admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-10-03T22:00:24.582012+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-10-03 22:00:28 +00:00
parent 1342422d60
commit 9e06ecfe40
46 changed files with 2047 additions and 135 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
CVE-2019/CVE-2019-197xx/CVE-2019-19726.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2019-19726",
"sourceIdentifier": "cve@mitre.org",
"published": "2019-12-12T01:15:10.823",
"lastModified": "2023-01-30T20:00:55.620",
"vulnStatus": "Analyzed",
"lastModified": "2023-10-03T21:15:09.797",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -120,6 +120,10 @@
"Third Party Advisory"
]
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/10/03/2",
"source": "cve@mitre.org"
},
{
"url": "https://seclists.org/bugtraq/2019/Dec/25",
"source": "cve@mitre.org",

68
CVE-2022/CVE-2022-49xx/CVE-2022-4956.json
View File

@ -2,15 +2,41 @@
"id": "CVE-2022-4956",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-09-30T17:15:39.323",
"lastModified": "2023-10-01T03:02:09.307",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-03T20:58:19.153",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical has been found in Caphyon Advanced Installer 19.7. This affects an unknown part of the component WinSxS DLL Handler. The manipulation leads to uncontrolled search path. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. Upgrading to version 19.7.1 is able to address this issue. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-240903."
},
{
"lang": "es",
"value": "Una vulnerabilidad ha sido encontrada en Caphyon Advanced Installer 19.7 y clasificada como cr\u00edtica. Esto afecta una parte desconocida del componente WinSxS DLL Handler. La manipulaci\u00f3n conduce a un uncontrolled search path. Atacar localmente es un requisito. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. La actualizaci\u00f3n a la versi\u00f3n 19.7.1 puede solucionar este problema. Se recomienda actualizar el componente afectado. El identificador asociado de esta vulnerabilidad es VDB-240903."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,22 +97,52 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:caphyon:advanced_installer:19.7:*:*:*:*:*:*:*",
"matchCriteriaId": "CA6AC4FD-51B9-4F18-B6C8-7BA56DABAF30"
}
]
}
]
}
],
"references": [
{
"url": "https://heegong.github.io/posts/Advaned-Installer-Local-Privilege-Escalation-Vulnerability/",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.240903",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://vuldb.com/?id.240903",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.advancedinstaller.com/release-19.7.1.html#bugfixes",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Release Notes"
]
}
]
}

88
CVE-2023/CVE-2023-202xx/CVE-2023-20253.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-20253",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2023-09-27T18:15:11.620",
"lastModified": "2023-09-27T18:31:27.343",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-03T21:06:46.027",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the command line interface (cli) management interface of Cisco SD-WAN vManage could allow an authenticated, local attacker to bypass authorization and allow the attacker to roll back the configuration on vManage controllers and edge router device.\r\n\r This vulnerability is due to improper access control in the cli-management interface of an affected system. An attacker with low-privilege (read only) access to the cli could exploit this vulnerability by sending a request to roll back the configuration on for other controller and devices managed by an affected system. A successful exploit could allow the attacker to to roll back the configuration on for other controller and devices managed by an affected system."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n de la interfaz de l\u00ednea de comandos (CLI) de Cisco SD-WAN vManage podr\u00eda permitir que un atacante local autenticado omita la autorizaci\u00f3n y le permita revertir la configuraci\u00f3n en los controladores vManage y el dispositivo edge router. Esta vulnerabilidad se debe a un control de acceso inadecuado en la interfaz de administraci\u00f3n de CLI de un sistema afectado. Un atacante con acceso con privilegios bajos (solo lectura) al CLI podr\u00eda aprovechar esta vulnerabilidad enviando una solicitud para revertir la configuraci\u00f3n de otros controladores y dispositivos administrados por un sistema afectado. Un exploit exitoso podr\u00eda permitir al atacante revertir la configuraci\u00f3n de otros controladores y dispositivos administrados por un sistema afectado."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
@ -34,10 +58,68 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:sd-wan_vmanage:*:*:*:*:*:*:*:*",
"versionEndExcluding": "20.6.2",
"matchCriteriaId": "1885D68A-547F-4C24-AE92-9F0D620E2018"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:sd-wan_vmanage:20.7:*:*:*:*:*:*:*",
"matchCriteriaId": "EFE9210F-39C5-4828-9608-6905C1D378D4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:sd-wan_vmanage:20.8:*:*:*:*:*:*:*",
"matchCriteriaId": "A1CEDCE4-CFD1-434B-B157-D63329CBA24A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:sd-wan_vmanage:20.9:*:*:*:*:*:*:*",
"matchCriteriaId": "EB1A4748-0880-4F31-9E05-7EB8BD34B4E6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:sd-wan_vmanage:20.10:*:*:*:*:*:*:*",
"matchCriteriaId": "D0B8F2D3-F224-46BB-A3D9-6E5837EDE74E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:sd-wan_vmanage:20.11:*:*:*:*:*:*:*",
"matchCriteriaId": "684A8784-B40F-4C49-AFD8-66B1B5E4CA20"
}
]
}
]
}
],
"references": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-vman-sc-LRLfu2z",
"source": "ykramarz@cisco.com"
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
]
}
]
}

82
CVE-2023/CVE-2023-202xx/CVE-2023-20262.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-20262",
"sourceIdentifier": "ykramarz@cisco.com",
"published": "2023-09-27T18:15:11.757",
"lastModified": "2023-09-27T18:31:27.343",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-03T20:49:29.247",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the SSH service of Cisco Catalyst SD-WAN Manager could allow an unauthenticated, remote attacker to cause a process crash, resulting in a DoS condition for SSH access only. This vulnerability does not prevent the system from continuing to function, and web UI access is not affected.\r\n\r This vulnerability is due to insufficient resource management when an affected system is in an error condition. An attacker could exploit this vulnerability by sending malicious traffic to the affected system. A successful exploit could allow the attacker to cause the SSH process to crash and restart, resulting in a DoS condition for the SSH service."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el servicio SSH de Cisco Catalyst SD-WAN Manager podr\u00eda permitir que un atacante remoto no autenticado provoque una falla del proceso, lo que resultar\u00eda en una condici\u00f3n de DoS solo para el acceso SSH. Esta vulnerabilidad no impide que el sistema siga funcionando y el acceso a la interfaz de usuario web no se ve afectado. Esta vulnerabilidad se debe a una gesti\u00f3n insuficiente de los recursos cuando un sistema afectado se encuentra en una condici\u00f3n de error. Un atacante podr\u00eda aprovechar esta vulnerabilidad enviando tr\u00e1fico malicioso al sistema afectado. Un exploit exitoso podr\u00eda permitir al atacante provocar que el proceso SSH se bloquee y se reinicie, lo que resultar\u00eda en una condici\u00f3n DoS para el servicio SSH."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "ykramarz@cisco.com",
"type": "Secondary",
@ -34,10 +58,62 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:sd-wan_vmanage:*:*:*:*:*:*:*:*",
"versionEndExcluding": "20.3.7",
"matchCriteriaId": "39FEB958-7035-4AB2-95D3-316D72D544EB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:sd-wan_vmanage:*:*:*:*:*:*:*:*",
"versionStartIncluding": "20.4",
"versionEndExcluding": "20.9.3",
"matchCriteriaId": "B21A32BE-95BD-47E1-937E-91DDAA07E6C4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:sd-wan_vmanage:*:*:*:*:*:*:*:*",
"versionStartIncluding": "20.10",
"versionEndExcluding": "20.11.1",
"matchCriteriaId": "03133A84-35B3-4FF9-86EA-3C13738E2AE2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:cisco:sd-wan_vmanage:20.12:*:*:*:*:*:*:*",
"matchCriteriaId": "06E19EEE-FE9E-4E6C-AE79-CFB14FDF37F3"
}
]
}
]
}
],
"references": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-vman-sc-LRLfu2z",
"source": "ykramarz@cisco.com"
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
]
}
]
}

