admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-08 03:27:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-07-19T16:01:05.735904+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-07-19 16:01:09 +00:00
parent eaa8c92d04
commit 9a68eea9a2
88 changed files with 3774 additions and 320 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

67
CVE-2020/CVE-2020-367xx/CVE-2020-36756.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2020-36756",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-07-12T07:15:09.203",
"lastModified": "2023-07-12T12:46:30.047",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-19T15:38:04.820",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -46,42 +46,87 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:10web:10webanalytics:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.2.8",
"matchCriteriaId": "D1B0FAB3-5993-4522-9B4F-9F0C1F0F8B79"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.nintechnet.com/25-wordpress-plugins-vulnerable-to-csrf-attacks/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/more-wordpress-plugins-and-themes-vulnerable-to-csrf-attacks/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-1/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-2/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-3/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-4/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-5/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2371142%40wd-google-analytics&new=2371142%40wd-google-analytics&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/db29f17d-1d2b-4f78-a78d-1579e2a5d975?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

4
CVE-2021/CVE-2021-389xx/CVE-2021-38933.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-38933",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-07-19T02:15:09.130",
"lastModified": "2023-07-19T02:15:09.130",
"vulnStatus": "Received",
"lastModified": "2023-07-19T12:47:21.130",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

67
CVE-2021/CVE-2021-44xx/CVE-2021-4407.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-4407",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-07-12T04:15:10.343",
"lastModified": "2023-07-12T12:46:41.413",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-19T12:06:58.680",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -46,42 +46,87 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:goldplugins:custom_banners:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "3.2.2",
"matchCriteriaId": "DFAAFAE3-5672-43BF-9428-B0130517E0BE"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.nintechnet.com/25-wordpress-plugins-vulnerable-to-csrf-attacks/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/more-wordpress-plugins-and-themes-vulnerable-to-csrf-attacks/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-1/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-2/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-3/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-4/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-5/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2473385%40custom-banners&new=2473385%40custom-banners&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8f4c086d-8209-4212-9d91-67238c1a9143?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

67
CVE-2021/CVE-2021-44xx/CVE-2021-4408.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-4408",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-07-12T04:15:10.447",
"lastModified": "2023-07-12T12:46:41.413",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-19T12:10:51.417",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -46,42 +46,87 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:designwall:dw_question_\\&_answer:*:*:*:*:pro:wordpress:*:*",
"versionEndIncluding": "1.5.8",
"matchCriteriaId": "E94FA51C-59CE-4D62-92EF-A85BF7960173"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.nintechnet.com/25-wordpress-plugins-vulnerable-to-csrf-attacks/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/more-wordpress-plugins-and-themes-vulnerable-to-csrf-attacks/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-1/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-2/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-3/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-4/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-5/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/dw-question-answer/trunk/inc/Handle.php#L138",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/9852e499-f413-4218-9bac-6c2be62ecc32?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

67
CVE-2021/CVE-2021-44xx/CVE-2021-4409.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-4409",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-07-12T04:15:10.563",
"lastModified": "2023-07-12T12:46:41.413",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-19T12:23:57.317",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -46,42 +46,87 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:exportfeed:woocommerce_etsy_integration:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "3.3.1",
"matchCriteriaId": "CD0B8855-250A-42BF-AA73-A21506383B57"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.nintechnet.com/25-wordpress-plugins-vulnerable-to-csrf-attacks/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/more-wordpress-plugins-and-themes-vulnerable-to-csrf-attacks/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-1/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-2/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-3/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-4/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-5/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/2573194",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/99489cc0-2e73-4d55-b95f-46d574897fac?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

67
CVE-2021/CVE-2021-44xx/CVE-2021-4419.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-4419",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-07-12T07:15:09.577",
"lastModified": "2023-07-12T12:46:30.047",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-19T15:39:10.587",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -46,42 +46,87 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:inoplugs:wp-backgrounds-lite:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.3",
"matchCriteriaId": "7383D019-FFE4-4B86-B532-84C7F4C955FD"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.nintechnet.com/25-wordpress-plugins-vulnerable-to-csrf-attacks/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/more-wordpress-plugins-and-themes-vulnerable-to-csrf-attacks/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-1/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-2/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-3/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-4/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-5/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/wp-backgrounds-lite/trunk/inoplugs_background_plugin.php#L179",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d7a05894-8f9d-442f-961c-2e80aa25c3db?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

67
CVE-2021/CVE-2021-44xx/CVE-2021-4420.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-4420",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-07-12T07:15:09.747",
"lastModified": "2023-07-12T12:46:30.047",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-19T15:54:18.010",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -46,42 +46,87 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:graphpaperpress:sell_media:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.5.5",
"matchCriteriaId": "9854AE9A-B2D2-4075-86DA-6367D760186F"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.nintechnet.com/25-wordpress-plugins-vulnerable-to-csrf-attacks/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/more-wordpress-plugins-and-themes-vulnerable-to-csrf-attacks/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-1/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-2/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-3/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-4/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-5/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2603629%40sell-media&new=2603629%40sell-media&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/da4592b6-5e84-4a89-9ade-6cc227740d32?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

89
CVE-2021/CVE-2021-44xx/CVE-2021-4421.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-4421",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-07-12T07:15:09.863",
"lastModified": "2023-07-12T12:46:30.047",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-19T15:54:52.337",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -13,7 +13,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -31,6 +31,26 @@
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
@ -46,42 +66,87 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ashstonestudios:advanced_popups:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.1.1",
"matchCriteriaId": "4DDAAA46-26E6-46D3-B316-12E45D7C8A5A"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.nintechnet.com/25-wordpress-plugins-vulnerable-to-csrf-attacks/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/more-wordpress-plugins-and-themes-vulnerable-to-csrf-attacks/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-1/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-2/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-3/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-4/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-5/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2548724%40advanced-popups&new=2548724%40advanced-popups&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/dc7b51e5-6eb7-41ba-add3-f083fb34c5e1?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

101
CVE-2021/CVE-2021-44xx/CVE-2021-4422.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-4422",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-07-12T07:15:09.997",
"lastModified": "2023-07-12T12:46:30.047",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-19T15:55:42.187",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -13,7 +13,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -31,12 +31,32 @@
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
@ -44,44 +64,99 @@
"value": "CWE-352"
}
]
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpexperts:post_smtp_mailer:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.0.20",
"matchCriteriaId": "D3612D88-8DF0-4960-BB19-937CA7D3B46D"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.nintechnet.com/25-wordpress-plugins-vulnerable-to-csrf-attacks/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/more-wordpress-plugins-and-themes-vulnerable-to-csrf-attacks/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-1/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-2/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-3/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-4/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-5/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2473579%40post-smtp&new=2473579%40post-smtp&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e018ca7c-06dd-4d40-91d4-4ed188b8aaf2?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

67
CVE-2021/CVE-2021-44xx/CVE-2021-4423.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-4423",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-07-12T07:15:10.120",
"lastModified": "2023-07-12T12:46:30.047",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-19T15:56:47.087",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -46,42 +46,87 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:it-rays:rays_grid:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.2.2",
"matchCriteriaId": "41866AD8-0240-4A35-B8ED-42CCECE928CF"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.nintechnet.com/25-wordpress-plugins-vulnerable-to-csrf-attacks/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/more-wordpress-plugins-and-themes-vulnerable-to-csrf-attacks/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-1/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-2/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-3/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-4/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-5/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/2572600/rays-grid/trunk/includes/class-db.php",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e5911815-db53-46f2-a16d-ed21be20bbfb?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

67
CVE-2021/CVE-2021-44xx/CVE-2021-4424.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-4424",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-07-12T07:15:10.240",
"lastModified": "2023-07-12T12:46:30.047",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-19T15:57:15.943",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -46,42 +46,87 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:quantumcloud:slider_hero:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "8.2.0",
"matchCriteriaId": "B9F60BCC-8D6F-4470-AB69-E77A0D5979E2"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.nintechnet.com/25-wordpress-plugins-vulnerable-to-csrf-attacks/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/more-wordpress-plugins-and-themes-vulnerable-to-csrf-attacks/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-1/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-2/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-3/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-4/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-5/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/2548890/slider-hero/trunk/qcld-slider-main.php",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e6d195cd-4df8-4926-b834-d695fc05f81d?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

57
CVE-2022/CVE-2022-318xx/CVE-2022-31810.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-31810",
"sourceIdentifier": "productcert@siemens.com",
"published": "2023-07-11T10:15:10.127",
"lastModified": "2023-07-11T12:43:16.387",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-19T14:41:04.087",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "productcert@siemens.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "productcert@siemens.com",
"type": "Secondary",
@ -46,10 +76,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:siemens:sipass_integrated:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.90.3.8",
"matchCriteriaId": "AC7AA710-4928-4B8B-AF56-24E4F5548AEA"
}
]
}
]
}
],
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-924149.pdf",
"source": "productcert@siemens.com"
"source": "productcert@siemens.com",
"tags": [
"Vendor Advisory"
]
}
]
}

