admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-06 18:52:58 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-08-24T22:00:25.415449+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-08-24 22:00:28 +00:00
parent 4fe276fd44
commit 9a51243e8e
52 changed files with 9463 additions and 270 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

68
CVE-2020/CVE-2020-210xx/CVE-2020-21047.json
View File

@ -2,23 +2,81 @@
"id": "CVE-2020-21047",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-22T19:16:09.657",
"lastModified": "2023-08-22T20:10:36.537",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-24T21:56:20.380",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The libcpu component which is used by libasm of elfutils version 0.177 (git 47780c9e), suffers from denial-of-service vulnerability caused by application crashes due to out-of-bounds write (CWE-787), off-by-one error (CWE-193) and reachable assertion (CWE-617); to exploit the vulnerability, the attackers need to craft certain ELF files which bypass the missing bound checks."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:elfutils_project:elfutils:0.177:*:*:*:*:*:*:*",
"matchCriteriaId": "79E8381A-EABD-4085-B282-14AB4B5A0B0E"
}
]
}
]
}
],
"references": [
{
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=25068",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
]
},
{
"url": "https://sourceware.org/git/?p=elfutils.git;a=commitdiff;h=99dc63b10b3878616b85df2dfd2e4e7103e414b8",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Patch"
]
}
]
}

63
CVE-2020/CVE-2020-214xx/CVE-2020-21426.json
View File

@ -2,19 +2,74 @@
"id": "CVE-2020-21426",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-22T19:16:10.540",
"lastModified": "2023-08-22T20:10:36.537",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-24T21:56:50.677",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Buffer Overflow vulnerability in function C_IStream::read in PluginEXR.cpp in FreeImage 3.18.0 allows remote attackers to run arbitrary code and cause other impacts via crafted image file."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:freeimage_project:freeimage:3.18.0:*:*:*:*:*:*:*",
"matchCriteriaId": "649CACB0-AD52-4217-9DF9-B692533ED990"
}
]
}
]
}
],
"references": [
{
"url": "https://sourceforge.net/p/freeimage/bugs/300/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

63
CVE-2020/CVE-2020-214xx/CVE-2020-21427.json
View File

@ -2,19 +2,74 @@
"id": "CVE-2020-21427",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-22T19:16:11.423",
"lastModified": "2023-08-22T20:10:36.537",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-24T21:57:13.280",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Buffer Overflow vulnerability in function LoadPixelDataRLE8 in PluginBMP.cpp in FreeImage 3.18.0 allows remote attackers to run arbitrary code and cause other impacts via crafted image file."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:freeimage_project:freeimage:3.18.0:*:*:*:*:*:*:*",
"matchCriteriaId": "649CACB0-AD52-4217-9DF9-B692533ED990"
}
]
}
]
}
],
"references": [
{
"url": "https://sourceforge.net/p/freeimage/bugs/298/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

63
CVE-2020/CVE-2020-214xx/CVE-2020-21428.json
View File

@ -2,19 +2,74 @@
"id": "CVE-2020-21428",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-22T19:16:12.293",
"lastModified": "2023-08-22T20:10:36.537",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-24T21:57:26.233",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Buffer Overflow vulnerability in function LoadRGB in PluginDDS.cpp in FreeImage 3.18.0 allows remote attackers to run arbitrary code and cause other impacts via crafted image file."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:freeimage_project:freeimage:3.18.0:*:*:*:*:*:*:*",
"matchCriteriaId": "649CACB0-AD52-4217-9DF9-B692533ED990"
}
]
}
]
}
],
"references": [
{
"url": "https://sourceforge.net/p/freeimage/bugs/299/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

65
CVE-2020/CVE-2020-214xx/CVE-2020-21469.json
View File

@ -2,19 +2,76 @@
"id": "CVE-2020-21469",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-22T19:16:13.257",
"lastModified": "2023-08-22T20:10:36.537",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-24T21:57:38.063",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in PostgreSQL 12.2 allows attackers to cause a denial of service via repeatedly sending SIGHUP signals."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:postgresql:postgresql:12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CAF3839D-92B7-416C-A03E-5C6D43EA28FB"
}
]
}
]
}
],
"references": [
{
"url": "https://www.postgresql.org/message-id/CAA8ZSMqAHDCgo07hqKoM5XJaoQy6Vv76O7966agez4ffyQktkA%40mail.gmail.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Mailing List",
"Vendor Advisory"
]
}
]
}

72
CVE-2020/CVE-2020-214xx/CVE-2020-21490.json
View File

@ -2,23 +2,85 @@
"id": "CVE-2020-21490",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-22T19:16:13.720",
"lastModified": "2023-08-22T20:10:36.537",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-24T21:57:50.157",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in GNU Binutils 2.34. It is a memory leak when process microblaze-dis.c. This one will consume memory on each insn disassembled."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-401"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gnu:binutils:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.34",
"matchCriteriaId": "7FF09EA1-994B-4950-B853-1FB4F936A162"
}
]
}
]
}
],
"references": [
{
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=25249",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
]
},
{
"url": "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=378fd436405b3051df34ac995b2e03fe1f3d1907",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
}
]
}

68
CVE-2021/CVE-2021-324xx/CVE-2021-32420.json
View File

@ -2,23 +2,81 @@
"id": "CVE-2021-32420",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-22T19:16:20.407",
"lastModified": "2023-08-22T20:10:36.537",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-24T21:57:58.933",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "dpic 2021.01.01 has a Heap-based Buffer Overflow in thestorestring function in dpic.y."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dpic_project:dpic:2021-01-01:*:*:*:*:*:*:*",
"matchCriteriaId": "D307101F-A646-498A-B48E-5017C4B3A794"
}
]
}
]
}
],
"references": [
{
"url": "https://gitlab.com/aplevich/dpic/-/commit/d317e4066c17f9ceb359b3af13264c32f6fb43cf",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://gitlab.com/aplevich/dpic/-/issues/5",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

68
CVE-2021/CVE-2021-324xx/CVE-2021-32421.json
View File

@ -2,23 +2,81 @@
"id": "CVE-2021-32421",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-22T19:16:20.460",
"lastModified": "2023-08-22T20:10:36.537",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-24T21:58:05.890",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "dpic 2021.01.01 has a Heap Use-After-Free in thedeletestringbox() function in dpic.y."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dpic_project:dpic:2021-01-01:*:*:*:*:*:*:*",
"matchCriteriaId": "D307101F-A646-498A-B48E-5017C4B3A794"
}
]
}
]
}
],
"references": [
{
"url": "https://gitlab.com/aplevich/dpic/-/commit/d317e4066c17f9ceb359b3af13264c32f6fb43cf",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://gitlab.com/aplevich/dpic/-/issues/7",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

68
CVE-2021/CVE-2021-324xx/CVE-2021-32422.json
View File

@ -2,23 +2,81 @@
"id": "CVE-2021-32422",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-22T19:16:20.510",
"lastModified": "2023-08-22T20:10:36.537",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-24T21:59:32.583",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "dpic 2021.01.01 has a Global buffer overflow in theyylex() function in main.c and reads out of the bound array."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dpic_project:dpic:2021-01-01:*:*:*:*:*:*:*",
"matchCriteriaId": "D307101F-A646-498A-B48E-5017C4B3A794"
}
]
}
]
}
],
"references": [
{
"url": "https://gitlab.com/aplevich/dpic/-/commit/d317e4066c17f9ceb359b3af13264c32f6fb43cf",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://gitlab.com/aplevich/dpic/-/issues/6",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
}
]
}

