admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-06-30T08:00:30.066039+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-06-30 08:00:33 +00:00
parent ad88f0afcc
commit 9764c76e6c
59 changed files with 5368 additions and 363 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

155
CVE-2022/CVE-2022-226xx/CVE-2022-22630.json
View File

@ -2,27 +2,170 @@
"id": "CVE-2022-22630",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:10.380",
"lastModified": "2023-06-23T19:24:47.997",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-30T07:04:29.020",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.6.6, macOS Monterey 12.3, Security Update 2022-004 Catalina. A remote user may cause an unexpected app termination or arbitrary code execution"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:mac_os_x:10.15.7:-:*:*:*:*:*:*",
"matchCriteriaId": "A654B8A2-FC30-4171-B0BB-366CD7ED4B6A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020:*:*:*:*:*:*",
"matchCriteriaId": "F12CC8B5-C1EB-419E-8496-B9A3864656AD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*",
"matchCriteriaId": "F1F4BF7F-90D4-4668-B4E6-B06F4070F448"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-005:*:*:*:*:*:*",
"matchCriteriaId": "7FD7176C-F4D1-43A7-9E49-BA92CA0D9980"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-007:*:*:*:*:*:*",
"matchCriteriaId": "2703DE0B-8A9E-4A9D-9AE8-028E22BF47CA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*",
"matchCriteriaId": "0F441A43-1669-478D-9EC8-E96882DE4F9F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*",
"matchCriteriaId": "D425C653-37A2-448C-BF2F-B684ADB08A26"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*",
"matchCriteriaId": "A54D63B7-B92B-47C3-B1C5-9892E5873A98"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-006:*:*:*:*:*:*",
"matchCriteriaId": "012052B5-9AA7-4FD3-9C80-5F615330039D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-007:*:*:*:*:*:*",
"matchCriteriaId": "50F21A3C-0AC3-48C5-A4F8-5A7B478875B4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-008:*:*:*:*:*:*",
"matchCriteriaId": "8E974DC6-F7D9-4389-9AF9-863F6E419CE6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-001:*:*:*:*:*:*",
"matchCriteriaId": "156A6382-2BD3-4882-90B2-8E7CF6659E17"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-002:*:*:*:*:*:*",
"matchCriteriaId": "20A2FDB2-6712-406A-9896-C0B44508B07D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2022-003:*:*:*:*:*:*",
"matchCriteriaId": "49F537A0-DC42-4176-B22F-C80D179DD99D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "11.0",
"versionEndExcluding": "11.6.6",
"matchCriteriaId": "09A6345C-D813-43BA-B12E-789C80653F86"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "12.0",
"versionEndExcluding": "12.3",
"matchCriteriaId": "9C72309C-939F-4744-80DB-07C4452BDAFE"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/HT213183",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213255",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213256",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

65
CVE-2022/CVE-2022-428xx/CVE-2022-42807.json
View File

@ -2,19 +2,76 @@
"id": "CVE-2022-42807",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:10.553",
"lastModified": "2023-06-23T19:24:47.997",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-30T07:11:19.047",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13. A user may accidentally add a participant to a Shared Album by pressing the Delete key"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "13.0",
"matchCriteriaId": "71E032AD-F827-4944-9699-BB1E6D4233FC"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/HT213488",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

85
CVE-2022/CVE-2022-428xx/CVE-2022-42834.json
View File

@ -2,27 +2,100 @@
"id": "CVE-2022-42834",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:10.597",
"lastModified": "2023-06-23T19:24:47.997",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-30T07:10:41.037",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An access issue was addressed with improved access restrictions. This issue is fixed in macOS Monterey 12.6.3, macOS Ventura 13, macOS Big Sur 11.7.3. An app may be able to access mail folder attachments through a temporary directory used during compression"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "11.0",
"versionEndExcluding": "11.7.3",
"matchCriteriaId": "4D13504E-ABCF-4E6F-8984-EADB123DFDD2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "12.0.0",
"versionEndExcluding": "12.6.3",
"matchCriteriaId": "C71359B9-7DCE-4F45-B03F-77CF313A74EA"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/HT213488",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213603",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213604",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

62
CVE-2023/CVE-2023-17xx/CVE-2023-1721.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-1721",
"sourceIdentifier": "help@fluidattacks.com",
"published": "2023-06-24T00:15:09.140",
"lastModified": "2023-06-24T12:41:30.800",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-30T07:35:18.113",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
},
{
"source": "help@fluidattacks.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
},
{
"source": "help@fluidattacks.com",
"type": "Secondary",
@ -46,14 +76,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:yoga_class_registration_system_project:yoga_class_registration_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6AC6CA18-C062-4016-BFD9-45A66C7AEEA8"
}
]
}
]
}
],
"references": [
{
"url": "https://fluidattacks.com/advisories/blessd/",
"source": "help@fluidattacks.com"
"source": "help@fluidattacks.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://www.sourcecodester.com/php/16097/yoga-class-registration-system-php-and-mysql-free-source-code.html",
"source": "help@fluidattacks.com"
"source": "help@fluidattacks.com",
"tags": [
"Product"
]
}
]
}

62
CVE-2023/CVE-2023-17xx/CVE-2023-1722.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-1722",
"sourceIdentifier": "help@fluidattacks.com",
"published": "2023-06-24T02:15:08.233",
"lastModified": "2023-06-24T12:41:30.800",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-30T07:31:54.523",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "help@fluidattacks.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
},
{
"source": "help@fluidattacks.com",
"type": "Secondary",
@ -46,14 +76,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:yoga_class_registration_system_project:yoga_class_registration_system:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6AC6CA18-C062-4016-BFD9-45A66C7AEEA8"
}
]
}
]
}
],
"references": [
{
"url": "https://fluidattacks.com/advisories/wyckoff/",
"source": "help@fluidattacks.com"
"source": "help@fluidattacks.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://www.sourcecodester.com/php/16097/yoga-class-registration-system-php-and-mysql-free-source-code.html",
"source": "help@fluidattacks.com"
"source": "help@fluidattacks.com",
"tags": [
"Product"
]
}
]
}

63
CVE-2023/CVE-2023-17xx/CVE-2023-1724.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-1724",
"sourceIdentifier": "help@fluidattacks.com",
"published": "2023-06-24T01:15:08.543",
"lastModified": "2023-06-24T12:41:30.800",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-30T07:31:30.543",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "help@fluidattacks.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "help@fluidattacks.com",
"type": "Secondary",
@ -46,14 +76,39 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ladybirdweb:faveo_helpdesk:*:*:*:*:*:*:*:*",
"versionEndIncluding": "6.0.1",
"matchCriteriaId": "9D1032F5-6893-4D5B-A613-057F5446E147"
}
]
}
]
}
],
"references": [
{
"url": "https://fluidattacks.com/advisories/towers/",
"source": "help@fluidattacks.com"
"source": "help@fluidattacks.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://github.com/ladybirdweb/faveo-helpdesk/",
"source": "help@fluidattacks.com"
"source": "help@fluidattacks.com",
"tags": [
"Product"
]
}
]
}

108
CVE-2023/CVE-2023-282xx/CVE-2023-28202.json
View File

@ -2,31 +2,125 @@
"id": "CVE-2023-28202",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:11.290",
"lastModified": "2023-06-23T19:24:43.457",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-30T07:03:46.813",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "This issue was addressed with improved state management. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, watchOS 9.5, tvOS 16.5. An app firewall setting may not take effect after exiting the Settings app"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.5",
"matchCriteriaId": "A4021D9E-B688-4FBC-B43A-D3C28FD38E67"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.5",
"matchCriteriaId": "CFA59B02-43A5-4865-8560-AA32D69E5C5E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.4",
"matchCriteriaId": "DA07361B-D827-471F-9443-4BE4265D6A3B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.5",
"matchCriteriaId": "D36613A6-BD83-4A57-8EE1-C186EB69DFF9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "9.5",
"matchCriteriaId": "BE5DB973-7B51-4232-8E1D-231078FE275C"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/HT213757",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213758",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213761",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213764",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

144
CVE-2023/CVE-2023-282xx/CVE-2023-28204.json
View File

@ -2,39 +2,165 @@
"id": "CVE-2023-28204",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:11.333",
"lastModified": "2023-06-23T19:24:43.457",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-30T07:03:31.893",
"vulnStatus": "Analyzed",
"cisaExploitAdd": "2023-05-22",
"cisaActionDue": "2023-06-12",
"cisaRequiredAction": "Apply updates per vendor instructions.",
"cisaVulnerabilityName": "Apple Multiple Products WebKit Out-of-Bounds Read Vulnerability",
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in watchOS 9.5, iOS 15.7.6 and iPadOS 15.7.6, macOS Ventura 13.4, Safari 16.5, tvOS 16.5, iOS 16.5 and iPadOS 16.5. Processing web content may disclose sensitive information. Apple is aware of a report that this issue may have been actively exploited."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.5",
"matchCriteriaId": "21B2F081-D602-4C84-8343-6327B23176D1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.7.6",
"matchCriteriaId": "4EC9E481-57D3-4F4D-A8D2-7DA0272F0706"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0",
"versionEndExcluding": "16.5",
"matchCriteriaId": "830FA87A-4E89-4E04-A8AF-A1FF08D77B2E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.7.6",
"matchCriteriaId": "8B89F737-4ADD-424C-A946-F368A7ABBE6D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0",
"versionEndExcluding": "16.5",
"matchCriteriaId": "424F077B-6678-4CE3-A216-C98E6D48F8AC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.4",
"matchCriteriaId": "DA07361B-D827-471F-9443-4BE4265D6A3B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.5",
"matchCriteriaId": "D36613A6-BD83-4A57-8EE1-C186EB69DFF9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "9.5",
"matchCriteriaId": "BE5DB973-7B51-4232-8E1D-231078FE275C"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/HT213757",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213758",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213761",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213762",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213764",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213765",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

