admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-08 19:47:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-05-05T16:00:24.497596+00:00

Browse Source
This commit is contained in:
René Helmke 2023-05-05 18:00:27 +02:00
parent 174298b107
commit 9d7ffedd88
35 changed files with 2043 additions and 118 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

76
CVE-2020/CVE-2020-360xx/CVE-2020-36070.json Normal file
View File

@ -0,0 +1,76 @@
{
"id": "CVE-2020-36070",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-26T20:15:09.533",
"lastModified": "2023-05-05T15:21:50.040",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Insecure Permission vulnerability found in Yoyager v.1.4 and before allows a remote attacker to execute arbitrary code via a crafted .php file to the media component."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-281"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:thecontrolgroup:voyager:*:*:*:*:*:laravel:*:*",
"versionEndExcluding": "1.4.0",
"matchCriteriaId": "A8E3F57B-9490-4FE1-8B74-672DEEEA9BEA"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/the-control-group/voyager/",
"source": "cve@mitre.org",
"tags": [
"Product"
]
}
]
}

59
CVE-2022/CVE-2022-387xx/CVE-2022-38707.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2022-38707",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-05-05T14:15:09.057",
"lastModified": "2023-05-05T14:46:16.617",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "IBM Cognos Command Center 10.2.4.1 could allow a local attacker to obtain sensitive information due to insufficient session expiration. IBM X-Force ID: 234179."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.5,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-613"
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/234179",
"source": "psirt@us.ibm.com"
},
{
"url": "https://www.ibm.com/support/pages/node/6983274",
"source": "psirt@us.ibm.com"
}
]
}

59
CVE-2022/CVE-2022-439xx/CVE-2022-43919.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2022-43919",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-05-05T15:15:09.480",
"lastModified": "2023-05-05T15:15:09.480",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "IBM MQ 9.2 CD, 9.2 LTS, 9.3 CD, and 9.3 LTS could allow an authenticated attacker with authorization to craft messages to cause a denial of service. IBM X-Force ID: 241354."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.6,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/241354",
"source": "psirt@us.ibm.com"
},
{
"url": "https://www.ibm.com/support/pages/node/6986559",
"source": "psirt@us.ibm.com"
}
]
}

130
CVE-2022/CVE-2022-454xx/CVE-2022-45456.json Normal file
View File

@ -0,0 +1,130 @@
{
"id": "CVE-2022-45456",
"sourceIdentifier": "security@acronis.com",
"published": "2023-04-26T20:15:09.760",
"lastModified": "2023-05-05T15:50:41.277",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Denial of service due to unauthenticated API endpoint. The following products are affected: Acronis Agent (Windows, macOS, Linux) before build 30161."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "security@acronis.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 3.3,
"baseSeverity": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "security@acronis.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:acronis:agent:*:*:*:*:*:*:*:*",
"versionEndExcluding": "c22.08",
"matchCriteriaId": "F1556671-9476-4082-8A8C-49B9DFB0F6D5"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
},
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"references": [
{
"url": "https://security-advisory.acronis.com/advisories/SEC-4149",
"source": "security@acronis.com",
"tags": [
"Vendor Advisory"
]
}
]
}

85
CVE-2023/CVE-2023-00xx/CVE-2023-0045.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-0045",
"sourceIdentifier": "cve-coordination@google.com",
"published": "2023-04-25T23:15:09.013",
"lastModified": "2023-05-03T14:15:16.303",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2023-05-05T15:54:54.760",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "cve-coordination@google.com",
"type": "Secondary",
@ -35,6 +55,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-610"
}
]
},
{
"source": "cve-coordination@google.com",
"type": "Secondary",
@ -46,18 +76,63 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "4.9.176",
"matchCriteriaId": "3A55B365-D4BE-4929-BD9F-94E7D873BDA2"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"
}
]
}
]
}
],
"references": [
{
"url": "https://git.kernel.org/tip/a664ec9158eeddd75121d39c9a0758016097fa96",
"source": "cve-coordination@google.com"
"source": "cve-coordination@google.com",
"tags": [
"Mailing List",
"Patch"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html",
"source": "cve-coordination@google.com"
"source": "cve-coordination@google.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html",
"source": "cve-coordination@google.com"
"source": "cve-coordination@google.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-228xx/CVE-2023-22874.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2023-22874",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-05-05T15:15:09.567",
"lastModified": "2023-05-05T15:15:09.567",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "IBM MQ Clients 9.2 CD, 9.3 CD, and 9.3 LTS are vulnerable to a denial of service attack when processing configuration files. IBM X-Force ID: 244216."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/244216",
"source": "psirt@us.ibm.com"
},
{
"url": "https://www.ibm.com/support/pages/node/6985901",
"source": "psirt@us.ibm.com"
}
]
}

86
CVE-2023/CVE-2023-22xx/CVE-2023-2269.json Normal file
View File

@ -0,0 +1,86 @@
{
"id": "CVE-2023-2269",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-04-25T21:15:10.627",
"lastModified": "2023-05-05T14:04:37.237",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A denial of service problem was found, due to a possible recursive locking scenario, resulting in a deadlock in table_clear in drivers/md/dm-ioctl.c in the Linux Kernel Device Mapper-Multipathing sub-component."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-667"
}
]
},
{
"source": "secalert@redhat.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-413"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B6FAA415-53CF-4007-875A-9045AD1A540F"
}
]
}
]
}
],
"references": [
{
"url": "https://lore.kernel.org/lkml/ZD1xyZxb3rHot8PV@redhat.com/t/",
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Vendor Advisory"
]
}
]
}