238
CVE-2022/CVE-2022-249xx/CVE-2022-24989.json
View File

@ -2,35 +2,257 @@
"id": "CVE-2022-24989",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-20T18:15:09.523",
"lastModified": "2023-08-21T12:47:18.157",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-24T20:52:21.533",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "TerraMaster NAS through 4.2.30 allows remote WAN attackers to execute arbitrary code as root via the raidtype and diskstring parameters for PHP Object Instantiation to the api.php?mobile/createRaid URI. (Shell metacharacters can be placed in raidtype because popen is used without any sanitization.) The credentials from CVE-2022-24990 exploitation can be used."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-74"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:terra-master:terramaster_operating_system:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.2.31",
"matchCriteriaId": "A0AE9591-B8DA-4A95-9734-1A58B95BB227"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:terra-master:f2-210:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A084599C-E4D9-4EC5-8103-68CDBB3604CF"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:terra-master:f2-221:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EAEF4467-F859-45E8-8171-54350D7D53BB"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:terra-master:f2-223:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CB1C4291-64C7-4DCB-87A7-EE6A40146406"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:terra-master:f2-422:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B42338B7-B6C2-49ED-AF3B-6815317884FD"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:terra-master:f2-423:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67EF611C-748C-4CB0-902B-1966B6C6A7AA"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:terra-master:f4-421:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3EDED618-8CF9-41C0-942F-9F5D002BE03E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:terra-master:f4-422:-:*:*:*:*:*:*:*",
"matchCriteriaId": "402856F7-D66E-4C49-9F32-384AE7A05C7A"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:terra-master:f4-423:-:*:*:*:*:*:*:*",
"matchCriteriaId": "54A2F40A-F7B2-4B90-90A5-130533778329"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:terra-master:f5-221:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D062C23E-2584-41EE-B1CC-BDC95E59B914"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:terra-master:f5-422:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1681757B-8E75-4B6A-838B-552B0BDC5EFE"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:terra-master:t12-423:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3A349FBD-BC5E-4024-AD39-328B32F60926"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:terra-master:t12-450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "55C15FCA-8926-42B7-9281-9F1EF7DC87DB"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:terra-master:t6-423:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E71B3D05-9532-4B1E-B396-E9FFB3A18293"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:terra-master:t9-423:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1A27209E-7A2A-45BA-AF03-4B7EEBD8F1D1"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:terra-master:t9-450:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1FFE2A59-4247-463E-B5C5-056C340F96E3"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:terra-master:u12-322-9100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BFC50AFC-D452-44C6-ABF9-8E38031F63BB"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:terra-master:u12-423:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AEF38923-3F6B-4115-9574-42A5916E4A86"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:terra-master:u12-722-2224:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8C1070B1-DACC-4A1F-BC42-F7915CF61E53"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:terra-master:u16-322-9100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "40A6B355-0AD1-4591-81D5-CDB020340D5E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:terra-master:u16-722-2224:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49C9AB29-58C3-4005-86B4-A31CE157DD8D"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:terra-master:u24-722-2224:-:*:*:*:*:*:*:*",
"matchCriteriaId": "540EC60C-3285-4BFD-A617-14646988D361"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:terra-master:u4-111:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C0E959DF-601B-4561-BC18-753A0C5FB13C"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:terra-master:u4-211:-:*:*:*:*:*:*:*",
"matchCriteriaId": "18A93A74-C8B7-4146-A3FF-8B3678FBD5B5"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:terra-master:u4-423:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9220B428-CAF9-4EC1-92FB-FA81592D191C"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:terra-master:u8-111:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5125FD8D-9EC9-4B5C-9CB3-E3ADE59A7CB1"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:terra-master:u8-322-9100:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8982E486-A1D5-411D-85D1-20E5A3DB8192"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:terra-master:u8-423:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3491C51B-83EB-4D50-9B41-7E1F2B7A63AB"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:terra-master:u8-522-9400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "47377993-E503-44F4-92C6-4B57A3E280B2"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:h:terra-master:u8-722-2224:-:*:*:*:*:*:*:*",
"matchCriteriaId": "39231C4D-8F9E-4A21-A5D9-F5DED81A6E00"
}
]
}
]
}
],
"references": [
{
"url": "https://attackerkb.com/topics/h8YKVKx21t/cve-2022-24990",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://forum.terra-master.com/en/viewforum.php?f=28",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/0xf4n9x/CVE-2022-24990",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
},
{
"url": "https://octagon.net/blog/2022/03/07/cve-2022-24990-terrmaster-tos-unauthenticated-remote-command-execution-via-php-object-instantiation",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
},
{
"url": "https://packetstormsecurity.com/files/172904",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
}
]
}

81
CVE-2023/CVE-2023-23xx/CVE-2023-2317.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2317",
"sourceIdentifier": "info@starlabs.sg",
"published": "2023-08-19T06:15:46.687",
"lastModified": "2023-08-20T00:48:59.350",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-24T20:12:21.367",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.6,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 2.8,
"impactScore": 6.0
},
{
"source": "info@starlabs.sg",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "info@starlabs.sg",
"type": "Secondary",
@ -46,14 +76,57 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:typora:typora:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.6.7",
"matchCriteriaId": "8A864E61-1493-40D3-9EFB-A8124F2FE28E"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://starlabs.sg/advisories/23/23-2317/",
"source": "info@starlabs.sg"
"source": "info@starlabs.sg",
"tags": [
"Exploit",
"Mitigation",
"Third Party Advisory"
]
},
{
"url": "https://support.typora.io/What's-New-1.6/",
"source": "info@starlabs.sg"
"source": "info@starlabs.sg",
"tags": [
"Vendor Advisory"
]
}
]
}

74
CVE-2023/CVE-2023-259xx/CVE-2023-25913.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-25913",
"sourceIdentifier": "csirt@divd.nl",
"published": "2023-08-21T21:15:07.993",
"lastModified": "2023-08-22T12:41:26.783",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-24T21:39:11.560",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "csirt@divd.nl",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
},
{
"source": "csirt@divd.nl",
"type": "Secondary",
@ -50,14 +80,50 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:danfoss:ak-sm_800a_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3",
"matchCriteriaId": "0FE57274-BA94-492A-9D3A-A74F047E9EF4"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:danfoss:ak-sm_800a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A4EC90A1-18C1-4509-96DF-A528E2AF5989"
}
]
}
]
}
],
"references": [
{
"url": "https://csirt.divd.nl/CVE-2023-25913",
"source": "csirt@divd.nl"
"source": "csirt@divd.nl",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://csirt.divd.nl/DIVD-2023-00025",
"source": "csirt@divd.nl"
"source": "csirt@divd.nl",
"tags": [
"Third Party Advisory"
]
}
]
}

74
CVE-2023/CVE-2023-259xx/CVE-2023-25914.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-25914",
"sourceIdentifier": "csirt@divd.nl",
"published": "2023-08-21T21:15:08.970",
"lastModified": "2023-08-22T12:41:26.783",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-24T21:38:58.693",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "csirt@divd.nl",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
},
{
"source": "csirt@divd.nl",
"type": "Secondary",
@ -46,14 +76,50 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:danfoss:ak-sm_800a_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3",
"matchCriteriaId": "0FE57274-BA94-492A-9D3A-A74F047E9EF4"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:danfoss:ak-sm_800a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A4EC90A1-18C1-4509-96DF-A528E2AF5989"
}
]
}
]
}
],
"references": [
{
"url": "https://csirt.divd.nl/CVE-2023-25914",
"source": "csirt@divd.nl"
"source": "csirt@divd.nl",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://csirt.divd.nl/DIVD-2023-00025",
"source": "csirt@divd.nl"
"source": "csirt@divd.nl",
"tags": [
"Third Party Advisory"
]
}
]
}

74
CVE-2023/CVE-2023-259xx/CVE-2023-25915.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-25915",
"sourceIdentifier": "csirt@divd.nl",
"published": "2023-08-21T21:15:09.170",
"lastModified": "2023-08-22T12:41:26.783",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-24T21:37:26.140",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "csirt@divd.nl",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "csirt@divd.nl",
"type": "Secondary",
@ -46,14 +76,50 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:danfoss:ak-sm_800a_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.3",
"matchCriteriaId": "0FE57274-BA94-492A-9D3A-A74F047E9EF4"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:danfoss:ak-sm_800a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A4EC90A1-18C1-4509-96DF-A528E2AF5989"
}
]
}
]
}
],
"references": [
{
"url": "https://csirt.divd.nl/CVE-2023-25915",
"source": "csirt@divd.nl"
"source": "csirt@divd.nl",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://csirt.divd.nl/DIVD-2023-00025",
"source": "csirt@divd.nl"
"source": "csirt@divd.nl",
"tags": [
"Third Party Advisory"
]
}
]
}

