admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-19 17:31:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-08-29T20:00:24.895475+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-08-29 20:00:28 +00:00
parent 874a7a1e62
commit 98e6a9c25d
43 changed files with 1653 additions and 178 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
CVE-2021/CVE-2021-293xx/CVE-2021-29390.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2021-29390",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-22T19:16:20.237",
"lastModified": "2023-08-25T17:58:28.547",
"vulnStatus": "Analyzed",
"lastModified": "2023-08-29T19:15:26.667",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "libjpeg-turbo version 2.0.90 is vulnerable to a heap-buffer-overflow vulnerability in decompress_smooth_data in jdcoefct.c."
"value": "libjpeg-turbo version 2.0.90 has a heap-based buffer over-read (2 bytes) in decompress_smooth_data in jdcoefct.c."
}
],
"metrics": {
@ -70,6 +70,10 @@
"tags": [
"Permissions Required"
]
},
{
"url": "https://github.com/libjpeg-turbo/libjpeg-turbo/blob/4e52b66f342a803d3b8099b79607e3158d3a241c/jdcoefct.c#L595",
"source": "cve@mitre.org"
}
]
}

4
CVE-2021/CVE-2021-320xx/CVE-2021-32050.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-32050",
"sourceIdentifier": "cna@mongodb.com",
"published": "2023-08-29T16:15:08.423",
"lastModified": "2023-08-29T16:15:08.423",
"vulnStatus": "Received",
"lastModified": "2023-08-29T18:14:25.027",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

183
CVE-2021/CVE-2021-427xx/CVE-2021-42757.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-42757",
"sourceIdentifier": "psirt@fortinet.com",
"published": "2021-12-08T11:15:11.840",
"lastModified": "2021-12-09T17:41:46.150",
"lastModified": "2023-08-29T19:49:23.853",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -90,7 +90,7 @@
"description": [
{
"lang": "en",
"value": "CWE-120"
"value": "CWE-787"
}
]
}
@ -102,33 +102,202 @@
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortiadc:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.0.0",
"versionEndIncluding": "6.1.5",
"matchCriteriaId": "D6DD5253-F76E-4799-BB45-79D7B7ACFFB1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortiadc:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2.0",
"versionEndIncluding": "6.2.2",
"matchCriteriaId": "075C4223-7586-4799-AFA8-7B578BD144B5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortianalyzer:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.0.0",
"versionEndIncluding": "6.4.7",
"matchCriteriaId": "CF9AE101-566A-4460-AA97-18288BBD7639"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortianalyzer:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.0.0",
"versionEndIncluding": "7.0.2",
"matchCriteriaId": "766B0D16-EA7D-4067-9245-B9449C5694BA"
"matchCriteriaId": "CCEB8E5F-BBF2-4E6E-91C6-AA47E2CAD022"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortimail:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.4.0",
"versionEndIncluding": "6.2.7",
"matchCriteriaId": "3E2DC5CE-ED48-48B7-8654-7B29A65A7454"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortimail:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.4.0",
"versionEndIncluding": "6.4.6",
"matchCriteriaId": "C0A5C345-7055-4F18-AE77-FF1DBE41AB89"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortimail:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.0.0",
"versionEndIncluding": "7.0.2",
"matchCriteriaId": "43038EC9-6FD3-488C-8CA3-8B4A705C3E11"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.0.0",
"versionEndIncluding": "6.4.7",
"matchCriteriaId": "958C238F-B3DD-41A7-801D-0C39143A5E09"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.0.0",
"versionEndIncluding": "7.0.2",
"matchCriteriaId": "421CD1AB-234E-483F-9E0C-E7420A0CAC87"
"matchCriteriaId": "7C5772DB-7F52-479C-914D-778552395990"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortindr:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.1.0",
"versionEndIncluding": "1.5.2",
"matchCriteriaId": "F49E4A60-2FA0-4298-BF2E-53C86AF21BEC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortios-6k7k:*:*:*:*:*:*:*:*",
"versionEndIncluding": "6.2.8",
"matchCriteriaId": "BEE493CA-7BE8-454A-82FD-11DB82D8FC3A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortios-6k7k:6.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "59BD8EE9-6F94-4EA5-B22B-1B446A15F2A1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortios-6k7k:6.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "50BDB150-8E02-427D-A9FC-C7C3C90F0584"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortiportal:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.0.0",
"versionEndIncluding": "6.0.10",
"matchCriteriaId": "9D4A0E2F-41C7-4AFB-AC6D-83E7B1A5FC70"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.0.0",
"versionEndIncluding": "2.0.7",
"matchCriteriaId": "CEBD9074-C3A5-437E-AC44-C41E4B001980"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortiproxy:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D909C90B-E136-4E8E-B551-FE0369172C1E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortiproxy:7.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BBCB4E87-0AEC-487E-8FAD-E8F647DA21D5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortivoice:*:*:*:*:entreprise:*:*:*",
"versionStartIncluding": "6.0.0",
"versionEndIncluding": "6.0.10",
"matchCriteriaId": "09D2F101-1B67-454C-B21B-28C86F8569FC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortivoice:*:*:*:*:entreprise:*:*:*",
"versionStartIncluding": "6.4.0",
"versionEndIncluding": "6.4.4",
"matchCriteriaId": "CB5B77BB-A4A5-4E46-9FF6-A8686570E0D1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.0.0",
"versionEndIncluding": "6.4.1",
"matchCriteriaId": "587A849D-478A-4AD3-BD57-E66EA9ABC29F"
"versionEndIncluding": "6.3.16",
"matchCriteriaId": "1FEA2E8B-78B6-40AA-9201-BDF4838950CC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortiweb:6.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "74A92A08-E6F6-4522-A6DA-061950AD3525"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fortinet:fortiweb:6.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A6A3D2C4-C3FA-4E12-9156-DAFEA4E00BCC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.0.0",
"versionEndIncluding": "6.0.13",
"matchCriteriaId": "BE1C5491-6C94-48A9-8D59-5162E576E54A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2.0",
"versionEndIncluding": "6.2.9",
"matchCriteriaId": "C4C0308D-8E52-456B-BFC2-62D4C1E9BDC3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.4.0",
"versionEndIncluding": "6.4.7",
"matchCriteriaId": "D183D979-7F73-4D02-91B7-D0C93DE55A8F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.0.0",
"versionEndIncluding": "7.0.2",
"matchCriteriaId": "7B74980A-E2B6-4D3D-9ECD-919B927E30C2"
"matchCriteriaId": "F2E9D423-721A-482B-BA6B-52E4D8C07C58"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fortinet:fortirecorder_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.6.0",
"versionEndIncluding": "6.0.10",
"matchCriteriaId": "D3E33B56-1975-4B78-A157-E0EADB3BC1B7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fortinet:fortirecorder_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.4.0",
"versionEndIncluding": "6.4.2",
"matchCriteriaId": "1CB7DEA7-E461-43B0-98EB-CE436DE87D98"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fortinet:fortiswitch:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.0.0",
"versionEndIncluding": "6.4.9",
"matchCriteriaId": "C6E5A33E-F744-4CC0-ABA0-D1734845AFBB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:fortinet:fortiswitch:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.0.0",
"versionEndIncluding": "7.0.3",
"matchCriteriaId": "BB3C99AC-DCA1-44A0-9671-F424109A6038"
}
]
}

