admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-19 17:31:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-08-04T18:00:34.940204+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-08-04 18:00:38 +00:00
parent aeef24096c
commit 937cc80b2d
94 changed files with 6165 additions and 431 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
CVE-2019/CVE-2019-195xx/CVE-2019-19527.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2019-19527", "id": "CVE-2019-19527",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2019-12-03T16:15:12.923", "published": "2019-12-03T16:15:12.923",
"lastModified": "2022-10-31T14:51:41.357", "lastModified": "2023-08-04T17:50:59.757",
"vulnStatus": "Analyzed", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
@ -85,8 +85,44 @@
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.6.30",
"versionEndExcluding": "3.16.79",
"matchCriteriaId": "3AEEAA39-CFA8-423A-B2E2-8AF5682ABD19"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.17",
"versionEndExcluding": "4.4.190",
"matchCriteriaId": "0021134F-70F8-44BA-903B-B5242147A70B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.5",
"versionEndExcluding": "4.9.190",
"matchCriteriaId": "69A6FA7E-FF16-4D80-BE22-56D666A2A9F7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.10",
"versionEndExcluding": "4.14.140",
"matchCriteriaId": "C6031BD8-0018-4615-8330-ACA53AD7E155"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.15",
"versionEndExcluding": "4.19.68",
"matchCriteriaId": "625E6E95-1E04-4F6B-9D81-AA534DE55A66"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.2.10", "versionEndExcluding": "5.2.10",
"matchCriteriaId": "B8FA3E85-636B-49C2-A20E-7B2542B4BA1A" "matchCriteriaId": "EF908210-F393-4715-8E59-F4A2A526C105"
} }
] ]
} }

69
CVE-2020/CVE-2020-109xx/CVE-2020-10962.json
View File

@ -2,23 +2,82 @@
"id": "CVE-2020-10962", "id": "CVE-2020-10962",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-08-01T02:15:09.687", "published": "2023-08-01T02:15:09.687",
"lastModified": "2023-08-01T12:55:38.437", "lastModified": "2023-08-04T16:05:31.783",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "In PowerShell App Deployment Toolkit (aka PSAppDeployToolkit) through 3.8.0, an incorrect access control vulnerability in the default configuration may allow an authenticated user to potentially enable escalation of privilege via local access." "value": "In PowerShell App Deployment Toolkit (aka PSAppDeployToolkit) through 3.8.0, an incorrect access control vulnerability in the default configuration may allow an authenticated user to potentially enable escalation of privilege via local access."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:psappdeploytoolkit:powershell_app_deployment_toolkit:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.8.0",
"matchCriteriaId": "558B3D55-C116-4416-9527-23E0FF25FC7D"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://discourse.psappdeploytoolkit.com/t/psappdeploytoolkit-3-8-2/2555", "url": "https://discourse.psappdeploytoolkit.com/t/psappdeploytoolkit-3-8-2/2555",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Release Notes"
]
}, },
{ {
"url": "https://github.com/PSAppDeployToolkit/PSAppDeployToolkit/releases", "url": "https://github.com/PSAppDeployToolkit/PSAppDeployToolkit/releases",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Release Notes"
]
} }
] ]
} }

12
CVE-2021/CVE-2021-312xx/CVE-2021-31294.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-31294", "id": "CVE-2021-31294",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-07-15T23:15:09.203", "published": "2023-07-15T23:15:09.203",
"lastModified": "2023-07-26T01:12:08.520", "lastModified": "2023-08-04T17:21:28.650",
"vulnStatus": "Analyzed", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
@ -17,19 +17,19 @@
"type": "Primary", "type": "Primary",
"cvssData": { "cvssData": {
"version": "3.1", "version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK", "attackVector": "NETWORK",
"attackComplexity": "LOW", "attackComplexity": "HIGH",
"privilegesRequired": "NONE", "privilegesRequired": "NONE",
"userInteraction": "NONE", "userInteraction": "NONE",
"scope": "UNCHANGED", "scope": "UNCHANGED",
"confidentialityImpact": "NONE", "confidentialityImpact": "NONE",
"integrityImpact": "NONE", "integrityImpact": "NONE",
"availabilityImpact": "HIGH", "availabilityImpact": "HIGH",
"baseScore": 7.5, "baseScore": 5.9,
"baseSeverity": "HIGH" "baseSeverity": "MEDIUM"
}, },
"exploitabilityScore": 3.9, "exploitabilityScore": 2.2,
"impactScore": 3.6 "impactScore": 3.6
} }
] ]

64
CVE-2021/CVE-2021-316xx/CVE-2021-31680.json
View File

@ -2,19 +2,75 @@
"id": "CVE-2021-31680", "id": "CVE-2021-31680",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-07-31T14:15:10.080", "published": "2023-07-31T14:15:10.080",
"lastModified": "2023-07-31T14:45:51.850", "lastModified": "2023-08-04T16:04:06.750",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Deserialization of Untrusted Data vulnerability in yolo 5 allows attackers to execute arbitrary code via crafted yaml file." "value": "Deserialization of Untrusted Data vulnerability in yolo 5 allows attackers to execute arbitrary code via crafted yaml file."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-502"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ultralytics:yolov5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "372937D6-960B-467C-B8FA-507B850D344F"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://huntr.dev/bounties/1-other-yolov5/", "url": "https://huntr.dev/bounties/1-other-yolov5/",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

41
CVE-2021/CVE-2021-34xx/CVE-2021-3450.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-3450", "id": "CVE-2021-3450",
"sourceIdentifier": "openssl-security@openssl.org", "sourceIdentifier": "openssl-security@openssl.org",
"published": "2021-03-25T15:15:13.560", "published": "2021-03-25T15:15:13.560",
"lastModified": "2023-02-28T15:19:30.533", "lastModified": "2023-08-04T17:06:26.407",
"vulnStatus": "Analyzed", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
@ -504,6 +504,45 @@
] ]
} }
] ]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*",
"versionStartIncluding": "10.0.0",
"versionEndExcluding": "10.24.1",
"matchCriteriaId": "5C547B5B-8C6D-49AF-90D4-2F6E2F7E512B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*",
"versionStartIncluding": "12.0.0",
"versionEndExcluding": "12.22.1",
"matchCriteriaId": "3469E4CF-1739-4BE4-B513-4DC771CD2805"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*",
"versionStartIncluding": "14.0.0",
"versionEndExcluding": "14.16.1",
"matchCriteriaId": "1D2CA9D6-98EE-44B7-9C9D-5A6B55BCA025"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*",
"versionStartIncluding": "15.0.0",
"versionEndExcluding": "15.14.0",
"matchCriteriaId": "3ED4D313-F372-4CC1-BE11-6BBA2F0E90E3"
}
]
}
]
} }
], ],
"references": [ "references": [

47
CVE-2021/CVE-2021-42xx/CVE-2021-4202.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-4202", "id": "CVE-2021-4202",
"sourceIdentifier": "secalert@redhat.com", "sourceIdentifier": "secalert@redhat.com",
"published": "2022-03-25T19:15:09.770", "published": "2022-03-25T19:15:09.770",
"lastModified": "2022-10-06T02:25:36.760", "lastModified": "2023-08-04T17:23:28.707",
"vulnStatus": "Analyzed", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
@ -103,18 +103,51 @@
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.16", "versionStartIncluding": "3.2",
"matchCriteriaId": "D692A2AE-8E9E-46AE-8670-7E1284317A25" "versionEndExcluding": "4.4.294",
"matchCriteriaId": "C0203844-754E-40C9-AFB3-678A9A9D2490"
}, },
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.16:-:*:*:*:*:*:*", "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FF588A58-013F-4DBF-A3AB-70EC054B1892" "versionStartIncluding": "4.5",
"versionEndExcluding": "4.9.292",
"matchCriteriaId": "DB7F6C04-42D3-48A3-892D-2487383B9B6E"
}, },
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.16:rc1:*:*:*:*:*:*", "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "357AA433-37E8-4323-BFB2-3038D6E4B414" "versionStartIncluding": "4.10",
"versionEndExcluding": "4.14.257",
"matchCriteriaId": "7080D941-9847-42F5-BA50-0A03CFB61FD1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.15",
"versionEndExcluding": "4.19.219",
"matchCriteriaId": "B9EF0575-6BF6-4AD9-B9A0-5C8D7D71710C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.163",
"matchCriteriaId": "80E8F086-C9B9-4987-8B2E-B4A16D1DA7BA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5.0",
"versionEndExcluding": "5.10.82",
"matchCriteriaId": "E93DC61F-3F49-4D65-B0DE-4B46B8990120"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.5",
"matchCriteriaId": "2128A085-4C0C-4C1E-9E9C-0DD868E2170F"
} }
] ]
} }

51
CVE-2022/CVE-2022-10xx/CVE-2022-1048.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-1048", "id": "CVE-2022-1048",
"sourceIdentifier": "secalert@redhat.com", "sourceIdentifier": "secalert@redhat.com",
"published": "2022-04-29T16:15:08.470", "published": "2022-04-29T16:15:08.470",
"lastModified": "2022-12-14T17:11:14.340", "lastModified": "2023-08-04T17:23:13.260",
"vulnStatus": "Analyzed", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
@ -100,48 +100,49 @@
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.17", "versionStartIncluding": "2.6.12",
"matchCriteriaId": "A37A8EE9-3F14-4C7A-A882-DA8A6AD1897C" "versionEndExcluding": "4.14.279",
"matchCriteriaId": "5E4D3CC3-B793-47B0-A9CC-76849B61DA2E"
}, },
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc1:*:*:*:*:*:*", "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7BD5F8D9-54FA-4CB0-B4F0-CB0471FDDB2D" "versionStartIncluding": "4.15",
"versionEndExcluding": "4.19.243",
"matchCriteriaId": "8577DA08-190B-481F-B919-ED3DAEA3E339"
}, },
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc2:*:*:*:*:*:*", "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E6E34B23-78B4-4516-9BD8-61B33F4AC49A" "versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.193",
"matchCriteriaId": "EA77E853-1F30-4942-8B6A-37B168460310"
}, },
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc3:*:*:*:*:*:*", "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C030FA3D-03F4-4FB9-9DBF-D08E5CAC51AA" "versionStartIncluding": "5.5",
"versionEndExcluding": "5.10.109",
"matchCriteriaId": "F3E1A428-8D87-4CD4-B9CA-C621B32933F8"
}, },
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc4:*:*:*:*:*:*", "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B2D2677C-5389-4AE9-869D-0F881E80D923" "versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.32",
"matchCriteriaId": "3191B916-53BD-46E6-AE21-58197D35768E"
}, },
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc5:*:*:*:*:*:*", "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EFA3917C-C322-4D92-912D-ECE45B2E7416" "versionStartIncluding": "5.16",
"versionEndExcluding": "5.16.18",
"matchCriteriaId": "C86410A0-E312-4F41-93E9-929EAFB31757"
}, },
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc6:*:*:*:*:*:*", "criteria": "cpe:2.3:o:linux:linux_kernel:5.17:-:*:*:*:*:*:*",
"matchCriteriaId": "BED18363-5ABC-4639-8BBA-68E771E5BB3F" "matchCriteriaId": "A59F7FD3-F505-48BD-8875-F07A33F42F6C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc7:*:*:*:*:*:*",
"matchCriteriaId": "7F635F96-FA0A-4769-ADE8-232B3AC9116D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc8:*:*:*:*:*:*",
"matchCriteriaId": "FD39FE73-2A9D-4C92-AE7A-CA22F84B228D"
} }
] ]
} }

21
CVE-2022/CVE-2022-16xx/CVE-2022-1651.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-1651", "id": "CVE-2022-1651",
"sourceIdentifier": "secalert@redhat.com", "sourceIdentifier": "secalert@redhat.com",
"published": "2022-07-26T17:15:08.543", "published": "2022-07-26T17:15:08.543",
"lastModified": "2022-09-04T19:22:00.993", "lastModified": "2023-08-04T17:52:41.997",
"vulnStatus": "Analyzed", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
@ -70,8 +70,23 @@
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndIncluding": "5.17.14", "versionStartIncluding": "5.12",
"matchCriteriaId": "3D3A8707-E93D-4072-839F-EB77EEC3695E" "versionEndExcluding": "5.15.33",
"matchCriteriaId": "02AF1052-DC50-47B3-B1DE-638E4BBDCCD1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "5.16.19",
"matchCriteriaId": "20C43679-0439-405A-B97F-685BEE50613B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.17",
"versionEndExcluding": "5.17.2",
"matchCriteriaId": "210C679C-CF84-44A3-8939-E629C87E54BF"
} }
] ]
} }

21
CVE-2022/CVE-2022-16xx/CVE-2022-1671.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-1671", "id": "CVE-2022-1671",
"sourceIdentifier": "secalert@redhat.com", "sourceIdentifier": "secalert@redhat.com",
"published": "2022-07-26T17:15:08.683", "published": "2022-07-26T17:15:08.683",
"lastModified": "2022-09-04T19:22:07.313", "lastModified": "2023-08-04T17:52:35.223",
"vulnStatus": "Analyzed", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
@ -71,8 +71,23 @@
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndIncluding": "5.17.14", "versionStartIncluding": "5.11",
"matchCriteriaId": "3D3A8707-E93D-4072-839F-EB77EEC3695E" "versionEndExcluding": "5.15.33",
"matchCriteriaId": "27C42AE8-B387-43E2-938A-E1C8B40BE6D5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "5.16.19",
"matchCriteriaId": "20C43679-0439-405A-B97F-685BEE50613B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.17",
"versionEndExcluding": "5.17.2",
"matchCriteriaId": "210C679C-CF84-44A3-8939-E629C87E54BF"
} }
] ]
} }

109
CVE-2022/CVE-2022-17xx/CVE-2022-1729.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-1729", "id": "CVE-2022-1729",
"sourceIdentifier": "secalert@redhat.com", "sourceIdentifier": "secalert@redhat.com",
"published": "2022-09-01T21:15:09.057", "published": "2022-09-01T21:15:09.057",
"lastModified": "2023-02-14T13:15:10.667", "lastModified": "2023-08-04T17:41:03.083",
"vulnStatus": "Modified", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -69,8 +69,103 @@
"cpeMatch": [ "cpeMatch": [
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.18:rc9:*:*:*:*:*:*", "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9C3E5BC9-613C-4362-BF02-153A5BBFFB2F" "versionStartIncluding": "3.2.85",
"versionEndExcluding": "3.3",
"matchCriteriaId": "27D80EB8-EA85-4256-A8F6-CDFA2F92AE24"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.16.40",
"versionEndExcluding": "3.17",
"matchCriteriaId": "DF2842FE-71A6-4182-B132-2372CFC813B1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "3.18.54",
"versionEndExcluding": "3.19",
"matchCriteriaId": "B97594C8-AC35-4DF4-82DF-5BF2BCAAA0CE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.0.0",
"versionEndExcluding": "4.9.316",
"matchCriteriaId": "3E7CEE4C-AE63-4AF4-BE72-1CED351886A3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.10",
"versionEndExcluding": "4.14.281",
"matchCriteriaId": "EBB1A3B4-E46A-4454-A428-85CC0AC925F6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.15",
"versionEndExcluding": "4.19.245",
"matchCriteriaId": "239757EB-B2DF-4DD4-8EEE-97141186DA12"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.196",
"matchCriteriaId": "87FC1554-2185-4ED6-BF1C-293AA14FFC32"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5.0",
"versionEndExcluding": "5.10.118",
"matchCriteriaId": "0938CFCC-E5F1-4DA3-B727-F2215F6C6BBA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.42",
"matchCriteriaId": "555641B6-5319-4C13-9CC9-50B1CCF9E816"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "5.17.10",
"matchCriteriaId": "6D0772F5-6B38-4D6C-B29E-A04E7CC5CB9F"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:hci_baseboard_management_controller:h300s:*:*:*:*:*:*:*",
"matchCriteriaId": "27227B35-932A-4035-B39F-6A455753C0D6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:hci_baseboard_management_controller:h410s:*:*:*:*:*:*:*",
"matchCriteriaId": "A4AD592C-222D-4C6F-B176-8145A1A5AFEC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:hci_baseboard_management_controller:h500s:*:*:*:*:*:*:*",
"matchCriteriaId": "8603654B-A8A9-4DEB-B0DD-C82E1C885749"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:hci_baseboard_management_controller:h700s:*:*:*:*:*:*:*",
"matchCriteriaId": "C855C933-F271-45E6-8E85-8D7CF2EF1BE6"
} }
] ]
} }
@ -89,7 +184,11 @@
}, },
{ {
"url": "https://security.netapp.com/advisory/ntap-20230214-0006/", "url": "https://security.netapp.com/advisory/ntap-20230214-0006/",
"source": "secalert@redhat.com" "source": "secalert@redhat.com",
"tags": [
"Patch",
"Third Party Advisory"
]
}, },
{ {
"url": "https://www.openwall.com/lists/oss-security/2022/05/20/2", "url": "https://www.openwall.com/lists/oss-security/2022/05/20/2",

21
CVE-2022/CVE-2022-19xx/CVE-2022-1973.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-1973", "id": "CVE-2022-1973",
"sourceIdentifier": "secalert@redhat.com", "sourceIdentifier": "secalert@redhat.com",
"published": "2022-08-05T17:15:08.143", "published": "2022-08-05T17:15:08.143",
"lastModified": "2023-02-28T15:40:31.843", "lastModified": "2023-08-04T17:51:55.750",
"vulnStatus": "Analyzed", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
@ -71,8 +71,23 @@
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.19", "versionStartIncluding": "5.15",
"matchCriteriaId": "E74E9AF8-BDF5-4917-A9CA-0AAD8E13149B" "versionEndExcluding": "5.15.46",
"matchCriteriaId": "FA8369C7-8B08-4709-9CE6-2131C7668313"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "5.17.14",
"matchCriteriaId": "15E2DD33-2255-4B76-9C15-04FF8CBAB252"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.18",
"versionEndExcluding": "5.18.3",
"matchCriteriaId": "8E122216-2E9E-4B3E-B7B8-D575A45BA3C2"
} }
] ]
} }

55
CVE-2022/CVE-2022-32xx/CVE-2022-3202.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-3202", "id": "CVE-2022-3202",
"sourceIdentifier": "secalert@redhat.com", "sourceIdentifier": "secalert@redhat.com",
"published": "2022-09-14T15:15:11.453", "published": "2022-09-14T15:15:11.453",
"lastModified": "2023-02-28T18:34:00.963", "lastModified": "2023-08-04T17:51:33.047",
"vulnStatus": "Analyzed", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
@ -71,8 +71,57 @@
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.18", "versionStartExcluding": "4.9.311",
"matchCriteriaId": "FE93544F-B946-47CF-9697-FBF3484FCB92" "matchCriteriaId": "01AFDDE4-3F69-4F96-B5CA-97FA4554F47A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.10",
"versionEndExcluding": "4.14.276",
"matchCriteriaId": "6D9B028C-6313-47F9-94B7-5F8122345E49"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.15",
"versionEndExcluding": "4.19.238",
"matchCriteriaId": "FA28527A-11D3-41D2-9C4C-ECAC0D6A4A2D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.189",
"matchCriteriaId": "8CB6E8F5-C2B1-46F3-A807-0F6104AC340F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5.0",
"versionEndExcluding": "5.10.111",
"matchCriteriaId": "5E136AD1-4E28-47A9-8929-2CA0706EC73D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.34",
"matchCriteriaId": "D25878D3-7761-4E9F-8919-E92CD53896E0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "5.16.20",
"matchCriteriaId": "ABBBA66E-0244-4621-966B-9790AF1EEB00"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.17",
"versionEndExcluding": "5.17.3",
"matchCriteriaId": "AE420AC7-1E59-4398-B84F-71F4B4337762"
} }
] ]
} }

