diff --git a/CVE-2019/CVE-2019-106xx/CVE-2019-10692.json b/CVE-2019/CVE-2019-106xx/CVE-2019-10692.json index 689a8b5d199..48af1c25ed7 100644 --- a/CVE-2019/CVE-2019-106xx/CVE-2019-10692.json +++ b/CVE-2019/CVE-2019-106xx/CVE-2019-10692.json @@ -2,7 +2,7 @@ "id": "CVE-2019-10692", "sourceIdentifier": "cve@mitre.org", "published": "2019-04-02T18:30:20.927", - "lastModified": "2022-05-03T14:49:44.683", + "lastModified": "2023-05-23T20:30:59.777", "vulnStatus": "Analyzed", "descriptions": [ { @@ -84,9 +84,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:codecabin:wp_google_maps:*:*:*:*:*:wordpress:*:*", + "criteria": "cpe:2.3:a:codecabin:wp_go_maps:*:*:*:*:*:wordpress:*:*", "versionEndExcluding": "7.11.18", - "matchCriteriaId": "28432EF4-FE9C-43F0-BF46-A5F325426B6E" + "matchCriteriaId": "BC471390-68DF-4327-9329-5B44F3D9D94A" } ] } diff --git a/CVE-2019/CVE-2019-147xx/CVE-2019-14792.json b/CVE-2019/CVE-2019-147xx/CVE-2019-14792.json index bde658203ff..a0e1545e524 100644 --- a/CVE-2019/CVE-2019-147xx/CVE-2019-14792.json +++ b/CVE-2019/CVE-2019-147xx/CVE-2019-14792.json @@ -2,7 +2,7 @@ "id": "CVE-2019-14792", "sourceIdentifier": "cve@mitre.org", "published": "2019-08-09T13:15:12.247", - "lastModified": "2019-08-14T20:40:45.407", + "lastModified": "2023-05-23T20:30:59.777", "vulnStatus": "Analyzed", "descriptions": [ { @@ -84,9 +84,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:codecabin:wp_google_maps:*:*:*:*:*:wordpress:*:*", + "criteria": "cpe:2.3:a:codecabin:wp_go_maps:*:*:*:*:*:wordpress:*:*", "versionEndExcluding": "7.11.35", - "matchCriteriaId": "12252276-F0CE-4DB3-A086-3D1EB1FD897F" + "matchCriteriaId": "564C0E51-EF12-4A96-BA6D-F9679EE5D052" } ] } diff --git a/CVE-2020/CVE-2020-133xx/CVE-2020-13377.json b/CVE-2020/CVE-2020-133xx/CVE-2020-13377.json index 23349d6b29f..d2410693024 100644 --- a/CVE-2020/CVE-2020-133xx/CVE-2020-13377.json +++ b/CVE-2020/CVE-2020-133xx/CVE-2020-13377.json @@ -2,23 +2,83 @@ "id": "CVE-2020-13377", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-12T11:15:12.560", - "lastModified": "2023-05-12T14:21:57.583", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-23T20:27:38.897", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "The web-services interface of Loadbalancer.org Enterprise VA MAX through 8.3.8 could allow an authenticated, remote, low-privileged attacker to conduct directory traversal attacks and obtain read and write access to sensitive files." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 8.1, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.2 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:loadbalancer:enterprise_va_max:*:*:*:*:*:*:*:*", + "versionEndIncluding": "8.3.8", + "matchCriteriaId": "717820F5-BC57-4D5B-88A3-20381974868D" + } + ] + } + ] + } + ], "references": [ { "url": "https://inf0seq.github.io/cve/2020/04/21/Path-Traversal-in-Enterprise-loadbalancer-VA-MAX-v8.3.8-and-earlier.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://www.loadbalancer.org/products/virtual/enterprise-va-max/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Product" + ] } ] } \ No newline at end of file diff --git a/CVE-2021/CVE-2021-368xx/CVE-2021-36871.json b/CVE-2021/CVE-2021-368xx/CVE-2021-36871.json index 827ebc2c954..9149618c604 100644 --- a/CVE-2021/CVE-2021-368xx/CVE-2021-36871.json +++ b/CVE-2021/CVE-2021-368xx/CVE-2021-36871.json @@ -2,7 +2,7 @@ "id": "CVE-2021-36871", "sourceIdentifier": "audit@patchstack.com", "published": "2021-09-09T12:15:09.510", - "lastModified": "2021-09-17T19:57:25.227", + "lastModified": "2023-05-23T20:30:59.777", "vulnStatus": "Analyzed", "descriptions": [ { @@ -114,9 +114,9 @@ "cpeMatch": [ { "vulnerable": true, - "criteria": "cpe:2.3:a:codecabin:wp_google_maps:*:*:*:*:pro:wordpress:*:*", + "criteria": "cpe:2.3:a:codecabin:wp_go_maps:*:*:*:*:pro:wordpress:*:*", "versionEndIncluding": "8.1.11", - "matchCriteriaId": "3B40DE06-A20E-4C1C-A5E2-23AD30C6B433" + "matchCriteriaId": "54F46FAD-90B7-4C5A-B263-E74F86EDA494" } ] } diff --git a/CVE-2023/CVE-2023-15xx/CVE-2023-1508.json b/CVE-2023/CVE-2023-15xx/CVE-2023-1508.json new file mode 100644 index 00000000000..7272c6effdf --- /dev/null +++ b/CVE-2023/CVE-2023-15xx/CVE-2023-1508.