4
CVE-2023/CVE-2023-02xx/CVE-2023-0238.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-0238",
"sourceIdentifier": "cna@cloudflare.com",
"published": "2023-08-29T15:15:07.773",
"lastModified": "2023-08-29T15:15:07.773",
"vulnStatus": "Received",
"lastModified": "2023-08-29T18:14:25.027",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-06xx/CVE-2023-0654.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-0654",
"sourceIdentifier": "cna@cloudflare.com",
"published": "2023-08-29T16:15:08.747",
"lastModified": "2023-08-29T16:15:08.747",
"vulnStatus": "Received",
"lastModified": "2023-08-29T18:14:25.027",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

43
CVE-2023/CVE-2023-208xx/CVE-2023-20890.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-20890",
"sourceIdentifier": "security@vmware.com",
"published": "2023-08-29T18:15:08.570",
"lastModified": "2023-08-29T18:15:08.570",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Aria Operations for Networks contains an arbitrary file write vulnerability.\u00a0An authenticated malicious actor with administrative access to VMware Aria Operations for Networks can write files to arbitrary locations resulting in remote code execution."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@vmware.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://www.vmware.com/security/advisories/VMSA-2023-0018.html",
"source": "security@vmware.com"
}
]
}

4
CVE-2023/CVE-2023-245xx/CVE-2023-24548.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-24548",
"sourceIdentifier": "psirt@arista.com",
"published": "2023-08-29T17:15:11.790",
"lastModified": "2023-08-29T17:15:11.790",
"vulnStatus": "Received",
"lastModified": "2023-08-29T18:14:25.027",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

42
CVE-2023/CVE-2023-26xx/CVE-2023-2650.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2650",
"sourceIdentifier": "openssl-security@openssl.org",
"published": "2023-05-30T14:15:09.683",
"lastModified": "2023-07-03T16:15:09.623",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-08-29T18:04:28.613",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -17,19 +17,19 @@
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
@ -91,6 +91,11 @@
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
@ -117,6 +122,13 @@
"Patch"
]
},
{
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c",
"source": "openssl-security@openssl.org",
"tags": [
"Broken Link"
]
},
{
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098",
"source": "openssl-security@openssl.org",
@ -135,15 +147,25 @@
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html",
"source": "openssl-security@openssl.org"
"source": "openssl-security@openssl.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009",
"source": "openssl-security@openssl.org"
"source": "openssl-security@openssl.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://security.netapp.com/advisory/ntap-20230703-0001/",
"source": "openssl-security@openssl.org"
"source": "openssl-security@openssl.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.debian.org/security/2023/dsa-5417",

34
CVE-2023/CVE-2023-323xx/CVE-2023-32373.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32373",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:12.007",
"lastModified": "2023-07-27T04:15:25.357",
"vulnStatus": "Modified",
"lastModified": "2023-08-29T18:05:45.530",
"vulnStatus": "Analyzed",
"cisaExploitAdd": "2023-05-22",
"cisaActionDue": "2023-06-12",
"cisaRequiredAction": "Apply updates per vendor instructions.",
@ -111,6 +111,36 @@
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D"
}
]
}
]
}
],
"references": [