76
CVE-2023/CVE-2023-29xx/CVE-2023-2971.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2971",
"sourceIdentifier": "info@starlabs.sg",
"published": "2023-08-19T06:15:47.037",
"lastModified": "2023-08-20T00:48:59.350",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-24T20:19:37.060",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "info@starlabs.sg",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
},
{
"source": "info@starlabs.sg",
"type": "Secondary",
@ -46,10 +76,50 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:typora:typora:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.6.7",
"matchCriteriaId": "EBA5590F-3A15-40CF-AC36-6CBA8C128D19"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://starlabs.sg/advisories/23/23-2971/",
"source": "info@starlabs.sg"
"source": "info@starlabs.sg",
"tags": [
"Exploit",
"Mitigation",
"Third Party Advisory"
]
}
]
}

27
CVE-2023/CVE-2023-310xx/CVE-2023-31041.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-31041",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-14T15:15:12.237",
"lastModified": "2023-08-22T17:59:25.407",
"lastModified": "2023-08-24T21:26:16.843",
"vulnStatus": "Analyzed",
"descriptions": [
{
@ -55,28 +55,33 @@
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:insyde:insydeh2o:05.28.19:*:*:*:*:*:*:*",
"matchCriteriaId": "01566E54-2842-4B3E-9030-CA70FC5B020B"
"criteria": "cpe:2.3:a:insyde:insydeh2o:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C50E9CE0-9960-4939-A6C1-E6E69F464456"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:insyde:insydeh2o:05.37.19:*:*:*:*:*:*:*",
"matchCriteriaId": "EEFC1B46-12FB-4963-9728-CFB372BAE7E3"
"criteria": "cpe:2.3:a:insyde:insydeh2o:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6F486B49-3E4C-43BD-9165-8D159EBE74F9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:insyde:insydeh2o:05.45.19:*:*:*:*:*:*:*",
"matchCriteriaId": "625BE1C3-0CE2-458B-A919-58D0D7CB685F"
"criteria": "cpe:2.3:a:insyde:insydeh2o:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2BA6B7DE-2275-41D9-BFD0-066AC3912055"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:insyde:insydeh2o:05.53.19:*:*:*:*:*:*:*",
"matchCriteriaId": "CCBC9852-F065-46F7-997E-28557EB8E9FC"
"criteria": "cpe:2.3:a:insyde:insydeh2o:5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "24E601E3-FCF5-4907-BCB1-E5D331896E40"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:insyde:insydeh2o:05.60.20:*:*:*:*:*:*:*",
"matchCriteriaId": "87B31FE0-9B1A-4B19-9A58-4DF2F94A1494"
"criteria": "cpe:2.3:a:insyde:insydeh2o:5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "88E0151F-0A27-4F69-96B4-A40B00719107"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:insyde:insydeh2o:5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E87C1381-CDD4-4A1C-AF59-32873BDF2730"
}
]
}

79
CVE-2023/CVE-2023-320xx/CVE-2023-32002.json
View File

@ -2,19 +2,90 @@
"id": "CVE-2023-32002",
"sourceIdentifier": "support@hackerone.com",
"published": "2023-08-21T17:15:47.000",
"lastModified": "2023-08-21T18:35:09.707",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-24T21:09:53.487",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The use of `Module._load()` can bypass the policy mechanism and require modules outside of the policy.json definition for a given module.\n\nThis vulnerability affects all users using the experimental policy mechanism in all active release lines: 16.x, 18.x and, 20.x.\n\nPlease note that at the time this CVE was issued, the policy is an experimental feature of Node.js."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*",
"versionStartIncluding": "16.0.0",
"versionEndIncluding": "16.20.1",
"matchCriteriaId": "F75B0DBB-A86A-4F14-8F4E-63ABA2DF1F35"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*",
"versionStartIncluding": "18.0.0",
"versionEndIncluding": "18.17.0",
"matchCriteriaId": "686E16B9-C6B9-4EF8-9B0F-913203469EF8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*",
"versionStartIncluding": "20.0.0",
"versionEndIncluding": "20.5.0",
"matchCriteriaId": "15EAF008-AA6F-4A70-9FFA-F4EE4DE53E44"
}
]
}
]
}
],
"references": [
{
"url": "https://hackerone.com/reports/1960870",
"source": "support@hackerone.com"
"source": "support@hackerone.com",
"tags": [
"Third Party Advisory"
]
}
]
}

53
CVE-2023/CVE-2023-33xx/CVE-2023-3366.json
View File

@ -2,15 +2,38 @@
"id": "CVE-2023-3366",
"sourceIdentifier": "contact@wpscan.com",
"published": "2023-08-21T17:15:48.927",
"lastModified": "2023-08-21T18:35:09.707",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-24T21:41:42.800",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The MultiParcels Shipping For WooCommerce WordPress plugin before 1.15.2 does not have CRSF check when deleting a shipment, allowing attackers to make any logged in user, delete arbitrary shipment via a CSRF attack"
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "contact@wpscan.com",
@ -23,10 +46,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:multiparcels:multiparcels_shipping_for_woocommerce:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "1.15.2",
"matchCriteriaId": "9D5078D1-983E-494A-80D2-A39E403310EC"
}
]
}
]
}
],
"references": [
{
"url": "https://wpscan.com/vulnerability/b2f06223-9352-4227-ae94-32061e2c5611",
"source": "contact@wpscan.com"
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

40
CVE-2023/CVE-2023-367xx/CVE-2023-36787.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36787",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-08-21T20:15:08.637",
"lastModified": "2023-08-22T12:41:26.783",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-24T21:39:50.107",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -34,10 +34,44 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:edge_chromium:*:*:*:*:*:*:*:*",
"versionEndExcluding": "116.0.1938.54",
"matchCriteriaId": "13F37E95-A8B9-446C-A9A5-D14E7FB46659"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36787",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

1415
CVE-2023/CVE-2023-368xx/CVE-2023-36844.json
View File

File diff suppressed because it is too large Load Diff

1393
CVE-2023/CVE-2023-368xx/CVE-2023-36845.json
View File

File diff suppressed because it is too large Load Diff

1405
CVE-2023/CVE-2023-368xx/CVE-2023-36846.json
View File

File diff suppressed because it is too large Load Diff

1393
CVE-2023/CVE-2023-368xx/CVE-2023-36847.json
View File

File diff suppressed because it is too large Load Diff

104
CVE-2023/CVE-2023-373xx/CVE-2023-37369.json
View File

@ -2,27 +2,119 @@
"id": "CVE-2023-37369",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-20T07:15:08.963",
"lastModified": "2023-08-23T01:15:14.883",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-24T20:24:38.260",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "In Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.2, there can be an application crash in QXmlStreamReader via a crafted XML string that triggers a situation in which a prefix is greater than a length."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qt:qt:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.15",
"matchCriteriaId": "19F5F946-5DD7-4F8D-8171-83BB0D9C5048"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qt:qt:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.0.0",
"versionEndExcluding": "6.2.9",
"matchCriteriaId": "513DDB0D-A132-4046-8B49-D2776E585826"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:qt:qt:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.3.0",
"versionEndExcluding": "6.5.2",
"matchCriteriaId": "226FFAAF-14BA-4B15-A7DC-40E7CE23947B"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"
}
]
}
]
}
],
"references": [
{
"url": "https://bugreports.qt.io/browse/QTBUG-114829",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
},
{
"url": "https://codereview.qt-project.org/c/qt/qtbase/+/455027",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Patch"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00028.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
}
]
}