50
CVE-2022/CVE-2022-35xx/CVE-2022-3564.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-3564", "id": "CVE-2022-3564",
"sourceIdentifier": "cna@vuldb.com", "sourceIdentifier": "cna@vuldb.com",
"published": "2022-10-17T19:15:10.187", "published": "2022-10-17T19:15:10.187",
"lastModified": "2023-07-21T21:03:17.817", "lastModified": "2023-08-04T17:50:31.613",
"vulnStatus": "Analyzed", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
@ -94,8 +94,52 @@
"cpeMatch": [ "cpeMatch": [
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1" "versionStartIncluding": "3.6",
"versionEndExcluding": "4.9.333",
"matchCriteriaId": "CB09C3FF-8088-42BF-A847-8DF13DFB42C0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.10",
"versionEndExcluding": "4.14.299",
"matchCriteriaId": "2FE9A829-20E8-4929-AE9B-02761322A926"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.15",
"versionEndExcluding": "4.19.265",
"matchCriteriaId": "ABED5D97-9B16-4CF6-86E3-D5F5C4358E35"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.224",
"matchCriteriaId": "1D67A077-EB45-4ADE-94CD-F9A76F6C319C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5.0",
"versionEndExcluding": "5.10.154",
"matchCriteriaId": "2F3AD8A5-165D-4137-8B80-A166430D794C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.78",
"matchCriteriaId": "AB8B27B9-B41B-42D5-AE67-0A89A8A8EEB1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.0.8",
"matchCriteriaId": "EC9A754E-625D-42F3-87A7-960D643E2867"
} }
] ]
} }

28
CVE-2022/CVE-2022-414xx/CVE-2022-41401.json Normal file
View File

@ -0,0 +1,28 @@
{
"id": "CVE-2022-41401",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-04T17:15:09.583",
"lastModified": "2023-08-04T17:15:09.583",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "OpenRefine <= v3.5.2 contains a Server-Side Request Forgery (SSRF) vulnerability, which permits unauthorized users to exploit the system, potentially leading to unauthorized access to internal resources and sensitive file disclosure."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/OpenRefine/OpenRefine/blob/30d6edb7b6586623bda09456c797c35983fb80ff/main/tests/server/src/com/google/refine/importing/ImportingUtilitiesTests.java#L180",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/OpenRefine/OpenRefine/blob/cb55cdfdf6f9ca916839778dc847cce803688998/main/src/com/google/refine/importing/ImportingUtilities.java#L103",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/ixSly/CVE-2022-41401",
"source": "cve@mitre.org"
}
]
}

61
CVE-2022/CVE-2022-418xx/CVE-2022-41858.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-41858", "id": "CVE-2022-41858",
"sourceIdentifier": "secalert@redhat.com", "sourceIdentifier": "secalert@redhat.com",
"published": "2023-01-17T18:15:11.140", "published": "2023-01-17T18:15:11.140",
"lastModified": "2023-06-27T15:14:40.373", "lastModified": "2023-08-04T17:43:44.517",
"vulnStatus": "Analyzed", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
@ -66,81 +66,50 @@
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.6.12.1", "versionStartExcluding": "4.9.311",
"versionEndExcluding": "4.9.311", "matchCriteriaId": "01AFDDE4-3F69-4F96-B5CA-97FA4554F47A"
"matchCriteriaId": "1B1D4B25-439B-4B58-9DCD-5EFCCA3B3044"
}, },
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.14.0", "versionStartIncluding": "4.10",
"versionEndExcluding": "4.14.276", "versionEndExcluding": "4.14.276",
"matchCriteriaId": "96C58C8B-5A45-438A-9404-355E1BDC721B" "matchCriteriaId": "6D9B028C-6313-47F9-94B7-5F8122345E49"
}, },
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.19.0", "versionStartIncluding": "4.15",
"versionEndExcluding": "4.19.239", "versionEndExcluding": "4.19.239",
"matchCriteriaId": "54574198-19C7-4027-808B-59EAED63DA16" "matchCriteriaId": "712D9B45-4B53-4563-94B5-F758AFBBFB0D"
}, },
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.4.0", "versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.190", "versionEndExcluding": "5.4.190",
"matchCriteriaId": "0C6AE903-5265-4FC0-9341-D962BD3821C4" "matchCriteriaId": "E0ADBA6D-47D8-4518-8D10-9B9196DE680B"
}, },
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.10.0", "versionStartIncluding": "5.5.0",
"versionEndExcluding": "5.10.112", "versionEndExcluding": "5.10.112",
"matchCriteriaId": "195C1389-A37F-4A44-AEA6-3EBBE89D363F" "matchCriteriaId": "40432B48-1E9D-48AE-9C76-22177FC744F8"
}, },
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.15.0", "versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.35", "versionEndExcluding": "5.15.35",
"matchCriteriaId": "E1379333-FB4C-49F1-AEC6-D395BB10C397" "matchCriteriaId": "05ABCC3F-88A9-47F9-9D40-8665747B2E43"
}, },
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.17.0", "versionStartIncluding": "5.16",
"versionEndExcluding": "5.17.4", "versionEndExcluding": "5.17.4",
"matchCriteriaId": "F4190EB3-39F4-4DFA-A11A-DE283D1BF94D" "matchCriteriaId": "E22C86CB-06CD-4D16-AB2A-F21EE8199262"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12:-:*:*:*:*:*:*",
"matchCriteriaId": "6F62EECE-8FB1-4D57-85D8-CB9E23CF313C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12:rc3:*:*:*:*:*:*",
"matchCriteriaId": "0AB349B2-3F78-4197-882B-90ADB3BF645A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12:rc4:*:*:*:*:*:*",
"matchCriteriaId": "6AC88830-A9BC-4607-B572-A4B502FC9FD0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12:rc5:*:*:*:*:*:*",
"matchCriteriaId": "476CB3A5-D022-4F13-AAEF-CB6A5785516A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:2.6.12:rc6:*:*:*:*:*:*",
"matchCriteriaId": "8CFD5CDD-1709-44C7-82BD-BAFDC46990D6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:5.18:rc1:*:*:*:*:*:*",
"matchCriteriaId": "6AD94161-84BB-42E6-9882-4FC0C42E9FC1"
} }
] ]
} }

71
CVE-2022/CVE-2022-421xx/CVE-2022-42182.json
View File

@ -2,23 +2,84 @@
"id": "CVE-2022-42182", "id": "CVE-2022-42182",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-07-31T20:15:09.993", "published": "2023-07-31T20:15:09.993",
"lastModified": "2023-08-01T12:55:38.437", "lastModified": "2023-08-04T17:00:17.837",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Precisely Spectrum Spatial Analyst 20.01 is vulnerable to Directory Traversal." "value": "Precisely Spectrum Spatial Analyst 20.01 is vulnerable to Directory Traversal."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:precisely:spectrum_spatial_analyst:20.01:*:*:*:*:*:*:*",
"matchCriteriaId": "72FC3CD5-1AE4-4592-BB97-5F1B76665DFA"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://docs.precisely.com/docs/sftw/spectrum/release-notes/spectrum-2020-1-S56-release-notes.pdf", "url": "https://docs.precisely.com/docs/sftw/spectrum/release-notes/spectrum-2020-1-S56-release-notes.pdf",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Patch",
"Release Notes",
"Vendor Advisory"
]
}, },
{ {
"url": "https://zxsecurity.co.nz/research/advisories/precisely-spectrum-spatial-analyst-20-1", "url": "https://zxsecurity.co.nz/research/advisories/precisely-spectrum-spatial-analyst-20-1",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

71
CVE-2022/CVE-2022-421xx/CVE-2022-42183.json
View File

@ -2,23 +2,84 @@
"id": "CVE-2022-42183", "id": "CVE-2022-42183",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-07-31T20:15:10.050", "published": "2023-07-31T20:15:10.050",
"lastModified": "2023-08-01T12:55:38.437", "lastModified": "2023-08-04T16:58:54.250",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Precisely Spectrum Spatial Analyst 20.01 is vulnerable to Server-Side Request Forgery (SSRF)." "value": "Precisely Spectrum Spatial Analyst 20.01 is vulnerable to Server-Side Request Forgery (SSRF)."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-918"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:precisely:spectrum_spatial_analyst:20.01:*:*:*:*:*:*:*",
"matchCriteriaId": "72FC3CD5-1AE4-4592-BB97-5F1B76665DFA"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://docs.precisely.com/docs/sftw/spectrum/release-notes/spectrum-2020-1-S56-release-notes.pdf", "url": "https://docs.precisely.com/docs/sftw/spectrum/release-notes/spectrum-2020-1-S56-release-notes.pdf",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Patch",
"Release Notes",
"Vendor Advisory"
]
}, },
{ {
"url": "https://zxsecurity.co.nz/research/advisories/precisely-spectrum-spatial-analyst-20-1", "url": "https://zxsecurity.co.nz/research/advisories/precisely-spectrum-spatial-analyst-20-1",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

70
CVE-2022/CVE-2022-437xx/CVE-2022-43710.json
View File

@ -2,23 +2,83 @@
"id": "CVE-2022-43710", "id": "CVE-2022-43710",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-07-26T14:15:09.767", "published": "2023-07-26T14:15:09.767",
"lastModified": "2023-07-26T19:28:30.213", "lastModified": "2023-08-04T16:05:41.757",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Interactive Forms (IAF) in GX Software XperienCentral versions 10.31.0 until 10.33.0 was vulnerable to cross site request forgery (CSRF) because the unique token could be deduced using the names of all input fields." "value": "Interactive Forms (IAF) in GX Software XperienCentral versions 10.31.0 until 10.33.0 was vulnerable to cross site request forgery (CSRF) because the unique token could be deduced using the names of all input fields."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gxsoftware:xperiencentral:*:*:*:*:*:*:*:*",
"versionStartIncluding": "10.31.0",
"versionEndIncluding": "10.33.0",
"matchCriteriaId": "58F3521E-8CE1-49F8-A78D-BECAAC6D2735"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://service.gxsoftware.com", "url": "https://service.gxsoftware.com",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Product"
]
}, },
{ {
"url": "https://service.gxsoftware.com/hc/nl/articles/12208173122461", "url": "https://service.gxsoftware.com/hc/nl/articles/12208173122461",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

19
CVE-2022/CVE-2022-475xx/CVE-2022-47520.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-47520", "id": "CVE-2022-47520",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2022-12-18T06:15:09.473", "published": "2022-12-18T06:15:09.473",
"lastModified": "2023-01-30T15:23:18.743", "lastModified": "2023-08-04T17:27:24.977",
"vulnStatus": "Analyzed", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
@ -57,8 +57,23 @@
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.2.0",
"versionEndExcluding": "5.10.157",
"matchCriteriaId": "42A18971-026A-4C71-89F4-9489512D2682"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.81",
"matchCriteriaId": "899FBA32-27B2-4660-BC94-C43ED4349EB5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.0.11", "versionEndExcluding": "6.0.11",
"matchCriteriaId": "250F7A1B-7491-4CCA-BD47-B4E4FD26603E" "matchCriteriaId": "BA01D181-8E71-42E1-ACF4-7A5B65006EC8"
} }
] ]
} }

107
CVE-2022/CVE-2022-48xx/CVE-2022-4888.json
View File

@ -2,15 +2,38 @@
"id": "CVE-2022-4888", "id": "CVE-2022-4888",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-07-31T10:15:09.987", "published": "2023-07-31T10:15:09.987",
"lastModified": "2023-07-31T12:54:46.757", "lastModified": "2023-08-04T17:26:22.617",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "The Checkout Fields Manager WordPress plugin before 1.0.2, Abandoned Cart Recovery WordPress plugin before 1.2.5, Custom Fields for WooCommerce WordPress plugin before 1.0.4, Custom Order Number WordPress plugin through 1.0.1, Custom Registration Forms Builder WordPress plugin before 1.0.2, Advanced Free Gifts WordPress plugin before 1.0.2, Gift Registry for WooCommerce WordPress plugin through 1.0.1, Image Watermark for WooCommerce WordPress plugin before 1.0.1, Order Approval for WooCommerce WordPress plugin before 1.1.0, Order Tracking for WooCommerce WordPress plugin before 1.0.2, Price Calculator for WooCommerce WordPress plugin through 1.0.3, Product Dynamic Pricing and Discounts WordPress plugin through 1.0.6, Product Labels and Stickers WordPress plugin through 1.0.1 have flawed CSRF checks in various places, which could allow attackers to make logged in users perform unwanted actions" "value": "The Checkout Fields Manager WordPress plugin before 1.0.2, Abandoned Cart Recovery WordPress plugin before 1.2.5, Custom Fields for WooCommerce WordPress plugin before 1.0.4, Custom Order Number WordPress plugin through 1.0.1, Custom Registration Forms Builder WordPress plugin before 1.0.2, Advanced Free Gifts WordPress plugin before 1.0.2, Gift Registry for WooCommerce WordPress plugin through 1.0.1, Image Watermark for WooCommerce WordPress plugin before 1.0.1, Order Approval for WooCommerce WordPress plugin before 1.1.0, Order Tracking for WooCommerce WordPress plugin before 1.0.2, Price Calculator for WooCommerce WordPress plugin through 1.0.3, Product Dynamic Pricing and Discounts WordPress plugin through 1.0.6, Product Labels and Stickers WordPress plugin through 1.0.1 have flawed CSRF checks in various places, which could allow attackers to make logged in users perform unwanted actions"
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [ "weaknesses": [
{ {
"source": "contact@wpscan.com", "source": "contact@wpscan.com",
@ -23,10 +46,86 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:addify:abandoned_cart_recovery:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.2.5",
"matchCriteriaId": "67EDBBB5-51FF-4F40-9355-D7EBE78BBF9B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:addify:advanced_free_gifts:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.0.2",
"matchCriteriaId": "F3763A9B-1C66-49D3-979F-A3A16DE10C63"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:addify:checkout_fields_manager:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.0.2",
"matchCriteriaId": "ACA5B16E-AAE2-42E2-93FC-647F7E4A98D3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:addify:custom_fields_for_woocommerce:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.0.4",
"matchCriteriaId": "43B53B59-1DDA-4EFB-9CCF-BC21FE907DF2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:addify:custom_order_number:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.0.1",
"matchCriteriaId": "05B7C68B-39B8-4B9F-817E-FE3AEB9E0C9F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:addify:custom_registration_forms_builder:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.0.2",
"matchCriteriaId": "4AC1EF7A-BA8B-41B7-A3BE-A9F2CF97CCF9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:addify:gift_registry_for_woocommerce:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.0.1",
"matchCriteriaId": "657F4DD3-05CD-4719-8C5E-9A2DA1A19205"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:addify:image_watermark_for_woocommerce:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.0.1",
"matchCriteriaId": "1FCB2222-3AFF-4CCB-BD7D-5625BDA50F8C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:addify:order_approval_for_woocommerce:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.1.0",
"matchCriteriaId": "2EE10F28-AEA0-40EA-B284-98C47EFFDADA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:addify:order_tracking_for_woocommerce:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.0.2",
"matchCriteriaId": "E40E2FCD-E650-4614-91FB-77AB395FC263"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://wpscan.com/vulnerability/2c2379d0-e373-4587-a747-429d7ee8f6cc", "url": "https://wpscan.com/vulnerability/2c2379d0-e373-4587-a747-429d7ee8f6cc",
"source": "contact@wpscan.com" "source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

63
CVE-2023/CVE-2023-205xx/CVE-2023-20583.json
View File

@ -2,19 +2,74 @@
"id": "CVE-2023-20583", "id": "CVE-2023-20583",
"sourceIdentifier": "psirt@amd.com", "sourceIdentifier": "psirt@amd.com",
"published": "2023-08-01T19:15:09.827", "published": "2023-08-01T19:15:09.827",
"lastModified": "2023-08-02T13:30:45.017", "lastModified": "2023-08-04T17:31:53.953",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "A potential power side-channel vulnerability in\nAMD processors may allow an authenticated attacker to monitor the CPU power\nconsumption as the data in a cache line changes over time potentially resulting\nin a leak of sensitive information.\n\n\n\n\n\n\n\n\n\n\n\n\n\n" "value": "A potential power side-channel vulnerability in\nAMD processors may allow an authenticated attacker to monitor the CPU power\nconsumption as the data in a cache line changes over time potentially resulting\nin a leak of sensitive information.\n\n\n\n\n\n\n\n\n\n\n\n\n\n"
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.0,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-203"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:h:amd:*:*:*:*:*:*:*:*:*",
"matchCriteriaId": "03EF4360-8E24-4018-A0F2-9E39F7590670"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7006", "url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7006",
"source": "psirt@amd.com" "source": "psirt@amd.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

64
CVE-2023/CVE-2023-225xx/CVE-2023-22595.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-22595", "id": "CVE-2023-22595",
"sourceIdentifier": "psirt@us.ibm.com", "sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-07-31T02:15:09.803", "published": "2023-07-31T02:15:09.803",
"lastModified": "2023-07-31T12:54:46.757", "lastModified": "2023-08-04T17:25:00.243",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{ {
"source": "psirt@us.ibm.com", "source": "psirt@us.ibm.com",
"type": "Secondary", "type": "Secondary",
@ -35,6 +55,16 @@
] ]
}, },
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{ {
"source": "psirt@us.ibm.com", "source": "psirt@us.ibm.com",
"type": "Secondary", "type": "Secondary",
@ -46,10 +76,38 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:b2b_advanced_communications:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.0",
"versionEndExcluding": "1.0.0.8",
"matchCriteriaId": "037F2AED-4261-45B0-99A0-E8E93AC7349D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:multi-enterprise_integration_gateway:1.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6D93A0F0-E1F8-41C8-9757-3313011C0E5D"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://www.ibm.com/support/pages/node/7014929", "url": "https://www.ibm.com/support/pages/node/7014929",
"source": "psirt@us.ibm.com" "source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
]
} }
] ]
} }