55
CVE-2023/CVE-2023-32xx/CVE-2023-3251.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-3251",
"sourceIdentifier": "vulnreport@tenable.com",
"published": "2023-08-29T19:15:27.023",
"lastModified": "2023-08-29T19:15:27.023",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\nA pass-back vulnerability exists where an authenticated, remote attacker with administrator privileges could uncover stored SMTP credentials within the Nessus application.This issue affects Nessus: before 10.6.0.\n\n\n\n\n\n\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "vulnreport@tenable.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "vulnreport@tenable.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-522"
}
]
}
],
"references": [
{
"url": "https://www.tenable.com/security/tns-2023-29",
"source": "vulnreport@tenable.com"
}
]
}

43
CVE-2023/CVE-2023-32xx/CVE-2023-3252.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-3252",
"sourceIdentifier": "vulnreport@tenable.com",
"published": "2023-08-29T19:15:27.467",
"lastModified": "2023-08-29T19:15:27.467",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\nAn arbitrary file write vulnerability exists where an authenticated, remote attacker with administrator privileges could alter logging variables to overwrite arbitrary files on the remote host with log data, which could lead to a denial of service condition.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "vulnreport@tenable.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 4.0
}
]
},
"references": [
{
"url": "https://www.tenable.com/security/tns-2023-29",
"source": "vulnreport@tenable.com"
}
]
}

43
CVE-2023/CVE-2023-340xx/CVE-2023-34039.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-34039",
"sourceIdentifier": "security@vmware.com",
"published": "2023-08-29T18:15:08.680",
"lastModified": "2023-08-29T18:15:08.680",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Aria Operations for Networks contains an Authentication Bypass vulnerability due to a lack of unique cryptographic key generation.\u00a0A malicious actor with network access to Aria Operations for Networks could bypass SSH authentication to gain access to the Aria Operations for Networks CLI."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@vmware.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"references": [
{
"url": "https://www.vmware.com/security/advisories/VMSA-2023-0018.html",
"source": "security@vmware.com"
}
]
}

6
CVE-2023/CVE-2023-345xx/CVE-2023-34540.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-34540",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-14T15:15:10.287",
"lastModified": "2023-06-23T13:55:51.820",
"lastModified": "2023-08-29T18:57:58.473",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -55,8 +55,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:langchain_project:langchain:0.0.171:*:*:*:*:*:*:*",
"matchCriteriaId": "DADE011B-56AA-406F-92CC-9F4311C26EFC"
"criteria": "cpe:2.3:a:langchain:langchain:0.0.171:*:*:*:*:*:*:*",
"matchCriteriaId": "D8235D79-2666-4DEE-B6A2-A5DE48FB42C6"
}
]
}

6
CVE-2023/CVE-2023-345xx/CVE-2023-34541.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-34541",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-20T15:15:11.727",
"lastModified": "2023-06-27T18:34:05.143",
"lastModified": "2023-08-29T18:58:03.620",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -55,8 +55,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:langchain-langchain:langchain:0.0.171:*:*:*:*:*:*:*",
"matchCriteriaId": "BFDF0705-5C36-418E-B8E2-09A9BDAB2CD3"
"criteria": "cpe:2.3:a:langchain:langchain:0.0.171:*:*:*:*:*:*:*",
"matchCriteriaId": "D8235D79-2666-4DEE-B6A2-A5DE48FB42C6"
}
]
}

30
CVE-2023/CVE-2023-359xx/CVE-2023-35991.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-35991",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2023-08-18T10:15:10.267",
"lastModified": "2023-08-24T17:17:32.180",
"lastModified": "2023-08-29T18:58:15.803",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -56,8 +56,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:elecom:lan-wh300andgpe_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6F7A3426-45B4-4DEE-88EA-E30E41F2AFE8"
"criteria": "cpe:2.3:o:elecom:lan-wh300andgpe_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C80C5EED-C11F-406F-A12D-93394399DABF"
}
]
},
@ -83,8 +83,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:elecom:lan-wh300n\\/dgp_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F5C8E61-367D-40AE-B37D-F1CED982DAD2"
"criteria": "cpe:2.3:o:elecom:lan-wh300n\\/dgp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B86CEF6B-25E8-4607-B628-D1489636155B"
}
]
},
@ -110,8 +110,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:elecom:lan-wh300an\\/dgp_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F4BA261D-F927-49D3-BECD-F502299C86C0"
"criteria": "cpe:2.3:o:elecom:lan-wh300an\\/dgp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E495CC1C-9322-4B9A-93D4-50FA8FE409EB"
}
]
},
@ -137,8 +137,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:elecom:lan-wh450n\\/gp_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7B0858B3-229F-4D82-AC81-D181BFCD21C4"
"criteria": "cpe:2.3:o:elecom:lan-wh450n\\/gp_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8FF7989C-3F41-4601-A09B-FAF622022C2D"
}
]
},
@ -164,8 +164,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:elecom:lan-w300n\\/p_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0376434A-D083-4F7C-9BB1-A9F58F86D3A3"
"criteria": "cpe:2.3:o:elecom:lan-w300n\\/p_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B719FD0E-EB75-4B62-BADF-3C9823B69210"
}
]
},
@ -191,8 +191,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:elecom:lan-wh300n\\/dr_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5BAC81CF-D120-4693-84A7-BBCBE26E2AA8"
"criteria": "cpe:2.3:o:elecom:lan-wh300n\\/dr_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0EB9404A-109C-42A4-8EF7-6750F9A3CA78"
}
]
},
@ -218,8 +218,8 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:elecom:lan-w300n\\/dr_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7B98C926-27A7-4753-8A73-E1851F87F8EE"
"criteria": "cpe:2.3:o:elecom:lan-w300n\\/dr_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3269F8A1-68A5-420B-8EEE-00895FB2D854"
}
]
},

