admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-07-19T16:01:05.735904+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-07-19 16:01:09 +00:00
parent eaa8c92d04
commit 9a68eea9a2
88 changed files with 3774 additions and 320 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

115
CVE-2020/CVE-2020-367xx/CVE-2020-36756.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2020-36756", "id": "CVE-2020-36756",
"sourceIdentifier": "security@wordfence.com", "sourceIdentifier": "security@wordfence.com",
"published": "2023-07-12T07:15:09.203", "published": "2023-07-12T07:15:09.203",
"lastModified": "2023-07-12T12:46:30.047", "lastModified": "2023-07-19T15:38:04.820",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -46,42 +46,87 @@
] ]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://blog.nintechnet.com/25-wordpress-plugins-vulnerable-to-csrf-attacks/", "nodes": [
"source": "security@wordfence.com"
},
{ {
"url": "https://blog.nintechnet.com/more-wordpress-plugins-and-themes-vulnerable-to-csrf-attacks/", "operator": "OR",
"source": "security@wordfence.com" "negate": false,
}, "cpeMatch": [
{ {
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-1/", "vulnerable": true,
"source": "security@wordfence.com" "criteria": "cpe:2.3:a:10web:10webanalytics:*:*:*:*:*:wordpress:*:*",
}, "versionEndIncluding": "1.2.8",
{ "matchCriteriaId": "D1B0FAB3-5993-4522-9B4F-9F0C1F0F8B79"
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-2/", }
"source": "security@wordfence.com" ]
}, }
{ ]
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-3/", }
"source": "security@wordfence.com" ],
}, "references": [
{ {
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-4/", "url": "https://blog.nintechnet.com/25-wordpress-plugins-vulnerable-to-csrf-attacks/",
"source": "security@wordfence.com" "source": "security@wordfence.com",
}, "tags": [
{ "Third Party Advisory"
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-5/", ]
"source": "security@wordfence.com" },
}, {
{ "url": "https://blog.nintechnet.com/more-wordpress-plugins-and-themes-vulnerable-to-csrf-attacks/",
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2371142%40wd-google-analytics&new=2371142%40wd-google-analytics&sfp_email=&sfph_mail=", "source": "security@wordfence.com",
"source": "security@wordfence.com" "tags": [
}, "Third Party Advisory"
{ ]
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/db29f17d-1d2b-4f78-a78d-1579e2a5d975?source=cve", },
"source": "security@wordfence.com" {
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-1/",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-2/",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-3/",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-4/",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-5/",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2371142%40wd-google-analytics&new=2371142%40wd-google-analytics&sfp_email=&sfph_mail=",
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/db29f17d-1d2b-4f78-a78d-1579e2a5d975?source=cve",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

4
CVE-2021/CVE-2021-389xx/CVE-2021-38933.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-38933", "id": "CVE-2021-38933",
"sourceIdentifier": "psirt@us.ibm.com", "sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-07-19T02:15:09.130", "published": "2023-07-19T02:15:09.130",
"lastModified": "2023-07-19T02:15:09.130", "lastModified": "2023-07-19T12:47:21.130",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

115
CVE-2021/CVE-2021-44xx/CVE-2021-4407.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-4407", "id": "CVE-2021-4407",
"sourceIdentifier": "security@wordfence.com", "sourceIdentifier": "security@wordfence.com",
"published": "2023-07-12T04:15:10.343", "published": "2023-07-12T04:15:10.343",
"lastModified": "2023-07-12T12:46:41.413", "lastModified": "2023-07-19T12:06:58.680",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -46,42 +46,87 @@
] ]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://blog.nintechnet.com/25-wordpress-plugins-vulnerable-to-csrf-attacks/", "nodes": [
"source": "security@wordfence.com"
},
{ {
"url": "https://blog.nintechnet.com/more-wordpress-plugins-and-themes-vulnerable-to-csrf-attacks/", "operator": "OR",
"source": "security@wordfence.com" "negate": false,
}, "cpeMatch": [
{ {
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-1/", "vulnerable": true,
"source": "security@wordfence.com" "criteria": "cpe:2.3:a:goldplugins:custom_banners:*:*:*:*:*:wordpress:*:*",
}, "versionEndIncluding": "3.2.2",
{ "matchCriteriaId": "DFAAFAE3-5672-43BF-9428-B0130517E0BE"
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-2/", }
"source": "security@wordfence.com" ]
}, }
{ ]
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-3/", }
"source": "security@wordfence.com" ],
}, "references": [
{ {
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-4/", "url": "https://blog.nintechnet.com/25-wordpress-plugins-vulnerable-to-csrf-attacks/",
"source": "security@wordfence.com" "source": "security@wordfence.com",
}, "tags": [
{ "Third Party Advisory"
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-5/", ]
"source": "security@wordfence.com" },
}, {
{ "url": "https://blog.nintechnet.com/more-wordpress-plugins-and-themes-vulnerable-to-csrf-attacks/",
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2473385%40custom-banners&new=2473385%40custom-banners&sfp_email=&sfph_mail=", "source": "security@wordfence.com",
"source": "security@wordfence.com" "tags": [
}, "Not Applicable"
{ ]
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8f4c086d-8209-4212-9d91-67238c1a9143?source=cve", },
"source": "security@wordfence.com" {
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-1/",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-2/",
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-3/",
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-4/",
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-5/",
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2473385%40custom-banners&new=2473385%40custom-banners&sfp_email=&sfph_mail=",
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8f4c086d-8209-4212-9d91-67238c1a9143?source=cve",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

115
CVE-2021/CVE-2021-44xx/CVE-2021-4408.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-4408", "id": "CVE-2021-4408",
"sourceIdentifier": "security@wordfence.com", "sourceIdentifier": "security@wordfence.com",
"published": "2023-07-12T04:15:10.447", "published": "2023-07-12T04:15:10.447",
"lastModified": "2023-07-12T12:46:41.413", "lastModified": "2023-07-19T12:10:51.417",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -46,42 +46,87 @@
] ]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://blog.nintechnet.com/25-wordpress-plugins-vulnerable-to-csrf-attacks/", "nodes": [
"source": "security@wordfence.com"
},
{ {
"url": "https://blog.nintechnet.com/more-wordpress-plugins-and-themes-vulnerable-to-csrf-attacks/", "operator": "OR",
"source": "security@wordfence.com" "negate": false,
}, "cpeMatch": [
{ {
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-1/", "vulnerable": true,
"source": "security@wordfence.com" "criteria": "cpe:2.3:a:designwall:dw_question_\\&_answer:*:*:*:*:pro:wordpress:*:*",
}, "versionEndIncluding": "1.5.8",
{ "matchCriteriaId": "E94FA51C-59CE-4D62-92EF-A85BF7960173"
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-2/", }
"source": "security@wordfence.com" ]
}, }
{ ]
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-3/", }
"source": "security@wordfence.com" ],
}, "references": [
{ {
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-4/", "url": "https://blog.nintechnet.com/25-wordpress-plugins-vulnerable-to-csrf-attacks/",
"source": "security@wordfence.com" "source": "security@wordfence.com",
}, "tags": [
{ "Third Party Advisory"
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-5/", ]
"source": "security@wordfence.com" },
}, {
{ "url": "https://blog.nintechnet.com/more-wordpress-plugins-and-themes-vulnerable-to-csrf-attacks/",
"url": "https://plugins.trac.wordpress.org/browser/dw-question-answer/trunk/inc/Handle.php#L138", "source": "security@wordfence.com",
"source": "security@wordfence.com" "tags": [
}, "Not Applicable"
{ ]
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/9852e499-f413-4218-9bac-6c2be62ecc32?source=cve", },
"source": "security@wordfence.com" {
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-1/",
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-2/",
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-3/",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-4/",
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-5/",
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/dw-question-answer/trunk/inc/Handle.php#L138",
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/9852e499-f413-4218-9bac-6c2be62ecc32?source=cve",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

115
CVE-2021/CVE-2021-44xx/CVE-2021-4409.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-4409", "id": "CVE-2021-4409",
"sourceIdentifier": "security@wordfence.com", "sourceIdentifier": "security@wordfence.com",
"published": "2023-07-12T04:15:10.563", "published": "2023-07-12T04:15:10.563",
"lastModified": "2023-07-12T12:46:41.413", "lastModified": "2023-07-19T12:23:57.317",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -46,42 +46,87 @@
] ]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://blog.nintechnet.com/25-wordpress-plugins-vulnerable-to-csrf-attacks/", "nodes": [
"source": "security@wordfence.com"
},
{ {
"url": "https://blog.nintechnet.com/more-wordpress-plugins-and-themes-vulnerable-to-csrf-attacks/", "operator": "OR",
"source": "security@wordfence.com" "negate": false,
}, "cpeMatch": [
{ {
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-1/", "vulnerable": true,
"source": "security@wordfence.com" "criteria": "cpe:2.3:a:exportfeed:woocommerce_etsy_integration:*:*:*:*:*:wordpress:*:*",
}, "versionEndIncluding": "3.3.1",
{ "matchCriteriaId": "CD0B8855-250A-42BF-AA73-A21506383B57"
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-2/", }
"source": "security@wordfence.com" ]
}, }
{ ]
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-3/", }
"source": "security@wordfence.com" ],
}, "references": [
{ {
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-4/", "url": "https://blog.nintechnet.com/25-wordpress-plugins-vulnerable-to-csrf-attacks/",
"source": "security@wordfence.com" "source": "security@wordfence.com",
}, "tags": [
{ "Third Party Advisory"
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-5/", ]
"source": "security@wordfence.com" },
}, {
{ "url": "https://blog.nintechnet.com/more-wordpress-plugins-and-themes-vulnerable-to-csrf-attacks/",
"url": "https://plugins.trac.wordpress.org/changeset/2573194", "source": "security@wordfence.com",
"source": "security@wordfence.com" "tags": [
}, "Not Applicable"
{ ]
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/99489cc0-2e73-4d55-b95f-46d574897fac?source=cve", },
"source": "security@wordfence.com" {
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-1/",
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-2/",
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-3/",
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-4/",
"source": "security@wordfence.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-5/",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/2573194",
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/99489cc0-2e73-4d55-b95f-46d574897fac?source=cve",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

115
CVE-2021/CVE-2021-44xx/CVE-2021-4419.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-4419", "id": "CVE-2021-4419",
"sourceIdentifier": "security@wordfence.com", "sourceIdentifier": "security@wordfence.com",
"published": "2023-07-12T07:15:09.577", "published": "2023-07-12T07:15:09.577",
"lastModified": "2023-07-12T12:46:30.047", "lastModified": "2023-07-19T15:39:10.587",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -46,42 +46,87 @@
] ]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://blog.nintechnet.com/25-wordpress-plugins-vulnerable-to-csrf-attacks/", "nodes": [
"source": "security@wordfence.com"
},
{ {
"url": "https://blog.nintechnet.com/more-wordpress-plugins-and-themes-vulnerable-to-csrf-attacks/", "operator": "OR",
"source": "security@wordfence.com" "negate": false,
}, "cpeMatch": [
{ {
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-1/", "vulnerable": true,
"source": "security@wordfence.com" "criteria": "cpe:2.3:a:inoplugs:wp-backgrounds-lite:*:*:*:*:*:wordpress:*:*",
}, "versionEndIncluding": "2.3",
{ "matchCriteriaId": "7383D019-FFE4-4B86-B532-84C7F4C955FD"
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-2/", }
"source": "security@wordfence.com" ]
}, }
{ ]
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-3/", }
"source": "security@wordfence.com" ],
}, "references": [
{ {
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-4/", "url": "https://blog.nintechnet.com/25-wordpress-plugins-vulnerable-to-csrf-attacks/",
"source": "security@wordfence.com" "source": "security@wordfence.com",
}, "tags": [
{ "Third Party Advisory"
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-5/", ]
"source": "security@wordfence.com" },
}, {
{ "url": "https://blog.nintechnet.com/more-wordpress-plugins-and-themes-vulnerable-to-csrf-attacks/",
"url": "https://plugins.trac.wordpress.org/browser/wp-backgrounds-lite/trunk/inoplugs_background_plugin.php#L179", "source": "security@wordfence.com",
"source": "security@wordfence.com" "tags": [
}, "Third Party Advisory"
{ ]
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d7a05894-8f9d-442f-961c-2e80aa25c3db?source=cve", },
"source": "security@wordfence.com" {
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-1/",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-2/",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-3/",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-4/",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-5/",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://plugins.trac.wordpress.org/browser/wp-backgrounds-lite/trunk/inoplugs_background_plugin.php#L179",
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d7a05894-8f9d-442f-961c-2e80aa25c3db?source=cve",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

115
CVE-2021/CVE-2021-44xx/CVE-2021-4420.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-4420", "id": "CVE-2021-4420",
"sourceIdentifier": "security@wordfence.com", "sourceIdentifier": "security@wordfence.com",
"published": "2023-07-12T07:15:09.747", "published": "2023-07-12T07:15:09.747",
"lastModified": "2023-07-12T12:46:30.047", "lastModified": "2023-07-19T15:54:18.010",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -46,42 +46,87 @@
] ]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://blog.nintechnet.com/25-wordpress-plugins-vulnerable-to-csrf-attacks/", "nodes": [
"source": "security@wordfence.com"
},
{ {
"url": "https://blog.nintechnet.com/more-wordpress-plugins-and-themes-vulnerable-to-csrf-attacks/", "operator": "OR",
"source": "security@wordfence.com" "negate": false,
}, "cpeMatch": [
{ {
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-1/", "vulnerable": true,
"source": "security@wordfence.com" "criteria": "cpe:2.3:a:graphpaperpress:sell_media:*:*:*:*:*:wordpress:*:*",
}, "versionEndIncluding": "2.5.5",
{ "matchCriteriaId": "9854AE9A-B2D2-4075-86DA-6367D760186F"
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-2/", }
"source": "security@wordfence.com" ]
}, }
{ ]
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-3/", }
"source": "security@wordfence.com" ],
}, "references": [
{ {
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-4/", "url": "https://blog.nintechnet.com/25-wordpress-plugins-vulnerable-to-csrf-attacks/",
"source": "security@wordfence.com" "source": "security@wordfence.com",
}, "tags": [
{ "Third Party Advisory"
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-5/", ]
"source": "security@wordfence.com" },
}, {
{ "url": "https://blog.nintechnet.com/more-wordpress-plugins-and-themes-vulnerable-to-csrf-attacks/",
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2603629%40sell-media&new=2603629%40sell-media&sfp_email=&sfph_mail=", "source": "security@wordfence.com",
"source": "security@wordfence.com" "tags": [
}, "Third Party Advisory"
{ ]
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/da4592b6-5e84-4a89-9ade-6cc227740d32?source=cve", },
"source": "security@wordfence.com" {
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-1/",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-2/",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-3/",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-4/",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-5/",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2603629%40sell-media&new=2603629%40sell-media&sfp_email=&sfph_mail=",
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/da4592b6-5e84-4a89-9ade-6cc227740d32?source=cve",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