28
CVE-2023/CVE-2023-283xx/CVE-2023-28387.json Normal file
View File

@ -0,0 +1,28 @@
{
"id": "CVE-2023-28387",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2023-06-30T07:15:08.720",
"lastModified": "2023-06-30T07:15:08.720",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\"NewsPicks\" App for Android versions 10.4.5 and earlier and \"NewsPicks\" App for iOS versions 10.4.2 and earlier use hard-coded credentials, which may allow a local attacker to analyze data in the app and to obtain API key for an external service."
}
],
"metrics": {},
"references": [
{
"url": "https://apps.apple.com/us/app/%E3%83%8B%E3%83%A5%E3%83%BC%E3%82%BA%E3%83%94%E3%83%83%E3%82%AF%E3%82%B9-%E3%83%93%E3%82%B8%E3%83%8D%E3%82%B9%E3%81%AB%E5%BD%B9%E7%AB%8B%E3%81%A4%E7%B5%8C%E6%B8%88%E3%83%8B%E3%83%A5%E3%83%BC%E3%82%B9%E3%82%A2%E3%83%97%E3%83%AA/id640956497",
"source": "vultures@jpcert.or.jp"
},
{
"url": "https://jvn.jp/en/jp/JVN32739265/",
"source": "vultures@jpcert.or.jp"
},
{
"url": "https://play.google.com/store/apps/details?id=com.newspicks",
"source": "vultures@jpcert.or.jp"
}
]
}

32
CVE-2023/CVE-2023-31xx/CVE-2023-3197.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3197",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-06-24T03:15:09.080",
"lastModified": "2023-06-24T12:41:30.800",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-30T07:32:05.493",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -46,14 +46,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:inspireui:mstore_api:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "4.0.1",
"matchCriteriaId": "07396023-4096-45FE-903F-A07ED1D1B21D"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/2929891/mstore-api/trunk/controllers/helpers/vendor-wcfm.php",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/30aab1af-a78f-4bac-b3c5-30ea854ccef7?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

108
CVE-2023/CVE-2023-323xx/CVE-2023-32389.json
View File

@ -2,31 +2,125 @@
"id": "CVE-2023-32389",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:12.467",
"lastModified": "2023-06-23T19:24:39.577",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-30T07:03:03.483",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, watchOS 9.5, tvOS 16.5. An app may be able to disclose kernel memory"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.5",
"matchCriteriaId": "A4021D9E-B688-4FBC-B43A-D3C28FD38E67"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.5",
"matchCriteriaId": "CFA59B02-43A5-4865-8560-AA32D69E5C5E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.4",
"matchCriteriaId": "DA07361B-D827-471F-9443-4BE4265D6A3B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.5",
"matchCriteriaId": "D36613A6-BD83-4A57-8EE1-C186EB69DFF9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "9.5",
"matchCriteriaId": "BE5DB973-7B51-4232-8E1D-231078FE275C"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/HT213757",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213758",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213761",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213764",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

96
CVE-2023/CVE-2023-323xx/CVE-2023-32390.json
View File

@ -2,27 +2,111 @@
"id": "CVE-2023-32390",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:12.510",
"lastModified": "2023-06-23T19:24:39.577",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-30T07:37:19.040",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
"lang": "en",
"value": "The issue was addressed with improved checks. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, watchOS 9.5. Photos belonging to the Hidden Photos Album could be viewed without authentication through Visual Lookup"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"baseSeverity": "LOW"
},
"exploitabilityScore": 0.7,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.5",
"matchCriteriaId": "A4021D9E-B688-4FBC-B43A-D3C28FD38E67"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.5",
"matchCriteriaId": "CFA59B02-43A5-4865-8560-AA32D69E5C5E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.4",
"matchCriteriaId": "DA07361B-D827-471F-9443-4BE4265D6A3B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "9.5",
"matchCriteriaId": "BE5DB973-7B51-4232-8E1D-231078FE275C"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/HT213757",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213758",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213764",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

116
CVE-2023/CVE-2023-323xx/CVE-2023-32391.json
View File

@ -2,31 +2,133 @@
"id": "CVE-2023-32391",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:12.557",
"lastModified": "2023-06-23T19:24:39.577",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-30T07:02:08.500",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The issue was addressed with improved checks. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, watchOS 9.5, iOS 15.7.6 and iPadOS 15.7.6. A shortcut may be able to use sensitive data with certain actions without prompting the user"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.7.6",
"matchCriteriaId": "4EC9E481-57D3-4F4D-A8D2-7DA0272F0706"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0",
"versionEndExcluding": "16.5",
"matchCriteriaId": "830FA87A-4E89-4E04-A8AF-A1FF08D77B2E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.7.6",
"matchCriteriaId": "8B89F737-4ADD-424C-A946-F368A7ABBE6D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0",
"versionEndExcluding": "16.5",
"matchCriteriaId": "424F077B-6678-4CE3-A216-C98E6D48F8AC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.4",
"matchCriteriaId": "DA07361B-D827-471F-9443-4BE4265D6A3B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "9.5",
"matchCriteriaId": "BE5DB973-7B51-4232-8E1D-231078FE275C"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/HT213757",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213758",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213764",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213765",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

134
CVE-2023/CVE-2023-323xx/CVE-2023-32392.json
View File

@ -2,39 +2,155 @@
"id": "CVE-2023-32392",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:12.607",
"lastModified": "2023-06-23T19:24:39.577",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-30T07:00:54.793",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in watchOS 9.5, macOS Ventura 13.4, tvOS 16.5, iOS 16.5 and iPadOS 16.5, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. An app may be able to read sensitive location information"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-532"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.5",
"matchCriteriaId": "A4021D9E-B688-4FBC-B43A-D3C28FD38E67"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.5",
"matchCriteriaId": "CFA59B02-43A5-4865-8560-AA32D69E5C5E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "11.0",
"versionEndExcluding": "11.7.7",
"matchCriteriaId": "B59D22F2-6EBD-4943-A009-F740265938AA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "12.0.0",
"versionEndExcluding": "12.6.6",
"matchCriteriaId": "057C3BDA-4822-4256-A016-4B32A05DD3B7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.4",
"matchCriteriaId": "DA07361B-D827-471F-9443-4BE4265D6A3B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.5",
"matchCriteriaId": "D36613A6-BD83-4A57-8EE1-C186EB69DFF9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "9.5",
"matchCriteriaId": "BE5DB973-7B51-4232-8E1D-231078FE275C"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/HT213757",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213758",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213759",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213760",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213761",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213764",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

108
CVE-2023/CVE-2023-323xx/CVE-2023-32394.json
View File

@ -2,31 +2,125 @@
"id": "CVE-2023-32394",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:12.657",
"lastModified": "2023-06-23T19:24:39.577",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-30T07:00:32.697",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The issue was addressed with improved checks. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, watchOS 9.5, tvOS 16.5. A person with physical access to a device may be able to view contact information from the lock screen"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.4,
"baseSeverity": "LOW"
},
"exploitabilityScore": 0.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-668"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.5",
"matchCriteriaId": "A4021D9E-B688-4FBC-B43A-D3C28FD38E67"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.5",
"matchCriteriaId": "CFA59B02-43A5-4865-8560-AA32D69E5C5E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.4",
"matchCriteriaId": "DA07361B-D827-471F-9443-4BE4265D6A3B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.5",
"matchCriteriaId": "D36613A6-BD83-4A57-8EE1-C186EB69DFF9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "9.5",
"matchCriteriaId": "BE5DB973-7B51-4232-8E1D-231078FE275C"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/HT213757",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213758",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213761",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213764",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

92
CVE-2023/CVE-2023-323xx/CVE-2023-32395.json
View File

@ -2,27 +2,107 @@
"id": "CVE-2023-32395",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:12.703",
"lastModified": "2023-06-23T19:24:39.577",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-30T06:59:58.327",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.4, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. An app may be able to modify protected parts of the file system"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "11.0",
"versionEndExcluding": "11.7.7",
"matchCriteriaId": "B59D22F2-6EBD-4943-A009-F740265938AA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "12.0.0",
"versionEndExcluding": "12.6.6",
"matchCriteriaId": "057C3BDA-4822-4256-A016-4B32A05DD3B7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.4",
"matchCriteriaId": "DA07361B-D827-471F-9443-4BE4265D6A3B"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/HT213758",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213759",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213760",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