20
CVE-2023/CVE-2023-332xx/CVE-2023-33268.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-33268",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-03T21:15:09.953",
"lastModified": "2023-10-03T21:15:09.953",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in DTS Monitoring 3.57.0. The parameter port within the SSL Certificate check function is vulnerable to OS command injection (blind)."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/l4rRyxz/CVE-Disclosures/blob/main/CVE-2023-33268.md",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-332xx/CVE-2023-33269.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-33269",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-03T21:15:10.003",
"lastModified": "2023-10-03T21:15:10.003",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in DTS Monitoring 3.57.0. The parameter options within the WGET check function is vulnerable to OS command injection (blind)."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/l4rRyxz/CVE-Disclosures/blob/main/CVE-2023-33269.md",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-332xx/CVE-2023-33270.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-33270",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-03T21:15:10.050",
"lastModified": "2023-10-03T21:15:10.050",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in DTS Monitoring 3.57.0. The parameter url within the Curl check function is vulnerable to OS command injection (blind)."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/l4rRyxz/CVE-Disclosures/blob/main/CVE-2023-33270.md",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-332xx/CVE-2023-33271.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-33271",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-03T21:15:10.097",
"lastModified": "2023-10-03T21:15:10.097",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in DTS Monitoring 3.57.0. The parameter common_name within the SSL Certificate check function is vulnerable to OS command injection (blind)."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/l4rRyxz/CVE-Disclosures/blob/main/CVE-2023-33271.md",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-332xx/CVE-2023-33272.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-33272",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-03T21:15:10.143",
"lastModified": "2023-10-03T21:15:10.143",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in DTS Monitoring 3.57.0. The parameter ip within the Ping check function is vulnerable to OS command injection (blind)."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/l4rRyxz/CVE-Disclosures/blob/main/CVE-2023-33272.md",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-332xx/CVE-2023-33273.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-33273",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-03T21:15:10.193",
"lastModified": "2023-10-03T21:15:10.193",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in DTS Monitoring 3.57.0. The parameter url within the WGET check function is vulnerable to OS command injection (blind)."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/l4rRyxz/CVE-Disclosures/blob/main/CVE-2023-33273.md",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-396xx/CVE-2023-39645.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-39645",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-03T21:15:10.240",
"lastModified": "2023-10-03T21:15:10.240",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Theme volty tvcmspaymenticon up to v4.0.1 was discovered to contain a SQL injection vulnerability via the component /tvcmspaymenticon/ajax.php?action=update_position&recordsArray."
}
],
"metrics": {},
"references": [
{
"url": "https://security.friendsofpresta.org/modules/2023/09/26/tvcmspaymenticon.html",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-405xx/CVE-2023-40519.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-40519",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-03T21:15:10.283",
"lastModified": "2023-10-03T21:15:10.283",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A cross-site scripting (XSS) vulnerability in the bpk-common/auth/login/index.html login portal in Broadpeak Centralized Accounts Management Auth Agent 01.01.00.19219575_ee9195b0, 01.01.01.30097902_fd999e76, and 00.12.01.9565588_1254b459 allows remote attackers to inject arbitrary web script or HTML via the disconnectMessage parameter."
}
],
"metrics": {},
"references": [
{
"url": "https://medium.com/munchy-bytes/security-disclosure-of-vulnerabilities-cve-2023-40519-2fc319737dfa",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-408xx/CVE-2023-40830.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-40830",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-03T20:15:09.967",
"lastModified": "2023-10-03T20:15:09.967",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Tenda AC6 v15.03.05.19 is vulnerable to Buffer Overflow as the Index parameter does not verify the length."
}
],
"metrics": {},
"references": [
{
"url": "https://reference1.example.com/goform/WifiWpsOOB",
"source": "cve@mitre.org"
}
]
}

93
CVE-2023/CVE-2023-414xx/CVE-2023-41444.json
View File

@ -2,27 +2,108 @@
"id": "CVE-2023-41444",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-28T03:15:11.193",
"lastModified": "2023-09-28T12:44:04.973",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-03T20:44:50.587",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue in Binalyze IREC.sys v.3.11.0 and before allows a local attacker to execute arbitrary code and escalate privileges via the fun_1400084d0 function in IREC.sys driver."
},
{
"lang": "es",
"value": "Un problema en Binalyze IREC.sys v.3.11.0 y anteriores permite a un atacante local ejecutar c\u00f3digo arbitrario y escalar privilegios a trav\u00e9s de la funci\u00f3n fun_1400084d0 en el controlador IREC.sys."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:binalyze:irec:*:*:*:*:*:*:*:*",
"versionEndIncluding": "3.11.0",
"matchCriteriaId": "40C54DA7-E154-4763-B06B-441FA3ED312C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://blog.dru1d.ninja/windows-driver-exploit-development-irec-sys-a5eb45093945",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://gist.github.com/dru1d-foofus/1af21179f253879f101c3a8d4f718bf0",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://github.com/magicsword-io/LOLDrivers/blob/main/yaml/d74fdf19-b4b0-4ec2-9c29-4213b064138b.yml",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Product"
]
}
]
}