68
CVE-2023/CVE-2023-380xx/CVE-2023-38035.json
View File

@ -2,19 +2,79 @@
"id": "CVE-2023-38035",
"sourceIdentifier": "support@hackerone.com",
"published": "2023-08-21T17:15:47.457",
"lastModified": "2023-08-21T18:35:09.707",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-24T21:13:56.893",
"vulnStatus": "Analyzed",
"cisaExploitAdd": "2023-08-22",
"cisaActionDue": "2023-09-12",
"cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"cisaVulnerabilityName": "Ivanti Sentry Authentication Bypass Vulnerability",
"descriptions": [
{
"lang": "en",
"value": "A security vulnerability in MICS Admin Portal in Ivanti MobileIron Sentry versions 9.18.0 and below, which may allow an attacker to bypass authentication controls on the administrative interface due to an insufficiently restrictive Apache HTTPD configuration. "
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ivanti:mobileiron_sentry:*:*:*:*:*:*:*:*",
"versionEndIncluding": "9.18.0",
"matchCriteriaId": "D4028148-D123-4F9A-9785-8489CE5DBC8A"
}
]
}
]
}
],
"references": [
{
"url": "https://forums.ivanti.com/s/article/CVE-2023-38035-API-Authentication-Bypass-on-Sentry-Administrator-Interface",
"source": "support@hackerone.com"
"source": "support@hackerone.com",
"tags": [
"Vendor Advisory"
]
}
]
}

40
CVE-2023/CVE-2023-381xx/CVE-2023-38158.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-38158",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-08-21T20:15:08.737",
"lastModified": "2023-08-22T12:41:26.783",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-24T21:39:33.910",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -34,10 +34,44 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microsoft:edge_chromium:*:*:*:*:*:*:*:*",
"versionEndExcluding": "116.0.1938.54",
"matchCriteriaId": "13F37E95-A8B9-446C-A9A5-D14E7FB46659"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38158",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

74
CVE-2023/CVE-2023-388xx/CVE-2023-38836.json
View File

@ -2,23 +2,87 @@
"id": "CVE-2023-38836",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-21T17:15:47.633",
"lastModified": "2023-08-21T18:35:09.707",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-24T21:07:15.960",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "File Upload vulnerability in BoidCMS v.2.0.0 allows a remote attacker to execute arbitrary code via the GIF header component."
},
{
"lang": "es",
"value": "Una vulnerabilidad de carga de archivos en BoidCMS v2.0.0 permite a un atacante remoto ejecutar c\u00f3digo arbitrario a trav\u00e9s del componente de cabecera GIF. "
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:boidcms:boidcms:2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9CA34CF5-1C33-4846-B9C0-718CD2A9766A"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "http://boidcms.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://github.com/BoidCMS/BoidCMS/issues/27",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
]
}
]
}

65
CVE-2023/CVE-2023-388xx/CVE-2023-38889.json
View File

@ -2,19 +2,76 @@
"id": "CVE-2023-38889",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-15T17:15:11.887",
"lastModified": "2023-08-15T17:15:41.713",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-24T21:25:23.500",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
"lang": "en",
"value": "An issue in Alluxio v.2.9.3 and before allows an attacker to execute arbitrary code via a crafted script to the username parameter of lluxio.util.CommonUtils.getUnixGroups(java.lang.String)."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:alluxio:alluxio:2.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F843A6A2-8146-434C-ACD8-470AAD3E4FBC"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/Alluxio/alluxio/issues/17766",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Patch"
]
}
]
}

74
CVE-2023/CVE-2023-388xx/CVE-2023-38894.json
View File

@ -2,27 +2,89 @@
"id": "CVE-2023-38894",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-16T22:15:13.397",
"lastModified": "2023-08-17T12:53:44.537",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-24T21:25:14.317",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A Prototype Pollution issue in Cronvel Tree-kit v.0.7.4 and before allows a remote attacker to execute arbitrary code via the extend function."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-1321"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tree_kit_project:tree_kit:*:*:*:*:*:node.js:*:*",
"versionEndIncluding": "0.7.4",
"matchCriteriaId": "2A5407EF-16B1-497B-A791-FC29EE9B99DC"
}
]
}
]
}
],
"references": [
{
"url": "http://tree-kit.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Not Applicable"
]
},
{
"url": "https://github.com/cronvel/tree-kit",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://www.code-intelligence.com/blog/treekit-prototype-pollution-cve-2023-38894",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
}
]
}

79
CVE-2023/CVE-2023-388xx/CVE-2023-38899.json
View File

@ -2,31 +2,96 @@
"id": "CVE-2023-38899",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-21T12:15:08.483",
"lastModified": "2023-08-21T12:47:08.843",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-24T21:32:56.497",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in berkaygediz O_Blog v.1.0 allows a local attacker to escalate privileges via the secure_file_priv component."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:berkaygediz:o_blog:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9B207331-2B17-4DEC-8DD7-8351A3D1822F"
}
]
}
]
}
],
"references": [
{
"url": "http://o.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Broken Link"
]
},
{
"url": "https://github.com/berkaygediz/O_Blog",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://github.com/berkaygediz/O_Blog/issues",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Not Applicable"
]
},
{
"url": "https://github.com/berkaygediz/O_Blog/issues/2",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
}
]
}

69
CVE-2023/CVE-2023-389xx/CVE-2023-38961.json
View File

@ -2,19 +2,80 @@
"id": "CVE-2023-38961",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-21T17:15:47.973",
"lastModified": "2023-08-21T18:35:09.707",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-24T21:06:17.447",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Buffer Overflwo vulnerability in JerryScript Project jerryscript v.3.0.0 allows a remote attacker to execute arbitrary code via the scanner_is_context_needed component in js-scanner-until.c."
},
{
"lang": "es",
"value": "Una vulnerabilidad de desbordamiento de b\u00fafer en JerryScript Project jerryscript v3.0.0 permite a un atacante remoto ejecutar c\u00f3digo arbitrario a trav\u00e9s del componente \"scanner_is_context_needed\" en \"js-scanner-until.c\"."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:jerryscript:jerryscript:3.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B1A23519-19ED-4F75-9CAA-42057F88EDE5"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/jerryscript-project/jerryscript/issues/5092",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
]
}
]
}

69
CVE-2023/CVE-2023-389xx/CVE-2023-38976.json
View File

@ -2,19 +2,80 @@
"id": "CVE-2023-38976",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-21T17:15:48.127",
"lastModified": "2023-08-21T18:35:09.707",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-24T21:06:00.520",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue in weaviate v.1.20.0 allows a remote attacker to cause a denial of service via the handleUnbatchedGraphQLRequest function."
},
{
"lang": "es",
"value": "Un problema en Weaviate v1.20.0 permite a un atacante remoto causar una denegaci\u00f3n de servicio a trav\u00e9s de la funci\u00f3n \"handleUnbatchedGraphQLRequest\"."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-617"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:weaviate:weaviate:1.20.0:*:*:*:*:*:*:*",
"matchCriteriaId": "78FD46DA-F678-421E-878B-A2C6F5B94714"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/weaviate/weaviate/issues/3258",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
]
}
]
}

74
CVE-2023/CVE-2023-390xx/CVE-2023-39061.json
View File

@ -2,23 +2,87 @@
"id": "CVE-2023-39061",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-21T17:15:48.277",
"lastModified": "2023-08-21T18:35:09.707",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-24T21:05:08.520",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cross Site Request Forgery (CSRF) vulnerability in Chamilo v.1.11 thru v.1.11.20 allows a remote authenticated privileged attacker to execute arbitrary code."
},
{
"lang": "es",
"value": "Una vulnerabilidad de Cross-Site Request Forgery (CSRF) en Chamilo desde v1.11 a v1.11.20 permite a un atacante remoto autenticado ejecutar c\u00f3digo arbitrario. "
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW"
},
"exploitabilityScore": 2.1,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:chamilo:chamilo:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.11",
"versionEndIncluding": "1.11.20",
"matchCriteriaId": "430B7F12-51F0-47BA-AF88-931650467CF0"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "http://chamilo.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://support.chamilo.org/projects/chamilo-18/wiki/Security_issues#Issue-123-2023-07-08-Moderate-impact-Moderate-risk-CSRF-through-admin-account-forum-posts",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
}
]
}

