admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-08 03:27:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-11-17T21:00:25.652570+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-11-17 21:00:29 +00:00
parent bfb952abec
commit 90e155bfe1
43 changed files with 1116 additions and 213 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
CVE-2014/CVE-2014-95xx/CVE-2014-9517.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2014-9517",
"sourceIdentifier": "cve@mitre.org",
"published": "2015-01-05T20:59:11.650",
"lastModified": "2016-09-06T13:48:22.587",
"lastModified": "2023-11-17T20:01:31.690",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -63,9 +63,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:d-link:dcs-2103_hd_cube_network_camera_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.0.0",
"matchCriteriaId": "1C70F80E-9715-43BA-AD08-A27CEAB0DB33"
"criteria": "cpe:2.3:o:dlink:dcs-2103_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.20",
"matchCriteriaId": "D716F4C2-28F6-4DBC-AA18-28F436AC8904"
}
]
},
@ -74,9 +74,9 @@
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:h:d-link:dcs-2103_hd_cube_network_camera:-:*:*:*:*:*:*:*",
"matchCriteriaId": "84D65F60-A771-4158-B5F3-79F3896BBFFA"
"vulnerable": false,
"criteria": "cpe:2.3:h:dlink:dcs-2103:-:*:*:*:*:*:*:*",
"matchCriteriaId": "41038110-D9D6-4BC3-9416-4A95F8D9ABDD"
}
]
}

6
CVE-2017/CVE-2017-144xx/CVE-2017-14419.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2017-14419",
"sourceIdentifier": "cve@mitre.org",
"published": "2017-09-13T17:29:00.447",
"lastModified": "2023-11-08T20:57:41.133",
"lastModified": "2023-11-17T20:01:16.417",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -118,9 +118,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:d-link:dir-850l_firmware:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:o:dlink:dir-850l_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "fw208wwb02",
"matchCriteriaId": "057C6D7D-16EB-4F09-BB4A-A59C2ABFB57B"
"matchCriteriaId": "AD01AE08-1F0A-4004-8EC3-4887E540F349"
}
]
},

26
CVE-2017/CVE-2017-144xx/CVE-2017-14420.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2017-14420",
"sourceIdentifier": "cve@mitre.org",
"published": "2017-09-13T17:29:00.493",
"lastModified": "2017-09-21T00:50:32.383",
"lastModified": "2023-11-17T19:58:23.067",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -15,13 +15,13 @@
}
],
"metrics": {
"cvssMetricV30": [
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
@ -85,9 +85,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:d-link:dir-850l_firmware:*:beta1:*:*:*:*:*:*",
"versionEndIncluding": "fw114wwb07_h2ab",
"matchCriteriaId": "269739B0-7349-4225-81D8-28CA494E4957"
"criteria": "cpe:2.3:o:dlink:dir-850l_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "fw114wwb07_h2ab_beta1",
"matchCriteriaId": "3AB746EA-BB7F-43DD-96B8-20161EA23C7A"
}
]
},
@ -97,8 +97,8 @@
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:d-link:dir-850l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CA74BDB0-BD40-4AFA-8FE0-3AD43894429E"
"criteria": "cpe:2.3:h:dlink:dir-850l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "607DDB44-0E4E-4606-8909-B624345688D4"
}
]
}
@ -113,9 +113,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:d-link:dir-850l_firmware:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:o:dlink:dir-850l_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "fw208wwb02",
"matchCriteriaId": "057C6D7D-16EB-4F09-BB4A-A59C2ABFB57B"
"matchCriteriaId": "AD01AE08-1F0A-4004-8EC3-4887E540F349"
}
]
},
@ -125,8 +125,8 @@
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:d-link:dir-850l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CA74BDB0-BD40-4AFA-8FE0-3AD43894429E"
"criteria": "cpe:2.3:h:dlink:dir-850l:-:*:*:*:*:*:*:*",
"matchCriteriaId": "607DDB44-0E4E-4606-8909-B624345688D4"
}
]
}

6
CVE-2017/CVE-2017-144xx/CVE-2017-14424.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2017-14424",
"sourceIdentifier": "cve@mitre.org",
"published": "2017-09-13T17:29:00.633",
"lastModified": "2023-11-08T21:15:27.437",
"lastModified": "2023-11-17T20:00:53.310",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -118,9 +118,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:d-link:dir-850l_firmware:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:o:dlink:dir-850l_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "fw208wwb02",
"matchCriteriaId": "057C6D7D-16EB-4F09-BB4A-A59C2ABFB57B"
"matchCriteriaId": "AD01AE08-1F0A-4004-8EC3-4887E540F349"
}
]
},

6
CVE-2017/CVE-2017-144xx/CVE-2017-14425.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2017-14425",
"sourceIdentifier": "cve@mitre.org",
"published": "2017-09-13T17:29:00.680",
"lastModified": "2023-11-08T21:15:57.240",
"lastModified": "2023-11-17T20:00:45.137",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -118,9 +118,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:d-link:dir-850l_firmware:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:o:dlink:dir-850l_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "fw208wwb02",
"matchCriteriaId": "057C6D7D-16EB-4F09-BB4A-A59C2ABFB57B"
"matchCriteriaId": "AD01AE08-1F0A-4004-8EC3-4887E540F349"
}
]
},

6
CVE-2017/CVE-2017-144xx/CVE-2017-14426.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2017-14426",
"sourceIdentifier": "cve@mitre.org",
"published": "2017-09-13T17:29:00.760",
"lastModified": "2023-11-08T21:16:14.590",
"lastModified": "2023-11-17T20:00:16.387",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -118,9 +118,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:d-link:dir-850l_firmware:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:o:dlink:dir-850l_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "fw208wwb02",
"matchCriteriaId": "057C6D7D-16EB-4F09-BB4A-A59C2ABFB57B"
"matchCriteriaId": "AD01AE08-1F0A-4004-8EC3-4887E540F349"
}
]
},

6
CVE-2017/CVE-2017-144xx/CVE-2017-14427.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2017-14427",
"sourceIdentifier": "cve@mitre.org",
"published": "2017-09-13T17:29:00.807",
"lastModified": "2023-11-08T21:16:31.030",
"lastModified": "2023-11-17T19:59:48.367",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -118,9 +118,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:d-link:dir-850l_firmware:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:o:dlink:dir-850l_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "fw208wwb02",
"matchCriteriaId": "057C6D7D-16EB-4F09-BB4A-A59C2ABFB57B"
"matchCriteriaId": "AD01AE08-1F0A-4004-8EC3-4887E540F349"
}
]
},