47
CVE-2023/CVE-2023-416xx/CVE-2023-41692.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-41692",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-10-02T08:15:38.273",
"lastModified": "2023-10-02T12:57:39.087",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-03T20:56:03.563",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -50,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hennessey:attorney:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "3",
"matchCriteriaId": "F01D02CE-0FFB-49BD-A51F-5F8A5901C327"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/attorney/wordpress-attorney-theme-3-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-417xx/CVE-2023-41728.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-41728",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-10-02T08:15:38.580",
"lastModified": "2023-10-02T12:57:39.087",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-03T20:55:45.703",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -50,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:rescuethemes:rescue_shortcodes:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.5",
"matchCriteriaId": "345C83FD-FBC8-4CA1-8B2F-0F7364DDCAC7"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/rescue-shortcodes/wordpress-rescue-shortcodes-plugin-2-5-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-417xx/CVE-2023-41729.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-41729",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-10-02T08:15:38.660",
"lastModified": "2023-10-02T12:57:39.087",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-03T20:55:37.293",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -50,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pressified:sendpress:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.22.3.31",
"matchCriteriaId": "D46908F6-C7E4-44DB-9047-99CEF076E36A"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/sendpress/wordpress-sendpress-newsletters-plugin-1-22-3-31-cross-site-scripting-xss?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-417xx/CVE-2023-41731.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-41731",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-10-02T08:15:38.733",
"lastModified": "2023-10-02T12:57:39.087",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-03T20:55:28.333",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -50,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:i13websolution:wordpress_publish_post_email_notification:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.0.2.2",
"matchCriteriaId": "770433B6-1FCC-4660-9098-8D2DF508DFE8"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/publish-post-email-notification/wordpress-wordpress-publish-post-email-notification-plugin-1-0-2-2-cross-site-scripting-xss?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-417xx/CVE-2023-41733.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-41733",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-10-02T08:15:38.803",
"lastModified": "2023-10-02T12:57:39.087",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-03T20:55:19.597",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -50,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:yydevelopment:back_to_the_top_button:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.1.5",
"matchCriteriaId": "9D58528A-DEF2-469F-A703-DDA9D9039B6B"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/back-to-the-top-button/wordpress-back-to-the-top-button-plugin-2-1-5-cross-site-scripting-xss?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

59
CVE-2023/CVE-2023-417xx/CVE-2023-41734.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-41734",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-10-02T08:15:38.880",
"lastModified": "2023-10-02T12:57:39.087",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-03T20:55:10.330",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -40,7 +60,7 @@
},
"weaknesses": [
{
"source": "audit@patchstack.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
@ -48,12 +68,43 @@
"value": "CWE-79"
}
]
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nigauri:insert_estimated_reading_time:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.2",
"matchCriteriaId": "92E480C9-54AF-4ADF-A628-88C3736C550A"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/insert-estimated-reading-time/wordpress-insert-estimated-reading-time-plugin-1-2-cross-site-scripting-xss?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-417xx/CVE-2023-41736.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-41736",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-10-02T08:15:38.957",
"lastModified": "2023-10-02T12:57:39.087",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-03T20:54:57.590",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -50,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gopiplus:email_posts_to_subscribers:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "6.2",
"matchCriteriaId": "1A3DA4A2-611E-41D6-85A3-B376FD846BCF"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/email-posts-to-subscribers/wordpress-email-posts-to-subscribers-plugin-6-2-cross-site-scripting-xss?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-417xx/CVE-2023-41737.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-41737",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-10-02T09:15:11.717",
"lastModified": "2023-10-02T12:57:39.087",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-03T20:54:48.490",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -50,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpgens:swifty_bar:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.2.10",
"matchCriteriaId": "AE01FEE7-E333-45FF-A6B2-D6ABDD478824"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/swifty-bar/wordpress-swifty-bar-sticky-bar-by-wpgens-plugin-1-2-10-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-417xx/CVE-2023-41797.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-41797",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-10-02T09:15:11.813",
"lastModified": "2023-10-02T12:57:39.087",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-03T20:54:36.833",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -50,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:goldplugins:locations:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "4.0",
"matchCriteriaId": "63EA243C-A1CF-43E9-AC7F-E1371F0D0040"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/locations/wordpress-locations-plugin-4-0-cross-site-scripting-xss?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

69
CVE-2023/CVE-2023-421xx/CVE-2023-42132.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-42132",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2023-10-02T05:15:26.470",
"lastModified": "2023-10-02T12:57:39.087",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-03T20:56:24.067",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,15 +14,74 @@
"value": "FD Application en la edici\u00f3n de abril de 2022 (versi\u00f3n 9.01) y anteriores, restringe incorrectamente las referencias XML external entities (XXE). Al procesar un archivo XML especialmente manipulado, un atacante puede leer archivos arbitrarios del sistema."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-611"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mhlw:fd_application:*:*:*:*:*:*:*:*",
"versionEndIncluding": "9.01",
"matchCriteriaId": "589B1282-6597-4193-B148-45A8135CC2F0"
}
]
}
]
}
],
"references": [
{
"url": "https://jvn.jp/en/jp/JVN39596244/",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://web.fd-shinsei.mhlw.go.jp/download/software/index.html",
"source": "vultures@jpcert.or.jp"
"source": "vultures@jpcert.or.jp",
"tags": [
"Product"
]
}
]
}

32
CVE-2023/CVE-2023-431xx/CVE-2023-43176.json Normal file
View File

@ -0,0 +1,32 @@
{
"id": "CVE-2023-43176",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-03T21:15:10.330",
"lastModified": "2023-10-03T21:15:10.330",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A deserialization vulnerability in Afterlogic Aurora Files v9.7.3 allows attackers to execute arbitrary code via supplying a crafted .sabredav file."
}
],
"metrics": {},
"references": [
{
"url": "http://afterlogic.com",
"source": "cve@mitre.org"
},
{
"url": "http://aurora.com",
"source": "cve@mitre.org"
},
{
"url": "https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H&version=3.1",
"source": "cve@mitre.org"
},
{
"url": "https://sec.leonardini.dev/blog/cve-2023-43176-rce_aurora_files/",
"source": "cve@mitre.org"
}
]
}

10
CVE-2023/CVE-2023-432xx/CVE-2023-43256.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-43256",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-25T14:15:10.690",
"lastModified": "2023-09-25T17:34:36.557",
"vulnStatus": "Analyzed",
"lastModified": "2023-10-03T21:15:10.377",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -11,7 +11,7 @@
},
{
"lang": "es",
"value": "Un recorrido de ruta en Gladys Assistant v4.26.1 y versiones anteriores permite a atacantes autenticados extraer archivos confidenciales en la m\u00e1quina host aprovechando una entrada de usuario no desinfectada."
"value": "Un recorrido de ruta en Gladys Assistant v4.26.1 y versiones anteriores permite a atacantes autenticados extraer archivos confidenciales en la m\u00e1quina host aprovechando una entrada de usuario no sanitizada."
}
],
"metrics": {
@ -69,6 +69,10 @@
}
],
"references": [
{
"url": "https://blog.moku.fr/cves/CVE-2023-43256/",
"source": "cve@mitre.org"
},
{
"url": "https://blog.moku.fr/cves/CVE-unassigned/",
"source": "cve@mitre.org",

