diff --git a/CVE-2002/CVE-2002-200xx/CVE-2002-20001.json b/CVE-2002/CVE-2002-200xx/CVE-2002-20001.json index b6bf537d7b5..dcbae5c7c58 100644 --- a/CVE-2002/CVE-2002-200xx/CVE-2002-20001.json +++ b/CVE-2002/CVE-2002-200xx/CVE-2002-20001.json @@ -2,7 +2,7 @@ "id": "CVE-2002-20001", "sourceIdentifier": "cve@mitre.org", "published": "2021-11-11T19:15:07.380", - "lastModified": "2023-07-19T00:55:30.610", + "lastModified": "2023-08-16T14:17:11.363", "vulnStatus": "Analyzed", "descriptions": [ { @@ -331,13 +331,13 @@ }, { "vulnerable": true, - "criteria": "cpe:2.3:a:f5:traffix_sdc:5.1.0:*:*:*:*:*:*:*", - "matchCriteriaId": "693DE548-00FA-4057-8FC9-6EB3761FBB24" + "criteria": "cpe:2.3:a:f5:traffix_signaling_delivery_controller:5.1.0:*:*:*:*:*:*:*", + "matchCriteriaId": "42836A1C-81BB-4F80-9E32-EEE0DAA18D26" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:f5:traffix_sdc:5.2.0:*:*:*:*:*:*:*", - "matchCriteriaId": "E2D78E00-C168-4493-A279-699E480F59E2" + "criteria": "cpe:2.3:a:f5:traffix_signaling_delivery_controller:5.2.0:*:*:*:*:*:*:*", + "matchCriteriaId": "DA4D5EC6-8099-4D0A-AD6F-BA3B37C2EBD8" } ] } diff --git a/CVE-2015/CVE-2015-57xx/CVE-2015-5738.json b/CVE-2015/CVE-2015-57xx/CVE-2015-5738.json index 1fdaffd1aae..833c9aa0e55 100644 --- a/CVE-2015/CVE-2015-57xx/CVE-2015-5738.json +++ b/CVE-2015/CVE-2015-57xx/CVE-2015-5738.json @@ -2,7 +2,7 @@ "id": "CVE-2015-5738", "sourceIdentifier": "cve@mitre.org", "published": "2016-07-26T17:59:00.137", - "lastModified": "2020-11-10T14:04:23.653", + "lastModified": "2023-08-16T14:17:11.363", "vulnStatus": "Analyzed", "descriptions": [ { @@ -122,17 +122,17 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:f5:traffix_sdc:*:*:*:*:*:*:*:*", + "criteria": "cpe:2.3:a:f5:traffix_signaling_delivery_controller:*:*:*:*:*:*:*:*", "versionStartIncluding": "3.3.2", "versionEndIncluding": "3.5.1", - "matchCriteriaId": "7DC68E25-1473-44BD-BEEB-81461BA56C61" + "matchCriteriaId": "90B753A2-3CC6-46A2-82C4-F2B7A029E18C" }, { "vulnerable": true, - "criteria": "cpe:2.3:a:f5:traffix_sdc:*:*:*:*:*:*:*:*", + "criteria": "cpe:2.3:a:f5:traffix_signaling_delivery_controller:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.0.0", "versionEndIncluding": "4.4.0", - "matchCriteriaId": "9410CA01-0951-4477-ABF0-A5D316E52C01" + "matchCriteriaId": "E0AAD5D5-E970-4875-8FDF-E940D9F00636" } ] } diff --git a/CVE-2018/CVE-2018-13xx/CVE-2018-1320.json b/CVE-2018/CVE-2018-13xx/CVE-2018-1320.json index 64bc124d758..d74f3aad716 100644 --- a/CVE-2018/CVE-2018-13xx/CVE-2018-1320.json +++ b/CVE-2018/CVE-2018-13xx/CVE-2018-1320.json @@ -2,7 +2,7 @@ "id": "CVE-2018-1320", "sourceIdentifier": "security@apache.org", "published": "2019-01-07T17:29:00.360", - "lastModified": "2022-03-30T14:15:49.387", + "lastModified": "2023-08-16T14:17:11.363", "vulnStatus": "Analyzed", "descriptions": [ { @@ -116,10 +116,10 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:f5:traffix_sdc:*:*:*:*:*:*:*:*", + "criteria": "cpe:2.3:a:f5:traffix_signaling_delivery_controller:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.0.0", "versionEndIncluding": "5.1.0", - "matchCriteriaId": "7243F50D-6EF8-4702-92C2-F512DC8E5C00" + "matchCriteriaId": "4E52F91D-3F39-4D89-8069-EC422FB1F700" } ] } diff --git a/CVE-2018/CVE-2018-144xx/CVE-2018-14462.json b/CVE-2018/CVE-2018-144xx/CVE-2018-14462.json index b90d75076ce..c5f89fe645b 100644 --- a/CVE-2018/CVE-2018-144xx/CVE-2018-14462.json +++ b/CVE-2018/CVE-2018-144xx/CVE-2018-14462.json @@ -2,7 +2,7 @@ "id": "CVE-2018-14462", "sourceIdentifier": "cve@mitre.org", "published": "2019-10-03T16:15:11.490", - "lastModified": "2020-01-20T13:15:12.793", + "lastModified": "2023-08-16T14:17:11.363", "vulnStatus": "Modified", "descriptions": [ { @@ -100,10 +100,10 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:f5:traffix_sdc:*:*:*:*:*:*:*:*", + "criteria": "cpe:2.3:a:f5:traffix_signaling_delivery_controller:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.0.0", "versionEndIncluding": "5.1.0", - "matchCriteriaId": "7243F50D-6EF8-4702-92C2-F512DC8E5C00" + "matchCriteriaId": "4E52F91D-3F39-4D89-8069-EC422FB1F700" }, { "vulnerable": true, diff --git a/CVE-2018/CVE-2018-144xx/CVE-2018-14463.json b/CVE-2018/CVE-2018-144xx/CVE-2018-14463.json index 8c186de246b..3761aeacaf9 100644 --- a/CVE-2018/CVE-2018-144xx/CVE-2018-14463.json +++ b/CVE-2018/CVE-2018-144xx/CVE-2018-14463.json @@ -2,7 +2,7 @@ "id": "CVE-2018-14463", "sourceIdentifier": "cve@mitre.org", "published": "2019-10-03T16:15:11.570", - "lastModified": "2022-08-27T06:15:07.380", + "lastModified": "2023-08-16T14:17:11.363", "vulnStatus": "Modified", "descriptions": [ { @@ -100,10 +100,10 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:f5:traffix_sdc:*:*:*:*:*:*:*:*", + "criteria": "cpe:2.3:a:f5:traffix_signaling_delivery_controller:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.0.0", "versionEndIncluding": "5.1.0", - "matchCriteriaId": "7243F50D-6EF8-4702-92C2-F512DC8E5C00" + "matchCriteriaId": "4E52F91D-3F39-4D89-8069-EC422FB1F700" }, { "vulnerable": true, diff --git a/CVE-2018/CVE-2018-144xx/CVE-2018-14465.json b/CVE-2018/CVE-2018-144xx/CVE-2018-14465.json index 34d071c36e5..7eee71cbb0c 100644 --- a/CVE-2018/CVE-2018-144xx/CVE-2018-14465.json +++ b/CVE-2018/CVE-2018-144xx/CVE-2018-14465.json @@ -2,7 +2,7 @@ "id": "CVE-2018-14465", "sourceIdentifier": "cve@mitre.org", "published": "2019-10-03T16:15:11.710", - "lastModified": "2020-01-20T13:15:13.170", + "lastModified": "2023-08-16T14:17:11.363", "vulnStatus": "Modified", "descriptions": [ { @@ -100,10 +100,10 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:f5:traffix_sdc:*:*:*:*:*:*:*:*", + "criteria": "cpe:2.3:a:f5:traffix_signaling_delivery_controller:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.0.0", "versionEndIncluding": "5.1.0", - "matchCriteriaId": "7243F50D-6EF8-4702-92C2-F512DC8E5C00" + "matchCriteriaId": "4E52F91D-3F39-4D89-8069-EC422FB1F700" }, { "vulnerable": true, diff --git a/CVE-2018/CVE-2018-144xx/CVE-2018-14468.json b/CVE-2018/CVE-2018-144xx/CVE-2018-14468.json index 422a8601d42..fa2ad434440 100644 --- a/CVE-2018/CVE-2018-144xx/CVE-2018-14468.json +++ b/CVE-2018/CVE-2018-144xx/CVE-2018-14468.json @@ -2,7 +2,7 @@ "id": "CVE-2018-14468", "sourceIdentifier": "cve@mitre.org", "published": "2019-10-03T16:15:11.930", - "lastModified": "2020-01-20T13:15:13.607", + "lastModified": "2023-08-16T14:17:11.363", "vulnStatus": "Modified", "descriptions": [ { @@ -670,10 +670,10 @@ }, { "vulnerable": true, - "criteria": "cpe:2.3:a:f5:traffix_sdc:*:*:*:*:*:*:*:*", + "criteria": "cpe:2.3:a:f5:traffix_signaling_delivery_controller:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.0.0", "versionEndIncluding": "5.1.0", - "matchCriteriaId": "7243F50D-6EF8-4702-92C2-F512DC8E5C00" + "matchCriteriaId": "4E52F91D-3F39-4D89-8069-EC422FB1F700" } ] } diff --git a/CVE-2018/CVE-2018-144xx/CVE-2018-14469.json b/CVE-2018/CVE-2018-144xx/CVE-2018-14469.json index ac5e13ae264..50f79b68ddf 100644 --- a/CVE-2018/CVE-2018-144xx/CVE-2018-14469.json +++ b/CVE-2018/CVE-2018-144xx/CVE-2018-14469.json @@ -2,7 +2,7 @@ "id": "CVE-2018-14469", "sourceIdentifier": "cve@mitre.org", "published": "2019-10-03T16:15:11.990", - "lastModified": "2020-01-20T13:15:13.937", + "lastModified": "2023-08-16T14:17:11.363", "vulnStatus": "Modified", "descriptions": [ { @@ -100,10 +100,10 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:f5:traffix_sdc:*:*:*:*:*:*:*:*", + "criteria": "cpe:2.3:a:f5:traffix_signaling_delivery_controller:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.0.0", "versionEndIncluding": "5.1.0", - "matchCriteriaId": "7243F50D-6EF8-4702-92C2-F512DC8E5C00" + "matchCriteriaId": "4E52F91D-3F39-4D89-8069-EC422FB1F700" }, { "vulnerable": true, diff --git a/CVE-2018/CVE-2018-148xx/CVE-2018-14879.json b/CVE-2018/CVE-2018-148xx/CVE-2018-14879.json index 7565a8b6b3e..f877ce34541 100644 --- a/CVE-2018/CVE-2018-148xx/CVE-2018-14879.json +++ b/CVE-2018/CVE-2018-148xx/CVE-2018-14879.json @@ -2,7 +2,7 @@ "id": "CVE-2018-14879", "sourceIdentifier": "cve@mitre.org", "published": "2019-10-03T16:15:12.133", - "lastModified": "2020-01-20T13:15:14.280", + "lastModified": "2023-08-16T14:17:11.363", "vulnStatus": "Modified", "descriptions": [ { @@ -84,10 +84,10 