4
CVE-2023/CVE-2023-36xx/CVE-2023-3646.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3646",
"sourceIdentifier": "psirt@arista.com",
"published": "2023-08-29T17:15:12.727",
"lastModified": "2023-08-29T17:15:12.727",
"vulnStatus": "Received",
"lastModified": "2023-08-29T18:14:25.027",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

79
CVE-2023/CVE-2023-374xx/CVE-2023-37422.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-37422",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2023-08-22T19:16:36.647",
"lastModified": "2023-08-22T20:10:36.537",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-29T19:28:27.770",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "security-alert@hpe.com",
"type": "Secondary",
@ -34,10 +54,63 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.0.0",
"versionEndIncluding": "9.0.5",
"matchCriteriaId": "5E893AD7-C02C-4608-AF2E-01FDF300DFF0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.1.0",
"versionEndIncluding": "9.1.7",
"matchCriteriaId": "A49FCAD2-9EAA-4A38-9416-96C130C6E3CE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.2.0",
"versionEndIncluding": "9.2.5",
"matchCriteriaId": "7B72D752-0E1E-4D9F-8DE7-848EA8161402"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:9.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "141D0310-AE35-48FA-953A-1F2019370717"
}
]
}
]
}
],
"references": [
{
"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-012.txt",
"source": "security-alert@hpe.com"
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
]
}
]
}

79
CVE-2023/CVE-2023-374xx/CVE-2023-37423.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-37423",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2023-08-22T19:16:36.757",
"lastModified": "2023-08-22T20:10:36.537",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-29T19:44:45.850",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "security-alert@hpe.com",
"type": "Secondary",
@ -34,10 +54,63 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.0.0",
"versionEndIncluding": "9.0.5",
"matchCriteriaId": "5E893AD7-C02C-4608-AF2E-01FDF300DFF0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.1.0",
"versionEndIncluding": "9.1.7",
"matchCriteriaId": "A49FCAD2-9EAA-4A38-9416-96C130C6E3CE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.2.0",
"versionEndIncluding": "9.2.5",
"matchCriteriaId": "7B72D752-0E1E-4D9F-8DE7-848EA8161402"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:9.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "141D0310-AE35-48FA-953A-1F2019370717"
}
]
}
]
}
],
"references": [
{
"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-012.txt",
"source": "security-alert@hpe.com"
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
]
}
]
}

79
CVE-2023/CVE-2023-374xx/CVE-2023-37424.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-37424",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2023-08-22T19:16:36.943",
"lastModified": "2023-08-22T20:10:36.537",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-29T19:55:51.197",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9
},
{
"source": "security-alert@hpe.com",
"type": "Secondary",
@ -34,10 +54,63 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.0.0",
"versionEndIncluding": "9.0.5",
"matchCriteriaId": "5E893AD7-C02C-4608-AF2E-01FDF300DFF0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.1.0",
"versionEndIncluding": "9.1.7",
"matchCriteriaId": "A49FCAD2-9EAA-4A38-9416-96C130C6E3CE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.2.0",
"versionEndIncluding": "9.2.5",
"matchCriteriaId": "7B72D752-0E1E-4D9F-8DE7-848EA8161402"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:9.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "141D0310-AE35-48FA-953A-1F2019370717"
}
]
}
]
}
],
"references": [
{
"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-012.txt",
"source": "security-alert@hpe.com"
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-382xx/CVE-2023-38283.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-38283",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-29T16:15:08.960",
"lastModified": "2023-08-29T16:15:08.960",
"vulnStatus": "Received",
"lastModified": "2023-08-29T18:14:25.027",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-388xx/CVE-2023-38802.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-38802",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-29T16:15:09.113",
"lastModified": "2023-08-29T16:15:09.113",
"vulnStatus": "Received",
"lastModified": "2023-08-29T18:14:25.027",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

59
CVE-2023/CVE-2023-395xx/CVE-2023-39522.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-39522",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-08-29T18:15:08.753",
"lastModified": "2023-08-29T18:15:08.753",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "goauthentik is an open-source Identity Provider. In affected versions using a recovery flow with an identification stage an attacker is able to determine if a username exists. Only setups configured with a recovery flow are impacted by this. Anyone with a user account on a system with the recovery flow described above is susceptible to having their username/email revealed as existing. An attacker can easily enumerate and check users' existence using the recovery flow, as a clear message is shown when a user doesn't exist. Depending on configuration this can either be done by username, email, or both. This issue has been addressed in versions 2023.5.6 and 2023.6.2. Users are advised to upgrade. There are no known workarounds for this issue."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-203"
}
]
}
],
"references": [
{
"url": "https://github.com/goauthentik/authentik/commit/aa874dd92a770d5f8cd8f265b7cdd31cd73a4599",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/goauthentik/authentik/security/advisories/GHSA-vmf9-6pcv-xr87",
"source": "security-advisories@github.com"
}
]
}

