCriteriaId": "3A429D26-AF22-4AC2-AB02-76C72B9B9B05"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:illumina:novaseq_6000_firmware:1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B4C702B1-4BAD-4E32-9659-D9F5C3F2F922"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:illumina:novaseq_6000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D879686-89E7-4152-AEF9-DC8A33FDA4A5"
}
]
}
]
}
],
"references": [
{
"url": "https://support.illumina.com/downloads/illumina-universal-copy-service-1-0.html",
"source": "ics-cert@hq.dhs.gov"
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-23-117-01",
"source": "ics-cert@hq.dhs.gov"
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
]
}
]
}

57
CVE-2023/CVE-2023-20xx/CVE-2023-2000.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2000",
"sourceIdentifier": "responsibledisclosure@mattermost.com",
"published": "2023-05-02T09:15:10.013",
"lastModified": "2023-05-02T12:56:12.940",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-09T16:31:00.540",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "responsibledisclosure@mattermost.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-601"
}
]
},
{
"source": "responsibledisclosure@mattermost.com",
"type": "Secondary",
@ -46,10 +76,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mattermost:mattermost_desktop:*:*:*:*:*:*:*:*",
"versionEndIncluding": "5.2.2",
"matchCriteriaId": "43F0D6D9-8088-476C-B8F4-ED71D295F446"
}
]
}
]
}
],
"references": [
{
"url": "https://mattermost.com/security-updates",
"source": "responsibledisclosure@mattermost.com"
"source": "responsibledisclosure@mattermost.com",
"tags": [
"Vendor Advisory"
]
}
]
}

394
CVE-2023/CVE-2023-216xx/CVE-2023-21642.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-21642",
"sourceIdentifier": "product-security@qualcomm.com",
"published": "2023-05-02T06:15:10.347",
"lastModified": "2023-05-02T12:56:18.213",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-09T16:32:01.093",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "product-security@qualcomm.com",
"type": "Secondary",
@ -34,10 +54,378 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:qam8295p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C2D9E281-B382-41AC-84CB-5B1063E5AC51"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:qam8295p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "44EBEBD5-98C3-493B-A108-FD4DE6FFBE97"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:qca6574au_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D527E2B1-2A46-4FBA-9F7A-F5543677C8FB"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:qca6574au:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8374DDB3-D484-4141-AE0C-42333D2721F6"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:qca6696_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0AE207DB-9770-40ED-961D-FDA75965826F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:qca6696:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0E23922D-C37F-476F-A623-4C1458A9156F"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:sa6145p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C66671C1-AE1A-44BE-9DB2-0B09FF4417DB"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:sa6145p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74AA3929-3F80-4D54-B13A-9B070D5C03BB"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:sa6150p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "054F77D6-FC66-4151-9005-DC7ECDB5C722"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:sa6150p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8ED3F589-16D9-46A7-A539-C9862473EE0D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:sa6155p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8DC40C14-3B2D-4E00-9E0F-86E6BDBF2D81"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:sa6155p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0514D433-162C-4680-8912-721D19BE6201"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:sa8145p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A71D74B0-0963-49FD-8E97-148C8993B263"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:sa8145p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "910CBFA4-50F7-4C7A-B9B9-B88C8A919827"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:sa8150p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "69C1B02F-8D2D-42E7-B70D-41F4D9844FD1"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:sa8150p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3FEACAA9-C061-4713-9A54-37D8BFC0B00B"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:sa8155p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C8648B38-2597-401A-8F53-D582FA911569"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:sa8155p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A01CD59B-8F21-4CD6-8A1A-7B37547A8715"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:sa8195p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "51BC0A66-493B-43BE-B51F-640BDF2FF32E"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:sa8195p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D8DA4D12-7ABF-4A04-B44E-E1D68C8E58AB"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:sa8295p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2A19659B-A0C3-44B7-8D54-BA21729873A4"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:sa8295p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F978041A-CE28-4BDF-A7DB-F0360F1A5F14"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:sa8540p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8FE8B62D-83B4-4326-8A53-FED5947D5FFE"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:sa8540p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2D6F8899-136A-4A57-9F02-BD428E1663DA"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:qualcomm:sa9000p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A024AB04-B213-4018-A4C1-FA467C7BA775"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:qualcomm:sa9000p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2A8AB7C-5D34-4794-8C06-2193075B323F"
}
]
}
]
}
],
"references": [
{
"url": "https://www.qualcomm.com/company/product-security/bulletins/may-2023-bulletin",
"source": "product-security@qualcomm.com"
"source": "product-security@qualcomm.com",
"tags": [
"Vendor Advisory"
]
}
]
}

123
CVE-2023/CVE-2023-217xx/CVE-2023-21712.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-21712",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-04-27T19:15:13.527",
"lastModified": "2023-04-28T12:58:13.110",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-09T16:50:44.697",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -34,10 +34,127 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-362"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.10240.19562",
"matchCriteriaId": "E583CAB1-6CA3-439D-9232-25D4AD4425BC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.5501",
"matchCriteriaId": "C4E7A8EB-F231-4358-B2F0-86CE298DCB32"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.3650",
"matchCriteriaId": "FD13C1A3-0D55-44B4-BCDA-3FE16F3FD0BB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_20h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19042.2251",
"matchCriteriaId": "53D74F18-E886-4BDD-BF98-6E3E7FDB416A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h1:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19043.2251",
"matchCriteriaId": "6CD19777-D4BC-4091-B5DF-196E3A5ECD41"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19044.2251",
"matchCriteriaId": "A22FD3BC-3283-49FD-89E7-120BD1BD5664"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19045.2486",
"matchCriteriaId": "127FA76C-101B-4DAB-9034-1B893016D06A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22000.1219",
"matchCriteriaId": "701F768A-FE97-481C-87FE-53135E160DD8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22000.819",
"matchCriteriaId": "6F3B7829-75E9-4734-9C07-EBDDDE67EE7A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E93068DB-549B-45AB-8E5C-00EB5D8B5CF8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C6CE5198-C498-4672-AF4C-77AB4BE06C5C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21712",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

10
CVE-2023/CVE-2023-217xx/CVE-2023-21738.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-21738",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-01-10T22:15:17.660",
"lastModified": "2023-04-27T19:15:14.440",
"lastModified": "2023-05-09T17:15:09.807",
"vulnStatus": "Modified",
"descriptions": [
{
@ -17,7 +17,7 @@
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
@ -25,12 +25,12 @@
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2
"impactScore": 5.9
},
{
"source": "nvd@nist.gov",

6
CVE-2023/CVE-2023-217xx/CVE-2023-21775.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-21775",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-01-24T00:15:10.590",
"lastModified": "2023-05-03T12:16:45.263",
"lastModified": "2023-05-09T17:15:09.937",
"vulnStatus": "Modified",
"descriptions": [
{
@ -74,10 +74,6 @@
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21775",
"source": "secure@microsoft.com"
},
{
"url": "https://security.gentoo.org/glsa/202305-10",
"source": "secure@microsoft.com"
}
]
}

6
CVE-2023/CVE-2023-217xx/CVE-2023-21795.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-21795",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-01-24T00:15:10.673",
"lastModified": "2023-05-03T12:16:45.393",
"lastModified": "2023-05-09T17:15:10.107",
"vulnStatus": "Modified",
"descriptions": [
{
@ -68,10 +68,6 @@
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21795",
"source": "secure@microsoft.com"
},
{
"url": "https://security.gentoo.org/glsa/202305-10",
"source": "secure@microsoft.com"
}
]
}

6
CVE-2023/CVE-2023-217xx/CVE-2023-21796.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-21796",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-01-24T00:15:10.747",
"lastModified": "2023-05-03T12:16:45.487",
"lastModified": "2023-05-09T17:15:10.237",
"vulnStatus": "Modified",
"descriptions": [
{
@ -68,10 +68,6 @@
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21796",
"source": "secure@microsoft.com"
},
{
"url": "https://security.gentoo.org/glsa/202305-10",
"source": "secure@microsoft.com"
}
]
}

63
CVE-2023/CVE-2023-21xx/CVE-2023-2158.json
View File

@ -2,16 +2,49 @@
"id": "CVE-2023-2158",
"sourceIdentifier": "disclosure@synopsys.com",
"published": "2023-04-27T18:15:13.160",
"lastModified": "2023-04-27T18:35:34.590",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-09T17:52:35.830",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Code Dx versions prior to 2023.4.2 are vulnerable to user impersonation attack where a malicious actor is able to gain access to another user's account by crafting a custom \"Remember Me\" token. This is possible due to the use of a hard-coded cipher which was used when generating the token. A malicious actor who creates this token can supply it to a separate Code Dx system, provided they know the username they want to impersonate, and impersonate the user.\u00a0\u00a0Score\u00a06.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N/E:P/RL:O/RC:C\n\n"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-798"
}
]
},
{
"source": "disclosure@synopsys.com",
"type": "Secondary",
@ -23,10 +56,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:synopsys:code_dx:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2023.4.2",
"matchCriteriaId": "2D045CD9-7385-46F6-8DA0-4F6780FCC363"
}
]
}
]
}
],
"references": [
{
"url": "https://community.synopsys.com/s/question/0D5Hr00006VdZblKAF/announcement-changelog-code-dx-202342",
"source": "disclosure@synopsys.com"
"source": "disclosure@synopsys.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

96
CVE-2023/CVE-2023-225xx/CVE-2023-22503.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-22503",
"sourceIdentifier": "security@atlassian.com",
"published": "2023-05-01T17:15:08.993",
"lastModified": "2023-05-01T20:07:26.670",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-09T16:24:56.853",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
],
"cvssMetricV30": [
{
"source": "security@atlassian.com",
@ -34,10 +56,78 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.13.15",
"matchCriteriaId": "ACD9E451-29B3-4D59-88E5-9AAB52C64B29"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.14.0",
"versionEndExcluding": "7.19.7",
"matchCriteriaId": "D6EA4793-BF98-4C48-9B80-90487A33B8C2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.20.0",
"versionEndExcluding": "8.2.0",
"matchCriteriaId": "7D5FBFE8-F97B-4E6B-B6AB-7EF9955B66BA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.13.15",
"matchCriteriaId": "7A9A23C3-4831-4882-9786-F63F8990206C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.14.0",
"versionEndExcluding": "7.19.7",
"matchCriteriaId": "B9F35096-F530-45EA-827F-56537235CCE3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:atlassian:confluence_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.20.0",
"versionEndExcluding": "8.2.0",
"matchCriteriaId": "CBBB9EBB-FFFA-4AE8-BA5A-D06D6D9A309E"
}
]
}
]
}
],
"references": [
{
"url": "https://jira.atlassian.com/browse/CONFSERVER-82403",
"source": "security@atlassian.com"
"source": "security@atlassian.com",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-226xx/CVE-2023-22691.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-22691",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-03T08:15:43.727",
"lastModified": "2023-05-03T10:33:46.147",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-09T17:07:24.280",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tipsandtricks-hq:category_specific_rss_feed_subscription:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.2",
"matchCriteriaId": "CB8EA803-336E-4994-ADD9-C39AE211CCAF"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/category-specific-rss-feed-menu/wordpress-category-specific-rss-feed-subscription-plugin-v2-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-237xx/CVE-2023-23790.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-23790",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-03T10:15:16.663",
"lastModified": "2023-05-03T10:33:46.147",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-09T17:04:45.130",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:podsfoundation:pods:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.9.11",
"matchCriteriaId": "221D8D6D-B228-4833-B618-ACDC16673C26"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/pods/wordpress-pods-custom-content-types-and-fields-plugin-2-9-10-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

