diff --git a/CVE-2022/CVE-2022-251xx/CVE-2022-25187.json b/CVE-2022/CVE-2022-251xx/CVE-2022-25187.json index e6552a86f83..af46b5ccf8f 100644 --- a/CVE-2022/CVE-2022-251xx/CVE-2022-25187.json +++ b/CVE-2022/CVE-2022-251xx/CVE-2022-25187.json @@ -2,8 +2,8 @@ "id": "CVE-2022-25187", "sourceIdentifier": "jenkinsci-cert@googlegroups.com", "published": "2022-02-15T17:15:09.477", - "lastModified": "2023-07-10T19:04:21.817", - "vulnStatus": "Analyzed", + "lastModified": "2023-10-10T22:15:10.237", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -65,7 +65,7 @@ }, "weaknesses": [ { - "source": "nvd@nist.gov", + "source": "jenkinsci-cert@googlegroups.com", "type": "Primary", "description": [ { @@ -75,12 +75,12 @@ ] }, { - "source": "jenkinsci-cert@googlegroups.com", + "source": "nvd@nist.gov", "type": "Secondary", "description": [ { "lang": "en", - "value": "CWE-256" + "value": "CWE-212" } ] } diff --git a/CVE-2022/CVE-2022-253xx/CVE-2022-25319.json b/CVE-2022/CVE-2022-253xx/CVE-2022-25319.json index a808f9120fd..f877eb1eb85 100644 --- a/CVE-2022/CVE-2022-253xx/CVE-2022-25319.json +++ b/CVE-2022/CVE-2022-253xx/CVE-2022-25319.json @@ -2,8 +2,8 @@ "id": "CVE-2022-25319", "sourceIdentifier": "cve@mitre.org", "published": "2022-02-18T06:15:10.507", - "lastModified": "2022-02-25T15:32:12.577", - "vulnStatus": "Analyzed", + "lastModified": "2023-10-10T22:15:10.363", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -101,6 +101,10 @@ "Patch", "Third Party Advisory" ] + }, + { + "url": "https://zigrin.com/cakephp-application-cybersecurity-research-forgotten-endpoint-authentication-bypass-with-open-prefix/", + "source": "cve@mitre.org" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-253xx/CVE-2022-25321.json b/CVE-2022/CVE-2022-253xx/CVE-2022-25321.json index 56242323d81..f77de0d3b4a 100644 --- a/CVE-2022/CVE-2022-253xx/CVE-2022-25321.json +++ b/CVE-2022/CVE-2022-253xx/CVE-2022-25321.json @@ -2,8 +2,8 @@ "id": "CVE-2022-25321", "sourceIdentifier": "cve@mitre.org", "published": "2022-02-18T06:15:10.587", - "lastModified": "2022-02-24T20:20:45.723", - "vulnStatus": "Analyzed", + "lastModified": "2023-10-10T22:15:10.443", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -109,6 +109,10 @@ "Patch", "Third Party Advisory" ] + }, + { + "url": "https://zigrin.com/cakephp-application-cybersecurity-research-be-careful-with-reflections-for-your-web-application-security/", + "source": "cve@mitre.org" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-272xx/CVE-2022-27211.json b/CVE-2022/CVE-2022-272xx/CVE-2022-27211.json index eb3d7bd389d..cc4850383d6 100644 --- a/CVE-2022/CVE-2022-272xx/CVE-2022-27211.json +++ b/CVE-2022/CVE-2022-272xx/CVE-2022-27211.json @@ -2,12 +2,12 @@ "id": "CVE-2022-27211", "sourceIdentifier": "jenkinsci-cert@googlegroups.com", "published": "2022-03-15T17:15:11.947", - "lastModified": "2023-06-28T13:44:06.287", - "vulnStatus": "Analyzed", + "lastModified": "2023-10-10T22:15:10.507", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A missing/An incorrect permission check in Jenkins Kubernetes Continuous Deploy Plugin 2.3.1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified SSH server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins." + "value": "A missing permission check in Jenkins Kubernetes Continuous Deploy Plugin 2.3.1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified SSH server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins." }, { "lang": "es", @@ -65,8 +65,18 @@ }, "weaknesses": [ { - "source": "nvd@nist.gov", + "source": "jenkinsci-cert@googlegroups.com", "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + }, + { + "source": "nvd@nist.gov", + "type": "Secondary", "description": [ { "lang": "en", @@ -77,16 +87,6 @@ "value": "CWE-863" } ] - }, - { - "source": "jenkinsci-cert@googlegroups.com", - "type": "Secondary", - "description": [ - { - "lang": "en", - "value": "CWE-862" - } - ] } ], "configurations": [ diff --git a/CVE-2022/CVE-2022-295xx/CVE-2022-29528.json b/CVE-2022/CVE-2022-295xx/CVE-2022-29528.json index 1f9e91b349d..6165a764227 100644 --- a/CVE-2022/CVE-2022-295xx/CVE-2022-29528.json +++ b/CVE-2022/CVE-2022-295xx/CVE-2022-29528.json @@ -2,8 +2,8 @@ "id": "CVE-2022-29528", "sourceIdentifier": "cve@mitre.org", "published": "2022-04-20T23:15:08.417", - "lastModified": "2022-04-27T03:58:01.493", - "vulnStatus": "Analyzed", + "lastModified": "2023-10-10T22:15:10.603", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -117,6 +117,10 @@ "Release Notes", "Third Party