admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-08 11:37:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-07-20T22:00:24.475837+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-07-20 22:00:27 +00:00
parent 4006adbd1c
commit 9949c0357e
33 changed files with 1849 additions and 114 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
CVE-2020/CVE-2020-242xx/CVE-2020-24275.json Normal file
View File

@ -0,0 +1,32 @@
{
"id": "CVE-2020-24275",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-20T20:15:09.940",
"lastModified": "2023-07-20T20:15:09.940",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A HTTP response header injection vulnerability in Swoole v4.5.2 allows attackers to execute arbitrary code via supplying a crafted URL."
}
],
"metrics": {},
"references": [
{
"url": "https://blog.cal1.cn/post/HTTP%20Response%20Header%20Injection%20in%20Swoole%3C%3D4.5.2",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/swoole/swoole-src/pull/3539",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/swoole/swoole-src/pull/3545",
"source": "cve@mitre.org"
},
{
"url": "https://portswigger.net/kb/issues/00200200_http-response-header-injection",
"source": "cve@mitre.org"
}
]
}

4
CVE-2021/CVE-2021-373xx/CVE-2021-37386.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2021-37386",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-17T17:15:09.377",
"lastModified": "2023-07-20T18:15:11.387",
"lastModified": "2023-07-20T20:15:10.027",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "HTML Injection vulnerability was found in some ONU models allows remote high privileged authenticated user to send arbitrary HTML tags via web interface, this vulnerability can cause deny of service after device is rebooted if an invalid serial number addressed."
"value": "Furukawa 423-41W/AC before v1.1.4 and LD421-21W before v1.3.3 were discovered to contain an HTML injection vulnerability via the serial number update function."
}
],
"metrics": {},

24
CVE-2021/CVE-2021-394xx/CVE-2021-39425.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2021-39425",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-20T20:15:10.093",
"lastModified": "2023-07-20T20:15:10.093",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "SeedDMS v6.0.15 was discovered to contain an open redirect vulnerability. An attacker may exploit this vulnerability to redirect users to arbitrary web URLs by tricking the victim users to click on crafted links."
}
],
"metrics": {},
"references": [
{
"url": "https://medium.com/@rohitgautam26/cve-2021-39425-8a336eba34dd",
"source": "cve@mitre.org"
},
{
"url": "https://owasp.org/www-project-web-security-testing-guide/v41/4-Web_Application_Security_Testing/11-Client_Side_Testing/04-Testing_for_Client_Side_URL_Redirect",
"source": "cve@mitre.org"
}
]
}

49
CVE-2023/CVE-2023-15xx/CVE-2023-1547.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-1547",
"sourceIdentifier": "cve@usom.gov.tr",
"published": "2023-07-13T08:15:10.400",
"lastModified": "2023-07-13T08:32:09.673",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-20T21:29:07.717",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -13,8 +13,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "cve@usom.gov.tr",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "cve@usom.gov.tr",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:elra:parkmatik:*:*:*:*:*:*:*:*",
"versionEndExcluding": "02.01-a51",
"matchCriteriaId": "1B0A96D1-3009-4A4D-9A28-B8E24A41EAD1"
}
]
}
]
}
],
"references": [
{
"url": "https://www.usom.gov.tr/bildirim/tr-23-0404",
"source": "cve@usom.gov.tr"
"source": "cve@usom.gov.tr",
"tags": [
"Third Party Advisory"
]
}
]
}

99
CVE-2023/CVE-2023-21xx/CVE-2023-2190.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2190",
"sourceIdentifier": "cve@gitlab.com",
"published": "2023-07-13T02:15:09.203",
"lastModified": "2023-07-13T08:32:09.673",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-20T20:39:14.363",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "cve@gitlab.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-639"
}
]
},
{
"source": "cve@gitlab.com",
"type": "Secondary",
@ -46,14 +76,75 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding": "13.10.0",
"versionEndExcluding": "15.11.10",
"matchCriteriaId": "6F408655-1F07-4AFE-9BA2-5B073706F30B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "13.10.0",
"versionEndExcluding": "15.11.10",
"matchCriteriaId": "EE54DFF5-10AD-4890-A37F-2AF99505389E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding": "16.0.0",
"versionEndExcluding": "16.0.6",
"matchCriteriaId": "691225A9-E175-41A1-A413-0FE619DF9ACF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "16.0.0",
"versionEndExcluding": "16.0.6",
"matchCriteriaId": "8D33EB2F-DB0F-40DA-9C1C-4A33856EABDD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding": "16.1.0",
"versionEndExcluding": "16.1.1",
"matchCriteriaId": "EDBA8049-0CB9-4B64-B803-52210D57624F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "16.1.0",
"versionEndExcluding": "16.1.1",
"matchCriteriaId": "8365BE79-8EB8-4739-993B-851506085865"
}
]
}
]
}
],
"references": [
{
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/408137",
"source": "cve@gitlab.com"
"source": "cve@gitlab.com",
"tags": [
"Broken Link",
"Vendor Advisory"
]
},
{
"url": "https://hackerone.com/reports/1944500",
"source": "cve@gitlab.com"
"source": "cve@gitlab.com",
"tags": [
"Third Party Advisory"
]
}
]
}

