admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-07-25T18:00:31.419140+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-07-25 18:00:34 +00:00
parent a2766cca5e
commit 9ad865c552
48 changed files with 1378 additions and 166 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
CVE-2023/CVE-2023-18xx/CVE-2023-1890.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-1890", "id": "CVE-2023-1890",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-05-15T13:15:10.593", "published": "2023-05-15T13:15:10.593",
"lastModified": "2023-05-23T18:42:50.847", "lastModified": "2023-07-25T17:15:10.657",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -65,6 +65,10 @@
} }
], ],
"references": [ "references": [
{
"url": "http://packetstormsecurity.com/files/173727/WordPress-Tablesome-Cross-Site-Scripting.html",
"source": "contact@wpscan.com"
},
{ {
"url": "https://wpscan.com/vulnerability/8ef64490-30cd-4e07-9b7c-64f551944f3d", "url": "https://wpscan.com/vulnerability/8ef64490-30cd-4e07-9b7c-64f551944f3d",
"source": "contact@wpscan.com", "source": "contact@wpscan.com",

8
CVE-2023/CVE-2023-18xx/CVE-2023-1893.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-1893", "id": "CVE-2023-1893",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-07-17T14:15:09.617", "published": "2023-07-17T14:15:09.617",
"lastModified": "2023-07-17T14:22:59.283", "lastModified": "2023-07-25T17:15:10.827",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Undergoing Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -24,6 +24,10 @@
} }
], ],
"references": [ "references": [
{
"url": "http://packetstormsecurity.com/files/173723/WordPress-Login-Configurator-2.1-Cross-Site-Scripting.html",
"source": "contact@wpscan.com"
},
{ {
"url": "https://wpscan.com/vulnerability/dbe6cf09-971f-42e9-b744-9339454168c7", "url": "https://wpscan.com/vulnerability/dbe6cf09-971f-42e9-b744-9339454168c7",
"source": "contact@wpscan.com" "source": "contact@wpscan.com"

89
CVE-2023/CVE-2023-209xx/CVE-2023-20942.json
View File

@ -2,31 +2,106 @@
"id": "CVE-2023-20942", "id": "CVE-2023-20942",
"sourceIdentifier": "security@android.com", "sourceIdentifier": "security@android.com",
"published": "2023-07-13T00:15:23.363", "published": "2023-07-13T00:15:23.363",
"lastModified": "2023-07-13T08:32:09.673", "lastModified": "2023-07-25T17:42:56.930",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "In openMmapStream of AudioFlinger.cpp, there is a possible way to record audio without displaying the microphone privacy indicator due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.\n\n" "value": "In openMmapStream of AudioFlinger.cpp, there is a possible way to record audio without displaying the microphone privacy indicator due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.\n\n"
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C64C1583-CDE0-4C1F-BDE6-05643C1BDD72"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://android.googlesource.com/platform/frameworks/av/+/770b45c3c1619cf4008b89e7a0f4392bf2224bbc", "url": "https://android.googlesource.com/platform/frameworks/av/+/770b45c3c1619cf4008b89e7a0f4392bf2224bbc",
"source": "security@android.com" "source": "security@android.com",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://android.googlesource.com/platform/frameworks/av/+/b072419650958c41c87d2baa572dc2fe6da9ea6b", "url": "https://android.googlesource.com/platform/frameworks/av/+/b072419650958c41c87d2baa572dc2fe6da9ea6b",
"source": "security@android.com" "source": "security@android.com",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://android.googlesource.com/platform/frameworks/av/+/bae3b00a5873d1562679a1289fd8490178cfe064", "url": "https://android.googlesource.com/platform/frameworks/av/+/bae3b00a5873d1562679a1289fd8490178cfe064",
"source": "security@android.com" "source": "security@android.com",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://source.android.com/security/bulletin/2023-07-01", "url": "https://source.android.com/security/bulletin/2023-07-01",
"source": "security@android.com" "source": "security@android.com",
"tags": [
"Patch",
"Vendor Advisory"
]
} }
] ]
} }

8
CVE-2023/CVE-2023-20xx/CVE-2023-2029.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2029", "id": "CVE-2023-2029",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-07-10T16:15:50.930", "published": "2023-07-10T16:15:50.930",
"lastModified": "2023-07-14T18:50:07.637", "lastModified": "2023-07-25T17:15:10.997",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -65,6 +65,10 @@
} }
], ],
"references": [ "references": [
{
"url": "http://packetstormsecurity.com/files/173729/WordPress-PrePost-SEO-3.0-Cross-Site-Scripting.html",
"source": "contact@wpscan.com"
},
{ {
"url": "https://wpscan.com/vulnerability/4889ad5a-c8c4-4958-b176-64560490497b", "url": "https://wpscan.com/vulnerability/4889ad5a-c8c4-4958-b176-64560490497b",
"source": "contact@wpscan.com", "source": "contact@wpscan.com",

8
CVE-2023/CVE-2023-20xx/CVE-2023-2068.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2068", "id": "CVE-2023-2068",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-06-27T14:15:10.477", "published": "2023-06-27T14:15:10.477",
"lastModified": "2023-07-03T14:51:27.457", "lastModified": "2023-07-25T17:15:11.137",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -65,6 +65,10 @@
} }
], ],
"references": [ "references": [
{
"url": "http://packetstormsecurity.com/files/173735/WordPress-File-Manager-Advanced-Shortcode-2.3.2-Remote-Code-Execution.html",
"source": "contact@wpscan.com"
},
{ {
"url": "https://wpscan.com/vulnerability/58f72953-56d2-4d86-a49b-311b5fc58056", "url": "https://wpscan.com/vulnerability/58f72953-56d2-4d86-a49b-311b5fc58056",
"source": "contact@wpscan.com", "source": "contact@wpscan.com",

84
CVE-2023/CVE-2023-212xx/CVE-2023-21240.json
View File

@ -2,23 +2,97 @@
"id": "CVE-2023-21240", "id": "CVE-2023-21240",
"sourceIdentifier": "security@android.com", "sourceIdentifier": "security@android.com",
"published": "2023-07-13T00:15:23.547", "published": "2023-07-13T00:15:23.547",
"lastModified": "2023-07-13T08:32:09.673", "lastModified": "2023-07-25T16:35:18.047",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "In Policy of Policy.java, there is a possible boot loop due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.\n\n" "value": "In Policy of Policy.java, there is a possible boot loop due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.\n\n"
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C64C1583-CDE0-4C1F-BDE6-05643C1BDD72"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://android.googlesource.com/platform/packages/modules/Wifi/+/69119d1d3102e27b6473c785125696881bce9563", "url": "https://android.googlesource.com/platform/packages/modules/Wifi/+/69119d1d3102e27b6473c785125696881bce9563",
"source": "security@android.com" "source": "security@android.com",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://source.android.com/security/bulletin/2023-07-01", "url": "https://source.android.com/security/bulletin/2023-07-01",
"source": "security@android.com" "source": "security@android.com",
"tags": [
"Patch",
"Vendor Advisory"
]
} }
] ]
} }