86
CVE-2023/CVE-2023-22xx/CVE-2023-2291.json Normal file
View File

@ -0,0 +1,86 @@
{
"id": "CVE-2023-2291",
"sourceIdentifier": "vulnreport@tenable.com",
"published": "2023-04-26T21:15:09.037",
"lastModified": "2023-05-05T14:35:51.847",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Static credentials exist in the PostgreSQL data used in ManageEngine Access Manager Plus (AMP) build 4309, ManageEngine Password Manager Pro, and ManageEngine PAM360. These credentials could allow a malicious actor to modify configuration data that would escalate their permissions from that of a low-privileged user to an Administrative user."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_access_manager_plus:4.3:build4309:*:*:*:*:*:*",
"matchCriteriaId": "A9EE7E99-B428-41EF-A693-7A316F695160"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_pam360:*:*:*:*:*:*:*:*",
"matchCriteriaId": "686A57A8-EB80-4920-8AD8-386FB96743EE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:zohocorp:manageengine_password_manager_pro:*:*:*:*:*:*:*:*",
"matchCriteriaId": "83D1273D-8255-47D2-BD6C-9BE312685301"
}
]
}
]
}
],
"references": [
{
"url": "https://tenable.com/security/research/tra-2023-16",
"source": "vulnreport@tenable.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

154
CVE-2023/CVE-2023-265xx/CVE-2023-26567.json Normal file
View File

@ -0,0 +1,154 @@
{
"id": "CVE-2023-26567",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-26T20:15:09.860",
"lastModified": "2023-05-05T15:10:19.097",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Sangoma FreePBX 1805 through 2302 (when obtained as a ,.ISO file) places AMPDBUSER, AMPDBPASS, AMPMGRUSER, and AMPMGRPASS in the list of global variables. This exposes cleartext authentication credentials for the Asterisk Database (MariaDB/MySQL) and Asterisk Manager Interface. For example, an attacker can make a /ari/asterisk/variable?variable=AMPDBPASS API call."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-522"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sangoma:freepbx_linux_7:1805:*:*:*:*:*:*:*",
"matchCriteriaId": "7F799892-BFCA-4184-BF34-4D316A7B5304"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sangoma:freepbx_linux_7:1904:*:*:*:*:*:*:*",
"matchCriteriaId": "DCC57541-8B9A-4F7C-B5AD-BABDE74D987B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sangoma:freepbx_linux_7:1910:*:*:*:*:*:*:*",
"matchCriteriaId": "CDB0599D-399C-4B25-AC8D-F0DFD9F960C9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sangoma:freepbx_linux_7:2002:*:*:*:*:*:*:*",
"matchCriteriaId": "2CC01C41-5999-48DF-BA27-EB08793F9C62"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sangoma:freepbx_linux_7:2008:*:*:*:*:*:*:*",
"matchCriteriaId": "1A62509A-E706-4AAE-980A-538A95FAEFFD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sangoma:freepbx_linux_7:2011:*:*:*:*:*:*:*",
"matchCriteriaId": "44020ABA-8123-4E39-95CD-99C96DA76630"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sangoma:freepbx_linux_7:2104:*:*:*:*:*:*:*",
"matchCriteriaId": "59E7AB2A-F42F-495B-9786-63157F8FFD39"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sangoma:freepbx_linux_7:2105:*:*:*:*:*:*:*",
"matchCriteriaId": "6A022DFF-AFB0-4BC9-9995-C0732D4A53D3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sangoma:freepbx_linux_7:2109:*:*:*:*:*:*:*",
"matchCriteriaId": "F34D4BBD-FCE8-41C3-8E72-4FB06AE93D6C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sangoma:freepbx_linux_7:2112:*:*:*:*:*:*:*",
"matchCriteriaId": "938CB1A3-B087-4B13-8017-FB20EA66E25E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sangoma:freepbx_linux_7:2201:*:*:*:*:*:*:*",
"matchCriteriaId": "5091CC73-0948-4F66-A95F-08B2D806706E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sangoma:freepbx_linux_7:2202:*:*:*:*:*:*:*",
"matchCriteriaId": "938FF93C-F1D1-46AC-8EBE-4EAF9B3266FD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sangoma:freepbx_linux_7:2203:*:*:*:*:*:*:*",
"matchCriteriaId": "AAFC050D-EEFD-4DD2-BCF3-A5209BD07A8F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:sangoma:freepbx_linux_7:2302:*:*:*:*:*:*:*",
"matchCriteriaId": "B3D1EA05-C694-421E-BD19-9FEA00731998"
}
]
}
]
}
],
"references": [
{
"url": "https://qsecure.com.cy/resources/advisories/sangoma-freepbx-linux-insecure-permissions",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.freepbx.org",
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://www.sangoma.com/products/open-source/",
"source": "cve@mitre.org",
"tags": [
"Product"
]
}
]
}