110
CVE-2023/CVE-2023-323xx/CVE-2023-32397.json
View File

@ -2,31 +2,127 @@
"id": "CVE-2023-32397",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:12.743",
"lastModified": "2023-06-23T19:24:39.577",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-30T06:59:27.803",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.4, macOS Big Sur 11.7.7, iOS 15.7.6 and iPadOS 15.7.6, macOS Monterey 12.6.6. An app may be able to modify protected parts of the file system"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.7.6",
"matchCriteriaId": "4EC9E481-57D3-4F4D-A8D2-7DA0272F0706"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.7.6",
"matchCriteriaId": "8B89F737-4ADD-424C-A946-F368A7ABBE6D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "11.0",
"versionEndExcluding": "11.7.7",
"matchCriteriaId": "B59D22F2-6EBD-4943-A009-F740265938AA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "12.0",
"versionEndExcluding": "12.6.6",
"matchCriteriaId": "250A8AAA-1213-4237-921D-71B0B0B0ED3C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.4",
"matchCriteriaId": "DA07361B-D827-471F-9443-4BE4265D6A3B"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/HT213758",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213759",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213760",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213765",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

154
CVE-2023/CVE-2023-323xx/CVE-2023-32398.json
View File

@ -2,43 +2,177 @@
"id": "CVE-2023-32398",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:12.783",
"lastModified": "2023-06-23T19:24:39.577",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-30T06:58:06.077",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A use-after-free issue was addressed with improved memory management. This issue is fixed in watchOS 9.5, iOS 15.7.6 and iPadOS 15.7.6, macOS Ventura 13.4, tvOS 16.5, iOS 16.5 and iPadOS 16.5, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. An app may be able to execute arbitrary code with kernel privileges"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.7.6",
"matchCriteriaId": "4EC9E481-57D3-4F4D-A8D2-7DA0272F0706"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0",
"versionEndExcluding": "16.5",
"matchCriteriaId": "830FA87A-4E89-4E04-A8AF-A1FF08D77B2E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.7.6",
"matchCriteriaId": "8B89F737-4ADD-424C-A946-F368A7ABBE6D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0",
"versionEndExcluding": "16.5",
"matchCriteriaId": "424F077B-6678-4CE3-A216-C98E6D48F8AC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "11.0",
"versionEndExcluding": "11.7.7",
"matchCriteriaId": "B59D22F2-6EBD-4943-A009-F740265938AA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "12.0",
"versionEndExcluding": "12.6.6",
"matchCriteriaId": "250A8AAA-1213-4237-921D-71B0B0B0ED3C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.4",
"matchCriteriaId": "DA07361B-D827-471F-9443-4BE4265D6A3B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.5",
"matchCriteriaId": "D36613A6-BD83-4A57-8EE1-C186EB69DFF9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "9.5",
"matchCriteriaId": "BE5DB973-7B51-4232-8E1D-231078FE275C"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/HT213757",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213758",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213759",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213760",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213761",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213764",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213765",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

108
CVE-2023/CVE-2023-323xx/CVE-2023-32399.json
View File

@ -2,31 +2,125 @@
"id": "CVE-2023-32399",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:12.827",
"lastModified": "2023-06-23T19:24:35.610",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-30T07:08:09.847",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The issue was addressed with improved handling of caches. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, watchOS 9.5, tvOS 16.5. An app may be able to read sensitive location information"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.5",
"matchCriteriaId": "A4021D9E-B688-4FBC-B43A-D3C28FD38E67"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.5",
"matchCriteriaId": "CFA59B02-43A5-4865-8560-AA32D69E5C5E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.4",
"matchCriteriaId": "DA07361B-D827-471F-9443-4BE4265D6A3B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.5",
"matchCriteriaId": "D36613A6-BD83-4A57-8EE1-C186EB69DFF9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "9.5",
"matchCriteriaId": "BE5DB973-7B51-4232-8E1D-231078FE275C"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/HT213757",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213758",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213761",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213764",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

96
CVE-2023/CVE-2023-324xx/CVE-2023-32400.json
View File

@ -2,27 +2,111 @@
"id": "CVE-2023-32400",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:12.870",
"lastModified": "2023-06-23T19:24:35.610",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-30T07:28:07.453",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "This issue was addressed with improved checks. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, watchOS 9.5. Entitlements and privacy permissions granted to this app may be used by a malicious app"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.5",
"matchCriteriaId": "A4021D9E-B688-4FBC-B43A-D3C28FD38E67"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.5",
"matchCriteriaId": "CFA59B02-43A5-4865-8560-AA32D69E5C5E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.4",
"matchCriteriaId": "DA07361B-D827-471F-9443-4BE4265D6A3B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "9.5",
"matchCriteriaId": "BE5DB973-7B51-4232-8E1D-231078FE275C"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/HT213757",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213758",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213764",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

122
CVE-2023/CVE-2023-324xx/CVE-2023-32402.json
View File

@ -2,35 +2,141 @@
"id": "CVE-2023-32402",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:12.917",
"lastModified": "2023-06-23T19:24:35.610",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-30T07:16:39.517",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in watchOS 9.5, macOS Ventura 13.4, Safari 16.5, tvOS 16.5, iOS 16.5 and iPadOS 16.5. Processing web content may disclose sensitive information"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.5",
"matchCriteriaId": "21B2F081-D602-4C84-8343-6327B23176D1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0",
"versionEndExcluding": "16.5",
"matchCriteriaId": "830FA87A-4E89-4E04-A8AF-A1FF08D77B2E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0",
"versionEndExcluding": "16.5",
"matchCriteriaId": "424F077B-6678-4CE3-A216-C98E6D48F8AC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.4",
"matchCriteriaId": "DA07361B-D827-471F-9443-4BE4265D6A3B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.5",
"matchCriteriaId": "D36613A6-BD83-4A57-8EE1-C186EB69DFF9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "9.5",
"matchCriteriaId": "BE5DB973-7B51-4232-8E1D-231078FE275C"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/HT213757",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213758",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213761",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213762",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213764",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

154
CVE-2023/CVE-2023-324xx/CVE-2023-32403.json
View File

@ -2,43 +2,177 @@
"id": "CVE-2023-32403",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:12.960",
"lastModified": "2023-06-23T19:24:35.610",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-30T07:14:29.540",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in watchOS 9.5, iOS 15.7.6 and iPadOS 15.7.6, macOS Ventura 13.4, tvOS 16.5, iOS 16.5 and iPadOS 16.5, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. An app may be able to read sensitive location information"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.7.6",
"matchCriteriaId": "4EC9E481-57D3-4F4D-A8D2-7DA0272F0706"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0",
"versionEndExcluding": "16.5",
"matchCriteriaId": "830FA87A-4E89-4E04-A8AF-A1FF08D77B2E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.7.6",
"matchCriteriaId": "8B89F737-4ADD-424C-A946-F368A7ABBE6D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0",
"versionEndExcluding": "16.5",
"matchCriteriaId": "424F077B-6678-4CE3-A216-C98E6D48F8AC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "11.0",
"versionEndExcluding": "11.7.7",
"matchCriteriaId": "B59D22F2-6EBD-4943-A009-F740265938AA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "12.0",
"versionEndExcluding": "12.6.6",
"matchCriteriaId": "250A8AAA-1213-4237-921D-71B0B0B0ED3C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.4",
"matchCriteriaId": "DA07361B-D827-471F-9443-4BE4265D6A3B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.5",
"matchCriteriaId": "D36613A6-BD83-4A57-8EE1-C186EB69DFF9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "9.5",
"matchCriteriaId": "BE5DB973-7B51-4232-8E1D-231078FE275C"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/HT213757",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213758",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213759",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213760",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213761",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213764",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213765",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

98
CVE-2023/CVE-2023-324xx/CVE-2023-32404.json
View File

@ -2,27 +2,113 @@
"id": "CVE-2023-32404",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:13.007",
"lastModified": "2023-06-23T19:24:35.610",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-30T07:07:44.767",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "This issue was addressed with improved entitlements. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, watchOS 9.5. An app may be able to bypass Privacy preferences"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0",
"versionEndExcluding": "16.5",
"matchCriteriaId": "830FA87A-4E89-4E04-A8AF-A1FF08D77B2E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0",
"versionEndExcluding": "16.5",
"matchCriteriaId": "424F077B-6678-4CE3-A216-C98E6D48F8AC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.4",
"matchCriteriaId": "DA07361B-D827-471F-9443-4BE4265D6A3B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "9.5",
"matchCriteriaId": "BE5DB973-7B51-4232-8E1D-231078FE275C"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/HT213757",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213758",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213764",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

92
CVE-2023/CVE-2023-324xx/CVE-2023-32405.json
View File

@ -2,27 +2,107 @@
"id": "CVE-2023-32405",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:13.047",
"lastModified": "2023-06-23T19:24:35.610",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-30T07:07:35.147",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.4, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. An app may be able to gain root privileges"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "11.0",
"versionEndExcluding": "11.7.7",
"matchCriteriaId": "B59D22F2-6EBD-4943-A009-F740265938AA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "12.0",
"versionEndExcluding": "12.6.6",
"matchCriteriaId": "250A8AAA-1213-4237-921D-71B0B0B0ED3C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.4",
"matchCriteriaId": "DA07361B-D827-471F-9443-4BE4265D6A3B"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/HT213758",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213759",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213760",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