6
CVE-2017/CVE-2017-144xx/CVE-2017-14428.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2017-14428",
"sourceIdentifier": "cve@mitre.org",
"published": "2017-09-13T17:29:00.837",
"lastModified": "2023-11-08T21:16:45.750",
"lastModified": "2023-11-17T19:59:23.433",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -118,9 +118,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:d-link:dir-850l_firmware:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:o:dlink:dir-850l_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "fw208wwb02",
"matchCriteriaId": "057C6D7D-16EB-4F09-BB4A-A59C2ABFB57B"
"matchCriteriaId": "AD01AE08-1F0A-4004-8EC3-4887E540F349"
}
]
},

6
CVE-2017/CVE-2017-144xx/CVE-2017-14429.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2017-14429",
"sourceIdentifier": "cve@mitre.org",
"published": "2017-09-13T17:29:00.870",
"lastModified": "2023-11-08T21:17:08.127",
"lastModified": "2023-11-17T19:58:49.280",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -118,9 +118,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:d-link:dir-850l_firmware:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:o:dlink:dir-850l_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "fw208wwb02",
"matchCriteriaId": "057C6D7D-16EB-4F09-BB4A-A59C2ABFB57B"
"matchCriteriaId": "AD01AE08-1F0A-4004-8EC3-4887E540F349"
}
]
},

6
CVE-2017/CVE-2017-144xx/CVE-2017-14430.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2017-14430",
"sourceIdentifier": "cve@mitre.org",
"published": "2017-09-13T17:29:00.900",
"lastModified": "2023-11-08T21:17:28.900",
"lastModified": "2023-11-17T20:01:41.363",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -118,9 +118,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:d-link:dir-850l_firmware:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:o:dlink:dir-850l_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "fw208wwb02",
"matchCriteriaId": "057C6D7D-16EB-4F09-BB4A-A59C2ABFB57B"
"matchCriteriaId": "AD01AE08-1F0A-4004-8EC3-4887E540F349"
}
]
},

6
CVE-2019/CVE-2019-156xx/CVE-2019-15656.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2019-15656",
"sourceIdentifier": "cve@mitre.org",
"published": "2020-03-19T18:15:13.867",
"lastModified": "2023-11-08T22:48:35.667",
"lastModified": "2023-11-17T20:01:46.870",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -117,9 +117,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:d-link:dsl-2877al_firmware:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:o:dlink:dsl-2877al_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.00.05",
"matchCriteriaId": "F9E744C6-30F8-478E-9633-95B843F8895A"
"matchCriteriaId": "16AEECE5-BF21-4480-87AF-37B67CC9A880"
}
]
},

10
CVE-2021/CVE-2021-411xx/CVE-2021-41160.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-41160",
"sourceIdentifier": "security-advisories@github.com",
"published": "2021-10-21T19:15:07.947",
"lastModified": "2023-11-07T03:38:51.907",
"lastModified": "2023-11-17T19:15:07.773",
"vulnStatus": "Modified",
"descriptions": [
{
@ -37,7 +37,7 @@
"impactScore": 5.9
},
{
"source": "a0819718-46f1-4df5-94e2-005712e83aaa",
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -95,7 +95,7 @@
]
},
{
"source": "a0819718-46f1-4df5-94e2-005712e83aaa",
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
@ -156,6 +156,10 @@
"Third Party Advisory"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00010.html",
"source": "security-advisories@github.com"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DWJXQOWKNR7O5HM2HFJOM4GBUFPTE3RG/",
"source": "security-advisories@github.com"

10
CVE-2022/CVE-2022-248xx/CVE-2022-24883.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-24883",
"sourceIdentifier": "security-advisories@github.com",
"published": "2022-04-26T16:15:47.883",
"lastModified": "2023-11-07T03:44:40.203",
"lastModified": "2023-11-17T19:15:07.920",
"vulnStatus": "Modified",
"descriptions": [
{
@ -37,7 +37,7 @@
"impactScore": 5.9
},
{
"source": "a0819718-46f1-4df5-94e2-005712e83aaa",
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -95,7 +95,7 @@
]
},
{
"source": "a0819718-46f1-4df5-94e2-005712e83aaa",
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
@ -181,6 +181,10 @@
"Third Party Advisory"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00010.html",
"source": "security-advisories@github.com"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AELSWWBAM2YONRPGLWVDY6UNTLJERJYL/",
"source": "security-advisories@github.com"

10
CVE-2022/CVE-2022-392xx/CVE-2022-39282.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-39282",
"sourceIdentifier": "security-advisories@github.com",
"published": "2022-10-12T23:15:09.417",
"lastModified": "2023-11-07T03:50:24.473",
"lastModified": "2023-11-17T19:15:08.060",
"vulnStatus": "Modified",
"descriptions": [
{
@ -37,7 +37,7 @@
"impactScore": 3.6
},
{
"source": "a0819718-46f1-4df5-94e2-005712e83aaa",
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -60,7 +60,7 @@
},
"weaknesses": [
{
"source": "a0819718-46f1-4df5-94e2-005712e83aaa",
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
@ -128,6 +128,10 @@
"Third Party Advisory"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00010.html",
"source": "security-advisories@github.com"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HEWWYMGWIMD4RDCOGHWMZXUMBGZHC5NW/",
"source": "security-advisories@github.com"

10
CVE-2022/CVE-2022-392xx/CVE-2022-39283.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-39283",
"sourceIdentifier": "security-advisories@github.com",
"published": "2022-10-12T23:15:09.527",
"lastModified": "2023-11-07T03:50:24.607",
"lastModified": "2023-11-17T19:15:08.203",
"vulnStatus": "Modified",
"descriptions": [
{
@ -37,7 +37,7 @@
"impactScore": 3.6
},
{
"source": "a0819718-46f1-4df5-94e2-005712e83aaa",
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -70,7 +70,7 @@
]
},
{
"source": "a0819718-46f1-4df5-94e2-005712e83aaa",
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
@ -139,6 +139,10 @@
"Third Party Advisory"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00010.html",
"source": "security-advisories@github.com"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HEWWYMGWIMD4RDCOGHWMZXUMBGZHC5NW/",
"source": "security-advisories@github.com"