69
CVE-2023/CVE-2023-284xx/CVE-2023-28472.json
View File

@ -2,23 +2,82 @@
"id": "CVE-2023-28472",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-28T14:15:10.407",
"lastModified": "2023-04-28T17:06:28.060",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-05T14:51:21.107",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Concrete CMS (previously concrete5) before 9.2 does not have Secure and HTTP only attributes set for ccmPoll cookies."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:concretecms:concrete_cms:*:*:*:*:*:*:*:*",
"versionEndExcluding": "9.2.0",
"matchCriteriaId": "00F33859-EA9B-4E6D-9B8C-62945094ED9F"
}
]
}
]
}
],
"references": [
{
"url": "https://concretecms.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://www.concretecms.org/about/project-news/security/concrete-cms-security-advisory-2023-04-20",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
}
]
}

69
CVE-2023/CVE-2023-284xx/CVE-2023-28473.json
View File

@ -2,23 +2,82 @@
"id": "CVE-2023-28473",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-28T14:15:10.447",
"lastModified": "2023-04-28T17:06:28.060",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-05T15:13:54.867",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Concrete CMS (previously concrete5) before 9.2 is vulnerable to possible Auth bypass in the jobs section."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:concretecms:concrete_cms:*:*:*:*:*:*:*:*",
"versionEndExcluding": "9.2.0",
"matchCriteriaId": "00F33859-EA9B-4E6D-9B8C-62945094ED9F"
}
]
}
]
}
],
"references": [
{
"url": "https://concretecms.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://www.concretecms.org/about/project-news/security/concrete-cms-security-advisory-2023-04-20",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
}
]
}

69
CVE-2023/CVE-2023-284xx/CVE-2023-28474.json
View File

@ -2,23 +2,82 @@
"id": "CVE-2023-28474",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-28T14:15:10.487",
"lastModified": "2023-04-28T17:06:28.060",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-05T14:25:33.800",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Concrete CMS (previously concrete5) before 9.2 is vulnerable to Stored XSS on Saved Presets on search."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:concretecms:concrete_cms:*:*:*:*:*:*:*:*",
"versionEndExcluding": "9.2.0",
"matchCriteriaId": "00F33859-EA9B-4E6D-9B8C-62945094ED9F"
}
]
}
]
}
],
"references": [
{
"url": "https://concretecms.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://www.concretecms.org/about/project-news/security/concrete-cms-security-advisory-2023-04-20",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
}
]
}

69
CVE-2023/CVE-2023-284xx/CVE-2023-28475.json
View File

@ -2,23 +2,82 @@
"id": "CVE-2023-28475",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-28T14:15:10.523",
"lastModified": "2023-04-28T17:06:28.060",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-05T14:25:46.357",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Concrete CMS (previously concrete5) before 9.2 is vulnerable to Reflected XSS on the Reply form because msgID was not sanitized."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:concretecms:concrete_cms:*:*:*:*:*:*:*:*",
"versionEndExcluding": "9.2.0",
"matchCriteriaId": "00F33859-EA9B-4E6D-9B8C-62945094ED9F"
}
]
}
]
}
],
"references": [
{
"url": "https://concretecms.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://www.concretecms.org/about/project-news/security/concrete-cms-security-advisory-2023-04-20",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
}
]
}

69
CVE-2023/CVE-2023-284xx/CVE-2023-28476.json
View File

@ -2,23 +2,82 @@
"id": "CVE-2023-28476",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-28T14:15:10.557",
"lastModified": "2023-04-28T17:06:28.060",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-05T14:25:10.817",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Concrete CMS (previously concrete5) before 9.2 is vulnerable to Stored XSS on Tags on uploaded files."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:concretecms:concrete_cms:*:*:*:*:*:*:*:*",
"versionEndExcluding": "9.2.0",
"matchCriteriaId": "00F33859-EA9B-4E6D-9B8C-62945094ED9F"
}
]
}
]
}
],
"references": [
{
"url": "https://concretecms.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://www.concretecms.org/about/project-news/security/concrete-cms-security-advisory-2023-04-20",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
}
]
}

64
CVE-2023/CVE-2023-284xx/CVE-2023-28477.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28477",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-28T14:15:10.597",
"lastModified": "2023-04-28T17:06:28.060",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-05T14:15:19.653",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "cve@mitre.org",
"type": "Secondary",
@ -34,14 +54,50 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:concretecms:concrete_cms:*:*:*:*:*:*:*:*",
"versionEndExcluding": "9.2.0",
"matchCriteriaId": "00F33859-EA9B-4E6D-9B8C-62945094ED9F"
}
]
}
]
}
],
"references": [
{
"url": "https://concretecms.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://www.concretecms.org/about/project-news/security/concrete-cms-security-advisory-2023-04-20",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
}
]
}

68
CVE-2023/CVE-2023-285xx/CVE-2023-28528.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28528",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-04-28T03:15:08.453",
"lastModified": "2023-04-28T12:58:08.387",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-05T15:19:10.797",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
@ -46,14 +66,54 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ibm:vios:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6F61BE89-FBDE-4312-8422-86D1A9F57C9E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:ibm:aix:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0402E20C-8B41-4A2A-BFF9-92EC843985F0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:ibm:aix:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6791504A-A48A-4ED0-94AF-4C8A3B91516F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:ibm:aix:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "35DF3DE0-1AE4-4B25-843F-BC08DBBFDF78"
}
]
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/251207",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
]
},
{
"url": "https://www.ibm.com/support/pages/node/6983232",
"source": "psirt@us.ibm.com"
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