137
CVE-2021/CVE-2021-44xx/CVE-2021-4421.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-4421", "id": "CVE-2021-4421",
"sourceIdentifier": "security@wordfence.com", "sourceIdentifier": "security@wordfence.com",
"published": "2023-07-12T07:15:09.863", "published": "2023-07-12T07:15:09.863",
"lastModified": "2023-07-12T12:46:30.047", "lastModified": "2023-07-19T15:54:52.337",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -13,7 +13,7 @@
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{ {
"source": "security@wordfence.com", "source": "nvd@nist.gov",
"type": "Primary", "type": "Primary",
"cvssData": { "cvssData": {
"version": "3.1", "version": "3.1",
@ -31,6 +31,26 @@
}, },
"exploitabilityScore": 2.8, "exploitabilityScore": 2.8,
"impactScore": 1.4 "impactScore": 1.4
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
} }
] ]
}, },
@ -46,42 +66,87 @@
] ]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://blog.nintechnet.com/25-wordpress-plugins-vulnerable-to-csrf-attacks/", "nodes": [
"source": "security@wordfence.com"
},
{ {
"url": "https://blog.nintechnet.com/more-wordpress-plugins-and-themes-vulnerable-to-csrf-attacks/", "operator": "OR",
"source": "security@wordfence.com" "negate": false,
}, "cpeMatch": [
{ {
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-1/", "vulnerable": true,
"source": "security@wordfence.com" "criteria": "cpe:2.3:a:ashstonestudios:advanced_popups:*:*:*:*:*:wordpress:*:*",
}, "versionEndIncluding": "1.1.1",
{ "matchCriteriaId": "4DDAAA46-26E6-46D3-B316-12E45D7C8A5A"
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-2/", }
"source": "security@wordfence.com" ]
}, }
{ ]
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-3/", }
"source": "security@wordfence.com" ],
}, "references": [
{ {
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-4/", "url": "https://blog.nintechnet.com/25-wordpress-plugins-vulnerable-to-csrf-attacks/",
"source": "security@wordfence.com" "source": "security@wordfence.com",
}, "tags": [
{ "Third Party Advisory"
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-5/", ]
"source": "security@wordfence.com" },
}, {
{ "url": "https://blog.nintechnet.com/more-wordpress-plugins-and-themes-vulnerable-to-csrf-attacks/",
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2548724%40advanced-popups&new=2548724%40advanced-popups&sfp_email=&sfph_mail=", "source": "security@wordfence.com",
"source": "security@wordfence.com" "tags": [
}, "Third Party Advisory"
{ ]
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/dc7b51e5-6eb7-41ba-add3-f083fb34c5e1?source=cve", },
"source": "security@wordfence.com" {
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-1/",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-2/",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-3/",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-4/",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-5/",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2548724%40advanced-popups&new=2548724%40advanced-popups&sfp_email=&sfph_mail=",
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/dc7b51e5-6eb7-41ba-add3-f083fb34c5e1?source=cve",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

149
CVE-2021/CVE-2021-44xx/CVE-2021-4422.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-4422", "id": "CVE-2021-4422",
"sourceIdentifier": "security@wordfence.com", "sourceIdentifier": "security@wordfence.com",
"published": "2023-07-12T07:15:09.997", "published": "2023-07-12T07:15:09.997",
"lastModified": "2023-07-12T12:46:30.047", "lastModified": "2023-07-19T15:55:42.187",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -13,7 +13,7 @@
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{ {
"source": "security@wordfence.com", "source": "nvd@nist.gov",
"type": "Primary", "type": "Primary",
"cvssData": { "cvssData": {
"version": "3.1", "version": "3.1",
@ -31,12 +31,32 @@
}, },
"exploitabilityScore": 2.8, "exploitabilityScore": 2.8,
"impactScore": 1.4 "impactScore": 1.4
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
} }
] ]
}, },
"weaknesses": [ "weaknesses": [
{ {
"source": "security@wordfence.com", "source": "nvd@nist.gov",
"type": "Primary", "type": "Primary",
"description": [ "description": [
{ {
@ -44,44 +64,99 @@
"value": "CWE-352" "value": "CWE-352"
} }
] ]
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://blog.nintechnet.com/25-wordpress-plugins-vulnerable-to-csrf-attacks/", "nodes": [
"source": "security@wordfence.com"
},
{ {
"url": "https://blog.nintechnet.com/more-wordpress-plugins-and-themes-vulnerable-to-csrf-attacks/", "operator": "OR",
"source": "security@wordfence.com" "negate": false,
}, "cpeMatch": [
{ {
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-1/", "vulnerable": true,
"source": "security@wordfence.com" "criteria": "cpe:2.3:a:wpexperts:post_smtp_mailer:*:*:*:*:*:wordpress:*:*",
}, "versionEndIncluding": "2.0.20",
{ "matchCriteriaId": "D3612D88-8DF0-4960-BB19-937CA7D3B46D"
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-2/", }
"source": "security@wordfence.com" ]
}, }
{ ]
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-3/", }
"source": "security@wordfence.com" ],
}, "references": [
{ {
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-4/", "url": "https://blog.nintechnet.com/25-wordpress-plugins-vulnerable-to-csrf-attacks/",
"source": "security@wordfence.com" "source": "security@wordfence.com",
}, "tags": [
{ "Third Party Advisory"
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-5/", ]
"source": "security@wordfence.com" },
}, {
{ "url": "https://blog.nintechnet.com/more-wordpress-plugins-and-themes-vulnerable-to-csrf-attacks/",
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2473579%40post-smtp&new=2473579%40post-smtp&sfp_email=&sfph_mail=", "source": "security@wordfence.com",
"source": "security@wordfence.com" "tags": [
}, "Third Party Advisory"
{ ]
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e018ca7c-06dd-4d40-91d4-4ed188b8aaf2?source=cve", },
"source": "security@wordfence.com" {
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-1/",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-2/",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-3/",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-4/",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-5/",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2473579%40post-smtp&new=2473579%40post-smtp&sfp_email=&sfph_mail=",
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e018ca7c-06dd-4d40-91d4-4ed188b8aaf2?source=cve",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

115
CVE-2021/CVE-2021-44xx/CVE-2021-4423.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-4423", "id": "CVE-2021-4423",
"sourceIdentifier": "security@wordfence.com", "sourceIdentifier": "security@wordfence.com",
"published": "2023-07-12T07:15:10.120", "published": "2023-07-12T07:15:10.120",
"lastModified": "2023-07-12T12:46:30.047", "lastModified": "2023-07-19T15:56:47.087",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -46,42 +46,87 @@
] ]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://blog.nintechnet.com/25-wordpress-plugins-vulnerable-to-csrf-attacks/", "nodes": [
"source": "security@wordfence.com"
},
{ {
"url": "https://blog.nintechnet.com/more-wordpress-plugins-and-themes-vulnerable-to-csrf-attacks/", "operator": "OR",
"source": "security@wordfence.com" "negate": false,
}, "cpeMatch": [
{ {
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-1/", "vulnerable": true,
"source": "security@wordfence.com" "criteria": "cpe:2.3:a:it-rays:rays_grid:*:*:*:*:*:wordpress:*:*",
}, "versionEndIncluding": "1.2.2",
{ "matchCriteriaId": "41866AD8-0240-4A35-B8ED-42CCECE928CF"
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-2/", }
"source": "security@wordfence.com" ]
}, }
{ ]
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-3/", }
"source": "security@wordfence.com" ],
}, "references": [
{ {
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-4/", "url": "https://blog.nintechnet.com/25-wordpress-plugins-vulnerable-to-csrf-attacks/",
"source": "security@wordfence.com" "source": "security@wordfence.com",
}, "tags": [
{ "Third Party Advisory"
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-5/", ]
"source": "security@wordfence.com" },
}, {
{ "url": "https://blog.nintechnet.com/more-wordpress-plugins-and-themes-vulnerable-to-csrf-attacks/",
"url": "https://plugins.trac.wordpress.org/changeset/2572600/rays-grid/trunk/includes/class-db.php", "source": "security@wordfence.com",
"source": "security@wordfence.com" "tags": [
}, "Third Party Advisory"
{ ]
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e5911815-db53-46f2-a16d-ed21be20bbfb?source=cve", },
"source": "security@wordfence.com" {
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-1/",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-2/",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-3/",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-4/",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-5/",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/2572600/rays-grid/trunk/includes/class-db.php",
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e5911815-db53-46f2-a16d-ed21be20bbfb?source=cve",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

115
CVE-2021/CVE-2021-44xx/CVE-2021-4424.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2021-4424", "id": "CVE-2021-4424",
"sourceIdentifier": "security@wordfence.com", "sourceIdentifier": "security@wordfence.com",
"published": "2023-07-12T07:15:10.240", "published": "2023-07-12T07:15:10.240",
"lastModified": "2023-07-12T12:46:30.047", "lastModified": "2023-07-19T15:57:15.943",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -46,42 +46,87 @@
] ]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://blog.nintechnet.com/25-wordpress-plugins-vulnerable-to-csrf-attacks/", "nodes": [
"source": "security@wordfence.com"
},
{ {
"url": "https://blog.nintechnet.com/more-wordpress-plugins-and-themes-vulnerable-to-csrf-attacks/", "operator": "OR",
"source": "security@wordfence.com" "negate": false,
}, "cpeMatch": [
{ {
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-1/", "vulnerable": true,
"source": "security@wordfence.com" "criteria": "cpe:2.3:a:quantumcloud:slider_hero:*:*:*:*:*:wordpress:*:*",
}, "versionEndIncluding": "8.2.0",
{ "matchCriteriaId": "B9F60BCC-8D6F-4470-AB69-E77A0D5979E2"
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-2/", }
"source": "security@wordfence.com" ]
}, }
{ ]
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-3/", }
"source": "security@wordfence.com" ],
}, "references": [
{ {
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-4/", "url": "https://blog.nintechnet.com/25-wordpress-plugins-vulnerable-to-csrf-attacks/",
"source": "security@wordfence.com" "source": "security@wordfence.com",
}, "tags": [
{ "Third Party Advisory"
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-5/", ]
"source": "security@wordfence.com" },
}, {
{ "url": "https://blog.nintechnet.com/more-wordpress-plugins-and-themes-vulnerable-to-csrf-attacks/",
"url": "https://plugins.trac.wordpress.org/changeset/2548890/slider-hero/trunk/qcld-slider-main.php", "source": "security@wordfence.com",
"source": "security@wordfence.com" "tags": [
}, "Third Party Advisory"
{ ]
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e6d195cd-4df8-4926-b834-d695fc05f81d?source=cve", },
"source": "security@wordfence.com" {
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-1/",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-2/",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-3/",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-4/",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://blog.nintechnet.com/multiple-wordpress-plugins-fixed-csrf-vulnerabilities-part-5/",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/2548890/slider-hero/trunk/qcld-slider-main.php",
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e6d195cd-4df8-4926-b834-d695fc05f81d?source=cve",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

61
CVE-2022/CVE-2022-318xx/CVE-2022-31810.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-31810", "id": "CVE-2022-31810",
"sourceIdentifier": "productcert@siemens.com", "sourceIdentifier": "productcert@siemens.com",
"published": "2023-07-11T10:15:10.127", "published": "2023-07-11T10:15:10.127",
"lastModified": "2023-07-11T12:43:16.387", "lastModified": "2023-07-19T14:41:04.087",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{ {
"source": "productcert@siemens.com", "source": "productcert@siemens.com",
"type": "Secondary", "type": "Secondary",
@ -35,6 +55,16 @@
] ]
}, },
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{ {
"source": "productcert@siemens.com", "source": "productcert@siemens.com",
"type": "Secondary", "type": "Secondary",
@ -46,10 +76,31 @@
] ]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-924149.pdf", "nodes": [
"source": "productcert@siemens.com" {
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:siemens:sipass_integrated:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.90.3.8",
"matchCriteriaId": "AC7AA710-4928-4B8B-AF56-24E4F5548AEA"
}
]
}
]
}
],
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-924149.pdf",
"source": "productcert@siemens.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

28
CVE-2022/CVE-2022-408xx/CVE-2022-40896.json Normal file
View File

@ -0,0 +1,28 @@
{
"id": "CVE-2022-40896",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-07-19T15:15:10.007",
"lastModified": "2023-07-19T15:15:10.007",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A ReDoS issue was discovered in pygments/lexers/smithy.py in pygments through 2.15.0 via SmithyLexer."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/pygments/pygments/blob/master/pygments/lexers/smithy.py#L61",
"source": "cve@mitre.org"
},
{
"url": "https://pypi.org/project/Pygments/",
"source": "cve@mitre.org"
},
{
"url": "https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages-part-2/",
"source": "cve@mitre.org"
}
]
}

8
CVE-2022/CVE-2022-439xx/CVE-2022-43908.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2022-43908", "id": "CVE-2022-43908",
"sourceIdentifier": "psirt@us.ibm.com", "sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-07-19T02:15:09.233", "published": "2023-07-19T02:15:09.233",
"lastModified": "2023-07-19T02:15:09.233", "lastModified": "2023-07-19T12:47:21.130",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "\nIBM Security Guardium 11.3 could allow an authenticated user to cause a denial of service due to improper input validation. IBM X-Force ID: 240903.\n\n" "value": "\nIBM Security Guardium 11.3 could allow an authenticated user to cause a denial of service due to improper input validation. IBM X-Force ID: 240903.\n\n"
},
{
"lang": "es",
"value": "IBM Security Guardium v11.3 podr\u00eda permitir a un usuario autenticado provocar una denegaci\u00f3n de servicio debido a una incorrecta validaci\u00f3n de entrada. ID de IBM X-Force: 240903. "
} }
], ],
"metrics": { "metrics": {