10
CVE-2022/CVE-2022-393xx/CVE-2022-39316.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-39316",
"sourceIdentifier": "security-advisories@github.com",
"published": "2022-11-16T20:15:10.180",
"lastModified": "2023-11-07T03:50:25.867",
"lastModified": "2023-11-17T19:15:08.313",
"vulnStatus": "Modified",
"descriptions": [
{
@ -37,7 +37,7 @@
"impactScore": 3.6
},
{
"source": "a0819718-46f1-4df5-94e2-005712e83aaa",
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -60,7 +60,7 @@
},
"weaknesses": [
{
"source": "a0819718-46f1-4df5-94e2-005712e83aaa",
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
@ -134,6 +134,10 @@
"Third Party Advisory"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00010.html",
"source": "security-advisories@github.com"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UDOTAOJBCZKREZJPT6VZ25GESI5T6RBG/",
"source": "security-advisories@github.com"

10
CVE-2022/CVE-2022-393xx/CVE-2022-39318.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-39318",
"sourceIdentifier": "security-advisories@github.com",
"published": "2022-11-16T21:15:10.407",
"lastModified": "2023-11-07T03:50:26.093",
"lastModified": "2023-11-17T19:15:08.413",
"vulnStatus": "Modified",
"descriptions": [
{
@ -37,7 +37,7 @@
"impactScore": 3.6
},
{
"source": "a0819718-46f1-4df5-94e2-005712e83aaa",
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -60,7 +60,7 @@
},
"weaknesses": [
{
"source": "a0819718-46f1-4df5-94e2-005712e83aaa",
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
@ -138,6 +138,10 @@
"Third Party Advisory"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00010.html",
"source": "security-advisories@github.com"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UDOTAOJBCZKREZJPT6VZ25GESI5T6RBG/",
"source": "security-advisories@github.com"

10
CVE-2022/CVE-2022-393xx/CVE-2022-39319.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-39319",
"sourceIdentifier": "security-advisories@github.com",
"published": "2022-11-16T21:15:10.493",
"lastModified": "2023-11-07T03:50:26.210",
"lastModified": "2023-11-17T19:15:08.520",
"vulnStatus": "Modified",
"descriptions": [
{
@ -37,7 +37,7 @@
"impactScore": 2.5
},
{
"source": "a0819718-46f1-4df5-94e2-005712e83aaa",
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -60,7 +60,7 @@
},
"weaknesses": [
{
"source": "a0819718-46f1-4df5-94e2-005712e83aaa",
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
@ -134,6 +134,10 @@
"Third Party Advisory"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00010.html",
"source": "security-advisories@github.com"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UDOTAOJBCZKREZJPT6VZ25GESI5T6RBG/",
"source": "security-advisories@github.com"

10
CVE-2022/CVE-2022-393xx/CVE-2022-39347.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-39347",
"sourceIdentifier": "security-advisories@github.com",
"published": "2022-11-16T20:15:10.367",
"lastModified": "2023-11-07T03:50:27.370",
"lastModified": "2023-11-17T19:15:08.620",
"vulnStatus": "Modified",
"descriptions": [
{
@ -37,7 +37,7 @@
"impactScore": 3.6
},
{
"source": "a0819718-46f1-4df5-94e2-005712e83aaa",
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -60,7 +60,7 @@
},
"weaknesses": [
{
"source": "a0819718-46f1-4df5-94e2-005712e83aaa",
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
@ -134,6 +134,10 @@
"Third Party Advisory"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00010.html",
"source": "security-advisories@github.com"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UDOTAOJBCZKREZJPT6VZ25GESI5T6RBG/",
"source": "security-advisories@github.com"

57
CVE-2022/CVE-2022-39xx/CVE-2022-3970.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-3970",
"sourceIdentifier": "cna@vuldb.com",
"published": "2022-11-13T08:15:16.047",
"lastModified": "2023-11-07T03:52:02.597",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-11-17T19:04:41.320",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -37,7 +37,7 @@
"impactScore": 5.9
},
{
"source": "1af790b2-7ee1-4545-860a-a788eba489b5",
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -60,7 +60,7 @@
},
"weaknesses": [
{
"source": "1af790b2-7ee1-4545-860a-a788eba489b5",
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
@ -116,6 +116,40 @@
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.5.1",
"matchCriteriaId": "5B80AFED-4F28-4FE6-9699-05D281388A00"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.6",
"matchCriteriaId": "F362BEC4-90C7-4305-BFF9-645FE6C52DFE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.6",
"matchCriteriaId": "DB63BAC2-C756-428C-8BAC-BAD39FBE5EF4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "13.5",
"matchCriteriaId": "7FB2CB0B-A635-4057-98B8-AF71F9CB0171"
}
]
}
]
}
],
"references": [
@ -159,17 +193,26 @@
},
{
"url": "https://support.apple.com/kb/HT213841",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Release Notes",
"Third Party Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT213843",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Release Notes",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.213549",
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
"Third Party Advisory",
"VDB Entry"
]
}
]

10
CVE-2022/CVE-2022-418xx/CVE-2022-41877.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-41877",
"sourceIdentifier": "security-advisories@github.com",
"published": "2022-11-16T20:15:10.507",
"lastModified": "2023-11-07T03:53:05.423",
"lastModified": "2023-11-17T19:15:08.720",
"vulnStatus": "Modified",
"descriptions": [
{
@ -37,7 +37,7 @@
"impactScore": 2.5
},
{
"source": "a0819718-46f1-4df5-94e2-005712e83aaa",
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
@ -70,7 +70,7 @@
]
},
{
"source": "a0819718-46f1-4df5-94e2-005712e83aaa",
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
@ -134,6 +134,10 @@
"Third Party Advisory"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/11/msg00010.html",
"source": "security-advisories@github.com"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UDOTAOJBCZKREZJPT6VZ25GESI5T6RBG/",
"source": "security-advisories@github.com"