84
CVE-2023/CVE-2023-212xx/CVE-2023-21241.json
View File

@ -2,23 +2,97 @@
"id": "CVE-2023-21241", "id": "CVE-2023-21241",
"sourceIdentifier": "security@android.com", "sourceIdentifier": "security@android.com",
"published": "2023-07-13T00:15:23.590", "published": "2023-07-13T00:15:23.590",
"lastModified": "2023-07-13T08:32:09.673", "lastModified": "2023-07-25T16:35:58.603",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "In rw_i93_send_to_upper of rw_i93.cc, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.\n\n" "value": "In rw_i93_send_to_upper of rw_i93.cc, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.\n\n"
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-190"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C64C1583-CDE0-4C1F-BDE6-05643C1BDD72"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://android.googlesource.com/platform/system/nfc/+/907d17eeefec6f672ea824e126406e6d8f6b56d8", "url": "https://android.googlesource.com/platform/system/nfc/+/907d17eeefec6f672ea824e126406e6d8f6b56d8",
"source": "security@android.com" "source": "security@android.com",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://source.android.com/security/bulletin/2023-07-01", "url": "https://source.android.com/security/bulletin/2023-07-01",
"source": "security@android.com" "source": "security@android.com",
"tags": [
"Patch",
"Vendor Advisory"
]
} }
] ]
} }

84
CVE-2023/CVE-2023-212xx/CVE-2023-21243.json
View File

@ -2,23 +2,97 @@
"id": "CVE-2023-21243", "id": "CVE-2023-21243",
"sourceIdentifier": "security@android.com", "sourceIdentifier": "security@android.com",
"published": "2023-07-13T00:15:23.637", "published": "2023-07-13T00:15:23.637",
"lastModified": "2023-07-13T08:32:09.673", "lastModified": "2023-07-25T16:36:21.863",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "In validateForCommonR1andR2 of PasspointConfiguration.java, there is a possible way to inflate the size of a config file with no limits due to a buffer overflow. This could lead to local denial of service with no additional execution privileges needed. User interaction is needed for exploitation.\n\n" "value": "In validateForCommonR1andR2 of PasspointConfiguration.java, there is a possible way to inflate the size of a config file with no limits due to a buffer overflow. This could lead to local denial of service with no additional execution privileges needed. User interaction is needed for exploitation.\n\n"
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C64C1583-CDE0-4C1F-BDE6-05643C1BDD72"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://android.googlesource.com/platform/packages/modules/Wifi/+/5b49b8711efaadadf5052ba85288860c2d7ca7a6", "url": "https://android.googlesource.com/platform/packages/modules/Wifi/+/5b49b8711efaadadf5052ba85288860c2d7ca7a6",
"source": "security@android.com" "source": "security@android.com",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://source.android.com/security/bulletin/2023-07-01", "url": "https://source.android.com/security/bulletin/2023-07-01",
"source": "security@android.com" "source": "security@android.com",
"tags": [
"Patch",
"Vendor Advisory"
]
} }
] ]
} }

84
CVE-2023/CVE-2023-212xx/CVE-2023-21245.json
View File

@ -2,23 +2,97 @@
"id": "CVE-2023-21245", "id": "CVE-2023-21245",
"sourceIdentifier": "security@android.com", "sourceIdentifier": "security@android.com",
"published": "2023-07-13T00:15:23.683", "published": "2023-07-13T00:15:23.683",
"lastModified": "2023-07-13T08:32:09.673", "lastModified": "2023-07-25T16:12:10.183",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "In showNextSecurityScreenOrFinish of KeyguardSecurityContainerController.java, there is a possible way to access the lock screen during device setup due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.\n\n" "value": "In showNextSecurityScreenOrFinish of KeyguardSecurityContainerController.java, there is a possible way to access the lock screen during device setup due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.\n\n"
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "54C3907A-DF77-4A94-8537-A2FFA20B90A0"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://android.googlesource.com/platform/frameworks/base/+/a33159e8cb297b9eee6fa5c63c0e343d05fad622", "url": "https://android.googlesource.com/platform/frameworks/base/+/a33159e8cb297b9eee6fa5c63c0e343d05fad622",
"source": "security@android.com" "source": "security@android.com",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://source.android.com/security/bulletin/2023-07-01", "url": "https://source.android.com/security/bulletin/2023-07-01",
"source": "security@android.com" "source": "security@android.com",
"tags": [
"Patch",
"Vendor Advisory"
]
} }
] ]
} }

84
CVE-2023/CVE-2023-212xx/CVE-2023-21246.json
View File

@ -2,23 +2,97 @@
"id": "CVE-2023-21246", "id": "CVE-2023-21246",
"sourceIdentifier": "security@android.com", "sourceIdentifier": "security@android.com",
"published": "2023-07-13T00:15:23.727", "published": "2023-07-13T00:15:23.727",
"lastModified": "2023-07-13T08:32:09.673", "lastModified": "2023-07-25T16:16:17.067",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "In ShortcutInfo of ShortcutInfo.java, there is a possible way for an app to retain notification listening access due to an uncaught exception. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.\n\n" "value": "In ShortcutInfo of ShortcutInfo.java, there is a possible way for an app to retain notification listening access due to an uncaught exception. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.\n\n"
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-754"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C64C1583-CDE0-4C1F-BDE6-05643C1BDD72"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://android.googlesource.com/platform/frameworks/base/+/fc1b9998ca8a9fceba47d67fd9ea9b45705b53e0", "url": "https://android.googlesource.com/platform/frameworks/base/+/fc1b9998ca8a9fceba47d67fd9ea9b45705b53e0",
"source": "security@android.com" "source": "security@android.com",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://source.android.com/security/bulletin/2023-07-01", "url": "https://source.android.com/security/bulletin/2023-07-01",
"source": "security@android.com" "source": "security@android.com",
"tags": [
"Patch",
"Vendor Advisory"
]
} }
] ]
} }

79
CVE-2023/CVE-2023-212xx/CVE-2023-21247.json
View File

@ -2,23 +2,92 @@
"id": "CVE-2023-21247", "id": "CVE-2023-21247",
"sourceIdentifier": "security@android.com", "sourceIdentifier": "security@android.com",
"published": "2023-07-13T00:15:23.777", "published": "2023-07-13T00:15:23.777",
"lastModified": "2023-07-13T08:32:09.673", "lastModified": "2023-07-25T16:18:21.930",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "In getAvailabilityStatus of BluetoothScanningMainSwitchPreferenceController.java, there is a possible way to bypass a device policy restriction due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.\n\n" "value": "In getAvailabilityStatus of BluetoothScanningMainSwitchPreferenceController.java, there is a possible way to bypass a device policy restriction due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.\n\n"
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C64C1583-CDE0-4C1F-BDE6-05643C1BDD72"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://android.googlesource.com/platform/packages/apps/Settings/+/edd4023805bc7fa54ae31de222cde02b9012bbc4", "url": "https://android.googlesource.com/platform/packages/apps/Settings/+/edd4023805bc7fa54ae31de222cde02b9012bbc4",
"source": "security@android.com" "source": "security@android.com",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://source.android.com/security/bulletin/2023-07-01", "url": "https://source.android.com/security/bulletin/2023-07-01",
"source": "security@android.com" "source": "security@android.com",
"tags": [
"Patch",
"Vendor Advisory"
]
} }
] ]
} }