8
CVE-2022/CVE-2022-439xx/CVE-2022-43910.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2022-43910", "id": "CVE-2022-43910",
"sourceIdentifier": "psirt@us.ibm.com", "sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-07-19T03:15:10.117", "published": "2023-07-19T03:15:10.117",
"lastModified": "2023-07-19T03:15:10.117", "lastModified": "2023-07-19T12:47:14.573",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "\nIBM Security Guardium 11.3 could allow a local user to escalate their privileges due to improper permission controls. IBM X-Force ID: 240908.\n\n" "value": "\nIBM Security Guardium 11.3 could allow a local user to escalate their privileges due to improper permission controls. IBM X-Force ID: 240908.\n\n"
},
{
"lang": "es",
"value": "IBM Security Guardium v11.3 podr\u00eda permitir a un usuario local escalar sus privilegios debido a controles de permisos inadecuados. ID de IBM X-Force: 240908. "
} }
], ],
"metrics": { "metrics": {

104
CVE-2023/CVE-2023-19xx/CVE-2023-1936.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-1936", "id": "CVE-2023-1936",
"sourceIdentifier": "cve@gitlab.com", "sourceIdentifier": "cve@gitlab.com",
"published": "2023-07-11T08:15:10.380", "published": "2023-07-11T08:15:10.380",
"lastModified": "2023-07-11T12:43:16.387", "lastModified": "2023-07-19T14:26:15.807",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{ {
"source": "cve@gitlab.com", "source": "cve@gitlab.com",
"type": "Secondary", "type": "Secondary",
@ -35,6 +55,16 @@
] ]
}, },
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
},
{ {
"source": "cve@gitlab.com", "source": "cve@gitlab.com",
"type": "Secondary", "type": "Secondary",
@ -46,14 +76,74 @@
] ]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/405150", "nodes": [
"source": "cve@gitlab.com" {
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding": "13.7",
"versionEndExcluding": "15.11.10",
"matchCriteriaId": "7B7F05A8-554B-4418-A8C7-D556F2600FDE"
}, },
{ {
"url": "https://hackerone.com/reports/1933829", "vulnerable": true,
"source": "cve@gitlab.com" "criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "13.7",
"versionEndExcluding": "15.11.10",
"matchCriteriaId": "F4029F02-A742-456F-9FB6-A23D2D753D72"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding": "16.0.0",
"versionEndExcluding": "16.0.6",
"matchCriteriaId": "691225A9-E175-41A1-A413-0FE619DF9ACF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "16.0.0",
"versionEndExcluding": "16.0.6",
"matchCriteriaId": "8D33EB2F-DB0F-40DA-9C1C-4A33856EABDD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding": "16.1",
"versionEndExcluding": "16.1.1",
"matchCriteriaId": "8C47692F-480C-4804-BA0D-E9AF1DB74B28"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "16.1",
"versionEndExcluding": "16.1.1",
"matchCriteriaId": "36D2F9C4-8B76-49F4-B9EE-DC2FBAA9EE2C"
}
]
}
]
}
],
"references": [
{
"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/405150",
"source": "cve@gitlab.com",
"tags": [
"Broken Link"
]
},
{
"url": "https://hackerone.com/reports/1933829",
"source": "cve@gitlab.com",
"tags": [
"Permissions Required"
]
} }
] ]
} }

6
CVE-2023/CVE-2023-214xx/CVE-2023-21400.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-21400", "id": "CVE-2023-21400",
"sourceIdentifier": "security@android.com", "sourceIdentifier": "security@android.com",
"published": "2023-07-13T00:15:24.340", "published": "2023-07-13T00:15:24.340",
"lastModified": "2023-07-14T21:15:08.753", "lastModified": "2023-07-19T12:15:09.677",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
@ -16,6 +16,10 @@
"url": "http://www.openwall.com/lists/oss-security/2023/07/14/2", "url": "http://www.openwall.com/lists/oss-security/2023/07/14/2",
"source": "security@android.com" "source": "security@android.com"
}, },
{
"url": "http://www.openwall.com/lists/oss-security/2023/07/19/2",
"source": "security@android.com"
},
{ {
"url": "https://source.android.com/security/bulletin/pixel/2023-07-01", "url": "https://source.android.com/security/bulletin/pixel/2023-07-01",
"source": "security@android.com" "source": "security@android.com"

4
CVE-2023/CVE-2023-225xx/CVE-2023-22506.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-22506", "id": "CVE-2023-22506",
"sourceIdentifier": "security@atlassian.com", "sourceIdentifier": "security@atlassian.com",
"published": "2023-07-19T00:15:09.447", "published": "2023-07-19T00:15:09.447",
"lastModified": "2023-07-19T00:15:09.447", "lastModified": "2023-07-19T12:47:21.130",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

4
CVE-2023/CVE-2023-225xx/CVE-2023-22508.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-22508", "id": "CVE-2023-22508",
"sourceIdentifier": "security@atlassian.com", "sourceIdentifier": "security@atlassian.com",
"published": "2023-07-18T23:15:09.297", "published": "2023-07-18T23:15:09.297",
"lastModified": "2023-07-18T23:15:09.297", "lastModified": "2023-07-19T12:47:21.130",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

92
CVE-2023/CVE-2023-233xx/CVE-2023-23348.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-23348", "id": "CVE-2023-23348",
"sourceIdentifier": "psirt@hcl.com", "sourceIdentifier": "psirt@hcl.com",
"published": "2023-07-10T18:15:10.637", "published": "2023-07-10T18:15:10.637",
"lastModified": "2023-07-10T18:15:29.887", "lastModified": "2023-07-19T15:48:28.893",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{ {
"source": "psirt@hcl.com", "source": "psirt@hcl.com",
"type": "Secondary", "type": "Secondary",
@ -34,10 +54,72 @@
} }
] ]
}, },
"references": [ "weaknesses": [
{ {
"url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0105978", "source": "nvd@nist.gov",
"source": "psirt@hcl.com" "type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hcltechsw:hcl_launch:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.2.0.0",
"versionEndExcluding": "6.2.7.20",
"matchCriteriaId": "296B4B08-B0F4-4A98-A451-83F23F7EE4D1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hcltechsw:hcl_launch:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.0.0.0",
"versionEndExcluding": "7.0.5.15",
"matchCriteriaId": "BCF9DDD3-0D13-4443-9BF9-2A7630D2EF06"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hcltechsw:hcl_launch:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.1.0.0",
"versionEndExcluding": "7.1.2.11",
"matchCriteriaId": "4EED0FA8-9095-4933-88FF-2EB80F494504"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hcltechsw:hcl_launch:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.2.0.0",
"versionEndExcluding": "7.2.3.4",
"matchCriteriaId": "61102B7B-7743-4614-8AA3-13BEC6CB20E0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hcltechsw:hcl_launch:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.3.0.0",
"versionEndExcluding": "7.3.1.0",
"matchCriteriaId": "D110AF13-42CC-44ED-96E1-A5FC57F301F8"
}
]
}
]
}
],
"references": [
{
"url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0105978",
"source": "psirt@hcl.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

40
CVE-2023/CVE-2023-25xx/CVE-2023-2561.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2561", "id": "CVE-2023-2561",
"sourceIdentifier": "security@wordfence.com", "sourceIdentifier": "security@wordfence.com",
"published": "2023-07-12T05:15:09.097", "published": "2023-07-12T05:15:09.097",
"lastModified": "2023-07-12T12:46:41.413", "lastModified": "2023-07-19T12:42:23.927",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -46,14 +46,38 @@
] ]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://plugins.trac.wordpress.org/browser/gallery-metabox/trunk/gallery-metabox.php?rev=611664#L233", "nodes": [
"source": "security@wordfence.com"
},
{ {
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/faad339f-96d6-4937-a1f3-9d2d19bc6395?source=cve", "operator": "OR",
"source": "security@wordfence.com" "negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gallery-metabox_project:gallery-metabox:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.5",
"matchCriteriaId": "0C35E83D-573A-4DB1-A57E-C7E1B8C14E0F"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/gallery-metabox/trunk/gallery-metabox.php?rev=611664#L233",
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/faad339f-96d6-4937-a1f3-9d2d19bc6395?source=cve",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

52
CVE-2023/CVE-2023-25xx/CVE-2023-2562.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2562", "id": "CVE-2023-2562",
"sourceIdentifier": "security@wordfence.com", "sourceIdentifier": "security@wordfence.com",
"published": "2023-07-12T05:15:09.180", "published": "2023-07-12T05:15:09.180",
"lastModified": "2023-07-12T12:46:41.413", "lastModified": "2023-07-19T14:07:58.010",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -36,7 +36,7 @@
}, },
"weaknesses": [ "weaknesses": [
{ {
"source": "security@wordfence.com", "source": "nvd@nist.gov",
"type": "Primary", "type": "Primary",
"description": [ "description": [
{ {
@ -44,16 +44,50 @@
"value": "CWE-862" "value": "CWE-862"
} }
] ]
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://plugins.trac.wordpress.org/browser/gallery-metabox/trunk/gallery-metabox.php?rev=611664#L203", "nodes": [
"source": "security@wordfence.com"
},
{ {
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/951e4651-56d6-474d-84b3-5a7cfc357b9f?source=cve", "operator": "OR",
"source": "security@wordfence.com" "negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gallery-metabox_project:gallery-metabox:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.5",
"matchCriteriaId": "0C35E83D-573A-4DB1-A57E-C7E1B8C14E0F"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/gallery-metabox/trunk/gallery-metabox.php?rev=611664#L203",
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/951e4651-56d6-474d-84b3-5a7cfc357b9f?source=cve",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

4
CVE-2023/CVE-2023-260xx/CVE-2023-26023.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-26023", "id": "CVE-2023-26023",
"sourceIdentifier": "psirt@us.ibm.com", "sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-07-19T02:15:09.317", "published": "2023-07-19T02:15:09.317",
"lastModified": "2023-07-19T02:15:09.317", "lastModified": "2023-07-19T12:47:21.130",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

4
CVE-2023/CVE-2023-260xx/CVE-2023-26026.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-26026", "id": "CVE-2023-26026",
"sourceIdentifier": "psirt@us.ibm.com", "sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-07-19T02:15:09.390", "published": "2023-07-19T02:15:09.390",
"lastModified": "2023-07-19T02:15:09.390", "lastModified": "2023-07-19T12:47:14.573",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

59
CVE-2023/CVE-2023-273xx/CVE-2023-27379.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-27379",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-07-19T14:15:10.000",
"lastModified": "2023-07-19T15:15:10.160",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A use-after-free vulnerability exists in the JavaScript engine of Foxit Software\u2019s PDF Reader, version 12.1.2.15332. By prematurely deleting objects associated with pages, a specially crafted PDF document can trigger the reuse of previously freed memory, which can lead to arbitrary code execution. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability. Exploitation is also possible if a user visits a specially crafted, malicious site if the browser plugin extension is enabled."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "talos-cna@cisco.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"references": [
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1756",
"source": "talos-cna@cisco.com"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1756",
"source": "talos-cna@cisco.com"
}
]
}

4
CVE-2023/CVE-2023-278xx/CVE-2023-27877.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-27877", "id": "CVE-2023-27877",
"sourceIdentifier": "psirt@us.ibm.com", "sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-07-19T02:15:09.460", "published": "2023-07-19T02:15:09.460",
"lastModified": "2023-07-19T02:15:09.460", "lastModified": "2023-07-19T12:47:14.573",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

4
CVE-2023/CVE-2023-285xx/CVE-2023-28513.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28513", "id": "CVE-2023-28513",
"sourceIdentifier": "psirt@us.ibm.com", "sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-07-19T02:15:09.530", "published": "2023-07-19T02:15:09.530",
"lastModified": "2023-07-19T02:15:09.530", "lastModified": "2023-07-19T12:47:14.573",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

59
CVE-2023/CVE-2023-287xx/CVE-2023-28744.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-28744",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-07-19T14:15:10.117",
"lastModified": "2023-07-19T15:15:10.250",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 12.1.1.15289. A specially crafted PDF document can trigger the reuse of previously freed memory by manipulating form fields of a specific type. This can lead to memory corruption and arbitrary code execution. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability. Exploitation is also possible if a user visits a specially crafted, malicious site if the browser plugin extension is enabled."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "talos-cna@cisco.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"references": [
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1739",
"source": "talos-cna@cisco.com"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1739",
"source": "talos-cna@cisco.com"
}
]
}

8
CVE-2023/CVE-2023-287xx/CVE-2023-28754.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28754", "id": "CVE-2023-28754",
"sourceIdentifier": "security@apache.org", "sourceIdentifier": "security@apache.org",
"published": "2023-07-19T08:15:10.117", "published": "2023-07-19T08:15:10.117",
"lastModified": "2023-07-19T08:15:10.117", "lastModified": "2023-07-19T15:15:10.330",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -24,6 +24,10 @@
} }
], ],
"references": [ "references": [
{
"url": "http://www.openwall.com/lists/oss-security/2023/07/19/3",
"source": "security@apache.org"
},
{ {
"url": "https://lists.apache.org/thread/p8onhqox5kkwow9lc6gs03z28wtyp1cg", "url": "https://lists.apache.org/thread/p8onhqox5kkwow9lc6gs03z28wtyp1cg",
"source": "security@apache.org" "source": "security@apache.org"

8
CVE-2023/CVE-2023-28xx/CVE-2023-2828.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2828", "id": "CVE-2023-2828",
"sourceIdentifier": "security-officer@isc.org", "sourceIdentifier": "security-officer@isc.org",
"published": "2023-06-21T17:15:47.703", "published": "2023-06-21T17:15:47.703",
"lastModified": "2023-07-03T19:11:56.183", "lastModified": "2023-07-19T12:15:09.810",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -304,6 +304,10 @@
"Vendor Advisory" "Vendor Advisory"
] ]
}, },
{
"url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00021.html",
"source": "security-officer@isc.org"
},
{ {
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SEFCEVCTYEMKTWA7V7EYPI5YQQ4JWDLI/", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SEFCEVCTYEMKTWA7V7EYPI5YQQ4JWDLI/",
"source": "security-officer@isc.org", "source": "security-officer@isc.org",