69
CVE-2023/CVE-2023-390xx/CVE-2023-39094.json
View File

@ -2,19 +2,80 @@
"id": "CVE-2023-39094",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-21T17:15:48.437",
"lastModified": "2023-08-21T18:35:09.707",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-24T21:00:07.143",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Cross Site Scripting vulnerability in ZeroWdd studentmanager v.1.0 allows a remote attacker to execute arbitrary code via the username parameter in the student list function."
},
{
"lang": "es",
"value": "Una vulnerabilidad de Cross-Site Scripting (XSS) en ZeroWdd studentmanager v.1.0 permite a un atacante remoto ejecutar c\u00f3digo arbitrario a trav\u00e9s del par\u00e1metro \"username\" en la funci\u00f3n \"student list\"."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zerowdd:studentmanager:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2375E47D-661D-4707-AC3E-A71C23BEF7FB"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/ZeroWdd/studentmanager/issues/12",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
]
}
]
}

72
CVE-2023/CVE-2023-396xx/CVE-2023-39660.json
View File

@ -2,23 +2,85 @@
"id": "CVE-2023-39660",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-21T17:15:48.797",
"lastModified": "2023-08-21T18:35:09.707",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-24T21:28:27.337",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue in Gaberiele Venturi pandasai v.0.8.0 and before allows a remote attacker to execute arbitrary code via a crafted request to the prompt function."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gabrieleventuri:pandasai:*:*:*:*:*:python:*:*",
"versionEndIncluding": "0.8.0",
"matchCriteriaId": "B67616D2-0664-414C-B545-438A4BA2F0FE"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/gventuri/pandas-ai/issues/399",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Patch"
]
},
{
"url": "https://github.com/gventuri/pandas-ai/pull/409",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch"
]
}
]
}

81
CVE-2023/CVE-2023-397xx/CVE-2023-39749.json
View File

@ -2,23 +2,94 @@
"id": "CVE-2023-39749",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-21T03:15:11.683",
"lastModified": "2023-08-21T12:47:08.843",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-24T21:24:40.110",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "D-Link DAP-2660 v1.13 was discovered to contain a buffer overflow via the component /adv_resource. This vulnerability is exploited via a crafted GET request."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dlink:dap-2660_firmware:1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "C3B0EADF-14A9-4698-A03D-1C2C7660FAD4"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dlink:dap-2660:-:*:*:*:*:*:*:*",
"matchCriteriaId": "41EFE653-296E-4E37-9DCC-BAF99C4AD2F3"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/a101e-IoTvul/iotvul/blob/main/d-link/2/D-Link%20DAP-2660%20adv_resource.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://www.dlink.com/en/security-bulletin/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
}
]
}

81
CVE-2023/CVE-2023-397xx/CVE-2023-39750.json
View File

@ -2,23 +2,94 @@
"id": "CVE-2023-39750",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-21T03:15:11.747",
"lastModified": "2023-08-21T12:47:08.843",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-24T21:24:15.563",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "D-Link DAP-2660 v1.13 was discovered to contain a buffer overflow via the f_ipv6_enable parameter at /bsc_ipv6. This vulnerability is exploited via a crafted POST request."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dlink:dap-2660_firmware:1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "C3B0EADF-14A9-4698-A03D-1C2C7660FAD4"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dlink:dap-2660:-:*:*:*:*:*:*:*",
"matchCriteriaId": "41EFE653-296E-4E37-9DCC-BAF99C4AD2F3"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/a101e-IoTvul/iotvul/blob/main/d-link/1/D-Link%20DAP-2660%20bsc_ipv6.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://www.dlink.com/en/security-bulletin/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
}
]
}

76
CVE-2023/CVE-2023-397xx/CVE-2023-39751.json
View File

@ -2,19 +2,87 @@
"id": "CVE-2023-39751",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-21T03:15:11.803",
"lastModified": "2023-08-21T12:47:08.843",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-24T21:22:30.270",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "TP-Link TL-WR941ND V6 were discovered to contain a buffer overflow via the pSize parameter at /userRpm/PingIframeRpm."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tp-link:tl-wr941nd_v6_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B7CE2C9D-DD46-48E4-AF31-CB088549BB0B"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tp-link:tl-wr941nd_v6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "80795BED-4BF5-45C2-92AA-EB1DCD7D5B6C"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/a101e-IoTvul/iotvul/blob/main/tp-link/20/WR941ND_userRpm_PingIframeRpm_buffer_write_out-of-bounds_vulnerability.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

20
CVE-2023/CVE-2023-398xx/CVE-2023-39801.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-39801",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-08-24T20:15:08.657",
"lastModified": "2023-08-24T20:15:08.657",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A lack of exception handling in the Renault Easy Link Multimedia System Software Version 283C35519R allows attackers to cause a Denial of Service (DoS) via supplying crafted WMA files when connecting a device to the vehicle's USB plug and play feature."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/zj3t/Automotive-vulnerabilities/blob/main/RENAULT/ZOE_EV_2021/Vuln%232/README.md",
"source": "cve@mitre.org"
}
]
}

64
CVE-2023/CVE-2023-401xx/CVE-2023-40165.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-40165",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-08-17T18:15:17.100",
"lastModified": "2023-08-17T18:54:21.203",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-24T20:50:00.990",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -36,8 +56,18 @@
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -46,14 +76,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rubygems:rubygems.org:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2023-08-14",
"matchCriteriaId": "CE5111B4-8476-41CE-A096-4A64003A05F9"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/rubygems/rubygems.org/commit/7e19c19247ddf5885a915710afc60ec6663d8502",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/rubygems/rubygems.org/security/advisories/GHSA-rxcq-2m4f-94wm",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
}
]
}