159
CVE-2023/CVE-2023-324xx/CVE-2023-32407.json
View File

@ -2,43 +2,182 @@
"id": "CVE-2023-32407",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:13.093",
"lastModified": "2023-06-23T19:24:35.610",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-30T07:07:24.717",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A logic issue was addressed with improved state management. This issue is fixed in watchOS 9.5, iOS 15.7.6 and iPadOS 15.7.6, macOS Ventura 13.4, tvOS 16.5, iOS 16.5 and iPadOS 16.5, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. An app may be able to bypass Privacy preferences"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.7.6",
"matchCriteriaId": "4EC9E481-57D3-4F4D-A8D2-7DA0272F0706"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0",
"versionEndExcluding": "16.5",
"matchCriteriaId": "830FA87A-4E89-4E04-A8AF-A1FF08D77B2E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.7.6",
"matchCriteriaId": "8B89F737-4ADD-424C-A946-F368A7ABBE6D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0",
"versionEndExcluding": "16.5",
"matchCriteriaId": "424F077B-6678-4CE3-A216-C98E6D48F8AC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "11.0",
"versionEndExcluding": "11.7.7",
"matchCriteriaId": "B59D22F2-6EBD-4943-A009-F740265938AA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "12.0",
"versionEndExcluding": "12.6.6",
"matchCriteriaId": "250A8AAA-1213-4237-921D-71B0B0B0ED3C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.4",
"matchCriteriaId": "DA07361B-D827-471F-9443-4BE4265D6A3B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.5",
"matchCriteriaId": "D36613A6-BD83-4A57-8EE1-C186EB69DFF9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "9.5",
"matchCriteriaId": "BE5DB973-7B51-4232-8E1D-231078FE275C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:9.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A3DB8A70-787D-42FE-97E6-FD12295F4685"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/HT213757",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213758",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213759",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213760",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213761",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213764",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213765",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

141
CVE-2023/CVE-2023-324xx/CVE-2023-32408.json
View File

@ -2,39 +2,162 @@
"id": "CVE-2023-32408",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:13.140",
"lastModified": "2023-06-23T19:24:35.610",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-30T07:07:08.127",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The issue was addressed with improved handling of caches. This issue is fixed in watchOS 9.5, iOS 15.7.6 and iPadOS 15.7.6, macOS Ventura 13.4, tvOS 16.5, iOS 16.5 and iPadOS 16.5, macOS Monterey 12.6.6. An app may be able to read sensitive location information"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.7.6",
"matchCriteriaId": "4EC9E481-57D3-4F4D-A8D2-7DA0272F0706"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0",
"versionEndExcluding": "16.5",
"matchCriteriaId": "830FA87A-4E89-4E04-A8AF-A1FF08D77B2E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.7.6",
"matchCriteriaId": "8B89F737-4ADD-424C-A946-F368A7ABBE6D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0",
"versionEndExcluding": "16.5",
"matchCriteriaId": "424F077B-6678-4CE3-A216-C98E6D48F8AC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "12.0",
"versionEndExcluding": "12.6.6",
"matchCriteriaId": "250A8AAA-1213-4237-921D-71B0B0B0ED3C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.4",
"matchCriteriaId": "DA07361B-D827-471F-9443-4BE4265D6A3B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.5",
"matchCriteriaId": "D36613A6-BD83-4A57-8EE1-C186EB69DFF9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "9.5",
"matchCriteriaId": "BE5DB973-7B51-4232-8E1D-231078FE275C"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/HT213757",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213758",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213759",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213761",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213764",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213765",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

126
CVE-2023/CVE-2023-324xx/CVE-2023-32409.json
View File

@ -2,35 +2,145 @@
"id": "CVE-2023-32409",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:13.183",
"lastModified": "2023-06-23T19:24:35.610",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-30T07:06:51.937",
"vulnStatus": "Analyzed",
"cisaExploitAdd": "2023-05-22",
"cisaActionDue": "2023-06-12",
"cisaRequiredAction": "Apply updates per vendor instructions.",
"cisaVulnerabilityName": "Apple Multiple Products WebKit Sandbox Escape Vulnerability",
"descriptions": [
{
"lang": "en",
"value": "The issue was addressed with improved bounds checks. This issue is fixed in watchOS 9.5, macOS Ventura 13.4, Safari 16.5, tvOS 16.5, iOS 16.5 and iPadOS 16.5. A remote attacker may be able to break out of Web Content sandbox. Apple is aware of a report that this issue may have been actively exploited."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 8.6,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.5",
"matchCriteriaId": "21B2F081-D602-4C84-8343-6327B23176D1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0",
"versionEndExcluding": "16.5",
"matchCriteriaId": "830FA87A-4E89-4E04-A8AF-A1FF08D77B2E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0",
"versionEndExcluding": "16.5",
"matchCriteriaId": "424F077B-6678-4CE3-A216-C98E6D48F8AC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.4",
"matchCriteriaId": "DA07361B-D827-471F-9443-4BE4265D6A3B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.5",
"matchCriteriaId": "D36613A6-BD83-4A57-8EE1-C186EB69DFF9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "9.5",
"matchCriteriaId": "BE5DB973-7B51-4232-8E1D-231078FE275C"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/HT213757",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213758",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213761",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213762",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213764",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

110
CVE-2023/CVE-2023-324xx/CVE-2023-32410.json
View File

@ -2,31 +2,127 @@
"id": "CVE-2023-32410",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:13.227",
"lastModified": "2023-06-23T19:24:35.610",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-30T07:06:09.090",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.4, macOS Big Sur 11.7.7, iOS 15.7.6 and iPadOS 15.7.6, macOS Monterey 12.6.6. An app may be able to leak sensitive kernel state"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.7.6",
"matchCriteriaId": "4EC9E481-57D3-4F4D-A8D2-7DA0272F0706"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.7.6",
"matchCriteriaId": "8B89F737-4ADD-424C-A946-F368A7ABBE6D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "11.0",
"versionEndExcluding": "11.7.7",
"matchCriteriaId": "B59D22F2-6EBD-4943-A009-F740265938AA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "12.0",
"versionEndExcluding": "12.6.6",
"matchCriteriaId": "250A8AAA-1213-4237-921D-71B0B0B0ED3C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.4",
"matchCriteriaId": "DA07361B-D827-471F-9443-4BE4265D6A3B"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/HT213758",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213759",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213760",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213765",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

124
CVE-2023/CVE-2023-324xx/CVE-2023-32411.json
View File

@ -2,35 +2,143 @@
"id": "CVE-2023-32411",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:13.273",
"lastModified": "2023-06-23T19:24:35.610",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-30T07:05:56.930",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "This issue was addressed with improved entitlements. This issue is fixed in macOS Ventura 13.4, tvOS 16.5, iOS 16.5 and iPadOS 16.5, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. An app may be able to bypass Privacy preferences"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0",
"versionEndExcluding": "16.5",
"matchCriteriaId": "830FA87A-4E89-4E04-A8AF-A1FF08D77B2E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0",
"versionEndExcluding": "16.5",
"matchCriteriaId": "424F077B-6678-4CE3-A216-C98E6D48F8AC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "11.0",
"versionEndExcluding": "11.7.7",
"matchCriteriaId": "B59D22F2-6EBD-4943-A009-F740265938AA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "12.0",
"versionEndExcluding": "12.6.6",
"matchCriteriaId": "250A8AAA-1213-4237-921D-71B0B0B0ED3C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.4",
"matchCriteriaId": "DA07361B-D827-471F-9443-4BE4265D6A3B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.5",
"matchCriteriaId": "D36613A6-BD83-4A57-8EE1-C186EB69DFF9"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/HT213757",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213758",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213759",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213760",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213761",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

154
CVE-2023/CVE-2023-324xx/CVE-2023-32412.json
View File

@ -2,43 +2,177 @@
"id": "CVE-2023-32412",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:13.320",
"lastModified": "2023-06-23T19:24:35.610",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-30T07:04:51.590",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A use-after-free issue was addressed with improved memory management. This issue is fixed in watchOS 9.5, iOS 15.7.6 and iPadOS 15.7.6, macOS Ventura 13.4, tvOS 16.5, iOS 16.5 and iPadOS 16.5, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. A remote attacker may be able to cause unexpected app termination or arbitrary code execution"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.7.6",
"matchCriteriaId": "4EC9E481-57D3-4F4D-A8D2-7DA0272F0706"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0",
"versionEndExcluding": "16.5",
"matchCriteriaId": "830FA87A-4E89-4E04-A8AF-A1FF08D77B2E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.7.6",
"matchCriteriaId": "8B89F737-4ADD-424C-A946-F368A7ABBE6D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0",
"versionEndExcluding": "16.5",
"matchCriteriaId": "424F077B-6678-4CE3-A216-C98E6D48F8AC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "11.0",
"versionEndExcluding": "11.7.7",
"matchCriteriaId": "B59D22F2-6EBD-4943-A009-F740265938AA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "12.0",
"versionEndExcluding": "12.6.6",
"matchCriteriaId": "250A8AAA-1213-4237-921D-71B0B0B0ED3C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.4",
"matchCriteriaId": "DA07361B-D827-471F-9443-4BE4265D6A3B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.5",
"matchCriteriaId": "D36613A6-BD83-4A57-8EE1-C186EB69DFF9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "9.5",
"matchCriteriaId": "BE5DB973-7B51-4232-8E1D-231078FE275C"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/HT213757",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213758",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213759",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213760",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213761",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213764",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213765",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