4
CVE-2023/CVE-2023-396xx/CVE-2023-39615.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-39615",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-29T17:15:12.527",
"lastModified": "2023-08-29T17:15:12.527",
"vulnStatus": "Received",
"lastModified": "2023-08-29T18:14:25.027",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-396xx/CVE-2023-39616.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-39616",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-29T17:15:12.633",
"lastModified": "2023-08-29T17:15:12.633",
"vulnStatus": "Received",
"lastModified": "2023-08-29T18:14:25.027",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

14
CVE-2023/CVE-2023-403xx/CVE-2023-40305.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-40305",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-14T06:15:09.683",
"lastModified": "2023-08-21T16:00:37.383",
"lastModified": "2023-08-29T18:28:13.013",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -17,20 +17,20 @@
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
"impactScore": 3.6
}
]
},

4
CVE-2023/CVE-2023-408xx/CVE-2023-40889.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-40889",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-29T17:15:12.840",
"lastModified": "2023-08-29T17:15:12.840",
"vulnStatus": "Received",
"lastModified": "2023-08-29T18:14:25.027",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-408xx/CVE-2023-40890.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-40890",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-29T17:15:12.917",
"lastModified": "2023-08-29T17:15:12.917",
"vulnStatus": "Received",
"lastModified": "2023-08-29T18:14:25.027",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

76
CVE-2023/CVE-2023-408xx/CVE-2023-40891.json
View File

@ -2,19 +2,87 @@
"id": "CVE-2023-40891",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-24T18:15:07.643",
"lastModified": "2023-08-24T19:55:57.347",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-29T18:08:29.497",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter firewallEn at /goform/SetFirewallCfg."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tenda:ac8v4_firmware:16.03.34.06:*:*:*:*:*:*:*",
"matchCriteriaId": "4FB04D12-71A9-4FCF-9E55-1540CEEA180C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tenda:ac8v4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8EEC256B-442B-4FE8-8253-7A725CF66A6C"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/peris-navince/founded-0-days/blob/main/ac8/formSetFirewallCfg/1.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

76
CVE-2023/CVE-2023-408xx/CVE-2023-40892.json
View File

@ -2,19 +2,87 @@
"id": "CVE-2023-40892",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-24T18:15:07.707",
"lastModified": "2023-08-24T19:55:57.347",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-29T18:17:47.427",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter schedStartTime and schedEndTime at /goform/openSchedWifi."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tenda:ac8v4_firmware:16.03.34.06:*:*:*:*:*:*:*",
"matchCriteriaId": "4FB04D12-71A9-4FCF-9E55-1540CEEA180C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tenda:ac8v4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8EEC256B-442B-4FE8-8253-7A725CF66A6C"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/peris-navince/founded-0-days/blob/main/ac8/setSchedEWifi/1.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

76
CVE-2023/CVE-2023-408xx/CVE-2023-40893.json
View File

@ -2,19 +2,87 @@
"id": "CVE-2023-40893",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-24T18:15:07.767",
"lastModified": "2023-08-24T19:55:57.347",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-29T18:22:17.173",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter time at /goform/PowerSaveSet."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tenda:ac8v4_firmware:16.03.34.06:*:*:*:*:*:*:*",
"matchCriteriaId": "4FB04D12-71A9-4FCF-9E55-1540CEEA180C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tenda:ac8v4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8EEC256B-442B-4FE8-8253-7A725CF66A6C"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/peris-navince/founded-0-days/blob/main/ac8/setSmartPowerManagement/1.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

76
CVE-2023/CVE-2023-408xx/CVE-2023-40894.json
View File

@ -2,19 +2,87 @@
"id": "CVE-2023-40894",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-24T18:15:07.827",
"lastModified": "2023-08-24T19:55:57.347",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-29T18:36:37.477",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter list at /goform/SetStaticRouteCfg."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tenda:ac8v4_firmware:16.03.34.06:*:*:*:*:*:*:*",
"matchCriteriaId": "4FB04D12-71A9-4FCF-9E55-1540CEEA180C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tenda:ac8v4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8EEC256B-442B-4FE8-8253-7A725CF66A6C"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/peris-navince/founded-0-days/blob/main/ac8/fromSetStaticRouteCfg/1.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

76
CVE-2023/CVE-2023-408xx/CVE-2023-40895.json
View File

@ -2,19 +2,87 @@
"id": "CVE-2023-40895",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-24T18:15:07.887",
"lastModified": "2023-08-24T19:55:57.347",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-29T18:39:04.257",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter list at /goform/SetVirtualServerCfg."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tenda:ac8v4_firmware:16.03.34.06:*:*:*:*:*:*:*",
"matchCriteriaId": "4FB04D12-71A9-4FCF-9E55-1540CEEA180C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tenda:ac8v4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8EEC256B-442B-4FE8-8253-7A725CF66A6C"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/peris-navince/founded-0-days/blob/main/ac8/formSetVirtualSer/1.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

76
CVE-2023/CVE-2023-408xx/CVE-2023-40896.json
View File

@ -2,19 +2,87 @@
"id": "CVE-2023-40896",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-24T18:15:07.943",
"lastModified": "2023-08-24T19:55:57.347",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-29T18:39:43.853",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter list and bindnum at /goform/SetIpMacBind."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tenda:ac8v4_firmware:16.03.34.06:*:*:*:*:*:*:*",
"matchCriteriaId": "4FB04D12-71A9-4FCF-9E55-1540CEEA180C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tenda:ac8v4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8EEC256B-442B-4FE8-8253-7A725CF66A6C"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/peris-navince/founded-0-days/blob/main/ac8/SetIpMacBind/1.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