759
CVE-2023/CVE-2023-40xx/CVE-2023-4029.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4029",
"sourceIdentifier": "psirt@lenovo.com",
"published": "2023-08-17T17:15:10.313",
"lastModified": "2023-08-17T18:54:21.203",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-24T20:27:25.837",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
},
{
"source": "psirt@lenovo.com",
"type": "Secondary",
@ -46,10 +66,743 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:lenovo:k14_type_21cu_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.12",
"matchCriteriaId": "2A65A5F7-EB4D-4B56-AC90-4B803D732688"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:lenovo:k14_type_21cu:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E420E364-555D-4E43-9102-A3F1F8994547"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:lenovo:k14_type_21cv_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.12",
"matchCriteriaId": "6FE0ACE3-E020-421F-9AB4-7C50B0232BE0"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:lenovo:k14_type_21cv:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FE21ABB-B0E2-4E2E-AD06-46E71DD82C4E"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:lenovo:thinkpad_s2_yoga_gen_8_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.10",
"matchCriteriaId": "E04588B5-4D04-46C2-9AF8-B5DDC8F345D9"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:lenovo:thinkpad_s2_yoga_gen_8:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8DA25359-AE51-45EA-8507-40953790E04E"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:lenovo:thinkpad_e14_gen_3_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.15",
"matchCriteriaId": "C9382214-2C46-46D0-AA8E-4A3DF9B46356"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:lenovo:thinkpad_e14_gen_3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66ABF1A9-495C-49BE-B7C1-2E7D4AAE7C59"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:lenovo:thinkpad_e15_gen_3_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.15",
"matchCriteriaId": "9A78B91F-AFCE-4A04-A424-C47E2373A060"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:lenovo:thinkpad_e15_gen_3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "568603E1-E38F-42D0-8AE0-AE11951852E6"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:lenovo:thinkpad_l13_gen_2_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.30",
"matchCriteriaId": "80DDA5A0-6D71-4F85-870E-2B3D62320150"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:lenovo:thinkpad_l13_gen_2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E560943-6A00-4423-91F3-FBBBBB978F6B"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:lenovo:thinkpad_l13_gen_3_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.19",
"matchCriteriaId": "7A6606CF-CCC8-4061-A989-3519EEA48E4C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:lenovo:thinkpad_l13_gen_3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7D6D51EE-16C2-4090-8872-E69E55D5D4A7"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:lenovo:thinkpad_l13_gen_4_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.10",
"matchCriteriaId": "7DBCE89B-52BE-474F-AF10-ABA25A2E7017"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:lenovo:thinkpad_l13_gen_4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0D5606FE-0787-44AD-97B8-AAB560056ED5"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:lenovo:thinkpad_l13_yoga_gen_4_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.10",
"matchCriteriaId": "1400DD3A-39C1-4C9E-BAC7-FB1588F9FFB9"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:lenovo:thinkpad_l13_yoga_gen_4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D619CDB5-510B-443F-8772-CB09DD68190D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:lenovo:thinkpad_l13_yoga_gen_2_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.30",
"matchCriteriaId": "25BA3447-9D13-4F7D-BA5B-8C90BE816007"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:lenovo:thinkpad_l13_yoga_gen_2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0CB43443-ED65-4CF5-8FDA-3BCC1E2BD5A2"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:lenovo:thinkpad_l13_yoga_gen_3_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.19",
"matchCriteriaId": "1DA62157-F2A9-4868-B7BA-C15BD4EAFD77"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:lenovo:thinkpad_l13_yoga_gen_3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B43B845-C95E-47DF-8AEB-7ADB650A5425"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:lenovo:thinkpad_l14_gen_2_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.28",
"matchCriteriaId": "7148FAD4-4CE0-432E-AFFE-1BB586259F6E"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:lenovo:thinkpad_l14_gen_2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5CE86BB2-232D-4DD9-9630-EA6517C64EB1"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:lenovo:thinkpad_l14_gen_3_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.23",
"matchCriteriaId": "C9C3B900-6538-4D4D-A3E6-E216238AC569"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:lenovo:thinkpad_l14_gen_3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E774C0D8-4712-414D-B9B9-214AAC710B63"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:lenovo:thinkpad_l14_gen_4_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.06",
"matchCriteriaId": "2ED041C6-C651-487B-B674-30FB3049579A"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:lenovo:thinkpad_l14_gen_4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "181D4876-394F-4FE0-91B8-16267F987D18"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:lenovo:thinkpad_l15_gen_2_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.28",
"matchCriteriaId": "CBEBF813-4B39-4ACA-B100-058BB06BCCB6"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:lenovo:thinkpad_l15_gen_2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "77DDB8D3-F2BD-42AB-B927-D38FB54EE902"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:lenovo:thinkpad_l15_gen_3_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.23",
"matchCriteriaId": "67569E35-EBF9-4EC0-A6D4-35BC80424093"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:lenovo:thinkpad_l15_gen_3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E4ACCDD8-A4F5-4805-91FC-4464A1FB46BA"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:lenovo:thinkpad_l15_gen_4_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.06",
"matchCriteriaId": "A18F11AF-603F-43C6-812A-BC18244E0BBC"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:lenovo:thinkpad_l15_gen_4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0ED6441F-C705-40D0-9FDF-7471955D6610"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:lenovo:thinkpad_p14s_gen_2_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.34",
"matchCriteriaId": "0F539C7D-8069-4609-AFB6-1417C78C12DB"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:lenovo:thinkpad_p14s_gen_2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AE970F53-856F-4DFF-B845-A8C5A8B14C90"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:lenovo:thinkpad_t14_gen_2_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.34",
"matchCriteriaId": "0A389BD6-0D8A-46C4-8735-25A374853ABC"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:lenovo:thinkpad_t14_gen_2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BD6A601D-0427-453F-B4A8-4EB9C18A58C6"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:lenovo:thinkpad_t14s_gen_2_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.37",
"matchCriteriaId": "2DF019E0-F79F-49BA-9EB6-FA947FE26B0A"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:lenovo:thinkpad_t14s_gen_2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "49AE9591-00C0-4136-9355-8BD5648E29A2"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:lenovo:thinkpad_s2_gen_6_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.30",
"matchCriteriaId": "61A133FE-674D-40B3-80F6-BF24D27ECC31"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:lenovo:thinkpad_s2_gen_6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FF3A2ACE-E9E9-4A93-9543-044096A8BAFE"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:lenovo:thinkpad_s2_gen_7_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.19",
"matchCriteriaId": "E54C81E5-0CB5-4EA8-9F33-37C376BE139C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:lenovo:thinkpad_s2_gen_7:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3D03A821-532F-4951-8BD5-A3C3B3F60DD3"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:lenovo:thinkpad_s2_gen_8_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.10",
"matchCriteriaId": "188634AD-EC8F-4780-A6D3-CF3E7F6DA862"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:lenovo:thinkpad_s2_gen_8:-:*:*:*:*:*:*:*",
"matchCriteriaId": "826861DB-719A-40DE-B813-CE51EDEC84D2"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:lenovo:thinkpad_s2_yoga_gen_6_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.30",
"matchCriteriaId": "6AC6F8FA-1FA0-49CF-BD73-052501D5A4B0"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:lenovo:thinkpad_s2_yoga_gen_6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3B2279C8-0F44-4CA3-9AED-F31E3C3327D8"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:lenovo:thinkpad_s2_yoga_gen_7_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.19",
"matchCriteriaId": "B01C37DE-CD3B-41B1-AD51-9A50756895AC"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:lenovo:thinkpad_s2_yoga_gen_7:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1040935-6004-4539-992A-FCDDC84333B5"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:lenovo:thinkpad_x13_gen_2_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.37",
"matchCriteriaId": "124BEE07-D47F-4503-871A-EB85495BD6F9"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:lenovo:thinkpad_x13_gen_2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B2C06223-3F58-4765-B9F4-BD56F89EA0A4"
}
]
}
]
}
],
"references": [
{
"url": "https://support.lenovo.com/us/en/product_security/LEN-134879",
"source": "psirt@lenovo.com"
"source": "psirt@lenovo.com",
"tags": [
"Vendor Advisory"
]
}
]
}

139
CVE-2023/CVE-2023-40xx/CVE-2023-4030.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4030",
"sourceIdentifier": "psirt@lenovo.com",
"published": "2023-08-17T17:15:10.403",
"lastModified": "2023-08-17T18:54:21.203",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-24T20:29:39.293",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "psirt@lenovo.com",
"type": "Secondary",
@ -46,10 +66,123 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:lenovo:thinkpad_t15_gen_2_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "44ECDB6C-F7B1-46AD-A0D3-41C5BDC3A6A6"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:lenovo:thinkpad_t15_gen_2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF9FB9A3-B1B5-42FF-9B07-0245E54237E3"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:lenovo:thinkpad_p14s_gen_2_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "68E8C048-B2DE-4167-ABDA-D8B429699A98"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:lenovo:thinkpad_p14s_gen_2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AE970F53-856F-4DFF-B845-A8C5A8B14C90"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:lenovo:thinkpad_p15s_gen_2_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2764465A-3477-4ABB-98B0-CD356CA35A0F"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:lenovo:thinkpad_p15s_gen_2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A4AE8F28-A87C-4F62-951D-92EE9952E4B1"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:lenovo:thinkpad_t14_gen_2_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC7DE47A-4C00-4BE8-ABA5-294B9BAD5F41"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:lenovo:thinkpad_t14_gen_2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BD6A601D-0427-453F-B4A8-4EB9C18A58C6"
}
]
}
]
}
],
"references": [
{
"url": "https://support.lenovo.com/us/en/product_security/LEN-134879",
"source": "psirt@lenovo.com"
"source": "psirt@lenovo.com",
"tags": [
"Vendor Advisory"
]
}
]
}

57
CVE-2023/CVE-2023-43xx/CVE-2023-4301.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4301",
"sourceIdentifier": "security@opentext.com",
"published": "2023-08-21T23:15:09.107",
"lastModified": "2023-08-22T12:41:26.783",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-24T21:36:21.440",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
},
{
"source": "security@opentext.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
},
{
"source": "security@opentext.com",
"type": "Secondary",
@ -46,10 +76,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:jenkins:fortify:*:*:*:*:*:jenkins:*:*",
"versionEndExcluding": "22.2.39",
"matchCriteriaId": "01FD7885-6F4B-49B8-AEA6-CC12328387EA"
}
]
}
]
}
],
"references": [
{
"url": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3115",
"source": "security@opentext.com"
"source": "security@opentext.com",
"tags": [
"Vendor Advisory"
]
}
]
}

57
CVE-2023/CVE-2023-43xx/CVE-2023-4302.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4302",
"sourceIdentifier": "security@opentext.com",
"published": "2023-08-21T23:15:09.247",
"lastModified": "2023-08-22T12:41:26.783",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-24T21:36:00.570",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "security@opentext.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
},
{
"source": "security@opentext.com",
"type": "Secondary",
@ -46,10 +76,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:jenkins:fortify:*:*:*:*:*:jenkins:*:*",
"versionEndExcluding": "22.2.39",
"matchCriteriaId": "01FD7885-6F4B-49B8-AEA6-CC12328387EA"
}
]
}
]
}
],
"references": [
{
"url": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3115",
"source": "security@opentext.com"
"source": "security@opentext.com",
"tags": [
"Vendor Advisory"
]
}
]
}