64
CVE-2023/CVE-2023-288xx/CVE-2023-28819.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28819",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-28T14:15:10.657",
"lastModified": "2023-04-28T17:06:28.060",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-05-05T14:14:24.943",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "cve@mitre.org",
"type": "Secondary",
@ -34,14 +54,50 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:concretecms:concrete_cms:*:*:*:*:*:*:*:*",
"versionEndExcluding": "9.1.0",
"matchCriteriaId": "F6D15F6B-68AA-45B6-B98D-F2C1671263F2"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/concretecms/concretecms/releases",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Release Notes"
]
},
{
"url": "https://www.concretecms.org/about/project-news/security/concrete-cms-security-advisory-2023-04-20",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
}
]
}

20
CVE-2023/CVE-2023-299xx/CVE-2023-29932.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-29932",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-05T15:15:09.633",
"lastModified": "2023-05-05T15:15:09.633",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "llvm-project commit fdbc55a5 was discovered to contain a segmentation fault via the component mlir::IROperand<mlir::OpOperand."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/llvm/llvm-project/issues/58745",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-299xx/CVE-2023-29933.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-29933",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-05T15:15:09.683",
"lastModified": "2023-05-05T15:15:09.683",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "llvm-project commit bd456297 was discovered to contain a segmentation fault via the component mlir::Block::getArgument."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/llvm/llvm-project/issues/59442",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-299xx/CVE-2023-29934.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-29934",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-05T15:15:09.733",
"lastModified": "2023-05-05T15:15:09.733",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "llvm-project commit 6c01b5c was discovered to contain a segmentation fault via the component mlir::Type::getDialect()."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/llvm/llvm-project/issues/59136",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-299xx/CVE-2023-29935.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-29935",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-05T15:15:09.783",
"lastModified": "2023-05-05T15:15:09.783",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "llvm-project commit a0138390 was discovered to contain an assertion failure at !replacements.count(op) && \"operation was already replaced."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/llvm/llvm-project/issues/59182",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-299xx/CVE-2023-29939.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-29939",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-05T15:15:09.850",
"lastModified": "2023-05-05T15:15:09.850",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "llvm-project commit a0138390 was discovered to contain a segmentation fault via the component mlir::spirv::TargetEnv::TargetEnv(mlir::spirv::TargetEnvAttr)."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/llvm/llvm-project/issues/59983",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-299xx/CVE-2023-29941.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-29941",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-05T15:15:09.917",
"lastModified": "2023-05-05T15:15:09.917",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "llvm-project commit a0138390 was discovered to contain a segmentation fault via the component matchAndRewriteSortOp<mlir::sparse_tensor::SortOp>(mlir::sparse_tensor::SortOp."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/llvm/llvm-project/issues/59988",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-299xx/CVE-2023-29942.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-29942",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-05T15:15:09.970",
"lastModified": "2023-05-05T15:15:09.970",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "llvm-project commit a0138390 was discovered to contain a segmentation fault via the component mlir::Type::isa<mlir::LLVM::LLVMVoidType."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/llvm/llvm-project/issues/59990",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-300xx/CVE-2023-30013.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-30013",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-05T14:15:09.147",
"lastModified": "2023-05-05T14:46:16.617",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "TOTOLINK X5000R V9.1.0u.6118_B20201102 and V9.1.0u.6369_B20230113 contain a command insertion vulnerability in setting/setTracerouteCfg. This vulnerability allows an attacker to execute arbitrary commands through the \"command\" parameter."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/Kazamayc/vuln/tree/main/TOTOLINK/X5000R/2",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-300xx/CVE-2023-30053.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-30053",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-05T15:15:10.020",
"lastModified": "2023-05-05T15:15:10.020",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "TOTOLINK A7100RU V7.4cu.2313_B20191024 is vulnerable to Command Injection."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/Am1ngl/ttt/tree/main/160",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-300xx/CVE-2023-30054.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-30054",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-05T15:15:10.070",
"lastModified": "2023-05-05T15:15:10.070",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "TOTOLINK A7100RU V7.4cu.2313_B20191024 has a Command Injection vulnerability. An attacker can obtain a stable root shell through a specially constructed payload."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/Am1ngl/ttt/tree/main/161",
"source": "cve@mitre.org"
}
]
}

24
CVE-2023/CVE-2023-302xx/CVE-2023-30243.json Normal file
View File

@ -0,0 +1,24 @@
{
"id": "CVE-2023-30243",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-05T14:15:09.190",
"lastModified": "2023-05-05T14:46:16.617",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Beijing Netcon NS-ASG Application Security Gateway v6.3 is vulnerable to SQL Injection via TunnelId that allows access to sensitive information."
}
],
"metrics": {},
"references": [
{
"url": "http://ns-asg.com",
"source": "cve@mitre.org"
},
{
"url": "https://www.netentsec.com/",
"source": "cve@mitre.org"
}
]
}

84
CVE-2023/CVE-2023-303xx/CVE-2023-30363.json Normal file
View File

@ -0,0 +1,84 @@
{
"id": "CVE-2023-30363",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-26T21:15:09.103",
"lastModified": "2023-05-05T14:41:38.840",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "vConsole v3.15.0 was discovered to contain a prototype pollution due to incorrect key and value resolution in setOptions in core.ts."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-1321"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tencent:vconsole:3.15.0:*:*:*:*:*:*:*",
"matchCriteriaId": "08CCBEA9-710B-4F28-AD34-81C2C886B1B1"
}
]
}
]
}
],
"references": [
{
"url": "https://cwe.mitre.org/data/definitions/1321.html",
"source": "cve@mitre.org",
"tags": [
"Technical Description"
]
},
{
"url": "https://github.com/Tencent/vConsole/issues/616",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
]
}
]
}