28
CVE-2022/CVE-2022-408xx/CVE-2022-40896.json Normal file
View File

@ -0,0 +1,28 @@
{
"id": "CVE-2022-40896",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-19T15:15:10.007",
"lastModified": "2023-07-19T15:15:10.007",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A ReDoS issue was discovered in pygments/lexers/smithy.py in pygments through 2.15.0 via SmithyLexer."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/pygments/pygments/blob/master/pygments/lexers/smithy.py#L61",
"source": "cve@mitre.org"
},
{
"url": "https://pypi.org/project/Pygments/",
"source": "cve@mitre.org"
},
{
"url": "https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages-part-2/",
"source": "cve@mitre.org"
}
]
}

8
CVE-2022/CVE-2022-439xx/CVE-2022-43908.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2022-43908",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-07-19T02:15:09.233",
"lastModified": "2023-07-19T02:15:09.233",
"vulnStatus": "Received",
"lastModified": "2023-07-19T12:47:21.130",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "\nIBM Security Guardium 11.3 could allow an authenticated user to cause a denial of service due to improper input validation. IBM X-Force ID: 240903.\n\n"
},
{
"lang": "es",
"value": "IBM Security Guardium v11.3 podr\u00eda permitir a un usuario autenticado provocar una denegaci\u00f3n de servicio debido a una incorrecta validaci\u00f3n de entrada. ID de IBM X-Force: 240903. "
}
],
"metrics": {

8
CVE-2022/CVE-2022-439xx/CVE-2022-43910.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2022-43910",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-07-19T03:15:10.117",
"lastModified": "2023-07-19T03:15:10.117",
"vulnStatus": "Received",
"lastModified": "2023-07-19T12:47:14.573",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "\nIBM Security Guardium 11.3 could allow a local user to escalate their privileges due to improper permission controls. IBM X-Force ID: 240908.\n\n"
},
{
"lang": "es",
"value": "IBM Security Guardium v11.3 podr\u00eda permitir a un usuario local escalar sus privilegios debido a controles de permisos inadecuados. ID de IBM X-Force: 240908. "
}
],
"metrics": {

98
CVE-2023/CVE-2023-19xx/CVE-2023-1936.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-1936",
"sourceIdentifier": "cve@gitlab.com",
"published": "2023-07-11T08:15:10.380",
"lastModified": "2023-07-11T12:43:16.387",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-19T14:26:15.807",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "cve@gitlab.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
},
{
"source": "cve@gitlab.com",
"type": "Secondary",
@ -46,14 +76,74 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding": "13.7",
"versionEndExcluding": "15.11.10",
"matchCriteriaId": "7B7F05A8-554B-4418-A8C7-D556F2600FDE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "13.7",
"versionEndExcluding": "15.11.10",
"matchCriteriaId": "F4029F02-A742-456F-9FB6-A23D2D753D72"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding": "16.0.0",
"versionEndExcluding": "16.0.6",
"matchCriteriaId": "691225A9-E175-41A1-A413-0FE619DF9ACF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "16.0.0",
"versionEndExcluding": "16.0.6",
"matchCriteriaId": "8D33EB2F-DB0F-40DA-9C1C-4A33856EABDD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding": "16.1",
"versionEndExcluding": "16.1.1",
"matchCriteriaId": "8C47692F-480C-4804-BA0D-E9AF1DB74B28"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "16.1",
"versionEndExcluding": "16.1.1",
"matchCriteriaId": "36D2F9C4-8B76-49F4-B9EE-DC2FBAA9EE2C"
}
]
}
]
}
],
"references": [
{
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/405150",
"source": "cve@gitlab.com"
"source": "cve@gitlab.com",
"tags": [
"Broken Link"
]
},
{
"url": "https://hackerone.com/reports/1933829",
"source": "cve@gitlab.com"
"source": "cve@gitlab.com",
"tags": [
"Permissions Required"
]
}
]
}

6
CVE-2023/CVE-2023-214xx/CVE-2023-21400.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-21400",
"sourceIdentifier": "security@android.com",
"published": "2023-07-13T00:15:24.340",
"lastModified": "2023-07-14T21:15:08.753",
"lastModified": "2023-07-19T12:15:09.677",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -16,6 +16,10 @@
"url": "http://www.openwall.com/lists/oss-security/2023/07/14/2",
"source": "security@android.com"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/07/19/2",
"source": "security@android.com"
},
{
"url": "https://source.android.com/security/bulletin/pixel/2023-07-01",
"source": "security@android.com"

4
CVE-2023/CVE-2023-225xx/CVE-2023-22506.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-22506",
"sourceIdentifier": "security@atlassian.com",
"published": "2023-07-19T00:15:09.447",
"lastModified": "2023-07-19T00:15:09.447",
"vulnStatus": "Received",
"lastModified": "2023-07-19T12:47:21.130",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-225xx/CVE-2023-22508.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-22508",
"sourceIdentifier": "security@atlassian.com",
"published": "2023-07-18T23:15:09.297",
"lastModified": "2023-07-18T23:15:09.297",
"vulnStatus": "Received",
"lastModified": "2023-07-19T12:47:21.130",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

88
CVE-2023/CVE-2023-233xx/CVE-2023-23348.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-23348",
"sourceIdentifier": "psirt@hcl.com",
"published": "2023-07-10T18:15:10.637",
"lastModified": "2023-07-10T18:15:29.887",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-19T15:48:28.893",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "psirt@hcl.com",
"type": "Secondary",
@ -34,10 +54,72 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hcltechsw:hcl_launch:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2.0.0",
"versionEndExcluding": "6.2.7.20",
"matchCriteriaId": "296B4B08-B0F4-4A98-A451-83F23F7EE4D1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hcltechsw:hcl_launch:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.0.0.0",
"versionEndExcluding": "7.0.5.15",
"matchCriteriaId": "BCF9DDD3-0D13-4443-9BF9-2A7630D2EF06"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hcltechsw:hcl_launch:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.1.0.0",
"versionEndExcluding": "7.1.2.11",
"matchCriteriaId": "4EED0FA8-9095-4933-88FF-2EB80F494504"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hcltechsw:hcl_launch:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.2.0.0",
"versionEndExcluding": "7.2.3.4",
"matchCriteriaId": "61102B7B-7743-4614-8AA3-13BEC6CB20E0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hcltechsw:hcl_launch:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.3.0.0",
"versionEndExcluding": "7.3.1.0",
"matchCriteriaId": "D110AF13-42CC-44ED-96E1-A5FC57F301F8"
}
]
}
]
}
],
"references": [
{
"url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0105978",
"source": "psirt@hcl.com"
"source": "psirt@hcl.com",
"tags": [
"Vendor Advisory"
]
}
]
}

32
CVE-2023/CVE-2023-25xx/CVE-2023-2561.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2561",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-07-12T05:15:09.097",
"lastModified": "2023-07-12T12:46:41.413",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-19T12:42:23.927",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -46,14 +46,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gallery-metabox_project:gallery-metabox:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.5",
"matchCriteriaId": "0C35E83D-573A-4DB1-A57E-C7E1B8C14E0F"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/gallery-metabox/trunk/gallery-metabox.php?rev=611664#L233",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/faad339f-96d6-4937-a1f3-9d2d19bc6395?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

44
CVE-2023/CVE-2023-25xx/CVE-2023-2562.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2562",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-07-12T05:15:09.180",
"lastModified": "2023-07-12T12:46:41.413",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-19T14:07:58.010",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -36,7 +36,7 @@
},
"weaknesses": [
{
"source": "security@wordfence.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
@ -44,16 +44,50 @@
"value": "CWE-862"
}
]
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gallery-metabox_project:gallery-metabox:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.5",
"matchCriteriaId": "0C35E83D-573A-4DB1-A57E-C7E1B8C14E0F"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/gallery-metabox/trunk/gallery-metabox.php?rev=611664#L203",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/951e4651-56d6-474d-84b3-5a7cfc357b9f?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-260xx/CVE-2023-26023.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-26023",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-07-19T02:15:09.317",
"lastModified": "2023-07-19T02:15:09.317",
"vulnStatus": "Received",
"lastModified": "2023-07-19T12:47:21.130",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-260xx/CVE-2023-26026.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-26026",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-07-19T02:15:09.390",
"lastModified": "2023-07-19T02:15:09.390",
"vulnStatus": "Received",
"lastModified": "2023-07-19T12:47:14.573",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