154
CVE-2023/CVE-2023-324xx/CVE-2023-32413.json
View File

@ -2,43 +2,177 @@
"id": "CVE-2023-32413",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:13.370",
"lastModified": "2023-06-23T19:24:35.610",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-30T07:14:15.513",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A race condition was addressed with improved state handling. This issue is fixed in watchOS 9.5, iOS 15.7.6 and iPadOS 15.7.6, macOS Ventura 13.4, tvOS 16.5, iOS 16.5 and iPadOS 16.5, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. An app may be able to gain root privileges"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-362"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.7.6",
"matchCriteriaId": "4EC9E481-57D3-4F4D-A8D2-7DA0272F0706"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0",
"versionEndExcluding": "16.5",
"matchCriteriaId": "830FA87A-4E89-4E04-A8AF-A1FF08D77B2E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.7.6",
"matchCriteriaId": "8B89F737-4ADD-424C-A946-F368A7ABBE6D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0",
"versionEndExcluding": "16.5",
"matchCriteriaId": "424F077B-6678-4CE3-A216-C98E6D48F8AC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "11.0",
"versionEndExcluding": "11.7.7",
"matchCriteriaId": "B59D22F2-6EBD-4943-A009-F740265938AA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "12.0",
"versionEndExcluding": "12.6.6",
"matchCriteriaId": "250A8AAA-1213-4237-921D-71B0B0B0ED3C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.4",
"matchCriteriaId": "DA07361B-D827-471F-9443-4BE4265D6A3B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.5",
"matchCriteriaId": "D36613A6-BD83-4A57-8EE1-C186EB69DFF9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "9.5",
"matchCriteriaId": "BE5DB973-7B51-4232-8E1D-231078FE275C"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/HT213757",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213758",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213759",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213760",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213761",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213764",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213765",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

66
CVE-2023/CVE-2023-324xx/CVE-2023-32414.json
View File

@ -2,19 +2,77 @@
"id": "CVE-2023-32414",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:13.417",
"lastModified": "2023-06-23T19:24:35.610",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-30T07:13:57.780",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.4. An app may be able to break out of its sandbox"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.4",
"matchCriteriaId": "DA07361B-D827-471F-9443-4BE4265D6A3B"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/HT213758",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

98
CVE-2023/CVE-2023-324xx/CVE-2023-32415.json
View File

@ -2,27 +2,113 @@
"id": "CVE-2023-32415",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:13.457",
"lastModified": "2023-06-23T19:24:35.610",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-30T07:16:27.650",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, tvOS 16.5. An app may be able to read sensitive location information"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0",
"versionEndExcluding": "16.5",
"matchCriteriaId": "830FA87A-4E89-4E04-A8AF-A1FF08D77B2E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0",
"versionEndExcluding": "16.5",
"matchCriteriaId": "424F077B-6678-4CE3-A216-C98E6D48F8AC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.4",
"matchCriteriaId": "DA07361B-D827-471F-9443-4BE4265D6A3B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.5",
"matchCriteriaId": "D36613A6-BD83-4A57-8EE1-C186EB69DFF9"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/HT213757",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213758",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213761",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

65
CVE-2023/CVE-2023-324xx/CVE-2023-32417.json
View File

@ -2,19 +2,76 @@
"id": "CVE-2023-32417",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:13.497",
"lastModified": "2023-06-23T19:24:35.610",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-30T07:36:58.417",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "This issue was addressed by restricting options offered on a locked device. This issue is fixed in watchOS 9.5. An attacker with physical access to a locked Apple Watch may be able to view user photos or contacts via accessibility features"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "PHYSICAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.4,
"baseSeverity": "LOW"
},
"exploitabilityScore": 0.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "9.5",
"matchCriteriaId": "BE5DB973-7B51-4232-8E1D-231078FE275C"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/HT213764",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

71
CVE-2023/CVE-2023-324xx/CVE-2023-32419.json
View File

@ -2,19 +2,82 @@
"id": "CVE-2023-32419",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:13.540",
"lastModified": "2023-06-23T19:24:35.610",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-30T07:36:47.020",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The issue was addressed with improved bounds checks. This issue is fixed in iOS 16.5 and iPadOS 16.5. A remote attacker may be able to cause arbitrary code execution"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.5",
"matchCriteriaId": "A4021D9E-B688-4FBC-B43A-D3C28FD38E67"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.5",
"matchCriteriaId": "CFA59B02-43A5-4865-8560-AA32D69E5C5E"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/HT213757",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

108
CVE-2023/CVE-2023-324xx/CVE-2023-32420.json
View File

@ -2,31 +2,125 @@
"id": "CVE-2023-32420",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:13.583",
"lastModified": "2023-06-23T19:24:35.610",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-30T07:13:04.557",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, watchOS 9.5, tvOS 16.5. An app may be able to cause unexpected system termination or read kernel memory"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.5",
"matchCriteriaId": "A4021D9E-B688-4FBC-B43A-D3C28FD38E67"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.5",
"matchCriteriaId": "CFA59B02-43A5-4865-8560-AA32D69E5C5E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.4",
"matchCriteriaId": "DA07361B-D827-471F-9443-4BE4265D6A3B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.5",
"matchCriteriaId": "D36613A6-BD83-4A57-8EE1-C186EB69DFF9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "9.5",
"matchCriteriaId": "BE5DB973-7B51-4232-8E1D-231078FE275C"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/HT213757",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213758",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213761",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213764",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

96
CVE-2023/CVE-2023-324xx/CVE-2023-32422.json
View File

@ -2,27 +2,111 @@
"id": "CVE-2023-32422",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:13.630",
"lastModified": "2023-06-23T19:24:35.610",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-30T07:12:52.540",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "This issue was addressed by adding additional SQLite logging restrictions. This issue is fixed in iOS 16.5 and iPadOS 16.5, macOS Ventura 13.4, tvOS 16.5. An app may be able to bypass Privacy preferences"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.5",
"matchCriteriaId": "A4021D9E-B688-4FBC-B43A-D3C28FD38E67"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.5",
"matchCriteriaId": "CFA59B02-43A5-4865-8560-AA32D69E5C5E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.4",
"matchCriteriaId": "DA07361B-D827-471F-9443-4BE4265D6A3B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.5",
"matchCriteriaId": "D36613A6-BD83-4A57-8EE1-C186EB69DFF9"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/HT213757",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213758",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213761",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

120
CVE-2023/CVE-2023-324xx/CVE-2023-32423.json
View File

@ -2,35 +2,139 @@
"id": "CVE-2023-32423",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:13.677",
"lastModified": "2023-06-23T19:24:35.610",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-30T07:12:25.107",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A buffer overflow issue was addressed with improved memory handling. This issue is fixed in watchOS 9.5, macOS Ventura 13.4, Safari 16.5, tvOS 16.5, iOS 16.5 and iPadOS 16.5. Processing web content may disclose sensitive information"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.5",
"matchCriteriaId": "A4021D9E-B688-4FBC-B43A-D3C28FD38E67"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.5",
"matchCriteriaId": "CFA59B02-43A5-4865-8560-AA32D69E5C5E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.4",
"matchCriteriaId": "DA07361B-D827-471F-9443-4BE4265D6A3B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:safari:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.5",
"matchCriteriaId": "3038D217-F7EF-4663-A4CC-74DBF0CCB595"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.5",
"matchCriteriaId": "D36613A6-BD83-4A57-8EE1-C186EB69DFF9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "9.5",
"matchCriteriaId": "BE5DB973-7B51-4232-8E1D-231078FE275C"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/HT213757",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213758",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213761",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213762",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213764",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

159
CVE-2023/CVE-2023-324xx/CVE-2023-32434.json
View File

@ -2,43 +2,182 @@
"id": "CVE-2023-32434",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:13.720",
"lastModified": "2023-06-23T19:24:31.607",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-30T07:36:30.980",
"vulnStatus": "Analyzed",
"cisaExploitAdd": "2023-06-23",
"cisaActionDue": "2023-07-14",
"cisaRequiredAction": "Apply updates per vendor instructions.",
"cisaVulnerabilityName": "Apple Multiple Products Integer Overflow Vulnerability",
"descriptions": [
{
"lang": "en",
"value": "An integer overflow was addressed with improved input validation. This issue is fixed in watchOS 8.8.1, iOS 16.5.1 and iPadOS 16.5.1, iOS 15.7.7 and iPadOS 15.7.7, macOS Big Sur 11.7.8, macOS Monterey 12.6.7, macOS Ventura 13.4.1, watchOS 9.5.2. An app may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-190"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.7.7",
"matchCriteriaId": "E8FAA574-E1B0-4BB4-934A-7B9D7D4363B0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0",
"versionEndExcluding": "16.5.1",
"matchCriteriaId": "C9696FA8-BED8-44C1-8F9F-70D7B61E861D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.7.7",
"matchCriteriaId": "B94C7DA5-DA67-4FFB-AB79-62CE457357D1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0",
"versionEndExcluding": "16.5.1",
"matchCriteriaId": "264BAADE-3DE3-4698-B182-15802C36FB19"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "11.0",
"versionEndExcluding": "11.7.8",
"matchCriteriaId": "A6FCD0AD-BB08-44D1-9E14-24C4D940B760"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "12.0.0",
"versionEndExcluding": "12.6.7",
"matchCriteriaId": "969D98EE-69B3-4F88-8170-4FBBABFEEB15"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.4.1",
"matchCriteriaId": "3405331D-E4E6-4362-91C7-0F50DA398938"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionEndExcluding": "8.8.1",
"matchCriteriaId": "757EE36B-8601-4676-B3C8-5A58D5BBF611"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.0",
"versionEndExcluding": "9.5.2",
"matchCriteriaId": "B8B4BDE3-1FAB-4716-AEDF-DC20E0A74B04"
}
]
}
]
}
],
"references": [
{
"url": "https://support.apple.com/en-us/HT213808",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213809",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213810",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213811",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213812",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213813",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213814",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