63
CVE-2023/CVE-2023-304xx/CVE-2023-30434.json Normal file
View File

@ -0,0 +1,63 @@
{
"id": "CVE-2023-30434",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-05-05T15:15:10.117",
"lastModified": "2023-05-05T15:15:10.117",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "IBM Storage Scale (IBM Spectrum Scale 5.1.0.0 through 5.1.2.9, 5.1.3.0 through 5.1.6.1 and IBM Elastic Storage Systems 6.1.0.0 through 6.1.2.5, 6.1.3.0 through 6.1.6.0) could allow a local user to cause a kernel panic. IBM X-Force ID: 252187."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "psirt@us.ibm.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.5,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "psirt@us.ibm.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"references": [
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/252187",
"source": "psirt@us.ibm.com"
},
{
"url": "https://www.ibm.com/support/pages/node/6988363",
"source": "psirt@us.ibm.com"
},
{
"url": "https://www.ibm.com/support/pages/node/6988365",
"source": "psirt@us.ibm.com"
}
]
}

104
CVE-2023/CVE-2023-308xx/CVE-2023-30843.json Normal file
View File

@ -0,0 +1,104 @@
{
"id": "CVE-2023-30843",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-04-26T21:15:09.177",
"lastModified": "2023-05-05T14:45:53.007",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Payload is a free and open source headless content management system. In versions prior to 1.7.0, if a user has access to documents that contain hidden fields or fields they do not have access to, the user could reverse-engineer those values via brute force. Version 1.7.0 contains a patch. As a workaround, write a `beforeOperation` hook to remove `where` queries that attempt to access hidden field data."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-200"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:payloadcms:payload:*:*:*:*:*:node.js:*:*",
"versionEndExcluding": "1.7.0",
"matchCriteriaId": "DB7D9BC3-D021-4727-9F6E-DE1293B08E03"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/payloadcms/payload/releases/tag/v1.7.0",
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/payloadcms/payload/security/advisories/GHSA-35jj-vqcf-f2jf",
"source": "security-advisories@github.com",
"tags": [
"Mitigation",
"Vendor Advisory"
]
}
]
}

98
CVE-2023/CVE-2023-312xx/CVE-2023-31250.json Normal file
View File

@ -0,0 +1,98 @@
{
"id": "CVE-2023-31250",
"sourceIdentifier": "mlhess@drupal.org",
"published": "2023-04-26T19:15:09.197",
"lastModified": "2023-05-05T15:27:27.100",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "The file download facility doesn't sufficiently sanitize file paths in certain situations. This may result in users gaining access to private files that they should not have access to. Some sites may require configuration changes following this security release. Review the release notes for your Drupal version if you have issues accessing private files after updating."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.0",
"versionEndExcluding": "7.96",
"matchCriteriaId": "CBB1BE97-A14F-4941-952F-30085276002C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.4",
"versionEndExcluding": "9.4.14",
"matchCriteriaId": "E457DE71-9E4B-459A-998B-D3BDE783B1A7"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.5",
"versionEndExcluding": "9.5.8",
"matchCriteriaId": "1E1584E4-5BB2-47C9-A183-FCF55BE05784"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*",
"versionStartIncluding": "10.0",
"versionEndExcluding": "10.0.8",
"matchCriteriaId": "AFA826F0-B7FF-46ED-AADB-13408B027C79"
}
]
}
]
}
],
"references": [
{
"url": "https://www.drupal.org/sa-core-2023-005",
"source": "mlhess@drupal.org",
"tags": [
"Vendor Advisory"
]
}
]
}

83
CVE-2023/CVE-2023-312xx/CVE-2023-31285.json Normal file
View File

@ -0,0 +1,83 @@
{
"id": "CVE-2023-31285",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-27T03:15:10.107",
"lastModified": "2023-05-05T15:21:50.697",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An XSS issue was discovered in Serenity Serene (and StartSharp) before 6.7.0. When users upload temporary files, some specific file endings are not allowed, but it is possible to upload .html or .htm files containing an XSS payload. The resulting link can be sent to an administrator user."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:serenity:serene:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.7.0",
"matchCriteriaId": "620456E1-A567-43A2-8B5C-E1F73AB94895"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:serenity:startsharp:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.7.0",
"matchCriteriaId": "C91CF539-3B1C-4A7F-8C64-2606F24BB5CF"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/serenity-is/Serenity/commit/11b9d267f840513d04b4f4d4876de7823a6e48d2",
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

71
CVE-2023/CVE-2023-312xx/CVE-2023-31287.json
View File

@ -2,19 +2,82 @@
"id": "CVE-2023-31287",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-27T03:15:10.200",
"lastModified": "2023-04-27T03:15:10.200",
"vulnStatus": "Received",
"lastModified": "2023-05-05T15:55:21.747",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Serenity Serene (and StartSharp) before 6.7.0. Password reset links are sent by email. A link contains a token that is used to reset the password. This token remains valid even after the password reset and can be used a second time to change the password of the corresponding user. The token expires only 3 hours after issuance and is sent as a query parameter when resetting. An attacker with access to the browser history can thus use the token again to change the password in order to take over the account."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-640"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:serenity:serene:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.7.0",
"matchCriteriaId": "620456E1-A567-43A2-8B5C-E1F73AB94895"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:serenity:startsharp:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.7.0",
"matchCriteriaId": "C91CF539-3B1C-4A7F-8C64-2606F24BB5CF"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/serenity-is/Serenity/commit/11b9d267f840513d04b4f4d4876de7823a6e48d2",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}