582
CVE-2023/CVE-2023-235xx/CVE-2023-23548.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-23548", "id": "CVE-2023-23548",
"sourceIdentifier": "security@checkmk.com", "sourceIdentifier": "security@checkmk.com",
"published": "2023-08-01T10:15:09.740", "published": "2023-08-01T10:15:09.740",
"lastModified": "2023-08-01T12:55:38.437", "lastModified": "2023-08-04T17:12:16.787",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{ {
"source": "security@checkmk.com", "source": "security@checkmk.com",
"type": "Secondary", "type": "Secondary",
@ -35,6 +55,16 @@
] ]
}, },
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{ {
"source": "security@checkmk.com", "source": "security@checkmk.com",
"type": "Secondary", "type": "Secondary",
@ -46,10 +76,556 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.6.0",
"matchCriteriaId": "8BD074DB-F207-487C-BC9A-B6E40BE2621B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "E5138E25-A5AF-495D-A713-B8BDACC133D8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:b1:*:*:*:*:*:*",
"matchCriteriaId": "7AE78B5E-2D00-462B-AC0E-5E68BC36ED1B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:b2:*:*:*:*:*:*",
"matchCriteriaId": "9D69AA9A-C6FF-4A9F-8B02-2F207C4150FD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:b3:*:*:*:*:*:*",
"matchCriteriaId": "452F359B-BCB5-46E0-A77A-383C3C2E2D60"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:b4:*:*:*:*:*:*",
"matchCriteriaId": "D9A66C28-A2BA-4091-AB4C-05CDB1D3777F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:b5:*:*:*:*:*:*",
"matchCriteriaId": "463A4A68-810B-4C20-A696-4F94DB20224B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:b6:*:*:*:*:*:*",
"matchCriteriaId": "F4459581-214F-423B-A29D-31C789FD7F1C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:b7:*:*:*:*:*:*",
"matchCriteriaId": "CC0CFABC-A53C-4FD3-A57A-CB72C87A034B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:b8:*:*:*:*:*:*",
"matchCriteriaId": "F96B08FA-8129-4880-86FE-47B08C2B6964"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:i1:*:*:*:*:*:*",
"matchCriteriaId": "CAEB960C-5A5E-4F7C-8588-3F6737AE5DCA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p1:*:*:*:*:*:*",
"matchCriteriaId": "3CB134CD-0746-47C8-BAB8-2AE9C083C4D2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p10:*:*:*:*:*:*",
"matchCriteriaId": "E4B5DDAA-F7B5-4BFD-836E-F7DA0FC7B0C3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p11:*:*:*:*:*:*",
"matchCriteriaId": "A4DA5440-F376-4952-ABCB-AC557C5944A9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p12:*:*:*:*:*:*",
"matchCriteriaId": "DB7DB93B-CDD2-4662-893B-6E36F9EDA7FF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p13:*:*:*:*:*:*",
"matchCriteriaId": "81DFD64A-FEFD-4EBA-B6EC-28D3F0EEC33B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p14:*:*:*:*:*:*",
"matchCriteriaId": "918ACC6A-2EE8-401F-B18A-94B8757B202E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p15:*:*:*:*:*:*",
"matchCriteriaId": "1B6AE143-5A29-4EE8-AF7D-5D495A2248D0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p16:*:*:*:*:*:*",
"matchCriteriaId": "9B678D96-5987-4423-A713-57812B896380"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p17:*:*:*:*:*:*",
"matchCriteriaId": "A16EA6BD-003D-416E-B6C7-EBE5AA4AC2B5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p18:*:*:*:*:*:*",
"matchCriteriaId": "7A016627-9BF2-4D25-AB97-172EAEC4C187"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p19:*:*:*:*:*:*",
"matchCriteriaId": "333FBE01-E5C1-4668-B50F-B64A34E799A8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p2:*:*:*:*:*:*",
"matchCriteriaId": "FE7C4821-74F2-442C-B51F-A52788FC61F4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p20:*:*:*:*:*:*",
"matchCriteriaId": "168E2F68-E3EA-407F-8DCE-BDB1F557FFFA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p21:*:*:*:*:*:*",
"matchCriteriaId": "D7A74CB5-CC6E-4166-B884-498F2CF1A33E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p22:*:*:*:*:*:*",
"matchCriteriaId": "42DCB139-5BBE-45F3-80F5-3A43D95A58BB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p23:*:*:*:*:*:*",
"matchCriteriaId": "1A3E3E6C-DCC0-466D-A505-5F80379CF0AB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p24:*:*:*:*:*:*",
"matchCriteriaId": "1542CDC8-9697-44DE-8F6A-3EB25D07EEE9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p25:*:*:*:*:*:*",
"matchCriteriaId": "1A5B33FF-EA21-4AEB-8D9A-21DA9DB5892A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p26:*:*:*:*:*:*",
"matchCriteriaId": "78616E5A-E1FF-40AA-8E13-0B2E84CE6F8F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p27:*:*:*:*:*:*",
"matchCriteriaId": "5D956394-C3F3-4C88-A791-364AE555D522"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p28:*:*:*:*:*:*",
"matchCriteriaId": "25E96088-0FA2-49FD-B93D-5AFC9605289E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p29:*:*:*:*:*:*",
"matchCriteriaId": "EDB60B12-F724-40C7-8EB2-1270484E88F6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p3:*:*:*:*:*:*",
"matchCriteriaId": "1982ED3B-A0FA-476A-BFB2-5B7B53289496"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p30:*:*:*:*:*:*",
"matchCriteriaId": "F646D243-433E-46F9-9E8E-E4F734F9E648"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p31:*:*:*:*:*:*",
"matchCriteriaId": "D1C14080-79C9-4620-AD1F-6CB46F0F74D0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p32:*:*:*:*:*:*",
"matchCriteriaId": "4AECE1FE-F3D1-4FF0-BDF9-F39FFCBF52E0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p33:*:*:*:*:*:*",
"matchCriteriaId": "C2F79F99-5F46-48A7-BEE7-1551CD56C2F7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p34:*:*:*:*:*:*",
"matchCriteriaId": "2EB6F9D4-13D2-4218-96EF-64C2126369DC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p35:*:*:*:*:*:*",
"matchCriteriaId": "62841559-BDA0-4B67-932A-007D91BFBD14"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p36:*:*:*:*:*:*",
"matchCriteriaId": "F6F22F4E-4A8A-4A7B-A01A-50E9BEA019DA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p37:*:*:*:*:*:*",
"matchCriteriaId": "C1467012-F4CD-4547-A761-50B5F478A055"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p4:*:*:*:*:*:*",
"matchCriteriaId": "AA60BF44-AF52-458A-BD3F-9FD5D8408575"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p5:*:*:*:*:*:*",
"matchCriteriaId": "9BFE55DC-89EA-404F-8DDF-93E351366789"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p6:*:*:*:*:*:*",
"matchCriteriaId": "C62D8997-DD3B-4B83-B6A5-DFC2408A9164"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p7:*:*:*:*:*:*",
"matchCriteriaId": "80B4A77F-F636-49BB-8CB6-60064984463F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p8:*:*:*:*:*:*",
"matchCriteriaId": "356E5744-AB8E-4FBA-992F-74ED8F9086CE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.0.0:p9:*:*:*:*:*:*",
"matchCriteriaId": "41FB6FFA-F38F-4754-A1E6-35073D84069E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:-:*:*:*:*:*:*",
"matchCriteriaId": "BC0AC5A2-3724-4942-ABE2-CA9F3B9B4BDA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b1:*:*:*:*:*:*",
"matchCriteriaId": "E3AAC1AD-C2F5-4171-BD92-95A8BA09E79A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b2:*:*:*:*:*:*",
"matchCriteriaId": "8CB8C4BB-4AE6-4EA2-8F38-780B627721ED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b3:*:*:*:*:*:*",
"matchCriteriaId": "D0F14106-2A3D-4FC7-A0C7-6EDA75D1A8F7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b4:*:*:*:*:*:*",
"matchCriteriaId": "F8C2DA36-8419-4846-BFA0-A729BE7D72C5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b5:*:*:*:*:*:*",
"matchCriteriaId": "8AA4FA3D-7A59-4597-9D79-B6B020D86BD1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b6:*:*:*:*:*:*",
"matchCriteriaId": "79F0CF88-FF11-4741-AFF6-9F88F57C2140"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b7:*:*:*:*:*:*",
"matchCriteriaId": "8E93629E-C0CB-4636-B343-1C0646D8228E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b8:*:*:*:*:*:*",
"matchCriteriaId": "58102464-E66F-49CD-8952-3F3F9A6A45CC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:b9:*:*:*:*:*:*",
"matchCriteriaId": "9C98E509-8466-4F95-ABE7-7ECC91640E04"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p1:*:*:*:*:*:*",
"matchCriteriaId": "A7B89F71-ABD2-4B2D-AE6B-C0F243E89443"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p10:*:*:*:*:*:*",
"matchCriteriaId": "002EF417-C702-42E2-9C8F-C9593B43AB03"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p11:*:*:*:*:*:*",
"matchCriteriaId": "B8E358A9-0430-4EF1-8557-7F1C088FFF48"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p12:*:*:*:*:*:*",
"matchCriteriaId": "4B0AF395-FDC7-4321-9E00-C935641C138B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p13:*:*:*:*:*:*",
"matchCriteriaId": "59B9CCED-806F-47EF-B5B6-441AADCB4B81"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p14:*:*:*:*:*:*",
"matchCriteriaId": "FAED2CD5-A2CE-438C-8ED7-338D9D61FBD9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p15:*:*:*:*:*:*",
"matchCriteriaId": "F08A96EF-FD2E-4D45-884B-349869649C3D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p16:*:*:*:*:*:*",
"matchCriteriaId": "E80D718E-66B6-4FC6-911D-C264F2C891C9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p17:*:*:*:*:*:*",
"matchCriteriaId": "174BF76A-00C5-4ECD-937D-FE66851D3979"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p18:*:*:*:*:*:*",
"matchCriteriaId": "F43DBAE4-FEF9-431E-AE82-31C7944CA830"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p19:*:*:*:*:*:*",
"matchCriteriaId": "7AF612FF-7441-41C4-96C2-36A15E45FF93"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p2:*:*:*:*:*:*",
"matchCriteriaId": "960DF373-EDE6-4318-B6E9-07573ED5907A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p20:*:*:*:*:*:*",
"matchCriteriaId": "5FFBF793-48E0-48DB-9C12-1C4A5805009E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p21:*:*:*:*:*:*",
"matchCriteriaId": "B6A2F0DB-CA73-4F14-8099-7A29BADC1F4E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p22:*:*:*:*:*:*",
"matchCriteriaId": "5D23ECB8-9C2C-4BA5-ADD6-248FD2CFF37A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p23:*:*:*:*:*:*",
"matchCriteriaId": "9958D126-EF50-4ED7-85A3-6E5120EFB931"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p24:*:*:*:*:*:*",
"matchCriteriaId": "5D9B3F5F-158A-4C43-A894-1A55D1D758FC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p25:*:*:*:*:*:*",
"matchCriteriaId": "17729C6D-3DD1-4082-B3AF-B53770304F7B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p26:*:*:*:*:*:*",
"matchCriteriaId": "2E34014C-90A0-4ABB-A15F-73E83F312246"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p27:*:*:*:*:*:*",
"matchCriteriaId": "C0DCB95E-CC14-40BF-A7E4-1CD9075E2785"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p28:*:*:*:*:*:*",
"matchCriteriaId": "E1AA25FE-FA1B-4525-99B8-1098E75BDC5C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p29:*:*:*:*:*:*",
"matchCriteriaId": "073ED1BF-B3FE-4CC4-A279-15981DBC0BE8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p3:*:*:*:*:*:*",
"matchCriteriaId": "3144AABF-74CB-44EE-A618-8529A8ACFCF6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p30:*:*:*:*:*:*",
"matchCriteriaId": "BA067A60-3B6A-4C3B-8934-E2725199EE39"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p31:*:*:*:*:*:*",
"matchCriteriaId": "DD42912A-092C-4FD9-9874-5B04989164C0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p4:*:*:*:*:*:*",
"matchCriteriaId": "88AC7AB0-40DF-44D1-83EA-FDD4D5346BBD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p5:*:*:*:*:*:*",
"matchCriteriaId": "4285A4A3-3DED-456D-93D4-1B9FDB42C1EB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p6:*:*:*:*:*:*",
"matchCriteriaId": "098FD286-B6CB-4428-9A62-A5F24B4D9E92"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p7:*:*:*:*:*:*",
"matchCriteriaId": "8400088B-E56E-4D0B-86D5-76D884C8031A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p8:*:*:*:*:*:*",
"matchCriteriaId": "29554684-FEFF-42B2-B62E-6523782F537C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.1.0:p9:*:*:*:*:*:*",
"matchCriteriaId": "91AE66E4-AE6B-4F25-9312-6418FC3E221F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:-:*:*:*:*:*:*",
"matchCriteriaId": "8EC2C076-C4C6-4C9A-84FE-B47E835AA0E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:b1:*:*:*:*:*:*",
"matchCriteriaId": "A954DDB4-ACF5-4D74-B735-0BB14762457C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:b2:*:*:*:*:*:*",
"matchCriteriaId": "F4E9D8E0-ECFF-4987-8189-F6A5917D39B6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:b3:*:*:*:*:*:*",
"matchCriteriaId": "7CDF16A7-E9BC-488B-A0DF-91B7F79C2D7A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:b4:*:*:*:*:*:*",
"matchCriteriaId": "EF3C4AB5-966A-46CD-8774-7BD4115FC80B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:b5:*:*:*:*:*:*",
"matchCriteriaId": "580C70A7-387E-4650-9DBA-D7AA0BFDB1BE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:b6:*:*:*:*:*:*",
"matchCriteriaId": "343C5CD6-48ED-4693-BC2A-549A43F02931"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:b7:*:*:*:*:*:*",
"matchCriteriaId": "18F1E6EC-5866-4338-9772-92EB01E0A184"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:b8:*:*:*:*:*:*",
"matchCriteriaId": "57C08697-674F-4924-A5A2-40F1E2BF2059"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:i1:*:*:*:*:*:*",
"matchCriteriaId": "AB444D23-88E8-4AFE-9F1E-56AE4ADF7644"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p1:*:*:*:*:*:*",
"matchCriteriaId": "050E9020-9E83-4198-B550-F554686DCC36"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p2:*:*:*:*:*:*",
"matchCriteriaId": "E9F4C18C-D62E-47F5-A309-D0BC9CFB990C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p3:*:*:*:*:*:*",
"matchCriteriaId": "DAFBA752-75C7-4514-AC75-CE7D78AE9F96"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p4:*:*:*:*:*:*",
"matchCriteriaId": "57BA8394-7755-45E0-8B4D-B37A8A5B5DB8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p5:*:*:*:*:*:*",
"matchCriteriaId": "D6A02DB9-71F6-429F-A084-D811AD016CBA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p6:*:*:*:*:*:*",
"matchCriteriaId": "AC520584-54C8-445C-8898-CEFE1E1CC59F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tribe29:checkmk:2.2.0:p7:*:*:*:*:*:*",
"matchCriteriaId": "DA73CA36-D5F7-4C8D-B574-7DBF29220C82"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://checkmk.com/werk/15691", "url": "https://checkmk.com/werk/15691",
"source": "security@checkmk.com" "source": "security@checkmk.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

70
CVE-2023/CVE-2023-249xx/CVE-2023-24971.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-24971", "id": "CVE-2023-24971",
"sourceIdentifier": "psirt@us.ibm.com", "sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-07-31T02:15:09.893", "published": "2023-07-31T02:15:09.893",
"lastModified": "2023-07-31T12:54:46.757", "lastModified": "2023-08-04T17:25:17.853",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{ {
"source": "psirt@us.ibm.com", "source": "psirt@us.ibm.com",
"type": "Secondary", "type": "Secondary",
@ -35,6 +55,16 @@
] ]
}, },
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-502"
}
]
},
{ {
"source": "psirt@us.ibm.com", "source": "psirt@us.ibm.com",
"type": "Secondary", "type": "Secondary",
@ -46,14 +76,46 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:b2b_advanced_communications:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.0",
"versionEndExcluding": "1.0.0.8",
"matchCriteriaId": "037F2AED-4261-45B0-99A0-E8E93AC7349D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:multi-enterprise_integration_gateway:1.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6D93A0F0-E1F8-41C8-9757-3313011C0E5D"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/246976", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/246976",
"source": "psirt@us.ibm.com" "source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
]
}, },
{ {
"url": "https://www.ibm.com/support/pages/node/7014933", "url": "https://www.ibm.com/support/pages/node/7014933",
"source": "psirt@us.ibm.com" "source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
]
} }
] ]
} }

10
CVE-2023/CVE-2023-258xx/CVE-2023-25837.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-25837", "id": "CVE-2023-25837",
"sourceIdentifier": "psirt@esri.com", "sourceIdentifier": "psirt@esri.com",
"published": "2023-07-21T04:15:12.377", "published": "2023-07-21T04:15:12.377",
"lastModified": "2023-07-31T15:10:15.310", "lastModified": "2023-08-04T17:21:43.527",
"vulnStatus": "Analyzed", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
@ -17,19 +17,19 @@
"type": "Primary", "type": "Primary",
"cvssData": { "cvssData": {
"version": "3.1", "version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK", "attackVector": "NETWORK",
"attackComplexity": "LOW", "attackComplexity": "LOW",
"privilegesRequired": "LOW", "privilegesRequired": "HIGH",
"userInteraction": "REQUIRED", "userInteraction": "REQUIRED",
"scope": "CHANGED", "scope": "CHANGED",
"confidentialityImpact": "LOW", "confidentialityImpact": "LOW",
"integrityImpact": "LOW", "integrityImpact": "LOW",
"availabilityImpact": "NONE", "availabilityImpact": "NONE",
"baseScore": 5.4, "baseScore": 4.8,
"baseSeverity": "MEDIUM" "baseSeverity": "MEDIUM"
}, },
"exploitabilityScore": 2.3, "exploitabilityScore": 1.7,
"impactScore": 2.7 "impactScore": 2.7
}, },
{ {

64
CVE-2023/CVE-2023-261xx/CVE-2023-26139.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-26139", "id": "CVE-2023-26139",
"sourceIdentifier": "report@snyk.io", "sourceIdentifier": "report@snyk.io",
"published": "2023-08-01T05:15:34.843", "published": "2023-08-01T05:15:34.843",
"lastModified": "2023-08-01T12:55:38.437", "lastModified": "2023-08-04T17:01:54.710",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{ {
"source": "report@snyk.io", "source": "report@snyk.io",
"type": "Secondary", "type": "Secondary",
@ -34,14 +54,50 @@
} }
] ]
}, },
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-1321"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:underscore-keypath_project:underscore-keypath:*:*:*:*:*:node.js:*:*",
"versionStartIncluding": "0.0.11",
"matchCriteriaId": "B17E46B6-092D-4BEA-A68C-820C63230F25"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://gist.github.com/lelecolacola123/cc0d1e73780127aea9482c05f2ff3252", "url": "https://gist.github.com/lelecolacola123/cc0d1e73780127aea9482c05f2ff3252",
"source": "report@snyk.io" "source": "report@snyk.io",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://security.snyk.io/vuln/SNYK-JS-UNDERSCOREKEYPATH-5416714", "url": "https://security.snyk.io/vuln/SNYK-JS-UNDERSCOREKEYPATH-5416714",
"source": "report@snyk.io" "source": "report@snyk.io",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

92
CVE-2023/CVE-2023-266xx/CVE-2023-26607.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-26607", "id": "CVE-2023-26607",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-02-26T23:15:10.947", "published": "2023-02-26T23:15:10.947",
"lastModified": "2023-03-16T16:15:12.407", "lastModified": "2023-08-04T17:42:56.953",
"vulnStatus": "Modified", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -55,8 +55,87 @@
"cpeMatch": [ "cpeMatch": [
{ {
"vulnerable": true, "vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.0.8:*:*:*:*:*:*:*", "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C41207B8-D94A-4714-B1E0-66CEFF00FEE0" "versionStartIncluding": "2.6.12",
"versionEndExcluding": "4.9.334",
"matchCriteriaId": "031BD5BC-9E38-498A-95A0-B6CA8ED82039"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.10",
"versionEndExcluding": "4.14.300",
"matchCriteriaId": "424802D2-E9E7-48A9-AD6F-DF2227B3D83A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.15",
"versionEndExcluding": "4.19.267",
"matchCriteriaId": "A5C69A12-68E2-400E-9A5A-375A673C8402"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.20",
"versionEndExcluding": "5.4.225",
"matchCriteriaId": "94D21814-3051-4860-AB06-C7880A3D4933"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5.0",
"versionEndExcluding": "5.10.156",
"matchCriteriaId": "24FDE7A3-F8EF-4339-A725-9F238448BCFD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.80",
"matchCriteriaId": "51BBEF3B-79F5-4D4C-ADBA-F34DA0E2465C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.0.10",
"matchCriteriaId": "64F9ADD1-3ADB-4D66-A00F-4A83010B05F0"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:hci_baseboard_management_controller:h300s:*:*:*:*:*:*:*",
"matchCriteriaId": "27227B35-932A-4035-B39F-6A455753C0D6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:hci_baseboard_management_controller:h410c:*:*:*:*:*:*:*",
"matchCriteriaId": "489D20B9-166F-423D-8C48-A23D3026E33B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:hci_baseboard_management_controller:h410s:*:*:*:*:*:*:*",
"matchCriteriaId": "A4AD592C-222D-4C6F-B176-8145A1A5AFEC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:hci_baseboard_management_controller:h500s:*:*:*:*:*:*:*",
"matchCriteriaId": "8603654B-A8A9-4DEB-B0DD-C82E1C885749"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netapp:hci_baseboard_management_controller:h700s:*:*:*:*:*:*:*",
"matchCriteriaId": "C855C933-F271-45E6-8E85-8D7CF2EF1BE6"
} }
] ]
} }
@ -74,7 +153,10 @@
}, },
{ {
"url": "https://security.netapp.com/advisory/ntap-20230316-0010/", "url": "https://security.netapp.com/advisory/ntap-20230316-0010/",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