79
CVE-2023/CVE-2023-212xx/CVE-2023-21248.json
View File

@ -2,23 +2,92 @@
"id": "CVE-2023-21248", "id": "CVE-2023-21248",
"sourceIdentifier": "security@android.com", "sourceIdentifier": "security@android.com",
"published": "2023-07-13T00:15:23.820", "published": "2023-07-13T00:15:23.820",
"lastModified": "2023-07-13T08:32:09.673", "lastModified": "2023-07-25T16:05:34.197",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "In getAvailabilityStatus of WifiScanningMainSwitchPreferenceController.java, there is a possible way to bypass a device policy restriction due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.\n\n" "value": "In getAvailabilityStatus of WifiScanningMainSwitchPreferenceController.java, there is a possible way to bypass a device policy restriction due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.\n\n"
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C64C1583-CDE0-4C1F-BDE6-05643C1BDD72"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://android.googlesource.com/platform/packages/apps/Settings/+/edd4023805bc7fa54ae31de222cde02b9012bbc4", "url": "https://android.googlesource.com/platform/packages/apps/Settings/+/edd4023805bc7fa54ae31de222cde02b9012bbc4",
"source": "security@android.com" "source": "security@android.com",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://source.android.com/security/bulletin/2023-07-01", "url": "https://source.android.com/security/bulletin/2023-07-01",
"source": "security@android.com" "source": "security@android.com",
"tags": [
"Patch",
"Vendor Advisory"
]
} }
] ]
} }

69
CVE-2023/CVE-2023-212xx/CVE-2023-21249.json
View File

@ -2,23 +2,82 @@
"id": "CVE-2023-21249", "id": "CVE-2023-21249",
"sourceIdentifier": "security@android.com", "sourceIdentifier": "security@android.com",
"published": "2023-07-13T00:15:23.867", "published": "2023-07-13T00:15:23.867",
"lastModified": "2023-07-13T08:32:09.673", "lastModified": "2023-07-25T16:06:54.813",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "In multiple functions of OneTimePermissionUserManager.java, there is a possible one-time permission retention due to a permissions bypass. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.\n\n" "value": "In multiple functions of OneTimePermissionUserManager.java, there is a possible one-time permission retention due to a permissions bypass. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.\n\n"
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-281"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://android.googlesource.com/platform/frameworks/base/+/c00b7e7dbc1fa30339adef693d02a51254755d7f", "url": "https://android.googlesource.com/platform/frameworks/base/+/c00b7e7dbc1fa30339adef693d02a51254755d7f",
"source": "security@android.com" "source": "security@android.com",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://source.android.com/security/bulletin/2023-07-01", "url": "https://source.android.com/security/bulletin/2023-07-01",
"source": "security@android.com" "source": "security@android.com",
"tags": [
"Patch",
"Vendor Advisory"
]
} }
] ]
} }

84
CVE-2023/CVE-2023-212xx/CVE-2023-21250.json
View File

@ -2,23 +2,97 @@
"id": "CVE-2023-21250", "id": "CVE-2023-21250",
"sourceIdentifier": "security@android.com", "sourceIdentifier": "security@android.com",
"published": "2023-07-13T00:15:23.917", "published": "2023-07-13T00:15:23.917",
"lastModified": "2023-07-13T08:32:09.673", "lastModified": "2023-07-25T16:07:24.000",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
"value": "In gatt_end_operation of gatt_utils.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.\n\n" "value": "In gatt_end_operation of gatt_utils.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.\n\n"
} }
], ],
"metrics": {}, "metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C64C1583-CDE0-4C1F-BDE6-05643C1BDD72"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/ec573bc83f1ed6722f7cb29431dcb2db7f10bf28", "url": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/ec573bc83f1ed6722f7cb29431dcb2db7f10bf28",
"source": "security@android.com" "source": "security@android.com",
"tags": [
"Patch"
]
}, },
{ {
"url": "https://source.android.com/security/bulletin/2023-07-01", "url": "https://source.android.com/security/bulletin/2023-07-01",
"source": "security@android.com" "source": "security@android.com",
"tags": [
"Patch",
"Vendor Advisory"
]
} }
] ]
} }

8
CVE-2023/CVE-2023-22xx/CVE-2023-2223.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2223", "id": "CVE-2023-2223",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-05-30T08:15:10.030", "published": "2023-05-30T08:15:10.030",
"lastModified": "2023-06-05T14:53:35.137", "lastModified": "2023-07-25T17:15:11.277",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -65,6 +65,10 @@
} }
], ],
"references": [ "references": [
{
"url": "http://packetstormsecurity.com/files/173726/WordPress-Login-Rebuilder-Cross-Site-Scripting.html",
"source": "contact@wpscan.com"
},
{ {
"url": "https://wpscan.com/vulnerability/7b356b82-5d03-4f70-b4ce-f1405304bb52", "url": "https://wpscan.com/vulnerability/7b356b82-5d03-4f70-b4ce-f1405304bb52",
"source": "contact@wpscan.com", "source": "contact@wpscan.com",

12
CVE-2023/CVE-2023-22xx/CVE-2023-2224.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2224", "id": "CVE-2023-2224",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-06-05T14:15:09.977", "published": "2023-06-05T14:15:09.977",
"lastModified": "2023-06-09T19:31:37.800", "lastModified": "2023-07-25T17:15:11.420",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -36,7 +36,7 @@
}, },
"weaknesses": [ "weaknesses": [
{ {
"source": "nvd@nist.gov", "source": "contact@wpscan.com",
"type": "Primary", "type": "Primary",
"description": [ "description": [
{ {
@ -46,7 +46,7 @@
] ]
}, },
{ {
"source": "contact@wpscan.com", "source": "nvd@nist.gov",
"type": "Secondary", "type": "Secondary",
"description": [ "description": [
{ {
@ -75,6 +75,10 @@
} }
], ],
"references": [ "references": [
{
"url": "http://packetstormsecurity.com/files/173725/WordPress-Seo-By-10Web-Cross-Site-Scripting.html",
"source": "contact@wpscan.com"
},
{ {
"url": "https://wpscan.com/vulnerability/a76b6d22-1e00-428a-8a04-12162bd0d992", "url": "https://wpscan.com/vulnerability/a76b6d22-1e00-428a-8a04-12162bd0d992",
"source": "contact@wpscan.com", "source": "contact@wpscan.com",

8
CVE-2023/CVE-2023-235xx/CVE-2023-23540.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-23540", "id": "CVE-2023-23540",
"sourceIdentifier": "product-security@apple.com", "sourceIdentifier": "product-security@apple.com",
"published": "2023-05-08T20:15:16.797", "published": "2023-05-08T20:15:16.797",
"lastModified": "2023-07-24T19:15:10.050", "lastModified": "2023-07-25T16:15:10.427",
"vulnStatus": "Modified", "vulnStatus": "Undergoing Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -84,6 +84,10 @@
} }
], ],
"references": [ "references": [
{
"url": "http://seclists.org/fulldisclosure/2023/Jul/46",
"source": "product-security@apple.com"
},
{ {
"url": "https://support.apple.com/en-us/HT213675", "url": "https://support.apple.com/en-us/HT213675",
"source": "product-security@apple.com", "source": "product-security@apple.com",