49
CVE-2023/CVE-2023-28xx/CVE-2023-2869.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2869", "id": "CVE-2023-2869",
"sourceIdentifier": "security@wordfence.com", "sourceIdentifier": "security@wordfence.com",
"published": "2023-07-12T05:15:09.263", "published": "2023-07-12T05:15:09.263",
"lastModified": "2023-07-12T12:46:30.047", "lastModified": "2023-07-19T13:56:00.660",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -46,18 +46,45 @@
] ]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://plugins.trac.wordpress.org/browser/wp-members/trunk/includes/admin/tabs/class-wp-members-admin-tab-fields.php?rev=2895180#L799", "nodes": [
"source": "security@wordfence.com"
},
{ {
"url": "https://plugins.trac.wordpress.org/changeset/2920897/wp-members/trunk/includes/admin/tabs/class-wp-members-admin-tab-fields.php", "operator": "OR",
"source": "security@wordfence.com" "negate": false,
}, "cpeMatch": [
{ {
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/bf05a79a-0375-4c9d-bbf0-a87484327b87?source=cve", "vulnerable": true,
"source": "security@wordfence.com" "criteria": "cpe:2.3:a:wp-members_project:wp-members:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "3.4.8",
"matchCriteriaId": "4F80F2B3-DECC-4B00-A7D8-EEE27724D121"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/wp-members/trunk/includes/admin/tabs/class-wp-members-admin-tab-fields.php?rev=2895180#L799",
"source": "security@wordfence.com",
"tags": [
"Product"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/2920897/wp-members/trunk/includes/admin/tabs/class-wp-members-admin-tab-fields.php",
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/bf05a79a-0375-4c9d-bbf0-a87484327b87?source=cve",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

4
CVE-2023/CVE-2023-292xx/CVE-2023-29259.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-29259", "id": "CVE-2023-29259",
"sourceIdentifier": "psirt@us.ibm.com", "sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-07-19T02:15:09.607", "published": "2023-07-19T02:15:09.607",
"lastModified": "2023-07-19T02:15:09.607", "lastModified": "2023-07-19T12:47:14.573",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

4
CVE-2023/CVE-2023-292xx/CVE-2023-29260.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-29260", "id": "CVE-2023-29260",
"sourceIdentifier": "psirt@us.ibm.com", "sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-07-19T02:15:09.667", "published": "2023-07-19T02:15:09.667",
"lastModified": "2023-07-19T02:15:09.667", "lastModified": "2023-07-19T12:47:14.573",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

78
CVE-2023/CVE-2023-293xx/CVE-2023-29315.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-29315", "id": "CVE-2023-29315",
"sourceIdentifier": "psirt@adobe.com", "sourceIdentifier": "psirt@adobe.com",
"published": "2023-07-12T16:15:12.547", "published": "2023-07-12T16:15:12.547",
"lastModified": "2023-07-12T17:58:12.737", "lastModified": "2023-07-19T15:42:01.287",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -13,7 +13,7 @@
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{ {
"source": "psirt@adobe.com", "source": "nvd@nist.gov",
"type": "Primary", "type": "Primary",
"cvssData": { "cvssData": {
"version": "3.1", "version": "3.1",
@ -31,6 +31,26 @@
}, },
"exploitabilityScore": 1.8, "exploitabilityScore": 1.8,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "psirt@adobe.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
} }
] ]
}, },
@ -46,10 +66,56 @@
] ]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://helpx.adobe.com/security/products/indesign/apsb23-38.html", "operator": "AND",
"source": "psirt@adobe.com" "nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:indesign:*:*:*:*:*:*:*:*",
"versionStartIncluding": "17.0",
"versionEndExcluding": "17.4.2",
"matchCriteriaId": "7DBDFE18-69C8-4386-81B6-D9E7499E97C2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:indesign:*:*:*:*:*:*:*:*",
"versionStartIncluding": "18.0",
"versionEndExcluding": "18.4",
"matchCriteriaId": "614DEEFD-F66F-4D6F-BA8A-05575D199352"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/indesign/apsb23-38.html",
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

78
CVE-2023/CVE-2023-293xx/CVE-2023-29316.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-29316", "id": "CVE-2023-29316",
"sourceIdentifier": "psirt@adobe.com", "sourceIdentifier": "psirt@adobe.com",
"published": "2023-07-12T16:15:12.623", "published": "2023-07-12T16:15:12.623",
"lastModified": "2023-07-12T17:58:12.737", "lastModified": "2023-07-19T15:42:22.723",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -13,7 +13,7 @@
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{ {
"source": "psirt@adobe.com", "source": "nvd@nist.gov",
"type": "Primary", "type": "Primary",
"cvssData": { "cvssData": {
"version": "3.1", "version": "3.1",
@ -31,6 +31,26 @@
}, },
"exploitabilityScore": 1.8, "exploitabilityScore": 1.8,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "psirt@adobe.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
} }
] ]
}, },
@ -46,10 +66,56 @@
] ]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://helpx.adobe.com/security/products/indesign/apsb23-38.html", "operator": "AND",
"source": "psirt@adobe.com" "nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:indesign:*:*:*:*:*:*:*:*",
"versionStartIncluding": "17.0",
"versionEndExcluding": "17.4.2",
"matchCriteriaId": "7DBDFE18-69C8-4386-81B6-D9E7499E97C2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:indesign:*:*:*:*:*:*:*:*",
"versionStartIncluding": "18.0",
"versionEndExcluding": "18.4",
"matchCriteriaId": "614DEEFD-F66F-4D6F-BA8A-05575D199352"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/indesign/apsb23-38.html",
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

78
CVE-2023/CVE-2023-293xx/CVE-2023-29317.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-29317", "id": "CVE-2023-29317",
"sourceIdentifier": "psirt@adobe.com", "sourceIdentifier": "psirt@adobe.com",
"published": "2023-07-12T16:15:12.700", "published": "2023-07-12T16:15:12.700",
"lastModified": "2023-07-12T17:58:12.737", "lastModified": "2023-07-19T15:42:41.643",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -13,7 +13,7 @@
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{ {
"source": "psirt@adobe.com", "source": "nvd@nist.gov",
"type": "Primary", "type": "Primary",
"cvssData": { "cvssData": {
"version": "3.1", "version": "3.1",
@ -31,6 +31,26 @@
}, },
"exploitabilityScore": 1.8, "exploitabilityScore": 1.8,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "psirt@adobe.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
} }
] ]
}, },
@ -46,10 +66,56 @@
] ]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://helpx.adobe.com/security/products/indesign/apsb23-38.html", "operator": "AND",
"source": "psirt@adobe.com" "nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:indesign:*:*:*:*:*:*:*:*",
"versionStartIncluding": "17.0",
"versionEndExcluding": "17.4.2",
"matchCriteriaId": "7DBDFE18-69C8-4386-81B6-D9E7499E97C2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:indesign:*:*:*:*:*:*:*:*",
"versionStartIncluding": "18.0",
"versionEndExcluding": "18.4",
"matchCriteriaId": "614DEEFD-F66F-4D6F-BA8A-05575D199352"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/indesign/apsb23-38.html",
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

78
CVE-2023/CVE-2023-293xx/CVE-2023-29318.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-29318", "id": "CVE-2023-29318",
"sourceIdentifier": "psirt@adobe.com", "sourceIdentifier": "psirt@adobe.com",
"published": "2023-07-12T16:15:12.780", "published": "2023-07-12T16:15:12.780",
"lastModified": "2023-07-12T17:58:12.737", "lastModified": "2023-07-19T15:42:57.663",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -13,7 +13,7 @@
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{ {
"source": "psirt@adobe.com", "source": "nvd@nist.gov",
"type": "Primary", "type": "Primary",
"cvssData": { "cvssData": {
"version": "3.1", "version": "3.1",
@ -31,6 +31,26 @@
}, },
"exploitabilityScore": 1.8, "exploitabilityScore": 1.8,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "psirt@adobe.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
} }
] ]
}, },
@ -46,10 +66,56 @@
] ]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://helpx.adobe.com/security/products/indesign/apsb23-38.html", "operator": "AND",
"source": "psirt@adobe.com" "nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:indesign:*:*:*:*:*:*:*:*",
"versionStartIncluding": "17.0",
"versionEndExcluding": "17.4.2",
"matchCriteriaId": "7DBDFE18-69C8-4386-81B6-D9E7499E97C2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:indesign:*:*:*:*:*:*:*:*",
"versionStartIncluding": "18.0",
"versionEndExcluding": "18.4",
"matchCriteriaId": "614DEEFD-F66F-4D6F-BA8A-05575D199352"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/indesign/apsb23-38.html",
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

90
CVE-2023/CVE-2023-293xx/CVE-2023-29319.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-29319", "id": "CVE-2023-29319",
"sourceIdentifier": "psirt@adobe.com", "sourceIdentifier": "psirt@adobe.com",
"published": "2023-07-12T16:15:12.867", "published": "2023-07-12T16:15:12.867",
"lastModified": "2023-07-12T17:58:12.737", "lastModified": "2023-07-19T15:41:02.070",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -13,7 +13,7 @@
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{ {
"source": "psirt@adobe.com", "source": "nvd@nist.gov",
"type": "Primary", "type": "Primary",
"cvssData": { "cvssData": {
"version": "3.1", "version": "3.1",
@ -31,12 +31,32 @@
}, },
"exploitabilityScore": 1.8, "exploitabilityScore": 1.8,
"impactScore": 3.6 "impactScore": 3.6
},
{
"source": "psirt@adobe.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
} }
] ]
}, },
"weaknesses": [ "weaknesses": [
{ {
"source": "psirt@adobe.com", "source": "nvd@nist.gov",
"type": "Primary", "type": "Primary",
"description": [ "description": [
{ {
@ -44,12 +64,68 @@
"value": "CWE-125" "value": "CWE-125"
} }
] ]
},
{
"source": "psirt@adobe.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://helpx.adobe.com/security/products/indesign/apsb23-38.html", "operator": "AND",
"source": "psirt@adobe.com" "nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:indesign:*:*:*:*:*:*:*:*",
"versionStartIncluding": "17.0",
"versionEndExcluding": "17.4.2",
"matchCriteriaId": "7DBDFE18-69C8-4386-81B6-D9E7499E97C2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:adobe:indesign:*:*:*:*:*:*:*:*",
"versionStartIncluding": "18.0",
"versionEndExcluding": "18.4",
"matchCriteriaId": "614DEEFD-F66F-4D6F-BA8A-05575D199352"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://helpx.adobe.com/security/products/indesign/apsb23-38.html",
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

6
CVE-2023/CVE-2023-29xx/CVE-2023-2975.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-2975", "id": "CVE-2023-2975",
"sourceIdentifier": "openssl-security@openssl.org", "sourceIdentifier": "openssl-security@openssl.org",
"published": "2023-07-14T12:15:09.023", "published": "2023-07-14T12:15:09.023",
"lastModified": "2023-07-15T13:15:09.607", "lastModified": "2023-07-19T15:15:10.407",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
@ -16,6 +16,10 @@
"url": "http://www.openwall.com/lists/oss-security/2023/07/15/1", "url": "http://www.openwall.com/lists/oss-security/2023/07/15/1",
"source": "openssl-security@openssl.org" "source": "openssl-security@openssl.org"
}, },
{
"url": "http://www.openwall.com/lists/oss-security/2023/07/19/5",
"source": "openssl-security@openssl.org"
},
{ {
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=00e2f5eea29994d19293ec4e8c8775ba73678598", "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=00e2f5eea29994d19293ec4e8c8775ba73678598",
"source": "openssl-security@openssl.org" "source": "openssl-security@openssl.org"

4
CVE-2023/CVE-2023-304xx/CVE-2023-30433.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30433", "id": "CVE-2023-30433",
"sourceIdentifier": "psirt@us.ibm.com", "sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-07-19T01:15:09.833", "published": "2023-07-19T01:15:09.833",
"lastModified": "2023-07-19T01:15:09.833", "lastModified": "2023-07-19T12:47:21.130",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

59
CVE-2023/CVE-2023-307xx/CVE-2023-30799.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-30799",
"sourceIdentifier": "disclosure@vulncheck.com",
"published": "2023-07-19T15:15:10.477",
"lastModified": "2023-07-19T15:15:10.477",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "MikroTik RouterOS stable before 6.49.7 and long-term through 6.48.6 are vulnerable to a privilege escalation issue. A remote and authenticated attacker can escalate privileges from admin to super-admin on the Winbox or HTTP interface. The attacker can abuse this vulnerability to execute arbitrary code on the system.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "disclosure@vulncheck.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 2.3,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "disclosure@vulncheck.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-269"
}
]
}
],
"references": [
{
"url": "https://github.com/MarginResearch/FOISted",
"source": "disclosure@vulncheck.com"
},
{
"url": "https://vulncheck.com/advisories/mikrotik-foisted",
"source": "disclosure@vulncheck.com"
}
]
}

62
CVE-2023/CVE-2023-30xx/CVE-2023-3011.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3011", "id": "CVE-2023-3011",
"sourceIdentifier": "security@wordfence.com", "sourceIdentifier": "security@wordfence.com",
"published": "2023-07-12T05:15:09.350", "published": "2023-07-12T05:15:09.350",
"lastModified": "2023-07-12T12:46:30.047", "lastModified": "2023-07-19T13:54:26.223",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -13,8 +13,28 @@
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{ {
"source": "security@wordfence.com", "source": "nvd@nist.gov",
"type": "Primary", "type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": { "cvssData": {
"version": "3.1", "version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
@ -46,14 +66,38 @@
] ]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://plugins.trac.wordpress.org/changeset/2932691/armember-membership/trunk/autoload.php", "nodes": [
"source": "security@wordfence.com"
},
{ {
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/42f5f29b-2d83-4b15-82aa-0598f8a2317b?source=cve", "operator": "OR",
"source": "security@wordfence.com" "negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:armemberplugin:armember:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "4.0.6",
"matchCriteriaId": "EA9829C9-3086-43F6-9650-5C02C299505E"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/2932691/armember-membership/trunk/autoload.php",
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/42f5f29b-2d83-4b15-82aa-0598f8a2317b?source=cve",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