76
CVE-2023/CVE-2023-408xx/CVE-2023-40897.json
View File

@ -2,19 +2,87 @@
"id": "CVE-2023-40897",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-24T18:15:08.000",
"lastModified": "2023-08-24T19:55:57.347",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-29T18:56:12.353",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter mac at /goform/GetParentControlInfo."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tenda:ac8v4_firmware:16.03.34.06:*:*:*:*:*:*:*",
"matchCriteriaId": "4FB04D12-71A9-4FCF-9E55-1540CEEA180C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tenda:ac8v4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8EEC256B-442B-4FE8-8253-7A725CF66A6C"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/peris-navince/founded-0-days/blob/main/ac8/GetParentControlInfo/1.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

76
CVE-2023/CVE-2023-408xx/CVE-2023-40898.json
View File

@ -2,19 +2,87 @@
"id": "CVE-2023-40898",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-24T18:15:08.057",
"lastModified": "2023-08-24T19:55:57.347",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-29T18:58:58.077",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter timeZone at /goform/SetSysTimeCfg."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tenda:ac8v4_firmware:16.03.34.06:*:*:*:*:*:*:*",
"matchCriteriaId": "4FB04D12-71A9-4FCF-9E55-1540CEEA180C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tenda:ac8v4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8EEC256B-442B-4FE8-8253-7A725CF66A6C"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/peris-navince/founded-0-days/blob/main/ac8/SetSysTimeCfg/1.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

76
CVE-2023/CVE-2023-408xx/CVE-2023-40899.json
View File

@ -2,19 +2,87 @@
"id": "CVE-2023-40899",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-24T18:15:08.113",
"lastModified": "2023-08-24T19:55:57.347",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-29T19:14:34.473",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter macFilterType and parameter deviceList at /goform/setMacFilterCfg."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tenda:ac8v4_firmware:16.03.34.06:*:*:*:*:*:*:*",
"matchCriteriaId": "4FB04D12-71A9-4FCF-9E55-1540CEEA180C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tenda:ac8v4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8EEC256B-442B-4FE8-8253-7A725CF66A6C"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/peris-navince/founded-0-days/blob/main/ac8/formSetMacFilterCfg/1.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

76
CVE-2023/CVE-2023-409xx/CVE-2023-40900.json
View File

@ -2,19 +2,87 @@
"id": "CVE-2023-40900",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-24T18:15:08.173",
"lastModified": "2023-08-24T19:55:57.347",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-29T19:15:29.877",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter list at /goform/SetNetControlList."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tenda:ac8v4_firmware:16.03.34.06:*:*:*:*:*:*:*",
"matchCriteriaId": "4FB04D12-71A9-4FCF-9E55-1540CEEA180C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tenda:ac8v4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8EEC256B-442B-4FE8-8253-7A725CF66A6C"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/peris-navince/founded-0-days/blob/main/ac8/formSetQosBand/1.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

76
CVE-2023/CVE-2023-409xx/CVE-2023-40901.json
View File

@ -2,19 +2,87 @@
"id": "CVE-2023-40901",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-24T18:15:08.227",
"lastModified": "2023-08-24T19:55:57.347",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-29T19:19:51.567",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter macFilterType and parameter deviceList at url /goform/setMacFilterCfg."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tenda:ac10v4_firmware:16.03.10.13:*:*:*:*:*:*:*",
"matchCriteriaId": "C271BB10-1525-45C4-B7D2-C7D303ABE7BB"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tenda:ac10v4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A8B17FBE-ABA4-4AD0-A9E4-58987116A9B8"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/peris-navince/founded-0-days/blob/main/ac10/fromSetStaticRouteCfg/1.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-410xx/CVE-2023-41037.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-41037",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-08-29T17:15:13.003",
"lastModified": "2023-08-29T17:15:13.003",
"vulnStatus": "Received",
"lastModified": "2023-08-29T18:14:25.027",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-413xx/CVE-2023-41362.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-41362",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-29T16:15:09.237",
"lastModified": "2023-08-29T16:15:09.237",
"vulnStatus": "Received",
"lastModified": "2023-08-29T18:14:25.027",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-413xx/CVE-2023-41376.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-41376",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-29T16:15:09.350",
"lastModified": "2023-08-29T16:15:09.350",
"vulnStatus": "Received",
"lastModified": "2023-08-29T18:14:25.027",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

56
CVE-2023/CVE-2023-45xx/CVE-2023-4559.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4559",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-08-27T23:15:36.837",
"lastModified": "2023-08-28T05:16:01.577",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-29T18:16:34.183",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,14 +93,40 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:laiketui:laiketui:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F92D2123-87E2-4F6B-BA3E-3088063E079A"
}
]
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?ctiid.238160",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.238160",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