4
CVE-2023/CVE-2023-238xx/CVE-2023-23833.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-23833", "id": "CVE-2023-23833",
"sourceIdentifier": "audit@patchstack.com", "sourceIdentifier": "audit@patchstack.com",
"published": "2023-07-25T13:15:10.037", "published": "2023-07-25T13:15:10.037",
"lastModified": "2023-07-25T13:15:10.037", "lastModified": "2023-07-25T17:22:14.780",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

193
CVE-2023/CVE-2023-250xx/CVE-2023-25078.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-25078", "id": "CVE-2023-25078",
"sourceIdentifier": "psirt@honeywell.com", "sourceIdentifier": "psirt@honeywell.com",
"published": "2023-07-13T11:15:09.060", "published": "2023-07-13T11:15:09.060",
"lastModified": "2023-07-13T12:51:14.383", "lastModified": "2023-07-25T17:24:34.817",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{ {
"source": "psirt@honeywell.com", "source": "psirt@honeywell.com",
"type": "Secondary", "type": "Secondary",
@ -35,6 +55,16 @@
] ]
}, },
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{ {
"source": "psirt@honeywell.com", "source": "psirt@honeywell.com",
"type": "Secondary", "type": "Secondary",
@ -46,10 +76,167 @@
] ]
} }
], ],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:honeywell:experion_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "501.1",
"versionEndIncluding": "501.6hf8",
"matchCriteriaId": "DED6EB36-056C-422C-9C6E-9EDE45DDB5F9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:honeywell:experion_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "510.1",
"versionEndIncluding": "510.2hf12",
"matchCriteriaId": "0511367E-4C62-44C9-BFF9-84E969562A9F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:honeywell:experion_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "511.1",
"versionEndIncluding": "511.5tcu3",
"matchCriteriaId": "3A2EAD5D-9B56-4F09-A25B-E98671AE52AC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:honeywell:experion_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "520.1",
"versionEndIncluding": "520.1tcu4",
"matchCriteriaId": "E9EAE3B9-6173-4568-962A-C472F593FC47"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:honeywell:experion_server:*:*:*:*:*:*:*:*",
"versionStartIncluding": "520.2",
"versionEndIncluding": "520.2tcu2",
"matchCriteriaId": "29DFE287-6206-46E2-9118-9159EC44748E"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:honeywell:experion_station:*:*:*:*:*:*:*:*",
"versionStartIncluding": "501.1",
"versionEndIncluding": "501.6hf8",
"matchCriteriaId": "A34A2DF5-19BC-4823-8DD3-54C50EA43B65"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:honeywell:experion_station:*:*:*:*:*:*:*:*",
"versionStartIncluding": "510.1",
"versionEndIncluding": "510.2hf12",
"matchCriteriaId": "0FCC07AA-C8CC-4C69-8011-988932D2F0FB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:honeywell:experion_station:*:*:*:*:*:*:*:*",
"versionStartIncluding": "511.1",
"versionEndIncluding": "511.5tcu3",
"matchCriteriaId": "90CA038F-5C1A-46FF-9EA3-7606B3FF703C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:honeywell:experion_station:*:*:*:*:*:*:*:*",
"versionStartIncluding": "520.1",
"versionEndIncluding": "520.1tcu4",
"matchCriteriaId": "F9BAC831-F60D-4010-8EE9-8A741244CB9B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:honeywell:experion_station:*:*:*:*:*:*:*:*",
"versionStartIncluding": "520.2",
"versionEndIncluding": "520.2tcu2",
"matchCriteriaId": "D1B32781-B0B3-4C74-882B-1DF622DEC11C"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:honeywell:engineering_station:*:*:*:*:*:*:*:*",
"versionStartIncluding": "510.1",
"versionEndIncluding": "511.tcu3",
"matchCriteriaId": "3147FD0E-091B-4096-87D1-C006E3667F6B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:honeywell:engineering_station:*:*:*:*:*:*:*:*",
"versionStartIncluding": "520.1",
"versionEndIncluding": "520.1tcu4",
"matchCriteriaId": "96A06B44-5738-4A77-98EB-DAB61C07A6D5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:honeywell:engineering_station:*:*:*:*:*:*:*:*",
"versionStartIncluding": "520.2",
"versionEndIncluding": "520.2tcu2",
"matchCriteriaId": "177013AA-A2F8-4FC4-82AC-79A6A7196767"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:honeywell:direct_station:*:*:*:*:*:*:*:*",
"versionStartIncluding": "510.1",
"versionEndIncluding": "511.tcu3",
"matchCriteriaId": "F5F7E4E9-50A2-427F-9945-2A83F4D8C62D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:honeywell:direct_station:*:*:*:*:*:*:*:*",
"versionStartIncluding": "520.1",
"versionEndIncluding": "520.1tcu4",
"matchCriteriaId": "6ABEC6C0-CF74-49E3-88BA-5D06484DFAA8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:honeywell:direct_station:*:*:*:*:*:*:*:*",
"versionStartIncluding": "520.2",
"versionEndIncluding": "520.2tcu2",
"matchCriteriaId": "BD33B3A2-FC18-4BE6-98A7-88D06339EE28"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://process.honeywell.com", "url": "https://process.honeywell.com",
"source": "psirt@honeywell.com" "source": "psirt@honeywell.com",
"tags": [
"Product"
]
} }
] ]
} }

98
CVE-2023/CVE-2023-251xx/CVE-2023-25178.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-25178", "id": "CVE-2023-25178",
"sourceIdentifier": "psirt@honeywell.com", "sourceIdentifier": "psirt@honeywell.com",
"published": "2023-07-13T11:15:09.123", "published": "2023-07-13T11:15:09.123",
"lastModified": "2023-07-13T12:51:14.383", "lastModified": "2023-07-25T17:24:39.447",
"vulnStatus": "Awaiting Analysis", "vulnStatus": "Analyzed",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -12,6 +12,26 @@
], ],
"metrics": { "metrics": {
"cvssMetricV31": [ "cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{ {
"source": "psirt@honeywell.com", "source": "psirt@honeywell.com",
"type": "Secondary", "type": "Secondary",
@ -35,6 +55,16 @@
] ]
}, },
"weaknesses": [ "weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-345"
}
]
},
{ {
"source": "psirt@honeywell.com", "source": "psirt@honeywell.com",
"type": "Secondary", "type": "Secondary",
@ -46,10 +76,72 @@
] ]
} }
], ],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:honeywell:c300_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "501.1",
"versionEndIncluding": "501.6hf8",
"matchCriteriaId": "C8B1523A-A717-4BE3-97B1-5634188EAAF9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:honeywell:c300_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "510.1",
"versionEndIncluding": "510.2hf12",
"matchCriteriaId": "F01D307E-1DD4-4B16-A1EF-81503E5C7CF1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:honeywell:c300_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "511.1",
"versionEndIncluding": "511.5tcu3",
"matchCriteriaId": "1AAAF640-4704-4BEA-AB36-911B08227497"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:honeywell:c300_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "520.1",
"versionEndIncluding": "520.1tcu4",
"matchCriteriaId": "254FC5F7-6F70-4E38-95B8-E0042AB3321F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:honeywell:c300_firmware:*:*:*:*:*:*:*:*",
"versionStartIncluding": "520.2",
"versionEndIncluding": "520.2tcu2",
"matchCriteriaId": "F075CA91-AFC8-4463-9D02-BE45F98E4840"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:honeywell:c300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CEA14D67-E320-490E-92E6-CC135EBBA245"
}
]
}
]
}
],
"references": [ "references": [
{ {
"url": "https://process.honeywell.com", "url": "https://process.honeywell.com",
"source": "psirt@honeywell.com" "source": "psirt@honeywell.com",
"tags": [
"Product"
]
} }
] ]
} }