111
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-05-05T14:00:24.819742+00:00
2023-05-05T16:00:24.497596+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-05-05T13:58:10.663000+00:00
2023-05-05T15:55:21.747000+00:00
```
### Last Data Feed Release
@ -29,86 +29,53 @@ Download and Changelog: [Click](releases/latest)
### Total Number of included CVEs
```plain
214143
214158
```
### CVEs added in the last Commit
Recently added CVEs: `0`
Recently added CVEs: `15`
* [CVE-2022-38707](CVE-2022/CVE-2022-387xx/CVE-2022-38707.json) (`2023-05-05T14:15:09.057`)
* [CVE-2022-43919](CVE-2022/CVE-2022-439xx/CVE-2022-43919.json) (`2023-05-05T15:15:09.480`)
* [CVE-2023-22874](CVE-2023/CVE-2023-228xx/CVE-2023-22874.json) (`2023-05-05T15:15:09.567`)
* [CVE-2023-29932](CVE-2023/CVE-2023-299xx/CVE-2023-29932.json) (`2023-05-05T15:15:09.633`)
* [CVE-2023-29933](CVE-2023/CVE-2023-299xx/CVE-2023-29933.json) (`2023-05-05T15:15:09.683`)
* [CVE-2023-29934](CVE-2023/CVE-2023-299xx/CVE-2023-29934.json) (`2023-05-05T15:15:09.733`)
* [CVE-2023-29935](CVE-2023/CVE-2023-299xx/CVE-2023-29935.json) (`2023-05-05T15:15:09.783`)
* [CVE-2023-29939](CVE-2023/CVE-2023-299xx/CVE-2023-29939.json) (`2023-05-05T15:15:09.850`)
* [CVE-2023-29941](CVE-2023/CVE-2023-299xx/CVE-2023-29941.json) (`2023-05-05T15:15:09.917`)
* [CVE-2023-29942](CVE-2023/CVE-2023-299xx/CVE-2023-29942.json) (`2023-05-05T15:15:09.970`)
* [CVE-2023-30013](CVE-2023/CVE-2023-300xx/CVE-2023-30013.json) (`2023-05-05T14:15:09.147`)
* [CVE-2023-30053](CVE-2023/CVE-2023-300xx/CVE-2023-30053.json) (`2023-05-05T15:15:10.020`)
* [CVE-2023-30054](CVE-2023/CVE-2023-300xx/CVE-2023-30054.json) (`2023-05-05T15:15:10.070`)
* [CVE-2023-30243](CVE-2023/CVE-2023-302xx/CVE-2023-30243.json) (`2023-05-05T14:15:09.190`)
* [CVE-2023-30434](CVE-2023/CVE-2023-304xx/CVE-2023-30434.json) (`2023-05-05T15:15:10.117`)
### CVEs modified in the last Commit
Recently modified CVEs: `67`
Recently modified CVEs: `19`
* [CVE-2017-20183](CVE-2017/CVE-2017-201xx/CVE-2017-20183.json) (`2023-05-05T13:33:53.507`)
* [CVE-2021-40331](CVE-2021/CVE-2021-403xx/CVE-2021-40331.json) (`2023-05-05T13:33:53.507`)
* [CVE-2022-45048](CVE-2022/CVE-2022-450xx/CVE-2022-45048.json) (`2023-05-05T13:33:53.507`)
* [CVE-2022-47434](CVE-2022/CVE-2022-474xx/CVE-2022-47434.json) (`2023-05-05T13:33:53.507`)
* [CVE-2022-47449](CVE-2022/CVE-2022-474xx/CVE-2022-47449.json) (`2023-05-05T13:33:53.507`)
* [CVE-2023-1894](CVE-2023/CVE-2023-18xx/CVE-2023-1894.json) (`2023-05-05T13:33:53.507`)
* [CVE-2023-20126](CVE-2023/CVE-2023-201xx/CVE-2023-20126.json) (`2023-05-05T13:33:53.507`)
* [CVE-2023-21484](CVE-2023/CVE-2023-214xx/CVE-2023-21484.json) (`2023-05-05T13:33:53.507`)
* [CVE-2023-21485](CVE-2023/CVE-2023-214xx/CVE-2023-21485.json) (`2023-05-05T13:33:53.507`)
* [CVE-2023-21486](CVE-2023/CVE-2023-214xx/CVE-2023-21486.json) (`2023-05-05T13:33:53.507`)
* [CVE-2023-21487](CVE-2023/CVE-2023-214xx/CVE-2023-21487.json) (`2023-05-05T13:33:53.507`)
* [CVE-2023-21488](CVE-2023/CVE-2023-214xx/CVE-2023-21488.json) (`2023-05-05T13:33:53.507`)
* [CVE-2023-21489](CVE-2023/CVE-2023-214xx/CVE-2023-21489.json) (`2023-05-05T13:33:53.507`)
* [CVE-2023-21490](CVE-2023/CVE-2023-214xx/CVE-2023-21490.json) (`2023-05-05T13:33:53.507`)
* [CVE-2023-21491](CVE-2023/CVE-2023-214xx/CVE-2023-21491.json) (`2023-05-05T13:33:53.507`)