121
CVE-2023/CVE-2023-324xx/CVE-2023-32435.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32435",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:13.767",
"lastModified": "2023-06-29T15:15:09.340",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-06-30T07:32:59.527",
"vulnStatus": "Analyzed",
"cisaExploitAdd": "2023-06-23",
"cisaActionDue": "2023-07-14",
"cisaRequiredAction": "Apply updates per vendor instructions.",
@ -14,27 +14,132 @@
"value": "A memory corruption issue was addressed with improved state management. This issue is fixed in Safari 16.4, iOS 16.4 and iPadOS 16.4, macOS Ventura 13.3, iOS 15.7.7 and iPadOS 15.7.7. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.4",
"matchCriteriaId": "EE589B89-C395-4840-9EE5-B644EC1C637C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.7.7",
"matchCriteriaId": "E8FAA574-E1B0-4BB4-934A-7B9D7D4363B0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0",
"versionEndExcluding": "16.4",
"matchCriteriaId": "79A85DA3-B374-444F-B9A2-7E4F334C26DA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.7.7",
"matchCriteriaId": "B94C7DA5-DA67-4FFB-AB79-62CE457357D1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0",
"versionEndExcluding": "16.4",
"matchCriteriaId": "E33C3BC5-6CFC-4B58-8642-80A9FE00DB24"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.3",
"matchCriteriaId": "A6D636F7-278A-491B-8960-91A4D5A86A96"
}
]
}
]
}
],
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2023/06/29/1",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://support.apple.com/en-us/HT213670",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213671",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213676",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213811",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

121
CVE-2023/CVE-2023-324xx/CVE-2023-32439.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32439",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:13.813",
"lastModified": "2023-06-29T15:15:09.417",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-06-30T07:33:18.347",
"vulnStatus": "Analyzed",
"cisaExploitAdd": "2023-06-23",
"cisaActionDue": "2023-07-14",
"cisaRequiredAction": "Apply updates per vendor instructions.",
@ -14,27 +14,132 @@
"value": "A type confusion issue was addressed with improved checks. This issue is fixed in iOS 16.5.1 and iPadOS 16.5.1, Safari 16.5.1, macOS Ventura 13.4.1, iOS 15.7.7 and iPadOS 15.7.7. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-843"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.5.1",
"matchCriteriaId": "5B80AFED-4F28-4FE6-9699-05D281388A00"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.7.7",
"matchCriteriaId": "E8FAA574-E1B0-4BB4-934A-7B9D7D4363B0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0",
"versionEndExcluding": "16.5.1",
"matchCriteriaId": "C9696FA8-BED8-44C1-8F9F-70D7B61E861D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionEndExcluding": "15.7.7",
"matchCriteriaId": "B94C7DA5-DA67-4FFB-AB79-62CE457357D1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0",
"versionEndExcluding": "16.5.1",
"matchCriteriaId": "264BAADE-3DE3-4698-B182-15802C36FB19"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"versionStartIncluding": "13.0",
"versionEndExcluding": "13.4.1",
"matchCriteriaId": "3405331D-E4E6-4362-91C7-0F50DA398938"
}
]
}
]
}
],
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2023/06/29/1",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Mailing List"
]
},
{
"url": "https://support.apple.com/en-us/HT213811",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213813",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213814",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://support.apple.com/en-us/HT213816",
"source": "product-security@apple.com"
"source": "product-security@apple.com",
"tags": [
"Release Notes",
"Vendor Advisory"
]
}
]
}

26
CVE-2023/CVE-2023-327xx/CVE-2023-32754.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32754",
"sourceIdentifier": "twcert@cert.org.tw",
"published": "2023-06-16T04:15:13.947",
"lastModified": "2023-06-16T12:47:18.707",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-30T07:38:14.497",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -50,10 +50,30 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:thinkingsoftware:efence:1.2.59:db_36:*:*:*:*:*:*",
"matchCriteriaId": "996FC2B5-7D64-4F11-9434-5DE9F3300694"
}
]
}
]
}
],
"references": [
{
"url": "https://www.twcert.org.tw/tw/cp-132-7161-3e7c9-1.html",
"source": "twcert@cert.org.tw"
"source": "twcert@cert.org.tw",
"tags": [
"Third Party Advisory"
]
}
]
}

60
CVE-2023/CVE-2023-33xx/CVE-2023-3305.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3305",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-06-18T08:15:09.023",
"lastModified": "2023-06-20T07:12:55.493",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-30T07:38:52.063",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,18 +93,46 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cdatatec:web_management_system:*:*:*:*:*:*:*:*",
"versionEndIncluding": "20230607",
"matchCriteriaId": "A76D2F8B-646A-4E2F-AFBD-B3499C673D38"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/sleepyvv/vul_report/blob/main/C-data/BrokenAccessControl.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.231801",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.231801",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

59
CVE-2023/CVE-2023-33xx/CVE-2023-3387.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3387",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-06-24T03:15:09.157",
"lastModified": "2023-06-24T12:41:30.800",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-30T07:35:30.027",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -13,8 +13,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
@ -46,18 +66,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lanacodes:lana_text_to_image:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.0.0",
"matchCriteriaId": "7A00C636-A8FF-4EE3-BDAA-9412200E4B43"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/lana-text-to-image/tags/1.0.0/lana-text-to-image.php#L97",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/2929913/lana-text-to-image",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8acb7893-85b2-404a-b3fe-b4c1a835b3eb?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

75
CVE-2023/CVE-2023-33xx/CVE-2023-3388.json
View File

@ -2,19 +2,43 @@
"id": "CVE-2023-3388",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-06-24T03:15:09.230",
"lastModified": "2023-06-24T12:41:30.800",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-30T07:35:50.417",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The Beautiful Cookie Consent Banner for WordPress is vulnerable to Stored Cross-Site Scripting via the 'nsc_bar_content_href' parameter in versions up to, and including, 2.10.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. A partial patch was made available in 2.10.1 and the issue was fully patched in 2.10.2."
},
{
"lang": "es",
"value": "El bonito Banner de consentimiento de Cookies para WordPress es vulnerable a Cross-Site Scripting almacenado a trav\u00e9s del par\u00e1metro 'nsc_bar_content_href' en versiones hasta, e incluyendo, 2.10.1 debido a insuficiente sanitizaci\u00f3n de entrada y escape de salida. Esto hace posible que atacantes no autentificados inyecten scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada. En la versi\u00f3n 2.10.1 se puso a disposici\u00f3n un parche parcial y en la 2.10.2 se corrigi\u00f3 completamente el problema."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
@ -36,7 +60,7 @@
},
"weaknesses": [
{
"source": "security@wordfence.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
@ -44,20 +68,57 @@
"value": "CWE-79"
}
]
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:beautiful-cookie-banner:beautiful_cookie_consent_banner:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.10.1",
"matchCriteriaId": "9942F19A-D118-448E-A293-2DB6670248BC"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2857982%40beautiful-and-responsive-cookie-consent&new=2857982%40beautiful-and-responsive-cookie-consent&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/blog/2023/05/wordfence-firewall-blocks-bizarre-large-scale-xss-campaign/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/542a4079-b1a2-49bc-9ddd-ba7978c9992e?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

56
CVE-2023/CVE-2023-33xx/CVE-2023-3393.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3393",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-06-23T19:15:09.793",
"lastModified": "2023-06-23T19:24:31.607",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-30T07:33:35.807",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -46,14 +68,40 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fossbilling:fossbilling:*:*:*:*:*:*:*:*",
"versionEndExcluding": "0.5.1",
"matchCriteriaId": "308FAB82-AE79-4B96-B839-105B4B3ED66E"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/fossbilling/fossbilling/commit/47343fb58db5c17c14bc6941dacbeb9c96957351",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Patch"
]
},
{
"url": "https://huntr.dev/bounties/e4df9280-900a-407a-a07e-e7fef3345914",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
]
}
]
}