99
CVE-2023/CVE-2023-22xx/CVE-2023-2200.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2200",
"sourceIdentifier": "cve@gitlab.com",
"published": "2023-07-13T03:15:09.240",
"lastModified": "2023-07-13T08:32:09.673",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-20T20:36:43.987",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "cve@gitlab.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "cve@gitlab.com",
"type": "Secondary",
@ -46,14 +76,75 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding": "7.14.0",
"versionEndExcluding": "15.11.10",
"matchCriteriaId": "7FFC59B5-FE82-44EB-98BC-AFD892AA1BA5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "7.14.0",
"versionEndExcluding": "15.11.10",
"matchCriteriaId": "5429AC1F-EA8D-4B4F-8BAF-71C48210F4C8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding": "16.0.0",
"versionEndExcluding": "16.0.6",
"matchCriteriaId": "691225A9-E175-41A1-A413-0FE619DF9ACF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "16.0.0",
"versionEndExcluding": "16.0.6",
"matchCriteriaId": "8D33EB2F-DB0F-40DA-9C1C-4A33856EABDD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding": "16.1.0",
"versionEndExcluding": "16.1.1",
"matchCriteriaId": "EDBA8049-0CB9-4B64-B803-52210D57624F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "16.1.0",
"versionEndExcluding": "16.1.1",
"matchCriteriaId": "8365BE79-8EB8-4739-993B-851506085865"
}
]
}
]
}
],
"references": [
{
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/408281",
"source": "cve@gitlab.com"
"source": "cve@gitlab.com",
"tags": [
"Broken Link",
"Vendor Advisory"
]
},
{
"url": "https://hackerone.com/reports/1935628",
"source": "cve@gitlab.com"
"source": "cve@gitlab.com",
"tags": [
"Third Party Advisory"
]
}
]
}

15
CVE-2023/CVE-2023-245xx/CVE-2023-24593.json Normal file
View File

@ -0,0 +1,15 @@
{
"id": "CVE-2023-24593",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-07-20T21:15:09.883",
"lastModified": "2023-07-20T21:15:09.883",
"vulnStatus": "Rejected",
"descriptions": [
{
"lang": "en",
"value": "** REJECT ** Rejected by upstream."
}
],
"metrics": {},
"references": []
}

15
CVE-2023/CVE-2023-251xx/CVE-2023-25180.json Normal file
View File

@ -0,0 +1,15 @@
{
"id": "CVE-2023-25180",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-07-20T21:15:09.950",
"lastModified": "2023-07-20T21:15:09.950",
"vulnStatus": "Rejected",
"descriptions": [
{
"lang": "en",
"value": "** REJECT ** Rejected by upstream."
}
],
"metrics": {},
"references": []
}

99
CVE-2023/CVE-2023-25xx/CVE-2023-2576.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2576",
"sourceIdentifier": "cve@gitlab.com",
"published": "2023-07-13T03:15:09.317",
"lastModified": "2023-07-13T08:32:09.673",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-20T20:33:15.617",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "cve@gitlab.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "cve@gitlab.com",
"type": "Secondary",
@ -46,14 +76,75 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding": "13.7.0",
"versionEndExcluding": "15.11.10",
"matchCriteriaId": "FAF95B4F-011A-4CA8-9B77-B2402A890546"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "13.7.0",
"versionEndExcluding": "15.11.10",
"matchCriteriaId": "693862A6-080F-463F-95F5-F3BC3E01BA45"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding": "16.0.0",
"versionEndExcluding": "16.0.6",
"matchCriteriaId": "691225A9-E175-41A1-A413-0FE619DF9ACF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "16.0.0",
"versionEndExcluding": "16.0.6",
"matchCriteriaId": "8D33EB2F-DB0F-40DA-9C1C-4A33856EABDD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding": "16.1.0",
"versionEndExcluding": "16.1.1",
"matchCriteriaId": "EDBA8049-0CB9-4B64-B803-52210D57624F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "16.1.0",
"versionEndExcluding": "16.1.1",
"matchCriteriaId": "8365BE79-8EB8-4739-993B-851506085865"
}
]
}
]
}
],
"references": [
{
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/410123",
"source": "cve@gitlab.com"
"source": "cve@gitlab.com",
"tags": [
"Broken Link",
"Vendor Advisory"
]
},
{
"url": "https://hackerone.com/reports/1898054",
"source": "cve@gitlab.com"
"source": "cve@gitlab.com",
"tags": [
"Third Party Advisory"
]
}
]
}

99
CVE-2023/CVE-2023-26xx/CVE-2023-2620.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2620",
"sourceIdentifier": "cve@gitlab.com",
"published": "2023-07-13T03:15:09.393",
"lastModified": "2023-07-13T08:32:09.673",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-20T20:32:24.047",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 3.8,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.2,
"impactScore": 2.5
},
{
"source": "cve@gitlab.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "cve@gitlab.com",
"type": "Secondary",
@ -46,14 +76,75 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding": "15.1.0",
"versionEndExcluding": "15.11.10",
"matchCriteriaId": "360C9FA7-D45C-45BC-B580-B045004AD490"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "15.1.0",
"versionEndExcluding": "15.11.10",
"matchCriteriaId": "E7E52754-B59F-4605-817A-E6D8CB1F1C28"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding": "16.0.0",
"versionEndExcluding": "16.0.6",
"matchCriteriaId": "691225A9-E175-41A1-A413-0FE619DF9ACF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "16.0.0",
"versionEndExcluding": "16.0.6",
"matchCriteriaId": "8D33EB2F-DB0F-40DA-9C1C-4A33856EABDD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding": "16.1.0",
"versionEndExcluding": "16.1.1",
"matchCriteriaId": "EDBA8049-0CB9-4B64-B803-52210D57624F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "16.1.0",
"versionEndExcluding": "16.1.1",
"matchCriteriaId": "8365BE79-8EB8-4739-993B-851506085865"
}
]
}
]
}
],
"references": [
{
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/410433",
"source": "cve@gitlab.com"
"source": "cve@gitlab.com",
"tags": [
"Broken Link",
"Vendor Advisory"
]
},
{
"url": "https://hackerone.com/reports/1976206",
"source": "cve@gitlab.com"
"source": "cve@gitlab.com",
"tags": [
"Third Party Advisory"
]
}
]
}