69
CVE-2023/CVE-2023-228xx/CVE-2023-22809.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-22809",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-01-18T17:15:10.353",
"lastModified": "2023-11-07T04:07:25.910",
"vulnStatus": "Modified",
"lastModified": "2023-11-17T19:32:56.817",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -100,6 +100,11 @@
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"matchCriteriaId": "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
@ -108,24 +113,56 @@
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "13.4",
"matchCriteriaId": "ADD1755A-5CD2-4EED-8C6C-4729FADFA3F5"
}
]
}
]
}
],
"references": [
{
"url": "http://packetstormsecurity.com/files/171644/sudo-1.9.12p1-Privilege-Escalation.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://packetstormsecurity.com/files/172509/Sudoedit-Extra-Arguments-Privilege-Escalation.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://packetstormsecurity.com/files/174234/Cisco-ThousandEyes-Enterprise-Agent-Virtual-Appliance-Arbitrary-File-Modification.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://seclists.org/fulldisclosure/2023/Aug/21",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/01/19/1",
@ -146,15 +183,24 @@
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2QDGFCGAV5QRJCE6IXRXIS4XJHS57DDH/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/G4YNBTTKTRT2ME3NTSXAPTOKYUE47XHZ/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List"
]
},
{
"url": "https://security.gentoo.org/glsa/202305-12",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20230127-0015/",
@ -165,7 +211,10 @@
},
{
"url": "https://support.apple.com/kb/HT213758",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.debian.org/security/2023/dsa-5321",

51
CVE-2023/CVE-2023-274xx/CVE-2023-27417.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-27417",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-11-12T23:15:08.123",
"lastModified": "2023-11-13T03:16:20.870",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-17T20:07:43.807",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in Timo Reith Affiliate Super Assistent plugin <=\u00a01.5.1 versions."
},
{
"lang": "es",
"value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en el complemento Timo Reith Affiliate Super Assistent en versiones &lt;= 1.5.1."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ifeelweb:affiliate_super_assistent:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.5.1",
"matchCriteriaId": "82A6C3DE-8215-4D59-9DE2-AD67D232A17E"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/amazonsimpleadmin/wordpress-affiliate-super-assistent-plugin-1-5-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

51
CVE-2023/CVE-2023-274xx/CVE-2023-27418.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-27418",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-11-12T23:15:08.320",
"lastModified": "2023-11-13T03:16:20.870",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-17T20:08:27.913",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Side Menu Lite \u2013 add sticky fixed buttons plugin <=\u00a04.0 versions."
},
{
"lang": "es",
"value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en Wow-Company Side Menu Lite en el complemento add sticky fixed buttons en versiones &lt;= 4.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wow-company:side_menu_lite:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "4.0",
"matchCriteriaId": "BB14A371-9BD0-47E9-A529-E70F293FC735"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/side-menu-lite/wordpress-side-menu-lite-plugin-4-0-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

51
CVE-2023/CVE-2023-274xx/CVE-2023-27431.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-27431",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-11-12T23:15:08.520",
"lastModified": "2023-11-13T03:16:20.870",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-17T20:05:40.023",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in ThemeHunk Big Store theme <=\u00a01.9.3 versions."
},
{
"lang": "es",
"value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en el tema ThemeHunk Big Store en versiones &lt;= 1.9.3."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:themehunk:big_store:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.9.3",
"matchCriteriaId": "7AD98663-F2CC-40C4-A531-6951D743A8C0"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/big-store/wordpress-big-store-theme-1-9-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

51
CVE-2023/CVE-2023-276xx/CVE-2023-27611.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-27611",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-11-12T23:15:08.713",
"lastModified": "2023-11-13T03:16:20.870",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-17T19:50:57.180",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in audrasjb Reusable Blocks Extended plugin <=\u00a00.9 versions."
},
{
"lang": "es",
"value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en audrasjb en el complemento Reusable Blocks Extended en versiones &lt;= 0.9."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:jeanbaptisteaudras:reusable_blocks_extended:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "0.9",
"matchCriteriaId": "765DB0D2-94A4-4EF8-85A8-29A5DBCD1F1E"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/reusable-blocks-extended/wordpress-reusable-blocks-extended-plugin-0-9-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

51
CVE-2023/CVE-2023-276xx/CVE-2023-27623.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-27623",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-11-12T23:15:08.903",
"lastModified": "2023-11-13T03:16:20.870",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-17T19:31:03.830",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in Jens T\u00f6rnell WP Page Numbers plugin <=\u00a00.5 versions."
},
{
"lang": "es",
"value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en el complemento Jens T\u00f6rnell WP Page Numbers en versiones &lt;= 0.5."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:jenst:wp_page_numbers:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "0.5",
"matchCriteriaId": "49680A85-663B-451A-8CB4-A8FEC5AADF73"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wp-page-numbers/wordpress-wp-page-numbers-plugin-0-5-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

51
CVE-2023/CVE-2023-276xx/CVE-2023-27632.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-27632",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-11-12T23:15:09.093",
"lastModified": "2023-11-13T03:16:20.870",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-17T19:29:14.953",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in mmrs151 Daily Prayer Time plugin <=\u00a02023.03.08 versions."
},
{
"lang": "es",
"value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en el complemento mmrs151 Daily Prayer Time en versiones &lt;= 2023.03.08."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:daily_prayer_time_project:daily_prayer_time:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2023.03.08",
"matchCriteriaId": "6F83BED9-7397-49D2-9AD9-38679A7A703E"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/daily-prayer-time-for-mosques/wordpress-daily-prayer-time-plugin-2023-02-21-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