49
CVE-2023/CVE-2023-26xx/CVE-2023-2685.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2685", "id": "CVE-2023-2685",
"sourceIdentifier": "cybersecurity@ch.abb.com", "sourceIdentifier": "cybersecurity@ch.abb.com",
"published": "2023-07-28T12:15:09.750", "published": "2023-07-28T12:15:09.750",
"lastModified": "2023-07-28T13:44:31.450", "lastModified": "2023-08-04T17:02:05.163",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.3,
"impactScore": 5.9
},
{ {
"source": "cybersecurity@ch.abb.com", "source": "cybersecurity@ch.abb.com",
"type": "Secondary", "type": "Secondary",
@ -46,10 +66,33 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:abb:ao-opc:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.0.0",
"versionEndIncluding": "3.2.1",
"matchCriteriaId": "FF6678CD-5BA0-40A6-B7B8-2290F1827E95"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK108468A4093&LanguageCode=en&DocumentPartId=&Action=Launch", "url": "https://search.abb.com/library/Download.aspx?DocumentID=9AKK108468A4093&LanguageCode=en&DocumentPartId=&Action=Launch",
"source": "cybersecurity@ch.abb.com" "source": "cybersecurity@ch.abb.com",
"tags": [
"Mitigation",
"Vendor Advisory"
]
} }
] ]
} }

58
CVE-2023/CVE-2023-314xx/CVE-2023-31425.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-31425", "id": "CVE-2023-31425",
"sourceIdentifier": "sirt@brocade.com", "sourceIdentifier": "sirt@brocade.com",
"published": "2023-08-01T21:15:10.597", "published": "2023-08-01T21:15:10.597",
"lastModified": "2023-08-02T13:30:45.017", "lastModified": "2023-08-04T17:29:10.477",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{ {
"source": "sirt@brocade.com", "source": "sirt@brocade.com",
"type": "Secondary", "type": "Secondary",
@ -34,10 +54,42 @@
} }
] ]
}, },
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:broadcom:fabric_operating_system:9.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "379DA47D-6B21-4524-B0E7-2A41A4C8D446"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://support.broadcom.com/external/content/SecurityAdvisories/0/22407", "url": "https://support.broadcom.com/external/content/SecurityAdvisories/0/22407",
"source": "sirt@brocade.com" "source": "sirt@brocade.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

64
CVE-2023/CVE-2023-314xx/CVE-2023-31426.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-31426", "id": "CVE-2023-31426",
"sourceIdentifier": "sirt@brocade.com", "sourceIdentifier": "sirt@brocade.com",
"published": "2023-08-01T22:15:13.597", "published": "2023-08-01T22:15:13.597",
"lastModified": "2023-08-02T13:30:45.017", "lastModified": "2023-08-04T17:20:18.903",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{ {
"source": "sirt@brocade.com", "source": "sirt@brocade.com",
"type": "Secondary", "type": "Secondary",
@ -35,6 +55,16 @@
] ]
}, },
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-532"
}
]
},
{ {
"source": "sirt@brocade.com", "source": "sirt@brocade.com",
"type": "Secondary", "type": "Secondary",
@ -46,10 +76,38 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:broadcom:fabric_operating_system:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.2.3d",
"matchCriteriaId": "F75FABE1-3E2C-43CE-8C5A-0F313F09E2C4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:broadcom:fabric_operating_system:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.0.0",
"versionEndExcluding": "9.1.1c",
"matchCriteriaId": "91FB969C-FA9A-4007-849A-7120543BC5E1"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://support.broadcom.com/external/content/SecurityAdvisories/0/22407", "url": "https://support.broadcom.com/external/content/SecurityAdvisories/0/22407",
"source": "sirt@brocade.com" "source": "sirt@brocade.com",
"tags": [
"Not Applicable"
]
} }
] ]
} }

57
CVE-2023/CVE-2023-314xx/CVE-2023-31429.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-31429", "id": "CVE-2023-31429",
"sourceIdentifier": "sirt@brocade.com", "sourceIdentifier": "sirt@brocade.com",
"published": "2023-08-01T21:15:10.670", "published": "2023-08-01T21:15:10.670",
"lastModified": "2023-08-02T13:30:45.017", "lastModified": "2023-08-04T17:29:03.630",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{ {
"source": "sirt@brocade.com", "source": "sirt@brocade.com",
"type": "Secondary", "type": "Secondary",
@ -35,6 +55,16 @@
] ]
}, },
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
},
{ {
"source": "sirt@brocade.com", "source": "sirt@brocade.com",
"type": "Secondary", "type": "Secondary",
@ -46,10 +76,31 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:broadcom:fabric_operating_system:*:*:*:*:*:*:*:*",
"versionEndExcluding": "9.1.1c",
"matchCriteriaId": "063BAB50-FB8B-4DA4-9DBD-430F3827185F"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/22408", "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/22408",
"source": "sirt@brocade.com" "source": "sirt@brocade.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

80
CVE-2023/CVE-2023-317xx/CVE-2023-31710.json
View File

@ -2,19 +2,91 @@
"id": "CVE-2023-31710", "id": "CVE-2023-31710",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-08-01T14:15:10.013", "published": "2023-08-01T14:15:10.013",
"lastModified": "2023-08-01T15:25:40.337", "lastModified": "2023-08-04T17:31:52.350",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "TP-Link Archer AX21(US)_V3_1.1.4 Build 20230219 and AX21(US)_V3.6_1.1.4 Build 20230219 are vulnerable to Buffer Overflow." "value": "TP-Link Archer AX21(US)_V3_1.1.4 Build 20230219 and AX21(US)_V3.6_1.1.4 Build 20230219 are vulnerable to Buffer Overflow."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tp-link:archer_ax21_firmware:3.6_1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "97B896B5-D11E-46A9-98D8-8716D89F7E68"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tp-link:archer_ax21_firmware:3_1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0D60C7D5-A25D-4C43-BB7F-2CB57801186A"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tp-link:archer_ax21:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2DF5A235-4531-4F03-882C-C2A6B6D07A5D"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/xiaobye-ctf/My-CVE/tree/main/TP-Link/CVE-2023-31710", "url": "https://github.com/xiaobye-ctf/My-CVE/tree/main/TP-Link/CVE-2023-31710",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

82
CVE-2023/CVE-2023-323xx/CVE-2023-32302.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32302", "id": "CVE-2023-32302",
"sourceIdentifier": "security-advisories@github.com", "sourceIdentifier": "security-advisories@github.com",
"published": "2023-08-01T11:15:09.667", "published": "2023-08-01T11:15:09.667",
"lastModified": "2023-08-01T12:55:38.437", "lastModified": "2023-08-04T17:28:35.773",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9
},
{ {
"source": "security-advisories@github.com", "source": "security-advisories@github.com",
"type": "Secondary", "type": "Secondary",
@ -36,8 +56,18 @@
}, },
"weaknesses": [ "weaknesses": [
{ {
"source": "security-advisories@github.com", "source": "nvd@nist.gov",
"type": "Primary", "type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [ "description": [
{ {
"lang": "en", "lang": "en",
@ -46,22 +76,60 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:silverstripe:framework:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.3.14",
"matchCriteriaId": "E1ED7CE3-73E1-4393-B38A-910AACC175D9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:silverstripe:framework:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.0.0",
"versionEndExcluding": "5.0.13",
"matchCriteriaId": "12C01A66-E63D-4FA4-992C-3E4D2913D6E1"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/silverstripe/silverstripe-framework/commit/7b21b38ac4532d06565dfcefad50540ebd2b50f4", "url": "https://github.com/silverstripe/silverstripe-framework/commit/7b21b38ac4532d06565dfcefad50540ebd2b50f4",
"source": "security-advisories@github.com" "source": "security-advisories@github.com",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://github.com/silverstripe/silverstripe-framework/releases/tag/4.13.14", "url": "https://github.com/silverstripe/silverstripe-framework/releases/tag/4.13.14",
"source": "security-advisories@github.com" "source": "security-advisories@github.com",
"tags": [
"Release Notes"
]
}, },
{ {
"url": "https://github.com/silverstripe/silverstripe-framework/releases/tag/5.0.13", "url": "https://github.com/silverstripe/silverstripe-framework/releases/tag/5.0.13",
"source": "security-advisories@github.com" "source": "security-advisories@github.com",
"tags": [
"Release Notes"
]
}, },
{ {
"url": "https://github.com/silverstripe/silverstripe-framework/security/advisories/GHSA-36xx-7vf6-7mv3", "url": "https://github.com/silverstripe/silverstripe-framework/security/advisories/GHSA-36xx-7vf6-7mv3",
"source": "security-advisories@github.com" "source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
]
} }
] ]
} }

53
CVE-2023/CVE-2023-32xx/CVE-2023-3292.json
View File

@ -2,15 +2,38 @@
"id": "CVE-2023-3292", "id": "CVE-2023-3292",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-07-31T10:15:10.577", "published": "2023-07-31T10:15:10.577",
"lastModified": "2023-07-31T12:54:46.757", "lastModified": "2023-08-04T17:25:42.997",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "The grid-kit-premium WordPress plugin before 2.2.0 does not escape some parameters as well as generated URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin" "value": "The grid-kit-premium WordPress plugin before 2.2.0 does not escape some parameters as well as generated URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin"
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [ "weaknesses": [
{ {
"source": "contact@wpscan.com", "source": "contact@wpscan.com",
@ -23,10 +46,32 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpsofts:portfolio_gallery\\,_product_catalog_-_grid_kit_portfolio:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.2.0",
"matchCriteriaId": "CB7BC627-3AB0-41F1-A3FC-37D0CF71455C"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://wpscan.com/vulnerability/d993c385-c3ad-49a6-b079-3a1b090864c8", "url": "https://wpscan.com/vulnerability/d993c385-c3ad-49a6-b079-3a1b090864c8",
"source": "contact@wpscan.com" "source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

59
CVE-2023/CVE-2023-334xx/CVE-2023-33493.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-33493", "id": "CVE-2023-33493",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-08-01T17:15:09.690", "published": "2023-08-01T17:15:09.690",
"lastModified": "2023-08-01T18:51:22.487", "lastModified": "2023-08-04T17:48:37.147",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{ {
"source": "cve@mitre.org", "source": "cve@mitre.org",
"type": "Secondary", "type": "Secondary",
@ -34,10 +54,43 @@
} }
] ]
}, },
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ajaxmanager_project:ajaxmanager:*:*:*:*:*:prestashop:*:*",
"versionEndIncluding": "2.3.0",
"matchCriteriaId": "D347FC1B-CF85-4EB7-9810-A45D30D32916"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://security.friendsofpresta.org/module/2023/07/28/ajaxmanager.html", "url": "https://security.friendsofpresta.org/module/2023/07/28/ajaxmanager.html",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

69
CVE-2023/CVE-2023-335xx/CVE-2023-33561.json
View File

@ -2,23 +2,82 @@
"id": "CVE-2023-33561", "id": "CVE-2023-33561",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-08-01T23:15:29.140", "published": "2023-08-01T23:15:29.140",
"lastModified": "2023-08-02T13:30:45.017", "lastModified": "2023-08-04T17:58:18.727",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Improper input validation of password parameter in PHP Jabbers Time Slots Booking Calendar v 3.3 results in insecure passwords." "value": "Improper input validation of password parameter in PHP Jabbers Time Slots Booking Calendar v 3.3 results in insecure passwords."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:phpjabbers:time_slots_booking_calendar:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5452B658-8D34-4311-B7CD-FD485D8B945F"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://medium.com/@bcksec/multiple-vulnerabilities-in-php-jabbers-scripts-25af4afcadd4", "url": "https://medium.com/@bcksec/multiple-vulnerabilities-in-php-jabbers-scripts-25af4afcadd4",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}, },
{ {
"url": "https://www.phpjabbers.com/time-slots-booking-calendar/", "url": "https://www.phpjabbers.com/time-slots-booking-calendar/",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Product"
]
} }
] ]
} }

68
CVE-2023/CVE-2023-335xx/CVE-2023-33562.json
View File

@ -2,23 +2,81 @@
"id": "CVE-2023-33562", "id": "CVE-2023-33562",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-08-01T23:15:29.293", "published": "2023-08-01T23:15:29.293",
"lastModified": "2023-08-02T13:30:45.017", "lastModified": "2023-08-04T17:55:48.260",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "User enumeration is found in in PHP Jabbers Time Slots Booking Calendar v3.3. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users." "value": "User enumeration is found in in PHP Jabbers Time Slots Booking Calendar v3.3. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:phpjabbers:time_slots_booking_calendar:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5452B658-8D34-4311-B7CD-FD485D8B945F"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://medium.com/@bcksec/multiple-vulnerabilities-in-php-jabbers-scripts-25af4afcadd4", "url": "https://medium.com/@bcksec/multiple-vulnerabilities-in-php-jabbers-scripts-25af4afcadd4",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://www.phpjabbers.com/time-slots-booking-calendar/", "url": "https://www.phpjabbers.com/time-slots-booking-calendar/",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Product"
]
} }
] ]
} }

39
CVE-2023/CVE-2023-343xx/CVE-2023-34358.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34358", "id": "CVE-2023-34358",
"sourceIdentifier": "twcert@cert.org.tw", "sourceIdentifier": "twcert@cert.org.tw",
"published": "2023-07-31T05:15:09.600", "published": "2023-07-31T05:15:09.600",
"lastModified": "2023-07-31T12:54:46.757", "lastModified": "2023-08-04T17:27:21.567",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -46,10 +46,43 @@
] ]
} }
], ],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:asus:rt-ax88u_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.0.0.4.388.23748",
"matchCriteriaId": "478237D3-96B5-45FA-8953-006AA06B5AE8"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:asus:rt-ax88u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB91E047-5AE1-4CA0-9E67-84170D79770C"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://www.twcert.org.tw/tw/cp-132-7279-05760-1.html", "url": "https://www.twcert.org.tw/tw/cp-132-7279-05760-1.html",
"source": "twcert@cert.org.tw" "source": "twcert@cert.org.tw",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

39
CVE-2023/CVE-2023-343xx/CVE-2023-34359.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34359", "id": "CVE-2023-34359",
"sourceIdentifier": "twcert@cert.org.tw", "sourceIdentifier": "twcert@cert.org.tw",
"published": "2023-07-31T05:15:09.813", "published": "2023-07-31T05:15:09.813",
"lastModified": "2023-07-31T12:54:46.757", "lastModified": "2023-08-04T17:27:09.303",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -46,10 +46,43 @@
] ]
} }
], ],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:asus:rt-ax88u_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.0.0.4.388.23748",
"matchCriteriaId": "478237D3-96B5-45FA-8953-006AA06B5AE8"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:asus:rt-ax88u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB91E047-5AE1-4CA0-9E67-84170D79770C"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://www.twcert.org.tw/tw/cp-132-7280-bea85-1.html", "url": "https://www.twcert.org.tw/tw/cp-132-7280-bea85-1.html",
"source": "twcert@cert.org.tw" "source": "twcert@cert.org.tw",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

61
CVE-2023/CVE-2023-343xx/CVE-2023-34360.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34360", "id": "CVE-2023-34360",
"sourceIdentifier": "twcert@cert.org.tw", "sourceIdentifier": "twcert@cert.org.tw",
"published": "2023-07-31T06:15:09.873", "published": "2023-07-31T06:15:09.873",
"lastModified": "2023-07-31T12:54:46.757", "lastModified": "2023-08-04T17:27:01.823",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -13,8 +13,28 @@
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{ {
"source": "twcert@cert.org.tw", "source": "nvd@nist.gov",
"type": "Primary", "type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "twcert@cert.org.tw",
"type": "Secondary",
"cvssData": { "cvssData": {
"version": "3.1", "version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:L", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:L",
@ -46,10 +66,43 @@
] ]
} }
], ],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:asus:rt-ax88u_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.0.0.4.388.23110",
"matchCriteriaId": "8470D45C-FB08-4483-8825-665B6A3DD341"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:asus:rt-ax88u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB91E047-5AE1-4CA0-9E67-84170D79770C"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://https://www.twcert.org.tw/tw/cp-132-7281-dc87d-1.html", "url": "https://https://www.twcert.org.tw/tw/cp-132-7281-dc87d-1.html",
"source": "twcert@cert.org.tw" "source": "twcert@cert.org.tw",
"tags": [
"Broken Link"
]
} }
] ]
} }

68
CVE-2023/CVE-2023-348xx/CVE-2023-34869.json
View File

@ -2,23 +2,81 @@
"id": "CVE-2023-34869", "id": "CVE-2023-34869",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-08-01T23:15:30.017", "published": "2023-08-01T23:15:30.017",
"lastModified": "2023-08-02T13:30:39.550", "lastModified": "2023-08-04T17:28:50.493",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "PHPJabbers Catering System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /index.php?controller=pjAdmin&action=pjActionForgot." "value": "PHPJabbers Catering System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /index.php?controller=pjAdmin&action=pjActionForgot."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:phpjabbers:catering_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "858054F1-CF2C-4808-8581-BBF33D7C1AE8"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://medium.com/@bcksec/multiple-vulnerabilities-in-php-jabbers-scripts-25af4afcadd4", "url": "https://medium.com/@bcksec/multiple-vulnerabilities-in-php-jabbers-scripts-25af4afcadd4",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://www.phpjabbers.com/catering-system/", "url": "https://www.phpjabbers.com/catering-system/",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Product"
]
} }
] ]
} }

71
CVE-2023/CVE-2023-349xx/CVE-2023-34960.json
View File

@ -2,23 +2,84 @@
"id": "CVE-2023-34960", "id": "CVE-2023-34960",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-08-01T02:15:10.307", "published": "2023-08-01T02:15:10.307",
"lastModified": "2023-08-01T12:55:38.437", "lastModified": "2023-08-04T16:05:09.947",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "A command injection vulnerability in the wsConvertPpt component of Chamilo v1.11.* up to v1.11.18 allows attackers to execute arbitrary commands via a SOAP API call with a crafted PowerPoint name." "value": "A command injection vulnerability in the wsConvertPpt component of Chamilo v1.11.* up to v1.11.18 allows attackers to execute arbitrary commands via a SOAP API call with a crafted PowerPoint name."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:chamilo:chamilo:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.11.0",
"versionEndIncluding": "1.11.18",
"matchCriteriaId": "51098DB7-26D2-41C5-A69A-AECC6406F4C5"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "http://chamilo.com", "url": "http://chamilo.com",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Product"
]
}, },
{ {
"url": "https://support.chamilo.org/projects/1/wiki/Security_issues#Issue-112-2023-04-20-Critical-impact-High-risk-Remote-Code-Execution", "url": "https://support.chamilo.org/projects/1/wiki/Security_issues#Issue-112-2023-04-20-Critical-impact-High-risk-Remote-Code-Execution",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
} }
] ]
} }

75
CVE-2023/CVE-2023-34xx/CVE-2023-3462.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3462", "id": "CVE-2023-3462",
"sourceIdentifier": "security@hashicorp.com", "sourceIdentifier": "security@hashicorp.com",
"published": "2023-07-31T23:15:10.360", "published": "2023-07-31T23:15:10.360",
"lastModified": "2023-08-01T12:55:38.437", "lastModified": "2023-08-04T16:50:04.120",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{ {
"source": "security@hashicorp.com", "source": "security@hashicorp.com",
"type": "Secondary", "type": "Secondary",
@ -35,6 +55,16 @@
] ]
}, },
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-203"
}
]
},
{ {
"source": "security@hashicorp.com", "source": "security@hashicorp.com",
"type": "Secondary", "type": "Secondary",
@ -46,10 +76,49 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hashicorp:vault:*:*:*:*:-:*:*:*",
"versionStartIncluding": "1.13.0",
"versionEndExcluding": "1.13.5",
"matchCriteriaId": "DF8B4175-8E60-4169-9D10-FE924EB1516C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hashicorp:vault:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "1.13.0",
"versionEndExcluding": "1.13.5",
"matchCriteriaId": "EBC19EB3-A5B0-4165-BB49-763953AC2369"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hashicorp:vault:1.14.0:*:*:*:-:*:*:*",
"matchCriteriaId": "3DFB14EC-487C-454C-A712-10085D897748"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hashicorp:vault:1.14.0:*:*:*:enterprise:*:*:*",
"matchCriteriaId": "DB12634A-9B34-44C0-AC11-11120295E3F2"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://discuss.hashicorp.com/t/hcsec-2023-24-vaults-ldap-auth-method-allows-for-user-enumeration/56714", "url": "https://discuss.hashicorp.com/t/hcsec-2023-24-vaults-ldap-auth-method-allows-for-user-enumeration/56714",
"source": "security@hashicorp.com" "source": "security@hashicorp.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