20
CVE-2023/CVE-2023-438xx/CVE-2023-43898.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-43898",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-03T21:15:10.440",
"lastModified": "2023-10-03T21:15:10.440",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Nothings stb 2.28 was discovered to contain a Null Pointer Dereference via the function stbi__convert_format. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted pic file."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/peccc/null-stb",
"source": "cve@mitre.org"
}
]
}

78
CVE-2023/CVE-2023-439xx/CVE-2023-43907.json
View File

@ -2,27 +2,93 @@
"id": "CVE-2023-43907",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-01T01:15:24.947",
"lastModified": "2023-10-01T03:02:09.307",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-03T20:57:20.290",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "OptiPNG v0.7.7 was discovered to contain a global buffer overflow via the 'buffer' variable at gifread.c."
},
{
"lang": "es",
"value": "Se descubri\u00f3 que OptiPNG v0.7.7 conten\u00eda un desbordamiento de b\u00fafer global a trav\u00e9s de la variable 'buffer' en gifread.c."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:optipng_project:optipng:0.7.7:*:*:*:*:*:*:*",
"matchCriteriaId": "46C922AC-D97D-401D-B331-1AB187091B58"
}
]
}
]
}
],
"metrics": {},
"references": [
{
"url": "http://optipng.sourceforge.net/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://github.com/Frank-Z7/z-vulnerabilitys/blob/main/optipng-global-buffer-overflow1/optipng-global-buffer-overflow1.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://sourceforge.net/projects/optipng/files/OptiPNG/optipng-0.7.7/optipng-0.7.7.tar.gz/download?use_mirror=udomain&download=",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
}
]
}

20
CVE-2023/CVE-2023-439xx/CVE-2023-43951.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-43951",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-03T21:15:10.487",
"lastModified": "2023-10-03T21:15:10.487",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "SSCMS 7.2.2 was discovered to contain a cross-site scripting (XSS) vulnerability via the Column Management component."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/M19O/Security-Advisories/tree/main/CVE-2023-43951",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-439xx/CVE-2023-43952.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-43952",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-03T21:15:10.533",
"lastModified": "2023-10-03T21:15:10.533",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "SSCMS 7.2.2 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Material Management component."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/M19O/Security-Advisories/tree/main/CVE-2023-43952",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-439xx/CVE-2023-43953.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-43953",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-03T21:15:10.573",
"lastModified": "2023-10-03T21:15:10.573",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "SSCMS 7.2.2 was discovered to contain a cross-site scripting (XSS) vulnerability via the Content Management component."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/M19O/Security-Advisories/tree/main/CVE-2023-43953",
"source": "cve@mitre.org"
}
]
}

6
CVE-2023/CVE-2023-440xx/CVE-2023-44043.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-44043",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-27T15:19:35.577",
"lastModified": "2023-09-28T15:48:59.240",
"vulnStatus": "Analyzed",
"lastModified": "2023-10-03T20:15:10.020",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "A stored cross-site scripting (XSS) vulnerability in /settings/index.php of Black Cat CMS 1.4.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Website footer parameter."
"value": "A reflected cross-site scripting (XSS) vulnerability in /install/index.php of Black Cat CMS 1.4.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Website title parameter."
},
{
"lang": "es",

47
CVE-2023/CVE-2023-444xx/CVE-2023-44477.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-44477",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-10-02T09:15:12.437",
"lastModified": "2023-10-02T12:57:34.287",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-03T21:08:10.020",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -50,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:boxystudio:cooked:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.7.13",
"matchCriteriaId": "3404A8E0-04D3-456F-802E-A03A98E77E4D"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/cooked/wordpress-cooked-plugin-1-7-13-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

131
CVE-2023/CVE-2023-444xx/CVE-2023-44488.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-44488",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-30T20:15:10.200",
"lastModified": "2023-10-03T05:15:51.277",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-03T20:57:51.777",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -14,35 +14,146 @@
"value": "VP9 en libvpx anterior a 1.13.1 maneja mal las anchuras, lo que provoca un bloqueo relacionado con la codificaci\u00f3n."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-755"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:webmproject:libvpx:*:*:*:*:*:*:*:*",
"versionEndExcluding": "1.13.1",
"matchCriteriaId": "385F58CC-4AA0-4C41-9394-C9481586689E"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"
}
]
}
]
}
],
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2023/09/30/4",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241806",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch"
]
},
{
"url": "https://github.com/webmproject/libvpx/commit/263682c9a29395055f3b3afe2d97be1828a6223f",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/webmproject/libvpx/commit/df9fd9d5b7325060b2b921558a1eb20ca7880937",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/webmproject/libvpx/compare/v1.13.0...v1.13.1",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/webmproject/libvpx/releases/tag/v1.13.1",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Release Notes"
]
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00001.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Mailing List"
]
}
]
}

20
CVE-2023/CVE-2023-449xx/CVE-2023-44973.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-44973",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-03T21:15:10.617",
"lastModified": "2023-10-03T21:15:10.617",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An arbitrary file upload vulnerability in the component /content/templates/ of Emlog Pro v2.2.0 allows attackers to execute arbitrary code via uploading a crafted PHP file."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/yangliukk/emlog/blob/main/Template-getshell.md",
"source": "cve@mitre.org"
}
]
}

20
CVE-2023/CVE-2023-449xx/CVE-2023-44974.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-44974",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-03T21:15:10.660",
"lastModified": "2023-10-03T21:15:10.660",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "An arbitrary file upload vulnerability in the component /admin/plugin.php of Emlog Pro v2.2.0 allows attackers to execute arbitrary code via uploading a crafted PHP file."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/yangliukk/emlog/blob/main/Plugin-getshell.md",
"source": "cve@mitre.org"
}
]
}