72
CVE-2023/CVE-2023-294xx/CVE-2023-29454.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-29454",
"sourceIdentifier": "security@zabbix.com",
"published": "2023-07-13T10:15:09.320",
"lastModified": "2023-07-13T12:51:14.383",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-20T20:54:45.290",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "security@zabbix.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "security@zabbix.com",
"type": "Secondary",
@ -46,10 +76,46 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zabbix:frontend:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.0.0",
"versionEndIncluding": "4.0.45",
"matchCriteriaId": "735143E4-3065-47B9-850B-3B35ED2D5BEF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zabbix:frontend:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.0.0",
"versionEndIncluding": "5.0.33",
"matchCriteriaId": "57877BF4-6CA1-4E9A-AF16-DCE2BAA98684"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zabbix:frontend:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.0.0",
"versionEndIncluding": "6.0.16",
"matchCriteriaId": "F97098D9-FF13-43E6-BB62-ADC1DD1BAC09"
}
]
}
]
}
],
"references": [
{
"url": "https://support.zabbix.com/browse/ZBX-22985",
"source": "security@zabbix.com"
"source": "security@zabbix.com",
"tags": [
"Vendor Advisory"
]
}
]
}

66
CVE-2023/CVE-2023-294xx/CVE-2023-29455.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-29455",
"sourceIdentifier": "security@zabbix.com",
"published": "2023-07-13T10:15:09.377",
"lastModified": "2023-07-13T12:51:14.383",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-20T20:59:09.067",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "security@zabbix.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "security@zabbix.com",
"type": "Secondary",
@ -46,10 +76,40 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zabbix:frontend:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.0.0",
"versionEndIncluding": "4.0.45",
"matchCriteriaId": "735143E4-3065-47B9-850B-3B35ED2D5BEF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zabbix:frontend:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.0.0",
"versionEndIncluding": "5.0.33",
"matchCriteriaId": "57877BF4-6CA1-4E9A-AF16-DCE2BAA98684"
}
]
}
]
}
],
"references": [
{
"url": "https://support.zabbix.com/browse/ZBX-22986",
"source": "security@zabbix.com"
"source": "security@zabbix.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

73
CVE-2023/CVE-2023-294xx/CVE-2023-29457.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-29457",
"sourceIdentifier": "security@zabbix.com",
"published": "2023-07-13T10:15:09.507",
"lastModified": "2023-07-13T12:51:14.383",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-20T21:03:59.290",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "security@zabbix.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "security@zabbix.com",
"type": "Secondary",
@ -46,10 +76,47 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zabbix:frontend:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.0.0",
"versionEndIncluding": "4.0.45",
"matchCriteriaId": "735143E4-3065-47B9-850B-3B35ED2D5BEF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zabbix:frontend:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.0.0",
"versionEndIncluding": "5.0.34",
"matchCriteriaId": "0B999FD8-5138-4654-A142-62B36139CE13"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zabbix:frontend:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.0.0",
"versionEndIncluding": "6.0.17",
"matchCriteriaId": "C78B18D5-4E8A-4A80-85C8-D5D4BB9CF338"
}
]
}
]
}
],
"references": [
{
"url": "https://support.zabbix.com/browse/ZBX-22988",
"source": "security@zabbix.com"
"source": "security@zabbix.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

27
CVE-2023/CVE-2023-29xx/CVE-2023-2957.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2957",
"sourceIdentifier": "cve@usom.gov.tr",
"published": "2023-07-13T08:15:10.603",
"lastModified": "2023-07-13T08:32:09.673",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-20T21:29:44.953",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -46,10 +46,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lisayazilim:florist_site:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.0",
"matchCriteriaId": "F5A208EE-A643-4395-B0D7-3F76C7B7C17E"
}
]
}
]
}
],
"references": [
{
"url": "https://www.usom.gov.tr/bildirim/tr-23-0403",
"source": "cve@usom.gov.tr"
"source": "cve@usom.gov.tr",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-302xx/CVE-2023-30200.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2023-30200",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-20T20:15:10.177",
"lastModified": "2023-07-20T20:15:10.177",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In the module \u201cImage: WebP, Compress, Zoom, Lazy load, Alt & More\u201d (ultimateimagetool) in versions up to 2.1.02 from Advanced Plugins for PrestaShop, a guest can download personal informations without restriction by performing a path traversal attack."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@mitre.org",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://github.com/PrestaShop/PrestaShop/blob/6c05518b807d014ee8edb811041e3de232520c28/classes/Tools.php#L1247",
"source": "cve@mitre.org"
},
{
"url": "https://security.friendsofpresta.org/modules/2023/07/20/ultimateimagetool.html",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-317xx/CVE-2023-31753.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-31753",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-20T20:15:10.253",
"lastModified": "2023-07-20T20:15:10.253",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in diskusi.php in eNdonesia 8.7, allows an attacker to execute arbitrary SQL commands via the \"rid=\" parameter."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/khmk2k/CVE-2023-31753/",
"source": "cve@mitre.org"
}
]
}