70
CVE-2023/CVE-2023-23xx/CVE-2023-2355.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2355",
"sourceIdentifier": "security@acronis.com",
"published": "2023-04-27T19:15:20.597",
"lastModified": "2023-04-28T12:58:13.110",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-09T16:38:54.170",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "security@acronis.com",
@ -35,6 +57,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-427"
}
]
},
{
"source": "security@acronis.com",
"type": "Secondary",
@ -46,10 +78,42 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:snap_deploy:*:*:*:*:*:windows:*:*",
"versionEndExcluding": "6",
"matchCriteriaId": "E3653927-4EF6-4508-92E7-F2EB2C418A00"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:snap_deploy:6:-:*:*:*:windows:*:*",
"matchCriteriaId": "A12AF81B-8339-4F72-A30E-D5126B0BACE6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:snap_deploy:6:update1:*:*:*:windows:*:*",
"matchCriteriaId": "5AD3DAEE-A07B-47B6-A072-171E571F7B6D"
}
]
}
]
}
],
"references": [
{
"url": "https://security-advisory.acronis.com/advisories/SEC-4048",
"source": "security@acronis.com"
"source": "security@acronis.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

693
CVE-2023/CVE-2023-245xx/CVE-2023-24512.json Normal file
View File

@ -0,0 +1,693 @@
{
"id": "CVE-2023-24512",
"sourceIdentifier": "psirt@arista.com",
"published": "2023-04-25T21:15:10.190",
"lastModified": "2023-05-09T16:02:21.720",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "On affected platforms running Arista EOS, an authorized attacker with permissions to perform gNMI requests could craft a request allowing it to update arbitrary configurations in the switch. This situation occurs only when the Streaming Telemetry Agent (referred to as the TerminAttr agent) is enabled and gNMI access is configured on the agent. Note: This gNMI over the Streaming Telemetry Agent scenario is mostly commonly used when streaming to a 3rd party system and is not used by default when streaming to CloudVision"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "psirt@arista.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
},
{
"source": "psirt@arista.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.26.0",
"versionEndExcluding": "4.26.10m",
"matchCriteriaId": "341CA00E-8BDE-4BF9-90D4-7B07FC484D18"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.27.0",
"versionEndExcluding": "4.27.9m",
"matchCriteriaId": "00A7CEC1-C298-4AEE-A079-550167C2AA3A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.28.0",
"versionEndExcluding": "4.28.6m",
"matchCriteriaId": "32D876FE-C639-4870-A412-0239EA0155D0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.29.0",
"versionEndExcluding": "4.29.2f",
"matchCriteriaId": "24621B26-04A1-4693-BCB4-437544C08B50"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:32qd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4184EB8C-5972-413F-A6CD-B1365D242B41"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:48ehs:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FED3033F-6AFD-462B-BED4-032D84D41068"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:48lbas:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8EDFE460-5163-4A86-BFDE-7F0FA8EC96D1"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:48lbs:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8C680AE5-0810-4A0C-9234-405F2A879F87"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:48s6qd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38A296BD-4449-447C-AF27-F6C033C686D6"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:7010t-48:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4CCF6152-815E-4B3C-AE4B-CA598BEBD020"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:7020sr-24c2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7781CB15-3452-47D9-A961-8B09F2E9AEC1"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:7020sr-32c2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "09A31FB8-512E-43EF-8F87-E02E35F5251E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:7020tr-48:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CBFF922-28D7-42D6-8796-91AD9A178D28"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:7020tra-48:-:*:*:*:*:*:*:*",
"matchCriteriaId": "561B4042-DFD3-4BC0-9C5F-74799A7E92C5"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:7050cx3-32s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E1FF0290-C671-4ABC-8A12-05E4D55FC4AE"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:7050cx3m-32s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "828C6E4F-814A-4060-8F5E-7FF359C8739C"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:7050qx-32s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "253D74DE-97F5-40F3-B179-D2D4442C57FD"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:7050qx2-32s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "75E03F9E-522F-4D9B-9267-09E2550B5465"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:7050sx-128:-:*:*:*:*:*:*:*",
"matchCriteriaId": "895A7AFD-BE76-47F5-B67B-6279046E4274"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:7050sx-64:-:*:*:*:*:*:*:*",
"matchCriteriaId": "74E258EC-EA50-4185-AA35-5D963C359E74"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:7050sx-72q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1482D4FC-60B9-4C89-B892-71AA3E1031F3"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:7050sx2-128:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C99D84E9-2229-459E-AE90-49C2EF670884"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:7050sx2-72q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D922C725-1139-4DD4-92FC-9FF15E35CE62"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:7050sx3-48c8:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FE35C17F-0C60-4A40-9949-D4C5D94D1D7A"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:7050sx3-48yc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07BA078E-30B7-4E2C-B240-BF64E98143E9"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:7050sx3-48yc12:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBFD0706-CACB-40FA-A41B-46B39C6E1D33"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:7050sx3-48yc8:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5951D243-CB68-4B41-A913-D879CE502795"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:7050sx3-96yc8:-:*:*:*:*:*:*:*",
"matchCriteriaId": "73156612-D338-4E20-8C82-0E65DAA72331"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:7050tx-48:-:*:*:*:*:*:*:*",
"matchCriteriaId": "78E7CDCC-ADC6-4854-BFC4-72DA47C5F10B"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:7050tx-64:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B03678D-AD7B-4B1A-8E6A-1811DD8B1483"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:7050tx-72q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E803639C-13A1-48CA-A589-C83654AE454F"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:7050tx2-128:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A495D282-D3DC-4D18-AB72-2358834C238E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:7050tx3-48c8:-:*:*:*:*:*:*:*",
"matchCriteriaId": "388C57D8-4B3C-4E5D-84AA-0CB7506F825A"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:7060cx-32s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D518C8D5-A86B-46E5-A646-8939BFA2E116"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:7060cx2-32s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A1608297-7079-4F3B-857E-708B74E944D9"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:7060dx4-32:-:*:*:*:*:*:*:*",
"matchCriteriaId": "806A01C5-231D-4F9D-A292-E9DD706A0C66"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:7060px4-32:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AC10746F-8FC0-49EF-BB9C-EC49B734DFA3"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:7060sx2-48yc6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "26582E98-B710-46D7-B8F2-9286E0592FA6"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:7130-16g3s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EFFA321D-F4A5-434C-BB39-D2B2687001D6"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:7130-48g3s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2BE67B8-F326-48B7-AB82-04FE8C2E37E2"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:7130-96s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3264E086-4E90-41D0-8583-8FCF3CE4885D"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:7150s-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "93D74C0B-E470-4D45-98E2-775DE43997DF"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:7150s-52:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B2CAA23-003C-43E6-87CE-61E4369C2D30"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:7150s-64:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F7445075-D130-472C-B259-6BACE678541D"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:7150sc-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EF3FA52A-3A67-4515-9790-598860102893"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:7150sc-64:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6336F166-FAD3-4846-84B9-45F5FAA3D437"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:7160-32cq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7620401C-FB14-46F1-979B-B21194F90945"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:7160-48tc6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DFC236-44B3-4EEF-8937-4F86EE99EB45"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:7160-48yc6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "823E5569-C918-40E6-A2C5-7C415E4ADEF5"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:7170-32c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E8EFEEA5-0FC4-4FFC-BF5D-BDBAA1B55C70"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:7170-32cd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2959C68-8731-4F37-B9E7-61E5936D3D8E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:7170-64c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D6FB3395-8D13-4477-A46E-37A88272CFAB"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:7170b-64c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7EE3572E-A724-4057-8776-7A95528DCEE7"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:720df-48y:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B8FCDB83-38D5-4F02-97E2-BBEF891DCDD7"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:720dp-24s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80EAF795-EB62-4A86-A0FC-A09008E631A6"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:720dp-48s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA03BA0B-BB2D-41CF-BA2E-B21604D6FBC1"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:720dt-24s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3AE185FD-0D4D-4862-B513-BC68BF3F9F7E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:720dt-48s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "46C2150F-2FD6-452F-8C56-7413E3EB8FDC"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:720xp-24y6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7AFDBCBB-2C1A-4B88-AE28-EF63D5B9EDD2"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:720xp-24zy4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "58757129-BF9C-4BD8-B692-BB57023F8A48"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:720xp-48y6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2756BB4B-1053-4EAC-AC0B-785FD5039D5F"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:720xp-48zc2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40D36540-7723-4284-A207-6BD27728CA25"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:720xp-96zc2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DF95CB28-E010-4A1D-A746-F9DDF015868F"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:7250qx-64:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0DD95B3B-D655-42DC-85C2-2C6FDBCC77F1"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:7260cx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E40D14DE-BAFB-461F-9AA7-E3EDC2D8D468"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:7260cx3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "901E5B76-0EB7-4EAD-A281-15B9F78041AB"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:7260qx:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EE1DE992-9BFA-4794-82F4-66F464BB384E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:7260sx2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "58296832-AA93-4EAE-96BD-28EC368F8391"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:7280cr2k-60:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F569286-C19F-48CB-AB24-89C4A1EB6F81"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:7280cr3-32d4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FEC18B3-7980-4EBF-8E15-F8E92DADD062"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:7280cr3-32p4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "87E85F7C-F33B-49C1-A526-ACC1BEF3B65C"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:7280cr3-96:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2E54F451-CA87-4F32-A088-AE18123CE07A"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:7280cr3k-32d4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "16CB1780-6DEC-4140-A771-9139C77A8A88"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:7280cr3k-32p4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11DE9CB6-4453-4EED-B7FC-6374F9225B83"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:7280cr3k-96:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A98C94CB-7DFC-4CAC-9D98-B3E80BF1EE56"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:7280dr3-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85D9E9FF-564E-4B16-8070-33A366F48FE9"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:7280dr3k-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "56AF4A54-7568-4FE0-BE5F-02BD9FADDCE5"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:7280e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A6466FE3-DCE8-4DA5-B893-2BA864F73BC5"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:7280pr3-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F14163D2-B236-4C78-9DB4-97DE6D996EBC"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:7280pr3k-24:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4057906A-B27B-4B53-97F6-3F5F35794990"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:7280sr3-48yc8:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8143579F-AD53-4D74-AE3E-4D465DCD7A57"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:7280sr3k-48yc8:-:*:*:*:*:*:*:*",
"matchCriteriaId": "79AB0F1D-ACCA-490C-96F2-FC23A8611CB8"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:7300x-32q:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDF8A65D-6FBC-4C38-8B45-418E6C5EB16C"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:7300x-64s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F088D51-24F4-49AD-8397-73D1EAF45F56"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:7300x-64t:-:*:*:*:*:*:*:*",
"matchCriteriaId": "69BA5C6D-40C0-4AA3-AC10-D7F097D8EDD9"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:7300x3-32c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0040BDDF-D711-4619-9E96-96EFBD33CAA0"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:7300x3-48yc4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D4AA716D-CAD1-4689-8A26-977A2E5F869E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:7320x-32c:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5AD08CBF-6F42-4F98-B413-F65C5613BE6B"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:7358x4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DBC38094-A539-425D-A2B6-770FAF0FC3C4"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:7368x4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "161DB0D9-9BAC-4546-88D3-5547F4B6149C"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:7388x5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B66E706E-56FB-4A49-BD90-76A8CB6BE391"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:7500r3-24d:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE1BB565-2668-4242-8A00-5CC9C30B9AC9"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:7500r3-24p:-:*:*:*:*:*:*:*",
"matchCriteriaId": "15F1A605-8836-4A64-AC5E-ADAB34F8F104"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:7500r3-36cq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BE8A047A-9FD9-4AE1-9E47-457A46BAE3A4"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:7500r3k-36cq:-:*:*:*:*:*:*:*",
"matchCriteriaId": "019B0670-389B-4A4E-8C72-52202E3AA8EF"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:7804r3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A54F3D32-5A07-4791-90BF-96BD8A24C2F6"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:7808r3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F078B04-2DA0-4A4B-BB1A-408DC14CB61F"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:7812r3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E9B99200-EC76-404E-9900-5D1DC3B9A758"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:7816r3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5A172A49-1A0E-464B-BDDD-A8F52856D595"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:96lbs:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FBAE5B17-52F9-4FDD-BD65-AA0C1ADB4806"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:dcs-7010tx-48:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9CB43CD4-C96F-483C-B743-3D81C9A65EDF"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:dcs-7500-12cq-lc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CCCC3EC2-D68C-49E5-8E72-35F16853CA04"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:dcs-7500e-12cm-lc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "30D363C8-7D75-4EA7-B5BC-566C1C9ECE96"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:dcs-7500e-36q-lc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6E0CD14C-E2C8-4EEC-AAD9-E2428E8610DC"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:dcs-7500e-48s-lc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ACD40F1C-32AA-42DF-9378-724CD949127B"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:dcs-7500e-6c2-lc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4DB63C0B-D27A-4CB4-B379-570C0DC8B958"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:dcs-7500e-72s-lc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2468E734-5CA3-4293-A806-358FE659AEA6"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:dcs-7500r-36cq-lc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52C4EAF7-6FD7-477A-B4BE-DE5920BF7BBA"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:dcs-7500r-36q-lc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABA8BEE5-9EDC-4BAC-AB7C-4F9E6680388B"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:arista:dcs-7500r-48s2cq-lc:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB68705B-A8A5-49AB-AC53-02B311900F7D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:arista:ceos-lab:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2260519E-FB90-4924-95E7-1FCC34C4B38B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:arista:cloudeos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "362F2E0F-3D40-444F-87F3-21CA70B1AD04"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:arista:veos-lab:-:*:*:*:*:*:*:*",
"matchCriteriaId": "04B29E15-3CFB-45EC-B252-8F02CC1E589C"
}
]
}
]
}
],
"references": [
{
"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/17250-security-advisory-0086",
"source": "psirt@arista.com",
"tags": [
"Exploit",
"Mitigation",
"Vendor Advisory"
]
}
]
}