75
CVE-2023/CVE-2023-281xx/CVE-2023-28134.json
View File

@ -2,16 +2,53 @@
"id": "CVE-2023-28134",
"sourceIdentifier": "cve@checkpoint.com",
"published": "2023-11-12T23:15:09.313",
"lastModified": "2023-11-13T03:16:20.870",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-17T20:14:54.230",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Local attacker can escalate privileges on affected installations of Check Point Harmony Endpoint/ZoneAlarm Extreme Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability."
},
{
"lang": "es",
"value": "Un atacante local puede aumentar los privilegios en las instalaciones afectadas de Check Point Harmony Endpoint/ZoneAlarm Extreme Security. Un atacante primero debe obtener la capacidad de ejecutar c\u00f3digo con pocos privilegios en el sistema de destino para poder aprovechar esta vulnerabilidad."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-732"
}
]
},
{
"source": "cve@checkpoint.com",
"type": "Secondary",
@ -23,10 +60,40 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkpoint:endpoint_security:e84:*:*:*:*:*:*:*",
"matchCriteriaId": "2D42E00B-D31F-4474-9B6C-EF976C49487B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkpoint:endpoint_security:e85:*:*:*:*:*:*:*",
"matchCriteriaId": "D2476021-2883-4895-87A6-7E22C3EC7E59"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:checkpoint:endpoint_security:e86:*:*:*:*:*:*:*",
"matchCriteriaId": "A1D4A431-135D-4AE0-9E6A-D8B04CFA7B18"
}
]
}
]
}
],
"references": [
{
"url": "https://support.checkpoint.com/results/sk/sk181597",
"source": "cve@checkpoint.com"
"source": "cve@checkpoint.com",
"tags": [
"Vendor Advisory"
]
}
]
}

51
CVE-2023/CVE-2023-281xx/CVE-2023-28167.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-28167",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-11-12T23:15:09.407",
"lastModified": "2023-11-13T03:16:20.870",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-17T19:09:26.160",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in Vsourz Digital CF7 Invisible reCAPTCHA plugin <=\u00a01.3.3 versions."
},
{
"lang": "es",
"value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) en el complemento Vsourz Digital CF7 Invisible reCAPTCHA en versiones &lt;= 1.3.3."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:vsourz:cf7_invisible_recaptcha:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.3.3",
"matchCriteriaId": "89B5933D-BE7F-43CA-80A7-EE6C9FD661AF"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/cf7-invisible-recaptcha/wordpress-cf7-invisible-recaptcha-plugin-1-3-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

51
CVE-2023/CVE-2023-281xx/CVE-2023-28172.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-28172",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-11-12T23:15:09.617",
"lastModified": "2023-11-13T03:16:20.870",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-17T19:11:32.103",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in flippercode WordPress Plugin for Google Maps \u2013 WP MAPS (formerly WP Google Map Plugin) plugin <=\u00a04.4.2 versions."
},
{
"lang": "es",
"value": "Vulnerabilidad de Cross-Site Request Forgery (CSRF) de flippercode en el complemento WordPress Plugin for Google Maps \u2013 WP MAPS (formerly WP Google Map Plugin) en versiones &lt;= 4.4.2."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:flippercode:wp_google_map:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "4.4.2",
"matchCriteriaId": "45CEF703-940B-4EDB-86D5-91FDEA3CE5C6"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wp-google-map-plugin/wordpress-wp-maps-plugin-4-4-2-cross-site-request-forgery-csrf?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

18
CVE-2023/CVE-2023-282xx/CVE-2023-28200.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28200",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-05-08T20:15:19.687",
"lastModified": "2023-09-06T21:15:09.937",
"vulnStatus": "Modified",
"lastModified": "2023-11-17T19:33:06.590",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -55,9 +55,9 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipad_os:*:*:*:*:*:*:*:*",
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.7.4",
"matchCriteriaId": "909D85BE-B03C-469D-B7A0-B15B6366EDAC"
"matchCriteriaId": "6342B4CB-4D7D-4FBD-8A5E-E3DABDC7770E"
},
{
"vulnerable": true,
@ -85,6 +85,11 @@
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.3",
"matchCriteriaId": "A6D636F7-278A-491B-8960-91A4D5A86A96"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:13.4:*:*:*:*:*:*:*",
"matchCriteriaId": "440DDB1E-BC6D-48A6-924D-E3534495BABA"
}
]
}
@ -122,7 +127,10 @@
},
{
"url": "https://support.apple.com/kb/HT213843",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Vendor Advisory"
]
}
]
}

79
CVE-2023/CVE-2023-342xx/CVE-2023-34241.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34241",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-06-22T23:15:09.493",
"lastModified": "2023-07-28T21:15:12.083",
"vulnStatus": "Modified",
"lastModified": "2023-11-17T19:33:17.840",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -90,6 +90,11 @@
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
"matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
@ -98,6 +103,51 @@
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "11.7.9",
"matchCriteriaId": "32C6C615-0E8E-458B-88C6-A8BF29D3DB69"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "12.0.0",
"versionEndExcluding": "12.6.8",
"matchCriteriaId": "A47C992E-C336-403A-A534-E1A33C7338DE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.5",
"matchCriteriaId": "3D701507-146E-4E5B-8C32-60E797E46627"
}
]
}
]
}
],
"references": [
@ -142,11 +192,17 @@
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00038.html",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7I7DWGYGEMBNLZF5UQBMF3SONR37YUBN/",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TBIYKDS3UG3W4Z7YOHTR2AWFNBRYPNYY/",
@ -158,15 +214,24 @@
},
{
"url": "https://support.apple.com/kb/HT213843",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT213844",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://support.apple.com/kb/HT213845",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
]
}
]
}

6
CVE-2023/CVE-2023-345xx/CVE-2023-34540.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-34540",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-14T15:15:10.287",
"lastModified": "2023-08-29T18:57:58.473",
"vulnStatus": "Analyzed",
"lastModified": "2023-11-17T19:15:08.837",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Langchain 0.0.171 is vulnerable to Arbitrary Code Execution."
"value": "Langchain 0.0.171 is vulnerable to Arbitrary Code Execution. This is related to the jira.run('other' substring."
}
],
"metrics": {

6
CVE-2023/CVE-2023-362xx/CVE-2023-36281.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-36281",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-22T19:16:36.457",
"lastModified": "2023-08-26T02:25:07.963",
"vulnStatus": "Analyzed",
"lastModified": "2023-11-17T19:15:08.907",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "An issue in langchain v.0.0.171 allows a remote attacker to execute arbitrary code via the via the a json file to the load_prompt parameter."
"value": "An issue in langchain v.0.0.171 allows a remote attacker to execute arbitrary code via a JSON file to load_prompt. This is related to __subclasses__ or a template."
}
],
"metrics": {