8
CVE-2023/CVE-2023-26xx/CVE-2023-2601.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2601", "id": "CVE-2023-2601",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-06-27T14:15:10.847", "published": "2023-06-27T14:15:10.847",
"lastModified": "2023-06-30T18:16:48.237", "lastModified": "2023-07-25T17:15:11.547",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -69,6 +69,10 @@
} }
], ],
"references": [ "references": [
{
"url": "http://packetstormsecurity.com/files/173732/WordPress-WP-Brutal-AI-Cross-Site-Request-Forgery-SQL-Injection.html",
"source": "contact@wpscan.com"
},
{ {
"url": "https://wpscan.com/vulnerability/57769468-3802-4985-bf5e-44ec1d59f5fd", "url": "https://wpscan.com/vulnerability/57769468-3802-4985-bf5e-44ec1d59f5fd",
"source": "contact@wpscan.com", "source": "contact@wpscan.com",

8
CVE-2023/CVE-2023-26xx/CVE-2023-2605.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2605", "id": "CVE-2023-2605",
"sourceIdentifier": "contact@wpscan.com", "sourceIdentifier": "contact@wpscan.com",
"published": "2023-06-27T14:15:10.910", "published": "2023-06-27T14:15:10.910",
"lastModified": "2023-06-30T18:07:21.857", "lastModified": "2023-07-25T17:15:11.710",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -65,6 +65,10 @@
} }
], ],
"references": [ "references": [
{
"url": "http://packetstormsecurity.com/files/173734/WordPress-WP-Brutal-AI-Cross-Site-Scripting.html",
"source": "contact@wpscan.com"
},
{ {
"url": "https://wpscan.com/vulnerability/372cb940-71ba-4d19-b35a-ab15f8c2fdeb", "url": "https://wpscan.com/vulnerability/372cb940-71ba-4d19-b35a-ab15f8c2fdeb",
"source": "contact@wpscan.com", "source": "contact@wpscan.com",

16
CVE-2023/CVE-2023-283xx/CVE-2023-28319.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28319", "id": "CVE-2023-28319",
"sourceIdentifier": "support@hackerone.com", "sourceIdentifier": "support@hackerone.com",
"published": "2023-05-26T21:15:10.020", "published": "2023-05-26T21:15:10.020",
"lastModified": "2023-07-24T19:15:10.150", "lastModified": "2023-07-25T16:15:10.550",
"vulnStatus": "Modified", "vulnStatus": "Undergoing Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -75,6 +75,18 @@
} }
], ],
"references": [ "references": [
{
"url": "http://seclists.org/fulldisclosure/2023/Jul/47",
"source": "support@hackerone.com"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Jul/48",
"source": "support@hackerone.com"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Jul/52",
"source": "support@hackerone.com"
},
{ {
"url": "https://hackerone.com/reports/1913733", "url": "https://hackerone.com/reports/1913733",
"source": "support@hackerone.com", "source": "support@hackerone.com",

16
CVE-2023/CVE-2023-283xx/CVE-2023-28320.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28320", "id": "CVE-2023-28320",
"sourceIdentifier": "support@hackerone.com", "sourceIdentifier": "support@hackerone.com",
"published": "2023-05-26T21:15:15.937", "published": "2023-05-26T21:15:15.937",
"lastModified": "2023-07-24T19:15:10.253", "lastModified": "2023-07-25T16:15:10.707",
"vulnStatus": "Modified", "vulnStatus": "Undergoing Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -79,6 +79,18 @@
} }
], ],
"references": [ "references": [
{
"url": "http://seclists.org/fulldisclosure/2023/Jul/47",
"source": "support@hackerone.com"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Jul/48",
"source": "support@hackerone.com"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Jul/52",
"source": "support@hackerone.com"
},
{ {
"url": "https://hackerone.com/reports/1929597", "url": "https://hackerone.com/reports/1929597",
"source": "support@hackerone.com", "source": "support@hackerone.com",

16
CVE-2023/CVE-2023-283xx/CVE-2023-28321.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28321", "id": "CVE-2023-28321",
"sourceIdentifier": "support@hackerone.com", "sourceIdentifier": "support@hackerone.com",
"published": "2023-05-26T21:15:16.020", "published": "2023-05-26T21:15:16.020",
"lastModified": "2023-07-24T19:15:10.337", "lastModified": "2023-07-25T16:15:10.863",
"vulnStatus": "Modified", "vulnStatus": "Undergoing Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -95,6 +95,18 @@
} }
], ],
"references": [ "references": [
{
"url": "http://seclists.org/fulldisclosure/2023/Jul/47",
"source": "support@hackerone.com"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Jul/48",
"source": "support@hackerone.com"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Jul/52",
"source": "support@hackerone.com"
},
{ {
"url": "https://hackerone.com/reports/1950627", "url": "https://hackerone.com/reports/1950627",
"source": "support@hackerone.com", "source": "support@hackerone.com",

16
CVE-2023/CVE-2023-283xx/CVE-2023-28322.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28322", "id": "CVE-2023-28322",
"sourceIdentifier": "support@hackerone.com", "sourceIdentifier": "support@hackerone.com",
"published": "2023-05-26T21:15:16.153", "published": "2023-05-26T21:15:16.153",
"lastModified": "2023-07-24T19:15:10.433", "lastModified": "2023-07-25T16:15:11.037",
"vulnStatus": "Modified", "vulnStatus": "Undergoing Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -95,6 +95,18 @@
} }
], ],
"references": [ "references": [
{
"url": "http://seclists.org/fulldisclosure/2023/Jul/47",
"source": "support@hackerone.com"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Jul/48",
"source": "support@hackerone.com"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Jul/52",
"source": "support@hackerone.com"
},
{ {
"url": "https://hackerone.com/reports/1954658", "url": "https://hackerone.com/reports/1954658",
"source": "support@hackerone.com", "source": "support@hackerone.com",

16
CVE-2023/CVE-2023-29xx/CVE-2023-2953.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2953", "id": "CVE-2023-2953",
"sourceIdentifier": "secalert@redhat.com", "sourceIdentifier": "secalert@redhat.com",
"published": "2023-05-30T22:15:10.613", "published": "2023-05-30T22:15:10.613",
"lastModified": "2023-07-24T19:15:10.527", "lastModified": "2023-07-25T16:15:11.207",
"vulnStatus": "Modified", "vulnStatus": "Undergoing Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",
@ -94,6 +94,18 @@
} }
], ],
"references": [ "references": [
{
"url": "http://seclists.org/fulldisclosure/2023/Jul/47",
"source": "secalert@redhat.com"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Jul/48",
"source": "secalert@redhat.com"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Jul/52",
"source": "secalert@redhat.com"
},
{ {
"url": "https://access.redhat.com/security/cve/CVE-2023-2953", "url": "https://access.redhat.com/security/cve/CVE-2023-2953",
"source": "secalert@redhat.com", "source": "secalert@redhat.com",