64
CVE-2023/CVE-2023-24xx/CVE-2023-2445.json
View File

@ -2,19 +2,75 @@
"id": "CVE-2023-2445",
"sourceIdentifier": "security@devolutions.net",
"published": "2023-05-02T14:15:09.207",
"lastModified": "2023-05-03T10:33:50.897",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-09T17:25:41.957",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Improper access control in Subscriptions Folder path filter in Devolutions Server 2023.1.1 and earlier allows attackers with administrator privileges to retrieve usage information on folders in user vaults via a specific folder name."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:devolutions:devolutions_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2023.1.3.0",
"matchCriteriaId": "F3145584-045F-40D2-8EC7-1C4719C86036"
}
]
}
]
}
],
"references": [
{
"url": "https://devolutions.net/security/advisories/DEVO-2023-0013/",
"source": "security@devolutions.net"
"source": "security@devolutions.net",
"tags": [
"Vendor Advisory"
]
}
]
}

110
CVE-2023/CVE-2023-24xx/CVE-2023-2459.json
View File

@ -2,31 +2,127 @@
"id": "CVE-2023-2459",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-05-03T00:15:08.803",
"lastModified": "2023-05-07T03:15:14.067",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-09T17:16:44.733",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Inappropriate implementation in Prompts in Google Chrome prior to 113.0.5672.63 allowed a remote attacker to bypass permission restrictions via a crafted HTML page. (Chromium security severity: Medium)"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding": "113.0.5672.63",
"matchCriteriaId": "596181BB-BA6F-479A-8F13-D5D97774B779"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"
}
]
}
]
}
],
"references": [
{
"url": "https://chromereleases.googleblog.com/2023/05/stable-channel-update-for-desktop.html",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://crbug.com/1423304",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Issue Tracking",
"Permissions Required"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6P5RJ6UD37IPBWU3GPQNMIUFVOVCGSLY/",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://www.debian.org/security/2023/dsa-5398",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Third Party Advisory"
]
}
]
}

110
CVE-2023/CVE-2023-24xx/CVE-2023-2460.json
View File

@ -2,31 +2,127 @@
"id": "CVE-2023-2460",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-05-03T00:15:09.327",
"lastModified": "2023-05-07T03:15:14.127",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-09T17:16:24.910",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Insufficient validation of untrusted input in Extensions in Google Chrome prior to 113.0.5672.63 allowed an attacker who convinced a user to install a malicious extension to bypass file access checks via a crafted HTML page. (Chromium security severity: Medium)"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 4.2
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding": "113.0.5672.63",
"matchCriteriaId": "596181BB-BA6F-479A-8F13-D5D97774B779"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"
}
]
}
]
}
],
"references": [
{
"url": "https://chromereleases.googleblog.com/2023/05/stable-channel-update-for-desktop.html",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://crbug.com/1419732",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Issue Tracking",
"Permissions Required"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6P5RJ6UD37IPBWU3GPQNMIUFVOVCGSLY/",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://www.debian.org/security/2023/dsa-5398",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Third Party Advisory"
]
}
]
}

124
CVE-2023/CVE-2023-24xx/CVE-2023-2461.json
View File

@ -2,31 +2,141 @@
"id": "CVE-2023-2461",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-05-03T00:15:09.387",
"lastModified": "2023-05-07T03:15:14.170",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-09T17:16:07.147",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Use after free in OS Inputs in Google Chrome on ChromeOS prior to 113.0.5672.63 allowed a remote attacker who convinced a user to enage in specific UI interaction to potentially exploit heap corruption via crafted UI interaction. (Chromium security severity: Medium)"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding": "113.0.5672.63",
"matchCriteriaId": "596181BB-BA6F-479A-8F13-D5D97774B779"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D32ACF6F-5FF7-4815-8EAD-4719F5FC9B79"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"
}
]
}
]
}
],
"references": [
{
"url": "https://chromereleases.googleblog.com/2023/05/stable-channel-update-for-desktop.html",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://crbug.com/1350561",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Issue Tracking",
"Permissions Required"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6P5RJ6UD37IPBWU3GPQNMIUFVOVCGSLY/",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://www.debian.org/security/2023/dsa-5398",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Third Party Advisory"
]
}
]
}

110
CVE-2023/CVE-2023-24xx/CVE-2023-2462.json
View File

@ -2,31 +2,127 @@
"id": "CVE-2023-2462",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-05-03T00:15:09.443",
"lastModified": "2023-05-07T03:15:14.210",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-09T17:15:30.470",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Inappropriate implementation in Prompts in Google Chrome prior to 113.0.5672.63 allowed a remote attacker to obfuscate main origin data via a crafted HTML page. (Chromium security severity: Medium)"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding": "113.0.5672.63",
"matchCriteriaId": "596181BB-BA6F-479A-8F13-D5D97774B779"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
"matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED"
}
]
}
]
}
],
"references": [
{
"url": "https://chromereleases.googleblog.com/2023/05/stable-channel-update-for-desktop.html",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://crbug.com/1375133",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Issue Tracking",
"Permissions Required"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6P5RJ6UD37IPBWU3GPQNMIUFVOVCGSLY/",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://www.debian.org/security/2023/dsa-5398",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Third Party Advisory"
]
}
]
}

124
CVE-2023/CVE-2023-24xx/CVE-2023-2463.json
View File

@ -2,31 +2,141 @@
"id": "CVE-2023-2463",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-05-03T00:15:09.497",
"lastModified": "2023-05-07T03:15:14.257",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-09T17:13:37.423",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Inappropriate implementation in Full Screen Mode in Google Chrome on Android prior to 113.0.5672.63 allowed a remote attacker to hide the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Medium)"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding": "113.0.5672.63",
"matchCriteriaId": "596181BB-BA6F-479A-8F13-D5D97774B779"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED"
}
]
}
]
}
],
"references": [
{
"url": "https://chromereleases.googleblog.com/2023/05/stable-channel-update-for-desktop.html",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://crbug.com/1406120",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Issue Tracking",
"Permissions Required"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6P5RJ6UD37IPBWU3GPQNMIUFVOVCGSLY/",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://www.debian.org/security/2023/dsa-5398",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Third Party Advisory"
]
}
]
}

110
CVE-2023/CVE-2023-24xx/CVE-2023-2464.json
View File

@ -2,31 +2,127 @@
"id": "CVE-2023-2464",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-05-03T00:15:09.550",
"lastModified": "2023-05-07T03:15:14.300",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-09T17:12:05.487",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Inappropriate implementation in PictureInPicture in Google Chrome prior to 113.0.5672.63 allowed an attacker who convinced a user to install a malicious extension to perform an origin spoof in the security UI via a crafted HTML page. (Chromium security severity: Medium)"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding": "113.0.5672.63",
"matchCriteriaId": "596181BB-BA6F-479A-8F13-D5D97774B779"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED"
}
]
}
]
}
],
"references": [
{
"url": "https://chromereleases.googleblog.com/2023/05/stable-channel-update-for-desktop.html",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://crbug.com/1418549",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Issue Tracking",
"Permissions Required"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6P5RJ6UD37IPBWU3GPQNMIUFVOVCGSLY/",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://www.debian.org/security/2023/dsa-5398",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Third Party Advisory"
]
}
]
}