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:f5:traffix_sdc:*:*:*:*:*:*:*:*", + "criteria": "cpe:2.3:a:f5:traffix_signaling_delivery_controller:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.0.0", "versionEndIncluding": "5.1.0", - "matchCriteriaId": "7243F50D-6EF8-4702-92C2-F512DC8E5C00" + "matchCriteriaId": "4E52F91D-3F39-4D89-8069-EC422FB1F700" }, { "vulnerable": true, diff --git a/CVE-2018/CVE-2018-148xx/CVE-2018-14880.json b/CVE-2018/CVE-2018-148xx/CVE-2018-14880.json index 053f35e16e1..67744c6ebd0 100644 --- a/CVE-2018/CVE-2018-148xx/CVE-2018-14880.json +++ b/CVE-2018/CVE-2018-148xx/CVE-2018-14880.json @@ -2,7 +2,7 @@ "id": "CVE-2018-14880", "sourceIdentifier": "cve@mitre.org", "published": "2019-10-03T16:15:12.210", - "lastModified": "2020-01-20T13:15:14.437", + "lastModified": "2023-08-16T14:17:11.363", "vulnStatus": "Modified", "descriptions": [ { @@ -670,10 +670,10 @@ }, { "vulnerable": true, - "criteria": "cpe:2.3:a:f5:traffix_sdc:*:*:*:*:*:*:*:*", + "criteria": "cpe:2.3:a:f5:traffix_signaling_delivery_controller:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.0.0", "versionEndIncluding": "5.1.0", - "matchCriteriaId": "7243F50D-6EF8-4702-92C2-F512DC8E5C00" + "matchCriteriaId": "4E52F91D-3F39-4D89-8069-EC422FB1F700" } ] } diff --git a/CVE-2018/CVE-2018-148xx/CVE-2018-14882.json b/CVE-2018/CVE-2018-148xx/CVE-2018-14882.json index cbee3558208..32aab637d0f 100644 --- a/CVE-2018/CVE-2018-148xx/CVE-2018-14882.json +++ b/CVE-2018/CVE-2018-148xx/CVE-2018-14882.json @@ -2,7 +2,7 @@ "id": "CVE-2018-14882", "sourceIdentifier": "cve@mitre.org", "published": "2019-10-03T16:15:12.337", - "lastModified": "2020-01-20T13:15:14.810", + "lastModified": "2023-08-16T14:17:11.363", "vulnStatus": "Modified", "descriptions": [ { @@ -100,10 +100,10 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:f5:traffix_sdc:*:*:*:*:*:*:*:*", + "criteria": "cpe:2.3:a:f5:traffix_signaling_delivery_controller:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.0.0", "versionEndIncluding": "5.1.0", - "matchCriteriaId": "7243F50D-6EF8-4702-92C2-F512DC8E5C00" + "matchCriteriaId": "4E52F91D-3F39-4D89-8069-EC422FB1F700" }, { "vulnerable": true, diff --git a/CVE-2018/CVE-2018-162xx/CVE-2018-16229.json b/CVE-2018/CVE-2018-162xx/CVE-2018-16229.json index 0fa88410dde..e8bc70a5a94 100644 --- a/CVE-2018/CVE-2018-162xx/CVE-2018-16229.json +++ b/CVE-2018/CVE-2018-162xx/CVE-2018-16229.json @@ -2,7 +2,7 @@ "id": "CVE-2018-16229", "sourceIdentifier": "cve@mitre.org", "published": "2019-10-03T16:15:12.490", - "lastModified": "2020-01-20T13:15:15.233", + "lastModified": "2023-08-16T14:17:11.363", "vulnStatus": "Modified", "descriptions": [ { @@ -100,10 +100,10 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:f5:traffix_sdc:*:*:*:*:*:*:*:*", + "criteria": "cpe:2.3:a:f5:traffix_signaling_delivery_controller:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.0.0", "versionEndIncluding": "5.1.0", - "matchCriteriaId": "7243F50D-6EF8-4702-92C2-F512DC8E5C00" + "matchCriteriaId": "4E52F91D-3F39-4D89-8069-EC422FB1F700" }, { "vulnerable": true, diff --git a/CVE-2019/CVE-2019-114xx/CVE-2019-11477.json b/CVE-2019/CVE-2019-114xx/CVE-2019-11477.json index 64934ff69dc..05794d15dc9 100644 --- a/CVE-2019/CVE-2019-114xx/CVE-2019-11477.json +++ b/CVE-2019/CVE-2019-114xx/CVE-2019-11477.json @@ -2,7 +2,7 @@ "id": "CVE-2019-11477", "sourceIdentifier": "security@ubuntu.com", "published": "2019-06-19T00:15:12.640", - "lastModified": "2023-01-17T21:28:26.170", + "lastModified": "2023-08-16T14:17:11.363", "vulnStatus": "Analyzed", "descriptions": [ { @@ -852,10 +852,10 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:f5:traffix_sdc:*:*:*:*:*:*:*:*", + "criteria": "cpe:2.3:a:f5:traffix_signaling_delivery_controller:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.0.0", "versionEndIncluding": "5.1.0", - "matchCriteriaId": "7243F50D-6EF8-4702-92C2-F512DC8E5C00" + "matchCriteriaId": "4E52F91D-3F39-4D89-8069-EC422FB1F700" } ] } diff --git a/CVE-2019/CVE-2019-114xx/CVE-2019-11478.json b/CVE-2019/CVE-2019-114xx/CVE-2019-11478.json index adddbd067ce..e2647eeaaae 100644 --- a/CVE-2019/CVE-2019-114xx/CVE-2019-11478.json +++ b/CVE-2019/CVE-2019-114xx/CVE-2019-11478.json @@ -2,7 +2,7 @@ "id": "CVE-2019-11478", "sourceIdentifier": "security@ubuntu.com", "published": "2019-06-19T00:15:12.687", - "lastModified": "2021-07-15T19:16:09.750", + "lastModified": "2023-08-16T14:17:11.363", "vulnStatus": "Modified", "descriptions": [ { @@ -842,10 +842,10 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:f5:traffix_sdc:*:*:*:*:*:*:*:*", + "criteria": "cpe:2.3:a:f5:traffix_signaling_delivery_controller:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.0.0", "versionEndIncluding": "5.1.0", - "matchCriteriaId": "7243F50D-6EF8-4702-92C2-F512DC8E5C00" + "matchCriteriaId": "4E52F91D-3F39-4D89-8069-EC422FB1F700" } ] } diff --git a/CVE-2019/CVE-2019-114xx/CVE-2019-11479.json b/CVE-2019/CVE-2019-114xx/CVE-2019-11479.json index 11bbd209cc0..336180d35e1 100644 --- a/CVE-2019/CVE-2019-114xx/CVE-2019-11479.json +++ b/CVE-2019/CVE-2019-114xx/CVE-2019-11479.json @@ -2,7 +2,7 @@ "id": "CVE-2019-11479", "sourceIdentifier": "security@ubuntu.com", "published": "2019-06-19T00:15:12.767", - "lastModified": "2020-10-20T22:15:29.437", + "lastModified": "2023-08-16T14:17:11.363", "vulnStatus": "Modified", "descriptions": [ { @@ -928,10 +928,10 @@ }, { "vulnerable": true, - "criteria": "cpe:2.3:a:f5:traffix_sdc:*:*:*:*:*:*:*:*", + "criteria": "cpe:2.3:a:f5:traffix_signaling_delivery_controller:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.0.0", "versionEndIncluding": "5.1.0", - "matchCriteriaId": "7243F50D-6EF8-4702-92C2-F512DC8E5C00" + "matchCriteriaId": "4E52F91D-3F39-4D89-8069-EC422FB1F700" } ] } diff --git a/CVE-2019/CVE-2019-90xx/CVE-2019-9070.json b/CVE-2019/CVE-2019-90xx/CVE-2019-9070.json index 993efced25e..a6c0e806f99 100644 --- a/CVE-2019/CVE-2019-90xx/CVE-2019-9070.json +++ b/CVE-2019/CVE-2019-90xx/CVE-2019-9070.json @@ -2,7 +2,7 @@ "id": "CVE-2019-9070", "sourceIdentifier": "cve@mitre.org", "published": "2019-02-24T00:29:00.237", - "lastModified": "2021-12-10T19:22:40.440", + "lastModified": "2023-08-16T14:17:11.363", "vulnStatus": "Analyzed", "descriptions": [ { @@ -134,10 +134,10 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:f5:traffix_sdc:*:*:*:*:*:*:*:*", + "criteria": "cpe:2.3:a:f5:traffix_signaling_delivery_controller:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.0.0", "versionEndIncluding": "5.1.0", - "matchCriteriaId": "7243F50D-6EF8-4702-92C2-F512DC8E5C00" + "matchCriteriaId": "4E52F91D-3F39-4D89-8069-EC422FB1F700" } ] } diff --git a/CVE-2019/CVE-2019-90xx/CVE-2019-9077.json b/CVE-2019/CVE-2019-90xx/CVE-2019-9077.json index 9d2d3cb38a3..f12850f2d08 100644 --- a/CVE-2019/CVE-2019-90xx/CVE-2019-9077.json +++ b/CVE-2019/CVE-2019-90xx/CVE-2019-9077.json @@ -2,7 +2,7 @@ "id": "CVE-2019-9077", "sourceIdentifier": "cve@mitre.org", "published": "2019-02-24T00:29:00.597", - "lastModified": "2021-12-10T19:13:18.007", + "lastModified": "2023-08-16T14:17:11.363", "vulnStatus": "Analyzed", "descriptions": [ { @@ -129,10 +129,10 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:f5:traffix_sdc:*:*:*:*:*:*:*:*", + "criteria": "cpe:2.3:a:f5:traffix_signaling_delivery_controller:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.0.0", "versionEndIncluding": "5.1.0", - "matchCriteriaId": "7243F50D-6EF8-4702-92C2-F512DC8E5C00" + "matchCriteriaId": "4E52F91D-3F39-4D89-8069-EC422FB1F700" } ] } diff --git a/CVE-2020/CVE-2020-205xx/CVE-2020-20523.json b/CVE-2020/CVE-2020-205xx/CVE-2020-20523.json index 27f6a627976..db9504a586c 100644 --- a/CVE-2020/CVE-2020-205xx/CVE-2020-20523.json +++ b/CVE-2020/CVE-2020-205xx/CVE-2020-20523.json @@ -2,19 +2,75 @@ "id": "CVE-2020-20523", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-11T14:15:10.047", - "lastModified": "2023-08-11T15:18:19.837", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-16T15:37:11.977", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Cross Site Scripting (XSS) vulnerability in adm_user parameter in Gila CMS version 1.11.3, allows remote attackers to execute arbitrary code during the Gila CMS installation." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gilacms:gila_cms:1.11.3:*:*:*:*:*:*:*", + "matchCriteriaId": "834ED48E-B0F1-4AE8-8837-82582D7A652B" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/GilaCMS/gila/issues/41", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2020/CVE-2020-240xx/CVE-2020-24075.json b/CVE-2020/CVE-2020-240xx/CVE-2020-24075.json index c6ca55faca5..933a2e5199d 100644 --- a/CVE-2020/CVE-2020-240xx/CVE-2020-24075.json +++ b/CVE-2020/CVE-2020-240xx/CVE-2020-24075.json @@ -2,19 +2,76 @@ "id": "CVE-2020-24075", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-11T14:15:10.177", - "lastModified": "2023-08-11T15:18:19.837", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-16T15:38:26.680", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Cross Site Scripting (XSS) vulnerability in Name Input Field in Contact Us form in Laborator Kalium before 3.0.4, allows remote attackers to execute arbitrary code." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:laborator:kalium:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.0.4", + "matchCriteriaId": "6EEF0358-1DA2-4253-99C4-35720A05F817" + } + ] + } + ] + } + ], "references": [ { "url": "https://documentation.laborator.co/kb/kalium/kalium-changelog/#version-3-0-4-jun-23-2020", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2020/CVE-2020-248xx/CVE-2020-24872.json b/CVE-2020/CVE-2020-248xx/CVE-2020-24872.json index 47f79d537b2..37eb9c47fdf 100644 --- a/CVE-2020/CVE-2020-248xx/CVE-2020-24872.json +++ b/CVE-2020/CVE-2020-248xx/CVE-2020-24872.json @@ -2,19 +2,74 @@ "id": "CVE-2020-24872", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-11T14:15:10.500", - "lastModified": "2023-08-11T15:18:19.837", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-16T15:36:30.877", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Cross Site Scripting (XSS) vulnerability in backend/pages/modify.php in Lepton-CMS version 4.7.0, allows remote attackers to execute arbitrary code." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:lepton-cms:leptoncms:4.7.0:*:*:*:*:*:*:*", + "matchCriteriaId": "6EEDC302-4B45-4071-BBBD-1932394EFE36" + } + ] + } + ] + } + ], "references": [ { "url": "https://lepton-cms.org/posts/new-security-release-144.php", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2020/CVE-2020-259xx/CVE-2020-25915.json b/CVE-2020/CVE-2020-259xx/CVE-2020-25915.json index f1bfeac5934..ea996a7f3b4 100644 --- a/CVE-2020/CVE-2020-259xx/CVE-2020-25915.json +++ b/CVE-2020/CVE-2020-259xx/CVE-2020-25915.json @@ -2,19 +2,74 @@ "id": "CVE-2020-25915", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-11T14:15:10.763", - "lastModified": "2023-08-11T15:18:06.983", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-16T15:38:13.947", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Cross Site Scripting (XSS) vulnerability in UserController.php in ThinkCMF version 5.1.5, allows attackers to execute arbitrary code via crafted user_login." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:thinkcmf:thinkcmf:5.1.5:*:*:*:*:*:*:*", + "matchCriteriaId": "35A7FAC9-1D3C-4602-9EB8-2C72787A6CEA" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/thinkcmf/thinkcmf/issues/675", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2020/CVE-2020-260xx/CVE-2020-26037.json b/CVE-2020/CVE-2020-260xx/CVE-2020-26037.json index c034bc119bd..76f7163479e 100644 --- a/CVE-2020/CVE-2020-260xx/CVE-2020-26037.json +++ b/CVE-2020/CVE-2020-260xx/CVE-2020-26037.json @@ -2,8 +2,8 @@ "id": "CVE-2020-26037", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-16T13:15:10.413", - "lastModified": "2023-08-16T13:15:10.413", - "vulnStatus": "Received", + "lastModified": "2023-08-16T15:17:05.683", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2020/CVE-2020-274xx/CVE-2020-27449.json b/CVE-2020/CVE-2020-274xx/CVE-2020-27449.json index 9d075d34fe3..1a4891bd84c 100644 --- a/CVE-2020/CVE-2020-274xx/CVE-2020-27449.json +++ b/CVE-2020/CVE-2020-274xx/CVE-2020-27449.json @@ -2,23 +2,83 @@ "id": "CVE-2020-27449", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-11T14:15:10.840", - "lastModified": "2023-08-11T15:18:06.983", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-16T15:37:52.250", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Cross Site Scripting (XSS) vulnerability in Query Report feature in Zoho ManageEngine Password Manager Pro version 11001, allows remote attackers to execute arbitrary code and steal cookies via crafted JavaScript payload." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:zohocorp:manageengine_password_manager_pro:11.1:build_11101:*:*:*:*:*:*", + "matchCriteriaId": "564A39DB-D202-4223-97E9-E6378CE69013" + } + ] + } + ] + } + ], "references": [ { "url": "https://bugbounty.zoho.com/bb/#/bug/101000003619211", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Permissions Required", + "Vendor Advisory" + ] }, { "url": "https://www.manageengine.com/products/passwordmanagerpro/release-notes.html#pmp11002", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Product", + "Release Notes" + ] } ] } \ No newline at end of file diff --git a/CVE-2020/CVE-2020-360xx/CVE-2020-36082.json b/CVE-2020/CVE-2020-360xx/CVE-2020-36082.json index 020eecf0cce..6d74164e2d0 100644 --- a/CVE-2020/CVE-2020-360xx/CVE-2020-36082.json +++ b/CVE-2020/CVE-2020-360xx/CVE-2020-36082.json @@ -2,8 +2,8 @@ "id": "CVE-2020-36082", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-11T14:15:11.770", - "lastModified": "2023-08-15T20:46:32.290", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2023-08-16T14:04:42.477", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -17,19 +17,19 @@ "type": "Primary", "cvssData": { "version": "3.1", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", - "userInteraction": "REQUIRED", + "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", - "baseScore": 8.8, - "baseSeverity": "HIGH" + "baseScore": 9.8, + "baseSeverity": "CRITICAL" }, - "exploitabilityScore": 2.8, + "exploitabilityScore": 3.9, "impactScore": 5.9 } ] diff --git a/CVE-2020/CVE-2020-361xx/CVE-2020-36138.json b/CVE-2020/CVE-2020-361xx/CVE-2020-36138.json index f9c15822555..307d266d93f 100644 --- a/CVE-2020/CVE-2020-361xx/CVE-2020-36138.json +++ b/CVE-2020/CVE-2020-361xx/CVE-2020-36138.json @@ -2,27 +2,88 @@ "id": "CVE-2020-36138", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-11T14:15:11.910", - "lastModified": "2023-08-11T15:18:06.983", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-16T15:20:17.433", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An issue was discovered in decode_frame in libavcodec/tiff.c in FFmpeg version 4.3, allows remote attackers to cause a denial of service (DoS)." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:4.3:*:*:*:*:*:*:*", + "matchCriteriaId": "11B518F8-B4A9-44CC-A440-EB95E41C4B2A" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/FFmpeg/FFmpeg/commit/292e41ce650a7b5ca5de4ae87fff0d6a90d9fc97", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Patch" + ] }, { "url": "https://lists.ffmpeg.org/pipermail/ffmpeg-devel/2020-November/272001.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Patch" + ] }, { "url": "https://trac.ffmpeg.org/ticket/8960", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2020/CVE-2020-58xx/CVE-2020-5854.json b/CVE-2020/CVE-2020-58xx/CVE-2020-5854.json index 4080afa19ff..e65d8c595b5 100644 --- a/CVE-2020/CVE-2020-58xx/CVE-2020-5854.json +++ b/CVE-2020/CVE-2020-58xx/CVE-2020-5854.json @@ -2,7 +2,7 @@ "id": "CVE-2020-5854", "sourceIdentifier": "f5sirt@f5.com", "published": "2020-02-06T16:15:12.417", - "lastModified": "2021-07-21T11:39:23.747", + "lastModified": "2023-08-16T14:17:11.363", "vulnStatus": "Analyzed", "descriptions": [ { @@ -659,10 +659,10 @@ }, { "vulnerable": true, - "criteria": "cpe:2.3:a:f5:traffix_sdc:*:*:*:*:*:*:*:*", + "criteria": "cpe:2.3:a:f5:traffix_signaling_delivery_controller:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.0.0", "versionEndIncluding": "5.1.0", - "matchCriteriaId": "7243F50D-6EF8-4702-92C2-F512DC8E5C00" + "matchCriteriaId": "4E52F91D-3F39-4D89-8069-EC422FB1F700" } ] } diff --git a/CVE-2021/CVE-2021-257xx/CVE-2021-25786.json b/CVE-2021/CVE-2021-257xx/CVE-2021-25786.json index fe1377fe885..e27225dd00a 100644 --- a/CVE-2021/CVE-2021-257xx/CVE-2021-25786.json +++ b/CVE-2021/CVE-2021-257xx/CVE-2021-25786.json @@ -2,19 +2,76 @@ "id": "CVE-2021-25786", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-11T14:15:11.987", - "lastModified": "2023-08-11T15:18:06.983", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-16T15:21:03.207", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An issue was discovered in QPDF version 10.0.4, allows remote attackers to execute arbitrary code via crafted .pdf file to Pl_ASCII85Decoder::write parameter in libqpdf." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:qpdf_project:qpdf:10.0.4:*:*:*:*:*:*:*", + "matchCriteriaId": "3E7717C7-1395-4C1E-A59D-2E3B29B20D88" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/qpdf/qpdf/issues/492", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking", + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2021/CVE-2021-258xx/CVE-2021-25856.json b/CVE-2021/CVE-2021-258xx/CVE-2021-25856.json index 90bc55605a6..42baa683fe6 100644 --- a/CVE-2021/CVE-2021-258xx/CVE-2021-25856.json +++ b/CVE-2021/CVE-2021-258xx/CVE-2021-25856.json @@ -2,19 +2,75 @@ "id": "CVE-2021-25856", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-11T14:15:12.047", - "lastModified": "2023-08-11T15:18:06.983", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-16T15:06:10.420", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An issue was discovered in pcmt superMicro-CMS version 3.11, allows attackers to delete files via crafted image file in images.php." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 4.9, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.2, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:supermicro-cms_project:supermicro-cms:3.11:*:*:*:*:*:*:*", + "matchCriteriaId": "13D5BFF3-D7E7-4AEA-B1B9-188BE577E314" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/pcmt/superMicro-CMS/issues/1", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking" + ] } ] } \ No newline at end of file diff --git a/CVE-2021/CVE-2021-258xx/CVE-2021-25857.json b/CVE-2021/CVE-2021-258xx/CVE-2021-25857.json index 3797c6bc484..69b2bf0157b 100644 --- a/CVE-2021/CVE-2021-258xx/CVE-2021-25857.json +++ b/CVE-2021/CVE-2021-258xx/CVE-2021-25857.json @@ -2,19 +2,75 @@ "id": "CVE-2021-25857", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-11T14:15:12.117", - "lastModified": "2023-08-11T15:18:01.437", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-16T15:01:25.317", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An issue was discovered in pcmt superMicro-CMS version 3.11, allows authenticated attackers to execute arbitrary code via the font_type parameter to setup.php." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:supermicro-cms_project:supermicro-cms:3.11:*:*:*:*:*:*:*", + "matchCriteriaId": "13D5BFF3-D7E7-4AEA-B1B9-188BE577E314" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/pcmt/superMicro-CMS/issues/2", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32486.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32486.json new file mode 100644 index 00000000000..8251e605fbe --- /dev/null +++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32486.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-32486", + "sourceIdentifier": "security_alert@emc.com", + "published": "2023-08-16T14:15:10.837", + "lastModified": "2023-08-16T15:17:05.683", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "\nDell PowerScale OneFS 9.5.x version contain a privilege escalation vulnerability. A low privilege local attacker could potentially exploit this vulnerability, leading to escalation of privileges.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security_alert@emc.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 6.7, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "security_alert@emc.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-250" + } + ] + } + ], + "references": [ + { + "url": "https://www.dell.com/support/kbdoc/en-us/000216717/dsa-2023-269-security-update-for-dell-powerscale-onefs-for-multiple-security-vulnerabilities", + "source": "security_alert@emc.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32487.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32487.json new file mode 100644 index 00000000000..d501a84a38c --- /dev/null +++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32487.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-32487", + "sourceIdentifier": "security_alert@emc.com", + "published": "2023-08-16T14:15:11.047", + "lastModified": "2023-08-16T15:17:05.683", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "\nDell PowerScale OneFS, 8.2.x - 9.5.0.x, contains an elevation of privilege vulnerability. A low privileged local attacker could potentially exploit this vulnerability, leading to denial of service, code execution and information disclosure. \n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security_alert@emc.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "security_alert@emc.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-269" + } + ] + } + ], + "references": [ + { + "url": "https://www.dell.com/support/kbdoc/en-us/000216717/dsa-2023-269-security-update-for-dell-powerscale-onefs-for-multiple-security-vulnerabilities", + "source": "security_alert@emc.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32488.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32488.json new file mode 100644 index 00000000000..1039c4b15cd --- /dev/null +++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32488.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-32488", + "sourceIdentifier": "security_alert@emc.com", + "published": "2023-08-16T14:15:11.133", + "lastModified": "2023-08-16T15:17:05.683", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "\nDell PowerScale OneFS, 8.2.x-9.5.0.x, contains an information disclosure vulnerability in NFS. A low privileged attacker could potentially exploit this vulnerability, leading to information disclosure.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security_alert@emc.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "security_alert@emc.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-1230" + } + ] + } + ], + "references": [ + { + "url": "https://www.dell.com/support/kbdoc/en-us/000216717/dsa-2023-269-security-update-for-dell-powerscale-onefs-for-multiple-security-vulnerabilities", + "source": "security_alert@emc.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32489.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32489.json new file mode 100644 index 00000000000..c457bd76990 --- /dev/null +++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32489.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-32489", + "sourceIdentifier": "security_alert@emc.com", + "published": "2023-08-16T14:15:11.237", + "lastModified": "2023-08-16T15:17:05.683", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "\nDell PowerScale OneFS 8.2x -9.5x contains a privilege escalation vulnerability. A local attacker with high privileges could potentially exploit this vulnerability, to bypass mode protections and gain elevated privileges. \u00a0\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security_alert@emc.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 6.7, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "security_alert@emc.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-280" + } + ] + } + ], + "references": [ + { + "url": "https://www.dell.com/support/kbdoc/en-us/000216717/dsa-2023-269-security-update-for-dell-powerscale-onefs-for-multiple-security-vulnerabilities", + "source": "security_alert@emc.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32490.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32490.json new file mode 100644 index 00000000000..0fadaa89d27 --- /dev/null +++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32490.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-32490", + "sourceIdentifier": "security_alert@emc.com", + "published": "2023-08-16T14:15:11.343", + "lastModified": "2023-08-16T15:17:05.683", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "\nDell PowerScale OneFS 8.2x -9.5x contains an improper privilege management vulnerability. A high privilege local attacker could potentially exploit this vulnerability, leading to system takeover. \n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security_alert@emc.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 6.7, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "security_alert@emc.