62
CVE-2023/CVE-2023-31xx/CVE-2023-3135.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3135", "id": "CVE-2023-3135",
"sourceIdentifier": "security@wordfence.com", "sourceIdentifier": "security@wordfence.com",
"published": "2023-07-12T05:15:10.207", "published": "2023-07-12T05:15:10.207",
"lastModified": "2023-07-12T12:46:30.047", "lastModified": "2023-07-19T15:30:54.893",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -13,8 +13,28 @@
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{ {
"source": "security@wordfence.com", "source": "nvd@nist.gov",
"type": "Primary", "type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"cvssData": { "cvssData": {
"version": "3.1", "version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
@ -46,14 +66,38 @@
] ]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://plugins.trac.wordpress.org/changeset/2928716/mailtree-log-mail", "nodes": [
"source": "security@wordfence.com"
},
{ {
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/24d0229c-0f1b-42df-b89a-ce0b8a3fda7e?source=cve", "operator": "OR",
"source": "security@wordfence.com" "negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oacstudio:mailtree_log_mail:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.0.0",
"matchCriteriaId": "A0E45A81-B1A8-4CD0-AEFC-01BBCE24F475"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/changeset/2928716/mailtree-log-mail",
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/24d0229c-0f1b-42df-b89a-ce0b8a3fda7e?source=cve",
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

4
CVE-2023/CVE-2023-326xx/CVE-2023-32635.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32635", "id": "CVE-2023-32635",
"sourceIdentifier": "vultures@jpcert.or.jp", "sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2023-07-19T06:15:12.787", "published": "2023-07-19T06:15:12.787",
"lastModified": "2023-07-19T06:15:12.787", "lastModified": "2023-07-19T12:47:14.573",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

59
CVE-2023/CVE-2023-326xx/CVE-2023-32664.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-32664",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-07-19T14:15:10.207",
"lastModified": "2023-07-19T15:15:10.557",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A type confusion vulnerability exists in the Javascript checkThisBox method as implemented in Foxit Reader 12.1.2.15332. A specially-crafted Javascript code inside a malicious PDF document can cause memory corruption and lead to remote code execution. User would need to open a malicious file to trigger the vulnerability."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "talos-cna@cisco.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-843"
}
]
}
],
"references": [
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1795",
"source": "talos-cna@cisco.com"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1795",
"source": "talos-cna@cisco.com"
}
]
}

137
CVE-2023/CVE-2023-331xx/CVE-2023-33167.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-33167", "id": "CVE-2023-33167",
"sourceIdentifier": "secure@microsoft.com", "sourceIdentifier": "secure@microsoft.com",
"published": "2023-07-11T18:15:15.487", "published": "2023-07-11T18:15:15.487",
"lastModified": "2023-07-12T12:46:51.683", "lastModified": "2023-07-19T15:44:42.697",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -13,8 +13,28 @@
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{ {
"source": "secure@microsoft.com", "source": "nvd@nist.gov",
"type": "Primary", "type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "secure@microsoft.com",
"type": "Secondary",
"cvssData": { "cvssData": {
"version": "3.1", "version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
@ -34,10 +54,115 @@
} }
] ]
}, },
"references": [ "weaknesses": [
{ {
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33167", "source": "nvd@nist.gov",
"source": "secure@microsoft.com" "type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1507:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.10240.20048",
"matchCriteriaId": "CA7DB0E9-3DCD-4FAE-8F9A-20D15E061ED7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.14393.6085",
"matchCriteriaId": "8557A170-443F-49D3-9041-0D883E6CB556"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.17763.4645",
"matchCriteriaId": "E7CD9EA5-EB3A-4C42-B208-75590288F6F6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19041.3208",
"matchCriteriaId": "22A20A25-6FDE-4715-873E-E7FBF2DFABCA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.19045.3208",
"matchCriteriaId": "7408C04A-729A-4CFF-8AF0-97A18BB2BD9C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22000.2176",
"matchCriteriaId": "F10BCA0D-417F-42E3-93BF-2C227357702B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.22621.1992",
"matchCriteriaId": "B1C277B2-DE09-453D-B33E-42917E11D0E5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*",
"matchCriteriaId": "5F422A8C-2C4E-42C8-B420-E0728037E15C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DF96F8-BA6A-4780-9CA3-F719B3F81074"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB18C4CE-5917-401E-ACF7-2747084FD36E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "041FF8BA-0B12-4A1F-B4BF-9C4F33B7C1E7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB79EE26-FC32-417D-A49C-A1A63165A968"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*",
"matchCriteriaId": "821614DD-37DD-44E2-A8A4-FE8D23A33C3C"
}
]
}
]
}
],
"references": [
{
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33167",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
} }
] ]
} }

4
CVE-2023/CVE-2023-338xx/CVE-2023-33832.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-33832", "id": "CVE-2023-33832",
"sourceIdentifier": "psirt@us.ibm.com", "sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-07-19T01:15:10.197", "published": "2023-07-19T01:15:10.197",
"lastModified": "2023-07-19T01:15:10.197", "lastModified": "2023-07-19T12:47:21.130",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

59
CVE-2023/CVE-2023-338xx/CVE-2023-33866.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-33866",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-07-19T14:15:10.297",
"lastModified": "2023-07-19T15:15:10.637",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A use-after-free vulnerability exists in the JavaScript engine of Foxit Software\u2019s PDF Reader, version 12.1.2.15332. By prematurely deleting objects associated with pages, a specially crafted PDF document can trigger the reuse of previously freed memory, which can lead to arbitrary code execution. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability. Exploitation is also possible if a user visits a specially crafted, malicious site if the browser plugin extension is enabled."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "talos-cna@cisco.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"references": [
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1757",
"source": "talos-cna@cisco.com"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1757",
"source": "talos-cna@cisco.com"
}
]
}

59
CVE-2023/CVE-2023-338xx/CVE-2023-33876.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-33876",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2023-07-19T14:15:10.393",
"lastModified": "2023-07-19T15:15:10.797",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A use-after-free vulnerability exists in the way Foxit Reader 12.1.2.15332 handles destroying annotations. A specially-crafted Javascript code inside a malicious PDF document can trigger reuse of a previously freed object which can lead to memory corruption and result in arbitrary code execution. A specially-crafted Javascript code inside a malicious PDF document can cause memory corruption and lead to remote code execution. Exploitation is also possible if a user visits a specially-crafted, malicious site if the browser plugin extension is enabled."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "talos-cna@cisco.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"references": [
{
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1796",
"source": "talos-cna@cisco.com"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1796",
"source": "talos-cna@cisco.com"
}
]
}

72
CVE-2023/CVE-2023-339xx/CVE-2023-33989.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-33989", "id": "CVE-2023-33989",
"sourceIdentifier": "cna@sap.com", "sourceIdentifier": "cna@sap.com",
"published": "2023-07-11T03:15:09.587", "published": "2023-07-11T03:15:09.587",
"lastModified": "2023-07-11T12:43:16.387", "lastModified": "2023-07-19T12:53:57.597",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2
},
{ {
"source": "cna@sap.com", "source": "cna@sap.com",
"type": "Secondary", "type": "Secondary",
@ -46,14 +66,52 @@
] ]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://me.sap.com/notes/3331376", "nodes": [
"source": "cna@sap.com" {
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_bi_content:707:*:*:*:*:*:*:*",
"matchCriteriaId": "BD582724-499B-448A-BCC1-308E4BF4F0E8"
}, },
{ {
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", "vulnerable": true,
"source": "cna@sap.com" "criteria": "cpe:2.3:a:sap:netweaver_bi_content:737:*:*:*:*:*:*:*",
"matchCriteriaId": "32710905-F628-494B-BD88-30BA5DC9B995"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_bi_content:747:*:*:*:*:*:*:*",
"matchCriteriaId": "B67959BB-333F-4EC1-88BC-F4CB4B7185EF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_bi_content:757:*:*:*:*:*:*:*",
"matchCriteriaId": "1E3ACFF9-B538-4693-939A-90426AA1DFC8"
}
]
}
]
}
],
"references": [
{
"url": "https://me.sap.com/notes/3331376",
"source": "cna@sap.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html",
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

59
CVE-2023/CVE-2023-339xx/CVE-2023-33990.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-33990", "id": "CVE-2023-33990",
"sourceIdentifier": "cna@sap.com", "sourceIdentifier": "cna@sap.com",
"published": "2023-07-11T03:15:09.657", "published": "2023-07-11T03:15:09.657",
"lastModified": "2023-07-11T12:43:16.387", "lastModified": "2023-07-19T12:57:09.040",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2
},
{ {
"source": "cna@sap.com", "source": "cna@sap.com",
"type": "Secondary", "type": "Secondary",
@ -46,14 +66,37 @@
] ]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://me.sap.com/notes/3331029", "nodes": [
"source": "cna@sap.com"
},
{ {
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", "operator": "OR",
"source": "cna@sap.com" "negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:sql_anywhere:17.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1258DB1C-4377-4A3F-8642-5263C026E0CA"
}
]
}
]
}
],
"references": [
{
"url": "https://me.sap.com/notes/3331029",
"source": "cna@sap.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html",
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

87
CVE-2023/CVE-2023-339xx/CVE-2023-33992.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-33992", "id": "CVE-2023-33992",
"sourceIdentifier": "cna@sap.com", "sourceIdentifier": "cna@sap.com",
"published": "2023-07-11T03:15:09.717", "published": "2023-07-11T03:15:09.717",
"lastModified": "2023-07-11T12:43:16.387", "lastModified": "2023-07-19T13:24:24.817",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{ {
"source": "cna@sap.com", "source": "cna@sap.com",
"type": "Secondary", "type": "Secondary",
@ -46,14 +66,67 @@
] ]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://me.sap.com/notes/3088078", "nodes": [
"source": "cna@sap.com" {
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:business_warehouse:730:*:*:*:*:*:*:*",
"matchCriteriaId": "EF8F2CE3-BA4B-4A9C-A284-87F0AB797B92"
}, },
{ {
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", "vulnerable": true,
"source": "cna@sap.com" "criteria": "cpe:2.3:a:sap:business_warehouse:731:*:*:*:*:*:*:*",
"matchCriteriaId": "00732AD2-BEED-4C1F-AC39-46E6F33CBB5E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:business_warehouse:740:*:*:*:*:*:*:*",
"matchCriteriaId": "EC7DABAD-36FA-49D7-8C3C-3AA49604BE37"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:business_warehouse:750:*:*:*:*:*:*:*",
"matchCriteriaId": "526C11C6-B67D-49F1-94E6-A324AA581EDD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:bw\\/4hana:100:*:*:*:*:*:*:*",
"matchCriteriaId": "BCD13072-E149-45FB-BD46-E3D48D81216B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:bw\\/4hana:200:*:*:*:*:*:*:*",
"matchCriteriaId": "704134B4-A642-488F-94B3-48A744C46A1A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:bw\\/4hana:300:*:*:*:*:*:*:*",
"matchCriteriaId": "7CCF4C28-1C0B-43C3-A870-C30F53BCAA2B"
}
]
}
]
}
],
"references": [
{
"url": "https://me.sap.com/notes/3088078",
"source": "cna@sap.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html",
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

43
CVE-2023/CVE-2023-340xx/CVE-2023-34034.json Normal file
View File

@ -0,0 +1,43 @@
{
"id": "CVE-2023-34034",
"sourceIdentifier": "security@vmware.com",
"published": "2023-07-19T15:15:11.127",
"lastModified": "2023-07-19T15:15:11.127",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Using \"**\" as a pattern in Spring Security configuration \nfor WebFlux creates a mismatch in pattern matching between Spring \nSecurity and Spring WebFlux, and the potential for a security bypass.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@vmware.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2
}
]
},
"references": [
{
"url": "https://spring.io/security/cve-2023-34034",
"source": "security@vmware.com"
}
]
}

44
CVE-2023/CVE-2023-34xx/CVE-2023-3446.json Normal file
View File

@ -0,0 +1,44 @@
{
"id": "CVE-2023-3446",
"sourceIdentifier": "openssl-security@openssl.org",
"published": "2023-07-19T12:15:10.003",
"lastModified": "2023-07-19T15:15:11.197",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Issue summary: Checking excessively long DH keys or parameters may be very slow.\n\nImpact summary: Applications that use the functions DH_check(), DH_check_ex()\nor EVP_PKEY_param_check() to check a DH key or DH parameters may experience long\ndelays. Where the key or parameters that are being checked have been obtained\nfrom an untrusted source this may lead to a Denial of Service.\n\nThe function DH_check() performs various checks on DH parameters. One of those\nchecks confirms that the modulus ('p' parameter) is not too large. Trying to use\na very large modulus is slow and OpenSSL will not normally use a modulus which\nis over 10,000 bits in length.\n\nHowever the DH_check() function checks numerous aspects of the key or parameters\nthat have been supplied. Some of those checks use the supplied modulus value\neven if it has already been found to be too large.\n\nAn application that calls DH_check() and supplies a key or parameters obtained\nfrom an untrusted source could be vulernable to a Denial of Service attack.\n\nThe function DH_check() is itself called by a number of other OpenSSL functions.\nAn application calling any of those other functions may similarly be affected.\nThe other functions affected by this are DH_check_ex() and\nEVP_PKEY_param_check().\n\nAlso vulnerable are the OpenSSL dhparam and pkeyparam command line applications\nwhen using the '-check' option.\n\nThe OpenSSL SSL/TLS implementation is not affected by this issue.\nThe OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue."
}
],
"metrics": {},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2023/07/19/4",
"source": "openssl-security@openssl.org"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/07/19/5",
"source": "openssl-security@openssl.org"
},
{
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1fa20cf2f506113c761777127a38bce5068740eb",
"source": "openssl-security@openssl.org"
},
{
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8780a896543a654e757db1b9396383f9d8095528",
"source": "openssl-security@openssl.org"
},
{
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9a0a4d3c1e7138915563c0df4fe6a3f9377b839c",
"source": "openssl-security@openssl.org"
},
{
"url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc9867c1e03c22ebf56943be205202e576aabf23",
"source": "openssl-security@openssl.org"
},
{
"url": "https://www.openssl.org/news/secadv/20230719.txt",
"source": "openssl-security@openssl.org"
}
]
}