110
CVE-2023/CVE-2023-24xx/CVE-2023-2465.json
View File

@ -2,31 +2,127 @@
"id": "CVE-2023-2465",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-05-03T00:15:09.597",
"lastModified": "2023-05-07T03:15:14.340",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-09T17:11:35.407",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Inappropriate implementation in CORS in Google Chrome prior to 113.0.5672.63 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding": "113.0.5672.63",
"matchCriteriaId": "596181BB-BA6F-479A-8F13-D5D97774B779"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED"
}
]
}
]
}
],
"references": [
{
"url": "https://chromereleases.googleblog.com/2023/05/stable-channel-update-for-desktop.html",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://crbug.com/1399862",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Issue Tracking",
"Permissions Required"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6P5RJ6UD37IPBWU3GPQNMIUFVOVCGSLY/",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://www.debian.org/security/2023/dsa-5398",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Third Party Advisory"
]
}
]
}

110
CVE-2023/CVE-2023-24xx/CVE-2023-2466.json
View File

@ -2,31 +2,127 @@
"id": "CVE-2023-2466",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-05-03T00:15:09.647",
"lastModified": "2023-05-07T03:15:14.380",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-09T17:11:08.640",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Inappropriate implementation in Prompts in Google Chrome prior to 113.0.5672.63 allowed a remote attacker to spoof the contents of the security UI via a crafted HTML page. (Chromium security severity: Low)"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding": "113.0.5672.63",
"matchCriteriaId": "596181BB-BA6F-479A-8F13-D5D97774B779"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED"
}
]
}
]
}
],
"references": [
{
"url": "https://chromereleases.googleblog.com/2023/05/stable-channel-update-for-desktop.html",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://crbug.com/1385714",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Issue Tracking",
"Permissions Required"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6P5RJ6UD37IPBWU3GPQNMIUFVOVCGSLY/",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://www.debian.org/security/2023/dsa-5398",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Third Party Advisory"
]
}
]
}

124
CVE-2023/CVE-2023-24xx/CVE-2023-2467.json
View File

@ -2,31 +2,141 @@
"id": "CVE-2023-2467",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-05-03T00:15:09.697",
"lastModified": "2023-05-07T03:15:14.423",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-09T17:10:36.677",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Inappropriate implementation in Prompts in Google Chrome on Android prior to 113.0.5672.63 allowed a remote attacker to bypass permissions restrictions via a crafted HTML page. (Chromium security severity: Low)"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding": "113.0.5672.63",
"matchCriteriaId": "596181BB-BA6F-479A-8F13-D5D97774B779"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED"
}
]
}
]
}
],
"references": [
{
"url": "https://chromereleases.googleblog.com/2023/05/stable-channel-update-for-desktop.html",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://crbug.com/1413586",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Issue Tracking",
"Permissions Required"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6P5RJ6UD37IPBWU3GPQNMIUFVOVCGSLY/",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://www.debian.org/security/2023/dsa-5398",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Third Party Advisory"
]
}
]
}

110
CVE-2023/CVE-2023-24xx/CVE-2023-2468.json
View File

@ -2,31 +2,127 @@
"id": "CVE-2023-2468",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-05-03T00:15:09.747",
"lastModified": "2023-05-07T03:15:14.460",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-09T17:10:02.967",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Inappropriate implementation in PictureInPicture in Google Chrome prior to 113.0.5672.63 allowed a remote attacker who had compromised the renderer process to obfuscate the security UI via a crafted HTML page. (Chromium security severity: Low)"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding": "113.0.5672.63",
"matchCriteriaId": "596181BB-BA6F-479A-8F13-D5D97774B779"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED"
}
]
}
]
}
],
"references": [
{
"url": "https://chromereleases.googleblog.com/2023/05/stable-channel-update-for-desktop.html",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://crbug.com/1416380",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Issue Tracking",
"Permissions Required"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6P5RJ6UD37IPBWU3GPQNMIUFVOVCGSLY/",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://www.debian.org/security/2023/dsa-5398",
"source": "chrome-cve-admin@google.com"
"source": "chrome-cve-admin@google.com",
"tags": [
"Third Party Advisory"
]
}
]
}

60
CVE-2023/CVE-2023-24xx/CVE-2023-2473.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2473",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-05-02T13:15:25.090",
"lastModified": "2023-05-02T13:29:57.300",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-09T17:36:44.243",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,18 +93,46 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dreamer_cms_project:dreamer_cms:*:*:*:*:*:*:*:*",
"versionEndIncluding": "4.1.3",
"matchCriteriaId": "CA07F976-C035-4B45-83A9-1414D57F3AAF"
}
]
}
]
}
],
"references": [
{
"url": "https://gitee.com/isoftforce/dreamer_cms/issues/I6WHO7",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://vuldb.com/?ctiid.227860",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.227860",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"VDB Entry"
]
}
]
}

60
CVE-2023/CVE-2023-24xx/CVE-2023-2474.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2474",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-05-02T13:15:25.197",
"lastModified": "2023-05-02T13:29:57.300",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-09T17:35:26.590",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,18 +93,46 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:getrebuild:rebuild:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FF999F38-B603-45F0-8053-269B1D85909A"
}
]
}
]
}
],
"references": [
{
"url": "https://gitee.com/getrebuild/rebuild/issues/I6W4M2",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Issue Tracking"
]
},
{
"url": "https://vuldb.com/?ctiid.227866",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.227866",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"VDB Entry"
]
}
]
}

66
CVE-2023/CVE-2023-24xx/CVE-2023-2475.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2475",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-05-02T13:15:25.287",
"lastModified": "2023-05-02T13:29:57.300",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-09T17:27:09.967",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,22 +93,54 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:j2eefast:j2eefast:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2.6.0",
"matchCriteriaId": "09CA953F-CB60-4DDC-954B-2AFC41B6F721"
}
]
}
]
}
],
"references": [
{
"url": "https://gitee.com/dromara/J2EEFAST/commit/7a9e1a00e3329fdc0ae05f7a8257cce77037134d",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://gitee.com/dromara/J2EEFAST/issues/I6W390",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Issue Tracking"
]
},
{
"url": "https://vuldb.com/?ctiid.227867",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.227867",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"VDB Entry"
]
}
]
}

67
CVE-2023/CVE-2023-24xx/CVE-2023-2476.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2476",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-05-02T14:15:09.273",
"lastModified": "2023-05-03T10:33:50.897",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-09T17:21:53.020",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,22 +93,55 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:j2eefast:j2eefast:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2.6.0",
"matchCriteriaId": "09CA953F-CB60-4DDC-954B-2AFC41B6F721"
}
]
}
]
}
],
"references": [
{
"url": "https://gitee.com/dromara/J2EEFAST/commit/7a9e1a00e3329fdc0ae05f7a8257cce77037134d",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://gitee.com/dromara/J2EEFAST/issues/I6W380",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Issue Tracking"
]
},
{
"url": "https://vuldb.com/?ctiid.227868",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.227868",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
}
]
}

61
CVE-2023/CVE-2023-24xx/CVE-2023-2477.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2477",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-05-02T14:15:09.353",
"lastModified": "2023-05-03T10:33:50.897",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-09T17:20:54.677",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,18 +93,47 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:funadmin:funadmin:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.2.3",
"matchCriteriaId": "275A8814-3A0C-4EB3-9F3A-9F3C1B1E0B1E"
}
]
}
]
}
],
"references": [
{
"url": "https://gitee.com/funadmin/funadmin/issues/I6W2YL",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Issue Tracking"
]
},
{
"url": "https://vuldb.com/?ctiid.227869",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.227869",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"VDB Entry"
]
}
]
}

47
CVE-2023/CVE-2023-257xx/CVE-2023-25787.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-25787",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-03T11:15:13.677",
"lastModified": "2023-05-03T14:41:00.093",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-09T17:00:02.467",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wp_resource_download_management_project:wp_resource_download_management:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.3.9",
"matchCriteriaId": "D6AEE81F-38F6-4C46-BA37-D4C35B6D92D4"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/download-info-page/wordpress-wp-plugin-1-3-9-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

59
CVE-2023/CVE-2023-257xx/CVE-2023-25792.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-25792",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-03T11:15:13.890",
"lastModified": "2023-05-03T14:41:00.093",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-09T16:59:05.530",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -36,7 +56,7 @@
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
@ -44,12 +64,43 @@
"value": "CWE-79"
}
]
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wp_open_social_project:wp_open_social:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "5.0",
"matchCriteriaId": "11B5FACC-DB79-4F07-9D81-811C7FD90709"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/open-social/wordpress-wp-open-social-plugin-5-0-cross-site-scripting-xss?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-257xx/CVE-2023-25797.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-25797",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-05-03T11:15:13.987",
"lastModified": "2023-05-03T14:41:00.093",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-09T16:42:33.117",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vslider_multi_image_slider_project:vslider_multi_image_slider:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "4.1.2",
"matchCriteriaId": "A35A1357-4340-42F5-8BE7-A3F72043DC06"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/vslider/wordpress-vslider-multi-image-slider-for-wordpress-plugin-4-1-2-cross-site-scripting-xss?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

59
CVE-2023/CVE-2023-258xx/CVE-2023-25829.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-25829",
"sourceIdentifier": "psirt@esri.com",
"published": "2023-05-09T17:15:10.387",
"lastModified": "2023-05-09T17:36:56.357",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "There is an unvalidated redirect vulnerability in Esri Portal for ArcGIS 11.0 and 10.9.1 that may allow a remote, unauthenticated attacker to craft a URL that could redirect a victim to an arbitrary website, simplifying phishing attacks."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@esri.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "psirt@esri.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-601"
}
]
}
],
"references": [
{
"url": "https://support.esri.com/en-us/patches-updates/2023/portal-for-arcgis-security-2023-update-1-patch-8095",
"source": "psirt@esri.com"
},
{
"url": "https://www.esri.com/arcgis-blog/products/trust-arcgis/administration/portal-for-arcgis-security-2023-update-1-patch-is-now-available/",
"source": "psirt@esri.com"
}
]
}

59
CVE-2023/CVE-2023-258xx/CVE-2023-25830.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-25830",
"sourceIdentifier": "psirt@esri.com",
"published": "2023-05-09T17:15:10.567",
"lastModified": "2023-05-09T17:36:56.357",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "There is a reflected XSS vulnerability in Esri Portal for ArcGIS versions 10.9.1, 10.8.1 and 10.7.1 which may allow a remote, unauthenticated attacker to create a crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim\u2019s browser."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@esri.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "psirt@esri.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://support.esri.com/en-us/patches-updates/2023/portal-for-arcgis-security-2023-update-1-patch-8095",
"source": "psirt@esri.com"
},
{
"url": "https://www.esri.com/arcgis-blog/products/trust-arcgis/administration/portal-for-arcgis-security-2023-update-1-patch-is-now-available/",
"source": "psirt@esri.com"
}
]
}

59
CVE-2023/CVE-2023-258xx/CVE-2023-25834.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-25834",
"sourceIdentifier": "psirt@esri.com",
"published": "2023-05-09T16:15:14.263",
"lastModified": "2023-05-09T17:37:00.247",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Changes to user permissions in Portal for ArcGIS 10.9.1 and below are incompletely applied in specific use cases. This issue may allow users to access content that they are no longer privileged to access."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@esri.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.1,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "psirt@esri.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-269"
}
]
}
],
"references": [
{
"url": "https://support.esri.com/en-us/patches-updates/2023/portal-for-arcgis-security-2023-update-1-patch-8095",
"source": "psirt@esri.com"
},
{
"url": "https://www.esri.com/arcgis-blog/products/trust-arcgis/administration/portal-for-arcgis-security-2023-update-1-patch-is-now-available/",
"source": "psirt@esri.com"
}
]
}