12
CVE-2023/CVE-2023-393xx/CVE-2023-39331.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-39331",
"sourceIdentifier": "support@hackerone.com",
"published": "2023-10-18T04:15:11.257",
"lastModified": "2023-11-16T16:15:31.433",
"vulnStatus": "Modified",
"lastModified": "2023-11-17T19:10:41.253",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -82,8 +82,9 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*",
"versionStartIncluding": "20.0.0",
"versionEndExcluding": "20.8.0",
"matchCriteriaId": "1DB6F476-F7D5-420C-9A17-FE634C92FF71"
"matchCriteriaId": "6BD3775B-9921-452D-ACF2-626A96B781F0"
}
]
}
@ -100,7 +101,10 @@
},
{
"url": "https://security.netapp.com/advisory/ntap-20231116-0009/",
"source": "support@hackerone.com"
"source": "support@hackerone.com",
"tags": [
"Third Party Advisory"
]
}
]
}

32
CVE-2023/CVE-2023-393xx/CVE-2023-39332.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-39332",
"sourceIdentifier": "support@hackerone.com",
"published": "2023-10-18T04:15:11.330",
"lastModified": "2023-11-16T16:15:31.510",
"vulnStatus": "Modified",
"lastModified": "2023-11-17T19:08:58.170",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -60,8 +60,24 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*",
"versionStartIncluding": "20.0.0",
"versionEndExcluding": "20.8.0",
"matchCriteriaId": "1DB6F476-F7D5-420C-9A17-FE634C92FF71"
"matchCriteriaId": "6BD3775B-9921-452D-ACF2-626A96B781F0"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*",
"matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646"
}
]
}
@ -78,11 +94,17 @@
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3N4NJ7FR4X4FPZUGNTQAPSTVB2HB2Y4A/",
"source": "support@hackerone.com"
"source": "support@hackerone.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20231116-0009/",
"source": "support@hackerone.com"
"source": "support@hackerone.com",
"tags": [
"Third Party Advisory"
]
}
]
}

70
CVE-2023/CVE-2023-423xx/CVE-2023-42326.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-42326",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-11-14T05:15:08.587",
"lastModified": "2023-11-14T15:15:50.200",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-17T19:36:50.410",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,11 +14,73 @@
"value": "Un problema en Netgate pfSense v.2.7.0 permite a un atacante remoto ejecutar c\u00f3digo arbitrario a trav\u00e9s de una solicitud manipulada a los componentes interfaces_gif_edit.php e interfaces_gre_edit.php."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netgate:pfsense:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2.7.0",
"matchCriteriaId": "B58A09CC-355B-49BD-908B-ED3058794307"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netgate:pfsense_plus:*:*:*:*:*:*:*:*",
"versionEndIncluding": "23.05.1",
"matchCriteriaId": "D1309A70-521F-4F6C-8BE7-AE9460C039A6"
}
]
}
]
}
],
"references": [
{
"url": "https://docs.netgate.com/downloads/pfSense-SA-23_10.webgui.asc",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
}
]
}

64
CVE-2023/CVE-2023-439xx/CVE-2023-43900.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-43900",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-11-14T05:15:08.700",
"lastModified": "2023-11-14T15:15:50.200",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-17T19:36:27.767",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,11 +14,67 @@
"value": "Insecure Direct Object References (IDOR) en EMSigner v2.8.7 permiten a los atacantes obtener acceso no autorizado al contenido de la aplicaci\u00f3n y ver datos confidenciales de otros usuarios mediante la manipulaci\u00f3n de los par\u00e1metros documentID y EncryptedDocumentId."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-639"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:emsigner:emsigner:2.8.7:*:*:*:*:*:*:*",
"matchCriteriaId": "9679E6A5-A376-4D47-A0D8-4F8A4C11694E"
}
]
}
]
}
],
"references": [
{
"url": "https://secpro.llc/emsigner-cve-3/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

22
CVE-2023/CVE-2023-461xx/CVE-2023-46129.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-46129",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-10-31T00:15:09.933",
"lastModified": "2023-11-08T19:01:15.567",
"lastModified": "2023-11-17T19:33:33.457",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -84,24 +84,16 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nats:nats_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.10.0",
"versionEndExcluding": "2.10.4",
"matchCriteriaId": "AC5698E9-BF06-46C5-BC69-A9729B096782"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
"matchCriteriaId": "BBB8F9C2-3395-4D22-BA0C-8462D6E076A6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nats:nkeys:*:*:*:*:*:*:*:*",
"versionEndExcluding": "0.4.6.",
"matchCriteriaId": "6D496EEC-9F47-45E6-BEA4-24EB4FD50F6A"
"versionStartIncluding": "0.4.0",
"versionEndExcluding": "0.4.6",
"matchCriteriaId": "EBAF8F73-D62A-4371-916F-0296A4B975B5"
}
]
}

87
CVE-2023/CVE-2023-471xx/CVE-2023-47120.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-47120",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-11-10T16:15:33.473",
"lastModified": "2023-11-13T03:16:20.870",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-17T20:29:04.170",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Discourse is an open source platform for community discussion. In versions 3.1.0 through 3.1.2 of the `stable` branch and versions 3.1.0,beta6 through 3.2.0.beta2 of the `beta` and `tests-passed` branches, Redis memory can be depleted by crafting a site with an abnormally long favicon URL and drafting multiple posts which Onebox it. The issue is patched in version 3.1.3 of the `stable` branch and version 3.2.0.beta3 of the `beta` and `tests-passed` branches. There are no known workarounds."
},
{
"lang": "es",
"value": "Discourse es una plataforma de c\u00f3digo abierto para el debate comunitario. En las versiones 3.1.0 a 3.1.2 de la rama \"stable\" y en las versiones 3.1.0, beta6 a 3.2.0.beta2 de las ramas \"beta\" y \"tests-passed\", la memoria de Redis se puede agotar al crear un sitio con una URL de favicon anormalmente larga y redactando m\u00faltiples publicaciones en Onebox. El problema se solucion\u00f3 en la versi\u00f3n 3.1.3 de la rama \"stable\" y en la versi\u00f3n 3.2.0.beta3 de las ramas \"beta\" y \"tests-passed\". No se conocen workarounds."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,18 +70,71 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:discourse:discourse:*:*:*:*:stable:*:*:*",
"versionStartIncluding": "3.1.0",
"versionEndExcluding": "3.1.3",
"matchCriteriaId": "50504A87-E983-44B1-9148-91A3F5851F6A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:discourse:discourse:3.1.0:beta6:*:*:beta:*:*:*",
"matchCriteriaId": "9D797DA5-1AE5-4D49-B133-AF45D7FB0A4A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:discourse:discourse:3.1.0:beta7:*:*:beta:*:*:*",
"matchCriteriaId": "4C868514-CFCE-4DA6-B15E-CB64CDF21609"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:discourse:discourse:3.1.0:beta8:*:*:beta:*:*:*",
"matchCriteriaId": "755DE44D-B1C7-4434-824F-5544BE6DD1CA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:discourse:discourse:3.2.0:beta1:*:*:beta:*:*:*",
"matchCriteriaId": "1BFF647B-6CEF-43BF-BF5E-C82B557F78E2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:discourse:discourse:3.2.0:beta2:*:*:beta:*:*:*",
"matchCriteriaId": "10D931DE-F8F5-4A34-A30A-FDD4420ABD1A"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/discourse/discourse/commit/95a82d608d6377faf68a0e2c5d9640b043557852",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/discourse/discourse/commit/e910dd09140cb4abc3a563b95af4a137ca7fa0ce",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/discourse/discourse/security/advisories/GHSA-77cw-xhj8-hfp3",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
}
]
}