62
CVE-2023/CVE-2023-350xx/CVE-2023-35016.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35016", "id": "CVE-2023-35016",
"sourceIdentifier": "psirt@us.ibm.com", "sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-07-31T01:15:09.667", "published": "2023-07-31T01:15:09.667",
"lastModified": "2023-07-31T12:54:46.757", "lastModified": "2023-08-04T17:23:18.223",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{ {
"source": "psirt@us.ibm.com", "source": "psirt@us.ibm.com",
"type": "Secondary", "type": "Secondary",
@ -35,6 +55,16 @@
] ]
}, },
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
},
{ {
"source": "psirt@us.ibm.com", "source": "psirt@us.ibm.com",
"type": "Secondary", "type": "Secondary",
@ -46,14 +76,38 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:security_verify_governance:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A8497FD1-40B6-4BA1-B536-E2138D0AFA80"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25772", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25772",
"source": "psirt@us.ibm.com" "source": "psirt@us.ibm.com",
"tags": [
"Not Applicable",
"VDB Entry"
]
}, },
{ {
"url": "https://www.ibm.com/support/pages/node/7014397", "url": "https://www.ibm.com/support/pages/node/7014397",
"source": "psirt@us.ibm.com" "source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

62
CVE-2023/CVE-2023-350xx/CVE-2023-35019.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35019", "id": "CVE-2023-35019",
"sourceIdentifier": "psirt@us.ibm.com", "sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-07-31T01:15:09.757", "published": "2023-07-31T01:15:09.757",
"lastModified": "2023-07-31T12:54:46.757", "lastModified": "2023-08-04T17:23:56.413",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{ {
"source": "psirt@us.ibm.com", "source": "psirt@us.ibm.com",
"type": "Secondary", "type": "Secondary",
@ -35,6 +55,16 @@
] ]
}, },
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
},
{ {
"source": "psirt@us.ibm.com", "source": "psirt@us.ibm.com",
"type": "Secondary", "type": "Secondary",
@ -46,14 +76,38 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:security_verify_governance:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A8497FD1-40B6-4BA1-B536-E2138D0AFA80"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/257873", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/257873",
"source": "psirt@us.ibm.com" "source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
]
}, },
{ {
"url": "https://www.ibm.com/support/pages/node/7014397", "url": "https://www.ibm.com/support/pages/node/7014397",
"source": "psirt@us.ibm.com" "source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

87
CVE-2023/CVE-2023-361xx/CVE-2023-36118.json
View File

@ -2,35 +2,106 @@
"id": "CVE-2023-36118", "id": "CVE-2023-36118",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-08-01T23:15:30.217", "published": "2023-08-01T23:15:30.217",
"lastModified": "2023-08-02T15:15:10.183", "lastModified": "2023-08-04T17:28:37.420",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Cross Site Scripting vulnerability in Faculty Evaulation System using PHP/MySQLi v.1.0 allows an attacker to execute arbitrary code via a crafted payload to the page parameter." "value": "Cross Site Scripting vulnerability in Faculty Evaulation System using PHP/MySQLi v.1.0 allows an attacker to execute arbitrary code via a crafted payload to the page parameter."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:faculty_evaulation_system_project:faculty_evaulation_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6B643718-99F1-4294-92FF-6BD77BE0CE22"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "http://packetstormsecurity.com/files/172672/Faculty-Evaluation-System-1.0-Shell-Upload.html", "url": "http://packetstormsecurity.com/files/172672/Faculty-Evaluation-System-1.0-Shell-Upload.html",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}, },
{ {
"url": "https://github.com/Trinity-SYT-SECURITY/XSS_vuln_issue/blob/main/Faculty%20Evaluation%20System%20v1.0.md", "url": "https://github.com/Trinity-SYT-SECURITY/XSS_vuln_issue/blob/main/Faculty%20Evaluation%20System%20v1.0.md",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}, },
{ {
"url": "https://hackmd.io/@SY-T/Hy6HvwxPn", "url": "https://hackmd.io/@SY-T/Hy6HvwxPn",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}, },
{ {
"url": "https://www.chtsecurity.com/news/4ffbe017-70e1-4789-bfe6-4d6fb0d1a0b7", "url": "https://www.chtsecurity.com/news/4ffbe017-70e1-4789-bfe6-4d6fb0d1a0b7",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Mitigation",
"Third Party Advisory"
]
}, },
{ {
"url": "https://www.chtsecurity.com/news/5282e0af-7c45-43b0-9869-9becee7d6d70", "url": "https://www.chtsecurity.com/news/5282e0af-7c45-43b0-9869-9becee7d6d70",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

71
CVE-2023/CVE-2023-362xx/CVE-2023-36210.json
View File

@ -2,23 +2,84 @@
"id": "CVE-2023-36210", "id": "CVE-2023-36210",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-08-01T17:15:09.773", "published": "2023-08-01T17:15:09.773",
"lastModified": "2023-08-01T18:51:22.487", "lastModified": "2023-08-04T17:41:31.310",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "MotoCMS Version 3.4.3 Store Category Template was discovered to contain a Server-Side Template Injection (SSTI) vulnerability via the keyword parameter." "value": "MotoCMS Version 3.4.3 Store Category Template was discovered to contain a Server-Side Template Injection (SSTI) vulnerability via the keyword parameter."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-74"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:motocms:motocms:3.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2AB7A4D6-633C-40C5-87FF-C0006F41C7D2"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://vulners.com/zdt/1337DAY-ID-38750", "url": "https://vulners.com/zdt/1337DAY-ID-38750",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}, },
{ {
"url": "https://www.exploit-db.com/exploits/51499", "url": "https://www.exploit-db.com/exploits/51499",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
} }
] ]
} }

70
CVE-2023/CVE-2023-363xx/CVE-2023-36351.json
View File

@ -2,23 +2,83 @@
"id": "CVE-2023-36351", "id": "CVE-2023-36351",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-08-01T23:15:30.370", "published": "2023-08-01T23:15:30.370",
"lastModified": "2023-08-02T13:30:39.550", "lastModified": "2023-08-04T17:28:04.757",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "An issue in Viatom Health ViHealth for Android v.2.74.58 and before allows a remote attacker to execute arbitrary code via the com.viatom.baselib.mvvm.webWebViewActivity component." "value": "An issue in Viatom Health ViHealth for Android v.2.74.58 and before allows a remote attacker to execute arbitrary code via the com.viatom.baselib.mvvm.webWebViewActivity component."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:viatomtech:vihealth:*:*:*:*:*:android:*:*",
"versionEndIncluding": "2.74.58",
"matchCriteriaId": "444D67C8-DB49-487F-AEB7-92205639983A"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/actuator/cve/blob/main/CVE-2023-36351", "url": "https://github.com/actuator/cve/blob/main/CVE-2023-36351",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://github.com/actuator/cve/blob/main/vihealth.md", "url": "https://github.com/actuator/cve/blob/main/vihealth.md",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

71
CVE-2023/CVE-2023-372xx/CVE-2023-37214.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-37214", "id": "CVE-2023-37214",
"sourceIdentifier": "cna@cyber.gov.il", "sourceIdentifier": "cna@cyber.gov.il",
"published": "2023-07-30T09:15:10.220", "published": "2023-07-30T09:15:10.220",
"lastModified": "2023-07-31T12:54:52.103", "lastModified": "2023-08-04T16:39:59.080",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{ {
"source": "cna@cyber.gov.il", "source": "cna@cyber.gov.il",
"type": "Secondary", "type": "Secondary",
@ -34,10 +54,55 @@
} }
] ]
}, },
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-77"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:heights-t:ero1xs-pro_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "bz_ero1xp.027",
"matchCriteriaId": "E410A105-9C6C-470D-BCB4-69414DB2AEB3"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:heights-t:ero1xs-pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7C1140A1-EFE6-45BE-84D9-3B824087337A"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://www.gov.il/en/Departments/faq/cve_advisories", "url": "https://www.gov.il/en/Departments/faq/cve_advisories",
"source": "cna@cyber.gov.il" "source": "cna@cyber.gov.il",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

69
CVE-2023/CVE-2023-372xx/CVE-2023-37215.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-37215", "id": "CVE-2023-37215",
"sourceIdentifier": "cna@cyber.gov.il", "sourceIdentifier": "cna@cyber.gov.il",
"published": "2023-07-30T09:15:10.300", "published": "2023-07-30T09:15:10.300",
"lastModified": "2023-07-31T12:54:52.103", "lastModified": "2023-08-04T16:33:19.700",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{ {
"source": "cna@cyber.gov.il", "source": "cna@cyber.gov.il",
"type": "Secondary", "type": "Secondary",
@ -35,6 +55,16 @@
] ]
}, },
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-798"
}
]
},
{ {
"source": "cna@cyber.gov.il", "source": "cna@cyber.gov.il",
"type": "Secondary", "type": "Secondary",
@ -46,10 +76,43 @@
] ]
} }
], ],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:jbl:jbl_bar_5.1_surround_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "23.23.51.00",
"matchCriteriaId": "91E637FF-51F5-4E7E-8AF1-163C07586FD8"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:jbl:jbl_bar_5.1_surround:-:*:*:*:*:*:*:*",
"matchCriteriaId": "077125D6-D142-47E6-9FC4-4CFDD340D327"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://www.gov.il/en/Departments/faq/cve_advisories", "url": "https://www.gov.il/en/Departments/faq/cve_advisories",
"source": "cna@cyber.gov.il" "source": "cna@cyber.gov.il",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

56
CVE-2023/CVE-2023-372xx/CVE-2023-37218.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-37218", "id": "CVE-2023-37218",
"sourceIdentifier": "cna@cyber.gov.il", "sourceIdentifier": "cna@cyber.gov.il",
"published": "2023-07-30T11:15:09.870", "published": "2023-07-30T11:15:09.870",
"lastModified": "2023-07-31T12:54:52.103", "lastModified": "2023-08-04T16:55:07.707",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{ {
"source": "cna@cyber.gov.il", "source": "cna@cyber.gov.il",
"type": "Secondary", "type": "Secondary",
@ -35,6 +55,16 @@
] ]
}, },
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
},
{ {
"source": "cna@cyber.gov.il", "source": "cna@cyber.gov.il",
"type": "Secondary", "type": "Secondary",
@ -46,10 +76,30 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tadirantele:aeonix:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E1036A-77E1-40C5-8F75-A3676F9A6F82"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://www.gov.il/en/Departments/faq/cve_advisories", "url": "https://www.gov.il/en/Departments/faq/cve_advisories",
"source": "cna@cyber.gov.il" "source": "cna@cyber.gov.il",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

56
CVE-2023/CVE-2023-372xx/CVE-2023-37219.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-37219", "id": "CVE-2023-37219",
"sourceIdentifier": "cna@cyber.gov.il", "sourceIdentifier": "cna@cyber.gov.il",
"published": "2023-07-30T11:15:09.947", "published": "2023-07-30T11:15:09.947",
"lastModified": "2023-07-31T12:54:52.103", "lastModified": "2023-08-04T16:30:43.220",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{ {
"source": "cna@cyber.gov.il", "source": "cna@cyber.gov.il",
"type": "Secondary", "type": "Secondary",
@ -35,6 +55,16 @@
] ]
}, },
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-1236"
}
]
},
{ {
"source": "cna@cyber.gov.il", "source": "cna@cyber.gov.il",
"type": "Secondary", "type": "Secondary",
@ -46,10 +76,30 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tadirantele:aeonix:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03E1036A-77E1-40C5-8F75-A3676F9A6F82"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://www.gov.il/en/Departments/faq/cve_advisories", "url": "https://www.gov.il/en/Departments/faq/cve_advisories",
"source": "cna@cyber.gov.il" "source": "cna@cyber.gov.il",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

55
CVE-2023/CVE-2023-374xx/CVE-2023-37470.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-37470",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-08-04T16:15:09.610",
"lastModified": "2023-08-04T17:10:50.263",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Metabase is an open-source business intelligence and analytics platform. Prior to versions 0.43.7.3, 0.44.7.3, 0.45.4.3, 0.46.6.4, 1.43.7.3, 1.44.7.3, 1.45.4.3, and 1.46.6.4, a vulnerability could potentially allow remote code execution on one's Metabase server. The core issue is that one of the supported data warehouses (an embedded in-memory database H2), exposes a number of ways for a connection string to include code that is then executed by the process running the embedded database. Because Metabase allows users to connect to databases, this means that a user supplied string can be used to inject executable code. Metabase allows users to validate their connection string before adding a database (including on setup), and this validation API was the primary vector used as it can be called without validation. Versions 0.43.7.3, 0.44.7.3, 0.45.4.3, 0.46.6.4, 1.43.7.3, 1.44.7.3, 1.45.4.3, and 1.46.6.4 fix this issue by removing the ability of users to add H2 databases entirely. As a workaround, it is possible to block these vulnerabilities at the network level by blocking the endpoints `POST /api/database`, `PUT /api/database/:id`, and `POST /api/setup/validateuntil`. Those who use H2 as a file-based database should migrate to SQLite."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 10.0,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"references": [
{
"url": "https://github.com/metabase/metabase/security/advisories/GHSA-p7w3-9m58-rq83",
"source": "security-advisories@github.com"
}
]
}

76
CVE-2023/CVE-2023-374xx/CVE-2023-37478.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-37478", "id": "CVE-2023-37478",
"sourceIdentifier": "security-advisories@github.com", "sourceIdentifier": "security-advisories@github.com",
"published": "2023-08-01T12:15:09.937", "published": "2023-08-01T12:15:09.937",
"lastModified": "2023-08-01T12:55:38.437", "lastModified": "2023-08-04T17:44:08.830",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{ {
"source": "security-advisories@github.com", "source": "security-advisories@github.com",
"type": "Secondary", "type": "Secondary",
@ -36,8 +56,18 @@
}, },
"weaknesses": [ "weaknesses": [
{ {
"source": "security-advisories@github.com", "source": "nvd@nist.gov",
"type": "Primary", "type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [ "description": [
{ {
"lang": "en", "lang": "en",
@ -46,18 +76,52 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pnpm:pnpm:*:*:*:*:*:node.js:*:*",
"versionEndExcluding": "7.33.4",
"matchCriteriaId": "4C67386C-0391-4053-9D82-71845070FB73"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pnpm:pnpm:*:*:*:*:*:node.js:*:*",
"versionStartIncluding": "8.0.0",
"versionEndExcluding": "8.6.8",
"matchCriteriaId": "DC21BAC1-FCF8-4DC7-89D6-BAA2CF6F411D"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/pnpm/pnpm/releases/tag/v7.33.4", "url": "https://github.com/pnpm/pnpm/releases/tag/v7.33.4",
"source": "security-advisories@github.com" "source": "security-advisories@github.com",
"tags": [
"Release Notes"
]
}, },
{ {
"url": "https://github.com/pnpm/pnpm/releases/tag/v8.6.8", "url": "https://github.com/pnpm/pnpm/releases/tag/v8.6.8",
"source": "security-advisories@github.com" "source": "security-advisories@github.com",
"tags": [
"Release Notes"
]
}, },
{ {
"url": "https://github.com/pnpm/pnpm/security/advisories/GHSA-5r98-f33j-g8h7", "url": "https://github.com/pnpm/pnpm/security/advisories/GHSA-5r98-f33j-g8h7",
"source": "security-advisories@github.com" "source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

59
CVE-2023/CVE-2023-374xx/CVE-2023-37496.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-37496", "id": "CVE-2023-37496",
"sourceIdentifier": "psirt@hcl.com", "sourceIdentifier": "psirt@hcl.com",
"published": "2023-08-01T01:15:10.770", "published": "2023-08-01T01:15:10.770",
"lastModified": "2023-08-01T12:55:38.437", "lastModified": "2023-08-04T16:25:04.313",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{ {
"source": "psirt@hcl.com", "source": "psirt@hcl.com",
"type": "Secondary", "type": "Secondary",
@ -34,10 +54,43 @@
} }
] ]
}, },
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hcltech:verse:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.1",
"matchCriteriaId": "B278190B-9E4D-43FE-9691-5CBDC93688B3"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0105904", "url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0105904",
"source": "psirt@hcl.com" "source": "psirt@hcl.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

140
CVE-2023/CVE-2023-375xx/CVE-2023-37580.json
View File

@ -2,23 +2,153 @@
"id": "CVE-2023-37580", "id": "CVE-2023-37580",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-07-31T16:15:10.327", "published": "2023-07-31T16:15:10.327",
"lastModified": "2023-07-31T17:30:17.057", "lastModified": "2023-08-04T17:10:21.003",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"cisaExploitAdd": "2023-07-27",
"cisaActionDue": "2023-08-17",
"cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"cisaVulnerabilityName": "Zimbra Collaboration (ZCS) Cross-Site Scripting (XSS) Vulnerability",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Zimbra Collaboration (ZCS) 8 before 8.8.15 Patch 41 allows XSS in the Zimbra Classic Web Client." "value": "Zimbra Collaboration (ZCS) 8 before 8.8.15 Patch 41 allows XSS in the Zimbra Classic Web Client."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:zimbra:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.8.0",
"versionEndExcluding": "8.8.15",
"matchCriteriaId": "38ECDB77-75C2-4F1F-94A8-D0F7CAC58427"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:zimbra:8.8.15:p11:*:*:*:*:*:*",
"matchCriteriaId": "D94082EB-9245-421E-A195-659ED7E97FBD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:zimbra:8.8.15:p26:*:*:*:*:*:*",
"matchCriteriaId": "F10A5925-168E-45E8-888E-E4042A1406A4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:zimbra:8.8.15:p3:*:*:*:*:*:*",
"matchCriteriaId": "074B9DC0-1700-4C29-B332-093FEA785D39"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:zimbra:8.8.15:p30:*:*:*:*:*:*",
"matchCriteriaId": "85C96088-3631-4CAE-BA6C-9E7A12EC455F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:zimbra:8.8.15:p31:*:*:*:*:*:*",
"matchCriteriaId": "BCB801E7-C9C5-42FC-A4C3-CECD9F21887B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:zimbra:8.8.15:p32:*:*:*:*:*:*",
"matchCriteriaId": "A22C14E7-34AE-438C-9E2A-DA4BF07889D5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:zimbra:8.8.15:p33:*:*:*:*:*:*",
"matchCriteriaId": "B5251B9B-87EF-4300-A791-8C2BB2B58FA8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:zimbra:8.8.15:p34:*:*:*:*:*:*",
"matchCriteriaId": "C9795188-0A57-48A6-B876-0A2477888D6F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:zimbra:8.8.15:p35:*:*:*:*:*:*",
"matchCriteriaId": "4288C356-C993-486F-B3CF-D8E44A7A53C7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:zimbra:8.8.15:p37:*:*:*:*:*:*",
"matchCriteriaId": "7A98258E-91BA-45F0-8417-6FFB3CF02FB5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:zimbra:8.8.15:p38:*:*:*:*:*:*",
"matchCriteriaId": "3EFD7BC4-0284-4551-972C-81DD7F225DA9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:zimbra:8.8.15:p40:*:*:*:*:*:*",
"matchCriteriaId": "ACA5EA7B-95A3-49E9-A407-A034279173FB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:zimbra:8.8.15:p5:*:*:*:*:*:*",
"matchCriteriaId": "9F670A63-D8E9-4360-83CF-5C5D3D8B569E"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://wiki.zimbra.com/wiki/Security_Center", "url": "https://wiki.zimbra.com/wiki/Security_Center",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}, },
{ {
"url": "https://wiki.zimbra.com/wiki/Zimbra_Responsible_Disclosure_Policy", "url": "https://wiki.zimbra.com/wiki/Zimbra_Responsible_Disclosure_Policy",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Not Applicable"
]
} }
] ]
} }