Advisory" ] + }, + { + "url": "https://zigrin.com/cakephp-application-cybersecurity-research-exploring-the-phar-deserialization-php-vulnerability-a-white-box-testing-example/", + "source": "cve@mitre.org" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-295xx/CVE-2022-29529.json b/CVE-2022/CVE-2022-295xx/CVE-2022-29529.json index 0eee10af262..ca8f9bd158d 100644 --- a/CVE-2022/CVE-2022-295xx/CVE-2022-29529.json +++ b/CVE-2022/CVE-2022-295xx/CVE-2022-29529.json @@ -2,8 +2,8 @@ "id": "CVE-2022-29529", "sourceIdentifier": "cve@mitre.org", "published": "2022-04-20T23:15:08.467", - "lastModified": "2022-04-27T03:57:43.477", - "vulnStatus": "Analyzed", + "lastModified": "2023-10-10T22:15:10.687", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -109,6 +109,10 @@ "Release Notes", "Third Party Advisory" ] + }, + { + "url": "https://zigrin.com/cakephp-application-cybersecurity-research-protect-your-website-from-stored-xss-attacks-understanding-and-preventing-vulnerabilities-in-open-source-applications/", + "source": "cve@mitre.org" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-295xx/CVE-2022-29530.json b/CVE-2022/CVE-2022-295xx/CVE-2022-29530.json index e1100700a0b..63e7b4dba25 100644 --- a/CVE-2022/CVE-2022-295xx/CVE-2022-29530.json +++ b/CVE-2022/CVE-2022-295xx/CVE-2022-29530.json @@ -2,8 +2,8 @@ "id": "CVE-2022-29530", "sourceIdentifier": "cve@mitre.org", "published": "2022-04-20T23:15:08.513", - "lastModified": "2022-04-27T03:57:27.483", - "vulnStatus": "Analyzed", + "lastModified": "2023-10-10T22:15:10.753", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -109,6 +109,10 @@ "Release Notes", "Third Party Advisory" ] + }, + { + "url": "https://zigrin.com/cakephp-application-cybersecurity-research-protect-your-website-from-stored-xss-attacks-understanding-and-preventing-vulnerabilities-in-open-source-applications/", + "source": "cve@mitre.org" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-295xx/CVE-2022-29531.json b/CVE-2022/CVE-2022-295xx/CVE-2022-29531.json index 961d6330387..099c1ae1fc8 100644 --- a/CVE-2022/CVE-2022-295xx/CVE-2022-29531.json +++ b/CVE-2022/CVE-2022-295xx/CVE-2022-29531.json @@ -2,8 +2,8 @@ "id": "CVE-2022-29531", "sourceIdentifier": "cve@mitre.org", "published": "2022-04-20T23:15:08.557", - "lastModified": "2022-04-27T03:57:13.803", - "vulnStatus": "Analyzed", + "lastModified": "2023-10-10T22:15:10.817", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -109,6 +109,10 @@ "Release Notes", "Third Party Advisory" ] + }, + { + "url": "https://zigrin.com/cakephp-application-cybersecurity-research-protect-your-website-from-stored-xss-attacks-understanding-and-preventing-vulnerabilities-in-open-source-applications/", + "source": "cve@mitre.org" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-295xx/CVE-2022-29532.json b/CVE-2022/CVE-2022-295xx/CVE-2022-29532.json index a0ea530a693..cff728ad10d 100644 --- a/CVE-2022/CVE-2022-295xx/CVE-2022-29532.json +++ b/CVE-2022/CVE-2022-295xx/CVE-2022-29532.json @@ -2,8 +2,8 @@ "id": "CVE-2022-29532", "sourceIdentifier": "cve@mitre.org", "published": "2022-04-20T23:15:08.597", - "lastModified": "2022-04-27T03:56:50.550", - "vulnStatus": "Analyzed", + "lastModified": "2023-10-10T22:15:10.890", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -109,6 +109,10 @@ "Release Notes", "Third Party Advisory" ] + }, + { + "url": "https://zigrin.com/cakephp-application-cybersecurity-research-protect-your-website-from-stored-xss-attacks-understanding-and-preventing-vulnerabilities-in-open-source-applications/", + "source": "cve@mitre.org" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-295xx/CVE-2022-29534.json b/CVE-2022/CVE-2022-295xx/CVE-2022-29534.json index f71954889bc..111629650bf 100644 --- a/CVE-2022/CVE-2022-295xx/CVE-2022-29534.json +++ b/CVE-2022/CVE-2022-295xx/CVE-2022-29534.json @@ -2,8 +2,8 @@ "id": "CVE-2022-29534", "sourceIdentifier": "cve@mitre.org", "published": "2022-04-20T23:15:08.687", - "lastModified": "2022-04-27T03:55:50.343", - "vulnStatus": "Analyzed", + "lastModified": "2023-10-10T22:15:10.957", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -109,6 +109,10 @@ "Release Notes", "Third Party Advisory" ] + }, + { + "url": "https://zigrin.com/cakephp-application-cybersecurity-research-the-impact-of-a-php-vulnerability-exploring-the-password-confirmation-bypass-in-misp/", + "source": "cve@mitre.org" } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-341xx/CVE-2022-34180.json b/CVE-2022/CVE-2022-341xx/CVE-2022-34180.json index b0911dd78b5..45df3babe28 100644 --- a/CVE-2022/CVE-2022-341xx/CVE-2022-34180.json +++ b/CVE-2022/CVE-2022-341xx/CVE-2022-34180.json @@ -2,8 +2,8 @@ "id": "CVE-2022-34180", "sourceIdentifier": "jenkinsci-cert@googlegroups.com", "published": "2022-06-23T17:15:15.867", - "lastModified": "2023-07-21T17:18:09.007", - "vulnStatus": "Analyzed", + "lastModified": "2023-10-10T22:15:11.043", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -65,7 +65,7 @@ }, "weaknesses": [ { - "source": "nvd@nist.gov", + "source": "jenkinsci-cert@googlegroups.com", "type": "Primary", "description": [ { @@ -75,12 +75,12 @@ ] }, { - "source": "jenkinsci-cert@googlegroups.com", + "source": "nvd@nist.gov", "type": "Secondary", "description": [ { "lang": "en", - "value": "CWE-862" + "value": "CWE-863" } ] } diff --git a/CVE-2022/CVE-2022-412xx/CVE-2022-41230.json b/CVE-2022/CVE-2022-412xx/CVE-2022-41230.json index fa9fa8f78d7..9d0343964d7 100644 --- a/CVE-2022/CVE-2022-412xx/CVE-2022-41230.json +++ b/CVE-2022/CVE-2022-412xx/CVE-2022-41230.json @@ -2,8 +2,8 @@ "id": "CVE-2022-41230", "sourceIdentifier": "jenkinsci-cert@googlegroups.com", "published": "2022-09-21T16:15:10.217", - "lastModified": "2023-06-27T14:39:11.823", - "vulnStatus": "Analyzed", + "lastModified": "2023-10-10T22:15:11.177", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -40,7 +40,7 @@ }, "weaknesses": [ { - "source": "nvd@nist.gov", + "source": "jenkinsci-cert@googlegroups.com", "type": "Primary", "description": [ { @@ -50,12 +50,12 @@ ] }, { - "source": "jenkinsci-cert@googlegroups.com", + "source": "nvd@nist.gov", "type": "Secondary", "description": [ { "lang": "en", - "value": "CWE-863" + "value": "CWE-862" } ] } diff --git a/CVE-2022/CVE-2022-483xx/CVE-2022-48328.json b/CVE-2022/CVE-2022-483xx/CVE-2022-48328.json index 2c3abd86da0..9b2cbd8b3f2 100644 --- a/CVE-2022/CVE-2022-483xx/CVE-2022-48328.json +++ b/CVE-2022/CVE-2022-483xx/CVE-2022-48328.json @@ -2,8 +2,8 @@ "id": "CVE-2022-48328", "sourceIdentifier": "cve@mitre.org", "published": "2023-02-20T04:15:11.147", - "lastModified": "2023-02-28T20:21:02.497", - "vulnStatus": "Analyzed", + "lastModified": "2023-10-10T22:15:11.283", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -85,6 +85,10 @@ "tags": [ "Release Notes" ] + }, + { + "url": "https://zigrin.com/cakephp-application-cybersecurity-research-hiding-in-plain-sight-the-hidden-danger-of-sql-injection-in-input-field-names/", + "source": "cve@mitre.org" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-262xx/CVE-2023-26220.json b/CVE-2023/CVE-2023-262xx/CVE-2023-26220.json new file mode 100644 index 00000000000..417d35a629b --- /dev/null +++ b/CVE-2023/CVE-2023-262xx/CVE-2023-26220.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-26220", + "sourceIdentifier": "security@tibco.com", + "published": "2023-10-10T23:15:09.933", + "lastModified": "2023-10-10T23:25:33.373", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "The Spotfire Library component of TIBCO Software Inc.'s Spotfire Analyst and Spotfire Server contains an easily exploitable vulnerability that allows a low privileged attacker with network access to execute a Stored Cross Site Scripting (XSS) on the affected system. A successful attack using this vulnerability requires human interaction from a person other than the attacker. Affected releases are TIBCO Software Inc.'s Spotfire Analyst: versions 11.4.7 and below, versions 11.5.0, 11.6.0, 11.7.0, 11.8.0, 12.0.0, 12.0.1, 12.0.2, 12.0.3, and 12.0.4, versions 12.1.0 and 12.1.1 and Spotfire Server: versions 11.4.11 and below, versions 11.5.0, 11.6.0, 11.6.1, 11.6.2, 11.6.3, 11.7.0, 11.8.0, 11.8.1, 12.0.0, 12.0.1, 12.0.2, 12.0.3, 12.0.4, and 12.0.5, versions 12.1.0 and 12.1.1.\n\n" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@tibco.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@tibco.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://www.tibco.com/services/support/advisories", + "source": "security@tibco.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-361xx/CVE-2023-36126.json b/CVE-2023/CVE-2023-361xx/CVE-2023-36126.json new file mode 100644 index 00000000000..92aa768b88a --- /dev/null +++ b/CVE-2023/CVE-2023-361xx/CVE-2023-36126.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-36126", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-10-10T22:15:11.370", + "lastModified": "2023-10-10T23:25:33.373", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "There is a Cross Site Scripting (XSS) vulnerability in the \"theme\" parameter of preview.php in PHPJabbers Appointment Scheduler v3.0" + } + ], + "metrics": {}, + "references": [ + { + "url": "https://medium.com/@bcksec/multiple-vulnerabilities-in-php-jabbers-scripts-25af4afcadd4", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-361xx/CVE-2023-36127.json b/CVE-2023/CVE-2023-361xx/CVE-2023-36127.json new file mode 100644 index 00000000000..497d49f3764 --- /dev/null +++ b/CVE-2023/CVE-2023-361xx/CVE-2023-36127.