77
CVE-2023/CVE-2023-471xx/CVE-2023-47121.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-47121",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-11-10T16:15:33.663",
"lastModified": "2023-11-13T03:16:20.870",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-11-17T20:20:26.137",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Discourse is an open source platform for community discussion. Prior to version 3.1.3 of the `stable` branch and version 3.2.0.beta3 of the `beta` and `tests-passed` branches, the embedding feature is susceptible to server side request forgery. The issue is patched in version 3.1.3 of the `stable` branch and version 3.2.0.beta3 of the `beta` and `tests-passed` branches. As a workaround, disable the Embedding feature."
},
{
"lang": "es",
"value": "Discourse es una plataforma de c\u00f3digo abierto para el debate comunitario. Antes de la versi\u00f3n 3.1.3 de la rama `stable` y la versi\u00f3n 3.2.0.beta3 de las ramas `beta` y `tests-passed`, la caracter\u00edstica de incrustaci\u00f3n es susceptible a Server-Side Request Forgery. El problema se solucion\u00f3 en la versi\u00f3n 3.1.3 de la rama \"stable\" y en la versi\u00f3n 3.2.0.beta3 de las ramas \"beta\" y \"tests-passed\". Como workaround, desactive la funci\u00f3n Embedding."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -46,18 +70,61 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:discourse:discourse:*:*:*:*:stable:*:*:*",
"versionEndExcluding": "3.1.3",
"matchCriteriaId": "8E31336C-750D-4039-A89F-FF602B59098C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:discourse:discourse:*:*:*:*:beta:*:*:*",
"versionEndExcluding": "3.2.0",
"matchCriteriaId": "E10444D1-B4E6-4EA7-A56E-95BD0FA3E39D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:discourse:discourse:3.2.0:beta1:*:*:beta:*:*:*",
"matchCriteriaId": "1BFF647B-6CEF-43BF-BF5E-C82B557F78E2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:discourse:discourse:3.2.0:beta2:*:*:beta:*:*:*",
"matchCriteriaId": "10D931DE-F8F5-4A34-A30A-FDD4420ABD1A"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/discourse/discourse/commit/24cca10da731734af4e9748de99a508d586e59f1",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/discourse/discourse/commit/5f20748e402223b265e6fee381472c14e2604da6",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/discourse/discourse/security/advisories/GHSA-hp24-94qf-8cgc",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
}
]
}