64
CVE-2023/CVE-2023-377xx/CVE-2023-37771.json
View File

@ -2,19 +2,75 @@
"id": "CVE-2023-37771", "id": "CVE-2023-37771",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-07-31T16:15:10.380", "published": "2023-07-31T16:15:10.380",
"lastModified": "2023-07-31T17:30:17.057", "lastModified": "2023-08-04T17:10:00.960",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Art Gallery Management System v1.0 contains a SQL injection vulnerability via the cid parameter at /agms/product.php." "value": "Art Gallery Management System v1.0 contains a SQL injection vulnerability via the cid parameter at /agms/product.php."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:phpgurukul:art_gallery_management_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CE7F7EC5-D077-4052-9013-D37C2F794796"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/anky-123/CVE-2023-37771/blob/main/CVE", "url": "https://github.com/anky-123/CVE-2023-37771/blob/main/CVE",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

73
CVE-2023/CVE-2023-377xx/CVE-2023-37772.json
View File

@ -2,27 +2,88 @@
"id": "CVE-2023-37772", "id": "CVE-2023-37772",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-08-01T01:15:10.850", "published": "2023-08-01T01:15:10.850",
"lastModified": "2023-08-01T12:55:38.437", "lastModified": "2023-08-04T16:23:46.130",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Online Shopping Portal Project v3.1 was discovered to contain a SQL injection vulnerability via the Email parameter at /shopping/login.php." "value": "Online Shopping Portal Project v3.1 was discovered to contain a SQL injection vulnerability via the Email parameter at /shopping/login.php."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:online_shopping_portal_project:online_shopping_portal:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FB1E6D97-0FC4-4C44-B15C-B75096D2D52A"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "http://phpgurukul.com/shopping-portal-free-download/", "url": "http://phpgurukul.com/shopping-portal-free-download/",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Product"
]
}, },
{ {
"url": "https://github.com/anky-123/CVE-2023-37772/blob/main/CVE-2", "url": "https://github.com/anky-123/CVE-2023-37772/blob/main/CVE-2",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://phpgurukul.com/", "url": "https://phpgurukul.com/",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Product"
]
} }
] ]
} }

63
CVE-2023/CVE-2023-378xx/CVE-2023-37896.json Normal file
View File

@ -0,0 +1,63 @@
{
"id": "CVE-2023-37896",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-08-04T16:15:09.847",
"lastModified": "2023-08-04T17:10:50.263",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Nuclei is a vulnerability scanner. Prior to version 2.9.9, a security issue in the Nuclei project affected users utilizing Nuclei as Go code (SDK) running custom templates. This issue did not affect CLI users. The problem was related to sanitization issues with payload loading in sandbox mode. There was a potential risk with payloads loading in sandbox mode. The issue occurred due to relative paths not being converted to absolute paths before doing the check for `sandbox` flag allowing arbitrary files to be read on the filesystem in certain cases when using Nuclei from `Go` SDK implementation. \n\nThis issue has been fixed in version 2.9.9. The maintainers have also enabled sandbox by default for filesystem loading. This can be optionally disabled if required. The `-sandbox` option has been deprecated and is now divided into two new options: `-lfa` (allow local file access) which is enabled by default and `-lna` (restrict local network access) which can be enabled by users optionally. The `-lfa` allows file (payload) access anywhere on the system (disabling sandbox effectively), and `-lna` blocks connections to the local/private network."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"references": [
{
"url": "https://github.com/projectdiscovery/nuclei/pull/3927",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/projectdiscovery/nuclei/releases/tag/v2.9.9",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/projectdiscovery/nuclei/security/advisories/GHSA-2xx4-jj5v-6mff",
"source": "security-advisories@github.com"
}
]
}

59
CVE-2023/CVE-2023-384xx/CVE-2023-38487.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-38487",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-08-04T16:15:10.030",
"lastModified": "2023-08-04T17:10:50.263",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "HedgeDoc is software for creating real-time collaborative markdown notes. Prior to version 1.9.9, the API of HedgeDoc 1 can be used to create notes with an alias matching the ID of existing notes. The affected existing note can then not be accessed anymore and is effectively hidden by the new one.\n\nWhen the freeURL feature is enabled (by setting the `allowFreeURL` config option or the `CMD_ALLOW_FREEURL` environment variable to `true`), any user with the appropriate permissions can create a note by making a POST request to the `/new/<ALIAS>` API endpoint. The `<ALIAS>` parameter can be set to the ID of an existing note. HedgeDoc did not verify whether the provided `<ALIAS>` value corresponds to a valid ID of an existing note and always allowed creation of the new note. When a visitor tried to access the existing note, HedgeDoc will first search for a note with a matching alias before it searches using the ID, therefore only the new note can be accessed.\n\nDepending on the permission settings of the HedgeDoc instance, the issue can be exploited only by logged-in users or by all (including non-logged-in) users. The exploit requires knowledge of the ID of the target note. Attackers could use this issue to present a manipulated copy of the original note to the user, e.g. by replacing the links with malicious ones. Attackers can also use this issue to prevent access to the original note, causing a denial of service. No data is lost, as the original content of the affected notes is still present in the database.\n\nThis issue was fixed in version 1.9.9. As a workaround, disabling freeURL mode prevents the exploitation of this issue. The impact can be limited by restricting freeURL note creation to trusted, logged-in users by enabling `requireFreeURLAuthentication`/`CMD_REQUIRE_FREEURL_AUTHENTICATION`."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:L",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.2,
"impactScore": 4.2
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-289"
}
]
}
],
"references": [
{
"url": "https://github.com/hedgedoc/hedgedoc/pull/4476/commits/781263ab84255885e1fe60c7e92e2f8d611664d2",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/hedgedoc/hedgedoc/security/advisories/GHSA-7494-7hcf-vxpg",
"source": "security-advisories@github.com"
}
]
}

59
CVE-2023/CVE-2023-384xx/CVE-2023-38494.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-38494",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-08-04T16:15:10.177",
"lastModified": "2023-08-04T17:10:50.263",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "MeterSphere is an open-source continuous testing platform. Prior to version 2.10.4 LTS, some interfaces of the Cloud version of MeterSphere do not have configuration permissions, and are sensitively leaked by attackers. Version 2.10.4 LTS contains a patch for this issue."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 4.7
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"references": [
{
"url": "https://github.com/metersphere/metersphere/commit/a23f75d93b666901fd148d834df9384f6f24cf28",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/metersphere/metersphere/security/advisories/GHSA-fjp5-95pv-5253",
"source": "security-advisories@github.com"
}
]
}

75
CVE-2023/CVE-2023-384xx/CVE-2023-38497.json Normal file
View File

@ -0,0 +1,75 @@
{
"id": "CVE-2023-38497",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-08-04T16:15:10.370",
"lastModified": "2023-08-04T17:10:50.263",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Cargo downloads the Rust project\u2019s dependencies and compiles the project. Cargo prior to version 0.72.2, bundled with Rust prior to version 1.71.1, did not respect the umask when extracting crate archives on UNIX-like systems. If the user downloaded a crate containing files writeable by any local user, another local user could exploit this to change the source code compiled and executed by the current user. To prevent existing cached extractions from being exploitable, the Cargo binary version 0.72.2 included in Rust 1.71.1 or later will purge caches generated by older Cargo versions automatically. As a workaround, configure one's system to prevent other local users from accessing the Cargo directory, usually located in `~/.cargo`."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 7.9,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.5,
"impactScore": 5.8
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-278"
}
]
}
],
"references": [
{
"url": "https://en.wikipedia.org/wiki/Umask",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/rust-lang/cargo/commit/d78bbf4bde3c6b95caca7512f537c6f9721426ff",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/rust-lang/cargo/pull/12443",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/rust-lang/cargo/security/advisories/GHSA-j3xp-wfr4-hx87",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/rust-lang/wg-security-response/tree/main/patches/CVE-2023-38497",
"source": "security-advisories@github.com"
},
{
"url": "https://www.rust-lang.org/policies/security",
"source": "security-advisories@github.com"
}
]
}

95
CVE-2023/CVE-2023-385xx/CVE-2023-38559.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-38559", "id": "CVE-2023-38559",
"sourceIdentifier": "secalert@redhat.com", "sourceIdentifier": "secalert@redhat.com",
"published": "2023-08-01T17:15:09.890", "published": "2023-08-01T17:15:09.890",
"lastModified": "2023-08-01T18:51:22.487", "lastModified": "2023-08-04T17:21:05.113",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{ {
"source": "secalert@redhat.com", "source": "secalert@redhat.com",
"type": "Secondary", "type": "Secondary",
@ -34,22 +54,85 @@
} }
] ]
}, },
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:artifex:ghostscript:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E4876A23-725C-450E-B988-32FFF4DF53C1"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://access.redhat.com/security/cve/CVE-2023-38559", "url": "https://access.redhat.com/security/cve/CVE-2023-38559",
"source": "secalert@redhat.com" "source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=706897", "url": "https://bugs.ghostscript.com/show_bug.cgi?id=706897",
"source": "secalert@redhat.com" "source": "secalert@redhat.com",
"tags": [
"Permissions Required"
]
}, },
{ {
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2224367", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2224367",
"source": "secalert@redhat.com" "source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
]
}, },
{ {
"url": "https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=d81b82c70bc1", "url": "https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=d81b82c70bc1",
"source": "secalert@redhat.com" "source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Patch"
]
} }
] ]
} }

80
CVE-2023/CVE-2023-385xx/CVE-2023-38560.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-38560", "id": "CVE-2023-38560",
"sourceIdentifier": "secalert@redhat.com", "sourceIdentifier": "secalert@redhat.com",
"published": "2023-08-01T17:15:09.967", "published": "2023-08-01T17:15:09.967",
"lastModified": "2023-08-04T05:15:10.677", "lastModified": "2023-08-04T17:30:26.457",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{ {
"source": "secalert@redhat.com", "source": "secalert@redhat.com",
"type": "Secondary", "type": "Secondary",
@ -34,26 +54,72 @@
} }
] ]
}, },
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-190"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:artifex:ghostscript:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E4876A23-725C-450E-B988-32FFF4DF53C1"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://access.redhat.com/security/cve/CVE-2023-38560", "url": "https://access.redhat.com/security/cve/CVE-2023-38560",
"source": "secalert@redhat.com" "source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=706897", "url": "https://bugs.ghostscript.com/show_bug.cgi?id=706897",
"source": "secalert@redhat.com" "source": "secalert@redhat.com",
"tags": [
"Permissions Required"
]
}, },
{ {
"url": "https://bugs.ghostscript.com/show_bug.cgi?id=706898", "url": "https://bugs.ghostscript.com/show_bug.cgi?id=706898",
"source": "secalert@redhat.com" "source": "secalert@redhat.com",
"tags": [
"Permissions Required"
]
}, },
{ {
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2224368", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2224368",
"source": "secalert@redhat.com" "source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
]
}, },
{ {
"url": "https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=b7eb1d0174c", "url": "https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=b7eb1d0174c",
"source": "secalert@redhat.com" "source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Patch"
]
} }
] ]
} }

79
CVE-2023/CVE-2023-386xx/CVE-2023-38686.json Normal file
View File

@ -0,0 +1,79 @@
{
"id": "CVE-2023-38686",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-08-04T16:15:10.550",
"lastModified": "2023-08-04T17:10:50.263",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Sydent is an identity server for the Matrix communications protocol. Prior to version 2.5.6, if configured to send emails using TLS, Sydent does not verify SMTP servers' certificates. This makes Sydent's emails vulnerable to interception via a man-in-the-middle (MITM) attack. Attackers with privileged access to the network can intercept room invitations and address confirmation emails. This is patched in Sydent 2.5.6. When patching, make sure that Sydent trusts the certificate of the server it is connecting to. This should happen automatically when using properly issued certificates. Those who use self-signed certificates should make sure to copy their Certification Authority certificate, or their self signed certificate if using only one, to the trust store of your operating system. As a workaround, one can ensure Sydent's emails fail to send by setting the configured SMTP server to a loopback or non-routable address under one's control which does not have a listening SMTP server."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 9.3,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 2.8,
"impactScore": 5.8
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-295"
}
]
}
],
"references": [
{
"url": "https://docs.python.org/3/library/ssl.html?highlight=ssl#security-considerations",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/matrix-org/sydent/commit/1cd748307c6b168b66154e6c4db715d4b9551261",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/matrix-org/sydent/pull/574",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/matrix-org/sydent/releases/tag/v2.5.6",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/matrix-org/sydent/security/advisories/GHSA-p6hw-wm59-3g5g",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/python/cpython/issues/91826",
"source": "security-advisories@github.com"
},
{
"url": "https://peps.python.org/pep-0476/",
"source": "security-advisories@github.com"
}
]
}

63
CVE-2023/CVE-2023-386xx/CVE-2023-38688.json Normal file
View File

@ -0,0 +1,63 @@
{
"id": "CVE-2023-38688",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-08-04T17:15:10.097",
"lastModified": "2023-08-04T17:15:10.097",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "twitch-tui provides Twitch chat in a terminal. Prior to version 2.4.1, the connection is not using TLS for communication. In the configuration of the irc connection, the software disables TLS, which makes all communication to Twitch IRC servers unencrypted. As a result, communication, including auth tokens, can be sniffed. Version 2.4.1 has a patch for this issue."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-311"
}
]
}
],
"references": [
{
"url": "https://github.com/Xithrius/twitch-tui/blob/340afc3c8c07a83289fe6ef614aa7563c8b70756/src/twitch/connection.rs#L23",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/Xithrius/twitch-tui/commit/74d13ddca35f8f0816f4933c229da1fd95c0350a",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/Xithrius/twitch-tui/security/advisories/GHSA-779w-xvpm-78jx",
"source": "security-advisories@github.com"
}
]
}

63
CVE-2023/CVE-2023-386xx/CVE-2023-38689.json Normal file
View File

@ -0,0 +1,63 @@
{
"id": "CVE-2023-38689",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-08-04T17:15:10.563",
"lastModified": "2023-08-04T17:15:10.563",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Logistics Pipes is a modification (a.k.a. mod) for the computer game Minecraft Java Edition. The mod used Java's `ObjectInputStream#readObject` on untrusted data coming from clients or servers over the network resulting in possible remote code execution when sending specifically crafted network packets after connecting. The affected versions were released between 2013 and 2016 and the issue (back then unknown) was fixed in 2016 by a refactoring of the network IO code. \nThe issue is present in all Logistics Pipes versions ranged from 0.7.0.91 prior to 0.10.0.71, which were downloaded from different platforms summing up to multi-million downloads. For Minecraft version 1.7.10 the issue was fixed in build 0.10.0.71. Everybody on Minecraft 1.7.10 should check their version number of Logistics Pipes in their modlist and update, if the version number is smaller than 0.10.0.71. Any newer supported Minecraft version (like 1.12.2) never had a Logistics Pipes version with vulnerable code. The best available workaround for vulnerable versions is to play in singleplayer only or update to newer Minecraft versions and modpacks."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-502"
}
]
}
],
"references": [
{
"url": "https://github.com/RS485/LogisticsPipes/commit/39a90b8f2d1a2bcc512ec68c3e139f1dac07aa56",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/RS485/LogisticsPipes/commit/527c4f4fb028e9afab29d4e639935010ad7be9e7",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/RS485/LogisticsPipes/security/advisories/GHSA-mcp7-xf3v-25x3",
"source": "security-advisories@github.com"
}
]
}

67
CVE-2023/CVE-2023-386xx/CVE-2023-38690.json Normal file
View File

@ -0,0 +1,67 @@
{
"id": "CVE-2023-38690",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-08-04T17:15:10.783",
"lastModified": "2023-08-04T17:15:10.783",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "matrix-appservice-irc is a Node.js IRC bridge for Matrix. Prior to version 1.0.1, it is possible to craft a command with newlines which would not be properly parsed. This would mean you could pass a string of commands as a channel name, which would then be run by the IRC bridge bot. Versions 1.0.1 and above are patched. There are no robust workarounds to the bug. One may disable dynamic channels in the config to disable the most common execution method but others may exist."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-20"
},
{
"lang": "en",
"value": "CWE-77"
}
]
}
],
"references": [
{
"url": "https://github.com/matrix-org/matrix-appservice-irc/commit/0afb064635d37e039067b5b3d6423448b93026d3",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/matrix-org/matrix-appservice-irc/releases/tag/1.0.1",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/matrix-org/matrix-appservice-irc/security/advisories/GHSA-3pmj-jqqp-2mj3",
"source": "security-advisories@github.com"
}
]
}

59
CVE-2023/CVE-2023-386xx/CVE-2023-38691.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-38691",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-08-04T17:15:11.063",
"lastModified": "2023-08-04T17:15:11.063",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "matrix-appservice-bridge provides an API for setting up bridges. Starting in version 4.0.0 and prior to versions 8.1.2 and 9.0.1, a malicious Matrix server can use a foreign user's MXID in an OpenID exchange, allowing a bad actor to impersonate users when using the provisioning API. The library does not check that the servername part of the `sub` parameter (containing the user's *claimed* MXID) is the the same as the servername we are talking to. A malicious actor could spin up a server on any given domain, respond with a `sub` parameter according to the user they want to act as and use the resulting token to perform provisioning requests. Versions 8.1.2 and 9.0.1 contain a patch. As a workaround, disable the provisioning API."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.1,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
}
],
"references": [
{
"url": "https://github.com/matrix-org/matrix-appservice-bridge/commit/4c6723a5e7beda65cdf1ae5dbb882e8beaac8552",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/matrix-org/matrix-appservice-bridge/security/advisories/GHSA-vc7j-h8xg-fv5x",
"source": "security-advisories@github.com"
}
]
}