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-36127", + "sourceIdentifier": "cve@mitre.org", + "published": "2023-10-10T22:15:11.417", + "lastModified": "2023-10-10T23:25:33.373", + "vulnStatus": "Awaiting Analysis", + "descriptions": [ + { + "lang": "en", + "value": "User enumeration is found in in PHPJabbers Appointment Scheduler 3.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://medium.com/@bcksec/multiple-vulnerabilities-in-php-jabbers-scripts-25af4afcadd4", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-389xx/CVE-2023-38997.json b/CVE-2023/CVE-2023-389xx/CVE-2023-38997.json index 76a039053fa..e0128d8dc8d 100644 --- a/CVE-2023/CVE-2023-389xx/CVE-2023-38997.json +++ b/CVE-2023/CVE-2023-389xx/CVE-2023-38997.json @@ -2,12 +2,12 @@ "id": "CVE-2023-38997", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-09T19:15:14.593", - "lastModified": "2023-08-15T15:09:19.793", - "vulnStatus": "Analyzed", + "lastModified": "2023-10-10T23:15:10.033", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A directory traversal vulnerability in the Captive Portal templates of OPNsense before 23.7 allows attackers to execute arbitrary system commands as root via a crafted ZIP archive." + "value": "A directory traversal vulnerability in the Captive Portal templates of OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 allows attackers to execute arbitrary system commands as root via a crafted ZIP archive." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-389xx/CVE-2023-38998.json b/CVE-2023/CVE-2023-389xx/CVE-2023-38998.json index cba1c902f61..885da91e851 100644 --- a/CVE-2023/CVE-2023-389xx/CVE-2023-38998.json +++ b/CVE-2023/CVE-2023-389xx/CVE-2023-38998.json @@ -2,12 +2,12 @@ "id": "CVE-2023-38998", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-09T19:15:14.660", - "lastModified": "2023-08-15T15:08:56.100", - "vulnStatus": "Analyzed", + "lastModified": "2023-10-10T23:15:10.107", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "An open redirect in the Login page of OPNsense before 23.7 allows attackers to redirect a victim user to an arbitrary web site via a crafted URL." + "value": "An open redirect in the Login page of OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 allows attackers to redirect a victim user to an arbitrary web site via a crafted URL." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-389xx/CVE-2023-38999.json b/CVE-2023/CVE-2023-389xx/CVE-2023-38999.json index 8c64ba6e189..bb5e1c58666 100644 --- a/CVE-2023/CVE-2023-389xx/CVE-2023-38999.json +++ b/CVE-2023/CVE-2023-389xx/CVE-2023-38999.json @@ -2,12 +2,12 @@ "id": "CVE-2023-38999", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-09T19:15:14.723", - "lastModified": "2023-08-15T15:08:31.697", - "vulnStatus": "Analyzed", + "lastModified": "2023-10-10T23:15:10.170", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A Cross-Site Request Forgery (CSRF) in the System Halt API (/system/halt) of OPNsense before 23.7 allows attackers to cause a Denial of Service (DoS) via a crafted GET request." + "value": "A Cross-Site Request Forgery (CSRF) in the System Halt API (/system/halt) of OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 allows attackers to cause a Denial of Service (DoS) via a crafted GET request." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-390xx/CVE-2023-39000.json b/CVE-2023/CVE-2023-390xx/CVE-2023-39000.json index 9811c2f45d0..e7b8e829e6c 100644 --- a/CVE-2023/CVE-2023-390xx/CVE-2023-39000.json +++ b/CVE-2023/CVE-2023-390xx/CVE-2023-39000.json @@ -2,12 +2,12 @@ "id": "CVE-2023-39000", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-09T19:15:14.787", - "lastModified": "2023-08-15T15:08:37.267", - "vulnStatus": "Analyzed", + "lastModified": "2023-10-10T23:15:10.240", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A reflected cross-site scripting (XSS) vulnerability in the component /ui/diagnostics/log/core/ of OPNsense before 23.7 allows attackers to inject arbitrary JavaScript via the URL path." + "value": "A reflected cross-site scripting (XSS) vulnerability in the component /ui/diagnostics/log/core/ of OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 allows attackers to inject arbitrary JavaScript via the URL path." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-390xx/CVE-2023-39001.json b/CVE-2023/CVE-2023-390xx/CVE-2023-39001.json index 35ca812ed89..b37096d64fa 100644 --- a/CVE-2023/CVE-2023-390xx/CVE-2023-39001.json +++ b/CVE-2023/CVE-2023-390xx/CVE-2023-39001.json @@ -2,12 +2,12 @@ "id": "CVE-2023-39001", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-09T19:15:14.850", - "lastModified": "2023-08-15T15:08:40.217", - "vulnStatus": "Analyzed", + "lastModified": "2023-10-10T23:15:10.307", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A command injection vulnerability in the component diag_backup.php of OPNsense before 23.7 allows attackers to execute arbitrary commands via a crafted backup configuration file." + "value": "A command injection vulnerability in the component diag_backup.php of OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 allows attackers to execute arbitrary commands via a crafted backup configuration file." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-390xx/CVE-2023-39002.json b/CVE-2023/CVE-2023-390xx/CVE-2023-39002.json index 196d4b15591..0aa8fa48570 100644 --- a/CVE-2023/CVE-2023-390xx/CVE-2023-39002.json +++ b/CVE-2023/CVE-2023-390xx/CVE-2023-39002.json @@ -2,12 +2,12 @@ "id": "CVE-2023-39002", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-09T19:15:14.900", - "lastModified": "2023-08-15T15:07:34.543", - "vulnStatus": "Analyzed", + "lastModified": "2023-10-10T23:15:10.367", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A cross-site scripting (XSS) vulnerability in the act parameter of system_certmanager.php in OPNsense before 23.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload." + "value": "A cross-site scripting (XSS) vulnerability in the act parameter of system_certmanager.php in OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-390xx/CVE-2023-39003.json b/CVE-2023/CVE-2023-390xx/CVE-2023-39003.json index 92dbea6a588..6a6788016be 100644 --- a/CVE-2023/CVE-2023-390xx/CVE-2023-39003.json +++ b/CVE-2023/CVE-2023-390xx/CVE-2023-39003.json @@ -2,12 +2,12 @@ "id": "CVE-2023-39003", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-09T19:15:14.953", - "lastModified": "2023-08-15T17:54:22.027", - "vulnStatus": "Analyzed", + "lastModified": "2023-10-10T23:15:10.427", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "OPNsense before 23.7 was discovered to contain insecure permissions in the directory /tmp." + "value": "OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 was discovered to contain insecure permissions in the directory /tmp." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-390xx/CVE-2023-39004.json b/CVE-2023/CVE-2023-390xx/CVE-2023-39004.json index 09fd9c38ed8..9333e9c509b 100644 --- a/CVE-2023/CVE-2023-390xx/CVE-2023-39004.json +++ b/CVE-2023/CVE-2023-390xx/CVE-2023-39004.json @@ -2,12 +2,12 @@ "id": "CVE-2023-39004", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-09T19:15:15.013", - "lastModified": "2023-08-15T17:16:17.817", - "vulnStatus": "Analyzed", + "lastModified": "2023-10-10T23:15:10.507", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Insecure permissions in the configuration directory (/conf/) of OPNsense before 23.7 allow attackers to access sensitive information (e.g., hashed root password) which could lead to privilege escalation." + "value": "Insecure permissions in the configuration directory (/conf/) of OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 allow attackers to access sensitive information (e.g., hashed root password) which could lead to privilege escalation." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-390xx/CVE-2023-39005.json b/CVE-2023/CVE-2023-390xx/CVE-2023-39005.json index 9784d494de2..e470bb74a96 100644 --- a/CVE-2023/CVE-2023-390xx/CVE-2023-39005.json +++ b/CVE-2023/CVE-2023-390xx/CVE-2023-39005.json @@ -2,12 +2,12 @@ "id": "CVE-2023-39005", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-09T19:15:15.077", - "lastModified": "2023-08-15T17:52:49.717", - "vulnStatus": "Analyzed", + "lastModified": "2023-10-10T23:15:10.577", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Insecure permissions exist for configd.socket in OPNsense before 23.7." + "value": "Insecure permissions exist for configd.socket in OPNsense Community Edition before 23.7 and Business Edition before 23.4.2." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-390xx/CVE-2023-39006.json b/CVE-2023/CVE-2023-390xx/CVE-2023-39006.json index 2c27304753f..c962e7c73e6 100644 --- a/CVE-2023/CVE-2023-390xx/CVE-2023-39006.json +++ b/CVE-2023/CVE-2023-390xx/CVE-2023-39006.json @@ -2,12 +2,12 @@ "id": "CVE-2023-39006", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-09T19:15:15.140", - "lastModified": "2023-08-14T14:13:35.830", - "vulnStatus": "Analyzed", + "lastModified": "2023-10-10T23:15:10.640", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "The Crash Reporter (crash_reporter.php) component of OPNsense before 23.7 mishandles input sanitization." + "value": "The Crash Reporter (crash_reporter.php) component of OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 mishandles input sanitization." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-390xx/CVE-2023-39007.json b/CVE-2023/CVE-2023-390xx/CVE-2023-39007.json index cfd996af424..9fcc1824de0 100644 --- a/CVE-2023/CVE-2023-390xx/CVE-2023-39007.json +++ b/CVE-2023/CVE-2023-390xx/CVE-2023-39007.json @@ -2,12 +2,12 @@ "id": "CVE-2023-39007", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-09T19:15:15.207", - "lastModified": "2023-09-28T05:15:46.107", + "lastModified": "2023-10-10T23:15:10.710", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "/ui/cron/item/open in the Cron component of OPNsense before 23.7 allows XSS via openAction in app/controllers/OPNsense/Cron/ItemController.php." + "value": "/ui/cron/item/open in the Cron component of OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 allows XSS via openAction in app/controllers/OPNsense/Cron/ItemController.php." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-390xx/CVE-2023-39008.json b/CVE-2023/CVE-2023-390xx/CVE-2023-39008.json index 6651f80d4a5..082b5cc3601 100644 --- a/CVE-2023/CVE-2023-390xx/CVE-2023-39008.json +++ b/CVE-2023/CVE-2023-390xx/CVE-2023-39008.json @@ -2,12 +2,12 @@ "id": "CVE-2023-39008", "sourceIdentifier": "cve@mitre.org", "published": "2023-08-09T19:15:15.270", - "lastModified": "2023-08-14T14:13:44.650", - "vulnStatus": "Analyzed", + "lastModified": "2023-10-10T23:15:10.780", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "A command injection vulnerability in the component /api/cron/settings/setJob/ of OPNsense before 23.7 allows attackers to execute arbitrary system commands." + "value": "A command injection vulnerability in the component /api/cron/settings/setJob/ of OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 allows attackers to execute arbitrary system commands." } ], "metrics": { diff --git a/CVE-2023/CVE-2023-428xx/CVE-2023-42824.json b/CVE-2023/CVE-2023-428xx/CVE-2023-42824.json index 291efbbeab7..20a0b881bd6 100644 --- a/CVE-2023/CVE-2023-428xx/CVE-2023-42824.json +++ b/CVE-2023/CVE-2023-428xx/CVE-2023-42824.json @@ -2,8 +2,8 @@ "id": "CVE-2023-42824", "sourceIdentifier": "product-security@apple.com", "published": "2023-10-04T19:15:10.490", - "lastModified": "2023-10-07T03:10:55.283", - "vulnStatus": "Analyzed", + "lastModified": "2023-10-10T23:15:10.847", + "vulnStatus": "Modified", "cisaExploitAdd": "2023-10-05", "cisaActionDue": "2023-10-26", "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", @@ -11,7 +11,7 @@ "descriptions": [ { "lang": "en", - "value": "The issue was addressed with improved checks. This issue is fixed in iOS 17.0.3 and iPadOS 17.0.3. A local attacker may be able to elevate their privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.6." + "value": "The issue was addressed with improved checks. This issue is fixed in iOS 17.0.3 and iPadOS 17.0.3, iOS 16.7.1 and iPadOS 16.7.1. A local attacker may be able to elevate their privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.6." }, { "lang": "es", @@ -79,13 +79,6 @@ } ], "references": [ - { - "url": "http://seclists.org/fulldisclosure/2023/Oct/12", - "source": "product-security@apple.com", - "tags": [ - "Mailing List" - ] - }, { "url": "https://support.apple.com/en-us/HT213961", "source": "product-security@apple.com", @@ -95,12 +88,12 @@ ] }, { - "url": "https://support.apple.com/kb/HT213961", - "source": "product-security@apple.com", - "tags": [ - "Release Notes", - "Vendor Advisory" - ] + "url": "https://support.apple.com/en-us/HT213972", + "source": "product-security@apple.com" + }, + { + "url": "https://support.apple.com/kb/HT213972", + "source": "product-security@apple.com" } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-436xx/CVE-2023-43641.json b/CVE-2023/CVE-2023-436xx/CVE-2023-43641.json index 39d0d828358..823d48857ed 100644 --- a/CVE-2023/CVE-2023-436xx/CVE-2023-43641.json +++ b/CVE-2023/CVE-2023-436xx/CVE-2023-43641.json @@ -2,7 +2,7 @@ "id": "CVE-2023-43641", "sourceIdentifier": "security-advisories@github.com", "published": "2023-10-09T22:15:12.707", - "lastModified": "2023-10-10T12:16:32.703", + "lastModified": "2023-10-10T22:15:11.540", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -56,7 +56,7 @@ "source": "security-advisories@github.com" }, { - "url": "https://security.gentoo.org/glsa/202310-10", + "url": "https://github.com/lipnitsk/libcue/security/advisories/GHSA-5982-x7hv-r9cj", "source": "security-advisories@github.com" } ] diff --git