63
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-11-17T19:00:49.754887+00:00
2023-11-17T21:00:25.652570+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-11-17T18:56:01.750000+00:00
2023-11-17T20:29:04.170000+00:00
```
### Last Data Feed Release
@ -34,44 +34,39 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### CVEs added in the last Commit
Recently added CVEs: `5`
Recently added CVEs: `0`
* [CVE-2023-48024](CVE-2023/CVE-2023-480xx/CVE-2023-48024.json) (`2023-11-17T17:15:07.893`)
* [CVE-2023-48025](CVE-2023/CVE-2023-480xx/CVE-2023-48025.json) (`2023-11-17T17:15:07.970`)
* [CVE-2023-6179](CVE-2023/CVE-2023-61xx/CVE-2023-6179.json) (`2023-11-17T17:15:08.047`)
* [CVE-2023-48185](CVE-2023/CVE-2023-481xx/CVE-2023-48185.json) (`2023-11-17T18:15:07.080`)
* [CVE-2023-6188](CVE-2023/CVE-2023-61xx/CVE-2023-6188.json) (`2023-11-17T18:15:07.150`)
### CVEs modified in the last Commit
Recently modified CVEs: `60`
Recently modified CVEs: `42`
* [CVE-2023-44351](CVE-2023/CVE-2023-443xx/CVE-2023-44351.json) (`2023-11-17T17:28:23.383`)
* [CVE-2023-44352](CVE-2023/CVE-2023-443xx/CVE-2023-44352.json) (`2023-11-17T17:28:23.383`)
* [CVE-2023-44353](CVE-2023/CVE-2023-443xx/CVE-2023-44353.json) (`2023-11-17T17:28:23.383`)
* [CVE-2023-44355](CVE-2023/CVE-2023-443xx/CVE-2023-44355.json) (`2023-11-17T17:28:23.383`)
* [CVE-2023-24585](CVE-2023/CVE-2023-245xx/CVE-2023-24585.json) (`2023-11-17T17:34:54.507`)
* [CVE-2023-4612](CVE-2023/CVE-2023-46xx/CVE-2023-4612.json) (`2023-11-17T17:42:18.630`)
* [CVE-2023-47248](CVE-2023/CVE-2023-472xx/CVE-2023-47248.json) (`2023-11-17T17:44:01.637`)
* [CVE-2023-46492](CVE-2023/CVE-2023-464xx/CVE-2023-46492.json) (`2023-11-17T17:44:15.153`)
* [CVE-2023-26156](CVE-2023/CVE-2023-261xx/CVE-2023-26156.json) (`2023-11-17T17:46:38.143`)
* [CVE-2023-6128](CVE-2023/CVE-2023-61xx/CVE-2023-6128.json) (`2023-11-17T17:46:55.197`)
* [CVE-2023-45881](CVE-2023/CVE-2023-458xx/CVE-2023-45881.json) (`2023-11-17T17:50:31.970`)
* [CVE-2023-31247](CVE-2023/CVE-2023-312xx/CVE-2023-31247.json) (`2023-11-17T17:58:25.877`)
* [CVE-2023-6127](CVE-2023/CVE-2023-61xx/CVE-2023-6127.json) (`2023-11-17T17:58:50.183`)
* [CVE-2023-6126](CVE-2023/CVE-2023-61xx/CVE-2023-6126.json) (`2023-11-17T17:59:32.487`)
* [CVE-2023-45806](CVE-2023/CVE-2023-458xx/CVE-2023-45806.json) (`2023-11-17T18:03:00.167`)
* [CVE-2023-6125](CVE-2023/CVE-2023-61xx/CVE-2023-6125.json) (`2023-11-17T18:06:25.417`)
* [CVE-2023-30586](CVE-2023/CVE-2023-305xx/CVE-2023-30586.json) (`2023-11-17T18:10:10.547`)
* [CVE-2023-6124](CVE-2023/CVE-2023-61xx/CVE-2023-6124.json) (`2023-11-17T18:11:01.837`)
* [CVE-2023-45880](CVE-2023/CVE-2023-458xx/CVE-2023-45880.json) (`2023-11-17T18:13:45.687`)
* [CVE-2023-45879](CVE-2023/CVE-2023-458xx/CVE-2023-45879.json) (`2023-11-17T18:16:24.130`)
* [CVE-2023-28391](CVE-2023/CVE-2023-283xx/CVE-2023-28391.json) (`2023-11-17T18:25:39.223`)
* [CVE-2023-23684](CVE-2023/CVE-2023-236xx/CVE-2023-23684.json) (`2023-11-17T18:28:56.910`)
* [CVE-2023-32258](CVE-2023/CVE-2023-322xx/CVE-2023-32258.json) (`2023-11-17T18:29:58.827`)
* [CVE-2023-38427](CVE-2023/CVE-2023-384xx/CVE-2023-38427.json) (`2023-11-17T18:55:13.147`)
* [CVE-2023-5217](CVE-2023/CVE-2023-52xx/CVE-2023-5217.json) (`2023-11-17T18:56:01.750`)
* [CVE-2022-39318](CVE-2022/CVE-2022-393xx/CVE-2022-39318.json) (`2023-11-17T19:15:08.413`)
* [CVE-2022-39319](CVE-2022/CVE-2022-393xx/CVE-2022-39319.json) (`2023-11-17T19:15:08.520`)
* [CVE-2022-39347](CVE-2022/CVE-2022-393xx/CVE-2022-39347.json) (`2023-11-17T19:15:08.620`)
* [CVE-2022-41877](CVE-2022/CVE-2022-418xx/CVE-2022-41877.json) (`2023-11-17T19:15:08.720`)
* [CVE-2023-39332](CVE-2023/CVE-2023-393xx/CVE-2023-39332.json) (`2023-11-17T19:08:58.170`)
* [CVE-2023-28167](CVE-2023/CVE-2023-281xx/CVE-2023-28167.json) (`2023-11-17T19:09:26.160`)
* [CVE-2023-39331](CVE-2023/CVE-2023-393xx/CVE-2023-39331.json) (`2023-11-17T19:10:41.253`)
* [CVE-2023-28172](CVE-2023/CVE-2023-281xx/CVE-2023-28172.json) (`2023-11-17T19:11:32.103`)
* [CVE-2023-34540](CVE-2023/CVE-2023-345xx/CVE-2023-34540.json) (`2023-11-17T19:15:08.837`)
* [CVE-2023-36281](CVE-2023/CVE-2023-362xx/CVE-2023-36281.json) (`2023-11-17T19:15:08.907`)
* [CVE-2023-27632](CVE-2023/CVE-2023-276xx/CVE-2023-27632.json) (`2023-11-17T19:29:14.953`)
* [CVE-2023-27623](CVE-2023/CVE-2023-276xx/CVE-2023-27623.json) (`2023-11-17T19:31:03.830`)
* [CVE-2023-22809](CVE-2023/CVE-2023-228xx/CVE-2023-22809.json) (`2023-11-17T19:32:56.817`)
* [CVE-2023-28200](CVE-2023/CVE-2023-282xx/CVE-2023-28200.json) (`2023-11-17T19:33:06.590`)
* [CVE-2023-34241](CVE-2023/CVE-2023-342xx/CVE-2023-34241.json) (`2023-11-17T19:33:17.840`)
* [CVE-2023-46129](CVE-2023/CVE-2023-461xx/CVE-2023-46129.json) (`2023-11-17T19:33:33.457`)
* [CVE-2023-43900](CVE-2023/CVE-2023-439xx/CVE-2023-43900.json) (`2023-11-17T19:36:27.767`)
* [CVE-2023-42326](CVE-2023/CVE-2023-423xx/CVE-2023-42326.json) (`2023-11-17T19:36:50.410`)
* [CVE-2023-27611](CVE-2023/CVE-2023-276xx/CVE-2023-27611.json) (`2023-11-17T19:50:57.180`)
* [CVE-2023-27431](CVE-2023/CVE-2023-274xx/CVE-2023-27431.json) (`2023-11-17T20:05:40.023`)
* [CVE-2023-27417](CVE-2023/CVE-2023-274xx/CVE-2023-27417.json) (`2023-11-17T20:07:43.807`)
* [CVE-2023-27418](CVE-2023/CVE-2023-274xx/CVE-2023-27418.json) (`2023-11-17T20:08:27.913`)
* [CVE-2023-28134](CVE-2023/CVE-2023-281xx/CVE-2023-28134.json) (`2023-11-17T20:14:54.230`)
* [CVE-2023-47121](CVE-2023/CVE-2023-471xx/CVE-2023-47121.json) (`2023-11-17T20:20:26.137`)
* [CVE-2023-47120](CVE-2023/CVE-2023-471xx/CVE-2023-47120.json) (`2023-11-17T20:29:04.170`)
## Download and Usage