59
CVE-2023/CVE-2023-273xx/CVE-2023-27379.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-27379",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-07-19T14:15:10.000",
"lastModified": "2023-07-19T15:15:10.160",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A use-after-free vulnerability exists in the JavaScript engine of Foxit Software\u2019s PDF Reader, version 12.1.2.15332. By prematurely deleting objects associated with pages, a specially crafted PDF document can trigger the reuse of previously freed memory, which can lead to arbitrary code execution. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability. Exploitation is also possible if a user visits a specially crafted, malicious site if the browser plugin extension is enabled."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "talos-cna@cisco.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"references": [
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1756",
"source": "talos-cna@cisco.com"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1756",
"source": "talos-cna@cisco.com"
}
]
}

4
CVE-2023/CVE-2023-278xx/CVE-2023-27877.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-27877",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-07-19T02:15:09.460",
"lastModified": "2023-07-19T02:15:09.460",
"vulnStatus": "Received",
"lastModified": "2023-07-19T12:47:14.573",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-285xx/CVE-2023-28513.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28513",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-07-19T02:15:09.530",
"lastModified": "2023-07-19T02:15:09.530",
"vulnStatus": "Received",
"lastModified": "2023-07-19T12:47:14.573",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

59
CVE-2023/CVE-2023-287xx/CVE-2023-28744.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-28744",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-07-19T14:15:10.117",
"lastModified": "2023-07-19T15:15:10.250",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 12.1.1.15289. A specially crafted PDF document can trigger the reuse of previously freed memory by manipulating form fields of a specific type. This can lead to memory corruption and arbitrary code execution. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability. Exploitation is also possible if a user visits a specially crafted, malicious site if the browser plugin extension is enabled."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "talos-cna@cisco.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"references": [
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1739",
"source": "talos-cna@cisco.com"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1739",
"source": "talos-cna@cisco.com"
}
]
}

8
CVE-2023/CVE-2023-287xx/CVE-2023-28754.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28754",
"sourceIdentifier": "security@apache.org",
"published": "2023-07-19T08:15:10.117",
"lastModified": "2023-07-19T08:15:10.117",
"vulnStatus": "Received",
"lastModified": "2023-07-19T15:15:10.330",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
@ -24,6 +24,10 @@
}
],
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2023/07/19/3",
"source": "security@apache.org"
},
{
"url": "https://lists.apache.org/thread/p8onhqox5kkwow9lc6gs03z28wtyp1cg",
"source": "security@apache.org"

8
CVE-2023/CVE-2023-28xx/CVE-2023-2828.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2828",
"sourceIdentifier": "security-officer@isc.org",
"published": "2023-06-21T17:15:47.703",
"lastModified": "2023-07-03T19:11:56.183",
"vulnStatus": "Analyzed",
"lastModified": "2023-07-19T12:15:09.810",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -304,6 +304,10 @@
"Vendor Advisory"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00021.html",
"source": "security-officer@isc.org"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SEFCEVCTYEMKTWA7V7EYPI5YQQ4JWDLI/",
"source": "security-officer@isc.org",

37
CVE-2023/CVE-2023-28xx/CVE-2023-2869.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2869",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-07-12T05:15:09.263",
"lastModified": "2023-07-12T12:46:30.047",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-19T13:56:00.660",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -46,18 +46,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wp-members_project:wp-members:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "3.4.8",
"matchCriteriaId": "4F80F2B3-DECC-4B00-A7D8-EEE27724D121"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/wp-members/trunk/includes/admin/tabs/class-wp-members-admin-tab-fields.php?rev=2895180#L799",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/2920897/wp-members/trunk/includes/admin/tabs/class-wp-members-admin-tab-fields.php",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/bf05a79a-0375-4c9d-bbf0-a87484327b87?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-292xx/CVE-2023-29259.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-29259",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-07-19T02:15:09.607",
"lastModified": "2023-07-19T02:15:09.607",
"vulnStatus": "Received",
"lastModified": "2023-07-19T12:47:14.573",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-292xx/CVE-2023-29260.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-29260",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-07-19T02:15:09.667",
"lastModified": "2023-07-19T02:15:09.667",
"vulnStatus": "Received",
"lastModified": "2023-07-19T12:47:14.573",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

74
CVE-2023/CVE-2023-293xx/CVE-2023-29315.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-29315",
"sourceIdentifier": "psirt@adobe.com",
"published": "2023-07-12T16:15:12.547",
"lastModified": "2023-07-12T17:58:12.737",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-19T15:42:01.287",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -13,7 +13,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@adobe.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -31,6 +31,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "psirt@adobe.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
@ -46,10 +66,56 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:indesign:*:*:*:*:*:*:*:*",
"versionStartIncluding": "17.0",
"versionEndExcluding": "17.4.2",
"matchCriteriaId": "7DBDFE18-69C8-4386-81B6-D9E7499E97C2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:indesign:*:*:*:*:*:*:*:*",
"versionStartIncluding": "18.0",
"versionEndExcluding": "18.4",
"matchCriteriaId": "614DEEFD-F66F-4D6F-BA8A-05575D199352"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/indesign/apsb23-38.html",
"source": "psirt@adobe.com"
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
]
}
]
}

74
CVE-2023/CVE-2023-293xx/CVE-2023-29316.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-29316",
"sourceIdentifier": "psirt@adobe.com",
"published": "2023-07-12T16:15:12.623",
"lastModified": "2023-07-12T17:58:12.737",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-19T15:42:22.723",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -13,7 +13,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@adobe.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -31,6 +31,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "psirt@adobe.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
@ -46,10 +66,56 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:indesign:*:*:*:*:*:*:*:*",
"versionStartIncluding": "17.0",
"versionEndExcluding": "17.4.2",
"matchCriteriaId": "7DBDFE18-69C8-4386-81B6-D9E7499E97C2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:indesign:*:*:*:*:*:*:*:*",
"versionStartIncluding": "18.0",
"versionEndExcluding": "18.4",
"matchCriteriaId": "614DEEFD-F66F-4D6F-BA8A-05575D199352"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/indesign/apsb23-38.html",
"source": "psirt@adobe.com"
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
]
}
]
}

74
CVE-2023/CVE-2023-293xx/CVE-2023-29317.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-29317",
"sourceIdentifier": "psirt@adobe.com",
"published": "2023-07-12T16:15:12.700",
"lastModified": "2023-07-12T17:58:12.737",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-19T15:42:41.643",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -13,7 +13,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@adobe.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -31,6 +31,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "psirt@adobe.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
@ -46,10 +66,56 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:indesign:*:*:*:*:*:*:*:*",
"versionStartIncluding": "17.0",
"versionEndExcluding": "17.4.2",
"matchCriteriaId": "7DBDFE18-69C8-4386-81B6-D9E7499E97C2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:indesign:*:*:*:*:*:*:*:*",
"versionStartIncluding": "18.0",
"versionEndExcluding": "18.4",
"matchCriteriaId": "614DEEFD-F66F-4D6F-BA8A-05575D199352"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/indesign/apsb23-38.html",
"source": "psirt@adobe.com"
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
]
}
]
}

74
CVE-2023/CVE-2023-293xx/CVE-2023-29318.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-29318",
"sourceIdentifier": "psirt@adobe.com",
"published": "2023-07-12T16:15:12.780",
"lastModified": "2023-07-12T17:58:12.737",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-19T15:42:57.663",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -13,7 +13,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@adobe.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -31,6 +31,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "psirt@adobe.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
@ -46,10 +66,56 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:indesign:*:*:*:*:*:*:*:*",
"versionStartIncluding": "17.0",
"versionEndExcluding": "17.4.2",
"matchCriteriaId": "7DBDFE18-69C8-4386-81B6-D9E7499E97C2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:indesign:*:*:*:*:*:*:*:*",
"versionStartIncluding": "18.0",
"versionEndExcluding": "18.4",
"matchCriteriaId": "614DEEFD-F66F-4D6F-BA8A-05575D199352"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/indesign/apsb23-38.html",
"source": "psirt@adobe.com"
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
]
}
]
}