8
CVE-2023/CVE-2023-332xx/CVE-2023-33298.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-33298",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-30T22:15:10.077",
"lastModified": "2023-07-07T22:56:39.550",
"vulnStatus": "Analyzed",
"lastModified": "2023-07-20T20:15:10.310",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -71,6 +71,10 @@
"Release Notes"
]
},
{
"url": "https://www.kb.cert.org/vuls/id/653767",
"source": "cve@mitre.org"
},
{
"url": "https://www.ns-echo.com/posts/cve_2023_33298.html",
"source": "cve@mitre.org",

49
CVE-2023/CVE-2023-33xx/CVE-2023-3319.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3319",
"sourceIdentifier": "cve@usom.gov.tr",
"published": "2023-07-13T08:15:10.837",
"lastModified": "2023-07-13T08:32:09.673",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-20T21:06:53.307",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -13,8 +13,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "cve@usom.gov.tr",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "cve@usom.gov.tr",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:idisplay:platplay_ds:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.14",
"matchCriteriaId": "A50803B4-18D9-4EF5-BFEA-3517C6C7EE23"
}
]
}
]
}
],
"references": [
{
"url": "https://www.usom.gov.tr/bildirim/tr-23-0402",
"source": "cve@usom.gov.tr"
"source": "cve@usom.gov.tr",
"tags": [
"Third Party Advisory"
]
}
]
}

76
CVE-2023/CVE-2023-33xx/CVE-2023-3362.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3362",
"sourceIdentifier": "cve@gitlab.com",
"published": "2023-07-13T03:15:10.217",
"lastModified": "2023-07-13T08:32:09.673",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-20T20:49:23.790",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "cve@gitlab.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
},
{
"source": "cve@gitlab.com",
"type": "Secondary",
@ -46,10 +76,50 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding": "16.0.0",
"versionEndExcluding": "16.0.6",
"matchCriteriaId": "691225A9-E175-41A1-A413-0FE619DF9ACF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "16.0.0",
"versionEndExcluding": "16.0.6",
"matchCriteriaId": "8D33EB2F-DB0F-40DA-9C1C-4A33856EABDD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:16.1.0:*:*:*:community:*:*:*",
"matchCriteriaId": "C4071EE0-CDB1-49B9-9B64-1783597A4EC3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:16.1.0:*:*:*:enterprise:*:*:*",
"matchCriteriaId": "5E6C33D0-3B6E-434F-A1B9-5495B1C35308"
}
]
}
]
}
],
"references": [
{
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/415131",
"source": "cve@gitlab.com"
"source": "cve@gitlab.com",
"tags": [
"Broken Link",
"Vendor Advisory"
]
}
]
}

93
CVE-2023/CVE-2023-33xx/CVE-2023-3363.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3363",
"sourceIdentifier": "cve@gitlab.com",
"published": "2023-07-13T03:15:10.280",
"lastModified": "2023-07-13T08:32:09.673",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-20T20:51:55.723",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.8,
"baseSeverity": "LOW"
},
"exploitabilityScore": 2.0,
"impactScore": 1.4
},
{
"source": "cve@gitlab.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-532"
}
]
},
{
"source": "cve@gitlab.com",
"type": "Secondary",
@ -46,10 +76,67 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding": "13.6",
"versionEndExcluding": "15.11.10",
"matchCriteriaId": "577B87FF-E7E0-4E87-A5CC-7D0605BAE647"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "13.6",
"versionEndExcluding": "15.11.10",
"matchCriteriaId": "5A342CED-40DE-4E6A-B8A1-F64D21987F04"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding": "16.0.0",
"versionEndExcluding": "16.0.6",
"matchCriteriaId": "691225A9-E175-41A1-A413-0FE619DF9ACF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "16.0.0",
"versionEndExcluding": "16.0.6",
"matchCriteriaId": "8D33EB2F-DB0F-40DA-9C1C-4A33856EABDD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding": "16.1",
"versionEndExcluding": "16.1.1",
"matchCriteriaId": "8C47692F-480C-4804-BA0D-E9AF1DB74B28"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "16.1",
"versionEndExcluding": "16.1.1",
"matchCriteriaId": "36D2F9C4-8B76-49F4-B9EE-DC2FBAA9EE2C"
}
]
}
]
}
],
"references": [
{
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/409034",
"source": "cve@gitlab.com"
"source": "cve@gitlab.com",
"tags": [
"Broken Link"
]
}
]
}

28
CVE-2023/CVE-2023-346xx/CVE-2023-34625.json Normal file
View File

@ -0,0 +1,28 @@
{
"id": "CVE-2023-34625",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-20T20:15:10.390",
"lastModified": "2023-07-20T20:15:10.390",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "ShowMojo MojoBox Digital Lockbox 1.4 is vulnerable to Authentication Bypass. The implementation of the lock opening mechanism via Bluetooth Low Energy (BLE) is vulnerable to replay attacks. A malicious user is able to intercept BLE requests and replicate them to open the lock at any time. Alternatively, an attacker with physical access to the device on which the Android app is installed, can obtain the latest BLE messages via the app logs and use them for opening the lock."
}
],
"metrics": {},
"references": [
{
"url": "https://mandomat.github.io/2023-03-15-testing-mojobox-security/",
"source": "cve@mitre.org"
},
{
"url": "https://packetstormsecurity.com/2307-exploits/mojobox14-replay.txt",
"source": "cve@mitre.org"
},
{
"url": "https://www.whid.ninja/blog/mojobox-yet-another-not-so-smartlock",
"source": "cve@mitre.org"
}
]
}