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-269" + } + ] + } + ], + "references": [ + { + "url": "https://www.dell.com/support/kbdoc/en-us/000216717/dsa-2023-269-security-update-for-dell-powerscale-onefs-for-multiple-security-vulnerabilities", + "source": "security_alert@emc.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32491.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32491.json new file mode 100644 index 00000000000..c4babf0bcf3 --- /dev/null +++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32491.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-32491", + "sourceIdentifier": "security_alert@emc.com", + "published": "2023-08-16T14:15:11.437", + "lastModified": "2023-08-16T15:17:05.683", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "\nDell PowerScale OneFS 9.5.0.x, contains an insertion of sensitive information into log file vulnerability in SNMPv3. A low privileges user could potentially exploit this vulnerability, leading to information disclosure.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security_alert@emc.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ] + }, + "weaknesses": [ + { + "source": "security_alert@emc.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-532" + } + ] + } + ], + "references": [ + { + "url": "https://www.dell.com/support/kbdoc/en-us/000216717/dsa-2023-269-security-update-for-dell-powerscale-onefs-for-multiple-security-vulnerabilities", + "source": "security_alert@emc.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32492.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32492.json new file mode 100644 index 00000000000..50eba0297b4 --- /dev/null +++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32492.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-32492", + "sourceIdentifier": "security_alert@emc.com", + "published": "2023-08-16T14:15:11.543", + "lastModified": "2023-08-16T15:17:05.683", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "\nDell PowerScale OneFS 9.5.0.x contains an incorrect default permissions vulnerability. A low-privileged local attacker could potentially exploit this vulnerability, leading to information disclosure or allowing to modify files.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security_alert@emc.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.4 + } + ] + }, + "weaknesses": [ + { + "source": "security_alert@emc.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-276" + } + ] + } + ], + "references": [ + { + "url": "https://www.dell.com/support/kbdoc/en-us/000216717/dsa-2023-269-security-update-for-dell-powerscale-onefs-for-multiple-security-vulnerabilities", + "source": "security_alert@emc.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32493.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32493.json new file mode 100644 index 00000000000..a0d4b21b34f --- /dev/null +++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32493.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-32493", + "sourceIdentifier": "security_alert@emc.com", + "published": "2023-08-16T14:15:11.663", + "lastModified": "2023-08-16T15:17:05.683", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "\nDell PowerScale OneFS, 9.5.0.x, contains a protection mechanism bypass vulnerability. An unprivileged, remote attacker could potentially exploit this vulnerability, leading to denial of service, information disclosure and remote execution.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security_alert@emc.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.3, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.4 + } + ] + }, + "weaknesses": [ + { + "source": "security_alert@emc.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-693" + } + ] + } + ], + "references": [ + { + "url": "https://www.dell.com/support/kbdoc/en-us/000216717/dsa-2023-269-security-update-for-dell-powerscale-onefs-for-multiple-security-vulnerabilities", + "source": "security_alert@emc.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32494.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32494.json index d0c09f0ad4e..441cb2ab7aa 100644 --- a/CVE-2023/CVE-2023-324xx/CVE-2023-32494.json +++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32494.json @@ -2,8 +2,8 @@ "id": "CVE-2023-32494", "sourceIdentifier": "security_alert@emc.com", "published": "2023-08-16T13:15:10.867", - "lastModified": "2023-08-16T13:15:10.867", - "vulnStatus": "Received", + "lastModified": "2023-08-16T15:17:05.683", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-324xx/CVE-2023-32495.json b/CVE-2023/CVE-2023-324xx/CVE-2023-32495.json new file mode 100644 index 00000000000..44cfa294baf --- /dev/null +++ b/CVE-2023/CVE-2023-324xx/CVE-2023-32495.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-32495", + "sourceIdentifier": "security_alert@emc.com", + "published": "2023-08-16T14:15:11.777", + "lastModified": "2023-08-16T15:17:05.683", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "\nDell PowerScale OneFS, 8.2.x-9.5.x, contains a exposure of sensitive information to an unauthorized Actor vulnerability. An authorized local attacker could potentially exploit this vulnerability, leading to escalation of privileges.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security_alert@emc.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "security_alert@emc.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-200" + } + ] + } + ], + "references": [ + { + "url": "https://www.dell.com/support/kbdoc/en-us/000216717/dsa-2023-269-security-update-for-dell-powerscale-onefs-for-multiple-security-vulnerabilities", + "source": "security_alert@emc.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-336xx/CVE-2023-33663.json b/CVE-2023/CVE-2023-336xx/CVE-2023-33663.json new file mode 100644 index 00000000000..85bfa660eb3 --- /dev/null +++ b/CVE-2023/CVE-2023-336xx/CVE-2023-33663.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-33663", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-16T14:15:11.863", + "lastModified": "2023-08-16T15:16:57.723", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "In the module \u201cCustomization fields fee for your store\u201d (aicustomfee) from ai-dev module for PrestaShop, an attacker can perform SQL injection up to 0.2.0. Release 0.2.1 fixed this security issue." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://security.friendsofpresta.org/modules/2023/08/16/aicustomfee.html", + "source": "cve@mitre.org" + }, + { + "url": "https://www.boutique.ai-dev.fr/en/customization/62-customization-fee.html", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-343xx/CVE-2023-34374.json b/CVE-2023/CVE-2023-343xx/CVE-2023-34374.json index 9c6106ec31c..4ab52e7364a 100644 --- a/CVE-2023/CVE-2023-343xx/CVE-2023-34374.json +++ b/CVE-2023/CVE-2023-343xx/CVE-2023-34374.json @@ -2,8 +2,8 @@ "id": "CVE-2023-34374", "sourceIdentifier": "audit@patchstack.com", "published": "2023-08-10T12:15:10.973", - "lastModified": "2023-08-10T12:43:50.693", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-16T14:11:01.637", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 4.8, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.7, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +66,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:anspress:anspress:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "4.3.0", + "matchCriteriaId": "D474341A-5330-4693-AABE-6805202B7023" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/anspress-question-answer/wordpress-anspress-question-and-answer-plugin-4-3-0-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-389xx/CVE-2023-38904.json b/CVE-2023/CVE-2023-389xx/CVE-2023-38904.json new file mode 100644 index 00000000000..1f86a475d07 --- /dev/null +++ b/CVE-2023/CVE-2023-389xx/CVE-2023-38904.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-38904", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-16T14:15:11.927", + "lastModified": "2023-08-16T15:16:57.723", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "A Cross Site Scripting (XSS) vulnerability in Netlify CMS v.2.10.192 allows a remote attacker to execute arbitrary code via a crafted payload to the body parameter of the new post function." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://www.exploit-db.com/exploits/51576", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-391xx/CVE-2023-39115.json b/CVE-2023/CVE-2023-391xx/CVE-2023-39115.json new file mode 100644 index 00000000000..46be3753b80 --- /dev/null +++ b/CVE-2023/CVE-2023-391xx/CVE-2023-39115.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-39115", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-16T15:15:11.113", + "lastModified": "2023-08-16T15:16:57.723", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "install/aiz-uploader/upload in Campcodes Online Matrimonial Website System Script 3.3 allows XSS via a crafted SVG document." + } + ], + "metrics": {}, + "references": [ + { + "url": "http://packetstormsecurity.com/files/173950/Campcodes-Online-Matrimonial-Website-System-3.3-Cross-Site-Scripting.html", + "source": "cve@mitre.org" + }, + { + "url": "https://www.campcodes.com/projects/php/online-matrimonial-website-system-script-in-php/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-393xx/CVE-2023-39342.json b/CVE-2023/CVE-2023-393xx/CVE-2023-39342.json index fd67144f009..de4c4d9163d 100644 --- a/CVE-2023/CVE-2023-393xx/CVE-2023-39342.json +++ b/CVE-2023/CVE-2023-393xx/CVE-2023-39342.json @@ -2,8 +2,8 @@ "id": "CVE-2023-39342", "sourceIdentifier": "security-advisories@github.com", "published": "2023-08-08T18:15:24.133", - "lastModified": "2023-08-08T18:32:54.523", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-08-16T15:35:33.843", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 3.6, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 1.8, + "impactScore": 1.4 + }, { "source": "security-advisories@github.com", "type": "Secondary", @@ -46,18 +66,46 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:freedom:dangerzone:*:*:*:*:*:*:*:*", + "versionEndExcluding": "0.4.2", + "matchCriteriaId": "CE5B94EF-57EA-41FC-B9C6-124E61ABC14D" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/freedomofpress/dangerzone/pull/491", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] }, { "url": "https://github.com/freedomofpress/dangerzone/releases/tag/v0.4.2", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Release Notes" + ] }, { "url": "https://github.com/freedomofpress/dangerzone/security/advisories/GHSA-pvwq-6vpp-2632", - "source": "security-advisories@github.com" + "source": "security-advisories@github.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-399xx/CVE-2023-39975.json b/CVE-2023/CVE-2023-399xx/CVE-2023-39975.json new file mode 100644 index 00000000000..58a91446bba --- /dev/null +++ b/CVE-2023/CVE-2023-399xx/CVE-2023-39975.json @@ -0,0 +1,28 @@ +{ + "id": "CVE-2023-39975", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-08-16T15:15:11.277", + "lastModified": "2023-08-16T15:16:57.723", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "kdc/do_tgs_req.c in MIT Kerberos 5 (aka krb5) 1.21 before 1.21.2 has a double free that is reachable if an authenticated user can trigger an authorization-data handling failure. Incorrect data is copied from one ticket to another." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/krb5/krb5/commit/88a1701b423c13991a8064feeb26952d3641d840", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/krb5/krb5/compare/krb5-1.21.1-final...krb5-1.21.2-final", + "source": "cve@mitre.org" + }, + { + "url": "https://web.mit.edu/kerberos/www/advisories/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-403xx/CVE-2023-40336.json b/CVE-2023/CVE-2023-403xx/CVE-2023-40336.json new file mode 100644 index 00000000000..a0154aee13c --- /dev/null +++ b/CVE-2023/CVE-2023-403xx/CVE-2023-40336.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-40336", + "sourceIdentifier": "jenkinsci-cert@googlegroups.com", + "published": "2023-08-16T15:15:11.347", + "lastModified": "2023-08-16T15:16:57.723", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "A cross-site request forgery (CSRF) vulnerability in Jenkins Folders Plugin 6.846.v23698686f0f6 and earlier allows attackers to copy folders." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3106", + "source": "jenkinsci-cert@googlegroups.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-403xx/CVE-2023-40337.json b/CVE-2023/CVE-2023-403xx/CVE-2023-40337.json new file mode 100644 index 00000000000..dae8e7abca2 --- /dev/null +++ b/CVE-2023/CVE-2023-403xx/CVE-2023-40337.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-40337", + "sourceIdentifier": "jenkinsci-cert@googlegroups.com", + "published": "2023-08-16T15:15:11.420", + "lastModified": "2023-08-16T15:16:57.723", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "A cross-site request forgery (CSRF) vulnerability in Jenkins Folders Plugin 6.846.v23698686f0f6 and earlier allows attackers to copy a view inside a folder." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3105", + "source": "jenkinsci-cert@googlegroups.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-403xx/CVE-2023-40338.json b/CVE-2023/CVE-2023-403xx/CVE-2023-40338.json new file mode 100644 index 00000000000..380869398be --- /dev/null +++ b/CVE-2023/CVE-2023-403xx/CVE-2023-40338.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-40338", + "sourceIdentifier": "jenkinsci-cert@googlegroups.com", + "published": "2023-08-16T15:15:11.483", + "lastModified": "2023-08-16T15:16:57.723", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Jenkins Folders Plugin 6.846.v23698686f0f6 and earlier displays an error message that includes an absolute path of a log file when attempting to access the Scan Organization Folder Log if no logs are available, exposing information about the Jenkins controller file system." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3109", + "source": "jenkinsci-cert@googlegroups.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-403xx/CVE-2023-40339.json b/CVE-2023/CVE-2023-403xx/CVE-2023-40339.json new file mode 100644 index 00000000000..24828dcc587 --- /dev/null +++ b/CVE-2023/CVE-2023-403xx/CVE-2023-40339.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-40339", + "sourceIdentifier": "jenkinsci-cert@googlegroups.com", + "published": "2023-08-16T15:15:11.547", + "lastModified": "2023-08-16T15:16:57.723", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Jenkins Config File Provider Plugin 952.va_544a_6234b_46 and earlier does not mask (i.e., replace with asterisks) credentials specified in configuration files when they're written to the build log." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3090", + "source": "jenkinsci-cert@googlegroups.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-403xx/CVE-2023-40340.json b/CVE-2023/CVE-2023-403xx/CVE-2023-40340.json new file mode 100644 index 00000000000..8197bad776e --- /dev/null +++ b/CVE-2023/CVE-2023-403xx/CVE-2023-40340.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-40340", + "sourceIdentifier": "jenkinsci-cert@googlegroups.com", + "published": "2023-08-16T15:15:11.620", + "lastModified": "2023-08-16T15:16:57.723", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Jenkins NodeJS Plugin 1.6.0 and earlier does not properly mask (i.e., replace with asterisks) credentials specified in the Npm config file in Pipeline build logs." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3196", + "source": "jenkinsci-cert@googlegroups.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-403xx/CVE-2023-40341.json b/CVE-2023/CVE-2023-403xx/CVE-2023-40341.json new file mode 100644 index 00000000000..ad7623d798c --- /dev/null +++ b/CVE-2023/CVE-2023-403xx/CVE-2023-40341.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-40341", + "sourceIdentifier": "jenkinsci-cert@googlegroups.com", + "published": "2023-08-16T15:15:11.683", + "lastModified": "2023-08-16T15:16:57.723", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "A cross-site request forgery (CSRF) vulnerability in Jenkins Blue Ocean Plugin 1.27.5 and earlier allows attackers to connect to an attacker-specified URL, capturing GitHub credentials associated with an attacker-specified job." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3116", + "source": "jenkinsci-cert@googlegroups.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-403xx/CVE-2023-40342.json b/CVE-2023/CVE-2023-403xx/CVE-2023-40342.json new file mode 100644 index 00000000000..7af7388f796 --- /dev/null +++ b/CVE-2023/CVE-2023-403xx/CVE-2023-40342.