211
CVE-2023/CVE-2023-387xx/CVE-2023-38750.json
View File

@ -2,23 +2,224 @@
"id": "CVE-2023-38750", "id": "CVE-2023-38750",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-07-31T16:15:10.437", "published": "2023-07-31T16:15:10.437",
"lastModified": "2023-07-31T17:30:17.057", "lastModified": "2023-08-04T17:09:45.547",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "In Zimbra Collaboration (ZCS) 8 before 8.8.15 Patch 41, 9 before 9.0.0 Patch 34, and 10 before 10.0.2, internal JSP and XML files can be exposed." "value": "In Zimbra Collaboration (ZCS) 8 before 8.8.15 Patch 41, 9 before 9.0.0 Patch 34, and 10 before 10.0.2, internal JSP and XML files can be exposed."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:zimbra:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.8.0",
"versionEndExcluding": "8.8.15",
"matchCriteriaId": "38ECDB77-75C2-4F1F-94A8-D0F7CAC58427"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:zimbra:8.8.15:p11:*:*:*:*:*:*",
"matchCriteriaId": "D94082EB-9245-421E-A195-659ED7E97FBD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:zimbra:8.8.15:p26:*:*:*:*:*:*",
"matchCriteriaId": "F10A5925-168E-45E8-888E-E4042A1406A4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:zimbra:8.8.15:p3:*:*:*:*:*:*",
"matchCriteriaId": "074B9DC0-1700-4C29-B332-093FEA785D39"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:zimbra:8.8.15:p30:*:*:*:*:*:*",
"matchCriteriaId": "85C96088-3631-4CAE-BA6C-9E7A12EC455F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:zimbra:8.8.15:p31:*:*:*:*:*:*",
"matchCriteriaId": "BCB801E7-C9C5-42FC-A4C3-CECD9F21887B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:zimbra:8.8.15:p32:*:*:*:*:*:*",
"matchCriteriaId": "A22C14E7-34AE-438C-9E2A-DA4BF07889D5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:zimbra:8.8.15:p33:*:*:*:*:*:*",
"matchCriteriaId": "B5251B9B-87EF-4300-A791-8C2BB2B58FA8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:zimbra:8.8.15:p34:*:*:*:*:*:*",
"matchCriteriaId": "C9795188-0A57-48A6-B876-0A2477888D6F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:zimbra:8.8.15:p35:*:*:*:*:*:*",
"matchCriteriaId": "4288C356-C993-486F-B3CF-D8E44A7A53C7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:zimbra:8.8.15:p37:*:*:*:*:*:*",
"matchCriteriaId": "7A98258E-91BA-45F0-8417-6FFB3CF02FB5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:zimbra:8.8.15:p38:*:*:*:*:*:*",
"matchCriteriaId": "3EFD7BC4-0284-4551-972C-81DD7F225DA9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:zimbra:8.8.15:p40:*:*:*:*:*:*",
"matchCriteriaId": "ACA5EA7B-95A3-49E9-A407-A034279173FB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:zimbra:8.8.15:p5:*:*:*:*:*:*",
"matchCriteriaId": "9F670A63-D8E9-4360-83CF-5C5D3D8B569E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:zimbra:9.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B671A427-BC20-43CB-A7F1-DD2124B2B901"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:zimbra:9.0.0:p0:*:*:*:*:*:*",
"matchCriteriaId": "631ADC21-06BA-476D-B134-E25D06740019"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:zimbra:9.0.0:p19:*:*:*:*:*:*",
"matchCriteriaId": "92C99D34-300D-4AC6-9D75-538621978E38"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:zimbra:9.0.0:p23:*:*:*:*:*:*",
"matchCriteriaId": "D949B9A3-4E4F-45FC-93AB-478B77C6F7AE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:zimbra:9.0.0:p25:*:*:*:*:*:*",
"matchCriteriaId": "0BDA3621-F2AA-4E55-8641-A30B9A3DCF8E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:zimbra:9.0.0:p26:*:*:*:*:*:*",
"matchCriteriaId": "3A29151F-9083-45B7-8C1E-A844372C01C0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:zimbra:9.0.0:p27:*:*:*:*:*:*",
"matchCriteriaId": "E35B7C01-F288-47D6-8C43-50FC6F6FEA7A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:zimbra:9.0.0:p28:*:*:*:*:*:*",
"matchCriteriaId": "40687633-0902-4D3E-8C7B-AE9318EB9DAD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:zimbra:9.0.0:p30:*:*:*:*:*:*",
"matchCriteriaId": "8091130D-23B8-4271-9164-2279C14CBE7B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:zimbra:9.0.0:p31:*:*:*:*:*:*",
"matchCriteriaId": "B40F5F01-E7DC-4399-8F9E-2341069FD555"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:zimbra:9.0.0:p33:*:*:*:*:*:*",
"matchCriteriaId": "C8B3E761-6A2D-4AC1-8B46-B04196135A51"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:zimbra:9.0.0:p4:*:*:*:*:*:*",
"matchCriteriaId": "8A3B019E-A357-4F7E-8DB5-336B3209D130"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:zimbra:9.0.0:p7:*:*:*:*:*:*",
"matchCriteriaId": "E88525DC-A672-40E8-A756-43DD3E9685CC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:zimbra:9.0.0:p7.1:*:*:*:*:*:*",
"matchCriteriaId": "482EC153-BE0F-4B8B-8AC0-0D2CC3A94752"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zimbra:zimbra:10.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0A092529-4EF6-45CC-A56B-BC9255E97F6D"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://wiki.zimbra.com/wiki/Security_Center", "url": "https://wiki.zimbra.com/wiki/Security_Center",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}, },
{ {
"url": "https://wiki.zimbra.com/wiki/Zimbra_Responsible_Disclosure_Policy", "url": "https://wiki.zimbra.com/wiki/Zimbra_Responsible_Disclosure_Policy",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Not Applicable"
]
} }
] ]
} }

20
CVE-2023/CVE-2023-389xx/CVE-2023-38964.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-38964",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-04T16:15:10.697",
"lastModified": "2023-08-04T17:10:50.263",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Creative Item Academy LMS 6.0 was discovered to contain a cross-site scripting (XSS) vulnerability."
}
],
"metrics": {},
"references": [
{
"url": "https://vida03.gitbook.io/redteam/web/cve-2023-38964",
"source": "cve@mitre.org"
}
]
}

61
CVE-2023/CVE-2023-38xx/CVE-2023-3825.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3825", "id": "CVE-2023-3825",
"sourceIdentifier": "ics-cert@hq.dhs.gov", "sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2023-07-31T23:15:10.437", "published": "2023-07-31T23:15:10.437",
"lastModified": "2023-08-01T12:55:38.437", "lastModified": "2023-08-04T16:48:20.227",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{ {
"source": "ics-cert@hq.dhs.gov", "source": "ics-cert@hq.dhs.gov",
"type": "Secondary", "type": "Secondary",
@ -36,8 +56,18 @@
}, },
"weaknesses": [ "weaknesses": [
{ {
"source": "ics-cert@hq.dhs.gov", "source": "nvd@nist.gov",
"type": "Primary", "type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"description": [ "description": [
{ {
"lang": "en", "lang": "en",
@ -46,10 +76,33 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:kepware:kepserverex:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.0.0",
"versionEndIncluding": "6.14.263",
"matchCriteriaId": "4BCC4117-EFB3-4627-941D-B105A539D986"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-208-02", "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-208-02",
"source": "ics-cert@hq.dhs.gov" "source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
]
} }
] ]
} }

20
CVE-2023/CVE-2023-391xx/CVE-2023-39112.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-39112",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-04T17:15:11.300",
"lastModified": "2023-08-04T17:15:11.300",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "ECShop v4.1.16 contains an arbitrary file deletion vulnerability in the Admin Panel."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/Luci4n555/vul_report/blob/master/vul_1.md",
"source": "cve@mitre.org"
}
]
}

64
CVE-2023/CVE-2023-391xx/CVE-2023-39122.json
View File

@ -2,19 +2,75 @@
"id": "CVE-2023-39122", "id": "CVE-2023-39122",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-07-31T23:15:10.297", "published": "2023-07-31T23:15:10.297",
"lastModified": "2023-08-03T18:15:11.547", "lastModified": "2023-08-04T16:51:07.287",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "BMC Control-M through 9.0.20.200 allows SQL injection via the /RF-Server/report/deleteReport report-id parameter. This is fixed in 9.0.21 (and is also fixed by a patch for 9.0.20.200)." "value": "BMC Control-M through 9.0.20.200 allows SQL injection via the /RF-Server/report/deleteReport report-id parameter. This is fixed in 9.0.21 (and is also fixed by a patch for 9.0.20.200)."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:bmc:control-m:*:*:*:*:*:*:*:*",
"versionEndExcluding": "9.0.21",
"matchCriteriaId": "FC6D0D4E-8FE6-4F43-9D2C-593DDA20A5C9"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/DojoSecurity/BMC-Control-M-Unauthenticated-SQL-Injection", "url": "https://github.com/DojoSecurity/BMC-Control-M-Unauthenticated-SQL-Injection",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

24
CVE-2023/CVE-2023-391xx/CVE-2023-39143.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-39143",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-04T17:15:11.510",
"lastModified": "2023-08-04T17:15:11.510",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "PaperCut NG and PaperCut MF before 22.1.3 are vulnerable to path traversal which enables attackers to read, delete, and upload arbitrary files."
}
],
"metrics": {},
"references": [
{
"url": "https://www.horizon3.ai/cve-2023-39143-papercut-path-traversal-file-upload-rce-vulnerability/",
"source": "cve@mitre.org"
},
{
"url": "https://www.papercut.com/kb/Main/securitybulletinjuly2023/",
"source": "cve@mitre.org"
}
]
}

70
CVE-2023/CVE-2023-391xx/CVE-2023-39147.json
View File

@ -2,23 +2,83 @@
"id": "CVE-2023-39147", "id": "CVE-2023-39147",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-08-01T18:15:10.203", "published": "2023-08-01T18:15:10.203",
"lastModified": "2023-08-01T20:15:09.903", "lastModified": "2023-08-04T17:30:04.907",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "An arbitrary file upload vulnerability in Uvdesk 1.1.3 allows attackers to execute arbitrary code via uploading a crafted image file." "value": "An arbitrary file upload vulnerability in Uvdesk 1.1.3 allows attackers to execute arbitrary code via uploading a crafted image file."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:webkul:uvdesk:1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "64CC4DC3-7C0F-46A4-8DB7-169C50E4B7CE"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "http://packetstormsecurity.com/files/173878/Uvdesk-1.1.3-Shell-Upload.html", "url": "http://packetstormsecurity.com/files/173878/Uvdesk-1.1.3-Shell-Upload.html",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
}, },
{ {
"url": "https://docs.google.com/document/d/1uv9DjHmKuDxZIjNhWX05EsxHEp8fGalXB7XK-QSyr_0/edit?usp=sharing", "url": "https://docs.google.com/document/d/1uv9DjHmKuDxZIjNhWX05EsxHEp8fGalXB7XK-QSyr_0/edit?usp=sharing",
"source": "cve@mitre.org" "source": "cve@mitre.org",
"tags": [
"Exploit"
]
} }
] ]
} }

65
CVE-2023/CVE-2023-39xx/CVE-2023-3983.json
View File

@ -2,19 +2,76 @@
"id": "CVE-2023-3983", "id": "CVE-2023-3983",
"sourceIdentifier": "vulnreport@tenable.com", "sourceIdentifier": "vulnreport@tenable.com",
"published": "2023-07-31T19:15:18.243", "published": "2023-07-31T19:15:18.243",
"lastModified": "2023-08-01T12:55:38.437", "lastModified": "2023-08-04T17:03:02.897",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "An authenticated SQL injection vulnerability exists in Advantech iView versions prior to v5.7.4 build 6752. An authenticated remote attacker can bypass checks in com.imc.iview.utils.CUtils.checkSQLInjection() to perform blind SQL injection." "value": "An authenticated SQL injection vulnerability exists in Advantech iView versions prior to v5.7.4 build 6752. An authenticated remote attacker can bypass checks in com.imc.iview.utils.CUtils.checkSQLInjection() to perform blind SQL injection."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:advantech:iview:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.7.4.6752",
"matchCriteriaId": "1856B3E0-0296-471D-828E-220B55F1E98D"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://www.tenable.com/security/research/tra-2023-24", "url": "https://www.tenable.com/security/research/tra-2023-24",
"source": "vulnreport@tenable.com" "source": "vulnreport@tenable.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
} }
] ]
} }

65
CVE-2023/CVE-2023-39xx/CVE-2023-3997.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3997", "id": "CVE-2023-3997",
"sourceIdentifier": "prodsec@splunk.com", "sourceIdentifier": "prodsec@splunk.com",
"published": "2023-07-31T17:15:10.110", "published": "2023-07-31T17:15:10.110",
"lastModified": "2023-07-31T17:30:17.057", "lastModified": "2023-08-04T17:09:13.420",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{ {
"source": "prodsec@splunk.com", "source": "prodsec@splunk.com",
"type": "Secondary", "type": "Secondary",
@ -34,10 +54,49 @@
} }
] ]
}, },
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-74"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:splunk:soar:*:*:*:*:on-premises:*:*:*",
"versionEndExcluding": "6.1.0",
"matchCriteriaId": "B6409239-52FB-4299-8AA1-869223F44504"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:splunk:soar:*:*:*:*:cloud:*:*:*",
"versionEndExcluding": "6.1.0.131",
"matchCriteriaId": "E71AB766-6388-44FB-8F0B-6ED443A20895"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://advisory.splunk.com/advisories/SVD-2023-0702", "url": "https://advisory.splunk.com/advisories/SVD-2023-0702",
"source": "prodsec@splunk.com" "source": "prodsec@splunk.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

127
CVE-2023/CVE-2023-40xx/CVE-2023-4004.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4004", "id": "CVE-2023-4004",
"sourceIdentifier": "secalert@redhat.com", "sourceIdentifier": "secalert@redhat.com",
"published": "2023-07-31T17:15:10.203", "published": "2023-07-31T17:15:10.203",
"lastModified": "2023-07-31T17:30:17.057", "lastModified": "2023-08-04T17:08:39.573",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{ {
"source": "secalert@redhat.com", "source": "secalert@redhat.com",
"type": "Secondary", "type": "Secondary",
@ -34,18 +54,115 @@
} }
] ]
}, },
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.5",
"matchCriteriaId": "98C491C7-598A-4D36-BA4F-3505A5727ED1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.5:rc1:*:*:*:*:*:*",
"matchCriteriaId": "0B3E6E4D-E24E-4630-B00C-8C9901C597B0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.5:rc2:*:*:*:*:*:*",
"matchCriteriaId": "E4A01A71-0F09-4DB2-A02F-7EFFBE27C98D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.5:rc3:*:*:*:*:*:*",
"matchCriteriaId": "F5608371-157A-4318-8A2E-4104C3467EA1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.5:rc4:*:*:*:*:*:*",
"matchCriteriaId": "2226A776-DF8C-49E0-A030-0A7853BB018A"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://access.redhat.com/security/cve/CVE-2023-4004", "url": "https://access.redhat.com/security/cve/CVE-2023-4004",
"source": "secalert@redhat.com" "source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2225275", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2225275",
"source": "secalert@redhat.com" "source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
]
}, },
{ {
"url": "https://patchwork.ozlabs.org/project/netfilter-devel/patch/20230719190824.21196-1-fw@strlen.de/", "url": "https://patchwork.ozlabs.org/project/netfilter-devel/patch/20230719190824.21196-1-fw@strlen.de/",
"source": "secalert@redhat.com" "source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
]
} }
] ]
} }

89
CVE-2023/CVE-2023-40xx/CVE-2023-4010.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4010", "id": "CVE-2023-4010",
"sourceIdentifier": "secalert@redhat.com", "sourceIdentifier": "secalert@redhat.com",
"published": "2023-07-31T17:15:10.277", "published": "2023-07-31T17:15:10.277",
"lastModified": "2023-07-31T17:30:17.057", "lastModified": "2023-08-04T17:06:50.927",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 4.6,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.9,
"impactScore": 3.6
},
{ {
"source": "secalert@redhat.com", "source": "secalert@redhat.com",
"type": "Secondary", "type": "Secondary",
@ -34,18 +54,77 @@
} }
] ]
}, },
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-835"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://access.redhat.com/security/cve/CVE-2023-4010", "url": "https://access.redhat.com/security/cve/CVE-2023-4010",
"source": "secalert@redhat.com" "source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
}, },
{ {
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2227726", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2227726",
"source": "secalert@redhat.com" "source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
]
}, },
{ {
"url": "https://github.com/wanrenmi/a-usb-kernel-bug", "url": "https://github.com/wanrenmi/a-usb-kernel-bug",
"source": "secalert@redhat.com" "source": "secalert@redhat.com",
"tags": [
"Exploit"
]
} }
] ]
} }

54
CVE-2023/CVE-2023-40xx/CVE-2023-4033.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4033", "id": "CVE-2023-4033",
"sourceIdentifier": "security@huntr.dev", "sourceIdentifier": "security@huntr.dev",
"published": "2023-08-01T01:15:10.913", "published": "2023-08-01T01:15:10.913",
"lastModified": "2023-08-01T12:55:38.437", "lastModified": "2023-08-04T16:06:35.453",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -11,6 +11,28 @@
} }
], ],
"metrics": { "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [ "cvssMetricV30": [
{ {
"source": "security@huntr.dev", "source": "security@huntr.dev",
@ -46,14 +68,38 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lfprojects:mlflow:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.6.0",
"matchCriteriaId": "43FFD65D-BF64-47AF-AA18-BBF973A94116"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://github.com/mlflow/mlflow/commit/6dde93758d42455cb90ef324407919ed67668b9b", "url": "https://github.com/mlflow/mlflow/commit/6dde93758d42455cb90ef324407919ed67668b9b",
"source": "security@huntr.dev" "source": "security@huntr.dev",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://huntr.dev/bounties/5312d6f8-67a5-4607-bd47-5e19966fa321", "url": "https://huntr.dev/bounties/5312d6f8-67a5-4607-bd47-5e19966fa321",
"source": "security@huntr.dev" "source": "security@huntr.dev",
"tags": [
"Permissions Required"
]
} }
] ]
} }

69
CVE-2023/CVE-2023-40xx/CVE-2023-4058.json
View File

@ -2,23 +2,82 @@
"id": "CVE-2023-4058", "id": "CVE-2023-4058",
"sourceIdentifier": "security@mozilla.org", "sourceIdentifier": "security@mozilla.org",
"published": "2023-08-01T16:15:10.133", "published": "2023-08-01T16:15:10.133",
"lastModified": "2023-08-01T16:43:18.493", "lastModified": "2023-08-04T17:50:09.910",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Memory safety bugs present in Firefox 115. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 116." "value": "Memory safety bugs present in Firefox 115. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 116."
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*",
"versionEndExcluding": "116.0",
"matchCriteriaId": "C6C6420C-0883-4585-A655-4C470029CB85"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1819160%2C1828024", "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1819160%2C1828024",
"source": "security@mozilla.org" "source": "security@mozilla.org",
"tags": [
"Broken Link"
]
}, },
{ {
"url": "https://www.mozilla.org/security/advisories/mfsa2023-29/", "url": "https://www.mozilla.org/security/advisories/mfsa2023-29/",
"source": "security@mozilla.org" "source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

70
CVE-2023/CVE-2023-40xx/CVE-2023-4068.json
View File

@ -2,23 +2,83 @@
"id": "CVE-2023-4068", "id": "CVE-2023-4068",
"sourceIdentifier": "chrome-cve-admin@google.com", "sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-08-03T01:15:11.513", "published": "2023-08-03T01:15:11.513",
"lastModified": "2023-08-03T12:40:03.493", "lastModified": "2023-08-04T17:14:17.057",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Type Confusion in V8 in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)" "value": "Type Confusion in V8 in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)"
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-843"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding": "115.0.5790.170",
"matchCriteriaId": "A285F0A7-9E48-4D13-8CD8-E31E85C9AC44"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop.html",
"source": "chrome-cve-admin@google.com" "source": "chrome-cve-admin@google.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}, },
{ {
"url": "https://crbug.com/1466183", "url": "https://crbug.com/1466183",
"source": "chrome-cve-admin@google.com" "source": "chrome-cve-admin@google.com",
"tags": [
"Permissions Required"
]
} }
] ]
} }

70
CVE-2023/CVE-2023-40xx/CVE-2023-4069.json
View File

@ -2,23 +2,83 @@
"id": "CVE-2023-4069", "id": "CVE-2023-4069",
"sourceIdentifier": "chrome-cve-admin@google.com", "sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-08-03T01:15:11.583", "published": "2023-08-03T01:15:11.583",
"lastModified": "2023-08-03T12:40:03.493", "lastModified": "2023-08-04T17:14:25.747",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Type Confusion in V8 in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)" "value": "Type Confusion in V8 in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)"
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-843"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding": "115.0.5790.170",
"matchCriteriaId": "A285F0A7-9E48-4D13-8CD8-E31E85C9AC44"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop.html",
"source": "chrome-cve-admin@google.com" "source": "chrome-cve-admin@google.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}, },
{ {
"url": "https://crbug.com/1465326", "url": "https://crbug.com/1465326",
"source": "chrome-cve-admin@google.com" "source": "chrome-cve-admin@google.com",
"tags": [
"Permissions Required"
]
} }
] ]
} }