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-1508", + "sourceIdentifier": "cve@usom.gov.tr", + "published": "2023-05-23T21:15:08.967", + "lastModified": "2023-05-23T21:15:08.967", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Adam Retail Automation Systems Mobilmen Terminal Software allows SQL Injection.This issue affects Mobilmen Terminal Software: before 3.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cve@usom.gov.tr", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "cve@usom.gov.tr", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://www.usom.gov.tr/bildirim/tr-23-0284", + "source": "cve@usom.gov.tr" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-18xx/CVE-2023-1837.json b/CVE-2023/CVE-2023-18xx/CVE-2023-1837.json index ff5be1be907..0dc0b69d36e 100644 --- a/CVE-2023/CVE-2023-18xx/CVE-2023-1837.json +++ b/CVE-2023/CVE-2023-18xx/CVE-2023-1837.json @@ -2,8 +2,8 @@ "id": "CVE-2023-1837", "sourceIdentifier": "security@hypr.com", "published": "2023-05-23T19:15:09.237", - "lastModified": "2023-05-23T19:15:09.237", - "vulnStatus": "Received", + "lastModified": "2023-05-23T20:48:24.597", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/CVE-2023/CVE-2023-232xx/CVE-2023-23298.json b/CVE-2023/CVE-2023-232xx/CVE-2023-23298.json new file mode 100644 index 00000000000..217cb10daaf --- /dev/null +++ b/CVE-2023/CVE-2023-232xx/CVE-2023-23298.json @@ -0,0 +1,28 @@ +{ + "id": "CVE-2023-23298", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-05-23T20:15:09.213", + "lastModified": "2023-05-23T20:48:24.597", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "The `Toybox.Graphics.BufferedBitmap.initialize` API method in CIQ API version 2.3.0 through 4.1.7 does not validate its parameters, which can result in integer overflows when allocating the underlying bitmap buffer. A malicious application could call the API method with specially crafted parameters and hijack the execution of the device's firmware." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://developer.garmin.com/connect-iq/api-docs/Toybox/Graphics/BufferedBitmap.html#initialize-instance_function", + "source": "cve@mitre.org" + }, + { + "url": "https://developer.garmin.com/connect-iq/compatible-devices/", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/anvilsecure/garmin-ciq-app-research/blob/main/advisories/CVE-2023-23298.md", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-232xx/CVE-2023-23299.json b/CVE-2023/CVE-2023-232xx/CVE-2023-23299.json new file mode 100644 index 00000000000..9282d2c5a36 --- /dev/null +++ b/CVE-2023/CVE-2023-232xx/CVE-2023-23299.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-23299", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-05-23T20:15:09.330", + "lastModified": "2023-05-23T20:48:24.597", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "The permission system implemented and enforced by the GarminOS TVM component in CIQ API version 1.0.0 through 4.1.7 can be bypassed entirely. A malicious application with specially crafted code and data sections could access restricted CIQ modules, call their functions and disclose sensitive data such as user profile information and GPS coordinates, among others." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://developer.garmin.com/connect-iq/core-topics/manifest-and-permissions/", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/anvilsecure/garmin-ciq-app-research/blob/main/advisories/CVE-2023-23299.md", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-233xx/CVE-2023-23300.json b/CVE-2023/CVE-2023-233xx/CVE-2023-23300.json new file mode 100644 index 00000000000..73b40128df6 --- /dev/null +++ b/CVE-2023/CVE-2023-233xx/CVE-2023-23300.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-23300", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-05-23T20:15:09.380", + "lastModified": "2023-05-23T20:48:24.597", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "The `Toybox.Cryptography.Cipher.initialize` API method in CIQ API version 3.0.0 through 4.1.7 does not validate its parameters, which can result in buffer overflows when copying data. A malicious application could call the API method with specially crafted parameters and hijack the execution of the device's firmware." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://developer.garmin.com/connect-iq/api-docs/Toybox/Cryptography/Cipher.html#initialize-instance_function", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/anvilsecure/garmin-ciq-app-research/blob/main/advisories/CVE-2023-23300.md", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-233xx/CVE-2023-23301.json b/CVE-2023/CVE-2023-233xx/CVE-2023-23301.json new file mode 100644 index 00000000000..454e0712cee --- /dev/null +++ b/CVE-2023/CVE-2023-233xx/CVE-2023-23301.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-23301", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-05-23T20:15:09.427", + "lastModified": "2023-05-23T20:48:24.597", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "The `news` MonkeyC operation code in CIQ API version 1.0.0 through 4.1.7 fails to check that string resources are not extending past the end of the expected sections. A malicious CIQ application could craft a string that starts near the end of a section, and whose length extends past its end. Upon loading the string, the GarminOS TVM component may read out-of-bounds memory." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/anvilsecure/garmin-ciq-app-research/blob/main/advisories/CVE-2023-23301.md", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-233xx/CVE-2023-23302.json b/CVE-2023/CVE-2023-233xx/CVE-2023-23302.json new file mode 100644 index 00000000000..26655b14991 --- /dev/null +++ b/CVE-2023/CVE-2023-233xx/CVE-2023-23302.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-23302", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-05-23T20:15:09.473", + "lastModified": "2023-05-23T20:48:24.597", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "The `Toybox.GenericChannel.setDeviceConfig` API method in CIQ API version 1.2.0 through 4.1.7 does not validate its parameter, which can result in buffer overflows when copying various attributes. A malicious application could call the API method with specially crafted object and hijack the execution of the device's firmware." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://developer.garmin.com/connect-iq/api-docs/Toybox/Ant/GenericChannel.html#setDeviceConfig-instance_function", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/anvilsecure/garmin-ciq-app-research/blob/main/advisories/CVE-2023-23302.md", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-233xx/CVE-2023-23303.json b/CVE-2023/CVE-2023-233xx/CVE-2023-23303.json new file mode 100644 index 00000000000..0ab790f3cc4 --- /dev/null +++ b/CVE-2023/CVE-2023-233xx/CVE-2023-23303.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-23303", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-05-23T20:15:09.523", + "lastModified": "2023-05-23T20:48:24.597", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "The `Toybox.Ant.GenericChannel.enableEncryption` API method in CIQ API version 3.2.0 through 4.1.7 does not validate its parameter, which can result in buffer overflows when copying various attributes. A malicious application could call the API method with specially crafted object and hijack the execution of the device's firmware." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://developer.garmin.com/connect-iq/api-docs/Toybox/Ant/GenericChannel.html#enableEncryption-instance_function", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/anvilsecure/garmin-ciq-app-research/blob/main/advisories/CVE-2023-23303.md", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-233xx/CVE-2023-23304.json b/CVE-2023/CVE-2023-233xx/CVE-2023-23304.json new file mode 100644 index 00000000000..a471b852966 --- /dev/null +++ b/CVE-2023/CVE-2023-233xx/CVE-2023-23304.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-23304", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-05-23T20:15:09.573", + "lastModified": "2023-05-23T20:48:24.597", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "The GarminOS TVM component in CIQ API version 2.1.0 through 4.1.7 allows applications with a specially crafted head section to use the `Toybox.SensorHistory` module without permission. A malicious application could call any functions from the `Toybox.SensorHistory` module without the user's consent and disclose potentially private or sensitive information." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://developer.garmin.com/connect-iq/api-docs/Toybox/SensorHistory.html", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/anvilsecure/garmin-ciq-app-research/blob/main/advisories/CVE-2023-23304.md", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-233xx/CVE-2023-23305.json b/CVE-2023/CVE-2023-233xx/CVE-2023-23305.json new file mode 100644 index 00000000000..2659d0d8cee --- /dev/null +++ b/CVE-2023/CVE-2023-233xx/CVE-2023-23305.