78
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-08-29T18:00:25.803370+00:00
2023-08-29T20:00:24.895475+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-08-29T17:59:37.930000+00:00
2023-08-29T19:55:51.197000+00:00
```
### Last Data Feed Release
@ -29,57 +29,49 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
223617
223622
```
### CVEs added in the last Commit
Recently added CVEs: `13`
Recently added CVEs: `5`
* [CVE-2021-32050](CVE-2021/CVE-2021-320xx/CVE-2021-32050.json) (`2023-08-29T16:15:08.423`)
* [CVE-2023-0654](CVE-2023/CVE-2023-06xx/CVE-2023-0654.json) (`2023-08-29T16:15:08.747`)
* [CVE-2023-38283](CVE-2023/CVE-2023-382xx/CVE-2023-38283.json) (`2023-08-29T16:15:08.960`)
* [CVE-2023-38802](CVE-2023/CVE-2023-388xx/CVE-2023-38802.json) (`2023-08-29T16:15:09.113`)
* [CVE-2023-41362](CVE-2023/CVE-2023-413xx/CVE-2023-41362.json) (`2023-08-29T16:15:09.237`)
* [CVE-2023-41376](CVE-2023/CVE-2023-413xx/CVE-2023-41376.json) (`2023-08-29T16:15:09.350`)
* [CVE-2023-24548](CVE-2023/CVE-2023-245xx/CVE-2023-24548.json) (`2023-08-29T17:15:11.790`)
* [CVE-2023-39615](CVE-2023/CVE-2023-396xx/CVE-2023-39615.json) (`2023-08-29T17:15:12.527`)
* [CVE-2023-39616](CVE-2023/CVE-2023-396xx/CVE-2023-39616.json) (`2023-08-29T17:15:12.633`)
* [CVE-2023-3646](CVE-2023/CVE-2023-36xx/CVE-2023-3646.json) (`2023-08-29T17:15:12.727`)
* [CVE-2023-40889](CVE-2023/CVE-2023-408xx/CVE-2023-40889.json) (`2023-08-29T17:15:12.840`)
* [CVE-2023-40890](CVE-2023/CVE-2023-408xx/CVE-2023-40890.json) (`2023-08-29T17:15:12.917`)
* [CVE-2023-41037](CVE-2023/CVE-2023-410xx/CVE-2023-41037.json) (`2023-08-29T17:15:13.003`)
* [CVE-2023-20890](CVE-2023/CVE-2023-208xx/CVE-2023-20890.json) (`2023-08-29T18:15:08.570`)
* [CVE-2023-34039](CVE-2023/CVE-2023-340xx/CVE-2023-34039.json) (`2023-08-29T18:15:08.680`)
* [CVE-2023-39522](CVE-2023/CVE-2023-395xx/CVE-2023-39522.json) (`2023-08-29T18:15:08.753`)
* [CVE-2023-3251](CVE-2023/CVE-2023-32xx/CVE-2023-3251.json) (`2023-08-29T19:15:27.023`)
* [CVE-2023-3252](CVE-2023/CVE-2023-32xx/CVE-2023-3252.json) (`2023-08-29T19:15:27.467`)
### CVEs modified in the last Commit
Recently modified CVEs: `59`
Recently modified CVEs: `37`
* [CVE-2023-40761](CVE-2023/CVE-2023-407xx/CVE-2023-40761.json) (`2023-08-29T16:28:43.357`)
* [CVE-2023-40760](CVE-2023/CVE-2023-407xx/CVE-2023-40760.json) (`2023-08-29T16:28:50.323`)
* [CVE-2023-40759](CVE-2023/CVE-2023-407xx/CVE-2023-40759.json) (`2023-08-29T16:28:55.793`)
* [CVE-2023-40757](CVE-2023/CVE-2023-407xx/CVE-2023-40757.json) (`2023-08-29T16:29:06.887`)
* [CVE-2023-40756](CVE-2023/CVE-2023-407xx/CVE-2023-40756.json) (`2023-08-29T16:29:12.153`)
* [CVE-2023-40758](CVE-2023/CVE-2023-407xx/CVE-2023-40758.json) (`2023-08-29T16:29:15.360`)
* [CVE-2023-39708](CVE-2023/CVE-2023-397xx/CVE-2023-39708.json) (`2023-08-29T16:30:31.213`)
* [CVE-2023-40767](CVE-2023/CVE-2023-407xx/CVE-2023-40767.json) (`2023-08-29T16:30:40.243`)
* [CVE-2023-40766](CVE-2023/CVE-2023-407xx/CVE-2023-40766.json) (`2023-08-29T16:30:47.577`)
* [CVE-2023-40765](CVE-2023/CVE-2023-407xx/CVE-2023-40765.json) (`2023-08-29T16:30:53.130`)
* [CVE-2023-40764](CVE-2023/CVE-2023-407xx/CVE-2023-40764.json) (`2023-08-29T16:30:59.847`)
* [CVE-2023-40763](CVE-2023/CVE-2023-407xx/CVE-2023-40763.json) (`2023-08-29T16:31:07.073`)
* [CVE-2023-1409](CVE-2023/CVE-2023-14xx/CVE-2023-1409.json) (`2023-08-29T16:55:10.423`)