99
CVE-2023/CVE-2023-34xx/CVE-2023-3424.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3424",
"sourceIdentifier": "cve@gitlab.com",
"published": "2023-07-13T03:15:10.347",
"lastModified": "2023-07-13T08:32:09.673",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-20T20:53:05.130",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "cve@gitlab.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-1333"
}
]
},
{
"source": "cve@gitlab.com",
"type": "Secondary",
@ -46,14 +76,75 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding": "10.3.0",
"versionEndExcluding": "15.11.10",
"matchCriteriaId": "85F16F5A-A24C-463E-A8C1-13B6DC4A5FC0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "10.3.0",
"versionEndExcluding": "15.11.10",
"matchCriteriaId": "0BF67728-D908-4A42-8FCA-F44C6C8909B5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding": "16.0.0",
"versionEndExcluding": "16.0.6",
"matchCriteriaId": "691225A9-E175-41A1-A413-0FE619DF9ACF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "16.0.0",
"versionEndExcluding": "16.0.6",
"matchCriteriaId": "8D33EB2F-DB0F-40DA-9C1C-4A33856EABDD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding": "16.1.0",
"versionEndExcluding": "16.1.1",
"matchCriteriaId": "EDBA8049-0CB9-4B64-B803-52210D57624F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "16.1.0",
"versionEndExcluding": "16.1.1",
"matchCriteriaId": "8365BE79-8EB8-4739-993B-851506085865"
}
]
}
]
}
],
"references": [
{
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/409802",
"source": "cve@gitlab.com"
"source": "cve@gitlab.com",
"tags": [
"Broken Link",
"Vendor Advisory"
]
},
{
"url": "https://hackerone.com/reports/1960970",
"source": "cve@gitlab.com"
"source": "cve@gitlab.com",
"tags": [
"Third Party Advisory"
]
}
]
}

98
CVE-2023/CVE-2023-34xx/CVE-2023-3444.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3444",
"sourceIdentifier": "cve@gitlab.com",
"published": "2023-07-13T03:15:10.413",
"lastModified": "2023-07-13T08:32:09.673",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-20T20:53:39.833",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "cve@gitlab.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-74"
}
]
},
{
"source": "cve@gitlab.com",
"type": "Secondary",
@ -46,14 +76,74 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding": "15.3.0",
"versionEndExcluding": "15.11.10",
"matchCriteriaId": "49DE9F51-690B-4278-86B5-2E5A942D72AB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "15.3.0",
"versionEndExcluding": "15.11.10",
"matchCriteriaId": "3D11BBB3-C99F-4D4D-93D9-F81A3F3D119B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding": "16.0.0",
"versionEndExcluding": "16.0.6",
"matchCriteriaId": "691225A9-E175-41A1-A413-0FE619DF9ACF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "16.0.0",
"versionEndExcluding": "16.0.6",
"matchCriteriaId": "8D33EB2F-DB0F-40DA-9C1C-4A33856EABDD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding": "16.1.0",
"versionEndExcluding": "16.1.1",
"matchCriteriaId": "EDBA8049-0CB9-4B64-B803-52210D57624F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "16.1.0",
"versionEndExcluding": "16.1.1",
"matchCriteriaId": "8365BE79-8EB8-4739-993B-851506085865"
}
]
}
]
}
],
"references": [
{
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/406803",
"source": "cve@gitlab.com"
"source": "cve@gitlab.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://hackerone.com/reports/1928709",
"source": "cve@gitlab.com"
"source": "cve@gitlab.com",
"tags": [
"Third Party Advisory"
]
}
]
}

49
CVE-2023/CVE-2023-350xx/CVE-2023-35069.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35069",
"sourceIdentifier": "cve@usom.gov.tr",
"published": "2023-07-13T08:15:10.683",
"lastModified": "2023-07-13T08:32:09.673",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-20T21:27:09.213",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -13,8 +13,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "cve@usom.gov.tr",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "cve@usom.gov.tr",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:biges:bullwark_momentum_series:*:*:*:*:*:*:*:*",
"versionEndExcluding": "blw-2016e-960h",
"matchCriteriaId": "9BB03767-CA9C-4BCA-A93B-48BC876257C5"
}
]
}
]
}
],
"references": [
{
"url": "https://www.usom.gov.tr/bildirim/tr-23-0401",
"source": "cve@usom.gov.tr"
"source": "cve@usom.gov.tr",
"tags": [
"Third Party Advisory"
]
}
]
}

87
CVE-2023/CVE-2023-36xx/CVE-2023-3643.json
View File

@ -2,15 +2,41 @@
"id": "CVE-2023-3643",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-12T18:15:09.487",
"lastModified": "2023-07-13T08:32:09.673",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-20T20:02:40.327",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Boss Mini 1.4.0 Build 6221. It has been classified as critical. This affects an unknown part of the file boss/servlet/document. The manipulation of the argument path leads to file inclusion. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-233889 was assigned to this vulnerability."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad en Boss Mini v1.4.0 Build 6221. Se ha clasificado como cr\u00edtica. Afecta a una parte desconocida del archivo \"boss/servlet/document\". La manipulaci\u00f3n de la ruta del argumento conduce a la inclusi\u00f3n de archivos. Es posible iniciar el ataque de forma remota. El exploit ha sido revelado al p\u00fablico y puede ser utilizado. Se ha asignado a esta vulnerabilidad el identificador VDB-233889."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -61,8 +87,18 @@
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -71,18 +107,57 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:carel:boss_mini_firmware:1.4.0:build_6221:*:*:*:*:*:*",
"matchCriteriaId": "09963502-80DF-428D-9D44-D470196EB30E"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:carel:boss_mini:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4BB11F40-C701-4522-A4BC-B9D5CDBB57E6"
}
]
}
]
}
],
"references": [
{
"url": "https://drive.google.com/file/d/1RXmDUAjqZvWSvHUrfRerz7My6M3KX7YG/view",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.233889",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.233889",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