* [CVE-2023-21492](CVE-2023/CVE-2023-214xx/CVE-2023-21492.json) (`2023-05-05T13:33:53.507`)
* [CVE-2023-21493](CVE-2023/CVE-2023-214xx/CVE-2023-21493.json) (`2023-05-05T13:33:53.507`)
* [CVE-2023-21494](CVE-2023/CVE-2023-214xx/CVE-2023-21494.json) (`2023-05-05T13:33:53.507`)
* [CVE-2023-21495](CVE-2023/CVE-2023-214xx/CVE-2023-21495.json) (`2023-05-05T13:33:53.507`)
* [CVE-2023-21496](CVE-2023/CVE-2023-214xx/CVE-2023-21496.json) (`2023-05-05T13:33:53.507`)
* [CVE-2023-21497](CVE-2023/CVE-2023-214xx/CVE-2023-21497.json) (`2023-05-05T13:33:53.507`)
* [CVE-2023-21498](CVE-2023/CVE-2023-214xx/CVE-2023-21498.json) (`2023-05-05T13:33:53.507`)
* [CVE-2023-21499](CVE-2023/CVE-2023-214xx/CVE-2023-21499.json) (`2023-05-05T13:33:53.507`)
* [CVE-2023-21500](CVE-2023/CVE-2023-215xx/CVE-2023-21500.json) (`2023-05-05T13:33:53.507`)
* [CVE-2023-21501](CVE-2023/CVE-2023-215xx/CVE-2023-21501.json) (`2023-05-05T13:33:53.507`)
* [CVE-2023-21502](CVE-2023/CVE-2023-215xx/CVE-2023-21502.json) (`2023-05-05T13:33:53.507`)
* [CVE-2023-21503](CVE-2023/CVE-2023-215xx/CVE-2023-21503.json) (`2023-05-05T13:33:53.507`)
* [CVE-2023-21504](CVE-2023/CVE-2023-215xx/CVE-2023-21504.json) (`2023-05-05T13:33:53.507`)
* [CVE-2023-21505](CVE-2023/CVE-2023-215xx/CVE-2023-21505.json) (`2023-05-05T13:33:53.507`)
* [CVE-2023-21506](CVE-2023/CVE-2023-215xx/CVE-2023-21506.json) (`2023-05-05T13:33:53.507`)
* [CVE-2023-21507](CVE-2023/CVE-2023-215xx/CVE-2023-21507.json) (`2023-05-05T13:33:53.507`)
* [CVE-2023-21508](CVE-2023/CVE-2023-215xx/CVE-2023-21508.json) (`2023-05-05T13:33:53.507`)
* [CVE-2023-21509](CVE-2023/CVE-2023-215xx/CVE-2023-21509.json) (`2023-05-05T13:33:53.507`)
* [CVE-2023-21510](CVE-2023/CVE-2023-215xx/CVE-2023-21510.json) (`2023-05-05T13:33:53.507`)
* [CVE-2023-21511](CVE-2023/CVE-2023-215xx/CVE-2023-21511.json) (`2023-05-05T13:33:53.507`)
* [CVE-2023-23059](CVE-2023/CVE-2023-230xx/CVE-2023-23059.json) (`2023-05-05T13:33:53.507`)
* [CVE-2023-2524](CVE-2023/CVE-2023-25xx/CVE-2023-2524.json) (`2023-05-05T13:33:53.507`)
* [CVE-2023-25289](CVE-2023/CVE-2023-252xx/CVE-2023-25289.json) (`2023-05-05T13:33:53.507`)
* [CVE-2023-2531](CVE-2023/CVE-2023-25xx/CVE-2023-2531.json) (`2023-05-05T13:33:53.507`)
* [CVE-2023-25458](CVE-2023/CVE-2023-254xx/CVE-2023-25458.json) (`2023-05-05T13:33:53.507`)
* [CVE-2023-25961](CVE-2023/CVE-2023-259xx/CVE-2023-25961.json) (`2023-05-05T13:33:53.507`)
* [CVE-2023-25977](CVE-2023/CVE-2023-259xx/CVE-2023-25977.json) (`2023-05-05T13:33:53.507`)
* [CVE-2023-25982](CVE-2023/CVE-2023-259xx/CVE-2023-25982.json) (`2023-05-05T13:33:53.507`)
* [CVE-2023-28068](CVE-2023/CVE-2023-280xx/CVE-2023-28068.json) (`2023-05-05T13:33:53.507`)
* [CVE-2023-28820](CVE-2023/CVE-2023-288xx/CVE-2023-28820.json) (`2023-05-05T13:40:44.630`)
* [CVE-2023-28821](CVE-2023/CVE-2023-288xx/CVE-2023-28821.json) (`2023-05-05T13:40:26.043`)
* [CVE-2023-29530](CVE-2023/CVE-2023-295xx/CVE-2023-29530.json) (`2023-05-05T13:58:10.663`)
* [CVE-2023-30090](CVE-2023/CVE-2023-300xx/CVE-2023-30090.json) (`2023-05-05T13:33:53.507`)
* [CVE-2023-30093](CVE-2023/CVE-2023-300xx/CVE-2023-30093.json) (`2023-05-05T13:33:53.507`)
* [CVE-2023-30094](CVE-2023/CVE-2023-300xx/CVE-2023-30094.json) (`2023-05-05T13:33:53.507`)