8
CVE-2023/CVE-2023-324xx/CVE-2023-32409.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-32409", "id": "CVE-2023-32409",
"sourceIdentifier": "product-security@apple.com", "sourceIdentifier": "product-security@apple.com",
"published": "2023-06-23T18:15:13.183", "published": "2023-06-23T18:15:13.183",
"lastModified": "2023-06-30T07:06:51.937", "lastModified": "2023-07-25T16:15:11.410",
"vulnStatus": "Analyzed", "vulnStatus": "Modified",
"cisaExploitAdd": "2023-05-22", "cisaExploitAdd": "2023-05-22",
"cisaActionDue": "2023-06-12", "cisaActionDue": "2023-06-12",
"cisaRequiredAction": "Apply updates per vendor instructions.", "cisaRequiredAction": "Apply updates per vendor instructions.",
@ -102,6 +102,10 @@
} }
], ],
"references": [ "references": [
{
"url": "http://seclists.org/fulldisclosure/2023/Jul/46",
"source": "product-security@apple.com"
},
{ {
"url": "https://support.apple.com/en-us/HT213757", "url": "https://support.apple.com/en-us/HT213757",
"source": "product-security@apple.com", "source": "product-security@apple.com",

4
CVE-2023/CVE-2023-339xx/CVE-2023-33925.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-33925", "id": "CVE-2023-33925",
"sourceIdentifier": "audit@patchstack.com", "sourceIdentifier": "audit@patchstack.com",
"published": "2023-07-25T13:15:10.157", "published": "2023-07-25T13:15:10.157",
"lastModified": "2023-07-25T13:15:10.157", "lastModified": "2023-07-25T17:22:14.780",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

4
CVE-2023/CVE-2023-340xx/CVE-2023-34017.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34017", "id": "CVE-2023-34017",
"sourceIdentifier": "audit@patchstack.com", "sourceIdentifier": "audit@patchstack.com",
"published": "2023-07-25T14:15:10.527", "published": "2023-07-25T14:15:10.527",
"lastModified": "2023-07-25T14:15:10.527", "lastModified": "2023-07-25T17:22:14.780",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

4
CVE-2023/CVE-2023-340xx/CVE-2023-34093.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34093", "id": "CVE-2023-34093",
"sourceIdentifier": "security-advisories@github.com", "sourceIdentifier": "security-advisories@github.com",
"published": "2023-07-25T15:15:13.377", "published": "2023-07-25T15:15:13.377",
"lastModified": "2023-07-25T15:15:13.377", "lastModified": "2023-07-25T17:22:14.780",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

4
CVE-2023/CVE-2023-343xx/CVE-2023-34369.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34369", "id": "CVE-2023-34369",
"sourceIdentifier": "audit@patchstack.com", "sourceIdentifier": "audit@patchstack.com",
"published": "2023-07-25T14:15:10.633", "published": "2023-07-25T14:15:10.633",
"lastModified": "2023-07-25T14:15:10.633", "lastModified": "2023-07-25T17:22:14.780",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

4
CVE-2023/CVE-2023-34xx/CVE-2023-3486.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3486", "id": "CVE-2023-3486",
"sourceIdentifier": "vulnreport@tenable.com", "sourceIdentifier": "vulnreport@tenable.com",
"published": "2023-07-25T13:15:10.330", "published": "2023-07-25T13:15:10.330",
"lastModified": "2023-07-25T13:15:10.330", "lastModified": "2023-07-25T17:22:14.780",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

4
CVE-2023/CVE-2023-350xx/CVE-2023-35043.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35043", "id": "CVE-2023-35043",
"sourceIdentifier": "audit@patchstack.com", "sourceIdentifier": "audit@patchstack.com",
"published": "2023-07-25T13:15:10.243", "published": "2023-07-25T13:15:10.243",
"lastModified": "2023-07-25T13:15:10.243", "lastModified": "2023-07-25T17:22:14.780",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

4
CVE-2023/CVE-2023-35xx/CVE-2023-3548.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3548", "id": "CVE-2023-3548",
"sourceIdentifier": "productsecurity@jci.com", "sourceIdentifier": "productsecurity@jci.com",
"published": "2023-07-25T14:15:11.123", "published": "2023-07-25T14:15:11.123",
"lastModified": "2023-07-25T14:15:11.123", "lastModified": "2023-07-25T17:22:14.780",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

4
CVE-2023/CVE-2023-363xx/CVE-2023-36385.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36385", "id": "CVE-2023-36385",
"sourceIdentifier": "audit@patchstack.com", "sourceIdentifier": "audit@patchstack.com",
"published": "2023-07-25T14:15:10.720", "published": "2023-07-25T14:15:10.720",
"lastModified": "2023-07-25T14:15:10.720", "lastModified": "2023-07-25T17:22:14.780",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

4
CVE-2023/CVE-2023-365xx/CVE-2023-36501.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36501", "id": "CVE-2023-36501",
"sourceIdentifier": "audit@patchstack.com", "sourceIdentifier": "audit@patchstack.com",
"published": "2023-07-25T14:15:10.807", "published": "2023-07-25T14:15:10.807",
"lastModified": "2023-07-25T14:15:10.807", "lastModified": "2023-07-25T17:22:14.780",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

4
CVE-2023/CVE-2023-365xx/CVE-2023-36502.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36502", "id": "CVE-2023-36502",
"sourceIdentifier": "audit@patchstack.com", "sourceIdentifier": "audit@patchstack.com",
"published": "2023-07-25T14:15:10.893", "published": "2023-07-25T14:15:10.893",
"lastModified": "2023-07-25T14:15:10.893", "lastModified": "2023-07-25T17:22:14.780",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

4
CVE-2023/CVE-2023-365xx/CVE-2023-36503.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-36503", "id": "CVE-2023-36503",
"sourceIdentifier": "audit@patchstack.com", "sourceIdentifier": "audit@patchstack.com",
"published": "2023-07-25T14:15:10.980", "published": "2023-07-25T14:15:10.980",
"lastModified": "2023-07-25T14:15:10.980", "lastModified": "2023-07-25T17:22:14.780",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

4
CVE-2023/CVE-2023-36xx/CVE-2023-3637.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3637", "id": "CVE-2023-3637",
"sourceIdentifier": "secalert@redhat.com", "sourceIdentifier": "secalert@redhat.com",
"published": "2023-07-25T13:15:10.407", "published": "2023-07-25T13:15:10.407",
"lastModified": "2023-07-25T13:15:10.407", "lastModified": "2023-07-25T17:22:14.780",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

4
CVE-2023/CVE-2023-378xx/CVE-2023-37895.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-37895", "id": "CVE-2023-37895",
"sourceIdentifier": "security@apache.org", "sourceIdentifier": "security@apache.org",
"published": "2023-07-25T15:15:13.587", "published": "2023-07-25T15:15:13.587",
"lastModified": "2023-07-25T15:15:13.587", "lastModified": "2023-07-25T17:22:14.780",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