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-40342", + "sourceIdentifier": "jenkinsci-cert@googlegroups.com", + "published": "2023-08-16T15:15:11.753", + "lastModified": "2023-08-16T15:16:57.723", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Jenkins Flaky Test Handler Plugin 1.2.2 and earlier does not escape JUnit test contents when showing them on the Jenkins UI, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control JUnit report file contents." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3223", + "source": "jenkinsci-cert@googlegroups.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-403xx/CVE-2023-40343.json b/CVE-2023/CVE-2023-403xx/CVE-2023-40343.json new file mode 100644 index 00000000000..97dee1c2cb2 --- /dev/null +++ b/CVE-2023/CVE-2023-403xx/CVE-2023-40343.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-40343", + "sourceIdentifier": "jenkinsci-cert@googlegroups.com", + "published": "2023-08-16T15:15:11.817", + "lastModified": "2023-08-16T15:16:57.723", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Jenkins Tuleap Authentication Plugin 1.1.20 and earlier uses a non-constant time comparison function when validating an authentication token allowing attackers to use statistical methods to obtain a valid authentication token." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3229", + "source": "jenkinsci-cert@googlegroups.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-403xx/CVE-2023-40344.json b/CVE-2023/CVE-2023-403xx/CVE-2023-40344.json new file mode 100644 index 00000000000..beb34d46b05 --- /dev/null +++ b/CVE-2023/CVE-2023-403xx/CVE-2023-40344.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-40344", + "sourceIdentifier": "jenkinsci-cert@googlegroups.com", + "published": "2023-08-16T15:15:11.880", + "lastModified": "2023-08-16T15:16:57.723", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "A missing permission check in Jenkins Delphix Plugin 3.0.2 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3214%20(1)", + "source": "jenkinsci-cert@googlegroups.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-403xx/CVE-2023-40345.json b/CVE-2023/CVE-2023-403xx/CVE-2023-40345.json new file mode 100644 index 00000000000..38bbb265ae9 --- /dev/null +++ b/CVE-2023/CVE-2023-403xx/CVE-2023-40345.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-40345", + "sourceIdentifier": "jenkinsci-cert@googlegroups.com", + "published": "2023-08-16T15:15:11.937", + "lastModified": "2023-08-16T15:16:57.723", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Jenkins Delphix Plugin 3.0.2 and earlier does not set the appropriate context for credentials lookup, allowing attackers with Overall/Read permission to access and capture credentials they are not entitled to." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3214%20(2)", + "source": "jenkinsci-cert@googlegroups.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-403xx/CVE-2023-40346.json b/CVE-2023/CVE-2023-403xx/CVE-2023-40346.json new file mode 100644 index 00000000000..1f8374b1f52 --- /dev/null +++ b/CVE-2023/CVE-2023-403xx/CVE-2023-40346.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-40346", + "sourceIdentifier": "jenkinsci-cert@googlegroups.com", + "published": "2023-08-16T15:15:12.000", + "lastModified": "2023-08-16T15:16:57.723", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Jenkins Shortcut Job Plugin 0.4 and earlier does not escape the shortcut redirection URL, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to configure shortcut jobs." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3071", + "source": "jenkinsci-cert@googlegroups.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-403xx/CVE-2023-40347.json b/CVE-2023/CVE-2023-403xx/CVE-2023-40347.json new file mode 100644 index 00000000000..58b63bf6dd0 --- /dev/null +++ b/CVE-2023/CVE-2023-403xx/CVE-2023-40347.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-40347", + "sourceIdentifier": "jenkinsci-cert@googlegroups.com", + "published": "2023-08-16T15:15:12.060", + "lastModified": "2023-08-16T15:16:57.723", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Jenkins Maven Artifact ChoiceListProvider (Nexus) Plugin 1.14 and earlier does not set the appropriate context for credentials lookup, allowing attackers with Item/Configure permission to access and capture credentials they are not entitled to." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3153", + "source": "jenkinsci-cert@googlegroups.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-403xx/CVE-2023-40348.json b/CVE-2023/CVE-2023-403xx/CVE-2023-40348.json new file mode 100644 index 00000000000..93de29db8fd --- /dev/null +++ b/CVE-2023/CVE-2023-403xx/CVE-2023-40348.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-40348", + "sourceIdentifier": "jenkinsci-cert@googlegroups.com", + "published": "2023-08-16T15:15:12.127", + "lastModified": "2023-08-16T15:16:57.723", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "The webhook endpoint in Jenkins Gogs Plugin 1.0.15 and earlier provides unauthenticated attackers information about the existence of jobs in its output." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-2894", + "source": "jenkinsci-cert@googlegroups.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-403xx/CVE-2023-40349.json b/CVE-2023/CVE-2023-403xx/CVE-2023-40349.json new file mode 100644 index 00000000000..3b82f5c2234 --- /dev/null +++ b/CVE-2023/CVE-2023-403xx/CVE-2023-40349.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-40349", + "sourceIdentifier": "jenkinsci-cert@googlegroups.com", + "published": "2023-08-16T15:15:12.187", + "lastModified": "2023-08-16T15:16:57.723", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Jenkins Gogs Plugin 1.0.15 and earlier improperly initializes an option to secure its webhook endpoint, allowing unauthenticated attackers to trigger builds of jobs." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-2894", + "source": "jenkinsci-cert@googlegroups.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-403xx/CVE-2023-40350.json b/CVE-2023/CVE-2023-403xx/CVE-2023-40350.json new file mode 100644 index 00000000000..5fe340edb14 --- /dev/null +++ b/CVE-2023/CVE-2023-403xx/CVE-2023-40350.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-40350", + "sourceIdentifier": "jenkinsci-cert@googlegroups.com", + "published": "2023-08-16T15:15:12.250", + "lastModified": "2023-08-16T15:16:57.723", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Jenkins Docker Swarm Plugin 1.11 and earlier does not escape values returned from Docker before inserting them into the Docker Swarm Dashboard view, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control responses from Docker." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-2811", + "source": "jenkinsci-cert@googlegroups.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-403xx/CVE-2023-40351.json b/CVE-2023/CVE-2023-403xx/CVE-2023-40351.json new file mode 100644 index 00000000000..d3e6b420622 --- /dev/null +++ b/CVE-2023/CVE-2023-403xx/CVE-2023-40351.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-40351", + "sourceIdentifier": "jenkinsci-cert@googlegroups.com", + "published": "2023-08-16T15:15:12.313", + "lastModified": "2023-08-16T15:16:57.723", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "A cross-site request forgery (CSRF) vulnerability in Jenkins Favorite View Plugin 5.v77a_37f62782d and earlier allows attackers to add or remove views from another user's favorite views tab bar." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3201", + "source": "jenkinsci-cert@googlegroups.