70
CVE-2023/CVE-2023-40xx/CVE-2023-4070.json
View File

@ -2,23 +2,83 @@
"id": "CVE-2023-4070", "id": "CVE-2023-4070",
"sourceIdentifier": "chrome-cve-admin@google.com", "sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-08-03T01:15:11.647", "published": "2023-08-03T01:15:11.647",
"lastModified": "2023-08-03T12:40:03.493", "lastModified": "2023-08-04T17:14:33.170",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Type Confusion in V8 in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)" "value": "Type Confusion in V8 in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)"
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-843"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding": "115.0.5790.170",
"matchCriteriaId": "A285F0A7-9E48-4D13-8CD8-E31E85C9AC44"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop.html",
"source": "chrome-cve-admin@google.com" "source": "chrome-cve-admin@google.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}, },
{ {
"url": "https://crbug.com/1462951", "url": "https://crbug.com/1462951",
"source": "chrome-cve-admin@google.com" "source": "chrome-cve-admin@google.com",
"tags": [
"Permissions Required"
]
} }
] ]
} }

70
CVE-2023/CVE-2023-40xx/CVE-2023-4071.json
View File

@ -2,23 +2,83 @@
"id": "CVE-2023-4071", "id": "CVE-2023-4071",
"sourceIdentifier": "chrome-cve-admin@google.com", "sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-08-03T01:15:11.710", "published": "2023-08-03T01:15:11.710",
"lastModified": "2023-08-03T12:40:03.493", "lastModified": "2023-08-04T17:14:57.810",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Heap buffer overflow in Visuals in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)" "value": "Heap buffer overflow in Visuals in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)"
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding": "115.0.5790.170",
"matchCriteriaId": "A285F0A7-9E48-4D13-8CD8-E31E85C9AC44"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop.html",
"source": "chrome-cve-admin@google.com" "source": "chrome-cve-admin@google.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}, },
{ {
"url": "https://crbug.com/1458819", "url": "https://crbug.com/1458819",
"source": "chrome-cve-admin@google.com" "source": "chrome-cve-admin@google.com",
"tags": [
"Permissions Required"
]
} }
] ]
} }

74
CVE-2023/CVE-2023-40xx/CVE-2023-4072.json
View File

@ -2,23 +2,87 @@
"id": "CVE-2023-4072", "id": "CVE-2023-4072",
"sourceIdentifier": "chrome-cve-admin@google.com", "sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-08-03T01:15:11.773", "published": "2023-08-03T01:15:11.773",
"lastModified": "2023-08-03T12:40:03.493", "lastModified": "2023-08-04T17:15:14.420",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Out of bounds read and write in WebGL in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)" "value": "Out of bounds read and write in WebGL in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)"
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
},
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding": "115.0.5790.170",
"matchCriteriaId": "A285F0A7-9E48-4D13-8CD8-E31E85C9AC44"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop.html",
"source": "chrome-cve-admin@google.com" "source": "chrome-cve-admin@google.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}, },
{ {
"url": "https://crbug.com/1464038", "url": "https://crbug.com/1464038",
"source": "chrome-cve-admin@google.com" "source": "chrome-cve-admin@google.com",
"tags": [
"Permissions Required"
]
} }
] ]
} }

82
CVE-2023/CVE-2023-40xx/CVE-2023-4073.json
View File

@ -2,23 +2,95 @@
"id": "CVE-2023-4073", "id": "CVE-2023-4073",
"sourceIdentifier": "chrome-cve-admin@google.com", "sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-08-03T01:15:11.840", "published": "2023-08-03T01:15:11.840",
"lastModified": "2023-08-03T12:40:03.493", "lastModified": "2023-08-04T17:15:51.823",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Out of bounds memory access in ANGLE in Google Chrome on Mac prior to 115.0.5790.170 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)" "value": "Out of bounds memory access in ANGLE in Google Chrome on Mac prior to 115.0.5790.170 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)"
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-119"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding": "115.0.5790.170",
"matchCriteriaId": "A285F0A7-9E48-4D13-8CD8-E31E85C9AC44"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop.html",
"source": "chrome-cve-admin@google.com" "source": "chrome-cve-admin@google.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}, },
{ {
"url": "https://crbug.com/1456243", "url": "https://crbug.com/1456243",
"source": "chrome-cve-admin@google.com" "source": "chrome-cve-admin@google.com",
"tags": [
"Permissions Required"
]
} }
] ]
} }

70
CVE-2023/CVE-2023-40xx/CVE-2023-4074.json
View File

@ -2,23 +2,83 @@
"id": "CVE-2023-4074", "id": "CVE-2023-4074",
"sourceIdentifier": "chrome-cve-admin@google.com", "sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-08-03T01:15:11.903", "published": "2023-08-03T01:15:11.903",
"lastModified": "2023-08-03T12:40:03.493", "lastModified": "2023-08-04T17:16:08.977",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Use after free in Blink Task Scheduling in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)" "value": "Use after free in Blink Task Scheduling in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)"
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding": "115.0.5790.170",
"matchCriteriaId": "A285F0A7-9E48-4D13-8CD8-E31E85C9AC44"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop.html",
"source": "chrome-cve-admin@google.com" "source": "chrome-cve-admin@google.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}, },
{ {
"url": "https://crbug.com/1464113", "url": "https://crbug.com/1464113",
"source": "chrome-cve-admin@google.com" "source": "chrome-cve-admin@google.com",
"tags": [
"Permissions Required"
]
} }
] ]
} }

70
CVE-2023/CVE-2023-40xx/CVE-2023-4075.json
View File

@ -2,23 +2,83 @@
"id": "CVE-2023-4075", "id": "CVE-2023-4075",
"sourceIdentifier": "chrome-cve-admin@google.com", "sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-08-03T01:15:11.973", "published": "2023-08-03T01:15:11.973",
"lastModified": "2023-08-03T12:40:03.493", "lastModified": "2023-08-04T17:16:23.620",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Use after free in Cast in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)" "value": "Use after free in Cast in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)"
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding": "115.0.5790.170",
"matchCriteriaId": "A285F0A7-9E48-4D13-8CD8-E31E85C9AC44"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop.html",
"source": "chrome-cve-admin@google.com" "source": "chrome-cve-admin@google.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}, },
{ {
"url": "https://crbug.com/1457757", "url": "https://crbug.com/1457757",
"source": "chrome-cve-admin@google.com" "source": "chrome-cve-admin@google.com",
"tags": [
"Permissions Required"
]
} }
] ]
} }

70
CVE-2023/CVE-2023-40xx/CVE-2023-4076.json
View File

@ -2,23 +2,83 @@
"id": "CVE-2023-4076", "id": "CVE-2023-4076",
"sourceIdentifier": "chrome-cve-admin@google.com", "sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-08-03T01:15:12.037", "published": "2023-08-03T01:15:12.037",
"lastModified": "2023-08-03T12:40:03.493", "lastModified": "2023-08-04T17:16:32.750",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Use after free in WebRTC in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to potentially exploit heap corruption via a crafted WebRTC session. (Chromium security severity: High)" "value": "Use after free in WebRTC in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to potentially exploit heap corruption via a crafted WebRTC session. (Chromium security severity: High)"
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding": "115.0.5790.170",
"matchCriteriaId": "A285F0A7-9E48-4D13-8CD8-E31E85C9AC44"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop.html",
"source": "chrome-cve-admin@google.com" "source": "chrome-cve-admin@google.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}, },
{ {
"url": "https://crbug.com/1459124", "url": "https://crbug.com/1459124",
"source": "chrome-cve-admin@google.com" "source": "chrome-cve-admin@google.com",
"tags": [
"Permissions Required"
]
} }
] ]
} }

70
CVE-2023/CVE-2023-40xx/CVE-2023-4077.json
View File

@ -2,23 +2,83 @@
"id": "CVE-2023-4077", "id": "CVE-2023-4077",
"sourceIdentifier": "chrome-cve-admin@google.com", "sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-08-03T01:15:12.100", "published": "2023-08-03T01:15:12.100",
"lastModified": "2023-08-03T12:40:03.493", "lastModified": "2023-08-04T17:18:01.517",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Insufficient data validation in Extensions in Google Chrome prior to 115.0.5790.170 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted Chrome Extension. (Chromium security severity: Medium)" "value": "Insufficient data validation in Extensions in Google Chrome prior to 115.0.5790.170 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted Chrome Extension. (Chromium security severity: Medium)"
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding": "115.0.5790.170",
"matchCriteriaId": "A285F0A7-9E48-4D13-8CD8-E31E85C9AC44"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop.html",
"source": "chrome-cve-admin@google.com" "source": "chrome-cve-admin@google.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}, },
{ {
"url": "https://crbug.com/1451146", "url": "https://crbug.com/1451146",
"source": "chrome-cve-admin@google.com" "source": "chrome-cve-admin@google.com",
"tags": [
"Permissions Required"
]
} }
] ]
} }

70
CVE-2023/CVE-2023-40xx/CVE-2023-4078.json
View File

@ -2,23 +2,83 @@
"id": "CVE-2023-4078", "id": "CVE-2023-4078",
"sourceIdentifier": "chrome-cve-admin@google.com", "sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-08-03T01:15:12.167", "published": "2023-08-03T01:15:12.167",
"lastModified": "2023-08-03T12:40:03.493", "lastModified": "2023-08-04T17:18:54.880",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "Inappropriate implementation in Extensions in Google Chrome prior to 115.0.5790.170 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted Chrome Extension. (Chromium security severity: Medium)" "value": "Inappropriate implementation in Extensions in Google Chrome prior to 115.0.5790.170 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted Chrome Extension. (Chromium security severity: Medium)"
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"versionEndExcluding": "115.0.5790.170",
"matchCriteriaId": "A285F0A7-9E48-4D13-8CD8-E31E85C9AC44"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop.html", "url": "https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop.html",
"source": "chrome-cve-admin@google.com" "source": "chrome-cve-admin@google.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}, },
{ {
"url": "https://crbug.com/1461895", "url": "https://crbug.com/1461895",
"source": "chrome-cve-admin@google.com" "source": "chrome-cve-admin@google.com",
"tags": [
"Permissions Required"
]
} }
] ]
} }

73
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update ### Last Repository Update
```plain ```plain
2023-08-04T16:00:27.597760+00:00 2023-08-04T18:00:34.940204+00:00
``` ```
### Most recent CVE Modification Timestamp synchronized with NVD ### Most recent CVE Modification Timestamp synchronized with NVD
```plain ```plain
2023-08-04T15:53:44.720000+00:00 2023-08-04T17:58:18.727000+00:00
``` ```
### Last Data Feed Release ### Last Data Feed Release
@ -29,43 +29,58 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs ### Total Number of included CVEs
```plain ```plain
221651 221665
``` ```
### CVEs added in the last Commit ### CVEs added in the last Commit
Recently added CVEs: `4` Recently added CVEs: `14`
* [CVE-2023-4135](CVE-2023/CVE-2023-41xx/CVE-2023-4135.json) (`2023-08-04T14:15:12.173`) * [CVE-2022-41401](CVE-2022/CVE-2022-414xx/CVE-2022-41401.json) (`2023-08-04T17:15:09.583`)
* [CVE-2023-29505](CVE-2023/CVE-2023-295xx/CVE-2023-29505.json) (`2023-08-04T15:15:09.987`) * [CVE-2023-37470](CVE-2023/CVE-2023-374xx/CVE-2023-37470.json) (`2023-08-04T16:15:09.610`)
* [CVE-2023-29689](CVE-2023/CVE-2023-296xx/CVE-2023-29689.json) (`2023-08-04T15:15:10.137`) * [CVE-2023-37896](CVE-2023/CVE-2023-378xx/CVE-2023-37896.json) (`2023-08-04T16:15:09.847`)
* [CVE-2023-36480](CVE-2023/CVE-2023-364xx/CVE-2023-36480.json) (`2023-08-04T15:15:10.210`) * [CVE-2023-38487](CVE-2023/CVE-2023-384xx/CVE-2023-38487.json) (`2023-08-04T16:15:10.030`)
* [CVE-2023-38494](CVE-2023/CVE-2023-384xx/CVE-2023-38494.json) (`2023-08-04T16:15:10.177`)
* [CVE-2023-38497](CVE-2023/CVE-2023-384xx/CVE-2023-38497.json) (`2023-08-04T16:15:10.370`)
* [CVE-2023-38686](CVE-2023/CVE-2023-386xx/CVE-2023-38686.json) (`2023-08-04T16:15:10.550`)
* [CVE-2023-38964](CVE-2023/CVE-2023-389xx/CVE-2023-38964.json) (`2023-08-04T16:15:10.697`)
* [CVE-2023-38688](CVE-2023/CVE-2023-386xx/CVE-2023-38688.json) (`2023-08-04T17:15:10.097`)
* [CVE-2023-38689](CVE-2023/CVE-2023-386xx/CVE-2023-38689.json) (`2023-08-04T17:15:10.563`)
* [CVE-2023-38690](CVE-2023/CVE-2023-386xx/CVE-2023-38690.json) (`2023-08-04T17:15:10.783`)
* [CVE-2023-38691](CVE-2023/CVE-2023-386xx/CVE-2023-38691.json) (`2023-08-04T17:15:11.063`)
* [CVE-2023-39112](CVE-2023/CVE-2023-391xx/CVE-2023-39112.json) (`2023-08-04T17:15:11.300`)
* [CVE-2023-39143](CVE-2023/CVE-2023-391xx/CVE-2023-39143.json) (`2023-08-04T17:15:11.510`)
### CVEs modified in the last Commit ### CVEs modified in the last Commit
Recently modified CVEs: `20` Recently modified CVEs: `79`
* [CVE-2020-36763](CVE-2020/CVE-2020-367xx/CVE-2020-36763.json) (`2023-08-04T14:01:30.770`) * [CVE-2023-35016](CVE-2023/CVE-2023-350xx/CVE-2023-35016.json) (`2023-08-04T17:23:18.223`)
* [CVE-2022-43711](CVE-2022/CVE-2022-437xx/CVE-2022-43711.json) (`2023-08-04T15:37:18.857`) * [CVE-2023-35019](CVE-2023/CVE-2023-350xx/CVE-2023-35019.json) (`2023-08-04T17:23:56.413`)
* [CVE-2022-43713](CVE-2022/CVE-2022-437xx/CVE-2022-43713.json) (`2023-08-04T15:49:03.637`) * [CVE-2023-22595](CVE-2023/CVE-2023-225xx/CVE-2023-22595.json) (`2023-08-04T17:25:00.243`)
* [CVE-2023-36092](CVE-2023/CVE-2023-360xx/CVE-2023-36092.json) (`2023-08-04T14:51:20.827`) * [CVE-2023-24971](CVE-2023/CVE-2023-249xx/CVE-2023-24971.json) (`2023-08-04T17:25:17.853`)
* [CVE-2023-36091](CVE-2023/CVE-2023-360xx/CVE-2023-36091.json) (`2023-08-04T14:51:35.410`) * [CVE-2023-3292](CVE-2023/CVE-2023-32xx/CVE-2023-3292.json) (`2023-08-04T17:25:42.997`)
* [CVE-2023-36090](CVE-2023/CVE-2023-360xx/CVE-2023-36090.json) (`2023-08-04T14:52:44.703`) * [CVE-2023-34360](CVE-2023/CVE-2023-343xx/CVE-2023-34360.json) (`2023-08-04T17:27:01.823`)
* [CVE-2023-36089](CVE-2023/CVE-2023-360xx/CVE-2023-36089.json) (`2023-08-04T14:52:51.697`) * [CVE-2023-34359](CVE-2023/CVE-2023-343xx/CVE-2023-34359.json) (`2023-08-04T17:27:09.303`)
* [CVE-2023-30367](CVE-2023/CVE-2023-303xx/CVE-2023-30367.json) (`2023-08-04T14:53:08.263`) * [CVE-2023-34358](CVE-2023/CVE-2023-343xx/CVE-2023-34358.json) (`2023-08-04T17:27:21.567`)
* [CVE-2023-30949](CVE-2023/CVE-2023-309xx/CVE-2023-30949.json) (`2023-08-04T15:03:22.487`) * [CVE-2023-36351](CVE-2023/CVE-2023-363xx/CVE-2023-36351.json) (`2023-08-04T17:28:04.757`)
* [CVE-2023-3242](CVE-2023/CVE-2023-32xx/CVE-2023-3242.json) (`2023-08-04T15:03:53.600`) * [CVE-2023-32302](CVE-2023/CVE-2023-323xx/CVE-2023-32302.json) (`2023-08-04T17:28:35.773`)
* [CVE-2023-30577](CVE-2023/CVE-2023-305xx/CVE-2023-30577.json) (`2023-08-04T15:21:45.547`) * [CVE-2023-36118](CVE-2023/CVE-2023-361xx/CVE-2023-36118.json) (`2023-08-04T17:28:37.420`)
* [CVE-2023-4139](CVE-2023/CVE-2023-41xx/CVE-2023-4139.json) (`2023-08-04T15:27:24.817`) * [CVE-2023-34869](CVE-2023/CVE-2023-348xx/CVE-2023-34869.json) (`2023-08-04T17:28:50.493`)
* [CVE-2023-4140](CVE-2023/CVE-2023-41xx/CVE-2023-4140.json) (`2023-08-04T15:27:24.817`) * [CVE-2023-31429](CVE-2023/CVE-2023-314xx/CVE-2023-31429.json) (`2023-08-04T17:29:03.630`)
* [CVE-2023-4141](CVE-2023/CVE-2023-41xx/CVE-2023-4141.json) (`2023-08-04T15:27:24.817`) * [CVE-2023-31425](CVE-2023/CVE-2023-314xx/CVE-2023-31425.json) (`2023-08-04T17:29:10.477`)
* [CVE-2023-4142](CVE-2023/CVE-2023-41xx/CVE-2023-4142.json) (`2023-08-04T15:27:24.817`) * [CVE-2023-39147](CVE-2023/CVE-2023-391xx/CVE-2023-39147.json) (`2023-08-04T17:30:04.907`)
* [CVE-2023-39379](CVE-2023/CVE-2023-393xx/CVE-2023-39379.json) (`2023-08-04T15:27:24.817`) * [CVE-2023-38560](CVE-2023/CVE-2023-385xx/CVE-2023-38560.json) (`2023-08-04T17:30:26.457`)
* [CVE-2023-34037](CVE-2023/CVE-2023-340xx/CVE-2023-34037.json) (`2023-08-04T15:27:24.817`) * [CVE-2023-31710](CVE-2023/CVE-2023-317xx/CVE-2023-31710.json) (`2023-08-04T17:31:52.350`)
* [CVE-2023-34038](CVE-2023/CVE-2023-340xx/CVE-2023-34038.json) (`2023-08-04T15:27:24.817`) * [CVE-2023-20583](CVE-2023/CVE-2023-205xx/CVE-2023-20583.json) (`2023-08-04T17:31:53.953`)
* [CVE-2023-33534](CVE-2023/CVE-2023-335xx/CVE-2023-33534.json) (`2023-08-04T15:42:55.730`) * [CVE-2023-36210](CVE-2023/CVE-2023-362xx/CVE-2023-36210.json) (`2023-08-04T17:41:31.310`)
* [CVE-2023-37647](CVE-2023/CVE-2023-376xx/CVE-2023-37647.json) (`2023-08-04T15:53:44.720`) * [CVE-2023-26607](CVE-2023/CVE-2023-266xx/CVE-2023-26607.json) (`2023-08-04T17:42:56.953`)
* [CVE-2023-37478](CVE-2023/CVE-2023-374xx/CVE-2023-37478.json) (`2023-08-04T17:44:08.830`)
* [CVE-2023-33493](CVE-2023/CVE-2023-334xx/CVE-2023-33493.json) (`2023-08-04T17:48:37.147`)
* [CVE-2023-4058](CVE-2023/CVE-2023-40xx/CVE-2023-4058.json) (`2023-08-04T17:50:09.910`)
* [CVE-2023-33562](CVE-2023/CVE-2023-335xx/CVE-2023-33562.json) (`2023-08-04T17:55:48.260`)
* [CVE-2023-33561](CVE-2023/CVE-2023-335xx/CVE-2023-33561.json) (`2023-08-04T17:58:18.727`)
## Download and Usage ## Download and Usage