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-23305", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-05-23T20:15:09.627", + "lastModified": "2023-05-23T20:48:24.597", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "The GarminOS TVM component in CIQ API version 1.0.0 through 4.1.7 is vulnerable to various buffer overflows when loading binary resources. A malicious application embedding specially crafted resources could hijack the execution of the device's firmware." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/anvilsecure/garmin-ciq-app-research/blob/main/advisories/CVE-2023-23305.md", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-233xx/CVE-2023-23306.json b/CVE-2023/CVE-2023-233xx/CVE-2023-23306.json new file mode 100644 index 00000000000..544691ec661 --- /dev/null +++ b/CVE-2023/CVE-2023-233xx/CVE-2023-23306.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-23306", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-05-23T20:15:09.677", + "lastModified": "2023-05-23T20:48:24.597", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "The `Toybox.Ant.BurstPayload.add` API method in CIQ API version 2.2.0 through 4.1.7 suffers from a type confusion vulnreability, which can result in an out-of-bounds write operation. A malicious application could create a specially crafted `Toybox.Ant.BurstPayload` object, call its `add` method, override arbitrary memory and hijack the execution of the device's firmware." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://developer.garmin.com/connect-iq/api-docs/Toybox/Ant/BurstPayload.html#add-instance_function", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/anvilsecure/garmin-ciq-app-research/blob/main/advisories/CVE-2023-23306.md", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-238xx/CVE-2023-23867.json b/CVE-2023/CVE-2023-238xx/CVE-2023-23867.json index ac8bcbf7534..dc209ff9584 100644 --- a/CVE-2023/CVE-2023-238xx/CVE-2023-23867.json +++ b/CVE-2023/CVE-2023-238xx/CVE-2023-23867.json @@ -2,8 +2,8 @@ "id": "CVE-2023-23867", "sourceIdentifier": "audit@patchstack.com", "published": "2023-05-12T15:15:09.227", - "lastModified": "2023-05-15T12:54:48.827", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-23T20:37:47.907", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -46,10 +66,31 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:buttons_x_project:buttons_x:*:*:*:*:*:wordpress:*:*", + "versionEndIncluding": "0.8.6", + "matchCriteriaId": "816141CA-1EC6-4DB1-8918-A9B18F3781A0" + } + ] + } + ] + } + ], "references": [ { "url": "https://patchstack.com/database/vulnerability/buttons-x/wordpress-button-builder-buttons-x-plugin-0-8-6-cross-site-scripting-xss-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-26xx/CVE-2023-2676.json b/CVE-2023/CVE-2023-26xx/CVE-2023-2676.json index 43d70e3e4ad..0c749c488ad 100644 --- a/CVE-2023/CVE-2023-26xx/CVE-2023-2676.json +++ b/CVE-2023/CVE-2023-26xx/CVE-2023-2676.json @@ -2,8 +2,8 @@ "id": "CVE-2023-2676", "sourceIdentifier": "cna@vuldb.com", "published": "2023-05-12T09:15:10.610", - "lastModified": "2023-05-12T14:21:57.583", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-23T20:04:30.950", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -11,6 +11,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "cna@vuldb.com", @@ -71,18 +93,58 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:h3c:magic_r160_firmware:100r004:*:*:*:*:*:*:*", + "matchCriteriaId": "B7E1D53F-B053-45CC-9740-337347E2644B" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:h3c:magic_r160:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2F33A365-8F2A-4E8B-97E5-9D5303FF56CD" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/xinzhihen06/dxq-cve/blob/main/h3cr160.md", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?ctiid.228890", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] }, { "url": "https://vuldb.com/?id.228890", - "source": "cna@vuldb.com" + "source": "cna@vuldb.