86
CVE-2023/CVE-2023-293xx/CVE-2023-29319.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-29319",
"sourceIdentifier": "psirt@adobe.com",
"published": "2023-07-12T16:15:12.867",
"lastModified": "2023-07-12T17:58:12.737",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-19T15:41:02.070",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -13,7 +13,7 @@
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@adobe.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
@ -31,12 +31,32 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "psirt@adobe.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "psirt@adobe.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
@ -44,12 +64,68 @@
"value": "CWE-125"
}
]
},
{
"source": "psirt@adobe.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:indesign:*:*:*:*:*:*:*:*",
"versionStartIncluding": "17.0",
"versionEndExcluding": "17.4.2",
"matchCriteriaId": "7DBDFE18-69C8-4386-81B6-D9E7499E97C2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:indesign:*:*:*:*:*:*:*:*",
"versionStartIncluding": "18.0",
"versionEndExcluding": "18.4",
"matchCriteriaId": "614DEEFD-F66F-4D6F-BA8A-05575D199352"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/indesign/apsb23-38.html",
"source": "psirt@adobe.com"
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
]
}
]
}

6
CVE-2023/CVE-2023-29xx/CVE-2023-2975.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-2975",
"sourceIdentifier": "openssl-security@openssl.org",
"published": "2023-07-14T12:15:09.023",
"lastModified": "2023-07-15T13:15:09.607",
"lastModified": "2023-07-19T15:15:10.407",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
@ -16,6 +16,10 @@
"url": "http://www.openwall.com/lists/oss-security/2023/07/15/1",
"source": "openssl-security@openssl.org"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/07/19/5",
"source": "openssl-security@openssl.org"
},
{
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=00e2f5eea29994d19293ec4e8c8775ba73678598",
"source": "openssl-security@openssl.org"

4
CVE-2023/CVE-2023-304xx/CVE-2023-30433.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30433",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-07-19T01:15:09.833",
"lastModified": "2023-07-19T01:15:09.833",
"vulnStatus": "Received",
"lastModified": "2023-07-19T12:47:21.130",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

59
CVE-2023/CVE-2023-307xx/CVE-2023-30799.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-30799",
"sourceIdentifier": "disclosure@vulncheck.com",
"published": "2023-07-19T15:15:10.477",
"lastModified": "2023-07-19T15:15:10.477",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "MikroTik RouterOS stable before 6.49.7 and long-term through 6.48.6 are vulnerable to a privilege escalation issue. A remote and authenticated attacker can escalate privileges from admin to super-admin on the Winbox or HTTP interface. The attacker can abuse this vulnerability to execute arbitrary code on the system.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "disclosure@vulncheck.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 2.3,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "disclosure@vulncheck.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-269"
}
]
}
],
"references": [
{
"url": "https://github.com/MarginResearch/FOISted",
"source": "disclosure@vulncheck.com"
},
{
"url": "https://vulncheck.com/advisories/mikrotik-foisted",
"source": "disclosure@vulncheck.com"
}
]
}

54
CVE-2023/CVE-2023-30xx/CVE-2023-3011.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3011",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-07-12T05:15:09.350",
"lastModified": "2023-07-12T12:46:30.047",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-19T13:54:26.223",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -13,8 +13,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
@ -46,14 +66,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:armemberplugin:armember:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "4.0.6",
"matchCriteriaId": "EA9829C9-3086-43F6-9650-5C02C299505E"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/2932691/armember-membership/trunk/autoload.php",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/42f5f29b-2d83-4b15-82aa-0598f8a2317b?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

54
CVE-2023/CVE-2023-31xx/CVE-2023-3135.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3135",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-07-12T05:15:10.207",
"lastModified": "2023-07-12T12:46:30.047",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-19T15:30:54.893",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -13,8 +13,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
@ -46,14 +66,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oacstudio:mailtree_log_mail:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.0.0",
"matchCriteriaId": "A0E45A81-B1A8-4CD0-AEFC-01BBCE24F475"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/2928716/mailtree-log-mail",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/24d0229c-0f1b-42df-b89a-ce0b8a3fda7e?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-326xx/CVE-2023-32635.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32635",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2023-07-19T06:15:12.787",
"lastModified": "2023-07-19T06:15:12.787",
"vulnStatus": "Received",
"lastModified": "2023-07-19T12:47:14.573",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

59
CVE-2023/CVE-2023-326xx/CVE-2023-32664.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-32664",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-07-19T14:15:10.207",
"lastModified": "2023-07-19T15:15:10.557",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A type confusion vulnerability exists in the Javascript checkThisBox method as implemented in Foxit Reader 12.1.2.15332. A specially-crafted Javascript code inside a malicious PDF document can cause memory corruption and lead to remote code execution. User would need to open a malicious file to trigger the vulnerability."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "talos-cna@cisco.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-843"
}
]
}
],
"references": [
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1795",
"source": "talos-cna@cisco.com"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1795",
"source": "talos-cna@cisco.com"
}
]
}

133
CVE-2023/CVE-2023-331xx/CVE-2023-33167.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-33167",
"sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-11T18:15:15.487",
"lastModified": "2023-07-12T12:46:51.683",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-19T15:44:42.697",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -13,8 +13,28 @@
"metrics": {
"cvssMetricV31": [
{
"source": "secure@microsoft.com",
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "secure@microsoft.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
@ -34,10 +54,115 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.10240.20048",
"matchCriteriaId": "CA7DB0E9-3DCD-4FAE-8F9A-20D15E061ED7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.6085",
"matchCriteriaId": "8557A170-443F-49D3-9041-0D883E6CB556"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.4645",
"matchCriteriaId": "E7CD9EA5-EB3A-4C42-B208-75590288F6F6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19041.3208",
"matchCriteriaId": "22A20A25-6FDE-4715-873E-E7FBF2DFABCA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19045.3208",
"matchCriteriaId": "7408C04A-729A-4CFF-8AF0-97A18BB2BD9C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22000.2176",
"matchCriteriaId": "F10BCA0D-417F-42E3-93BF-2C227357702B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22621.1992",
"matchCriteriaId": "B1C277B2-DE09-453D-B33E-42917E11D0E5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*",
"matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33167",
"source": "secure@microsoft.com"
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-338xx/CVE-2023-33832.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-33832",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-07-19T01:15:10.197",
"lastModified": "2023-07-19T01:15:10.197",
"vulnStatus": "Received",
"lastModified": "2023-07-19T12:47:21.130",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

59
CVE-2023/CVE-2023-338xx/CVE-2023-33866.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-33866",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-07-19T14:15:10.297",
"lastModified": "2023-07-19T15:15:10.637",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A use-after-free vulnerability exists in the JavaScript engine of Foxit Software\u2019s PDF Reader, version 12.1.2.15332. By prematurely deleting objects associated with pages, a specially crafted PDF document can trigger the reuse of previously freed memory, which can lead to arbitrary code execution. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability. Exploitation is also possible if a user visits a specially crafted, malicious site if the browser plugin extension is enabled."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "talos-cna@cisco.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"references": [
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1757",
"source": "talos-cna@cisco.com"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1757",
"source": "talos-cna@cisco.com"
}
]
}

59
CVE-2023/CVE-2023-338xx/CVE-2023-33876.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-33876",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-07-19T14:15:10.393",
"lastModified": "2023-07-19T15:15:10.797",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A use-after-free vulnerability exists in the way Foxit Reader 12.1.2.15332 handles destroying annotations. A specially-crafted Javascript code inside a malicious PDF document can trigger reuse of a previously freed object which can lead to memory corruption and result in arbitrary code execution. A specially-crafted Javascript code inside a malicious PDF document can cause memory corruption and lead to remote code execution. Exploitation is also possible if a user visits a specially-crafted, malicious site if the browser plugin extension is enabled."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "talos-cna@cisco.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"references": [
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1796",
"source": "talos-cna@cisco.com"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1796",
"source": "talos-cna@cisco.com"
}
]
}

66
CVE-2023/CVE-2023-339xx/CVE-2023-33989.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-33989",
"sourceIdentifier": "cna@sap.com",
"published": "2023-07-11T03:15:09.587",
"lastModified": "2023-07-11T12:43:16.387",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-19T12:53:57.597",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2
},
{
"source": "cna@sap.com",
"type": "Secondary",
@ -46,14 +66,52 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_bi_content:707:*:*:*:*:*:*:*",
"matchCriteriaId": "BD582724-499B-448A-BCC1-308E4BF4F0E8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_bi_content:737:*:*:*:*:*:*:*",
"matchCriteriaId": "32710905-F628-494B-BD88-30BA5DC9B995"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_bi_content:747:*:*:*:*:*:*:*",
"matchCriteriaId": "B67959BB-333F-4EC1-88BC-F4CB4B7185EF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_bi_content:757:*:*:*:*:*:*:*",
"matchCriteriaId": "1E3ACFF9-B538-4693-939A-90426AA1DFC8"
}
]
}
]
}
],
"references": [
{
"url": "https://me.sap.com/notes/3331376",
"source": "cna@sap.com"
"source": "cna@sap.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html",
"source": "cna@sap.com"
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
]
}
]
}