56
CVE-2023/CVE-2023-33xx/CVE-2023-3394.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3394",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-06-23T19:15:09.860",
"lastModified": "2023-06-23T19:24:31.607",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-30T07:34:53.880",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -46,14 +68,40 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fossbilling:fossbilling:*:*:*:*:*:*:*:*",
"versionEndExcluding": "0.5.1",
"matchCriteriaId": "308FAB82-AE79-4B96-B839-105B4B3ED66E"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/fossbilling/fossbilling/commit/b9c35a174750f1463aea86168524efce6cd48ef7",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Patch"
]
},
{
"url": "https://huntr.dev/bounties/84bf3e85-cdeb-4b8d-9ea4-74156dbda83f",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
]
}
]
}

88
CVE-2023/CVE-2023-34xx/CVE-2023-3473.json Normal file
View File

@ -0,0 +1,88 @@
{
"id": "CVE-2023-3473",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-06-30T07:15:08.813",
"lastModified": "2023-06-30T07:15:08.813",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, was found in Campcodes Retro Cellphone Online Store 1.0. Affected is an unknown function of the file /admin/edit_product.php. The manipulation of the argument username leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-232752."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 4.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:M/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "MULTIPLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 6.4,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/E1CHO/cve_hub/blob/main/Retro%20Cellphone%20Online%20Store%20-%20vlun%204.pdf",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.232752",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.232752",
"source": "cna@vuldb.com"
}
]
}

84
CVE-2023/CVE-2023-34xx/CVE-2023-3474.json Normal file
View File

@ -0,0 +1,84 @@
{
"id": "CVE-2023-3474",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-06-30T07:15:08.927",
"lastModified": "2023-06-30T07:15:08.927",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in SimplePHPscripts Simple Blog 3.2 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file preview.php of the component URL Parameter Handler. The manipulation leads to cross site scripting. The attack can be launched remotely. It is recommended to upgrade the affected component. The identifier VDB-232753 was assigned to this vulnerability."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW"
},
"exploitabilityScore": 2.1,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE",
"baseScore": 4.0
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?ctiid.232753",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.232753",
"source": "cna@vuldb.com"
}
]
}

84
CVE-2023/CVE-2023-34xx/CVE-2023-3475.json Normal file
View File

@ -0,0 +1,84 @@
{
"id": "CVE-2023-3475",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-06-30T07:15:09.030",
"lastModified": "2023-06-30T07:15:09.030",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in SimplePHPscripts Event Script 2.1 and classified as problematic. Affected by this issue is some unknown functionality of the file preview.php of the component URL Parameter Handler. The manipulation leads to cross site scripting. The attack may be launched remotely. It is recommended to upgrade the affected component. VDB-232754 is the identifier assigned to this vulnerability."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW"
},
"exploitabilityScore": 2.1,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE",
"baseScore": 4.0
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?ctiid.232754",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.232754",
"source": "cna@vuldb.com"
}
]
}

84
CVE-2023/CVE-2023-34xx/CVE-2023-3476.json Normal file
View File

@ -0,0 +1,84 @@
{
"id": "CVE-2023-3476",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-06-30T07:15:09.130",
"lastModified": "2023-06-30T07:15:09.130",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in SimplePHPscripts GuestBook Script 2.2. It has been classified as problematic. This affects an unknown part of the file preview.php of the component URL Parameter Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-232755."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW"
},
"exploitabilityScore": 2.1,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE",
"baseScore": 4.0
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?ctiid.232755",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.232755",
"source": "cna@vuldb.com"
}
]
}

86
CVE-2023/CVE-2023-351xx/CVE-2023-35150.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35150",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-06-23T17:15:09.380",
"lastModified": "2023-06-23T17:21:14.907",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-30T07:29:19.510",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.1,
"impactScore": 5.9
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -36,8 +56,18 @@
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -46,18 +76,62 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:xwiki:xwiki:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.5",
"versionEndExcluding": "14.4.8",
"matchCriteriaId": "27E99C7F-8D35-4531-8D90-D55C39B65090"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:xwiki:xwiki:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.10",
"versionEndExcluding": "14.10.4",
"matchCriteriaId": "52386B3B-5D04-4D18-A88A-5E0D31FD5B2F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:xwiki:xwiki:2.4:milestone2:*:*:*:*:*:*",
"matchCriteriaId": "9FAFF67A-3777-44B7-B460-7A309D8B0CA2"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/xwiki/xwiki-platform/commit/b65220a4d86b8888791c3b643074ebca5c089a3a",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-6mf5-36v9-3h2w",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://jira.xwiki.org/browse/XWIKI-20285",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Issue Tracking",
"Patch",
"Vendor Advisory"
]
}
]
}

94
CVE-2023/CVE-2023-351xx/CVE-2023-35151.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35151",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-06-23T17:15:09.457",
"lastModified": "2023-06-23T17:21:14.907",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-30T07:28:34.187",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -36,8 +56,18 @@
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-668"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -46,18 +76,70 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:xwiki:xwiki:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.4",
"versionEndExcluding": "14.4.8",
"matchCriteriaId": "F15FA67A-285D-46DF-98F0-2FCE86D7AC66"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:xwiki:xwiki:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.10",
"versionEndExcluding": "14.10.6",
"matchCriteriaId": "F74638E1-2D3D-4FFD-921E-09C383F880DF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:xwiki:xwiki:7.3:milestone1:*:*:*:*:*:*",
"matchCriteriaId": "4E11F6C8-8A49-4C44-B976-270ED12FA2E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:xwiki:xwiki:15.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8F9D9551-B148-44B6-A5B3-889E6E7B72E8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:xwiki:xwiki:15.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "88E41345-F81E-401A-BD67-66AF4B3925D4"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/xwiki/xwiki-platform/commit/824cd742ecf5439971247da11bfe7e0ad2b10ede",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-8g9c-c9cm-9c56",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://jira.xwiki.org/browse/XWIKI-16138",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
}
]
}

106
CVE-2023/CVE-2023-351xx/CVE-2023-35152.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35152",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-06-23T17:15:09.533",
"lastModified": "2023-06-23T17:21:14.907",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-30T07:12:03.940",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -36,8 +56,18 @@
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -46,26 +76,86 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:xwiki:xwiki:*:*:*:*:*:*:*:*",
"versionStartIncluding": "12.9",
"versionEndExcluding": "14.4.8",
"matchCriteriaId": "DDEC8883-7BFC-4D43-8E3D-21F711F3B919"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:xwiki:xwiki:*:*:*:*:*:*:*:*",
"versionStartIncluding": "14.10",
"versionEndExcluding": "14.10.6",
"matchCriteriaId": "F74638E1-2D3D-4FFD-921E-09C383F880DF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:xwiki:xwiki:12.9:rc1:*:*:*:*:*:*",
"matchCriteriaId": "1C0FA972-239C-4B5A-9A29-A02FF66CA80F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:xwiki:xwiki:15.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8F9D9551-B148-44B6-A5B3-889E6E7B72E8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:xwiki:xwiki:15.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "88E41345-F81E-401A-BD67-66AF4B3925D4"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/xwiki/xwiki-platform/commit/0993a7ab3c102f9ac37ffe361a83a3dc302c0e45#diff-0b51114cb27f7a5c599cf40c59d658eae6ddc5c0836532c3b35e163f40a4854fR39",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://github.com/xwiki/xwiki-platform/commit/6ce2d04a5779e07f6d3ed3f37d4761049b4fc3ac#diff-ef7f8b911bb8e584fda22aac5876a329add35ca0d1d32e0fdb62a439b78cfa49",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-rf8j-q39g-7xfm",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://jira.xwiki.org/browse/XWIKI-19900",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
},
{
"url": "https://jira.xwiki.org/browse/XWIKI-20611",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
}
]
}

111
CVE-2023/CVE-2023-351xx/CVE-2023-35156.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35156",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-06-23T19:15:09.263",
"lastModified": "2023-06-23T19:24:31.607",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-30T07:16:12.873",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -36,8 +56,18 @@
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -46,34 +76,95 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:xwiki:xwiki:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.0.1",
"versionEndExcluding": "14.10.6",
"matchCriteriaId": "F56232C9-4691-4BD9-9445-E0DF6269F68C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:xwiki:xwiki:6.0:milestone1:*:*:*:*:*:*",
"matchCriteriaId": "BB5A2AAA-7E88-4FE0-AD86-4B5824BAE5E4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:xwiki:xwiki:6.0:milestone2:*:*:*:*:*:*",
"matchCriteriaId": "3CC808F2-F5CE-4AB0-A828-521221897AD2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:xwiki:xwiki:15.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8F9D9551-B148-44B6-A5B3-889E6E7B72E8"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/xwiki/xwiki-platform/commit/13875a6437d4525ac4aeea25918f2d2dffac9ee1",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://github.com/xwiki/xwiki-platform/commit/24ec12890ac7fa6daec8d0b3435cfcba11362fd5",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://github.com/xwiki/xwiki-platform/commit/e80d22d193df364b07bab7925572720f91a8984a",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-834c-x29c-f42c",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://jira.xwiki.org/browse/XWIKI-20341",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
},
{
"url": "https://jira.xwiki.org/browse/XWIKI-20583",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
},
{
"url": "https://jira.xwiki.org/browse/XWIKI-20672",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
}
]
}