16
CVE-2023/CVE-2023-48xx/CVE-2023-4806.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-4806",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-09-18T17:15:55.813",
"lastModified": "2023-09-26T19:54:11.657",
"vulnStatus": "Analyzed",
"lastModified": "2023-10-03T21:15:10.707",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed, resulting in an application crash. This issue is only exploitable when a NSS module implements only the _nss_*_gethostbyname2_r and _nss_*_getcanonname_r hooks without implementing the _nss_*_gethostbyname3_r hook. The resolved name should return a large number of IPv6 and IPv4, and the call to the getaddrinfo function should have the AF_INET6 address family with AI_CANONNAME, AI_ALL and AI_V4MAPPED as flags."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una falla en glibc. En una situaci\u00f3n extremadamente rara, la funci\u00f3n getaddrinfo puede acceder a la memoria que se ha liberado, lo que provoca un bloqueo de la aplicaci\u00f3n. Este problema solo se puede explotar cuando un m\u00f3dulo NSS implementa solo los hooks _nss_*_gethostbyname2_r y _nss_*_getcanonname_r sin implementar el hook _nss_*_gethostbyname3_r. El nombre resuelto debe devolver una gran cantidad de direcciones IPv6 e IPv4, y la llamada a la funci\u00f3n getaddrinfo debe tener la familia de direcciones AF_INET6 con AI_CANONNAME, AI_ALL y AI_V4MAPPED como indicadores."
}
],
"metrics": {
@ -109,6 +113,14 @@
}
],
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2023/10/03/4",
"source": "secalert@redhat.com"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/10/03/5",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-4806",
"source": "secalert@redhat.com",

10
CVE-2023/CVE-2023-49xx/CVE-2023-4911.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-4911",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-10-03T18:15:10.463",
"lastModified": "2023-10-03T18:15:10.463",
"lastModified": "2023-10-03T21:15:10.783",
"vulnStatus": "Received",
"descriptions": [
{
@ -35,6 +35,14 @@
]
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2023/10/03/2",
"source": "secalert@redhat.com"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/10/03/3",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-4911",
"source": "secalert@redhat.com"

10
CVE-2023/CVE-2023-51xx/CVE-2023-5156.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-5156",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-09-25T16:15:15.613",
"lastModified": "2023-10-02T16:15:10.297",
"lastModified": "2023-10-03T21:15:10.857",
"vulnStatus": "Modified",
"descriptions": [
{
@ -109,6 +109,14 @@
}
],
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2023/10/03/4",
"source": "secalert@redhat.com"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/10/03/5",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-5156",
"source": "secalert@redhat.com",

64
CVE-2023/CVE-2023-52xx/CVE-2023-5259.json
View File

@ -2,15 +2,41 @@
"id": "CVE-2023-5259",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-09-29T12:15:13.203",
"lastModified": "2023-09-29T12:45:25.177",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-03T20:36:25.593",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as problematic was found in ForU CMS. This vulnerability affects unknown code of the file /admin/cms_admin.php. The manipulation of the argument del leads to denial of service. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available. The identifier of this vulnerability is VDB-240868."
},
{
"lang": "es",
"value": "Una vulnerabilidad fue encontrada en ForU CMS y clasificada como problem\u00e1tica. Esta vulnerabilidad afecta al c\u00f3digo desconocido del archivo /admin/cms_admin.php. La manipulaci\u00f3n del argumento del conduce a la denegaci\u00f3n de servicio. El ataque se puede iniciar de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. Este producto utiliza un lanzamiento continuo para proporcionar una entrega continua. Por lo tanto, no hay detalles disponibles para las versiones afectadas ni actualizadas. El identificador de esta vulnerabilidad es VDB-240868."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,18 +97,46 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:foru_cms_project:foru_cms:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F77BC951-0137-4E12-B3BE-F50DF11226E3"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/RCEraser/cve/blob/main/ForU-CMS.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.240868",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.240868",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

71
CVE-2023/CVE-2023-53xx/CVE-2023-5300.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-5300",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-09-30T10:15:10.517",
"lastModified": "2023-10-01T03:02:09.307",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-03T20:52:49.163",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -15,6 +15,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -65,7 +87,7 @@
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
@ -73,20 +95,57 @@
"value": "CWE-89"
}
]
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ttsplanning:ttsplanning:*:*:*:*:*:*:*:*",
"versionEndIncluding": "20230925",
"matchCriteriaId": "3EA75B9B-374C-4B17-93D5-B868A06710D6"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/CV3TR4CK/CV3Cyb3R/blob/main/2023/TTSPlanning/TTSPlanning.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.240939",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://vuldb.com/?id.240939",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required"
]
}
]
}

74
CVE-2023/CVE-2023-53xx/CVE-2023-5313.json
View File

@ -2,15 +2,41 @@
"id": "CVE-2023-5313",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-09-30T15:15:10.337",
"lastModified": "2023-10-01T03:02:09.307",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-03T20:05:07.437",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as problematic was found in phpkobo Ajax Poll Script 3.18. Affected by this vulnerability is an unknown functionality of the file ajax-poll.php of the component Poll Handler. The manipulation leads to improper enforcement of a single, unique action. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-240949 was assigned to this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad fue encontrada en phpkobo Ajax Poll Script 3.18 y clasificada como problem\u00e1tica. Una funci\u00f3n desconocida del archivo ajax-poll.php del componente Poll Handler es afectada por esta vulnerabilidad. La manipulaci\u00f3n conduce a la ejecuci\u00f3n inadecuada de una acci\u00f3n \u00fanica y \u00fanica. El ataque se puede lanzar de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. A esta vulnerabilidad se le asign\u00f3 el identificador VDB-240949."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW"
},
"exploitabilityScore": 2.2,
"impactScore": 1.4
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -61,8 +87,18 @@
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-362"
}
]
},
{
"source": "cna@vuldb.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -71,18 +107,44 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:phpkobo:ajax_poll_script:3.18:*:*:*:*:*:*:*",
"matchCriteriaId": "ED164D96-5174-4987-8292-3641DA5611BB"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/tht1997/WhiteBox/blob/main/PHPKOBO/ajax_pool_script.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
},
{
"url": "https://vuldb.com/?ctiid.240949",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required"
]
},
{
"url": "https://vuldb.com/?id.240949",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required"
]
}
]
}