71
CVE-2023/CVE-2023-270xx/CVE-2023-27075.json
View File

@ -2,23 +2,84 @@
"id": "CVE-2023-27075",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-04T02:15:18.570",
"lastModified": "2023-05-04T13:03:05.007",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-09T17:43:32.093",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A cross-site scripting vulnerability (XSS) in the component microbin/src/pasta.rs of Microbin v1.2.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microbin:microbin:1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "08183517-B723-4D15-B884-409E3B7CBD9D"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/szabodanika/microbin/issues/142",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
]
},
{
"url": "https://github.com/szabodanika/microbin/pull/143",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
]
}
]
}

93
CVE-2023/CVE-2023-271xx/CVE-2023-27107.json Normal file
View File

@ -0,0 +1,93 @@
{
"id": "CVE-2023-27107",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-26T22:15:09.443",
"lastModified": "2023-05-09T17:24:20.610",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Incorrect access control in the runReport function of MyQ Solution Print Server before 8.2 Patch 32 and Central Server before 8.2 Patch 22 allows users who do not have appropriate access rights to generate internal reports using a direct URL."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:myq-solution:central_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.2",
"matchCriteriaId": "2FDBFB80-D33E-4F9E-847F-8652065CE231"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:myq-solution:central_server:8.2:-:*:*:*:*:*:*",
"matchCriteriaId": "38F9E231-EA50-4428-B818-9368F6F99D1B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:myq-solution:print_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.2",
"matchCriteriaId": "A76077FF-885F-4369-A3A9-676BF40AD3E3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:myq-solution:print_server:8.2:-:*:*:*:*:*:*",
"matchCriteriaId": "399B63D2-D03D-4993-817E-987EB3C4C23B"
}
]
}
]
}
],
"references": [
{
"url": "https://gist.github.com/smidtbx10/f8ff1c4977b7f54886c6a52e9ef4e816",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

48
CVE-2023/CVE-2023-280xx/CVE-2023-28070.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28070",
"sourceIdentifier": "security_alert@emc.com",
"published": "2023-05-03T09:15:08.997",
"lastModified": "2023-05-03T10:33:46.147",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-09T17:06:23.173",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "security_alert@emc.com",
"type": "Secondary",
@ -46,10 +66,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dell:alienware_command_center:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.5.46.0",
"matchCriteriaId": "BAD52EA2-2271-415A-BFE2-AF67CFE0613D"
}
]
}
]
}
],
"references": [
{
"url": "https://www.dell.com/support/kbdoc/en-us/000212277/dsa-2023-135",
"source": "security_alert@emc.com"
"source": "security_alert@emc.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

80
CVE-2023/CVE-2023-296xx/CVE-2023-29680.json
View File

@ -2,23 +2,93 @@
"id": "CVE-2023-29680",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-01T22:15:09.673",
"lastModified": "2023-05-02T12:56:26.420",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-09T16:29:40.173",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cleartext Transmission in set-cookie:ecos_pw: Tenda N301 v6.0, Firmware v12.02.01.61_multi allows an authenticated attacker on the LAN or WLAN to intercept communications with the router and obtain the password."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.1,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-319"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tenda:n301_firmware:12.03.01.06_pt:*:*:*:*:*:*:*",
"matchCriteriaId": "AD0BB102-7E84-4569-A742-0FF1C14768C1"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tenda:n301:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "673FB4DD-EAD8-4031-9778-8EC68C8B58A3"
}
]
}
]
}
],
"references": [
{
"url": "https://medium.com/@0ta/tenda-n301-v6-cve-2023-29680-cve-2023-29681-a40f7ae6dc62",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
},
{
"url": "https://www.youtube.com/watch?v=m7ZHfFcSKpU&ab_channel=0ta",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
}
]
}

80
CVE-2023/CVE-2023-296xx/CVE-2023-29681.json
View File

@ -2,23 +2,93 @@
"id": "CVE-2023-29681",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-01T22:15:09.723",
"lastModified": "2023-05-02T12:56:26.420",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-09T16:29:48.443",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cleartext Transmission in cookie:ecos_pw: in Tenda N301 v6.0, firmware v12.03.01.06_pt allows an authenticated attacker on the LAN or WLAN to intercept communications with the router and obtain the password."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.1,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-319"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tenda:n301_firmware:12.02.01.61_multi:*:*:*:*:*:*:*",
"matchCriteriaId": "D32560BC-8CB5-41C8-9E61-90D828EA1DA8"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tenda:n301:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "673FB4DD-EAD8-4031-9778-8EC68C8B58A3"
}
]
}
]
}
],
"references": [
{
"url": "https://medium.com/@0ta/tenda-n301-v6-cve-2023-29680-cve-2023-29681-a40f7ae6dc62",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
},
{
"url": "https://www.youtube.com/watch?v=Xy9_hmpvvA4&ab_channel=0ta",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
}
]
}

63
CVE-2023/CVE-2023-298xx/CVE-2023-29839.json
View File

@ -2,19 +2,74 @@
"id": "CVE-2023-29839",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-03T03:15:08.137",
"lastModified": "2023-05-03T10:33:46.147",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-09T17:08:54.440",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A Stored Cross Site Scripting (XSS) vulnerability exists in multiple pages of Hotel Druid version 3.0.4, which allows arbitrary execution of commands. The vulnerable fields are Surname, Name, and Nickname in the Document function."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:digitaldruid:hotel_druid:3.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7A03CC12-2028-4CD6-BB48-D976C7A1534A"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/jichngan/CVE-2023-29839",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
}
]
}

20
CVE-2023/CVE-2023-300xx/CVE-2023-30083.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-30083",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-09T16:15:14.373",
"lastModified": "2023-05-09T17:37:00.247",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Buffer Overflow vulnerability found in Libming swftophp v.0.4.8 allows a local attacker to cause a denial of service via the newVar_N in util/decompile.c."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/libming/libming/issues/266",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-300xx/CVE-2023-30084.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-30084",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-09T16:15:14.423",
"lastModified": "2023-05-09T17:37:00.247",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An issue found in libming swftophp v.0.4.8 allows a local attacker to cause a denial of service via the stackVal function in util/decompile.c."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/libming/libming/issues/268",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-300xx/CVE-2023-30085.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-30085",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-09T16:15:14.470",
"lastModified": "2023-05-09T17:37:00.247",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Buffer Overflow vulnerability found in Libming swftophp v.0.4.8 allows a local attacker to cause a denial of service via the cws2fws function in util/decompile.c."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/libming/libming/issues/267",
"source": "cve@mitre.org"
}
]
}

28
CVE-2023/CVE-2023-300xx/CVE-2023-30086.json Normal file
View File

@ -0,0 +1,28 @@
{
"id": "CVE-2023-30086",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-09T16:15:14.507",
"lastModified": "2023-05-09T17:37:00.247",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Buffer Overflow vulnerability found in Libtiff V.4.0.7 allows a local attacker to cause a denial of service via the tiffcp function in tiffcp.c."
}
],
"metrics": {},
"references": [
{
"url": "http://libtiff-release-v4-0-7.com",
"source": "cve@mitre.org"
},
{
"url": "http://tiffcp.com",
"source": "cve@mitre.org"
},
{
"url": "https://gitlab.com/libtiff/libtiff/-/issues/538",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-300xx/CVE-2023-30087.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-30087",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-09T16:15:14.547",
"lastModified": "2023-05-09T17:36:56.357",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Buffer Overflow vulnerability found in Cesanta MJS v.1.26 allows a local attacker to cause a denial of service via the mjs_mk_string function in mjs.c."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/cesanta/mjs/issues/244",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-300xx/CVE-2023-30088.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-30088",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-09T16:15:14.583",
"lastModified": "2023-05-09T17:36:56.357",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An issue found in Cesanta MJS v.1.26 allows a local attacker to cause a denial of service via the mjs_execute function in mjs.c."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/cesanta/mjs/issues/243",
"source": "cve@mitre.org"
}
]
}

118
CVE-2023/CVE-2023-308xx/CVE-2023-30845.json Normal file
View File

@ -0,0 +1,118 @@
{
"id": "CVE-2023-30845",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-04-26T21:15:09.277",
"lastModified": "2023-05-09T16:08:02.997",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "ESPv2 is a service proxy that provides API management capabilities using Google Service Infrastructure. ESPv2 2.20.0 through 2.42.0 contains an authentication bypass vulnerability. API clients can craft a malicious `X-HTTP-Method-Override` header value to bypass JWT authentication in specific cases.\n\nESPv2 allows malicious requests to bypass authentication if both the conditions are true: The requested HTTP method is **not** in the API service definition (OpenAPI spec or gRPC `google.api.http` proto annotations, and the specified `X-HTTP-Method-Override` is a valid HTTP method in the API service definition. ESPv2 will forward the request to your backend without checking the JWT. Attackers can craft requests with a malicious `X-HTTP-Method-Override` value that allows them to bypass specifying JWTs. Restricting API access with API keys works as intended and is not affected by this vulnerability.\n\nUpgrade deployments to release v2.43.0 or higher to receive a patch. This release ensures that JWT authentication occurs, even when the caller specifies `x-http-method-override`. `x-http-method-override` is still supported by v2.43.0+. API clients can continue sending this header to ESPv2."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 4.2
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:google:espv2:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.20.0",
"versionEndExcluding": "2.43.0",
"matchCriteriaId": "A20AE068-D587-4CD1-AA65-AC686DDF6E4D"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/GoogleCloudPlatform/esp-v2/commit/0bcdfc024ce96b34db4e1b4f2211b509d9be93cd",
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/GoogleCloudPlatform/esp-v2/commit/e95670146f5e96bb5565b0a9c1e153886b3e04ce",
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/GoogleCloudPlatform/esp-v2/commit/e98061ee4527a564506ba4e814c0ecf324dc2c6f",
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/GoogleCloudPlatform/esp-v2/security/advisories/GHSA-6qmp-9p95-fc5f",
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
}
]
}

70
CVE-2023/CVE-2023-308xx/CVE-2023-30852.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30852",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-04-27T17:15:08.957",
"lastModified": "2023-04-27T18:35:34.590",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-09T17:53:20.770",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -36,7 +56,7 @@
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
@ -44,20 +64,58 @@
"value": "CWE-22"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pimcore:pimcore:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.5.21",
"matchCriteriaId": "72C537D6-67BA-4562-B853-F99E6C14315C"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/pimcore/pimcore/commit/498cadec2292f7842fb10612068ac78496e884b4.patch",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/pimcore/pimcore/pull/14959",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://github.com/pimcore/pimcore/security/advisories/GHSA-j5c3-r84f-9596",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-311xx/CVE-2023-31138.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-31138",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-05-09T15:15:10.150",
"lastModified": "2023-05-09T15:15:10.150",
"vulnStatus": "Received",
"lastModified": "2023-05-09T17:37:00.247",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-311xx/CVE-2023-31139.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-31139",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-05-09T15:15:10.233",
"lastModified": "2023-05-09T15:15:10.233",
"vulnStatus": "Received",
"lastModified": "2023-05-09T17:37:00.247",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-311xx/CVE-2023-31143.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-31143",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-05-09T15:15:10.303",
"lastModified": "2023-05-09T15:15:10.303",
"vulnStatus": "Received",
"lastModified": "2023-05-09T17:37:00.247",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