47
CVE-2023/CVE-2023-37xx/CVE-2023-3772.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2023-3772",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-07-25T16:15:11.660",
"lastModified": "2023-07-25T17:22:14.780",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in the Linux kernel\u2019s IP framework for transforming packets (XFRM subsystem). This issue may allow a malicious user with CAP_NET_ADMIN privileges to directly dereference a NULL pointer in xfrm_update_ae_params(), leading to a possible kernel crash and denial of service."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secalert@redhat.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://access.redhat.com/security/cve/CVE-2023-3772",
"source": "secalert@redhat.com"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2218943",
"source": "secalert@redhat.com"
}
]
}

47
CVE-2023/CVE-2023-37xx/CVE-2023-3773.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2023-3773",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-07-25T16:15:11.733",
"lastModified": "2023-07-25T17:22:14.780",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in the Linux kernel\u2019s IP framework for transforming packets (XFRM subsystem). This issue may allow a malicious user with CAP_NET_ADMIN privileges to cause a 4 byte out-of-bounds read of XFRMA_MTIMER_THRESH when parsing netlink attributes, leading to potential leakage of sensitive heap data to userspace."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secalert@redhat.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://access.redhat.com/security/cve/CVE-2023-3773",
"source": "secalert@redhat.com"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2218944",
"source": "secalert@redhat.com"
}
]
}

32
CVE-2023/CVE-2023-384xx/CVE-2023-38435.json Normal file
View File

@ -0,0 +1,32 @@
{
"id": "CVE-2023-38435",
"sourceIdentifier": "security@apache.org",
"published": "2023-07-25T16:15:11.500",
"lastModified": "2023-07-25T17:22:14.780",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "\nAn improper neutralization of input during web page generation ('Cross-site Scripting') [CWE-79] vulnerability in Apache Felix Healthcheck Webconsole Plugin version 2.0.2 and prior may allow an attacker to perform a reflected cross-site scripting (XSS) attack.\n\nUpgrade to Apache Felix Healthcheck Webconsole Plugin 2.1.0 or higher."
}
],
"metrics": {},
"weaknesses": [
{
"source": "security@apache.org",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://lists.apache.org/thread/r3blhp3onr4rdbkgdyglqnccg0v79pfv",
"source": "security@apache.org"
}
]
}

4
CVE-2023/CVE-2023-391xx/CVE-2023-39173.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-39173", "id": "CVE-2023-39173",
"sourceIdentifier": "security@jetbrains.com", "sourceIdentifier": "security@jetbrains.com",
"published": "2023-07-25T15:15:13.693", "published": "2023-07-25T15:15:13.693",
"lastModified": "2023-07-25T15:15:13.693", "lastModified": "2023-07-25T17:22:14.780",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

4
CVE-2023/CVE-2023-391xx/CVE-2023-39174.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-39174", "id": "CVE-2023-39174",
"sourceIdentifier": "security@jetbrains.com", "sourceIdentifier": "security@jetbrains.com",
"published": "2023-07-25T15:15:13.830", "published": "2023-07-25T15:15:13.830",
"lastModified": "2023-07-25T15:15:13.830", "lastModified": "2023-07-25T17:22:14.780",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

4
CVE-2023/CVE-2023-391xx/CVE-2023-39175.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-39175", "id": "CVE-2023-39175",
"sourceIdentifier": "security@jetbrains.com", "sourceIdentifier": "security@jetbrains.com",
"published": "2023-07-25T15:15:13.917", "published": "2023-07-25T15:15:13.917",
"lastModified": "2023-07-25T15:15:13.917", "lastModified": "2023-07-25T17:22:14.780",
"vulnStatus": "Received", "vulnStatus": "Awaiting Analysis",
"descriptions": [ "descriptions": [
{ {
"lang": "en", "lang": "en",