55
CVE-2023/CVE-2023-34xx/CVE-2023-3463.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-3463",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2023-07-19T14:15:10.620",
"lastModified": "2023-07-19T14:15:10.620",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "\nAll versions of GE Digital CIMPLICITY that are not adhering to SDG guidance and accepting documents from untrusted sources are vulnerable to memory corruption issues due to insufficient input validation, including issues such as out-of-bounds reads and writes, use-after-free, stack-based buffer overflows, uninitialized pointers, and a heap-based buffer overflow. Successful exploitation could allow an attacker to execute arbitrary code.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 4.7
}
]
},
"weaknesses": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-122"
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-199-06",
"source": "ics-cert@hq.dhs.gov"
}
]
}

84
CVE-2023/CVE-2023-358xx/CVE-2023-35870.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35870", "id": "CVE-2023-35870",
"sourceIdentifier": "cna@sap.com", "sourceIdentifier": "cna@sap.com",
"published": "2023-07-11T03:15:09.800", "published": "2023-07-11T03:15:09.800",
"lastModified": "2023-07-11T12:43:16.387", "lastModified": "2023-07-19T13:35:31.873",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
},
{ {
"source": "cna@sap.com", "source": "cna@sap.com",
"type": "Secondary", "type": "Secondary",
@ -36,8 +56,18 @@
}, },
"weaknesses": [ "weaknesses": [
{ {
"source": "cna@sap.com", "source": "nvd@nist.gov",
"type": "Primary", "type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
},
{
"source": "cna@sap.com",
"type": "Secondary",
"description": [ "description": [
{ {
"lang": "en", "lang": "en",
@ -46,14 +76,52 @@
] ]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://me.sap.com/notes/3341211", "nodes": [
"source": "cna@sap.com" {
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:s4core:104:*:*:*:*:*:*:*",
"matchCriteriaId": "964023CE-6EA4-42BB-93B2-DCE6B36D3F89"
}, },
{ {
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", "vulnerable": true,
"source": "cna@sap.com" "criteria": "cpe:2.3:a:sap:s4core:105:*:*:*:*:*:*:*",
"matchCriteriaId": "84B775EF-6C11-4FAB-B5E7-8F6C4C5674BE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:s4core:106:*:*:*:*:*:*:*",
"matchCriteriaId": "14D17245-5B6D-4024-AFA6-8E0A70B294BF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:s4core:107:*:*:*:*:*:*:*",
"matchCriteriaId": "5DEFABE8-1797-4C7B-941C-3205AE90914B"
}
]
}
]
}
],
"references": [
{
"url": "https://me.sap.com/notes/3341211",
"source": "cna@sap.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html",
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

59
CVE-2023/CVE-2023-358xx/CVE-2023-35872.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35872", "id": "CVE-2023-35872",
"sourceIdentifier": "cna@sap.com", "sourceIdentifier": "cna@sap.com",
"published": "2023-07-11T03:15:09.930", "published": "2023-07-11T03:15:09.930",
"lastModified": "2023-07-11T12:43:16.387", "lastModified": "2023-07-19T13:36:59.200",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
},
{ {
"source": "cna@sap.com", "source": "cna@sap.com",
"type": "Secondary", "type": "Secondary",
@ -46,14 +66,37 @@
] ]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://me.sap.com/notes/3343564", "nodes": [
"source": "cna@sap.com"
},
{ {
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", "operator": "OR",
"source": "cna@sap.com" "negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_process_integration:7.50:*:*:*:*:*:*:*",
"matchCriteriaId": "2A3A3226-28D1-4B43-942B-F41BD340E746"
}
]
}
]
}
],
"references": [
{
"url": "https://me.sap.com/notes/3343564",
"source": "cna@sap.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html",
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

71
CVE-2023/CVE-2023-358xx/CVE-2023-35873.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35873", "id": "CVE-2023-35873",
"sourceIdentifier": "cna@sap.com", "sourceIdentifier": "cna@sap.com",
"published": "2023-07-11T03:15:09.993", "published": "2023-07-11T03:15:09.993",
"lastModified": "2023-07-11T12:43:16.387", "lastModified": "2023-07-19T15:27:53.343",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
},
{ {
"source": "cna@sap.com", "source": "cna@sap.com",
"type": "Secondary", "type": "Secondary",
@ -36,7 +56,7 @@
}, },
"weaknesses": [ "weaknesses": [
{ {
"source": "cna@sap.com", "source": "nvd@nist.gov",
"type": "Primary", "type": "Primary",
"description": [ "description": [
{ {
@ -44,16 +64,49 @@
"value": "CWE-306" "value": "CWE-306"
} }
] ]
},
{
"source": "cna@sap.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-306"
}
]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://me.sap.com/notes/3343547", "nodes": [
"source": "cna@sap.com"
},
{ {
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html", "operator": "OR",
"source": "cna@sap.com" "negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sap:netweaver_process_integration:7.50:*:*:*:*:*:*:*",
"matchCriteriaId": "2A3A3226-28D1-4B43-942B-F41BD340E746"
}
]
}
]
}
],
"references": [
{
"url": "https://me.sap.com/notes/3343547",
"source": "cna@sap.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html",
"source": "cna@sap.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

8
CVE-2023/CVE-2023-358xx/CVE-2023-35898.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-35898", "id": "CVE-2023-35898",
"sourceIdentifier": "psirt@us.ibm.com", "sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-07-19T01:15:10.670", "published": "2023-07-19T01:15:10.670",
"lastModified": "2023-07-19T01:15:10.670", "lastModified": "2023-07-19T12:47:21.130",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "IBM InfoSphere Information Server 11.7 could allow an authenticated user to obtain sensitive information due to an insecure security configuration in InfoSphere Data Flow Designer. IBM X-Force ID: 259352." "value": "IBM InfoSphere Information Server 11.7 could allow an authenticated user to obtain sensitive information due to an insecure security configuration in InfoSphere Data Flow Designer. IBM X-Force ID: 259352."
},
{
"lang": "es",
"value": "IBM InfoSphere Information Server v11.7 podr\u00eda permitir a un usuario autenticado obtener informaci\u00f3n confidencial debido a una configuraci\u00f3n de seguridad insegura en \"InfoSphere Data Flow Designer\". IBM X-Force ID: 259352."
} }
], ],
"metrics": { "metrics": {

4
CVE-2023/CVE-2023-359xx/CVE-2023-35900.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35900", "id": "CVE-2023-35900",
"sourceIdentifier": "psirt@us.ibm.com", "sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-07-19T01:15:10.747", "published": "2023-07-19T01:15:10.747",
"lastModified": "2023-07-19T01:15:10.747", "lastModified": "2023-07-19T12:47:21.130",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

213
CVE-2023/CVE-2023-359xx/CVE-2023-35920.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35920", "id": "CVE-2023-35920",
"sourceIdentifier": "productcert@siemens.com", "sourceIdentifier": "productcert@siemens.com",
"published": "2023-07-11T10:15:10.543", "published": "2023-07-11T10:15:10.543",
"lastModified": "2023-07-11T12:43:16.387", "lastModified": "2023-07-19T14:58:06.770",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{ {
"source": "productcert@siemens.com", "source": "productcert@siemens.com",
"type": "Secondary", "type": "Secondary",
@ -35,6 +55,16 @@
] ]
}, },
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{ {
"source": "productcert@siemens.com", "source": "productcert@siemens.com",
"type": "Secondary", "type": "Secondary",
@ -46,10 +76,183 @@
] ]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-561322.pdf", "operator": "AND",
"source": "productcert@siemens.com" "nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_mv540_h_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.3.4",
"matchCriteriaId": "443FA290-C457-4B6A-B7D0-D93A9891422D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_mv540_h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "18944887-DE3F-4FB4-88D2-1C8EC89A1481"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_mv540_s_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.3.4",
"matchCriteriaId": "93539B72-DB14-467F-B18E-09E02FC32AA2"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_mv540_s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4B016178-2DCB-417C-B20F-8B9E1904BE8C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_mv550_h_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.3.4",
"matchCriteriaId": "D57AB6A9-9462-4E86-8375-18D8E7B33A68"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_mv550_h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "324A87A6-2DC6-4797-8191-0BE2D8D1F9FC"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_mv550_s_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.3.4",
"matchCriteriaId": "68DA4485-B7D7-4650-89D2-109555CA31E7"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_mv550_s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4B6E1134-8C21-4045-BD02-F44250474C40"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_mv560_u_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.3.4",
"matchCriteriaId": "A48A7347-0E33-4D16-AA61-B76C561C95B3"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_mv560_u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D2FBB8F8-C886-4A2B-8808-6E3D6A57B271"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_mv560_x_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.3.4",
"matchCriteriaId": "D6AF3675-11B7-4FB3-8151-3D307204CE9A"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_mv560_x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAA25C73-59D0-469D-BE6F-6188F645C1D9"
}
]
}
]
}
],
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-561322.pdf",
"source": "productcert@siemens.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

213
CVE-2023/CVE-2023-359xx/CVE-2023-35921.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35921", "id": "CVE-2023-35921",
"sourceIdentifier": "productcert@siemens.com", "sourceIdentifier": "productcert@siemens.com",
"published": "2023-07-11T10:15:10.610", "published": "2023-07-11T10:15:10.610",
"lastModified": "2023-07-11T12:43:16.387", "lastModified": "2023-07-19T15:21:30.293",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{ {
"source": "productcert@siemens.com", "source": "productcert@siemens.com",
"type": "Secondary", "type": "Secondary",
@ -35,6 +55,16 @@
] ]
}, },
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{ {
"source": "productcert@siemens.com", "source": "productcert@siemens.com",
"type": "Secondary", "type": "Secondary",
@ -46,10 +76,183 @@
] ]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-561322.pdf", "operator": "AND",
"source": "productcert@siemens.com" "nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_mv540_h_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.3.4",
"matchCriteriaId": "443FA290-C457-4B6A-B7D0-D93A9891422D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_mv540_h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "18944887-DE3F-4FB4-88D2-1C8EC89A1481"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_mv540_s_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.3.4",
"matchCriteriaId": "93539B72-DB14-467F-B18E-09E02FC32AA2"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_mv540_s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4B016178-2DCB-417C-B20F-8B9E1904BE8C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_mv550_h_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.3.4",
"matchCriteriaId": "D57AB6A9-9462-4E86-8375-18D8E7B33A68"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_mv550_h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "324A87A6-2DC6-4797-8191-0BE2D8D1F9FC"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_mv550_s_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.3.4",
"matchCriteriaId": "68DA4485-B7D7-4650-89D2-109555CA31E7"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_mv550_s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4B6E1134-8C21-4045-BD02-F44250474C40"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_mv560_u_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.3.4",
"matchCriteriaId": "A48A7347-0E33-4D16-AA61-B76C561C95B3"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_mv560_u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D2FBB8F8-C886-4A2B-8808-6E3D6A57B271"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_mv560_x_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.3.4",
"matchCriteriaId": "D6AF3675-11B7-4FB3-8151-3D307204CE9A"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_mv560_x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAA25C73-59D0-469D-BE6F-6188F645C1D9"
}
]
}
]
}
],
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-561322.pdf",
"source": "productcert@siemens.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

74
CVE-2023/CVE-2023-35xx/CVE-2023-3568.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3568", "id": "CVE-2023-3568",
"sourceIdentifier": "security@huntr.dev", "sourceIdentifier": "security@huntr.dev",
"published": "2023-07-10T16:15:56.450", "published": "2023-07-10T16:15:56.450",
"lastModified": "2023-07-10T16:27:17.833", "lastModified": "2023-07-19T15:58:44.357",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -11,6 +11,28 @@
} }
], ],
"metrics": { "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
],
"cvssMetricV30": [ "cvssMetricV30": [
{ {
"source": "security@huntr.dev", "source": "security@huntr.dev",
@ -36,8 +58,18 @@
}, },
"weaknesses": [ "weaknesses": [
{ {
"source": "security@huntr.dev", "source": "nvd@nist.gov",
"type": "Primary", "type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-601"
}
]
},
{
"source": "security@huntr.dev",
"type": "Secondary",
"description": [ "description": [
{ {
"lang": "en", "lang": "en",
@ -46,14 +78,38 @@
] ]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://github.com/fossbilling/fossbilling/commit/f6348643d230a13427d8ab9213463dadbb68818f", "nodes": [
"source": "security@huntr.dev"
},
{ {
"url": "https://huntr.dev/bounties/f3782eb1-049b-4998-aac4-d9798ec1c123", "operator": "OR",
"source": "security@huntr.dev" "negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:fossbilling:fossbilling:*:*:*:*:*:*:*:*",
"versionEndExcluding": "0.5.4",
"matchCriteriaId": "FD927918-5473-4C93-876B-CD900A091403"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/fossbilling/fossbilling/commit/f6348643d230a13427d8ab9213463dadbb68818f",
"source": "security@huntr.dev",
"tags": [
"Patch"
]
},
{
"url": "https://huntr.dev/bounties/f3782eb1-049b-4998-aac4-d9798ec1c123",
"source": "security@huntr.dev",
"tags": [
"Exploit"
]
} }
] ]
} }

74
CVE-2023/CVE-2023-35xx/CVE-2023-3574.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3574", "id": "CVE-2023-3574",
"sourceIdentifier": "security@huntr.dev", "sourceIdentifier": "security@huntr.dev",
"published": "2023-07-10T16:15:56.527", "published": "2023-07-10T16:15:56.527",
"lastModified": "2023-07-10T16:27:17.833", "lastModified": "2023-07-19T15:58:24.693",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -11,6 +11,28 @@
} }
], ],
"metrics": { "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
}
],
"cvssMetricV30": [ "cvssMetricV30": [
{ {
"source": "security@huntr.dev", "source": "security@huntr.dev",
@ -36,8 +58,18 @@
}, },
"weaknesses": [ "weaknesses": [
{ {
"source": "security@huntr.dev", "source": "nvd@nist.gov",
"type": "Primary", "type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
},
{
"source": "security@huntr.dev",
"type": "Secondary",
"description": [ "description": [
{ {
"lang": "en", "lang": "en",
@ -46,14 +78,38 @@
] ]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://github.com/pimcore/customer-data-framework/commit/f15668c86db254e86ba7ac895bc3cdd1a2a3cc45", "nodes": [
"source": "security@huntr.dev"
},
{ {
"url": "https://huntr.dev/bounties/1dcb4f01-e668-4aa3-a6a3-838532e500c6", "operator": "OR",
"source": "security@huntr.dev" "negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pimcore:customer_management_framework:*:*:*:*:*:pimcore:*:*",
"versionEndExcluding": "3.4.1",
"matchCriteriaId": "42F483FD-ED43-48AB-8A38-71820B860CBF"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/pimcore/customer-data-framework/commit/f15668c86db254e86ba7ac895bc3cdd1a2a3cc45",
"source": "security@huntr.dev",
"tags": [
"Patch"
]
},
{
"url": "https://huntr.dev/bounties/1dcb4f01-e668-4aa3-a6a3-838532e500c6",
"source": "security@huntr.dev",
"tags": [
"Exploit"
]
} }
] ]
} }