51
CVE-2023/CVE-2023-339xx/CVE-2023-33990.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-33990",
"sourceIdentifier": "cna@sap.com",
"published": "2023-07-11T03:15:09.657",
"lastModified": "2023-07-11T12:43:16.387",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-19T12:57:09.040",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2
},
{
"source": "cna@sap.com",
"type": "Secondary",
@ -46,14 +66,37 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:sql_anywhere:17.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1258DB1C-4377-4A3F-8642-5263C026E0CA"
}
]
}
]
}
],
"references": [
{
"url": "https://me.sap.com/notes/3331029",
"source": "cna@sap.com"
"source": "cna@sap.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html",
"source": "cna@sap.com"
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
]
}
]
}

81
CVE-2023/CVE-2023-339xx/CVE-2023-33992.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-33992",
"sourceIdentifier": "cna@sap.com",
"published": "2023-07-11T03:15:09.717",
"lastModified": "2023-07-11T12:43:16.387",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-19T13:24:24.817",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "cna@sap.com",
"type": "Secondary",
@ -46,14 +66,67 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:business_warehouse:730:*:*:*:*:*:*:*",
"matchCriteriaId": "EF8F2CE3-BA4B-4A9C-A284-87F0AB797B92"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:business_warehouse:731:*:*:*:*:*:*:*",
"matchCriteriaId": "00732AD2-BEED-4C1F-AC39-46E6F33CBB5E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:business_warehouse:740:*:*:*:*:*:*:*",
"matchCriteriaId": "EC7DABAD-36FA-49D7-8C3C-3AA49604BE37"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:business_warehouse:750:*:*:*:*:*:*:*",
"matchCriteriaId": "526C11C6-B67D-49F1-94E6-A324AA581EDD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:bw\\/4hana:100:*:*:*:*:*:*:*",
"matchCriteriaId": "BCD13072-E149-45FB-BD46-E3D48D81216B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:bw\\/4hana:200:*:*:*:*:*:*:*",
"matchCriteriaId": "704134B4-A642-488F-94B3-48A744C46A1A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:bw\\/4hana:300:*:*:*:*:*:*:*",
"matchCriteriaId": "7CCF4C28-1C0B-43C3-A870-C30F53BCAA2B"
}
]
}
]
}
],
"references": [
{
"url": "https://me.sap.com/notes/3088078",
"source": "cna@sap.com"
"source": "cna@sap.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html",
"source": "cna@sap.com"
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
]
}
]
}

43
CVE-2023/CVE-2023-340xx/CVE-2023-34034.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-34034",
"sourceIdentifier": "security@vmware.com",
"published": "2023-07-19T15:15:11.127",
"lastModified": "2023-07-19T15:15:11.127",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Using \"**\" as a pattern in Spring Security configuration \nfor WebFlux creates a mismatch in pattern matching between Spring \nSecurity and Spring WebFlux, and the potential for a security bypass.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@vmware.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2
}
]
},
"references": [
{
"url": "https://spring.io/security/cve-2023-34034",
"source": "security@vmware.com"
}
]
}

44
CVE-2023/CVE-2023-34xx/CVE-2023-3446.json Normal file
View File

@ -0,0 +1,44 @@
{
"id": "CVE-2023-3446",
"sourceIdentifier": "openssl-security@openssl.org",
"published": "2023-07-19T12:15:10.003",
"lastModified": "2023-07-19T15:15:11.197",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Issue summary: Checking excessively long DH keys or parameters may be very slow.\n\nImpact summary: Applications that use the functions DH_check(), DH_check_ex()\nor EVP_PKEY_param_check() to check a DH key or DH parameters may experience long\ndelays. Where the key or parameters that are being checked have been obtained\nfrom an untrusted source this may lead to a Denial of Service.\n\nThe function DH_check() performs various checks on DH parameters. One of those\nchecks confirms that the modulus ('p' parameter) is not too large. Trying to use\na very large modulus is slow and OpenSSL will not normally use a modulus which\nis over 10,000 bits in length.\n\nHowever the DH_check() function checks numerous aspects of the key or parameters\nthat have been supplied. Some of those checks use the supplied modulus value\neven if it has already been found to be too large.\n\nAn application that calls DH_check() and supplies a key or parameters obtained\nfrom an untrusted source could be vulernable to a Denial of Service attack.\n\nThe function DH_check() is itself called by a number of other OpenSSL functions.\nAn application calling any of those other functions may similarly be affected.\nThe other functions affected by this are DH_check_ex() and\nEVP_PKEY_param_check().\n\nAlso vulnerable are the OpenSSL dhparam and pkeyparam command line applications\nwhen using the '-check' option.\n\nThe OpenSSL SSL/TLS implementation is not affected by this issue.\nThe OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue."
}
],
"metrics": {},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2023/07/19/4",
"source": "openssl-security@openssl.org"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/07/19/5",
"source": "openssl-security@openssl.org"
},
{
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1fa20cf2f506113c761777127a38bce5068740eb",
"source": "openssl-security@openssl.org"
},
{
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8780a896543a654e757db1b9396383f9d8095528",
"source": "openssl-security@openssl.org"
},
{
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9a0a4d3c1e7138915563c0df4fe6a3f9377b839c",
"source": "openssl-security@openssl.org"
},
{
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc9867c1e03c22ebf56943be205202e576aabf23",
"source": "openssl-security@openssl.org"
},
{
"url": "https://www.openssl.org/news/secadv/20230719.txt",
"source": "openssl-security@openssl.org"
}
]
}

55
CVE-2023/CVE-2023-34xx/CVE-2023-3463.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-3463",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2023-07-19T14:15:10.620",
"lastModified": "2023-07-19T14:15:10.620",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\nAll versions of GE Digital CIMPLICITY that are not adhering to SDG guidance and accepting documents from untrusted sources are vulnerable to memory corruption issues due to insufficient input validation, including issues such as out-of-bounds reads and writes, use-after-free, stack-based buffer overflows, uninitialized pointers, and a heap-based buffer overflow. Successful exploitation could allow an attacker to execute arbitrary code.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 4.7
}
]
},
"weaknesses": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-122"
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-199-06",
"source": "ics-cert@hq.dhs.gov"
}
]
}

78
CVE-2023/CVE-2023-358xx/CVE-2023-35870.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35870",
"sourceIdentifier": "cna@sap.com",
"published": "2023-07-11T03:15:09.800",
"lastModified": "2023-07-11T12:43:16.387",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-19T13:35:31.873",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
},
{
"source": "cna@sap.com",
"type": "Secondary",
@ -36,8 +56,18 @@
},
"weaknesses": [
{
"source": "cna@sap.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
},
{
"source": "cna@sap.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -46,14 +76,52 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:s4core:104:*:*:*:*:*:*:*",
"matchCriteriaId": "964023CE-6EA4-42BB-93B2-DCE6B36D3F89"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:s4core:105:*:*:*:*:*:*:*",
"matchCriteriaId": "84B775EF-6C11-4FAB-B5E7-8F6C4C5674BE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:s4core:106:*:*:*:*:*:*:*",
"matchCriteriaId": "14D17245-5B6D-4024-AFA6-8E0A70B294BF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:s4core:107:*:*:*:*:*:*:*",
"matchCriteriaId": "5DEFABE8-1797-4C7B-941C-3205AE90914B"
}
]
}
]
}
],
"references": [
{
"url": "https://me.sap.com/notes/3341211",
"source": "cna@sap.com"
"source": "cna@sap.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html",
"source": "cna@sap.com"
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
]
}
]
}

51
CVE-2023/CVE-2023-358xx/CVE-2023-35872.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35872",
"sourceIdentifier": "cna@sap.com",
"published": "2023-07-11T03:15:09.930",
"lastModified": "2023-07-11T12:43:16.387",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-19T13:36:59.200",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
},
{
"source": "cna@sap.com",
"type": "Secondary",
@ -46,14 +66,37 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_process_integration:7.50:*:*:*:*:*:*:*",
"matchCriteriaId": "2A3A3226-28D1-4B43-942B-F41BD340E746"
}
]
}
]
}
],
"references": [
{
"url": "https://me.sap.com/notes/3343564",
"source": "cna@sap.com"
"source": "cna@sap.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html",
"source": "cna@sap.com"
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
]
}
]
}