267
CVE-2023/CVE-2023-53xx/CVE-2023-5321.json
View File

@ -2,15 +2,41 @@
"id": "CVE-2023-5321",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-09-30T14:15:15.843",
"lastModified": "2023-10-01T03:02:09.307",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-03T20:58:47.980",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization in GitHub repository hamza417/inure prior to build94."
},
{
"lang": "es",
"value": "Falta autorizaci\u00f3n en el repositorio de GitHub hamza417/inure antes de build94."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -46,14 +72,247 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hamza417:inure:build44:*:*:*:*:android:*:*",
"matchCriteriaId": "87394290-8249-483E-A8A0-2FBCF75A1051"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hamza417:inure:build45:*:*:*:*:android:*:*",
"matchCriteriaId": "2A843F84-D761-487B-A93E-B8E76AA8E365"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hamza417:inure:build46:*:*:*:*:android:*:*",
"matchCriteriaId": "A091386E-FEA7-4B3A-810B-466F2BABC352"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hamza417:inure:build47:*:*:*:*:android:*:*",
"matchCriteriaId": "3037260D-E131-4EDE-9189-B1FB0A5A5429"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hamza417:inure:build48:*:*:*:*:android:*:*",
"matchCriteriaId": "3C15666B-5CD6-49F9-BD6E-1F89C55E1E5C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hamza417:inure:build49:*:*:*:*:android:*:*",
"matchCriteriaId": "94983588-9C53-46DD-B7F2-E48967B55DEC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hamza417:inure:build51:*:*:*:*:android:*:*",
"matchCriteriaId": "FE23796A-FD93-475A-828E-BD42F7C27851"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hamza417:inure:build52:*:*:*:*:android:*:*",
"matchCriteriaId": "5D5B20EF-6DB4-46A2-9FB9-03A5773632B1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hamza417:inure:build53:*:*:*:*:android:*:*",
"matchCriteriaId": "6B969370-88D9-4059-B91B-BF9BC1621DF5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hamza417:inure:build55:*:*:*:*:android:*:*",
"matchCriteriaId": "7E9567E1-7561-4E13-91F0-DF34E30C8259"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hamza417:inure:build56:*:*:*:*:android:*:*",
"matchCriteriaId": "EC5D4C76-982F-48CF-A82E-6CCDC8925115"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hamza417:inure:build57:*:*:*:*:android:*:*",
"matchCriteriaId": "611070EE-763F-459F-8B9D-89C55997D8F6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hamza417:inure:build58:*:*:*:*:android:*:*",
"matchCriteriaId": "6B638451-2C56-48F8-903E-D2FCFB0645D5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hamza417:inure:build59:*:*:*:*:android:*:*",
"matchCriteriaId": "97DADF5F-0278-492D-8B1E-48CA370669A9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hamza417:inure:build60:*:*:*:*:android:*:*",
"matchCriteriaId": "5D1D5563-CD34-4E56-B8B5-8587E5E9F35F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hamza417:inure:build61:*:*:*:*:android:*:*",
"matchCriteriaId": "2E747A57-6A29-4185-9312-FBE54E867F44"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hamza417:inure:build62:*:*:*:*:android:*:*",
"matchCriteriaId": "831150BC-FAF5-4F72-B344-10988D9CABCB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hamza417:inure:build63:*:*:*:*:android:*:*",
"matchCriteriaId": "EA698C87-4CCD-4857-A85C-D09741D8D38C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hamza417:inure:build64:*:*:*:*:android:*:*",
"matchCriteriaId": "B8C7AAE5-4EAA-475E-AB89-1F29C8FB4B64"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hamza417:inure:build65:*:*:*:*:android:*:*",
"matchCriteriaId": "9D51C065-4487-4802-9BD9-10ED0387DF0A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hamza417:inure:build66:*:*:*:*:android:*:*",
"matchCriteriaId": "C8BEFFEB-CAE5-499B-B815-1CD205F39434"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hamza417:inure:build67:*:*:*:*:android:*:*",
"matchCriteriaId": "2CF8D831-DF7C-446E-93F8-3D5AE164A427"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hamza417:inure:build68:*:*:*:*:android:*:*",
"matchCriteriaId": "F26BFF90-A51B-4027-9143-4B61B12A1CCC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hamza417:inure:build69:*:*:*:*:android:*:*",
"matchCriteriaId": "83A39BFC-4974-4213-8E4A-DBFCFB61B4DD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hamza417:inure:build70:*:*:*:*:android:*:*",
"matchCriteriaId": "28379D90-2075-41EC-BB8F-55C71C79FE30"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hamza417:inure:build71:*:*:*:*:android:*:*",
"matchCriteriaId": "4D89556A-C668-4AAF-B914-F9E73AEA7C54"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hamza417:inure:build72:*:*:*:*:android:*:*",
"matchCriteriaId": "60FB0F45-8232-4B63-9A89-E416E1C46132"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hamza417:inure:build73:*:*:*:*:android:*:*",
"matchCriteriaId": "476FAE2E-BA3D-4431-B66C-59BEF5FAE401"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hamza417:inure:build74:*:*:*:*:android:*:*",
"matchCriteriaId": "2F2DD2A7-FA45-48F5-816E-BEEF1ED98180"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hamza417:inure:build75:*:*:*:*:android:*:*",
"matchCriteriaId": "9F91A3B6-44E8-4D4E-B39B-1A24955D52B4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hamza417:inure:build76:*:*:*:*:android:*:*",
"matchCriteriaId": "327CF0CC-7D07-4FE8-844F-DC4A67339FCE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hamza417:inure:build77:*:*:*:*:android:*:*",
"matchCriteriaId": "954BF3FA-22BF-4789-A8D3-D4CE046A0309"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hamza417:inure:build78:*:*:*:*:android:*:*",
"matchCriteriaId": "09C5A9B4-860C-482B-95A8-D9E2384E090E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hamza417:inure:build79:*:*:*:*:android:*:*",
"matchCriteriaId": "CFBAB653-08B9-44A1-B918-EE1E2518C09C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hamza417:inure:build80:*:*:*:*:android:*:*",
"matchCriteriaId": "AA445E51-8A00-4298-BE11-A6C1EF5A3B69"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hamza417:inure:build83:*:*:*:*:android:*:*",
"matchCriteriaId": "499604F5-2385-4444-B47A-C88BEF3DE04F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hamza417:inure:build85:*:*:*:*:android:*:*",
"matchCriteriaId": "E465B1F6-B513-49C6-ADB2-C7969EBB8B30"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hamza417:inure:build86:*:*:*:*:android:*:*",
"matchCriteriaId": "6C6937BF-2A9A-43CC-B281-72C5C5D61B1A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hamza417:inure:build87:*:*:*:*:android:*:*",
"matchCriteriaId": "E5DB21B5-7B52-433E-B18B-E24B56DFF2F9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hamza417:inure:build88:*:*:*:*:android:*:*",
"matchCriteriaId": "EC172BAC-6564-4E9F-80E1-CC8B91052944"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hamza417:inure:build89:*:*:*:*:android:*:*",
"matchCriteriaId": "FE10EAA2-6C78-461A-8080-C7C4795195CB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hamza417:inure:build92:*:*:*:*:android:*:*",
"matchCriteriaId": "0C973B0B-F663-4144-921C-D31A637A36D4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hamza417:inure:build93:*:*:*:*:android:*:*",
"matchCriteriaId": "126E9031-87AA-4776-A366-80DCE9A51978"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/hamza417/inure/commit/57fda918bfd2fb863f579841a46363fe8e10c29b",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Patch"
]
},
{
"url": "https://huntr.dev/bounties/b1becc68-e738-458f-bd99-06ee77580d3a",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Exploit"
]
}
]
}