57
CVE-2023/CVE-2023-43xx/CVE-2023-4303.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4303",
"sourceIdentifier": "security@opentext.com",
"published": "2023-08-21T23:15:09.337",
"lastModified": "2023-08-22T12:41:26.783",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-24T21:35:28.103",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "security@opentext.com",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
},
{
"source": "security@opentext.com",
"type": "Secondary",
@ -50,10 +80,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:jenkins:fortify:*:*:*:*:*:jenkins:*:*",
"versionEndExcluding": "22.2.39",
"matchCriteriaId": "01FD7885-6F4B-49B8-AEA6-CC12328387EA"
}
]
}
]
}
],
"references": [
{
"url": "https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3140",
"source": "security@opentext.com"
"source": "security@opentext.com",
"tags": [
"Vendor Advisory"
]
}
]
}

72
CVE-2023/CVE-2023-44xx/CVE-2023-4450.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4450",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-08-21T03:15:13.760",
"lastModified": "2023-08-21T12:47:08.843",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-24T21:20:48.827",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -61,7 +83,7 @@
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
@ -69,20 +91,58 @@
"value": "CWE-74"
}
]
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-74"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:jeecg:jimureport:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.6.1",
"matchCriteriaId": "B9151906-88F8-4893-826E-69E4A9B8800A"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/keecth/bug/blob/main/jimureport%20ssti(RCE).md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Broken Link"
]
},
{
"url": "https://vuldb.com/?ctiid.237571",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.237571",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"VDB Entry"
]
}
]
}

56
CVE-2023/CVE-2023-44xx/CVE-2023-4451.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4451",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-08-20T15:15:29.760",
"lastModified": "2023-08-21T12:47:18.157",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-24T20:31:44.960",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -46,14 +68,40 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:agentejo:cockpit:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2.6.3",
"matchCriteriaId": "DB13440F-5FAF-437B-A4EF-47CA96DB8FC4"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/cockpit-hq/cockpit/commit/30609466c817e39f9de1871559603e93cd4d0d0c",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Patch"
]
},
{
"url": "https://huntr.dev/bounties/4e111c3e-6cf3-4b4c-b3c1-a540bf30f8fa",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
]
}
]
}

56
CVE-2023/CVE-2023-44xx/CVE-2023-4453.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4453",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-08-21T10:15:09.567",
"lastModified": "2023-08-21T12:47:08.843",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-24T21:14:48.307",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -46,14 +68,40 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pimcore:pimcore:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.6.8",
"matchCriteriaId": "9466938B-61DC-4127-9BD3-C043166D0DDF"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/pimcore/pimcore/commit/234c0c02ea7502071b00ab673fbe4a6ac253080e",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Patch"
]
},
{
"url": "https://huntr.dev/bounties/245a8785-0fc0-4561-b181-fa20f869d993",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
]
}
]
}

56
CVE-2023/CVE-2023-44xx/CVE-2023-4454.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4454",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-08-21T10:15:09.943",
"lastModified": "2023-08-21T12:47:08.843",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-24T21:14:29.063",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 5.7,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.1,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -46,14 +68,40 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wallabag:wallabag:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.6.3",
"matchCriteriaId": "81130FEB-7979-4BD8-A893-EF6A91CE66D5"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/wallabag/wallabag/commit/78b0b55c40511e1f22d5bbb4897aa10fca68441c",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Patch"
]
},
{
"url": "https://huntr.dev/bounties/4ee0ef74-e4d4-46e7-a05c-076bce522299",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
]
}
]
}

56
CVE-2023/CVE-2023-44xx/CVE-2023-4455.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4455",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-08-21T10:15:10.037",
"lastModified": "2023-08-21T12:47:08.843",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-24T21:11:31.950",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -46,14 +68,40 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wallabag:wallabag:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.6.3",
"matchCriteriaId": "81130FEB-7979-4BD8-A893-EF6A91CE66D5"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/wallabag/wallabag/commit/ffcc5c9062fcc8cd922d7d6d65edbe5efae96806",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Patch"
]
},
{
"url": "https://huntr.dev/bounties/5ab1b206-5fe8-4737-b275-d705e76f193a",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
]
}
]
}

90
CVE-2023/CVE-2023-44xx/CVE-2023-4459.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4459",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-08-21T19:15:09.373",
"lastModified": "2023-08-22T12:41:26.783",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-08-24T21:40:25.650",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "secalert@redhat.com",
"type": "Secondary",
@ -34,18 +54,78 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.18",
"matchCriteriaId": "FE93544F-B946-47CF-9697-FBF3484FCB92"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D"
}
]
}
]
}
],
"references": [
{
"url": "https://access.redhat.com/security/cve/CVE-2023-4459",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2219268",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Patch"
]
},
{
"url": "https://github.com/torvalds/linux/commit/edf410cb74dc612fd47ef5be319c5a0bcd6e6ccd",
"source": "secalert@redhat.com"
"source": "secalert@redhat.com",
"tags": [
"Patch"
]
}
]
}