77
CVE-2023/CVE-2023-351xx/CVE-2023-35157.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35157",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-06-23T19:15:09.343",
"lastModified": "2023-06-23T19:24:31.607",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-30T07:15:41.237",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -36,8 +56,18 @@
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -50,18 +80,53 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:xwiki:xwiki:*:*:*:*:*:*:*:*",
"versionEndExcluding": "14.10.6",
"matchCriteriaId": "15032E92-0B19-4A83-A1D0-4A369F4300CB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:xwiki:xwiki:15.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8F9D9551-B148-44B6-A5B3-889E6E7B72E8"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/xwiki/xwiki-platform/commit/35e9073ffec567861e0abeea072bd97921a3decf",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-phwm-87rg-27qq",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://jira.xwiki.org/browse/XWIKI-20339",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Issue Tracking",
"Permissions Required",
"Vendor Advisory"
]
}
]
}

88
CVE-2023/CVE-2023-358xx/CVE-2023-35813.json
View File

@ -2,19 +2,99 @@
"id": "CVE-2023-35813",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-17T23:15:09.137",
"lastModified": "2023-06-20T07:12:55.493",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-30T07:38:07.763",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Multiple Sitecore products allow remote code execution. This affects Experience Manager, Experience Platform, and Experience Commerce through 10.3."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sitecore:experience_commerce:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.2",
"versionEndIncluding": "10.3",
"matchCriteriaId": "1E155DDF-A874-41BC-879A-51F3081E522B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sitecore:experience_manager:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.2",
"versionEndIncluding": "10.3",
"matchCriteriaId": "654EF83E-0D73-4476-B410-7979FD05A193"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sitecore:experience_platform:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.2",
"versionEndIncluding": "10.3",
"matchCriteriaId": "86314BB1-3F0A-4286-BA5B-26DB415BF4B2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sitecore:managed_cloud:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.2",
"versionEndIncluding": "10.3",
"matchCriteriaId": "ED6CF6F0-FB89-452D-B213-E8C5F6F60725"
}
]
}
]
}
],
"references": [
{
"url": "https://support.sitecore.com/kb?id=kb_article_view&sysparm_article=KB1002979",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mitigation",
"Patch",
"Vendor Advisory"
]
}
]
}

64
CVE-2023/CVE-2023-362xx/CVE-2023-36284.json
View File

@ -2,19 +2,75 @@
"id": "CVE-2023-36284",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-23T16:15:09.573",
"lastModified": "2023-06-23T17:21:14.907",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-30T07:58:35.530",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An unauthenticated Time-Based SQL injection found in Webkul QloApps 1.6.0 via GET parameter date_from, date_to, and id_product allows a remote attacker to bypass a web application's authentication and authorization mechanisms and retrieve the contents of an entire database."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:webkul:qloapps:1.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EEB4AD3B-CE71-45A3-A6C6-A8B0E73B876D"
}
]
}
]
}
],
"references": [
{
"url": "https://flashy-lemonade-192.notion.site/Time-Based-SQL-injection-in-QloApps-1-6-0-0-be3ed1bdaf784a77b45dc6898a2de17e?pvs=4",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

48
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-06-30T06:00:25.233417+00:00
2023-06-30T08:00:30.066039+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-06-30T05:15:09.667000+00:00
2023-06-30T07:58:35.530000+00:00
```
### Last Data Feed Release
@ -29,27 +29,49 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
218934
218939
```
### CVEs added in the last Commit
Recently added CVEs: `7`
Recently added CVEs: `5`
* [CVE-2023-26135](CVE-2023/CVE-2023-261xx/CVE-2023-26135.json) (`2023-06-30T05:15:09.223`)
* [CVE-2023-2846](CVE-2023/CVE-2023-28xx/CVE-2023-2846.json) (`2023-06-30T05:15:09.370`)
* [CVE-2023-32612](CVE-2023/CVE-2023-326xx/CVE-2023-32612.json) (`2023-06-30T05:15:09.453`)
* [CVE-2023-32613](CVE-2023/CVE-2023-326xx/CVE-2023-32613.json) (`2023-06-30T05:15:09.513`)
* [CVE-2023-32620](CVE-2023/CVE-2023-326xx/CVE-2023-32620.json) (`2023-06-30T05:15:09.567`)
* [CVE-2023-32621](CVE-2023/CVE-2023-326xx/CVE-2023-32621.json) (`2023-06-30T05:15:09.617`)
* [CVE-2023-32622](CVE-2023/CVE-2023-326xx/CVE-2023-32622.json) (`2023-06-30T05:15:09.667`)
* [CVE-2023-28387](CVE-2023/CVE-2023-283xx/CVE-2023-28387.json) (`2023-06-30T07:15:08.720`)
* [CVE-2023-3473](CVE-2023/CVE-2023-34xx/CVE-2023-3473.json) (`2023-06-30T07:15:08.813`)
* [CVE-2023-3474](CVE-2023/CVE-2023-34xx/CVE-2023-3474.json) (`2023-06-30T07:15:08.927`)
* [CVE-2023-3475](CVE-2023/CVE-2023-34xx/CVE-2023-3475.json) (`2023-06-30T07:15:09.030`)
* [CVE-2023-3476](CVE-2023/CVE-2023-34xx/CVE-2023-3476.json) (`2023-06-30T07:15:09.130`)
### CVEs modified in the last Commit
Recently modified CVEs: `1`
Recently modified CVEs: `53`
* [CVE-2023-30861](CVE-2023/CVE-2023-308xx/CVE-2023-30861.json) (`2023-06-30T04:15:10.127`)
* [CVE-2023-35157](CVE-2023/CVE-2023-351xx/CVE-2023-35157.json) (`2023-06-30T07:15:41.237`)
* [CVE-2023-35156](CVE-2023/CVE-2023-351xx/CVE-2023-35156.json) (`2023-06-30T07:16:12.873`)
* [CVE-2023-32415](CVE-2023/CVE-2023-324xx/CVE-2023-32415.json) (`2023-06-30T07:16:27.650`)
* [CVE-2023-32402](CVE-2023/CVE-2023-324xx/CVE-2023-32402.json) (`2023-06-30T07:16:39.517`)
* [CVE-2023-32400](CVE-2023/CVE-2023-324xx/CVE-2023-32400.json) (`2023-06-30T07:28:07.453`)
* [CVE-2023-35151](CVE-2023/CVE-2023-351xx/CVE-2023-35151.json) (`2023-06-30T07:28:34.187`)
* [CVE-2023-35150](CVE-2023/CVE-2023-351xx/CVE-2023-35150.json) (`2023-06-30T07:29:19.510`)
* [CVE-2023-1724](CVE-2023/CVE-2023-17xx/CVE-2023-1724.json) (`2023-06-30T07:31:30.543`)
* [CVE-2023-1722](CVE-2023/CVE-2023-17xx/CVE-2023-1722.json) (`2023-06-30T07:31:54.523`)
* [CVE-2023-3197](CVE-2023/CVE-2023-31xx/CVE-2023-3197.json) (`2023-06-30T07:32:05.493`)
* [CVE-2023-32435](CVE-2023/CVE-2023-324xx/CVE-2023-32435.json) (`2023-06-30T07:32:59.527`)
* [CVE-2023-32439](CVE-2023/CVE-2023-324xx/CVE-2023-32439.json) (`2023-06-30T07:33:18.347`)
* [CVE-2023-3393](CVE-2023/CVE-2023-33xx/CVE-2023-3393.json) (`2023-06-30T07:33:35.807`)
* [CVE-2023-3394](CVE-2023/CVE-2023-33xx/CVE-2023-3394.json) (`2023-06-30T07:34:53.880`)
* [CVE-2023-1721](CVE-2023/CVE-2023-17xx/CVE-2023-1721.json) (`2023-06-30T07:35:18.113`)
* [CVE-2023-3387](CVE-2023/CVE-2023-33xx/CVE-2023-3387.json) (`2023-06-30T07:35:30.027`)
* [CVE-2023-3388](CVE-2023/CVE-2023-33xx/CVE-2023-3388.json) (`2023-06-30T07:35:50.417`)
* [CVE-2023-32434](CVE-2023/CVE-2023-324xx/CVE-2023-32434.json) (`2023-06-30T07:36:30.980`)
* [CVE-2023-32419](CVE-2023/CVE-2023-324xx/CVE-2023-32419.json) (`2023-06-30T07:36:47.020`)
* [CVE-2023-32417](CVE-2023/CVE-2023-324xx/CVE-2023-32417.json) (`2023-06-30T07:36:58.417`)
* [CVE-2023-32390](CVE-2023/CVE-2023-323xx/CVE-2023-32390.json) (`2023-06-30T07:37:19.040`)
* [CVE-2023-35813](CVE-2023/CVE-2023-358xx/CVE-2023-35813.json) (`2023-06-30T07:38:07.763`)
* [CVE-2023-32754](CVE-2023/CVE-2023-327xx/CVE-2023-32754.json) (`2023-06-30T07:38:14.497`)
* [CVE-2023-3305](CVE-2023/CVE-2023-33xx/CVE-2023-3305.json) (`2023-06-30T07:38:52.063`)
* [CVE-2023-36284](CVE-2023/CVE-2023-362xx/CVE-2023-36284.json) (`2023-06-30T07:58:35.530`)
## Download and Usage