81
CVE-2023/CVE-2023-53xx/CVE-2023-5322.json
View File

@ -2,15 +2,41 @@
"id": "CVE-2023-5322",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-10-01T05:15:09.933",
"lastModified": "2023-10-02T00:44:36.450",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-03T20:57:06.370",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "** UNSUPPPORTED WHEN ASSIGNED ** ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in D-Link DAR-7000 up to 20151231. It has been rated as critical. Affected by this issue is some unknown functionality of the file /sysmanage/edit_manageadmin.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-240992. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed immediately that the product is end-of-life. It should be retired and replaced."
},
{
"lang": "es",
"value": "** NO COMPATIBLE CUANDO EST\u00c1 ASIGNADO ** ** NO COMPATIBLE EST\u00c1 CUANDO ASIGNADO ** Se encontr\u00f3 una vulnerabilidad en D-Link DAR-7000 hasta 20151231. Se calific\u00f3 como cr\u00edtica. Una funci\u00f3n desconocida del archivo /sysmanage/edit_manageadmin.php es afectada por este problema. La manipulaci\u00f3n del argumento id conduce a la inyecci\u00f3n de SQL. El ataque puede lanzarse de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. El identificador de esta vulnerabilidad es VDB-240992. NOTA: Esta vulnerabilidad solo afecta a productos que ya no est\u00e1n soportados por el fabricante. NOTA: Se contact\u00f3 primeramente con el proveedor y se confirm\u00f3 de inmediato que el producto ha llegado al final de su vida \u00fatil. Deber\u00eda retirarse y reemplazarse."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,22 +97,65 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:dlink:dar-7000_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2015-12-31",
"matchCriteriaId": "495BA542-4BC4-42FD-874F-3F7B1EB3E625"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:dlink:dar-7000:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1500AB3C-D11B-4683-86AC-FEB6AF6AD69F"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/flyyue2001/cve/blob/main/D-LINK%20-DAR-7000%E5%AD%98%E5%9C%A8sql%E6%B3%A8%E5%85%A5:sysmanage:edit_manageadmin.php.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10354",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.240992",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.240992",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

75
CVE-2023/CVE-2023-53xx/CVE-2023-5329.json
View File

@ -2,15 +2,41 @@
"id": "CVE-2023-5329",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-10-02T00:15:10.100",
"lastModified": "2023-10-02T00:44:36.450",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-03T20:56:43.613",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as problematic was found in Field Logic DataCube4 up to 20231001. This vulnerability affects unknown code of the file /api/ of the component Web API. The manipulation leads to improper authentication. The exploit has been disclosed to the public and may be used. VDB-241030 is the identifier assigned to this vulnerability."
},
{
"lang": "es",
"value": "Una vulnerabilidad fue encontrada en Field Logic DataCube4 hasta 20231001 y clasificada como problem\u00e1tica. Esta vulnerabilidad afecta a un c\u00f3digo desconocido del archivo /api/ del componente Web API. La manipulaci\u00f3n conduce a una autenticaci\u00f3n incorrecta. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. VDB-241030 es el identificador asignado a esta vulnerabilidad."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,18 +97,57 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:f-logic:datacube4_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2023-10-01",
"matchCriteriaId": "5E6F7F5D-716C-4C88-9B00-37BBD7E45176"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:f-logic:datacube4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "708A3F9F-6FAC-4D97-A0C5-A1A780DD1FD3"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/CV3TR4CK/CV3Cyb3R/blob/main/2023/Field%20Logic/Field%20Logic%20DataCube4%20Web%20API%20Improper%20Authentication.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.241030",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.241030",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