63
CVE-2023/CVE-2023-358xx/CVE-2023-35873.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35873",
"sourceIdentifier": "cna@sap.com",
"published": "2023-07-11T03:15:09.993",
"lastModified": "2023-07-11T12:43:16.387",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-19T15:27:53.343",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
},
{
"source": "cna@sap.com",
"type": "Secondary",
@ -36,7 +56,7 @@
},
"weaknesses": [
{
"source": "cna@sap.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
@ -44,16 +64,49 @@
"value": "CWE-306"
}
]
},
{
"source": "cna@sap.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-306"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_process_integration:7.50:*:*:*:*:*:*:*",
"matchCriteriaId": "2A3A3226-28D1-4B43-942B-F41BD340E746"
}
]
}
]
}
],
"references": [
{
"url": "https://me.sap.com/notes/3343547",
"source": "cna@sap.com"
"source": "cna@sap.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html",
"source": "cna@sap.com"
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
]
}
]
}

8
CVE-2023/CVE-2023-358xx/CVE-2023-35898.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-35898",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-07-19T01:15:10.670",
"lastModified": "2023-07-19T01:15:10.670",
"vulnStatus": "Received",
"lastModified": "2023-07-19T12:47:21.130",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "IBM InfoSphere Information Server 11.7 could allow an authenticated user to obtain sensitive information due to an insecure security configuration in InfoSphere Data Flow Designer. IBM X-Force ID: 259352."
},
{
"lang": "es",
"value": "IBM InfoSphere Information Server v11.7 podr\u00eda permitir a un usuario autenticado obtener informaci\u00f3n confidencial debido a una configuraci\u00f3n de seguridad insegura en \"InfoSphere Data Flow Designer\". IBM X-Force ID: 259352."
}
],
"metrics": {

4
CVE-2023/CVE-2023-359xx/CVE-2023-35900.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35900",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-07-19T01:15:10.747",
"lastModified": "2023-07-19T01:15:10.747",
"vulnStatus": "Received",
"lastModified": "2023-07-19T12:47:21.130",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

209
CVE-2023/CVE-2023-359xx/CVE-2023-35920.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35920",
"sourceIdentifier": "productcert@siemens.com",
"published": "2023-07-11T10:15:10.543",
"lastModified": "2023-07-11T12:43:16.387",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-19T14:58:06.770",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "productcert@siemens.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "productcert@siemens.com",
"type": "Secondary",
@ -46,10 +76,183 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_mv540_h_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.3.4",
"matchCriteriaId": "443FA290-C457-4B6A-B7D0-D93A9891422D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_mv540_h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "18944887-DE3F-4FB4-88D2-1C8EC89A1481"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_mv540_s_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.3.4",
"matchCriteriaId": "93539B72-DB14-467F-B18E-09E02FC32AA2"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_mv540_s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4B016178-2DCB-417C-B20F-8B9E1904BE8C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_mv550_h_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.3.4",
"matchCriteriaId": "D57AB6A9-9462-4E86-8375-18D8E7B33A68"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_mv550_h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "324A87A6-2DC6-4797-8191-0BE2D8D1F9FC"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_mv550_s_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.3.4",
"matchCriteriaId": "68DA4485-B7D7-4650-89D2-109555CA31E7"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_mv550_s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4B6E1134-8C21-4045-BD02-F44250474C40"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_mv560_u_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.3.4",
"matchCriteriaId": "A48A7347-0E33-4D16-AA61-B76C561C95B3"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_mv560_u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D2FBB8F8-C886-4A2B-8808-6E3D6A57B271"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_mv560_x_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.3.4",
"matchCriteriaId": "D6AF3675-11B7-4FB3-8151-3D307204CE9A"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_mv560_x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAA25C73-59D0-469D-BE6F-6188F645C1D9"
}
]
}
]
}
],
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-561322.pdf",
"source": "productcert@siemens.com"
"source": "productcert@siemens.com",
"tags": [
"Vendor Advisory"
]
}
]
}

209
CVE-2023/CVE-2023-359xx/CVE-2023-35921.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35921",
"sourceIdentifier": "productcert@siemens.com",
"published": "2023-07-11T10:15:10.610",
"lastModified": "2023-07-11T12:43:16.387",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-19T15:21:30.293",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "productcert@siemens.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "productcert@siemens.com",
"type": "Secondary",
@ -46,10 +76,183 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_mv540_h_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.3.4",
"matchCriteriaId": "443FA290-C457-4B6A-B7D0-D93A9891422D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_mv540_h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "18944887-DE3F-4FB4-88D2-1C8EC89A1481"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_mv540_s_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.3.4",
"matchCriteriaId": "93539B72-DB14-467F-B18E-09E02FC32AA2"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_mv540_s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4B016178-2DCB-417C-B20F-8B9E1904BE8C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_mv550_h_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.3.4",
"matchCriteriaId": "D57AB6A9-9462-4E86-8375-18D8E7B33A68"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_mv550_h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "324A87A6-2DC6-4797-8191-0BE2D8D1F9FC"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_mv550_s_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.3.4",
"matchCriteriaId": "68DA4485-B7D7-4650-89D2-109555CA31E7"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_mv550_s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4B6E1134-8C21-4045-BD02-F44250474C40"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_mv560_u_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.3.4",
"matchCriteriaId": "A48A7347-0E33-4D16-AA61-B76C561C95B3"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_mv560_u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D2FBB8F8-C886-4A2B-8808-6E3D6A57B271"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_mv560_x_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.3.4",
"matchCriteriaId": "D6AF3675-11B7-4FB3-8151-3D307204CE9A"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_mv560_x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAA25C73-59D0-469D-BE6F-6188F645C1D9"
}
]
}
]
}
],
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-561322.pdf",
"source": "productcert@siemens.com"
"source": "productcert@siemens.com",
"tags": [
"Vendor Advisory"
]
}
]
}

66
CVE-2023/CVE-2023-35xx/CVE-2023-3568.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3568",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-07-10T16:15:56.450",
"lastModified": "2023-07-10T16:27:17.833",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-19T15:58:44.357",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -36,8 +58,18 @@
},
"weaknesses": [
{
"source": "security@huntr.dev",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-601"
}
]
},
{
"source": "security@huntr.dev",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -46,14 +78,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fossbilling:fossbilling:*:*:*:*:*:*:*:*",
"versionEndExcluding": "0.5.4",
"matchCriteriaId": "FD927918-5473-4C93-876B-CD900A091403"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/fossbilling/fossbilling/commit/f6348643d230a13427d8ab9213463dadbb68818f",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Patch"
]
},
{
"url": "https://huntr.dev/bounties/f3782eb1-049b-4998-aac4-d9798ec1c123",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Exploit"
]
}
]
}

66
CVE-2023/CVE-2023-35xx/CVE-2023-3574.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3574",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-07-10T16:15:56.527",
"lastModified": "2023-07-10T16:27:17.833",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-19T15:58:24.693",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -36,8 +58,18 @@
},
"weaknesses": [
{
"source": "security@huntr.dev",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
},
{
"source": "security@huntr.dev",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -46,14 +78,38 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pimcore:customer_management_framework:*:*:*:*:*:pimcore:*:*",
"versionEndExcluding": "3.4.1",
"matchCriteriaId": "42F483FD-ED43-48AB-8A38-71820B860CBF"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/pimcore/customer-data-framework/commit/f15668c86db254e86ba7ac895bc3cdd1a2a3cc45",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Patch"
]
},
{
"url": "https://huntr.dev/bounties/1dcb4f01-e668-4aa3-a6a3-838532e500c6",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Exploit"
]
}
]
}

60
CVE-2023/CVE-2023-35xx/CVE-2023-3578.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3578",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-10T16:15:56.597",
"lastModified": "2023-07-10T16:27:17.833",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-19T15:58:04.330",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,18 +93,46 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:dedecms:dedecms:5.7.109:*:*:*:*:*:*:*",
"matchCriteriaId": "185B38A0-3F0F-436F-B145-D986C4A8AD11"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/nightcloudos/cve/blob/main/SSRF.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.233371",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.233371",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

61
CVE-2023/CVE-2023-35xx/CVE-2023-3579.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3579",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-10T16:15:56.663",
"lastModified": "2023-07-10T16:27:17.833",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-19T15:52:19.567",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,18 +93,47 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hadsky:hadsky:7.11.8:*:*:*:*:*:*:*",
"matchCriteriaId": "48A521DC-3CBF-46B4-A1BF-6F048CF5E3A3"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/nightcloudos/cve/blob/main/CSRF.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.233372",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.233372",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
}
]
}

8
CVE-2023/CVE-2023-360xx/CVE-2023-36053.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36053",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-03T13:15:09.737",
"lastModified": "2023-07-11T14:26:13.900",
"vulnStatus": "Analyzed",
"lastModified": "2023-07-19T14:15:10.500",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -94,6 +94,10 @@
"Release Notes"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00022.html",
"source": "cve@mitre.org"
},
{
"url": "https://www.djangoproject.com/weblog/2023/jul/03/security-releases/",
"source": "cve@mitre.org",