* [CVE-2023-4511](CVE-2023/CVE-2023-45xx/CVE-2023-4511.json) (`2023-08-29T16:55:54.913`)
* [CVE-2023-4512](CVE-2023/CVE-2023-45xx/CVE-2023-4512.json) (`2023-08-29T17:06:45.430`)
* [CVE-2023-4513](CVE-2023/CVE-2023-45xx/CVE-2023-4513.json) (`2023-08-29T17:09:30.177`)
* [CVE-2023-32510](CVE-2023/CVE-2023-325xx/CVE-2023-32510.json) (`2023-08-29T17:13:19.680`)
* [CVE-2023-32511](CVE-2023/CVE-2023-325xx/CVE-2023-32511.json) (`2023-08-29T17:28:34.937`)
* [CVE-2023-39834](CVE-2023/CVE-2023-398xx/CVE-2023-39834.json) (`2023-08-29T17:38:25.797`)
* [CVE-2023-32516](CVE-2023/CVE-2023-325xx/CVE-2023-32516.json) (`2023-08-29T17:44:02.953`)
* [CVE-2023-4508](CVE-2023/CVE-2023-45xx/CVE-2023-4508.json) (`2023-08-29T17:49:22.027`)
* [CVE-2023-37421](CVE-2023/CVE-2023-374xx/CVE-2023-37421.json) (`2023-08-29T17:53:54.907`)
* [CVE-2023-24055](CVE-2023/CVE-2023-240xx/CVE-2023-24055.json) (`2023-08-29T17:55:59.110`)
* [CVE-2023-23003](CVE-2023/CVE-2023-230xx/CVE-2023-23003.json) (`2023-08-29T17:56:28.270`)
* [CVE-2023-0266](CVE-2023/CVE-2023-02xx/CVE-2023-0266.json) (`2023-08-29T17:59:37.930`)
* [CVE-2023-24548](CVE-2023/CVE-2023-245xx/CVE-2023-24548.json) (`2023-08-29T18:14:25.027`)
* [CVE-2023-39615](CVE-2023/CVE-2023-396xx/CVE-2023-39615.json) (`2023-08-29T18:14:25.027`)
* [CVE-2023-39616](CVE-2023/CVE-2023-396xx/CVE-2023-39616.json) (`2023-08-29T18:14:25.027`)
* [CVE-2023-3646](CVE-2023/CVE-2023-36xx/CVE-2023-3646.json) (`2023-08-29T18:14:25.027`)
* [CVE-2023-40889](CVE-2023/CVE-2023-408xx/CVE-2023-40889.json) (`2023-08-29T18:14:25.027`)
* [CVE-2023-40890](CVE-2023/CVE-2023-408xx/CVE-2023-40890.json) (`2023-08-29T18:14:25.027`)
* [CVE-2023-41037](CVE-2023/CVE-2023-410xx/CVE-2023-41037.json) (`2023-08-29T18:14:25.027`)
* [CVE-2023-4559](CVE-2023/CVE-2023-45xx/CVE-2023-4559.json) (`2023-08-29T18:16:34.183`)
* [CVE-2023-40892](CVE-2023/CVE-2023-408xx/CVE-2023-40892.json) (`2023-08-29T18:17:47.427`)
* [CVE-2023-40893](CVE-2023/CVE-2023-408xx/CVE-2023-40893.json) (`2023-08-29T18:22:17.173`)
* [CVE-2023-40305](CVE-2023/CVE-2023-403xx/CVE-2023-40305.json) (`2023-08-29T18:28:13.013`)
* [CVE-2023-40894](CVE-2023/CVE-2023-408xx/CVE-2023-40894.json) (`2023-08-29T18:36:37.477`)
* [CVE-2023-40895](CVE-2023/CVE-2023-408xx/CVE-2023-40895.json) (`2023-08-29T18:39:04.257`)
* [CVE-2023-40896](CVE-2023/CVE-2023-408xx/CVE-2023-40896.json) (`2023-08-29T18:39:43.853`)
* [CVE-2023-40897](CVE-2023/CVE-2023-408xx/CVE-2023-40897.json) (`2023-08-29T18:56:12.353`)
* [CVE-2023-34540](CVE-2023/CVE-2023-345xx/CVE-2023-34540.json) (`2023-08-29T18:57:58.473`)
* [CVE-2023-34541](CVE-2023/CVE-2023-345xx/CVE-2023-34541.json) (`2023-08-29T18:58:03.620`)
* [CVE-2023-35991](CVE-2023/CVE-2023-359xx/CVE-2023-35991.json) (`2023-08-29T18:58:15.803`)
* [CVE-2023-40898](CVE-2023/CVE-2023-408xx/CVE-2023-40898.json) (`2023-08-29T18:58:58.077`)
* [CVE-2023-40899](CVE-2023/CVE-2023-408xx/CVE-2023-40899.json) (`2023-08-29T19:14:34.473`)
* [CVE-2023-40900](CVE-2023/CVE-2023-409xx/CVE-2023-40900.json) (`2023-08-29T19:15:29.877`)
* [CVE-2023-40901](CVE-2023/CVE-2023-409xx/CVE-2023-40901.json) (`2023-08-29T19:19:51.567`)
* [CVE-2023-37422](CVE-2023/CVE-2023-374xx/CVE-2023-37422.json) (`2023-08-29T19:28:27.770`)
* [CVE-2023-37423](CVE-2023/CVE-2023-374xx/CVE-2023-37423.json) (`2023-08-29T19:44:45.850`)
* [CVE-2023-37424](CVE-2023/CVE-2023-374xx/CVE-2023-37424.json) (`2023-08-29T19:55:51.197`)
## Download and Usage