70
CVE-2023/CVE-2023-374xx/CVE-2023-37456.json
View File

@ -2,23 +2,83 @@
"id": "CVE-2023-37456",
"sourceIdentifier": "security@mozilla.org",
"published": "2023-07-12T14:15:10.000",
"lastModified": "2023-07-12T15:17:45.827",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-20T20:12:09.497",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The session restore helper crashed whenever there was no parameter sent to the message handler. This vulnerability affects Firefox for iOS < 115."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:iphone_os:*:*",
"versionEndExcluding": "115",
"matchCriteriaId": "B9F4FD70-6D6F-4191-8210-CB22BF774E08"
}
]
}
]
}
],
"references": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1795496",
"source": "security@mozilla.org"
"source": "security@mozilla.org",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2023-25/",
"source": "security@mozilla.org"
"source": "security@mozilla.org",
"tags": [
"Vendor Advisory"
]
}
]
}

24
CVE-2023/CVE-2023-376xx/CVE-2023-37649.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-37649",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-20T20:15:10.447",
"lastModified": "2023-07-20T20:15:10.447",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Incorrect access control in the component /models/Content of Cockpit CMS v2.5.2 allows unauthorized attackers to access sensitive data."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/Cockpit-HQ/Cockpit/releases/tag/2.6.0",
"source": "cve@mitre.org"
},
{
"url": "https://www.ghostccamm.com/blog/multi_cockpit_vulns/",
"source": "cve@mitre.org"
}
]
}

24
CVE-2023/CVE-2023-376xx/CVE-2023-37650.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-37650",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-20T20:15:10.503",
"lastModified": "2023-07-20T20:15:10.503",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A Cross-Site Request Forgery (CSRF) in the Admin portal of Cockpit CMS v2.5.2 allows attackers to execute arbitrary Administrator commands."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/Cockpit-HQ/Cockpit/releases/tag/2.6.0",
"source": "cve@mitre.org"
},
{
"url": "https://www.ghostccamm.com/blog/multi_cockpit_vulns/",
"source": "cve@mitre.org"
}
]
}

84
CVE-2023/CVE-2023-37xx/CVE-2023-3793.json Normal file
View File

@ -0,0 +1,84 @@
{
"id": "CVE-2023-3793",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-20T20:15:10.603",
"lastModified": "2023-07-20T20:15:10.603",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Weaver e-cology. It has been rated as critical. This issue affects some unknown processing of the file filelFileDownloadForOutDoc.class of the component HTTP POST Request Handler. The manipulation of the argument fileid with the input 1+WAITFOR+DELAY leads to sql injection. Upgrading to version 10.58.0 is able to address this issue. It is recommended to upgrade the affected component. The identifier VDB-235061 was assigned to this vulnerability."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.1,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"accessVector": "ADJACENT_NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 5.2
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 5.1,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?ctiid.235061",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.235061",
"source": "cna@vuldb.com"
}
]
}

84
CVE-2023/CVE-2023-37xx/CVE-2023-3794.json Normal file
View File

@ -0,0 +1,84 @@
{
"id": "CVE-2023-3794",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-20T20:15:10.697",
"lastModified": "2023-07-20T20:15:10.697",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as problematic has been found in Bug Finder ChainCity Real Estate Investment Platform 1.0. Affected is an unknown function of the file /chaincity/user/ticket/create of the component New Ticket Handler. The manipulation of the argument subject leads to cross site scripting. It is possible to launch the attack remotely. VDB-235062 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW"
},
"exploitabilityScore": 2.1,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE",
"baseScore": 4.0
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?ctiid.235062",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.235062",
"source": "cna@vuldb.com"
}
]
}

84
CVE-2023/CVE-2023-37xx/CVE-2023-3795.json Normal file
View File

@ -0,0 +1,84 @@
{
"id": "CVE-2023-3795",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-20T21:15:10.010",
"lastModified": "2023-07-20T21:15:10.010",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical was found in Bug Finder ChainCity Real Estate Investment Platform 1.0. Affected by this vulnerability is an unknown functionality of the file /property of the component GET Parameter Handler. The manipulation of the argument name leads to sql injection. The associated identifier of this vulnerability is VDB-235063. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.1,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"accessVector": "ADJACENT_NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 5.2
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 5.1,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?ctiid.235063",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.235063",
"source": "cna@vuldb.com"
}
]
}

84
CVE-2023/CVE-2023-37xx/CVE-2023-3796.json Normal file
View File

@ -0,0 +1,84 @@
{
"id": "CVE-2023-3796",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-20T21:15:10.100",
"lastModified": "2023-07-20T21:15:10.100",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as problematic, has been found in Bug Finder Foody Friend 1.0. Affected by this issue is some unknown functionality of the file /user/profile of the component Profile Picture Handler. The manipulation of the argument profile_picture leads to unrestricted upload. The attack may be launched remotely. The identifier of this vulnerability is VDB-235064. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE",
"baseScore": 4.0
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?ctiid.235064",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.235064",
"source": "cna@vuldb.com"
}
]
}