59
CVE-2023/CVE-2023-311xx/CVE-2023-31144.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-31144",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-05-09T16:15:14.623",
"lastModified": "2023-05-09T17:36:56.357",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Craft CMS is a content management system. Starting in version 3.0.0 and prior to versions 3.8.4 and 4.4.4, a malformed title in the feed widget can deliver a cross-site scripting payload. This issue is fixed in version 3.8.4 and 4.4.4."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/craftcms/cms/commit/52bd161614620edbab2d24d078ca9ebca2528442",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/craftcms/cms/security/advisories/GHSA-j4mx-98hw-6rv6",
"source": "security-advisories@github.com"
}
]
}

24
CVE-2023/CVE-2023-314xx/CVE-2023-31476.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-31476",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-09T16:15:14.680",
"lastModified": "2023-05-09T17:36:56.357",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered on GL.iNet devices running firmware before 3.216. There is an arbitrary file write in which an empty file can be created almost anywhere on the filesystem, as long as the filename and path is no more than 6 characters (the working directory is /www)."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/gl-inet/CVE-issues/blob/main/3.215/GL-MV1000_Arbitrary_File_Creation.md",
"source": "cve@mitre.org"
},
{
"url": "https://www.gl-inet.com",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-314xx/CVE-2023-31489.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-31489",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-09T16:15:14.717",
"lastModified": "2023-05-09T17:36:56.357",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An issue found in Frrouting bgpd v.8.4.2 allows a remote attacker to cause a denial of service via the bgp_capability_llgr() function."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/FRRouting/frr/issues/13098",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-314xx/CVE-2023-31490.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-31490",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-09T16:15:14.757",
"lastModified": "2023-05-09T17:36:56.357",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An issue found in Frrouting bgpd v.8.4.2 allows a remote attacker to cause a denial of service via the bgp_attr_psid_sub() function."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/FRRouting/frr/issues/13099",
"source": "cve@mitre.org"
}
]
}

24
CVE-2023/CVE-2023-317xx/CVE-2023-31799.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-31799",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-09T16:15:14.793",
"lastModified": "2023-05-09T17:36:56.357",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local attacker to execute arbitrary code via the system annnouncements parameter."
}
],
"metrics": {},
"references": [
{
"url": "http://chamilo.com",
"source": "cve@mitre.org"
},
{
"url": "https://support.chamilo.org/projects/chamilo-18/wiki/Security_issues#Issue-99-2023-04-11-Low-impact-Low-risk-XSS-in-system-announcements",
"source": "cve@mitre.org"
}
]
}

24
CVE-2023/CVE-2023-318xx/CVE-2023-31800.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-31800",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-09T16:15:14.830",
"lastModified": "2023-05-09T17:36:56.357",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local attacker to execute arbitrary code via the forum title parameter."
}
],
"metrics": {},
"references": [
{
"url": "http://chamilo.com",
"source": "cve@mitre.org"
},
{
"url": "https://support.chamilo.org/projects/chamilo-18/wiki/Security_issues#Issue-102-2023-04-11-Low-impact-Moderate-risk-XSS-in-forum-titles",
"source": "cve@mitre.org"
}
]
}

24
CVE-2023/CVE-2023-318xx/CVE-2023-31801.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-31801",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-09T16:15:14.870",
"lastModified": "2023-05-09T17:36:56.357",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local attacker to execute arbitrary code via the skills wheel parameter."
}
],
"metrics": {},
"references": [
{
"url": "http://chamilo.com",
"source": "cve@mitre.org"
},
{
"url": "https://support.chamilo.org/projects/chamilo-18/wiki/Security_issues#Issue-97-2023-04-11-Low-impact-High-risk-XSS-in-skills-wheel",
"source": "cve@mitre.org"
}
]
}

24
CVE-2023/CVE-2023-318xx/CVE-2023-31802.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-31802",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-09T16:15:14.910",
"lastModified": "2023-05-09T17:36:56.357",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local attacker to execute arbitrary code via the skype and linedin_url parameters."
}
],
"metrics": {},
"references": [
{
"url": "http://chamilo.com",
"source": "cve@mitre.org"
},
{
"url": "https://support.chamilo.org/projects/chamilo-18/wiki/Security_issues#Issue-104-2023-04-11-Moderate-impact-High-risk-XSS-in-personal-profile",
"source": "cve@mitre.org"
}
]
}

24
CVE-2023/CVE-2023-318xx/CVE-2023-31803.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-31803",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-09T16:15:14.953",
"lastModified": "2023-05-09T17:36:56.357",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local attacker to execute arbitrary code via the resource sequencing parameters."
}
],
"metrics": {},
"references": [
{
"url": "http://chamilo.com",
"source": "cve@mitre.org"
},
{
"url": "https://support.chamilo.org/projects/chamilo-18/wiki/Security_issues#Issue-100-2023-04-11-Low-impact-Low-risk-XSS-in-resources-sequencing",
"source": "cve@mitre.org"
}
]
}

24
CVE-2023/CVE-2023-318xx/CVE-2023-31804.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-31804",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-09T16:15:14.993",
"lastModified": "2023-05-09T17:36:56.357",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local attacker to execute arbitrary code via the course category parameters."
}
],
"metrics": {},
"references": [
{
"url": "http://chamilo.com",
"source": "cve@mitre.org"
},
{
"url": "https://support.chamilo.org/projects/chamilo-18/wiki/Security_issues#Issue-96-2023-04-06-Low-impact-Moderate-risk-XSS-in-course-categories",
"source": "cve@mitre.org"
}
]
}

24
CVE-2023/CVE-2023-318xx/CVE-2023-31805.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-31805",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-09T16:15:15.033",
"lastModified": "2023-05-09T17:36:56.357",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local authenticated attacker to execute arbitrary code via the homepage function."
}
],
"metrics": {},
"references": [
{
"url": "http://chamilo.com",
"source": "cve@mitre.org"
},
{
"url": "https://support.chamilo.org/projects/chamilo-18/wiki/Security_issues#Issue-98-2023-04-11-Low-impact-Low-risk-XSS-in-homepage-edition",
"source": "cve@mitre.org"
}
]
}

24
CVE-2023/CVE-2023-318xx/CVE-2023-31806.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-31806",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-09T16:15:15.077",
"lastModified": "2023-05-09T17:36:56.357",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local attacker to execute arbitrary code via a crafted payload to the My Progress function."
}
],
"metrics": {},
"references": [
{
"url": "http://chamilo.com",
"source": "cve@mitre.org"
},
{
"url": "https://support.chamilo.org/projects/chamilo-18/wiki/Security_issues#Issue-103-2023-04-11-Low-impact-Moderate-risk-XSS-in-My-progress-tab",
"source": "cve@mitre.org"
}
]
}

24
CVE-2023/CVE-2023-318xx/CVE-2023-31807.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-31807",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-09T16:15:15.123",
"lastModified": "2023-05-09T17:36:56.357",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local attacker to execute arbitrary code via a crafted payload to the personal notes function."
}
],
"metrics": {},
"references": [
{
"url": "http://chamilo.com",
"source": "cve@mitre.org"
},
{
"url": "https://support.chamilo.org/projects/chamilo-18/wiki/Security_issues#Issue-101-2023-04-11-Low-impact-Low-risk-XSS-in-personal-notes-and-teacher-notes",
"source": "cve@mitre.org"
}
]
}

4
CVE-2023/CVE-2023-320xx/CVE-2023-32060.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32060",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-05-09T15:15:10.367",
"lastModified": "2023-05-09T15:15:10.367",
"vulnStatus": "Received",
"lastModified": "2023-05-09T17:37:00.247",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

59
CVE-2023/CVE-2023-320xx/CVE-2023-32066.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-32066",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-05-09T16:15:15.160",
"lastModified": "2023-05-09T17:36:56.357",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Time Tracker is an open source time tracking system. The week view plugin in Time Tracker versions 1.22.11.5782 and prior was not escaping titles for notes in week view table. Because of that, it was possible for a logged in user to enter notes with elements of JavaScript. Such script could then be executed in user browser on subsequent requests to week view. This issue is fixed in version 1.22.12.5783. As a workaround, use `htmlspecialchars` when calling `$field->setTitle` on line #245 in the `week.php` file, as happens in version 1.22.12.5783."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/anuko/timetracker/commit/093cfe158099704ffd4a1624be217f9935e914eb",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/anuko/timetracker/security/advisories/GHSA-jw2g-8wvp-9frw",
"source": "security-advisories@github.com"
}
]
}

63
CVE-2023/CVE-2023-320xx/CVE-2023-32069.json Normal file
View File

@ -0,0 +1,63 @@
{
"id": "CVE-2023-32069",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-05-09T16:15:15.230",
"lastModified": "2023-05-09T17:36:56.357",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "XWiki Platform is a generic wiki platform. Starting in version 3.3-milestone-2 and prior to versions 14.10.4 and 15.0-rc-1, it's possible for a user to execute anything with the right of the author of the XWiki.ClassSheet document. This has been patched in XWiki 15.0-rc-1 and 14.10.4. There are no known workarounds."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.1,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
}
],
"references": [
{
"url": "https://github.com/xwiki/xwiki-platform/commit/de72760d4a3e1e9be64a10660a0c19e9534e2ec4",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-36fm-j33w-c25f",
"source": "security-advisories@github.com"
},
{
"url": "https://jira.xwiki.org/browse/XWIKI-20566",
"source": "security-advisories@github.com"
}
]
}

71
CVE-2023/CVE-2023-320xx/CVE-2023-32071.json Normal file
View File

@ -0,0 +1,71 @@
{
"id": "CVE-2023-32071",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-05-09T16:15:15.297",
"lastModified": "2023-05-09T17:36:56.357",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "XWiki Platform is a generic wiki platform. Starting in versions 2.2-milestone-1 and prior to versions 14.4.8, 14.10.4, and 15.0-rc-1, it's possible to execute javascript with the right of any user by leading him to a special URL on the wiki targeting a page which contains an attachment. This has been patched in XWiki 15.0-rc-1, 14.10.4, and 14.4.8. The easiest possible workaround is to edit file `<xwiki app>/templates/importinline.vm` and apply the modification described in commit 28905f7f518cc6f21ea61fe37e9e1ed97ef36f01."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.0,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 2.3,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-116"
},
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://app.intigriti.com/company/submissions/e95a7ad5-7029-4627-abf0-3e3e3ea0b4ce/XWIKI-E93DFEYK",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/xwiki/xwiki-platform/commit/28905f7f518cc6f21ea61fe37e9e1ed97ef36f01",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-j9h5-vcgv-2jfm",
"source": "security-advisories@github.com"
},
{
"url": "https://jira.xwiki.org/browse/XWIKI-20340",
"source": "security-advisories@github.com"
}
]
}