72
CVE-2023/CVE-2023-35xx/CVE-2023-3578.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3578", "id": "CVE-2023-3578",
"sourceIdentifier": "cna@vuldb.com", "sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-10T16:15:56.597", "published": "2023-07-10T16:15:56.597",
"lastModified": "2023-07-10T16:27:17.833", "lastModified": "2023-07-19T15:58:04.330",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -11,6 +11,28 @@
} }
], ],
"metrics": { "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV30": [ "cvssMetricV30": [
{ {
"source": "cna@vuldb.com", "source": "cna@vuldb.com",
@ -71,18 +93,46 @@
] ]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://github.com/nightcloudos/cve/blob/main/SSRF.md", "nodes": [
"source": "cna@vuldb.com"
},
{ {
"url": "https://vuldb.com/?ctiid.233371", "operator": "OR",
"source": "cna@vuldb.com" "negate": false,
}, "cpeMatch": [
{ {
"url": "https://vuldb.com/?id.233371", "vulnerable": true,
"source": "cna@vuldb.com" "criteria": "cpe:2.3:a:dedecms:dedecms:5.7.109:*:*:*:*:*:*:*",
"matchCriteriaId": "185B38A0-3F0F-436F-B145-D986C4A8AD11"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/nightcloudos/cve/blob/main/SSRF.md",
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.233371",
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.233371",
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

73
CVE-2023/CVE-2023-35xx/CVE-2023-3579.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3579", "id": "CVE-2023-3579",
"sourceIdentifier": "cna@vuldb.com", "sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-10T16:15:56.663", "published": "2023-07-10T16:15:56.663",
"lastModified": "2023-07-10T16:27:17.833", "lastModified": "2023-07-19T15:52:19.567",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -11,6 +11,28 @@
} }
], ],
"metrics": { "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [ "cvssMetricV30": [
{ {
"source": "cna@vuldb.com", "source": "cna@vuldb.com",
@ -71,18 +93,47 @@
] ]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://github.com/nightcloudos/cve/blob/main/CSRF.md", "nodes": [
"source": "cna@vuldb.com"
},
{ {
"url": "https://vuldb.com/?ctiid.233372", "operator": "OR",
"source": "cna@vuldb.com" "negate": false,
}, "cpeMatch": [
{ {
"url": "https://vuldb.com/?id.233372", "vulnerable": true,
"source": "cna@vuldb.com" "criteria": "cpe:2.3:a:hadsky:hadsky:7.11.8:*:*:*:*:*:*:*",
"matchCriteriaId": "48A521DC-3CBF-46B4-A1BF-6F048CF5E3A3"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/nightcloudos/cve/blob/main/CSRF.md",
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.233372",
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.233372",
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
} }
] ]
} }

8
CVE-2023/CVE-2023-360xx/CVE-2023-36053.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36053", "id": "CVE-2023-36053",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-07-03T13:15:09.737", "published": "2023-07-03T13:15:09.737",
"lastModified": "2023-07-11T14:26:13.900", "lastModified": "2023-07-19T14:15:10.500",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -94,6 +94,10 @@
"Release Notes" "Release Notes"
] ]
}, },
{
"url": "https://lists.debian.org/debian-lts-announce/2023/07/msg00022.html",
"source": "cve@mitre.org"
},
{ {
"url": "https://www.djangoproject.com/weblog/2023/jul/03/security-releases/", "url": "https://www.djangoproject.com/weblog/2023/jul/03/security-releases/",
"source": "cve@mitre.org", "source": "cve@mitre.org",

213
CVE-2023/CVE-2023-365xx/CVE-2023-36521.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36521", "id": "CVE-2023-36521",
"sourceIdentifier": "productcert@siemens.com", "sourceIdentifier": "productcert@siemens.com",
"published": "2023-07-11T10:15:10.897", "published": "2023-07-11T10:15:10.897",
"lastModified": "2023-07-11T12:43:16.387", "lastModified": "2023-07-19T15:21:04.790",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{ {
"source": "productcert@siemens.com", "source": "productcert@siemens.com",
"type": "Secondary", "type": "Secondary",
@ -35,6 +55,16 @@
] ]
}, },
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-770"
}
]
},
{ {
"source": "productcert@siemens.com", "source": "productcert@siemens.com",
"type": "Secondary", "type": "Secondary",
@ -46,10 +76,183 @@
] ]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-561322.pdf", "operator": "AND",
"source": "productcert@siemens.com" "nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_mv540_h_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.3.4",
"matchCriteriaId": "443FA290-C457-4B6A-B7D0-D93A9891422D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_mv540_h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "18944887-DE3F-4FB4-88D2-1C8EC89A1481"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_mv540_s_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.3.4",
"matchCriteriaId": "93539B72-DB14-467F-B18E-09E02FC32AA2"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_mv540_s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4B016178-2DCB-417C-B20F-8B9E1904BE8C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_mv550_h_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.3.4",
"matchCriteriaId": "D57AB6A9-9462-4E86-8375-18D8E7B33A68"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_mv550_h:-:*:*:*:*:*:*:*",
"matchCriteriaId": "324A87A6-2DC6-4797-8191-0BE2D8D1F9FC"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_mv550_s_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.3.4",
"matchCriteriaId": "68DA4485-B7D7-4650-89D2-109555CA31E7"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_mv550_s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4B6E1134-8C21-4045-BD02-F44250474C40"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_mv560_u_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.3.4",
"matchCriteriaId": "A48A7347-0E33-4D16-AA61-B76C561C95B3"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_mv560_u:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D2FBB8F8-C886-4A2B-8808-6E3D6A57B271"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:siemens:simatic_mv560_x_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.3.4",
"matchCriteriaId": "D6AF3675-11B7-4FB3-8151-3D307204CE9A"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:siemens:simatic_mv560_x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DAA25C73-59D0-469D-BE6F-6188F645C1D9"
}
]
}
]
}
],
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-561322.pdf",
"source": "productcert@siemens.com",
"tags": [
"Vendor Advisory"
]
} }
] ]
} }

73
CVE-2023/CVE-2023-36xx/CVE-2023-3625.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3625", "id": "CVE-2023-3625",
"sourceIdentifier": "cna@vuldb.com", "sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-11T18:15:20.903", "published": "2023-07-11T18:15:20.903",
"lastModified": "2023-07-12T12:46:41.413", "lastModified": "2023-07-19T15:59:56.657",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -11,6 +11,28 @@
} }
], ],
"metrics": { "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV30": [ "cvssMetricV30": [
{ {
"source": "cna@vuldb.com", "source": "cna@vuldb.com",
@ -71,18 +93,47 @@
] ]
} }
], ],
"references": [ "configurations": [
{ {
"url": "https://github.com/MoeMion233/cve/blob/main/1.md", "nodes": [
"source": "cna@vuldb.com"
},
{ {
"url": "https://vuldb.com/?ctiid.233578", "operator": "OR",
"source": "cna@vuldb.com" "negate": false,
}, "cpeMatch": [
{ {
"url": "https://vuldb.com/?id.233578", "vulnerable": true,
"source": "cna@vuldb.com" "criteria": "cpe:2.3:a:istrong:mountain_flood_disaster_prevention_monitoring_and_early_warning_system:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2023-07-06",
"matchCriteriaId": "4A193D61-0E65-43A9-845F-90B73355D374"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/MoeMion233/cve/blob/main/1.md",
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.233578",
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.233578",
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
} }
] ]
} }

55
CVE-2023/CVE-2023-36xx/CVE-2023-3638.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-3638",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2023-07-19T15:15:11.257",
"lastModified": "2023-07-19T15:15:11.257",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In GeoVision GV-ADR2701 cameras, an attacker could edit the login response to access the web application.\n\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "ics-cert@hq.dhs.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-199-05",
"source": "ics-cert@hq.dhs.gov"
}
]
}

68
CVE-2023/CVE-2023-371xx/CVE-2023-37174.json
View File

@ -2,19 +2,75 @@
"id": "CVE-2023-37174", "id": "CVE-2023-37174",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-07-11T23:15:09.120", "published": "2023-07-11T23:15:09.120",
"lastModified": "2023-07-12T12:46:41.413", "lastModified": "2023-07-19T13:19:23.043",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "GPAC v2.3-DEV-rev381-g817a848f6-master was discovered to contain a segmentation violation in the dump_isom_scene function at /mp4box/filedump.c." "value": "GPAC v2.3-DEV-rev381-g817a848f6-master was discovered to contain a segmentation violation in the dump_isom_scene function at /mp4box/filedump.c."
} }
], ],
"metrics": {}, "metrics": {
"references": [ "cvssMetricV31": [
{ {
"url": "https://github.com/gpac/gpac/issues/2505", "source": "nvd@nist.gov",
"source": "cve@mitre.org" "type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gpac:gpac:2.3-dev-rev381-g817a848f6-master:*:*:*:*:*:*:*",
"matchCriteriaId": "264FC010-3E8E-4717-8828-B8F53234EECB"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/gpac/gpac/issues/2505",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
]
} }
] ]
} }

68
CVE-2023/CVE-2023-377xx/CVE-2023-37765.json
View File

@ -2,19 +2,75 @@
"id": "CVE-2023-37765", "id": "CVE-2023-37765",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-07-11T23:15:09.167", "published": "2023-07-11T23:15:09.167",
"lastModified": "2023-07-12T12:46:41.413", "lastModified": "2023-07-19T13:23:02.507",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "GPAC v2.3-DEV-rev381-g817a848f6-master was discovered to contain a segmentation violation in the gf_dump_vrml_sffield function at /lib/libgpac.so." "value": "GPAC v2.3-DEV-rev381-g817a848f6-master was discovered to contain a segmentation violation in the gf_dump_vrml_sffield function at /lib/libgpac.so."
} }
], ],
"metrics": {}, "metrics": {
"references": [ "cvssMetricV31": [
{ {
"url": "https://github.com/gpac/gpac/issues/2515", "source": "nvd@nist.gov",
"source": "cve@mitre.org" "type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gpac:gpac:2.3-dev-rev381-g817a848f6-master:*:*:*:*:*:*:*",
"matchCriteriaId": "264FC010-3E8E-4717-8828-B8F53234EECB"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/gpac/gpac/issues/2515",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
]
} }
] ]
} }

68
CVE-2023/CVE-2023-377xx/CVE-2023-37766.json
View File

@ -2,19 +2,75 @@
"id": "CVE-2023-37766", "id": "CVE-2023-37766",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-07-11T23:15:09.210", "published": "2023-07-11T23:15:09.210",
"lastModified": "2023-07-12T12:46:41.413", "lastModified": "2023-07-19T13:23:09.597",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "GPAC v2.3-DEV-rev381-g817a848f6-master was discovered to contain a segmentation violation in the gf_isom_remove_user_data function at /lib/libgpac.so." "value": "GPAC v2.3-DEV-rev381-g817a848f6-master was discovered to contain a segmentation violation in the gf_isom_remove_user_data function at /lib/libgpac.so."
} }
], ],
"metrics": {}, "metrics": {
"references": [ "cvssMetricV31": [
{ {
"url": "https://github.com/gpac/gpac/issues/2516", "source": "nvd@nist.gov",
"source": "cve@mitre.org" "type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gpac:gpac:2.3-dev-rev381-g817a848f6-master:*:*:*:*:*:*:*",
"matchCriteriaId": "264FC010-3E8E-4717-8828-B8F53234EECB"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/gpac/gpac/issues/2516",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
]
} }
] ]
} }

68
CVE-2023/CVE-2023-377xx/CVE-2023-37767.json
View File

@ -2,19 +2,75 @@
"id": "CVE-2023-37767", "id": "CVE-2023-37767",
"sourceIdentifier": "cve@mitre.org", "sourceIdentifier": "cve@mitre.org",
"published": "2023-07-11T23:15:09.250", "published": "2023-07-11T23:15:09.250",
"lastModified": "2023-07-12T12:46:41.413", "lastModified": "2023-07-19T13:23:15.433",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "GPAC v2.3-DEV-rev381-g817a848f6-master was discovered to contain a segmentation violation in the BM_ParseIndexValueReplace function at /lib/libgpac.so." "value": "GPAC v2.3-DEV-rev381-g817a848f6-master was discovered to contain a segmentation violation in the BM_ParseIndexValueReplace function at /lib/libgpac.so."
} }
], ],
"metrics": {}, "metrics": {
"references": [ "cvssMetricV31": [
{ {
"url": "https://github.com/gpac/gpac/issues/2514", "source": "nvd@nist.gov",
"source": "cve@mitre.org" "type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gpac:gpac:2.3-dev-rev381-g817a848f6-master:*:*:*:*:*:*:*",
"matchCriteriaId": "264FC010-3E8E-4717-8828-B8F53234EECB"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/gpac/gpac/issues/2514",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
]
} }
] ]
} }

4
CVE-2023/CVE-2023-37xx/CVE-2023-3751.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3751", "id": "CVE-2023-3751",
"sourceIdentifier": "cna@vuldb.com", "sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-19T00:15:09.913", "published": "2023-07-19T00:15:09.913",
"lastModified": "2023-07-19T00:15:09.913", "lastModified": "2023-07-19T12:47:21.130",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

4
CVE-2023/CVE-2023-37xx/CVE-2023-3752.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3752", "id": "CVE-2023-3752",
"sourceIdentifier": "cna@vuldb.com", "sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-19T02:15:09.747", "published": "2023-07-19T02:15:09.747",
"lastModified": "2023-07-19T02:15:09.747", "lastModified": "2023-07-19T12:47:14.573",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