a/CVE-2023/CVE-2023-438xx/CVE-2023-43871.json b/CVE-2023/CVE-2023-438xx/CVE-2023-43871.json index 5e729f581b6..3b8b61a5cdd 100644 --- a/CVE-2023/CVE-2023-438xx/CVE-2023-43871.json +++ b/CVE-2023/CVE-2023-438xx/CVE-2023-43871.json @@ -2,8 +2,8 @@ "id": "CVE-2023-43871", "sourceIdentifier": "cve@mitre.org", "published": "2023-09-28T14:15:23.883", - "lastModified": "2023-09-29T19:24:00.853", - "vulnStatus": "Analyzed", + "lastModified": "2023-10-10T23:15:10.913", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -68,6 +68,10 @@ } ], "references": [ + { + "url": "https://github.com/sromanhu/CVE-2023-43871-WBCE-Arbitrary-File-Upload--XSS---Media/blob/main/README.md", + "source": "cve@mitre.org" + }, { "url": "https://github.com/sromanhu/WBCE-File-Upload--XSS---Media/blob/main/README.md", "source": "cve@mitre.org", diff --git a/CVE-2023/CVE-2023-438xx/CVE-2023-43877.json b/CVE-2023/CVE-2023-438xx/CVE-2023-43877.json index 8a1cf0ef2d9..7080961b344 100644 --- a/CVE-2023/CVE-2023-438xx/CVE-2023-43877.json +++ b/CVE-2023/CVE-2023-438xx/CVE-2023-43877.json @@ -2,8 +2,8 @@ "id": "CVE-2023-43877", "sourceIdentifier": "cve@mitre.org", "published": "2023-10-04T22:15:09.937", - "lastModified": "2023-10-07T03:11:45.713", - "vulnStatus": "Analyzed", + "lastModified": "2023-10-10T23:15:10.983", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", @@ -68,6 +68,10 @@ } ], "references": [ + { + "url": "https://github.com/sromanhu/CVE-2023-43878-RiteCMS-Stored-XSS---MainMenu/blob/main/README.md", + "source": "cve@mitre.org" + }, { "url": "https://github.com/sromanhu/RiteCMS-Stored-XSS---Home", "source": "cve@mitre.org", diff --git a/CVE-2023/CVE-2023-443xx/CVE-2023-44389.json b/CVE-2023/CVE-2023-443xx/CVE-2023-44389.json index 033f979e56d..9c6393dd67b 100644 --- a/CVE-2023/CVE-2023-443xx/CVE-2023-44389.json +++ b/CVE-2023/CVE-2023-443xx/CVE-2023-44389.json @@ -2,12 +2,12 @@ "id": "CVE-2023-44389", "sourceIdentifier": "security-advisories@github.com", "published": "2023-10-04T21:15:10.360", - "lastModified": "2023-10-10T18:57:47.523", - "vulnStatus": "Analyzed", + "lastModified": "2023-10-10T22:15:11.623", + "vulnStatus": "Modified", "descriptions": [ { "lang": "en", - "value": "Zope is an open-source web application server. The title property, available on most Zope objects, can be used to store script code that is executed while viewing the affected object in the Zope Management Interface (ZMI). All versions of Zope 4 and Zope 5 are affected. Patches will be released with Zope versions 4.8.11 and 5.8.6" + "value": "Zope is an open-source web application server. The title property, available on most Zope objects, can be used to store script code that is executed while viewing the affected object in the Zope Management Interface (ZMI). All versions of Zope 4 and Zope 5 are affected. Patches will be released with Zope versions 4.8.11 and 5.8.6." }, { "lang": "es", diff --git a/CVE-2023/CVE-2023-444xx/CVE-2023-44487.json b/CVE-2023/CVE-2023-444xx/CVE-2023-44487.json index aaf322e8cca..69e0bcedaac 100644 --- a/CVE-2023/CVE-2023-444xx/CVE-2023-44487.json +++ b/CVE-2023/CVE-2023-444xx/CVE-2023-44487.json @@ -2,7 +2,7 @@ "id": "CVE-2023-44487", "sourceIdentifier": "cve@mitre.org", "published": "2023-10-10T14:15:10.883", - "lastModified": "2023-10-10T21:15:09.593", + "lastModified": "2023-10-10T22:15:11.710", "vulnStatus": "Awaiting Analysis", "descriptions": [ { @@ -80,6 +80,10 @@ "url": "https://github.com/dotnet/announcements/issues/277", "source": "cve@mitre.org" }, + { + "url": "https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73", + "source": "cve@mitre.org" + }, { "url": "https://github.com/eclipse/jetty.project/issues/10679", "source": "cve@mitre.org" diff --git a/CVE-2023/CVE-2023-453xx/CVE-2023-45312.json b/CVE-2023/CVE-2023-453xx/CVE-2023-45312.json index c25de9d929c..94fb6784d57 100644 --- a/CVE-2023/CVE-2023-453xx/CVE-2023-45312.json +++ b/CVE-2023/CVE-2023-453xx/CVE-2023-45312.json @@ -2,8 +2,8 @@ "id": "CVE-2023-45312", "sourceIdentifier": "cve@mitre.org", "published": "2023-10-10T21:15:09.680", - "lastModified": "2023-10-10T21:15:09.680", - "vulnStatus": "Received", + "lastModified": "2023-10-10T23:25:33.373", + "vulnStatus": "Awaiting Analysis", "descriptions": [ { "lang": "en", diff --git a/README.md b/README.md index f48bec73bef..b12ae330ee9 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2023-10-10T22:00:25.045996+00:00 +2023-10-10T23:55:25.317069+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2023-10-10T21:15:09.733000+00:00 +2023-10-10T23:25:33.373000+00:00 ``` ### Last Data Feed Release @@ -29,38 +29,47 