82
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-07-20T20:01:13.697501+00:00
2023-07-20T22:00:24.475837+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-07-20T19:59:06.357000+00:00
2023-07-20T21:29:44.953000+00:00
```
### Last Data Feed Release
@ -29,59 +29,51 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
220756
220769
```
### CVEs added in the last Commit
Recently added CVEs: `15`
Recently added CVEs: `13`
* [CVE-2021-45094](CVE-2021/CVE-2021-450xx/CVE-2021-45094.json) (`2023-07-20T18:15:11.463`)
* [CVE-2023-31461](CVE-2023/CVE-2023-314xx/CVE-2023-31461.json) (`2023-07-20T18:15:11.917`)
* [CVE-2023-31462](CVE-2023/CVE-2023-314xx/CVE-2023-31462.json) (`2023-07-20T18:15:11.970`)
* [CVE-2023-37728](CVE-2023/CVE-2023-377xx/CVE-2023-37728.json) (`2023-07-20T18:15:12.110`)
* [CVE-2023-38334](CVE-2023/CVE-2023-383xx/CVE-2023-38334.json) (`2023-07-20T18:15:12.170`)
* [CVE-2023-38335](CVE-2023/CVE-2023-383xx/CVE-2023-38335.json) (`2023-07-20T18:15:12.227`)
* [CVE-2023-3791](CVE-2023/CVE-2023-37xx/CVE-2023-3791.json) (`2023-07-20T18:15:12.353`)
* [CVE-2023-37164](CVE-2023/CVE-2023-371xx/CVE-2023-37164.json) (`2023-07-20T19:15:10.460`)
* [CVE-2023-37165](CVE-2023/CVE-2023-371xx/CVE-2023-37165.json) (`2023-07-20T19:15:10.530`)
* [CVE-2023-37600](CVE-2023/CVE-2023-376xx/CVE-2023-37600.json) (`2023-07-20T19:15:10.597`)
* [CVE-2023-37601](CVE-2023/CVE-2023-376xx/CVE-2023-37601.json) (`2023-07-20T19:15:10.663`)
* [CVE-2023-37602](CVE-2023/CVE-2023-376xx/CVE-2023-37602.json) (`2023-07-20T19:15:10.727`)
* [CVE-2023-38523](CVE-2023/CVE-2023-385xx/CVE-2023-38523.json) (`2023-07-20T19:15:10.793`)
* [CVE-2023-38617](CVE-2023/CVE-2023-386xx/CVE-2023-38617.json) (`2023-07-20T19:15:10.867`)
* [CVE-2023-3792](CVE-2023/CVE-2023-37xx/CVE-2023-3792.json) (`2023-07-20T19:15:10.923`)
* [CVE-2020-24275](CVE-2020/CVE-2020-242xx/CVE-2020-24275.json) (`2023-07-20T20:15:09.940`)
* [CVE-2021-39425](CVE-2021/CVE-2021-394xx/CVE-2021-39425.json) (`2023-07-20T20:15:10.093`)
* [CVE-2023-30200](CVE-2023/CVE-2023-302xx/CVE-2023-30200.json) (`2023-07-20T20:15:10.177`)
* [CVE-2023-31753](CVE-2023/CVE-2023-317xx/CVE-2023-31753.json) (`2023-07-20T20:15:10.253`)
* [CVE-2023-34625](CVE-2023/CVE-2023-346xx/CVE-2023-34625.json) (`2023-07-20T20:15:10.390`)
* [CVE-2023-37649](CVE-2023/CVE-2023-376xx/CVE-2023-37649.json) (`2023-07-20T20:15:10.447`)
* [CVE-2023-37650](CVE-2023/CVE-2023-376xx/CVE-2023-37650.json) (`2023-07-20T20:15:10.503`)
* [CVE-2023-3793](CVE-2023/CVE-2023-37xx/CVE-2023-3793.json) (`2023-07-20T20:15:10.603`)
* [CVE-2023-3794](CVE-2023/CVE-2023-37xx/CVE-2023-3794.json) (`2023-07-20T20:15:10.697`)
* [CVE-2023-24593](CVE-2023/CVE-2023-245xx/CVE-2023-24593.json) (`2023-07-20T21:15:09.883`)
* [CVE-2023-25180](CVE-2023/CVE-2023-251xx/CVE-2023-25180.json) (`2023-07-20T21:15:09.950`)
* [CVE-2023-3795](CVE-2023/CVE-2023-37xx/CVE-2023-3795.json) (`2023-07-20T21:15:10.010`)
* [CVE-2023-3796](CVE-2023/CVE-2023-37xx/CVE-2023-3796.json) (`2023-07-20T21:15:10.100`)
### CVEs modified in the last Commit
Recently modified CVEs: `35`
Recently modified CVEs: `19`
* [CVE-2022-0164](CVE-2022/CVE-2022-01xx/CVE-2022-0164.json) (`2023-07-20T18:09:50.423`)
* [CVE-2022-0140](CVE-2022/CVE-2022-01xx/CVE-2022-0140.json) (`2023-07-20T18:12:18.663`)
* [CVE-2022-28171](CVE-2022/CVE-2022-281xx/CVE-2022-28171.json) (`2023-07-20T18:15:11.537`)
* [CVE-2022-2987](CVE-2022/CVE-2022-29xx/CVE-2022-2987.json) (`2023-07-20T18:24:39.960`)
* [CVE-2023-3317](CVE-2023/CVE-2023-33xx/CVE-2023-3317.json) (`2023-07-20T18:02:32.487`)