8
CVE-2023/CVE-2023-37xx/CVE-2023-3753.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-3753", "id": "CVE-2023-3753",
"sourceIdentifier": "cna@vuldb.com", "sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-19T02:15:09.820", "published": "2023-07-19T02:15:09.820",
"lastModified": "2023-07-19T02:15:09.820", "lastModified": "2023-07-19T12:47:14.573",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "A vulnerability classified as problematic has been found in Creativeitem Mastery LMS 1.2. This affects an unknown part of the file /browse. The manipulation of the argument search/featured/recommended/skill leads to cross site scripting. It is possible to initiate the attack remotely. The associated identifier of this vulnerability is VDB-234423. NOTE: The vendor was contacted early about this disclosure but did not respond in any way." "value": "A vulnerability classified as problematic has been found in Creativeitem Mastery LMS 1.2. This affects an unknown part of the file /browse. The manipulation of the argument search/featured/recommended/skill leads to cross site scripting. It is possible to initiate the attack remotely. The associated identifier of this vulnerability is VDB-234423. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad clasificada como problem\u00e1tica en Creativeitem Mastery LMS v1.2. Esto afecta a una parte desconocida del archivo \"/browse\". La manipulaci\u00f3n del argumento \"search/featured/recommended/skill\" conduce a Cross-Site Scripting (XSS). Es posible iniciar el ataque de forma remota. El identificador asociado a esta vulnerabilidad es VDB-234423. NOTA: Se contact\u00f3 con el proveedor con antelaci\u00f3n acerca de esta divulgaci\u00f3n, pero no respondi\u00f3 de ninguna manera. "
} }
], ],
"metrics": { "metrics": {

4
CVE-2023/CVE-2023-37xx/CVE-2023-3754.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3754", "id": "CVE-2023-3754",
"sourceIdentifier": "cna@vuldb.com", "sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-19T03:15:10.297", "published": "2023-07-19T03:15:10.297",
"lastModified": "2023-07-19T03:15:10.297", "lastModified": "2023-07-19T12:47:14.573",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

8
CVE-2023/CVE-2023-37xx/CVE-2023-3755.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-3755", "id": "CVE-2023-3755",
"sourceIdentifier": "cna@vuldb.com", "sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-19T04:15:10.190", "published": "2023-07-19T04:15:10.190",
"lastModified": "2023-07-19T04:15:10.190", "lastModified": "2023-07-19T12:47:14.573",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "A vulnerability has been found in Creativeitem Atlas Business Directory Listing 2.13 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /home/filter_listings. The manipulation of the argument price-range leads to cross site scripting. The attack can be launched remotely. The associated identifier of this vulnerability is VDB-234427. NOTE: The vendor was contacted early about this disclosure but did not respond in any way." "value": "A vulnerability has been found in Creativeitem Atlas Business Directory Listing 2.13 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /home/filter_listings. The manipulation of the argument price-range leads to cross site scripting. The attack can be launched remotely. The associated identifier of this vulnerability is VDB-234427. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad en Creativeitem Atlas Business Directory Listing v2.13 y se ha clasificado como problem\u00e1tica. Esta vulnerabilidad afecta a una funcionalidad desconocida del archivo \"/home/filter_listings\". La manipulaci\u00f3n del argumento \"price-range\" conduce a Cross-Site Scripting (XSS). El ataque puede ser lanzado remotamente. El identificador asociado de esta vulnerabilidad es VDB-234427. NOTA: El vendedor fue contactado acerca de esta divulgaci\u00f3n pero no respondi\u00f3 de ninguna manera. "
} }
], ],
"metrics": { "metrics": {

8
CVE-2023/CVE-2023-37xx/CVE-2023-3756.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-3756", "id": "CVE-2023-3756",
"sourceIdentifier": "cna@vuldb.com", "sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-19T04:15:10.270", "published": "2023-07-19T04:15:10.270",
"lastModified": "2023-07-19T04:15:10.270", "lastModified": "2023-07-19T12:47:14.573",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "A vulnerability was found in Creativeitem Atlas Business Directory Listing 2.13 and classified as problematic. Affected by this issue is some unknown functionality of the file /home/search. The manipulation of the argument search_string leads to cross site scripting. The attack may be launched remotely. The identifier of this vulnerability is VDB-234428. NOTE: The vendor was contacted early about this disclosure but did not respond in any way." "value": "A vulnerability was found in Creativeitem Atlas Business Directory Listing 2.13 and classified as problematic. Affected by this issue is some unknown functionality of the file /home/search. The manipulation of the argument search_string leads to cross site scripting. The attack may be launched remotely. The identifier of this vulnerability is VDB-234428. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad en Creativeitem Atlas Business Directory Listing v2.13 y se ha clasificado como problem\u00e1tica. Este problema afecta a una funcionalidad desconocida del archivo \"/home/search\". La manipulaci\u00f3n del argumento \"search_string\" conduce a Cross-Site Scripting (XSS). El ataque puede ser lanzado remotamente. El identificador de esta vulnerabilidad es VDB-234428. NOTA: Se contact\u00f3 con el proveedor con antelaci\u00f3n acerca de esta divulgaci\u00f3n, pero no respondi\u00f3 de ninguna manera. "
} }
], ],
"metrics": { "metrics": {

4
CVE-2023/CVE-2023-37xx/CVE-2023-3757.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3757", "id": "CVE-2023-3757",
"sourceIdentifier": "cna@vuldb.com", "sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-19T05:15:10.377", "published": "2023-07-19T05:15:10.377",
"lastModified": "2023-07-19T05:15:10.377", "lastModified": "2023-07-19T12:47:14.573",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

4
CVE-2023/CVE-2023-37xx/CVE-2023-3759.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3759", "id": "CVE-2023-3759",
"sourceIdentifier": "cna@vuldb.com", "sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-19T05:15:10.503", "published": "2023-07-19T05:15:10.503",
"lastModified": "2023-07-19T05:15:10.503", "lastModified": "2023-07-19T12:47:14.573",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

4
CVE-2023/CVE-2023-37xx/CVE-2023-3760.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3760", "id": "CVE-2023-3760",
"sourceIdentifier": "cna@vuldb.com", "sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-19T06:15:13.470", "published": "2023-07-19T06:15:13.470",
"lastModified": "2023-07-19T06:15:13.470", "lastModified": "2023-07-19T12:47:14.573",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

4
CVE-2023/CVE-2023-37xx/CVE-2023-3761.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3761", "id": "CVE-2023-3761",
"sourceIdentifier": "cna@vuldb.com", "sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-19T06:15:13.897", "published": "2023-07-19T06:15:13.897",
"lastModified": "2023-07-19T06:15:13.897", "lastModified": "2023-07-19T12:47:14.573",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

4
CVE-2023/CVE-2023-37xx/CVE-2023-3762.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3762", "id": "CVE-2023-3762",
"sourceIdentifier": "cna@vuldb.com", "sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-19T07:15:08.813", "published": "2023-07-19T07:15:08.813",
"lastModified": "2023-07-19T07:15:08.813", "lastModified": "2023-07-19T12:47:14.573",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

4
CVE-2023/CVE-2023-37xx/CVE-2023-3763.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3763", "id": "CVE-2023-3763",
"sourceIdentifier": "cna@vuldb.com", "sourceIdentifier": "cna@vuldb.com",
"published": "2023-07-19T07:15:09.007", "published": "2023-07-19T07:15:09.007",
"lastModified": "2023-07-19T07:15:09.007", "lastModified": "2023-07-19T12:47:14.573",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

4
CVE-2023/CVE-2023-37xx/CVE-2023-3765.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3765", "id": "CVE-2023-3765",
"sourceIdentifier": "security@huntr.dev", "sourceIdentifier": "security@huntr.dev",
"published": "2023-07-19T01:15:10.847", "published": "2023-07-19T01:15:10.847",
"lastModified": "2023-07-19T01:15:10.847", "lastModified": "2023-07-19T12:47:21.130",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

47
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update ### Last Repository Update
```plain ```plain
2023-07-19T12:00:25.657455+00:00 2023-07-19T16:01:05.735904+00:00
``` ```
### Most recent CVE Modification Timestamp synchronized with NVD ### Most recent CVE Modification Timestamp synchronized with NVD
```plain ```plain
2023-07-19T11:53:32.750000+00:00 2023-07-19T15:59:56.657000+00:00
``` ```
### Last Data Feed Release ### Last Data Feed Release
@ -29,20 +29,55 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs ### Total Number of included CVEs
```plain ```plain
220672 220683
``` ```
### CVEs added in the last Commit ### CVEs added in the last Commit
Recently added CVEs: `0` Recently added CVEs: `11`
* [CVE-2022-40896](CVE-2022/CVE-2022-408xx/CVE-2022-40896.json) (`2023-07-19T15:15:10.007`)
* [CVE-2023-3463](CVE-2023/CVE-2023-34xx/CVE-2023-3463.json) (`2023-07-19T14:15:10.620`)
* [CVE-2023-27379](CVE-2023/CVE-2023-273xx/CVE-2023-27379.json) (`2023-07-19T14:15:10.000`)
* [CVE-2023-28744](CVE-2023/CVE-2023-287xx/CVE-2023-28744.json) (`2023-07-19T14:15:10.117`)
* [CVE-2023-30799](CVE-2023/CVE-2023-307xx/CVE-2023-30799.json) (`2023-07-19T15:15:10.477`)
* [CVE-2023-32664](CVE-2023/CVE-2023-326xx/CVE-2023-32664.json) (`2023-07-19T14:15:10.207`)
* [CVE-2023-33866](CVE-2023/CVE-2023-338xx/CVE-2023-33866.json) (`2023-07-19T14:15:10.297`)
* [CVE-2023-33876](CVE-2023/CVE-2023-338xx/CVE-2023-33876.json) (`2023-07-19T14:15:10.393`)
* [CVE-2023-34034](CVE-2023/CVE-2023-340xx/CVE-2023-34034.json) (`2023-07-19T15:15:11.127`)
* [CVE-2023-3446](CVE-2023/CVE-2023-34xx/CVE-2023-3446.json) (`2023-07-19T12:15:10.003`)
* [CVE-2023-3638](CVE-2023/CVE-2023-36xx/CVE-2023-3638.json) (`2023-07-19T15:15:11.257`)
### CVEs modified in the last Commit ### CVEs modified in the last Commit
Recently modified CVEs: `1` Recently modified CVEs: `76`
* [CVE-2020-36750](CVE-2020/CVE-2020-367xx/CVE-2020-36750.json) (`2023-07-19T11:53:32.750`) * [CVE-2023-35872](CVE-2023/CVE-2023-358xx/CVE-2023-35872.json) (`2023-07-19T13:36:59.200`)
* [CVE-2023-3011](CVE-2023/CVE-2023-30xx/CVE-2023-3011.json) (`2023-07-19T13:54:26.223`)
* [CVE-2023-2869](CVE-2023/CVE-2023-28xx/CVE-2023-2869.json) (`2023-07-19T13:56:00.660`)
* [CVE-2023-2562](CVE-2023/CVE-2023-25xx/CVE-2023-2562.json) (`2023-07-19T14:07:58.010`)
* [CVE-2023-36053](CVE-2023/CVE-2023-360xx/CVE-2023-36053.json) (`2023-07-19T14:15:10.500`)
* [CVE-2023-1936](CVE-2023/CVE-2023-19xx/CVE-2023-1936.json) (`2023-07-19T14:26:15.807`)
* [CVE-2023-35920](CVE-2023/CVE-2023-359xx/CVE-2023-35920.json) (`2023-07-19T14:58:06.770`)
* [CVE-2023-28754](CVE-2023/CVE-2023-287xx/CVE-2023-28754.json) (`2023-07-19T15:15:10.330`)
* [CVE-2023-2975](CVE-2023/CVE-2023-29xx/CVE-2023-2975.json) (`2023-07-19T15:15:10.407`)
* [CVE-2023-36521](CVE-2023/CVE-2023-365xx/CVE-2023-36521.json) (`2023-07-19T15:21:04.790`)
* [CVE-2023-35921](CVE-2023/CVE-2023-359xx/CVE-2023-35921.json) (`2023-07-19T15:21:30.293`)
* [CVE-2023-35873](CVE-2023/CVE-2023-358xx/CVE-2023-35873.json) (`2023-07-19T15:27:53.343`)
* [CVE-2023-3135](CVE-2023/CVE-2023-31xx/CVE-2023-3135.json) (`2023-07-19T15:30:54.893`)
* [CVE-2023-29319](CVE-2023/CVE-2023-293xx/CVE-2023-29319.json) (`2023-07-19T15:41:02.070`)
* [CVE-2023-29315](CVE-2023/CVE-2023-293xx/CVE-2023-29315.json) (`2023-07-19T15:42:01.287`)
* [CVE-2023-29316](CVE-2023/CVE-2023-293xx/CVE-2023-29316.json) (`2023-07-19T15:42:22.723`)
* [CVE-2023-29317](CVE-2023/CVE-2023-293xx/CVE-2023-29317.json) (`2023-07-19T15:42:41.643`)
* [CVE-2023-29318](CVE-2023/CVE-2023-293xx/CVE-2023-29318.json) (`2023-07-19T15:42:57.663`)
* [CVE-2023-33167](CVE-2023/CVE-2023-331xx/CVE-2023-33167.json) (`2023-07-19T15:44:42.697`)
* [CVE-2023-23348](CVE-2023/CVE-2023-233xx/CVE-2023-23348.json) (`2023-07-19T15:48:28.893`)
* [CVE-2023-3579](CVE-2023/CVE-2023-35xx/CVE-2023-3579.json) (`2023-07-19T15:52:19.567`)
* [CVE-2023-3578](CVE-2023/CVE-2023-35xx/CVE-2023-3578.json) (`2023-07-19T15:58:04.330`)
* [CVE-2023-3574](CVE-2023/CVE-2023-35xx/CVE-2023-3574.json) (`2023-07-19T15:58:24.693`)
* [CVE-2023-3568](CVE-2023/CVE-2023-35xx/CVE-2023-3568.json) (`2023-07-19T15:58:44.357`)
* [CVE-2023-3625](CVE-2023/CVE-2023-36xx/CVE-2023-3625.json) (`2023-07-19T15:59:56.657`)
## Download and Usage ## Download and Usage