152
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-05-09T16:00:24.209166+00:00
2023-05-09T18:00:48.782033+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-05-09T15:30:53.150000+00:00
2023-05-09T17:53:51.073000+00:00
```
### Last Data Feed Release
@ -29,69 +29,111 @@ Download and Changelog: [Click](releases/latest)
### Total Number of included CVEs
```plain
214549
214579
```
### CVEs added in the last Commit
Recently added CVEs: `15`
Recently added CVEs: `30`
* [CVE-2023-29460](CVE-2023/CVE-2023-294xx/CVE-2023-29460.json) (`2023-05-09T14:15:13.217`)
* [CVE-2023-29461](CVE-2023/CVE-2023-294xx/CVE-2023-29461.json) (`2023-05-09T14:15:13.283`)
* [CVE-2023-29462](CVE-2023/CVE-2023-294xx/CVE-2023-29462.json) (`2023-05-09T14:15:13.343`)
* [CVE-2023-31134](CVE-2023/CVE-2023-311xx/CVE-2023-31134.json) (`2023-05-09T14:15:13.427`)
* [CVE-2023-31136](CVE-2023/CVE-2023-311xx/CVE-2023-31136.json) (`2023-05-09T14:15:13.520`)
* [CVE-2023-31137](CVE-2023/CVE-2023-311xx/CVE-2023-31137.json) (`2023-05-09T14:15:13.607`)
* [CVE-2023-31138](CVE-2023/CVE-2023-311xx/CVE-2023-31138.json) (`2023-05-09T15:15:10.150`)
* [CVE-2023-31139](CVE-2023/CVE-2023-311xx/CVE-2023-31139.json) (`2023-05-09T15:15:10.233`)
* [CVE-2023-31143](CVE-2023/CVE-2023-311xx/CVE-2023-31143.json) (`2023-05-09T15:15:10.303`)
* [CVE-2023-31973](CVE-2023/CVE-2023-319xx/CVE-2023-31973.json) (`2023-05-09T14:15:13.737`)
* [CVE-2023-31976](CVE-2023/CVE-2023-319xx/CVE-2023-31976.json) (`2023-05-09T14:15:13.780`)
* [CVE-2023-31979](CVE-2023/CVE-2023-319xx/CVE-2023-31979.json) (`2023-05-09T14:15:13.820`)
* [CVE-2023-31981](CVE-2023/CVE-2023-319xx/CVE-2023-31981.json) (`2023-05-09T14:15:13.863`)
* [CVE-2023-31982](CVE-2023/CVE-2023-319xx/CVE-2023-31982.json) (`2023-05-09T14:15:13.907`)
* [CVE-2023-32060](CVE-2023/CVE-2023-320xx/CVE-2023-32060.json) (`2023-05-09T15:15:10.367`)
* [CVE-2020-18280](CVE-2020/CVE-2020-182xx/CVE-2020-18280.json) (`2023-05-09T16:15:13.690`)
* [CVE-2020-23362](CVE-2020/CVE-2020-233xx/CVE-2020-23362.json) (`2023-05-09T16:15:13.963`)
* [CVE-2020-23363](CVE-2020/CVE-2020-233xx/CVE-2020-23363.json) (`2023-05-09T16:15:14.090`)
* [CVE-2021-31240](CVE-2021/CVE-2021-312xx/CVE-2021-31240.json) (`2023-05-09T16:15:14.147`)
* [CVE-2021-31711](CVE-2021/CVE-2021-317xx/CVE-2021-31711.json) (`2023-05-09T16:15:14.197`)
* [CVE-2023-25829](CVE-2023/CVE-2023-258xx/CVE-2023-25829.json) (`2023-05-09T17:15:10.387`)
* [CVE-2023-25830](CVE-2023/CVE-2023-258xx/CVE-2023-25830.json) (`2023-05-09T17:15:10.567`)
* [CVE-2023-25834](CVE-2023/CVE-2023-258xx/CVE-2023-25834.json) (`2023-05-09T16:15:14.263`)
* [CVE-2023-30083](CVE-2023/CVE-2023-300xx/CVE-2023-30083.json) (`2023-05-09T16:15:14.373`)
* [CVE-2023-30084](CVE-2023/CVE-2023-300xx/CVE-2023-30084.json) (`2023-05-09T16:15:14.423`)
* [CVE-2023-30085](CVE-2023/CVE-2023-300xx/CVE-2023-30085.json) (`2023-05-09T16:15:14.470`)
* [CVE-2023-30086](CVE-2023/CVE-2023-300xx/CVE-2023-30086.json) (`2023-05-09T16:15:14.507`)
* [CVE-2023-30087](CVE-2023/CVE-2023-300xx/CVE-2023-30087.json) (`2023-05-09T16:15:14.547`)
* [CVE-2023-30088](CVE-2023/CVE-2023-300xx/CVE-2023-30088.json) (`2023-05-09T16:15:14.583`)
* [CVE-2023-31144](CVE-2023/CVE-2023-311xx/CVE-2023-31144.json) (`2023-05-09T16:15:14.623`)
* [CVE-2023-31476](CVE-2023/CVE-2023-314xx/CVE-2023-31476.json) (`2023-05-09T16:15:14.680`)
* [CVE-2023-31489](CVE-2023/CVE-2023-314xx/CVE-2023-31489.json) (`2023-05-09T16:15:14.717`)
* [CVE-2023-31490](CVE-2023/CVE-2023-314xx/CVE-2023-31490.json) (`2023-05-09T16:15:14.757`)
* [CVE-2023-31799](CVE-2023/CVE-2023-317xx/CVE-2023-31799.json) (`2023-05-09T16:15:14.793`)
* [CVE-2023-31800](CVE-2023/CVE-2023-318xx/CVE-2023-31800.json) (`2023-05-09T16:15:14.830`)
* [CVE-2023-31801](CVE-2023/CVE-2023-318xx/CVE-2023-31801.json) (`2023-05-09T16:15:14.870`)
* [CVE-2023-31802](CVE-2023/CVE-2023-318xx/CVE-2023-31802.json) (`2023-05-09T16:15:14.910`)
* [CVE-2023-31803](CVE-2023/CVE-2023-318xx/CVE-2023-31803.json) (`2023-05-09T16:15:14.953`)
* [CVE-2023-31804](CVE-2023/CVE-2023-318xx/CVE-2023-31804.json) (`2023-05-09T16:15:14.993`)
* [CVE-2023-31805](CVE-2023/CVE-2023-318xx/CVE-2023-31805.json) (`2023-05-09T16:15:15.033`)
* [CVE-2023-31806](CVE-2023/CVE-2023-318xx/CVE-2023-31806.json) (`2023-05-09T16:15:15.077`)
* [CVE-2023-31807](CVE-2023/CVE-2023-318xx/CVE-2023-31807.json) (`2023-05-09T16:15:15.123`)
* [CVE-2023-32066](CVE-2023/CVE-2023-320xx/CVE-2023-32066.json) (`2023-05-09T16:15:15.160`)
* [CVE-2023-32069](CVE-2023/CVE-2023-320xx/CVE-2023-32069.json) (`2023-05-09T16:15:15.230`)
* [CVE-2023-32071](CVE-2023/CVE-2023-320xx/CVE-2023-32071.json) (`2023-05-09T16:15:15.297`)
### CVEs modified in the last Commit
Recently modified CVEs: `35`
Recently modified CVEs: `62`
* [CVE-2022-25275](CVE-2022/CVE-2022-252xx/CVE-2022-25275.json) (`2023-05-09T14:36:16.707`)
* [CVE-2022-31647](CVE-2022/CVE-2022-316xx/CVE-2022-31647.json) (`2023-05-09T15:30:46.117`)
* [CVE-2022-34292](CVE-2022/CVE-2022-342xx/CVE-2022-34292.json) (`2023-05-09T15:30:53.150`)
* [CVE-2022-37326](CVE-2022/CVE-2022-373xx/CVE-2022-37326.json) (`2023-05-09T15:13:27.597`)
* [CVE-2022-38730](CVE-2022/CVE-2022-387xx/CVE-2022-38730.json) (`2023-05-09T15:05:26.080`)
* [CVE-2022-46822](CVE-2022/CVE-2022-468xx/CVE-2022-46822.json) (`2023-05-09T14:30:54.950`)
* [CVE-2022-46844](CVE-2022/CVE-2022-468xx/CVE-2022-46844.json) (`2023-05-09T14:30:54.950`)
* [CVE-2022-46858](CVE-2022/CVE-2022-468xx/CVE-2022-46858.json) (`2023-05-09T14:30:54.950`)
* [CVE-2022-46864](CVE-2022/CVE-2022-468xx/CVE-2022-46864.json) (`2023-05-09T14:30:54.950`)
* [CVE-2023-23647](CVE-2023/CVE-2023-236xx/CVE-2023-23647.json) (`2023-05-09T14:30:54.950`)
* [CVE-2023-2594](CVE-2023/CVE-2023-25xx/CVE-2023-2594.json) (`2023-05-09T14:30:54.950`)
* [CVE-2023-2595](CVE-2023/CVE-2023-25xx/CVE-2023-2595.json) (`2023-05-09T14:30:54.950`)
* [CVE-2023-2596](CVE-2023/CVE-2023-25xx/CVE-2023-2596.json) (`2023-05-09T14:30:54.950`)
* [CVE-2023-27407](CVE-2023/CVE-2023-274xx/CVE-2023-27407.json) (`2023-05-09T14:30:54.950`)
* [CVE-2023-27408](CVE-2023/CVE-2023-274xx/CVE-2023-27408.json) (`2023-05-09T14:30:54.950`)
* [CVE-2023-27409](CVE-2023/CVE-2023-274xx/CVE-2023-27409.json) (`2023-05-09T14:30:54.950`)
* [CVE-2023-27410](CVE-2023/CVE-2023-274xx/CVE-2023-27410.json) (`2023-05-09T14:30:54.950`)
* [CVE-2023-27555](CVE-2023/CVE-2023-275xx/CVE-2023-27555.json) (`2023-05-09T14:07:33.137`)
* [CVE-2023-28832](CVE-2023/CVE-2023-288xx/CVE-2023-28832.json) (`2023-05-09T14:30:54.950`)
* [CVE-2023-29103](CVE-2023/CVE-2023-291xx/CVE-2023-29103.json) (`2023-05-09T14:30:54.950`)
* [CVE-2023-29104](CVE-2023/CVE-2023-291xx/CVE-2023-29104.json) (`2023-05-09T14:30:54.950`)
* [CVE-2023-29105](CVE-2023/CVE-2023-291xx/CVE-2023-29105.json) (`2023-05-09T14:30:54.950`)
* [CVE-2023-29106](CVE-2023/CVE-2023-291xx/CVE-2023-29106.json) (`2023-05-09T14:30:54.950`)