* [CVE-2023-1258](CVE-2023/CVE-2023-12xx/CVE-2023-1258.json) (`2023-07-20T18:15:11.747`)
* [CVE-2023-37629](CVE-2023/CVE-2023-376xx/CVE-2023-37629.json) (`2023-07-20T18:15:12.037`)
* [CVE-2023-38408](CVE-2023/CVE-2023-384xx/CVE-2023-38408.json) (`2023-07-20T18:15:12.287`)
* [CVE-2023-38069](CVE-2023/CVE-2023-380xx/CVE-2023-38069.json) (`2023-07-20T18:25:36.067`)
* [CVE-2023-35693](CVE-2023/CVE-2023-356xx/CVE-2023-35693.json) (`2023-07-20T18:43:04.370`)
* [CVE-2023-35691](CVE-2023/CVE-2023-356xx/CVE-2023-35691.json) (`2023-07-20T18:54:48.517`)
* [CVE-2023-35694](CVE-2023/CVE-2023-356xx/CVE-2023-35694.json) (`2023-07-20T19:00:19.483`)
* [CVE-2023-23559](CVE-2023/CVE-2023-235xx/CVE-2023-23559.json) (`2023-07-20T19:00:45.357`)
* [CVE-2023-21260](CVE-2023/CVE-2023-212xx/CVE-2023-21260.json) (`2023-07-20T19:04:40.987`)
* [CVE-2023-34129](CVE-2023/CVE-2023-341xx/CVE-2023-34129.json) (`2023-07-20T19:14:47.987`)
* [CVE-2023-22508](CVE-2023/CVE-2023-225xx/CVE-2023-22508.json) (`2023-07-20T19:15:10.250`)
* [CVE-2023-35885](CVE-2023/CVE-2023-358xx/CVE-2023-35885.json) (`2023-07-20T19:15:10.367`)
* [CVE-2023-37455](CVE-2023/CVE-2023-374xx/CVE-2023-37455.json) (`2023-07-20T19:16:40.667`)
* [CVE-2023-34130](CVE-2023/CVE-2023-341xx/CVE-2023-34130.json) (`2023-07-20T19:18:02.093`)
* [CVE-2023-37560](CVE-2023/CVE-2023-375xx/CVE-2023-37560.json) (`2023-07-20T19:28:00.590`)
* [CVE-2023-34125](CVE-2023/CVE-2023-341xx/CVE-2023-34125.json) (`2023-07-20T19:43:44.623`)
* [CVE-2023-3600](CVE-2023/CVE-2023-36xx/CVE-2023-3600.json) (`2023-07-20T19:46:21.273`)
* [CVE-2023-21257](CVE-2023/CVE-2023-212xx/CVE-2023-21257.json) (`2023-07-20T19:46:58.023`)
* [CVE-2023-3596](CVE-2023/CVE-2023-35xx/CVE-2023-3596.json) (`2023-07-20T19:51:44.103`)
* [CVE-2023-36266](CVE-2023/CVE-2023-362xx/CVE-2023-36266.json) (`2023-07-20T19:59:06.357`)
* [CVE-2021-37386](CVE-2021/CVE-2021-373xx/CVE-2021-37386.json) (`2023-07-20T20:15:10.027`)
* [CVE-2023-3643](CVE-2023/CVE-2023-36xx/CVE-2023-3643.json) (`2023-07-20T20:02:40.327`)
* [CVE-2023-37456](CVE-2023/CVE-2023-374xx/CVE-2023-37456.json) (`2023-07-20T20:12:09.497`)
* [CVE-2023-33298](CVE-2023/CVE-2023-332xx/CVE-2023-33298.json) (`2023-07-20T20:15:10.310`)
* [CVE-2023-2620](CVE-2023/CVE-2023-26xx/CVE-2023-2620.json) (`2023-07-20T20:32:24.047`)
* [CVE-2023-2576](CVE-2023/CVE-2023-25xx/CVE-2023-2576.json) (`2023-07-20T20:33:15.617`)
* [CVE-2023-2200](CVE-2023/CVE-2023-22xx/CVE-2023-2200.json) (`2023-07-20T20:36:43.987`)
* [CVE-2023-2190](CVE-2023/CVE-2023-21xx/CVE-2023-2190.json) (`2023-07-20T20:39:14.363`)
* [CVE-2023-3362](CVE-2023/CVE-2023-33xx/CVE-2023-3362.json) (`2023-07-20T20:49:23.790`)
* [CVE-2023-3363](CVE-2023/CVE-2023-33xx/CVE-2023-3363.json) (`2023-07-20T20:51:55.723`)
* [CVE-2023-3424](CVE-2023/CVE-2023-34xx/CVE-2023-3424.json) (`2023-07-20T20:53:05.130`)
* [CVE-2023-3444](CVE-2023/CVE-2023-34xx/CVE-2023-3444.json) (`2023-07-20T20:53:39.833`)
* [CVE-2023-29454](CVE-2023/CVE-2023-294xx/CVE-2023-29454.json) (`2023-07-20T20:54:45.290`)
* [CVE-2023-29455](CVE-2023/CVE-2023-294xx/CVE-2023-29455.json) (`2023-07-20T20:59:09.067`)
* [CVE-2023-29457](CVE-2023/CVE-2023-294xx/CVE-2023-29457.json) (`2023-07-20T21:03:59.290`)
* [CVE-2023-3319](CVE-2023/CVE-2023-33xx/CVE-2023-3319.json) (`2023-07-20T21:06:53.307`)
* [CVE-2023-35069](CVE-2023/CVE-2023-350xx/CVE-2023-35069.json) (`2023-07-20T21:27:09.213`)
* [CVE-2023-1547](CVE-2023/CVE-2023-15xx/CVE-2023-1547.json) (`2023-07-20T21:29:07.717`)
* [CVE-2023-2957](CVE-2023/CVE-2023-29xx/CVE-2023-2957.json) (`2023-07-20T21:29:44.953`)
## Download and Usage