* [CVE-2023-30095](CVE-2023/CVE-2023-300xx/CVE-2023-30095.json) (`2023-05-05T13:33:53.507`)
* [CVE-2023-30096](CVE-2023/CVE-2023-300xx/CVE-2023-30096.json) (`2023-05-05T13:33:53.507`)
* [CVE-2023-30097](CVE-2023/CVE-2023-300xx/CVE-2023-30097.json) (`2023-05-05T13:33:53.507`)
* [CVE-2023-30122](CVE-2023/CVE-2023-301xx/CVE-2023-30122.json) (`2023-05-05T13:33:53.507`)
* [CVE-2023-30135](CVE-2023/CVE-2023-301xx/CVE-2023-30135.json) (`2023-05-05T13:33:53.507`)
* [CVE-2023-30216](CVE-2023/CVE-2023-302xx/CVE-2023-30216.json) (`2023-05-05T13:33:53.507`)
* [CVE-2023-30242](CVE-2023/CVE-2023-302xx/CVE-2023-30242.json) (`2023-05-05T13:33:53.507`)
* [CVE-2023-30264](CVE-2023/CVE-2023-302xx/CVE-2023-30264.json) (`2023-05-05T13:33:53.507`)
* [CVE-2023-30268](CVE-2023/CVE-2023-302xx/CVE-2023-30268.json) (`2023-05-05T13:33:53.507`)
* [CVE-2023-30282](CVE-2023/CVE-2023-302xx/CVE-2023-30282.json) (`2023-05-05T13:33:53.507`)
* [CVE-2023-30328](CVE-2023/CVE-2023-303xx/CVE-2023-30328.json) (`2023-05-05T13:33:53.507`)
* [CVE-2023-30399](CVE-2023/CVE-2023-303xx/CVE-2023-30399.json) (`2023-05-05T13:33:53.507`)
* [CVE-2023-31284](CVE-2023/CVE-2023-312xx/CVE-2023-31284.json) (`2023-05-05T13:33:53.507`)
* [CVE-2023-31413](CVE-2023/CVE-2023-314xx/CVE-2023-31413.json) (`2023-05-05T13:33:53.507`)
* [CVE-2023-31414](CVE-2023/CVE-2023-314xx/CVE-2023-31414.json) (`2023-05-05T13:33:53.507`)
* [CVE-2023-31415](CVE-2023/CVE-2023-314xx/CVE-2023-31415.json) (`2023-05-05T13:33:53.507`)
* [CVE-2023-32235](CVE-2023/CVE-2023-322xx/CVE-2023-32235.json) (`2023-05-05T13:33:53.507`)
* [CVE-2020-36070](CVE-2020/CVE-2020-360xx/CVE-2020-36070.json) (`2023-05-05T15:21:50.040`)
* [CVE-2022-45456](CVE-2022/CVE-2022-454xx/CVE-2022-45456.json) (`2023-05-05T15:50:41.277`)
* [CVE-2023-0045](CVE-2023/CVE-2023-00xx/CVE-2023-0045.json) (`2023-05-05T15:54:54.760`)
* [CVE-2023-2269](CVE-2023/CVE-2023-22xx/CVE-2023-2269.json) (`2023-05-05T14:04:37.237`)
* [CVE-2023-2291](CVE-2023/CVE-2023-22xx/CVE-2023-2291.json) (`2023-05-05T14:35:51.847`)
* [CVE-2023-26567](CVE-2023/CVE-2023-265xx/CVE-2023-26567.json) (`2023-05-05T15:10:19.097`)
* [CVE-2023-28472](CVE-2023/CVE-2023-284xx/CVE-2023-28472.json) (`2023-05-05T14:51:21.107`)
* [CVE-2023-28473](CVE-2023/CVE-2023-284xx/CVE-2023-28473.json) (`2023-05-05T15:13:54.867`)
* [CVE-2023-28474](CVE-2023/CVE-2023-284xx/CVE-2023-28474.json) (`2023-05-05T14:25:33.800`)
* [CVE-2023-28475](CVE-2023/CVE-2023-284xx/CVE-2023-28475.json) (`2023-05-05T14:25:46.357`)
* [CVE-2023-28476](CVE-2023/CVE-2023-284xx/CVE-2023-28476.json) (`2023-05-05T14:25:10.817`)
* [CVE-2023-28477](CVE-2023/CVE-2023-284xx/CVE-2023-28477.json) (`2023-05-05T14:15:19.653`)
* [CVE-2023-28528](CVE-2023/CVE-2023-285xx/CVE-2023-28528.json) (`2023-05-05T15:19:10.797`)
* [CVE-2023-28819](CVE-2023/CVE-2023-288xx/CVE-2023-28819.json) (`2023-05-05T14:14:24.943`)
* [CVE-2023-30363](CVE-2023/CVE-2023-303xx/CVE-2023-30363.json) (`2023-05-05T14:41:38.840`)
* [CVE-2023-30843](CVE-2023/CVE-2023-308xx/CVE-2023-30843.json) (`2023-05-05T14:45:53.007`)
* [CVE-2023-31250](CVE-2023/CVE-2023-312xx/CVE-2023-31250.json) (`2023-05-05T15:27:27.100`)
* [CVE-2023-31285](CVE-2023/CVE-2023-312xx/CVE-2023-31285.json) (`2023-05-05T15:21:50.697`)
* [CVE-2023-31287](CVE-2023/CVE-2023-312xx/CVE-2023-31287.json) (`2023-05-05T15:55:21.747`)
## Download and Usage