* [CVE-2023-29107](CVE-2023/CVE-2023-291xx/CVE-2023-29107.json) (`2023-05-09T14:30:54.950`)
* [CVE-2023-29128](CVE-2023/CVE-2023-291xx/CVE-2023-29128.json) (`2023-05-09T14:30:54.950`)
* [CVE-2023-30546](CVE-2023/CVE-2023-305xx/CVE-2023-30546.json) (`2023-05-09T14:27:08.370`)
* [CVE-2023-30841](CVE-2023/CVE-2023-308xx/CVE-2023-30841.json) (`2023-05-09T15:20:02.787`)
* [CVE-2023-30898](CVE-2023/CVE-2023-308xx/CVE-2023-30898.json) (`2023-05-09T14:30:54.950`)
* [CVE-2023-30899](CVE-2023/CVE-2023-308xx/CVE-2023-30899.json) (`2023-05-09T14:30:54.950`)
* [CVE-2023-30985](CVE-2023/CVE-2023-309xx/CVE-2023-30985.json) (`2023-05-09T14:30:54.950`)
* [CVE-2023-30986](CVE-2023/CVE-2023-309xx/CVE-2023-30986.json) (`2023-05-09T14:30:54.950`)
* [CVE-2023-31126](CVE-2023/CVE-2023-311xx/CVE-2023-31126.json) (`2023-05-09T14:30:54.950`)
* [CVE-2023-31972](CVE-2023/CVE-2023-319xx/CVE-2023-31972.json) (`2023-05-09T14:30:54.950`)
* [CVE-2023-31974](CVE-2023/CVE-2023-319xx/CVE-2023-31974.json) (`2023-05-09T14:30:54.950`)
* [CVE-2023-31975](CVE-2023/CVE-2023-319xx/CVE-2023-31975.json) (`2023-05-09T14:30:54.950`)
* [CVE-2013-10026](CVE-2013/CVE-2013-100xx/CVE-2013-10026.json) (`2023-05-09T17:18:59.857`)
* [CVE-2017-9946](CVE-2017/CVE-2017-99xx/CVE-2017-9946.json) (`2023-05-09T16:27:38.737`)
* [CVE-2017-9947](CVE-2017/CVE-2017-99xx/CVE-2017-9947.json) (`2023-05-09T16:27:57.397`)
* [CVE-2019-13939](CVE-2019/CVE-2019-139xx/CVE-2019-13939.json) (`2023-05-09T16:27:15.257`)
* [CVE-2022-25713](CVE-2022/CVE-2022-257xx/CVE-2022-25713.json) (`2023-05-09T16:38:01.897`)
* [CVE-2022-30995](CVE-2022/CVE-2022-309xx/CVE-2022-30995.json) (`2023-05-09T17:03:06.093`)
* [CVE-2022-33281](CVE-2022/CVE-2022-332xx/CVE-2022-33281.json) (`2023-05-09T16:37:34.280`)
* [CVE-2022-33292](CVE-2022/CVE-2022-332xx/CVE-2022-33292.json) (`2023-05-09T16:37:09.067`)
* [CVE-2022-33304](CVE-2022/CVE-2022-333xx/CVE-2022-33304.json) (`2023-05-09T16:36:32.340`)
* [CVE-2022-33305](CVE-2022/CVE-2022-333xx/CVE-2022-33305.json) (`2023-05-09T16:36:20.023`)
* [CVE-2022-3405](CVE-2022/CVE-2022-34xx/CVE-2022-3405.json) (`2023-05-09T17:02:27.727`)
* [CVE-2022-34144](CVE-2022/CVE-2022-341xx/CVE-2022-34144.json) (`2023-05-09T16:36:24.253`)
* [CVE-2022-40505](CVE-2022/CVE-2022-405xx/CVE-2022-40505.json) (`2023-05-09T16:34:33.830`)
* [CVE-2022-40508](CVE-2022/CVE-2022-405xx/CVE-2022-40508.json) (`2023-05-09T16:36:28.163`)
* [CVE-2022-41104](CVE-2022/CVE-2022-411xx/CVE-2022-41104.json) (`2023-05-09T17:15:09.413`)
* [CVE-2022-41120](CVE-2022/CVE-2022-411xx/CVE-2022-41120.json) (`2023-05-09T17:15:09.613`)
* [CVE-2023-1387](CVE-2023/CVE-2023-13xx/CVE-2023-1387.json) (`2023-05-09T16:39:27.417`)
* [CVE-2023-1966](CVE-2023/CVE-2023-19xx/CVE-2023-1966.json) (`2023-05-09T17:53:51.073`)
* [CVE-2023-2000](CVE-2023/CVE-2023-20xx/CVE-2023-2000.json) (`2023-05-09T16:31:00.540`)
* [CVE-2023-2158](CVE-2023/CVE-2023-21xx/CVE-2023-2158.json) (`2023-05-09T17:52:35.830`)
* [CVE-2023-21642](CVE-2023/CVE-2023-216xx/CVE-2023-21642.json) (`2023-05-09T16:32:01.093`)
* [CVE-2023-21712](CVE-2023/CVE-2023-217xx/CVE-2023-21712.json) (`2023-05-09T16:50:44.697`)
* [CVE-2023-21738](CVE-2023/CVE-2023-217xx/CVE-2023-21738.json) (`2023-05-09T17:15:09.807`)
* [CVE-2023-21775](CVE-2023/CVE-2023-217xx/CVE-2023-21775.json) (`2023-05-09T17:15:09.937`)
* [CVE-2023-21795](CVE-2023/CVE-2023-217xx/CVE-2023-21795.json) (`2023-05-09T17:15:10.107`)
* [CVE-2023-21796](CVE-2023/CVE-2023-217xx/CVE-2023-21796.json) (`2023-05-09T17:15:10.237`)
* [CVE-2023-22503](CVE-2023/CVE-2023-225xx/CVE-2023-22503.json) (`2023-05-09T16:24:56.853`)
* [CVE-2023-22691](CVE-2023/CVE-2023-226xx/CVE-2023-22691.json) (`2023-05-09T17:07:24.280`)
* [CVE-2023-2355](CVE-2023/CVE-2023-23xx/CVE-2023-2355.json) (`2023-05-09T16:38:54.170`)
* [CVE-2023-23790](CVE-2023/CVE-2023-237xx/CVE-2023-23790.json) (`2023-05-09T17:04:45.130`)
* [CVE-2023-2445](CVE-2023/CVE-2023-24xx/CVE-2023-2445.json) (`2023-05-09T17:25:41.957`)
* [CVE-2023-24512](CVE-2023/CVE-2023-245xx/CVE-2023-24512.json) (`2023-05-09T16:02:21.720`)
* [CVE-2023-2459](CVE-2023/CVE-2023-24xx/CVE-2023-2459.json) (`2023-05-09T17:16:44.733`)
* [CVE-2023-2460](CVE-2023/CVE-2023-24xx/CVE-2023-2460.json) (`2023-05-09T17:16:24.910`)
* [CVE-2023-2461](CVE-2023/CVE-2023-24xx/CVE-2023-2461.json) (`2023-05-09T17:16:07.147`)
* [CVE-2023-2462](CVE-2023/CVE-2023-24xx/CVE-2023-2462.json) (`2023-05-09T17:15:30.470`)
* [CVE-2023-2463](CVE-2023/CVE-2023-24xx/CVE-2023-2463.json) (`2023-05-09T17:13:37.423`)
* [CVE-2023-2464](CVE-2023/CVE-2023-24xx/CVE-2023-2464.json) (`2023-05-09T17:12:05.487`)
* [CVE-2023-2465](CVE-2023/CVE-2023-24xx/CVE-2023-2465.json) (`2023-05-09T17:11:35.407`)
* [CVE-2023-2466](CVE-2023/CVE-2023-24xx/CVE-2023-2466.json) (`2023-05-09T17:11:08.640`)
* [CVE-2023-2467](CVE-2023/CVE-2023-24xx/CVE-2023-2467.json) (`2023-05-09T17:10:36.677`)
* [CVE-2023-2468](CVE-2023/CVE-2023-24xx/CVE-2023-2468.json) (`2023-05-09T17:10:02.967`)
* [CVE-2023-2473](CVE-2023/CVE-2023-24xx/CVE-2023-2473.json) (`2023-05-09T17:36:44.243`)
* [CVE-2023-2474](CVE-2023/CVE-2023-24xx/CVE-2023-2474.json) (`2023-05-09T17:35:26.590`)
* [CVE-2023-2475](CVE-2023/CVE-2023-24xx/CVE-2023-2475.json) (`2023-05-09T17:27:09.967`)
* [CVE-2023-2476](CVE-2023/CVE-2023-24xx/CVE-2023-2476.json) (`2023-05-09T17:21:53.020`)
* [CVE-2023-2477](CVE-2023/CVE-2023-24xx/CVE-2023-2477.json) (`2023-05-09T17:20:54.677`)
* [CVE-2023-25787](CVE-2023/CVE-2023-257xx/CVE-2023-25787.json) (`2023-05-09T17:00:02.467`)
* [CVE-2023-25792](CVE-2023/CVE-2023-257xx/CVE-2023-25792.json) (`2023-05-09T16:59:05.530`)
* [CVE-2023-25797](CVE-2023/CVE-2023-257xx/CVE-2023-25797.json) (`2023-05-09T16:42:33.117`)
* [CVE-2023-27075](CVE-2023/CVE-2023-270xx/CVE-2023-27075.json) (`2023-05-09T17:43:32.093`)
* [CVE-2023-27107](CVE-2023/CVE-2023-271xx/CVE-2023-27107.json) (`2023-05-09T17:24:20.610`)
* [CVE-2023-28070](CVE-2023/CVE-2023-280xx/CVE-2023-28070.json) (`2023-05-09T17:06:23.173`)
* [CVE-2023-29680](CVE-2023/CVE-2023-296xx/CVE-2023-29680.json) (`2023-05-09T16:29:40.173`)
* [CVE-2023-29681](CVE-2023/CVE-2023-296xx/CVE-2023-29681.json) (`2023-05-09T16:29:48.443`)
* [CVE-2023-29839](CVE-2023/CVE-2023-298xx/CVE-2023-29839.json) (`2023-05-09T17:08:54.440`)
* [CVE-2023-30845](CVE-2023/CVE-2023-308xx/CVE-2023-30845.json) (`2023-05-09T16:08:02.997`)
* [CVE-2023-30852](CVE-2023/CVE-2023-308xx/CVE-2023-30852.json) (`2023-05-09T17:53:20.770`)
* [CVE-2023-31138](CVE-2023/CVE-2023-311xx/CVE-2023-31138.json) (`2023-05-09T17:37:00.247`)
* [CVE-2023-31139](CVE-2023/CVE-2023-311xx/CVE-2023-31139.json) (`2023-05-09T17:37:00.247`)
* [CVE-2023-31143](CVE-2023/CVE-2023-311xx/CVE-2023-31143.json) (`2023-05-09T17:37:00.247`)
* [CVE-2023-32060](CVE-2023/CVE-2023-320xx/CVE-2023-32060.json) (`2023-05-09T17:37:00.247`)
## Download and Usage