209
CVE-2023/CVE-2023-365xx/CVE-2023-36521.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36521",
"sourceIdentifier": "productcert@siemens.com",
"published": "2023-07-11T10:15:10.897",
"lastModified": "2023-07-11T12:43:16.387",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-19T15:21:04.790",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "productcert@siemens.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-770"
}
]
},
{
"source": "productcert@siemens.com",
"type": "Secondary",
@ -46,10 +76,183 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_mv540_h_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.3.4",
"matchCriteriaId": "443FA290-C457-4B6A-B7D0-D93A9891422D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_mv540_h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "18944887-DE3F-4FB4-88D2-1C8EC89A1481"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_mv540_s_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.3.4",
"matchCriteriaId": "93539B72-DB14-467F-B18E-09E02FC32AA2"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_mv540_s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4B016178-2DCB-417C-B20F-8B9E1904BE8C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_mv550_h_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.3.4",
"matchCriteriaId": "D57AB6A9-9462-4E86-8375-18D8E7B33A68"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_mv550_h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "324A87A6-2DC6-4797-8191-0BE2D8D1F9FC"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_mv550_s_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.3.4",
"matchCriteriaId": "68DA4485-B7D7-4650-89D2-109555CA31E7"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_mv550_s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4B6E1134-8C21-4045-BD02-F44250474C40"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_mv560_u_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.3.4",
"matchCriteriaId": "A48A7347-0E33-4D16-AA61-B76C561C95B3"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_mv560_u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D2FBB8F8-C886-4A2B-8808-6E3D6A57B271"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_mv560_x_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.3.4",
"matchCriteriaId": "D6AF3675-11B7-4FB3-8151-3D307204CE9A"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_mv560_x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAA25C73-59D0-469D-BE6F-6188F645C1D9"
}
]
}
]
}
],
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-561322.pdf",
"source": "productcert@siemens.com"
"source": "productcert@siemens.com",
"tags": [
"Vendor Advisory"
]
}
]
}

61
CVE-2023/CVE-2023-36xx/CVE-2023-3625.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3625",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-11T18:15:20.903",
"lastModified": "2023-07-12T12:46:41.413",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-19T15:59:56.657",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,18 +93,47 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:istrong:mountain_flood_disaster_prevention_monitoring_and_early_warning_system:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2023-07-06",
"matchCriteriaId": "4A193D61-0E65-43A9-845F-90B73355D374"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/MoeMion233/cve/blob/main/1.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.233578",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.233578",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

55
CVE-2023/CVE-2023-36xx/CVE-2023-3638.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-3638",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2023-07-19T15:15:11.257",
"lastModified": "2023-07-19T15:15:11.257",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In GeoVision GV-ADR2701 cameras, an attacker could edit the login response to access the web application.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-199-05",
"source": "ics-cert@hq.dhs.gov"
}
]
}

64
CVE-2023/CVE-2023-371xx/CVE-2023-37174.json
View File

@ -2,19 +2,75 @@
"id": "CVE-2023-37174",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-11T23:15:09.120",
"lastModified": "2023-07-12T12:46:41.413",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-19T13:19:23.043",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "GPAC v2.3-DEV-rev381-g817a848f6-master was discovered to contain a segmentation violation in the dump_isom_scene function at /mp4box/filedump.c."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gpac:gpac:2.3-dev-rev381-g817a848f6-master:*:*:*:*:*:*:*",
"matchCriteriaId": "264FC010-3E8E-4717-8828-B8F53234EECB"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/gpac/gpac/issues/2505",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
]
}
]
}

64
CVE-2023/CVE-2023-377xx/CVE-2023-37765.json
View File

@ -2,19 +2,75 @@
"id": "CVE-2023-37765",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-11T23:15:09.167",
"lastModified": "2023-07-12T12:46:41.413",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-19T13:23:02.507",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "GPAC v2.3-DEV-rev381-g817a848f6-master was discovered to contain a segmentation violation in the gf_dump_vrml_sffield function at /lib/libgpac.so."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gpac:gpac:2.3-dev-rev381-g817a848f6-master:*:*:*:*:*:*:*",
"matchCriteriaId": "264FC010-3E8E-4717-8828-B8F53234EECB"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/gpac/gpac/issues/2515",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
]
}
]
}

64
CVE-2023/CVE-2023-377xx/CVE-2023-37766.json
View File

@ -2,19 +2,75 @@
"id": "CVE-2023-37766",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-11T23:15:09.210",
"lastModified": "2023-07-12T12:46:41.413",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-19T13:23:09.597",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "GPAC v2.3-DEV-rev381-g817a848f6-master was discovered to contain a segmentation violation in the gf_isom_remove_user_data function at /lib/libgpac.so."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gpac:gpac:2.3-dev-rev381-g817a848f6-master:*:*:*:*:*:*:*",
"matchCriteriaId": "264FC010-3E8E-4717-8828-B8F53234EECB"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/gpac/gpac/issues/2516",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
]
}
]
}

64
CVE-2023/CVE-2023-377xx/CVE-2023-37767.json
View File

@ -2,19 +2,75 @@
"id": "CVE-2023-37767",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-11T23:15:09.250",
"lastModified": "2023-07-12T12:46:41.413",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-07-19T13:23:15.433",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "GPAC v2.3-DEV-rev381-g817a848f6-master was discovered to contain a segmentation violation in the BM_ParseIndexValueReplace function at /lib/libgpac.so."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gpac:gpac:2.3-dev-rev381-g817a848f6-master:*:*:*:*:*:*:*",
"matchCriteriaId": "264FC010-3E8E-4717-8828-B8F53234EECB"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/gpac/gpac/issues/2514",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-37xx/CVE-2023-3751.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3751",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-19T00:15:09.913",
"lastModified": "2023-07-19T00:15:09.913",
"vulnStatus": "Received",
"lastModified": "2023-07-19T12:47:21.130",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-37xx/CVE-2023-3752.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3752",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-19T02:15:09.747",
"lastModified": "2023-07-19T02:15:09.747",
"vulnStatus": "Received",
"lastModified": "2023-07-19T12:47:14.573",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

8
CVE-2023/CVE-2023-37xx/CVE-2023-3753.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-3753",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-19T02:15:09.820",
"lastModified": "2023-07-19T02:15:09.820",
"vulnStatus": "Received",
"lastModified": "2023-07-19T12:47:14.573",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as problematic has been found in Creativeitem Mastery LMS 1.2. This affects an unknown part of the file /browse. The manipulation of the argument search/featured/recommended/skill leads to cross site scripting. It is possible to initiate the attack remotely. The associated identifier of this vulnerability is VDB-234423. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad clasificada como problem\u00e1tica en Creativeitem Mastery LMS v1.2. Esto afecta a una parte desconocida del archivo \"/browse\". La manipulaci\u00f3n del argumento \"search/featured/recommended/skill\" conduce a Cross-Site Scripting (XSS). Es posible iniciar el ataque de forma remota. El identificador asociado a esta vulnerabilidad es VDB-234423. NOTA: Se contact\u00f3 con el proveedor con antelaci\u00f3n acerca de esta divulgaci\u00f3n, pero no respondi\u00f3 de ninguna manera. "
}
],
"metrics": {

4
CVE-2023/CVE-2023-37xx/CVE-2023-3754.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3754",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-19T03:15:10.297",
"lastModified": "2023-07-19T03:15:10.297",
"vulnStatus": "Received",
"lastModified": "2023-07-19T12:47:14.573",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

8
CVE-2023/CVE-2023-37xx/CVE-2023-3755.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-3755",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-19T04:15:10.190",
"lastModified": "2023-07-19T04:15:10.190",
"vulnStatus": "Received",
"lastModified": "2023-07-19T12:47:14.573",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in Creativeitem Atlas Business Directory Listing 2.13 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /home/filter_listings. The manipulation of the argument price-range leads to cross site scripting. The attack can be launched remotely. The associated identifier of this vulnerability is VDB-234427. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad en Creativeitem Atlas Business Directory Listing v2.13 y se ha clasificado como problem\u00e1tica. Esta vulnerabilidad afecta a una funcionalidad desconocida del archivo \"/home/filter_listings\". La manipulaci\u00f3n del argumento \"price-range\" conduce a Cross-Site Scripting (XSS). El ataque puede ser lanzado remotamente. El identificador asociado de esta vulnerabilidad es VDB-234427. NOTA: El vendedor fue contactado acerca de esta divulgaci\u00f3n pero no respondi\u00f3 de ninguna manera. "
}
],
"metrics": {