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 7c7a97eace7..934f8967014 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-08-16T14:00:31.746165+00:00 +2023-08-16T16:00:33.687780+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-08-16T13:59:24.893000+00:00 +2023-08-16T15:38:26.680000+00:00 ``` ### Last Data Feed Release @@ -29,61 +29,69 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -222796 +222825 ``` ### CVEs added in the last Commit -Recently added CVEs: `17` +Recently added CVEs: `29` -* [CVE-2020-26037](CVE-2020/CVE-2020-260xx/CVE-2020-26037.json) (`2023-08-16T13:15:10.413`) -* [CVE-2022-4782](CVE-2022/CVE-2022-47xx/CVE-2022-4782.json) (`2023-08-16T12:15:11.540`) -* [CVE-2023-0058](CVE-2023/CVE-2023-00xx/CVE-2023-0058.json) (`2023-08-16T12:15:11.977`) -* [CVE-2023-0274](CVE-2023/CVE-2023-02xx/CVE-2023-0274.json) (`2023-08-16T12:15:12.067`) -* [CVE-2023-0551](CVE-2023/CVE-2023-05xx/CVE-2023-0551.json) (`2023-08-16T12:15:12.150`) -* [CVE-2023-0579](CVE-2023/CVE-2023-05xx/CVE-2023-0579.json) (`2023-08-16T12:15:12.233`) -* [CVE-2023-1110](CVE-2023/CVE-2023-11xx/CVE-2023-1110.json) (`2023-08-16T12:15:12.337`) -* [CVE-2023-1465](CVE-2023/CVE-2023-14xx/CVE-2023-1465.json) (`2023-08-16T12:15:12.420`) -* [CVE-2023-1977](CVE-2023/CVE-2023-19xx/CVE-2023-1977.json) (`2023-08-16T12:15:12.510`) -* [CVE-2023-2122](CVE-2023/CVE-2023-21xx/CVE-2023-2122.json) (`2023-08-16T12:15:12.607`) -* [CVE-2023-2123](CVE-2023/CVE-2023-21xx/CVE-2023-2123.json) (`2023-08-16T12:15:12.700`) -* [CVE-2023-2225](CVE-2023/CVE-2023-22xx/CVE-2023-2225.json) (`2023-08-16T12:15:12.797`) -* [CVE-2023-2254](CVE-2023/CVE-2023-22xx/CVE-2023-2254.json) (`2023-08-16T12:15:12.887`) -* [CVE-2023-2271](CVE-2023/CVE-2023-22xx/CVE-2023-2271.json) (`2023-08-16T12:15:12.967`) -* [CVE-2023-2272](CVE-2023/CVE-2023-22xx/CVE-2023-2272.json) (`2023-08-16T12:15:13.053`) -* [CVE-2023-4381](CVE-2023/CVE-2023-43xx/CVE-2023-4381.json) (`2023-08-16T12:15:13.973`) -* [CVE-2023-32494](CVE-2023/CVE-2023-324xx/CVE-2023-32494.json) (`2023-08-16T13:15:10.867`) +* [CVE-2023-40336](CVE-2023/CVE-2023-403xx/CVE-2023-40336.json) (`2023-08-16T15:15:11.347`) +* [CVE-2023-40337](CVE-2023/CVE-2023-403xx/CVE-2023-40337.json) (`2023-08-16T15:15:11.420`) +* [CVE-2023-40338](CVE-2023/CVE-2023-403xx/CVE-2023-40338.json) (`2023-08-16T15:15:11.483`) +* [CVE-2023-40339](CVE-2023/CVE-2023-403xx/CVE-2023-40339.json) (`2023-08-16T15:15:11.547`) +* [CVE-2023-40340](CVE-2023/CVE-2023-403xx/CVE-2023-40340.json) (`2023-08-16T15:15:11.620`) +* [CVE-2023-40341](CVE-2023/CVE-2023-403xx/CVE-2023-40341.json) (`2023-08-16T15:15:11.683`) +* [CVE-2023-40342](CVE-2023/CVE-2023-403xx/CVE-2023-40342.json) (`2023-08-16T15:15:11.753`) +* [CVE-2023-40343](CVE-2023/CVE-2023-403xx/CVE-2023-40343.json) (`2023-08-16T15:15:11.817`) +* [CVE-2023-40344](CVE-2023/CVE-2023-403xx/CVE-2023-40344.json) (`2023-08-16T15:15:11.880`) +* [CVE-2023-40345](CVE-2023/CVE-2023-403xx/CVE-2023-40345.json) (`2023-08-16T15:15:11.937`) +* [CVE-2023-40346](CVE-2023/CVE-2023-403xx/CVE-2023-40346.json) (`2023-08-16T15:15:12.000`) +* [CVE-2023-40347](CVE-2023/CVE-2023-403xx/CVE-2023-40347.json) (`2023-08-16T15:15:12.060`) +* [CVE-2023-40348](CVE-2023/CVE-2023-403xx/CVE-2023-40348.json) (`2023-08-16T15:15:12.127`) +* [CVE-2023-40349](CVE-2023/CVE-2023-403xx/CVE-2023-40349.json) (`2023-08-16T15:15:12.187`) +* [CVE-2023-40350](CVE-2023/CVE-2023-403xx/CVE-2023-40350.json) (`2023-08-16T15:15:12.250`) +* [CVE-2023-40351](CVE-2023/CVE-2023-403xx/CVE-2023-40351.json) (`2023-08-16T15:15:12.313`) +* [CVE-2023-32486](CVE-2023/CVE-2023-324xx/CVE-2023-32486.json) (`2023-08-16T14:15:10.837`) +* [CVE-2023-32487](CVE-2023/CVE-2023-324xx/CVE-2023-32487.json) (`2023-08-16T14:15:11.047`) +* [CVE-2023-32488](CVE-2023/CVE-2023-324xx/CVE-2023-32488.json) (`2023-08-16T14:15:11.133`) +* [CVE-2023-32489](CVE-2023/CVE-2023-324xx/CVE-2023-32489.json) (`2023-08-16T14:15:11.237`) +* [CVE-2023-32490](CVE-2023/CVE-2023-324xx/CVE-2023-32490.json) (`2023-08-16T14:15:11.343`) +* [CVE-2023-32491](CVE-2023/CVE-2023-324xx/CVE-2023-32491.json) (`2023-08-16T14:15:11.437`) +* [CVE-2023-32492](CVE-2023/CVE-2023-324xx/CVE-2023-32492.json) (`2023-08-16T14:15:11.543`) +* [CVE-2023-32493](CVE-2023/CVE-2023-324xx/CVE-2023-32493.json) (`2023-08-16T14:15:11.663`) +* [CVE-2023-32495](CVE-2023/CVE-2023-324xx/CVE-2023-32495.json) (`2023-08-16T14:15:11.777`) ### CVEs modified in the last Commit -Recently modified CVEs: `30` +Recently modified CVEs: `32` -* [CVE-2023-26140](CVE-2023/CVE-2023-261xx/CVE-2023-26140.json) (`2023-08-16T12:02:41.873`) -* [CVE-2023-3958](CVE-2023/CVE-2023-39xx/CVE-2023-3958.json) (`2023-08-16T12:02:41.873`) -* [CVE-2023-4374](CVE-2023/CVE-2023-43xx/CVE-2023-4374.json) (`2023-08-16T12:02:41.873`) -* [CVE-2023-39507](CVE-2023/CVE-2023-395xx/CVE-2023-39507.json) (`2023-08-16T12:02:41.873`) -* [CVE-2023-30473](CVE-2023/CVE-2023-304xx/CVE-2023-30473.json) (`2023-08-16T12:02:41.873`) -* [CVE-2023-30782](CVE-2023/CVE-2023-307xx/CVE-2023-30782.json) (`2023-08-16T12:02:41.873`) -* [CVE-2023-30784](CVE-2023/CVE-2023-307xx/CVE-2023-30784.json) (`2023-08-16T12:02:41.873`) -* [CVE-2023-30785](CVE-2023/CVE-2023-307xx/CVE-2023-30785.json) (`2023-08-16T12:02:41.873`) -* [CVE-2023-30786](CVE-2023/CVE-2023-307xx/CVE-2023-30786.json) (`2023-08-16T12:02:41.873`) -* [CVE-2023-30779](CVE-2023/CVE-2023-307xx/CVE-2023-30779.json) (`2023-08-16T12:02:41.873`) -* [CVE-2023-30871](CVE-2023/CVE-2023-308xx/CVE-2023-30871.json) (`2023-08-16T12:02:41.873`) -* [CVE-2023-4241](CVE-2023/CVE-2023-42xx/CVE-2023-4241.json) (`2023-08-16T12:02:41.873`) -* [CVE-2023-31448](CVE-2023/CVE-2023-314xx/CVE-2023-31448.json) (`2023-08-16T12:15:13.193`) -* [CVE-2023-31449](CVE-2023/CVE-2023-314xx/CVE-2023-31449.json) (`2023-08-16T12:15:13.380`) -* [CVE-2023-31450](CVE-2023/CVE-2023-314xx/CVE-2023-31450.json) (`2023-08-16T12:15:13.460`) -* [CVE-2023-31452](CVE-2023/CVE-2023-314xx/CVE-2023-31452.json) (`2023-08-16T12:15:13.540`) -* [CVE-2023-32781](CVE-2023/CVE-2023-327xx/CVE-2023-32781.json) (`2023-08-16T12:15:13.637`) -* [CVE-2023-32782](CVE-2023/CVE-2023-327xx/CVE-2023-32782.json) (`2023-08-16T12:15:13.717`) -* [CVE-2023-37581](CVE-2023/CVE-2023-375xx/CVE-2023-37581.json) (`2023-08-16T12:15:13.800`) -* [CVE-2023-32560](CVE-2023/CVE-2023-325xx/CVE-2023-32560.json) (`2023-08-16T13:04:36.617`) -* [CVE-2023-32561](CVE-2023/CVE-2023-325xx/CVE-2023-32561.json) (`2023-08-16T13:04:53.757`) -* [CVE-2023-39963](CVE-2023/CVE-2023-399xx/CVE-2023-39963.json) (`2023-08-16T13:39:48.010`) -* [CVE-2023-40224](CVE-2023/CVE-2023-402xx/CVE-2023-40224.json) (`2023-08-16T13:40:53.350`) -* [CVE-2023-39962](CVE-2023/CVE-2023-399xx/CVE-2023-39962.json) (`2023-08-16T13:54:56.917`) -* [CVE-2023-36530](CVE-2023/CVE-2023-365xx/CVE-2023-36530.json) (`2023-08-16T13:59:24.893`) +* [CVE-2018-14469](CVE-2018/CVE-2018-144xx/CVE-2018-14469.json) (`2023-08-16T14:17:11.363`) +* [CVE-2018-14879](CVE-2018/CVE-2018-148xx/CVE-2018-14879.json) (`2023-08-16T14:17:11.363`) +* [CVE-2018-14880](CVE-2018/CVE-2018-148xx/CVE-2018-14880.json) (`2023-08-16T14:17:11.363`) +* [CVE-2018-14882](CVE-2018/CVE-2018-148xx/CVE-2018-14882.json) (`2023-08-16T14:17:11.363`) +* [CVE-2018-16229](CVE-2018/CVE-2018-162xx/CVE-2018-16229.json) (`2023-08-16T14:17:11.363`) +* [CVE-2019-9070](CVE-2019/CVE-2019-90xx/CVE-2019-9070.json) (`2023-08-16T14:17:11.363`) +* [CVE-2019-9077](CVE-2019/CVE-2019-90xx/CVE-2019-9077.json) (`2023-08-16T14:17:11.363`) +* [CVE-2019-11477](CVE-2019/CVE-2019-114xx/CVE-2019-11477.json) (`2023-08-16T14:17:11.363`) +* [CVE-2019-11478](CVE-2019/CVE-2019-114xx/CVE-2019-11478.json) (`2023-08-16T14:17:11.363`) +* [CVE-2019-11479](CVE-2019/CVE-2019-114xx/CVE-2019-11479.json) (`2023-08-16T14:17:11.363`) +* [CVE-2020-36082](CVE-2020/CVE-2020-360xx/CVE-2020-36082.json) (`2023-08-16T14:04:42.477`) +* [CVE-2020-5854](CVE-2020/CVE-2020-58xx/CVE-2020-5854.json) (`2023-08-16T14:17:11.363`) +* [CVE-2020-26037](CVE-2020/CVE-2020-260xx/CVE-2020-26037.json) (`2023-08-16T15:17:05.683`) +* [CVE-2020-36138](CVE-2020/CVE-2020-361xx/CVE-2020-36138.json) (`2023-08-16T15:20:17.433`) +* [CVE-2020-24872](CVE-2020/CVE-2020-248xx/CVE-2020-24872.json) (`2023-08-16T15:36:30.877`) +* [CVE-2020-20523](CVE-2020/CVE-2020-205xx/CVE-2020-20523.json) (`2023-08-16T15:37:11.977`) +* [CVE-2020-27449](CVE-2020/CVE-2020-274xx/CVE-2020-27449.json) (`2023-08-16T15:37:52.250`) +* [CVE-2020-25915](CVE-2020/CVE-2020-259xx/CVE-2020-25915.json) (`2023-08-16T15:38:13.947`) +* [CVE-2020-24075](CVE-2020/CVE-2020-240xx/CVE-2020-24075.json) (`2023-08-16T15:38:26.680`) +* [CVE-2021-25857](CVE-2021/CVE-2021-258xx/CVE-2021-25857.json) (`2023-08-16T15:01:25.317`) +* [CVE-2021-25856](CVE-2021/CVE-2021-258xx/CVE-2021-25856.json) (`2023-08-16T15:06:10.420`) +* [CVE-2021-25786](CVE-2021/CVE-2021-257xx/CVE-2021-25786.json) (`2023-08-16T15:21:03.207`) +* [CVE-2023-34374](CVE-2023/CVE-2023-343xx/CVE-2023-34374.json) (`2023-08-16T14:11:01.637`) +* [CVE-2023-32494](CVE-2023/CVE-2023-324xx/CVE-2023-32494.json) (`2023-08-16T15:17:05.683`) +* [CVE-2023-39342](CVE-2023/CVE-2023-393xx/CVE-2023-39342.json) (`2023-08-16T15:35:33.843`) ## Download and Usage