67
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-10-03T20:00:24.590046+00:00
2023-10-03T22:00:24.582012+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-10-03T20:00:06.703000+00:00
2023-10-03T21:15:10.857000+00:00
```
### Last Data Feed Release
@ -29,35 +29,60 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
226897
226913
```
### CVEs added in the last Commit
Recently added CVEs: `3`
Recently added CVEs: `16`
* [CVE-2023-4911](CVE-2023/CVE-2023-49xx/CVE-2023-4911.json) (`2023-10-03T18:15:10.463`)
* [CVE-2023-5255](CVE-2023/CVE-2023-52xx/CVE-2023-5255.json) (`2023-10-03T18:15:10.577`)
* [CVE-2023-43976](CVE-2023/CVE-2023-439xx/CVE-2023-43976.json) (`2023-10-03T19:15:09.677`)
* [CVE-2023-40830](CVE-2023/CVE-2023-408xx/CVE-2023-40830.json) (`2023-10-03T20:15:09.967`)
* [CVE-2023-33268](CVE-2023/CVE-2023-332xx/CVE-2023-33268.json) (`2023-10-03T21:15:09.953`)
* [CVE-2023-33269](CVE-2023/CVE-2023-332xx/CVE-2023-33269.json) (`2023-10-03T21:15:10.003`)
* [CVE-2023-33270](CVE-2023/CVE-2023-332xx/CVE-2023-33270.json) (`2023-10-03T21:15:10.050`)
* [CVE-2023-33271](CVE-2023/CVE-2023-332xx/CVE-2023-33271.json) (`2023-10-03T21:15:10.097`)
* [CVE-2023-33272](CVE-2023/CVE-2023-332xx/CVE-2023-33272.json) (`2023-10-03T21:15:10.143`)
* [CVE-2023-33273](CVE-2023/CVE-2023-332xx/CVE-2023-33273.json) (`2023-10-03T21:15:10.193`)
* [CVE-2023-39645](CVE-2023/CVE-2023-396xx/CVE-2023-39645.json) (`2023-10-03T21:15:10.240`)
* [CVE-2023-40519](CVE-2023/CVE-2023-405xx/CVE-2023-40519.json) (`2023-10-03T21:15:10.283`)
* [CVE-2023-43176](CVE-2023/CVE-2023-431xx/CVE-2023-43176.json) (`2023-10-03T21:15:10.330`)
* [CVE-2023-43898](CVE-2023/CVE-2023-438xx/CVE-2023-43898.json) (`2023-10-03T21:15:10.440`)
* [CVE-2023-43951](CVE-2023/CVE-2023-439xx/CVE-2023-43951.json) (`2023-10-03T21:15:10.487`)
* [CVE-2023-43952](CVE-2023/CVE-2023-439xx/CVE-2023-43952.json) (`2023-10-03T21:15:10.533`)
* [CVE-2023-43953](CVE-2023/CVE-2023-439xx/CVE-2023-43953.json) (`2023-10-03T21:15:10.573`)
* [CVE-2023-44973](CVE-2023/CVE-2023-449xx/CVE-2023-44973.json) (`2023-10-03T21:15:10.617`)
* [CVE-2023-44974](CVE-2023/CVE-2023-449xx/CVE-2023-44974.json) (`2023-10-03T21:15:10.660`)
### CVEs modified in the last Commit
Recently modified CVEs: `13`
Recently modified CVEs: `29`
* [CVE-2022-46285](CVE-2022/CVE-2022-462xx/CVE-2022-46285.json) (`2023-10-03T18:15:10.050`)
* [CVE-2023-5196](CVE-2023/CVE-2023-51xx/CVE-2023-5196.json) (`2023-10-03T18:03:34.537`)
* [CVE-2023-33200](CVE-2023/CVE-2023-332xx/CVE-2023-33200.json) (`2023-10-03T18:09:47.093`)
* [CVE-2023-34970](CVE-2023/CVE-2023-349xx/CVE-2023-34970.json) (`2023-10-03T18:09:47.093`)
* [CVE-2023-4732](CVE-2023/CVE-2023-47xx/CVE-2023-4732.json) (`2023-10-03T18:09:47.093`)
* [CVE-2023-2624](CVE-2023/CVE-2023-26xx/CVE-2023-2624.json) (`2023-10-03T18:15:10.153`)
* [CVE-2023-37988](CVE-2023/CVE-2023-379xx/CVE-2023-37988.json) (`2023-10-03T18:15:10.247`)
* [CVE-2023-38355](CVE-2023/CVE-2023-383xx/CVE-2023-38355.json) (`2023-10-03T19:15:09.603`)
* [CVE-2023-4532](CVE-2023/CVE-2023-45xx/CVE-2023-4532.json) (`2023-10-03T19:28:34.357`)
* [CVE-2023-3922](CVE-2023/CVE-2023-39xx/CVE-2023-3922.json) (`2023-10-03T19:46:15.090`)
* [CVE-2023-5198](CVE-2023/CVE-2023-51xx/CVE-2023-5198.json) (`2023-10-03T19:47:42.877`)
* [CVE-2023-3413](CVE-2023/CVE-2023-34xx/CVE-2023-3413.json) (`2023-10-03T19:55:22.067`)
* [CVE-2023-39410](CVE-2023/CVE-2023-394xx/CVE-2023-39410.json) (`2023-10-03T20:00:06.703`)
* [CVE-2023-5259](CVE-2023/CVE-2023-52xx/CVE-2023-5259.json) (`2023-10-03T20:36:25.593`)
* [CVE-2023-41444](CVE-2023/CVE-2023-414xx/CVE-2023-41444.json) (`2023-10-03T20:44:50.587`)
* [CVE-2023-20262](CVE-2023/CVE-2023-202xx/CVE-2023-20262.json) (`2023-10-03T20:49:29.247`)
* [CVE-2023-5300](CVE-2023/CVE-2023-53xx/CVE-2023-5300.json) (`2023-10-03T20:52:49.163`)
* [CVE-2023-41797](CVE-2023/CVE-2023-417xx/CVE-2023-41797.json) (`2023-10-03T20:54:36.833`)
* [CVE-2023-41737](CVE-2023/CVE-2023-417xx/CVE-2023-41737.json) (`2023-10-03T20:54:48.490`)
* [CVE-2023-41736](CVE-2023/CVE-2023-417xx/CVE-2023-41736.json) (`2023-10-03T20:54:57.590`)
* [CVE-2023-41734](CVE-2023/CVE-2023-417xx/CVE-2023-41734.json) (`2023-10-03T20:55:10.330`)
* [CVE-2023-41733](CVE-2023/CVE-2023-417xx/CVE-2023-41733.json) (`2023-10-03T20:55:19.597`)
* [CVE-2023-41731](CVE-2023/CVE-2023-417xx/CVE-2023-41731.json) (`2023-10-03T20:55:28.333`)
* [CVE-2023-41729](CVE-2023/CVE-2023-417xx/CVE-2023-41729.json) (`2023-10-03T20:55:37.293`)
* [CVE-2023-41728](CVE-2023/CVE-2023-417xx/CVE-2023-41728.json) (`2023-10-03T20:55:45.703`)
* [CVE-2023-41692](CVE-2023/CVE-2023-416xx/CVE-2023-41692.json) (`2023-10-03T20:56:03.563`)
* [CVE-2023-42132](CVE-2023/CVE-2023-421xx/CVE-2023-42132.json) (`2023-10-03T20:56:24.067`)
* [CVE-2023-5329](CVE-2023/CVE-2023-53xx/CVE-2023-5329.json) (`2023-10-03T20:56:43.613`)
* [CVE-2023-5322](CVE-2023/CVE-2023-53xx/CVE-2023-5322.json) (`2023-10-03T20:57:06.370`)
* [CVE-2023-43907](CVE-2023/CVE-2023-439xx/CVE-2023-43907.json) (`2023-10-03T20:57:20.290`)
* [CVE-2023-44488](CVE-2023/CVE-2023-444xx/CVE-2023-44488.json) (`2023-10-03T20:57:51.777`)
* [CVE-2023-5321](CVE-2023/CVE-2023-53xx/CVE-2023-5321.json) (`2023-10-03T20:58:47.980`)
* [CVE-2023-20253](CVE-2023/CVE-2023-202xx/CVE-2023-20253.json) (`2023-10-03T21:06:46.027`)
* [CVE-2023-44477](CVE-2023/CVE-2023-444xx/CVE-2023-44477.json) (`2023-10-03T21:08:10.020`)
* [CVE-2023-43256](CVE-2023/CVE-2023-432xx/CVE-2023-43256.json) (`2023-10-03T21:15:10.377`)
* [CVE-2023-4806](CVE-2023/CVE-2023-48xx/CVE-2023-4806.json) (`2023-10-03T21:15:10.707`)
* [CVE-2023-4911](CVE-2023/CVE-2023-49xx/CVE-2023-4911.json) (`2023-10-03T21:15:10.783`)
* [CVE-2023-5156](CVE-2023/CVE-2023-51xx/CVE-2023-5156.json) (`2023-10-03T21:15:10.857`)
## Download and Usage