8
CVE-2023/CVE-2023-37xx/CVE-2023-3756.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-3756",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-19T04:15:10.270",
"lastModified": "2023-07-19T04:15:10.270",
"vulnStatus": "Received",
"lastModified": "2023-07-19T12:47:14.573",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Creativeitem Atlas Business Directory Listing 2.13 and classified as problematic. Affected by this issue is some unknown functionality of the file /home/search. The manipulation of the argument search_string leads to cross site scripting. The attack may be launched remotely. The identifier of this vulnerability is VDB-234428. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad en Creativeitem Atlas Business Directory Listing v2.13 y se ha clasificado como problem\u00e1tica. Este problema afecta a una funcionalidad desconocida del archivo \"/home/search\". La manipulaci\u00f3n del argumento \"search_string\" conduce a Cross-Site Scripting (XSS). El ataque puede ser lanzado remotamente. El identificador de esta vulnerabilidad es VDB-234428. NOTA: Se contact\u00f3 con el proveedor con antelaci\u00f3n acerca de esta divulgaci\u00f3n, pero no respondi\u00f3 de ninguna manera. "
}
],
"metrics": {

4
CVE-2023/CVE-2023-37xx/CVE-2023-3757.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3757",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-19T05:15:10.377",
"lastModified": "2023-07-19T05:15:10.377",
"vulnStatus": "Received",
"lastModified": "2023-07-19T12:47:14.573",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-37xx/CVE-2023-3759.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3759",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-19T05:15:10.503",
"lastModified": "2023-07-19T05:15:10.503",
"vulnStatus": "Received",
"lastModified": "2023-07-19T12:47:14.573",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-37xx/CVE-2023-3760.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3760",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-19T06:15:13.470",
"lastModified": "2023-07-19T06:15:13.470",
"vulnStatus": "Received",
"lastModified": "2023-07-19T12:47:14.573",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-37xx/CVE-2023-3761.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3761",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-19T06:15:13.897",
"lastModified": "2023-07-19T06:15:13.897",
"vulnStatus": "Received",
"lastModified": "2023-07-19T12:47:14.573",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-37xx/CVE-2023-3762.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3762",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-19T07:15:08.813",
"lastModified": "2023-07-19T07:15:08.813",
"vulnStatus": "Received",
"lastModified": "2023-07-19T12:47:14.573",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-37xx/CVE-2023-3763.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3763",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-19T07:15:09.007",
"lastModified": "2023-07-19T07:15:09.007",
"vulnStatus": "Received",
"lastModified": "2023-07-19T12:47:14.573",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-37xx/CVE-2023-3765.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3765",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-07-19T01:15:10.847",
"lastModified": "2023-07-19T01:15:10.847",
"vulnStatus": "Received",
"lastModified": "2023-07-19T12:47:21.130",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

47
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-07-19T12:00:25.657455+00:00
2023-07-19T16:01:05.735904+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-07-19T11:53:32.750000+00:00
2023-07-19T15:59:56.657000+00:00
```
### Last Data Feed Release
@ -29,20 +29,55 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
220672
220683
```
### CVEs added in the last Commit
Recently added CVEs: `0`
Recently added CVEs: `11`
* [CVE-2022-40896](CVE-2022/CVE-2022-408xx/CVE-2022-40896.json) (`2023-07-19T15:15:10.007`)
* [CVE-2023-3463](CVE-2023/CVE-2023-34xx/CVE-2023-3463.json) (`2023-07-19T14:15:10.620`)
* [CVE-2023-27379](CVE-2023/CVE-2023-273xx/CVE-2023-27379.json) (`2023-07-19T14:15:10.000`)
* [CVE-2023-28744](CVE-2023/CVE-2023-287xx/CVE-2023-28744.json) (`2023-07-19T14:15:10.117`)
* [CVE-2023-30799](CVE-2023/CVE-2023-307xx/CVE-2023-30799.json) (`2023-07-19T15:15:10.477`)
* [CVE-2023-32664](CVE-2023/CVE-2023-326xx/CVE-2023-32664.json) (`2023-07-19T14:15:10.207`)
* [CVE-2023-33866](CVE-2023/CVE-2023-338xx/CVE-2023-33866.json) (`2023-07-19T14:15:10.297`)
* [CVE-2023-33876](CVE-2023/CVE-2023-338xx/CVE-2023-33876.json) (`2023-07-19T14:15:10.393`)
* [CVE-2023-34034](CVE-2023/CVE-2023-340xx/CVE-2023-34034.json) (`2023-07-19T15:15:11.127`)
* [CVE-2023-3446](CVE-2023/CVE-2023-34xx/CVE-2023-3446.json) (`2023-07-19T12:15:10.003`)
* [CVE-2023-3638](CVE-2023/CVE-2023-36xx/CVE-2023-3638.json) (`2023-07-19T15:15:11.257`)
### CVEs modified in the last Commit
Recently modified CVEs: `1`
Recently modified CVEs: `76`
* [CVE-2020-36750](CVE-2020/CVE-2020-367xx/CVE-2020-36750.json) (`2023-07-19T11:53:32.750`)
* [CVE-2023-35872](CVE-2023/CVE-2023-358xx/CVE-2023-35872.json) (`2023-07-19T13:36:59.200`)
* [CVE-2023-3011](CVE-2023/CVE-2023-30xx/CVE-2023-3011.json) (`2023-07-19T13:54:26.223`)
* [CVE-2023-2869](CVE-2023/CVE-2023-28xx/CVE-2023-2869.json) (`2023-07-19T13:56:00.660`)
* [CVE-2023-2562](CVE-2023/CVE-2023-25xx/CVE-2023-2562.json) (`2023-07-19T14:07:58.010`)
* [CVE-2023-36053](CVE-2023/CVE-2023-360xx/CVE-2023-36053.json) (`2023-07-19T14:15:10.500`)
* [CVE-2023-1936](CVE-2023/CVE-2023-19xx/CVE-2023-1936.json) (`2023-07-19T14:26:15.807`)
* [CVE-2023-35920](CVE-2023/CVE-2023-359xx/CVE-2023-35920.json) (`2023-07-19T14:58:06.770`)
* [CVE-2023-28754](CVE-2023/CVE-2023-287xx/CVE-2023-28754.json) (`2023-07-19T15:15:10.330`)
* [CVE-2023-2975](CVE-2023/CVE-2023-29xx/CVE-2023-2975.json) (`2023-07-19T15:15:10.407`)
* [CVE-2023-36521](CVE-2023/CVE-2023-365xx/CVE-2023-36521.json) (`2023-07-19T15:21:04.790`)
* [CVE-2023-35921](CVE-2023/CVE-2023-359xx/CVE-2023-35921.json) (`2023-07-19T15:21:30.293`)
* [CVE-2023-35873](CVE-2023/CVE-2023-358xx/CVE-2023-35873.json) (`2023-07-19T15:27:53.343`)
* [CVE-2023-3135](CVE-2023/CVE-2023-31xx/CVE-2023-3135.json) (`2023-07-19T15:30:54.893`)
* [CVE-2023-29319](CVE-2023/CVE-2023-293xx/CVE-2023-29319.json) (`2023-07-19T15:41:02.070`)
* [CVE-2023-29315](CVE-2023/CVE-2023-293xx/CVE-2023-29315.json) (`2023-07-19T15:42:01.287`)
* [CVE-2023-29316](CVE-2023/CVE-2023-293xx/CVE-2023-29316.json) (`2023-07-19T15:42:22.723`)
* [CVE-2023-29317](CVE-2023/CVE-2023-293xx/CVE-2023-29317.json) (`2023-07-19T15:42:41.643`)
* [CVE-2023-29318](CVE-2023/CVE-2023-293xx/CVE-2023-29318.json) (`2023-07-19T15:42:57.663`)
* [CVE-2023-33167](CVE-2023/CVE-2023-331xx/CVE-2023-33167.json) (`2023-07-19T15:44:42.697`)
* [CVE-2023-23348](CVE-2023/CVE-2023-233xx/CVE-2023-23348.json) (`2023-07-19T15:48:28.893`)
* [CVE-2023-3579](CVE-2023/CVE-2023-35xx/CVE-2023-3579.json) (`2023-07-19T15:52:19.567`)
* [CVE-2023-3578](CVE-2023/CVE-2023-35xx/CVE-2023-3578.json) (`2023-07-19T15:58:04.330`)
* [CVE-2023-3574](CVE-2023/CVE-2023-35xx/CVE-2023-3574.json) (`2023-07-19T15:58:24.693`)
* [CVE-2023-3568](CVE-2023/CVE-2023-35xx/CVE-2023-3568.json) (`2023-07-19T15:58:44.357`)
* [CVE-2023-3625](CVE-2023/CVE-2023-36xx/CVE-2023-3625.json) (`2023-07-19T15:59:56.657`)
## Download and Usage