75
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update ### Last Repository Update
```plain ```plain
2023-07-25T16:00:26.544144+00:00 2023-07-25T18:00:31.419140+00:00
``` ```
### Most recent CVE Modification Timestamp synchronized with NVD ### Most recent CVE Modification Timestamp synchronized with NVD
```plain ```plain
2023-07-25T15:30:52.077000+00:00 2023-07-25T17:42:56.930000+00:00
``` ```
### Last Data Feed Release ### Last Data Feed Release
@ -29,56 +29,47 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs ### Total Number of included CVEs
```plain ```plain
220990 220993
``` ```
### CVEs added in the last Commit ### CVEs added in the last Commit
Recently added CVEs: `12` Recently added CVEs: `3`
* [CVE-2023-34017](CVE-2023/CVE-2023-340xx/CVE-2023-34017.json) (`2023-07-25T14:15:10.527`) * [CVE-2023-38435](CVE-2023/CVE-2023-384xx/CVE-2023-38435.json) (`2023-07-25T16:15:11.500`)
* [CVE-2023-34369](CVE-2023/CVE-2023-343xx/CVE-2023-34369.json) (`2023-07-25T14:15:10.633`) * [CVE-2023-3772](CVE-2023/CVE-2023-37xx/CVE-2023-3772.json) (`2023-07-25T16:15:11.660`)
* [CVE-2023-36385](CVE-2023/CVE-2023-363xx/CVE-2023-36385.json) (`2023-07-25T14:15:10.720`) * [CVE-2023-3773](CVE-2023/CVE-2023-37xx/CVE-2023-3773.json) (`2023-07-25T16:15:11.733`)
* [CVE-2023-36501](CVE-2023/CVE-2023-365xx/CVE-2023-36501.json) (`2023-07-25T14:15:10.807`)
* [CVE-2023-36502](CVE-2023/CVE-2023-365xx/CVE-2023-36502.json) (`2023-07-25T14:15:10.893`)
* [CVE-2023-36503](CVE-2023/CVE-2023-365xx/CVE-2023-36503.json) (`2023-07-25T14:15:10.980`)
* [CVE-2023-3548](CVE-2023/CVE-2023-35xx/CVE-2023-3548.json) (`2023-07-25T14:15:11.123`)
* [CVE-2023-34093](CVE-2023/CVE-2023-340xx/CVE-2023-34093.json) (`2023-07-25T15:15:13.377`)
* [CVE-2023-37895](CVE-2023/CVE-2023-378xx/CVE-2023-37895.json) (`2023-07-25T15:15:13.587`)
* [CVE-2023-39173](CVE-2023/CVE-2023-391xx/CVE-2023-39173.json) (`2023-07-25T15:15:13.693`)
* [CVE-2023-39174](CVE-2023/CVE-2023-391xx/CVE-2023-39174.json) (`2023-07-25T15:15:13.830`)
* [CVE-2023-39175](CVE-2023/CVE-2023-391xx/CVE-2023-39175.json) (`2023-07-25T15:15:13.917`)
### CVEs modified in the last Commit ### CVEs modified in the last Commit
Recently modified CVEs: `67` Recently modified CVEs: `44`
* [CVE-2023-22005](CVE-2023/CVE-2023-220xx/CVE-2023-22005.json) (`2023-07-25T15:15:11.203`) * [CVE-2023-2068](CVE-2023/CVE-2023-20xx/CVE-2023-2068.json) (`2023-07-25T17:15:11.137`)
* [CVE-2023-22006](CVE-2023/CVE-2023-220xx/CVE-2023-22006.json) (`2023-07-25T15:15:11.363`) * [CVE-2023-2223](CVE-2023/CVE-2023-22xx/CVE-2023-2223.json) (`2023-07-25T17:15:11.277`)
* [CVE-2023-22007](CVE-2023/CVE-2023-220xx/CVE-2023-22007.json) (`2023-07-25T15:15:11.477`) * [CVE-2023-2224](CVE-2023/CVE-2023-22xx/CVE-2023-2224.json) (`2023-07-25T17:15:11.420`)
* [CVE-2023-22008](CVE-2023/CVE-2023-220xx/CVE-2023-22008.json) (`2023-07-25T15:15:11.587`) * [CVE-2023-2601](CVE-2023/CVE-2023-26xx/CVE-2023-2601.json) (`2023-07-25T17:15:11.547`)
* [CVE-2023-22033](CVE-2023/CVE-2023-220xx/CVE-2023-22033.json) (`2023-07-25T15:15:11.683`) * [CVE-2023-2605](CVE-2023/CVE-2023-26xx/CVE-2023-2605.json) (`2023-07-25T17:15:11.710`)
* [CVE-2023-22036](CVE-2023/CVE-2023-220xx/CVE-2023-22036.json) (`2023-07-25T15:15:11.787`) * [CVE-2023-23833](CVE-2023/CVE-2023-238xx/CVE-2023-23833.json) (`2023-07-25T17:22:14.780`)
* [CVE-2023-22038](CVE-2023/CVE-2023-220xx/CVE-2023-22038.json) (`2023-07-25T15:15:11.877`) * [CVE-2023-33925](CVE-2023/CVE-2023-339xx/CVE-2023-33925.json) (`2023-07-25T17:22:14.780`)
* [CVE-2023-22041](CVE-2023/CVE-2023-220xx/CVE-2023-22041.json) (`2023-07-25T15:15:11.987`) * [CVE-2023-35043](CVE-2023/CVE-2023-350xx/CVE-2023-35043.json) (`2023-07-25T17:22:14.780`)
* [CVE-2023-22043](CVE-2023/CVE-2023-220xx/CVE-2023-22043.json) (`2023-07-25T15:15:12.070`) * [CVE-2023-3486](CVE-2023/CVE-2023-34xx/CVE-2023-3486.json) (`2023-07-25T17:22:14.780`)
* [CVE-2023-22044](CVE-2023/CVE-2023-220xx/CVE-2023-22044.json) (`2023-07-25T15:15:12.157`) * [CVE-2023-3637](CVE-2023/CVE-2023-36xx/CVE-2023-3637.json) (`2023-07-25T17:22:14.780`)
* [CVE-2023-22045](CVE-2023/CVE-2023-220xx/CVE-2023-22045.json) (`2023-07-25T15:15:12.250`) * [CVE-2023-34017](CVE-2023/CVE-2023-340xx/CVE-2023-34017.json) (`2023-07-25T17:22:14.780`)
* [CVE-2023-22046](CVE-2023/CVE-2023-220xx/CVE-2023-22046.json) (`2023-07-25T15:15:12.340`) * [CVE-2023-34369](CVE-2023/CVE-2023-343xx/CVE-2023-34369.json) (`2023-07-25T17:22:14.780`)
* [CVE-2023-22048](CVE-2023/CVE-2023-220xx/CVE-2023-22048.json) (`2023-07-25T15:15:12.470`) * [CVE-2023-36385](CVE-2023/CVE-2023-363xx/CVE-2023-36385.json) (`2023-07-25T17:22:14.780`)
* [CVE-2023-22049](CVE-2023/CVE-2023-220xx/CVE-2023-22049.json) (`2023-07-25T15:15:12.573`) * [CVE-2023-36501](CVE-2023/CVE-2023-365xx/CVE-2023-36501.json) (`2023-07-25T17:22:14.780`)
* [CVE-2023-22053](CVE-2023/CVE-2023-220xx/CVE-2023-22053.json) (`2023-07-25T15:15:12.657`) * [CVE-2023-36502](CVE-2023/CVE-2023-365xx/CVE-2023-36502.json) (`2023-07-25T17:22:14.780`)
* [CVE-2023-22054](CVE-2023/CVE-2023-220xx/CVE-2023-22054.json) (`2023-07-25T15:15:12.763`) * [CVE-2023-36503](CVE-2023/CVE-2023-365xx/CVE-2023-36503.json) (`2023-07-25T17:22:14.780`)
* [CVE-2023-22056](CVE-2023/CVE-2023-220xx/CVE-2023-22056.json) (`2023-07-25T15:15:12.867`) * [CVE-2023-3548](CVE-2023/CVE-2023-35xx/CVE-2023-3548.json) (`2023-07-25T17:22:14.780`)
* [CVE-2023-22057](CVE-2023/CVE-2023-220xx/CVE-2023-22057.json) (`2023-07-25T15:15:12.963`) * [CVE-2023-34093](CVE-2023/CVE-2023-340xx/CVE-2023-34093.json) (`2023-07-25T17:22:14.780`)
* [CVE-2023-22058](CVE-2023/CVE-2023-220xx/CVE-2023-22058.json) (`2023-07-25T15:15:13.063`) * [CVE-2023-37895](CVE-2023/CVE-2023-378xx/CVE-2023-37895.json) (`2023-07-25T17:22:14.780`)
* [CVE-2023-25193](CVE-2023/CVE-2023-251xx/CVE-2023-25193.json) (`2023-07-25T15:15:13.163`) * [CVE-2023-39173](CVE-2023/CVE-2023-391xx/CVE-2023-39173.json) (`2023-07-25T17:22:14.780`)
* [CVE-2023-2975](CVE-2023/CVE-2023-29xx/CVE-2023-2975.json) (`2023-07-25T15:15:13.277`) * [CVE-2023-39174](CVE-2023/CVE-2023-391xx/CVE-2023-39174.json) (`2023-07-25T17:22:14.780`)
* [CVE-2023-36617](CVE-2023/CVE-2023-366xx/CVE-2023-36617.json) (`2023-07-25T15:15:13.497`) * [CVE-2023-39175](CVE-2023/CVE-2023-391xx/CVE-2023-39175.json) (`2023-07-25T17:22:14.780`)
* [CVE-2023-21254](CVE-2023/CVE-2023-212xx/CVE-2023-21254.json) (`2023-07-25T15:29:19.453`) * [CVE-2023-25078](CVE-2023/CVE-2023-250xx/CVE-2023-25078.json) (`2023-07-25T17:24:34.817`)
* [CVE-2023-21255](CVE-2023/CVE-2023-212xx/CVE-2023-21255.json) (`2023-07-25T15:29:53.783`) * [CVE-2023-25178](CVE-2023/CVE-2023-251xx/CVE-2023-25178.json) (`2023-07-25T17:24:39.447`)
* [CVE-2023-21256](CVE-2023/CVE-2023-212xx/CVE-2023-21256.json) (`2023-07-25T15:30:52.077`) * [CVE-2023-20942](CVE-2023/CVE-2023-209xx/CVE-2023-20942.json) (`2023-07-25T17:42:56.930`)
## Download and Usage ## Download and Usage