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -227517 +227520 ``` ### CVEs added in the last Commit -Recently added CVEs: `1` +Recently added CVEs: `3` -* [CVE-2023-45312](CVE-2023/CVE-2023-453xx/CVE-2023-45312.json) (`2023-10-10T21:15:09.680`) +* [CVE-2023-36126](CVE-2023/CVE-2023-361xx/CVE-2023-36126.json) (`2023-10-10T22:15:11.370`) +* [CVE-2023-36127](CVE-2023/CVE-2023-361xx/CVE-2023-36127.json) (`2023-10-10T22:15:11.417`) +* [CVE-2023-26220](CVE-2023/CVE-2023-262xx/CVE-2023-26220.json) (`2023-10-10T23:15:09.933`) ### CVEs modified in the last Commit -Recently modified CVEs: `18` +Recently modified CVEs: `32` -* [CVE-2022-34355](CVE-2022/CVE-2022-343xx/CVE-2022-34355.json) (`2023-10-10T20:41:30.020`) -* [CVE-2023-43321](CVE-2023/CVE-2023-433xx/CVE-2023-43321.json) (`2023-10-10T20:00:32.087`) -* [CVE-2023-35803](CVE-2023/CVE-2023-358xx/CVE-2023-35803.json) (`2023-10-10T20:04:36.633`) -* [CVE-2023-43809](CVE-2023/CVE-2023-438xx/CVE-2023-43809.json) (`2023-10-10T20:12:47.170`) -* [CVE-2023-30995](CVE-2023/CVE-2023-309xx/CVE-2023-30995.json) (`2023-10-10T20:15:09.650`) -* [CVE-2023-44807](CVE-2023/CVE-2023-448xx/CVE-2023-44807.json) (`2023-10-10T20:16:41.627`) -* [CVE-2023-5214](CVE-2023/CVE-2023-52xx/CVE-2023-5214.json) (`2023-10-10T20:24:44.750`) -* [CVE-2023-41950](CVE-2023/CVE-2023-419xx/CVE-2023-41950.json) (`2023-10-10T20:40:08.160`) -* [CVE-2023-3725](CVE-2023/CVE-2023-37xx/CVE-2023-3725.json) (`2023-10-10T20:44:03.887`) -* [CVE-2023-36123](CVE-2023/CVE-2023-361xx/CVE-2023-36123.json) (`2023-10-10T20:47:20.130`) -* [CVE-2023-44146](CVE-2023/CVE-2023-441xx/CVE-2023-44146.json) (`2023-10-10T20:49:38.620`) -* [CVE-2023-41801](CVE-2023/CVE-2023-418xx/CVE-2023-41801.json) (`2023-10-10T20:53:59.430`) -* [CVE-2023-32972](CVE-2023/CVE-2023-329xx/CVE-2023-32972.json) (`2023-10-10T20:54:43.317`) -* [CVE-2023-41732](CVE-2023/CVE-2023-417xx/CVE-2023-41732.json) (`2023-10-10T20:54:49.370`) -* [CVE-2023-42794](CVE-2023/CVE-2023-427xx/CVE-2023-42794.json) (`2023-10-10T21:15:09.440`) -* [CVE-2023-42795](CVE-2023/CVE-2023-427xx/CVE-2023-42795.json) (`2023-10-10T21:15:09.517`) -* [CVE-2023-44487](CVE-2023/CVE-2023-444xx/CVE-2023-44487.json) (`2023-10-10T21:15:09.593`) -* [CVE-2023-45648](CVE-2023/CVE-2023-456xx/CVE-2023-45648.json) (`2023-10-10T21:15:09.733`) +* [CVE-2022-29531](CVE-2022/CVE-2022-295xx/CVE-2022-29531.json) (`2023-10-10T22:15:10.817`) +* [CVE-2022-29532](CVE-2022/CVE-2022-295xx/CVE-2022-29532.json) (`2023-10-10T22:15:10.890`) +* [CVE-2022-29534](CVE-2022/CVE-2022-295xx/CVE-2022-29534.json) (`2023-10-10T22:15:10.957`) +* [CVE-2022-34180](CVE-2022/CVE-2022-341xx/CVE-2022-34180.json) (`2023-10-10T22:15:11.043`) +* [CVE-2022-41230](CVE-2022/CVE-2022-412xx/CVE-2022-41230.json) (`2023-10-10T22:15:11.177`) +* [CVE-2022-48328](CVE-2022/CVE-2022-483xx/CVE-2022-48328.json) (`2023-10-10T22:15:11.283`) +* [CVE-2023-43641](CVE-2023/CVE-2023-436xx/CVE-2023-43641.json) (`2023-10-10T22:15:11.540`) +* [CVE-2023-44389](CVE-2023/CVE-2023-443xx/CVE-2023-44389.json) (`2023-10-10T22:15:11.623`) +* [CVE-2023-44487](CVE-2023/CVE-2023-444xx/CVE-2023-44487.json) (`2023-10-10T22:15:11.710`) +* [CVE-2023-38997](CVE-2023/CVE-2023-389xx/CVE-2023-38997.json) (`2023-10-10T23:15:10.033`) +* [CVE-2023-38998](CVE-2023/CVE-2023-389xx/CVE-2023-38998.json) (`2023-10-10T23:15:10.107`) +* [CVE-2023-38999](CVE-2023/CVE-2023-389xx/CVE-2023-38999.json) (`2023-10-10T23:15:10.170`) +* [CVE-2023-39000](CVE-2023/CVE-2023-390xx/CVE-2023-39000.json) (`2023-10-10T23:15:10.240`) +* [CVE-2023-39001](CVE-2023/CVE-2023-390xx/CVE-2023-39001.json) (`2023-10-10T23:15:10.307`) +* [CVE-2023-39002](CVE-2023/CVE-2023-390xx/CVE-2023-39002.json) (`2023-10-10T23:15:10.367`) +* [CVE-2023-39003](CVE-2023/CVE-2023-390xx/CVE-2023-39003.json) (`2023-10-10T23:15:10.427`) +* [CVE-2023-39004](CVE-2023/CVE-2023-390xx/CVE-2023-39004.json) (`2023-10-10T23:15:10.507`) +* [CVE-2023-39005](CVE-2023/CVE-2023-390xx/CVE-2023-39005.json) (`2023-10-10T23:15:10.577`) +* [CVE-2023-39006](CVE-2023/CVE-2023-390xx/CVE-2023-39006.json) (`2023-10-10T23:15:10.640`) +* [CVE-2023-39007](CVE-2023/CVE-2023-390xx/CVE-2023-39007.json) (`2023-10-10T23:15:10.710`) +* [CVE-2023-39008](CVE-2023/CVE-2023-390xx/CVE-2023-39008.json) (`2023-10-10T23:15:10.780`) +* [CVE-2023-42824](CVE-2023/CVE-2023-428xx/CVE-2023-42824.json) (`2023-10-10T23:15:10.847`) +* [CVE-2023-43871](CVE-2023/CVE-2023-438xx/CVE-2023-43871.json) (`2023-10-10T23:15:10.913`) +* [CVE-2023-43877](CVE-2023/CVE-2023-438xx/CVE-2023-43877.json) (`2023-10-10T23:15:10.983`) +* [CVE-2023-45312](CVE-2023/CVE-2023-453xx/CVE-2023-45312.json) (`2023-10-10T23:25:33.373`) ## Download and Usage