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-272xx/CVE-2023-27237.json b/CVE-2023/CVE-2023-272xx/CVE-2023-27237.json index 8d1cf0fe71e..321a9b03c65 100644 --- a/CVE-2023/CVE-2023-272xx/CVE-2023-27237.json +++ b/CVE-2023/CVE-2023-272xx/CVE-2023-27237.json @@ -2,35 +2,102 @@ "id": "CVE-2023-27237", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-12T11:15:12.773", - "lastModified": "2023-05-12T14:21:57.583", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-23T20:35:36.253", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "LavaLite CMS v 9.0.0 was discovered to be vulnerable to a host header injection attack." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:lavalite:lavalite:9.0.0:*:*:*:*:*:*:*", + "matchCriteriaId": "6150AF5B-17E6-4BFB-9980-F181A335022D" + } + ] + } + ] + } + ], "references": [ { "url": "http://lavalite.com", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Not Applicable" + ] }, { "url": "https://github.com/M19O/Security-Advisories/tree/main/CVE-2023-27237", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://i.ibb.co/34DSW7B/1.png", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] }, { "url": "https://i.ibb.co/kSkqPhQ/3.png", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] }, { "url": "https://i.ibb.co/mJq9CH8/2.png", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Broken Link" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-27xx/CVE-2023-2702.json b/CVE-2023/CVE-2023-27xx/CVE-2023-2702.json new file mode 100644 index 00000000000..d63ae3d3101 --- /dev/null +++ b/CVE-2023/CVE-2023-27xx/CVE-2023-2702.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-2702", + "sourceIdentifier": "cve@usom.gov.tr", + "published": "2023-05-23T20:15:09.730", + "lastModified": "2023-05-23T20:48:24.597", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Authorization Bypass Through User-Controlled Key vulnerability in Finex Media Competition Management System allows Authentication Abuse, Authentication Bypass.This issue affects Competition Management System: before 23.07.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cve@usom.gov.tr", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "cve@usom.gov.tr", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-639" + } + ] + } + ], + "references": [ + { + "url": "https://www.usom.gov.tr/bildirim/tr-23-0283", + "source": "cve@usom.gov.tr" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-27xx/CVE-2023-2703.json b/CVE-2023/CVE-2023-27xx/CVE-2023-2703.json new file mode 100644 index 00000000000..745ce8c66d5 --- /dev/null +++ b/CVE-2023/CVE-2023-27xx/CVE-2023-2703.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-2703", + "sourceIdentifier": "cve@usom.gov.tr", + "published": "2023-05-23T20:15:09.817", + "lastModified": "2023-05-23T20:48:24.597", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Exposure of Private Personal Information to an Unauthorized Actor vulnerability in Finex Media Competition Management System allows Retrieve Embedded Sensitive Data, Collect Data as Provided by Users.This issue affects Competition Management System: before 23.07.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cve@usom.gov.tr", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.6, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 4.7 + } + ] + }, + "weaknesses": [ + { + "source": "cve@usom.gov.tr", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-359" + } + ] + } + ], + "references": [ + { + "url": "https://www.usom.gov.tr/bildirim/tr-23-0283", + "source": "cve@usom.gov.tr" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-298xx/CVE-2023-29820.json b/CVE-2023/CVE-2023-298xx/CVE-2023-29820.json index be0b32bea22..531c4866372 100644 --- a/CVE-2023/CVE-2023-298xx/CVE-2023-29820.json +++ b/CVE-2023/CVE-2023-298xx/CVE-2023-29820.json @@ -2,27 +2,89 @@ "id": "CVE-2023-29820", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-12T11:15:12.960", - "lastModified": "2023-05-12T14:21:57.583", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-23T20:50:48.400", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "An issue found in Webroot SecureAnywhere Endpoint Protection CE 23.1 v.9.0.33.39 and before allows a local attacker to access sensitive information via the EXE installer." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-668" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:webroot:secureanywhere:*:*:*:*:*:*:*:*", + "versionEndIncluding": "9.0.33.39", + "matchCriteriaId": "0C51899D-9E7A-46A8-8EEF-8D0F54C05E73" + } + ] + } + ] + } + ], "references": [ { "url": "http://secureanywhere.com", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Product" + ] }, { "url": "http://webroot.com", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Product" + ] }, { "url": "https://www.spenceralessi.com/CVEs/2023-05-10-Webroot-SecureAnywhere/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-303xx/CVE-2023-30382.json b/CVE-2023/CVE-2023-303xx/CVE-2023-30382.json new file mode 100644 index 00000000000..ef2c154b0ee --- /dev/null +++ b/CVE-2023/CVE-2023-303xx/CVE-2023-30382.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-30382", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-05-23T21:15:09.073", + "lastModified": "2023-05-23T21:15:09.073", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A buffer overflow in the component hl.exe of Valve Half-Life up to 5433873 allows attackers to execute arbitrary code and escalate privileges by supplying crafted parameters." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://labs.jumpsec.com/advisory-cve-2023-30382-half-life-local-privilege-escalation/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-315xx/CVE-2023-31517.json b/CVE-2023/CVE-2023-315xx/CVE-2023-31517.json new file mode 100644 index 00000000000..c0af3d9095b --- /dev/null +++ b/CVE-2023/CVE-2023-315xx/CVE-2023-31517.json @@ -0,0 +1,24 @@ +{ + "id": "CVE-2023-31517", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-05-23T20:15:09.897", + "lastModified": "2023-05-23T20:48:24.597", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Teeworlds v0.7.5 was discovered to contain memory leaks." + } + ], + "metrics": {}, + "references": [ + { + "url": "http://teeworlds.com", + "source": "cve@mitre.org" + }, + { + "url": "https://gist.github.com/manba-bryant/9ca95d69c65f4d2c55946932c946fb9b", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-315xx/CVE-2023-31518.json b/CVE-2023/CVE-2023-315xx/CVE-2023-31518.json new file mode 100644 index 00000000000..c0986a51dc3 --- /dev/null +++ b/CVE-2023/CVE-2023-315xx/CVE-2023-31518.json @@ -0,0 +1,28 @@ +{ + "id": "CVE-2023-31518", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-05-23T20:15:09.947", + "lastModified": "2023-05-23T20:48:24.597", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "A heap use-after-free in the component CDataFileReader::GetItem of teeworlds v0.7.5 allows attackers to cause a Denial of Service (DoS) via a crafted map file." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://gist.github.com/manba-bryant/9ca95d69c65f4d2c55946932c946fb9b", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/teeworlds/teeworlds/issues/2970", + "source": "cve@mitre.org" + }, + { + "url": "https://mmmds.pl/fuzzing-map-parser-part-1-teeworlds/", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-317xx/CVE-2023-31752.json b/CVE-2023/CVE-2023-317xx/CVE-2023-31752.json new file mode 100644 index 00000000000..b9c7dbe4b27 --- /dev/null +++ b/CVE-2023/CVE-2023-317xx/CVE-2023-31752.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-31752", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-05-23T20:15:09.993", + "lastModified": "2023-05-23T20:48:24.597", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "SourceCodester Employee and Visitor Gate Pass Logging System v1.0 is vulnerable to SQL Injection via /employee_gatepass/classes/Login.php." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/4O4NtFd/bug_report/blob/main/SQLI2/SQLi-2.md", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-318xx/CVE-2023-31860.json b/CVE-2023/CVE-2023-318xx/CVE-2023-31860.json new file mode 100644 index 00000000000..e794382307d --- /dev/null +++ b/CVE-2023/CVE-2023-318xx/CVE-2023-31860.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-31860", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-05-23T20:15:10.040", + "lastModified": "2023-05-23T20:48:24.597", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "Wuzhi CMS v3.1.2 has a storage type XSS vulnerability in the backend of the Five Finger CMS b2b system." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://github.com/wuzhicms/b2b/issues/3", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-319xx/CVE-2023-31985.json b/CVE-2023/CVE-2023-319xx/CVE-2023-31985.json index 9cacb1f4b53..2643ea58c87 100644 --- a/CVE-2023/CVE-2023-319xx/CVE-2023-31985.json +++ b/CVE-2023/CVE-2023-319xx/CVE-2023-31985.json @@ -2,19 +2,87 @@ "id": "CVE-2023-31985", "sourceIdentifier": "cve@mitre.org", "published": "2023-05-12T12:15:09.800", - "lastModified": "2023-05-12T14:21:53.020", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-23T20:42:41.060", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "A Command Injection vulnerability in Edimax Wireless Router N300 Firmware BR-6428NS_v4 allows attacker to execute arbitrary code via the formAccept function in /bin/webs without any limitations." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-77" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:edimax:br-6428ns_firmware:1.10:*:*:*:*:*:*:*", + "matchCriteriaId": "4D2C9DF5-576D-4CDF-A7E3-356FDE0B1A9F" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:edimax:br-6428ns:v4:*:*:*:*:*:*:*", + "matchCriteriaId": "A2693C87-4F33-430F-83D7-CC8286E37534" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/Erebua/CVE/blob/main/N300_BR-6428nS%20V4/3/Readme.md", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-322xx/CVE-2023-32243.json b/CVE-2023/CVE-2023-322xx/CVE-2023-32243.json index 71fe7cf1d91..84cfd9a7cd1 100644 --- a/CVE-2023/CVE-2023-322xx/CVE-2023-32243.json +++ b/CVE-2023/CVE-2023-322xx/CVE-2023-32243.json @@ -2,8 +2,8 @@ "id": "CVE-2023-32243", "sourceIdentifier": "audit@patchstack.com", "published": "2023-05-12T08:15:09.280", - "lastModified": "2023-05-18T16:15:10.167", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2023-05-23T20:17:25.427", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -12,6 +12,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + }, { "source": "audit@patchstack.com", "type": "Secondary", @@ -36,7 +56,7 @@ }, "weaknesses": [ { - "source": "audit@patchstack.com", + "source": "nvd@nist.gov", "type": "Primary", "description": [ { @@ -44,20 +64,61 @@ "value": "CWE-287" } ] + }, + { + "source": "audit@patchstack.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-287" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:wpdeveloper:essential_addons_for_elementor:*:*:*:*:*:wordpress:*:*", + "versionStartIncluding": "5.4.0", + "versionEndExcluding": "5.7.1", + "matchCriteriaId": "C0F9E1E8-0C94-4221-9033-C8C6FC22D8AA" + } + ] + } + ] } ], "references": [ { "url": "http://packetstormsecurity.com/files/172457/WordPress-Elementor-Lite-5.7.1-Arbitrary-Password-Reset.html", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Exploit", + "Third Party Advisory", + "VDB Entry" + ] }, { "url": "https://patchstack.com/articles/critical-privilege-escalation-in-essential-addons-for-elementor-plugin-affecting-1-million-sites?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://patchstack.com/database/vulnerability/essential-addons-for-elementor-lite/wordpress-essential-addons-for-elementor-plugin-5-4-0-5-7-1-unauthenticated-privilege-escalation-vulnerability?_s_id=cve", - "source": "audit@patchstack.com" + "source": "audit@patchstack.com", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/README.md b/README.md index 2760f37835e..4cf5174ca1b 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-05-23T20:00:29.583424+00:00 +2023-05-23T22:00:36.038829+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-05-23T19:59:08.250000+00:00 +2023-05-23T21:15:09.073000+00:00 ``` ### Last Data Feed Release @@ -29,45 +29,47 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -215860 +215877 ``` ### CVEs added in the last Commit -Recently added CVEs: `1` +Recently added CVEs: `17` -* [CVE-2023-1837](CVE-2023/CVE-2023-18xx/CVE-2023-1837.json) (`2023-05-23T19:15:09.237`) +* [CVE-2023-23298](CVE-2023/CVE-2023-232xx/CVE-2023-23298.json) (`2023-05-23T20:15:09.213`) +* [CVE-2023-23299](CVE-2023/CVE-2023-232xx/CVE-2023-23299.json) (`2023-05-23T20:15:09.330`) +* [CVE-2023-23300](CVE-2023/CVE-2023-233xx/CVE-2023-23300.json) (`2023-05-23T20:15:09.380`) +* [CVE-2023-23301](CVE-2023/CVE-2023-233xx/CVE-2023-23301.json) (`2023-05-23T20:15:09.427`) +* [CVE-2023-23302](CVE-2023/CVE-2023-233xx/CVE-2023-23302.json) (`2023-05-23T20:15:09.473`) +* [CVE-2023-23303](CVE-2023/CVE-2023-233xx/CVE-2023-23303.json) (`2023-05-23T20:15:09.523`) +* [CVE-2023-23304](CVE-2023/CVE-2023-233xx/CVE-2023-23304.json) (`2023-05-23T20:15:09.573`) +* [CVE-2023-23305](CVE-2023/CVE-2023-233xx/CVE-2023-23305.json) (`2023-05-23T20:15:09.627`) +* [CVE-2023-23306](CVE-2023/CVE-2023-233xx/CVE-2023-23306.json) (`2023-05-23T20:15:09.677`) +* [CVE-2023-2702](CVE-2023/CVE-2023-27xx/CVE-2023-2702.json) (`2023-05-23T20:15:09.730`) +* [CVE-2023-2703](CVE-2023/CVE-2023-27xx/CVE-2023-2703.json) (`2023-05-23T20:15:09.817`) +* [CVE-2023-31517](CVE-2023/CVE-2023-315xx/CVE-2023-31517.json) (`2023-05-23T20:15:09.897`) +* [CVE-2023-31518](CVE-2023/CVE-2023-315xx/CVE-2023-31518.json) (`2023-05-23T20:15:09.947`) +* [CVE-2023-31752](CVE-2023/CVE-2023-317xx/CVE-2023-31752.json) (`2023-05-23T20:15:09.993`) +* [CVE-2023-31860](CVE-2023/CVE-2023-318xx/CVE-2023-31860.json) (`2023-05-23T20:15:10.040`) +* [CVE-2023-1508](CVE-2023/CVE-2023-15xx/CVE-2023-1508.json) (`2023-05-23T21:15:08.967`) +* [CVE-2023-30382](CVE-2023/CVE-2023-303xx/CVE-2023-30382.json) (`2023-05-23T21:15:09.073`) ### CVEs modified in the last Commit -Recently modified CVEs: `32` +Recently modified CVEs: `11` -* [CVE-2023-29861](CVE-2023/CVE-2023-298xx/CVE-2023-29861.json) (`2023-05-23T18:12:44.910`) -* [CVE-2023-2180](CVE-2023/CVE-2023-21xx/CVE-2023-2180.json) (`2023-05-23T18:17:01.457`) -* [CVE-2023-2179](CVE-2023/CVE-2023-21xx/CVE-2023-2179.json) (`2023-05-23T18:18:59.863`) -* [CVE-2023-2009](CVE-2023/CVE-2023-20xx/CVE-2023-2009.json) (`2023-05-23T18:21:56.943`) -* [CVE-2023-29862](CVE-2023/CVE-2023-298xx/CVE-2023-29862.json) (`2023-05-23T18:22:53.290`) -* [CVE-2023-23682](CVE-2023/CVE-2023-236xx/CVE-2023-23682.json) (`2023-05-23T18:39:41.410`) -* [CVE-2023-1915](CVE-2023/CVE-2023-19xx/CVE-2023-1915.json) (`2023-05-23T18:40:29.990`) -* [CVE-2023-1890](CVE-2023/CVE-2023-18xx/CVE-2023-1890.json) (`2023-05-23T18:42:50.847`) -* [CVE-2023-1839](CVE-2023/CVE-2023-18xx/CVE-2023-1839.json) (`2023-05-23T18:43:27.077`) -* [CVE-2023-1835](CVE-2023/CVE-2023-18xx/CVE-2023-1835.json) (`2023-05-23T18:45:51.570`) -* [CVE-2023-1596](CVE-2023/CVE-2023-15xx/CVE-2023-1596.json) (`2023-05-23T18:46:32.037`) -* [CVE-2023-31986](CVE-2023/CVE-2023-319xx/CVE-2023-31986.json) (`2023-05-23T18:48:17.007`) -* [CVE-2023-31576](CVE-2023/CVE-2023-315xx/CVE-2023-31576.json) (`2023-05-23T18:50:15.687`) -* [CVE-2023-31572](CVE-2023/CVE-2023-315xx/CVE-2023-31572.json) (`2023-05-23T18:51:16.873`) -* [CVE-2023-23720](CVE-2023/CVE-2023-237xx/CVE-2023-23720.json) (`2023-05-23T18:52:10.690`) -* [CVE-2023-23709](CVE-2023/CVE-2023-237xx/CVE-2023-23709.json) (`2023-05-23T18:53:01.447`) -* [CVE-2023-23703](CVE-2023/CVE-2023-237xx/CVE-2023-23703.json) (`2023-05-23T18:53:27.673`) -* [CVE-2023-23657](CVE-2023/CVE-2023-236xx/CVE-2023-23657.json) (`2023-05-23T18:54:10.007`) -* [CVE-2023-23676](CVE-2023/CVE-2023-236xx/CVE-2023-23676.json) (`2023-05-23T18:54:45.910`) -* [CVE-2023-23673](CVE-2023/CVE-2023-236xx/CVE-2023-23673.json) (`2023-05-23T18:55:45.033`) -* [CVE-2023-2644](CVE-2023/CVE-2023-26xx/CVE-2023-2644.json) (`2023-05-23T19:00:42.333`) -* [CVE-2023-32059](CVE-2023/CVE-2023-320xx/CVE-2023-32059.json) (`2023-05-23T19:07:14.350`) -* [CVE-2023-30330](CVE-2023/CVE-2023-303xx/CVE-2023-30330.json) (`2023-05-23T19:17:36.410`) -* [CVE-2023-2515](CVE-2023/CVE-2023-25xx/CVE-2023-2515.json) (`2023-05-23T19:53:59.490`) -* [CVE-2023-23169](CVE-2023/CVE-2023-231xx/CVE-2023-23169.json) (`2023-05-23T19:59:08.250`) +* [CVE-2019-10692](CVE-2019/CVE-2019-106xx/CVE-2019-10692.json) (`2023-05-23T20:30:59.777`) +* [CVE-2019-14792](CVE-2019/CVE-2019-147xx/CVE-2019-14792.json) (`2023-05-23T20:30:59.777`) +* [CVE-2020-13377](CVE-2020/CVE-2020-133xx/CVE-2020-13377.json) (`2023-05-23T20:27:38.897`) +* [CVE-2021-36871](CVE-2021/CVE-2021-368xx/CVE-2021-36871.json) (`2023-05-23T20:30:59.777`) +* [CVE-2023-2676](CVE-2023/CVE-2023-26xx/CVE-2023-2676.json) (`2023-05-23T20:04:30.950`) +* [CVE-2023-32243](CVE-2023/CVE-2023-322xx/CVE-2023-32243.json) (`2023-05-23T20:17:25.427`) +* [CVE-2023-27237](CVE-2023/CVE-2023-272xx/CVE-2023-27237.json) (`2023-05-23T20:35:36.253`) +* [CVE-2023-23867](CVE-2023/CVE-2023-238xx/CVE-2023-23867.json) (`2023-05-23T20:37:47.907`) +* [CVE-2023-31985](CVE-2023/CVE-2023-319xx/CVE-2023-31985.json) (`2023-05-23T20:42:41.060`) +* [CVE-2023-1837](CVE-2023/CVE-2023-18xx/CVE-2023-1837.json) (`2023-05-23T20:48:24.597`) +* [CVE-2023-29820](CVE-2023/CVE-2023-298xx/CVE-2023-29820.json) (`2023-05-23T20:50:48.400`) ## Download and Usage