79
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-08-24T20:00:28.321313+00:00
2023-08-24T22:00:25.415449+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-08-24T19:56:03.667000+00:00
2023-08-24T21:59:32.583000+00:00
```
### Last Data Feed Release
@ -29,62 +29,45 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
223393
223394
```
### CVEs added in the last Commit
Recently added CVEs: `18`
Recently added CVEs: `1`
* [CVE-2023-39834](CVE-2023/CVE-2023-398xx/CVE-2023-39834.json) (`2023-08-24T18:15:07.540`)
* [CVE-2023-40891](CVE-2023/CVE-2023-408xx/CVE-2023-40891.json) (`2023-08-24T18:15:07.643`)
* [CVE-2023-40892](CVE-2023/CVE-2023-408xx/CVE-2023-40892.json) (`2023-08-24T18:15:07.707`)
* [CVE-2023-40893](CVE-2023/CVE-2023-408xx/CVE-2023-40893.json) (`2023-08-24T18:15:07.767`)
* [CVE-2023-40894](CVE-2023/CVE-2023-408xx/CVE-2023-40894.json) (`2023-08-24T18:15:07.827`)
* [CVE-2023-40895](CVE-2023/CVE-2023-408xx/CVE-2023-40895.json) (`2023-08-24T18:15:07.887`)
* [CVE-2023-40896](CVE-2023/CVE-2023-408xx/CVE-2023-40896.json) (`2023-08-24T18:15:07.943`)
* [CVE-2023-40897](CVE-2023/CVE-2023-408xx/CVE-2023-40897.json) (`2023-08-24T18:15:08.000`)
* [CVE-2023-40898](CVE-2023/CVE-2023-408xx/CVE-2023-40898.json) (`2023-08-24T18:15:08.057`)
* [CVE-2023-40899](CVE-2023/CVE-2023-408xx/CVE-2023-40899.json) (`2023-08-24T18:15:08.113`)
* [CVE-2023-40900](CVE-2023/CVE-2023-409xx/CVE-2023-40900.json) (`2023-08-24T18:15:08.173`)
* [CVE-2023-40901](CVE-2023/CVE-2023-409xx/CVE-2023-40901.json) (`2023-08-24T18:15:08.227`)
* [CVE-2023-40902](CVE-2023/CVE-2023-409xx/CVE-2023-40902.json) (`2023-08-24T18:15:08.280`)
* [CVE-2023-40904](CVE-2023/CVE-2023-409xx/CVE-2023-40904.json) (`2023-08-24T18:15:08.337`)
* [CVE-2023-31412](CVE-2023/CVE-2023-314xx/CVE-2023-31412.json) (`2023-08-24T19:15:33.977`)
* [CVE-2023-4418](CVE-2023/CVE-2023-44xx/CVE-2023-4418.json) (`2023-08-24T19:15:42.890`)
* [CVE-2023-4419](CVE-2023/CVE-2023-44xx/CVE-2023-4419.json) (`2023-08-24T19:15:43.077`)
* [CVE-2023-4420](CVE-2023/CVE-2023-44xx/CVE-2023-4420.json) (`2023-08-24T19:15:43.183`)
* [CVE-2023-39801](CVE-2023/CVE-2023-398xx/CVE-2023-39801.json) (`2023-08-24T20:15:08.657`)
### CVEs modified in the last Commit
Recently modified CVEs: `47`
Recently modified CVEs: `50`
* [CVE-2023-32250](CVE-2023/CVE-2023-322xx/CVE-2023-32250.json) (`2023-08-24T19:15:35.270`)
* [CVE-2023-32254](CVE-2023/CVE-2023-322xx/CVE-2023-32254.json) (`2023-08-24T19:15:35.700`)
* [CVE-2023-33201](CVE-2023/CVE-2023-332xx/CVE-2023-33201.json) (`2023-08-24T19:15:38.933`)
* [CVE-2023-35001](CVE-2023/CVE-2023-350xx/CVE-2023-35001.json) (`2023-08-24T19:15:39.257`)
* [CVE-2023-38325](CVE-2023/CVE-2023-383xx/CVE-2023-38325.json) (`2023-08-24T19:15:39.637`)
* [CVE-2023-38427](CVE-2023/CVE-2023-384xx/CVE-2023-38427.json) (`2023-08-24T19:15:39.773`)
* [CVE-2023-38431](CVE-2023/CVE-2023-384xx/CVE-2023-38431.json) (`2023-08-24T19:15:39.913`)
* [CVE-2023-3268](CVE-2023/CVE-2023-32xx/CVE-2023-3268.json) (`2023-08-24T19:15:40.330`)
* [CVE-2023-3338](CVE-2023/CVE-2023-33xx/CVE-2023-3338.json) (`2023-08-24T19:15:40.833`)
* [CVE-2023-3618](CVE-2023/CVE-2023-36xx/CVE-2023-3618.json) (`2023-08-24T19:15:41.303`)
* [CVE-2023-35391](CVE-2023/CVE-2023-353xx/CVE-2023-35391.json) (`2023-08-24T19:26:38.597`)
* [CVE-2023-40709](CVE-2023/CVE-2023-407xx/CVE-2023-40709.json) (`2023-08-24T19:55:57.347`)
* [CVE-2023-40710](CVE-2023/CVE-2023-407xx/CVE-2023-40710.json) (`2023-08-24T19:55:57.347`)
* [CVE-2023-34040](CVE-2023/CVE-2023-340xx/CVE-2023-34040.json) (`2023-08-24T19:56:03.667`)
* [CVE-2023-40371](CVE-2023/CVE-2023-403xx/CVE-2023-40371.json) (`2023-08-24T19:56:03.667`)
* [CVE-2023-40874](CVE-2023/CVE-2023-408xx/CVE-2023-40874.json) (`2023-08-24T19:56:03.667`)
* [CVE-2023-40875](CVE-2023/CVE-2023-408xx/CVE-2023-40875.json) (`2023-08-24T19:56:03.667`)
* [CVE-2023-40876](CVE-2023/CVE-2023-408xx/CVE-2023-40876.json) (`2023-08-24T19:56:03.667`)
* [CVE-2023-40877](CVE-2023/CVE-2023-408xx/CVE-2023-40877.json) (`2023-08-24T19:56:03.667`)
* [CVE-2023-34971](CVE-2023/CVE-2023-349xx/CVE-2023-34971.json) (`2023-08-24T19:56:03.667`)
* [CVE-2023-34972](CVE-2023/CVE-2023-349xx/CVE-2023-34972.json) (`2023-08-24T19:56:03.667`)
* [CVE-2023-34973](CVE-2023/CVE-2023-349xx/CVE-2023-34973.json) (`2023-08-24T19:56:03.667`)
* [CVE-2023-40706](CVE-2023/CVE-2023-407xx/CVE-2023-40706.json) (`2023-08-24T19:56:03.667`)
* [CVE-2023-40707](CVE-2023/CVE-2023-407xx/CVE-2023-40707.json) (`2023-08-24T19:56:03.667`)
* [CVE-2023-40708](CVE-2023/CVE-2023-407xx/CVE-2023-40708.json) (`2023-08-24T19:56:03.667`)
* [CVE-2023-38836](CVE-2023/CVE-2023-388xx/CVE-2023-38836.json) (`2023-08-24T21:07:15.960`)
* [CVE-2023-32002](CVE-2023/CVE-2023-320xx/CVE-2023-32002.json) (`2023-08-24T21:09:53.487`)
* [CVE-2023-4455](CVE-2023/CVE-2023-44xx/CVE-2023-4455.json) (`2023-08-24T21:11:31.950`)
* [CVE-2023-38035](CVE-2023/CVE-2023-380xx/CVE-2023-38035.json) (`2023-08-24T21:13:56.893`)
* [CVE-2023-4454](CVE-2023/CVE-2023-44xx/CVE-2023-4454.json) (`2023-08-24T21:14:29.063`)
* [CVE-2023-4453](CVE-2023/CVE-2023-44xx/CVE-2023-4453.json) (`2023-08-24T21:14:48.307`)
* [CVE-2023-4450](CVE-2023/CVE-2023-44xx/CVE-2023-4450.json) (`2023-08-24T21:20:48.827`)
* [CVE-2023-39751](CVE-2023/CVE-2023-397xx/CVE-2023-39751.json) (`2023-08-24T21:22:30.270`)
* [CVE-2023-39750](CVE-2023/CVE-2023-397xx/CVE-2023-39750.json) (`2023-08-24T21:24:15.563`)
* [CVE-2023-39749](CVE-2023/CVE-2023-397xx/CVE-2023-39749.json) (`2023-08-24T21:24:40.110`)
* [CVE-2023-38894](CVE-2023/CVE-2023-388xx/CVE-2023-38894.json) (`2023-08-24T21:25:14.317`)
* [CVE-2023-38889](CVE-2023/CVE-2023-388xx/CVE-2023-38889.json) (`2023-08-24T21:25:23.500`)
* [CVE-2023-31041](CVE-2023/CVE-2023-310xx/CVE-2023-31041.json) (`2023-08-24T21:26:16.843`)
* [CVE-2023-39660](CVE-2023/CVE-2023-396xx/CVE-2023-39660.json) (`2023-08-24T21:28:27.337`)
* [CVE-2023-38899](CVE-2023/CVE-2023-388xx/CVE-2023-38899.json) (`2023-08-24T21:32:56.497`)
* [CVE-2023-4303](CVE-2023/CVE-2023-43xx/CVE-2023-4303.json) (`2023-08-24T21:35:28.103`)
* [CVE-2023-4302](CVE-2023/CVE-2023-43xx/CVE-2023-4302.json) (`2023-08-24T21:36:00.570`)
* [CVE-2023-4301](CVE-2023/CVE-2023-43xx/CVE-2023-4301.json) (`2023-08-24T21:36:21.440`)
* [CVE-2023-25915](CVE-2023/CVE-2023-259xx/CVE-2023-25915.json) (`2023-08-24T21:37:26.140`)
* [CVE-2023-25914](CVE-2023/CVE-2023-259xx/CVE-2023-25914.json) (`2023-08-24T21:38:58.693`)
* [CVE-2023-25913](CVE-2023/CVE-2023-259xx/CVE-2023-25913.json) (`2023-08-24T21:39:11.560`)
* [CVE-2023-38158](CVE-2023/CVE-2023-381xx/CVE-2023-38158.json) (`2023-08-24T21:39:33.910`)
* [CVE-2023-36787](CVE-2023/CVE-2023-367xx/CVE-2023-36787.json) (`2023-08-24T21:39:50.107`)
* [CVE-2023-4459](CVE-2023/CVE-2023-44xx/CVE-2023-4459.json) (`2023-08-24T21:40:25.650`)
* [CVE-2023-3366](CVE-2023/CVE-2023-33xx/CVE-2023-3366.json) (`2023-08-24T21:41:42.800`)
## Download and Usage