admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-06 18:52:58 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-06-14T14:00:25.944686+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-06-14 14:00:29 +00:00
parent 7c63fccea7
commit 9f349703cd
51 changed files with 909 additions and 125 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

61
CVE-2013/CVE-2013-100xx/CVE-2013-10030.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2013-10030",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-06-05T22:15:09.260",
"lastModified": "2023-06-06T12:50:56.083",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-14T13:24:55.677",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,18 +93,47 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:angrybyte:wordpress_exit_box_lite:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.06",
"matchCriteriaId": "507831C8-49B6-4792-AEE9-17F1E9E9FC8A"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/wp-plugins/wordpress-exit-box-lite/commit/fad26701addb862c51baf85c6e3cc136aa79c309",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Patch"
]
},
{
"url": "https://vuldb.com/?ctiid.230672",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.230672",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
}
]
}

10
CVE-2021/CVE-2021-271xx/CVE-2021-27131.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2021-27131",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-05-16T20:15:08.987",
"lastModified": "2023-05-25T15:56:09.600",
"vulnStatus": "Analyzed",
"lastModified": "2023-06-14T12:15:09.377",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "Moodle 3.10.1 is vulnerable to persistent/stored cross-site scripting (XSS) due to the improper input sanitization on the \"Additional HTML Section\" via \"Header and Footer\" parameter in /admin/settings.php. This vulnerability is leading an attacker to steal admin and all user account cookies by storing the malicious XSS payload in Header and Footer."
"value": "** DISPUTED ** Moodle 3.10.1 is vulnerable to persistent/stored cross-site scripting (XSS) due to the improper input sanitization on the \"Additional HTML Section\" via \"Header and Footer\" parameter in /admin/settings.php. This vulnerability is leading an attacker to steal admin and all user account cookies by storing the malicious XSS payload in Header and Footer. NOTE: this is disputed by the vendor because the \"Additional HTML Section\" for \"Header and Footer\" can only be supplied by an administrator, who is intentionally allowed to enter unsanitized input (e.g., site-specific JavaScript)."
}
],
"metrics": {
@ -64,6 +64,10 @@
}
],
"references": [
{
"url": "https://docs.moodle.org/402/en/Risks",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/moodle/moodle",
"source": "cve@mitre.org",

4
CVE-2022/CVE-2022-471xx/CVE-2022-47184.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-47184",
"sourceIdentifier": "security@apache.org",
"published": "2023-06-14T08:15:08.633",
"lastModified": "2023-06-14T08:15:08.633",
"vulnStatus": "Received",
"lastModified": "2023-06-14T12:54:19.587",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

64
CVE-2023/CVE-2023-06xx/CVE-2023-0695.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-0695",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-06-09T06:15:52.043",
"lastModified": "2023-06-09T13:03:43.237",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-14T13:44:01.067",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -36,7 +56,7 @@
},
"weaknesses": [
{
"source": "security@wordfence.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
@ -44,16 +64,50 @@
"value": "CWE-79"
}
]
},
{
"source": "security@wordfence.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpmet:metform_elementor_contact_form_builder:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "3.3.0",
"matchCriteriaId": "76FAF3C1-7141-4E7C-ACBA-CD47256F31FA"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/metform/trunk/base/shortcode.php?rev=2845078",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1c866d8d-399c-4bda-a3c9-17c7e5d2ffb8?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

57
CVE-2023/CVE-2023-07xx/CVE-2023-0708.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-0708",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-06-09T06:15:52.557",
"lastModified": "2023-06-09T13:03:43.237",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-14T13:44:22.850",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -46,18 +66,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpmet:metform_elementor_contact_form_builder:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "3.3.0",
"matchCriteriaId": "76FAF3C1-7141-4E7C-ACBA-CD47256F31FA"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/metform/trunk/base/shortcode.php?rev=2845078",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/2907471/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ae7549db-9a4b-4dee-8023-d7863dc3b4c8?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

57
CVE-2023/CVE-2023-07xx/CVE-2023-0709.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-0709",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-06-09T06:15:52.820",
"lastModified": "2023-06-09T13:03:43.237",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-14T13:45:52.187",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "security@wordfence.com",
"type": "Secondary",
@ -46,18 +66,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpmet:metform_elementor_contact_form_builder:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "3.3.0",
"matchCriteriaId": "76FAF3C1-7141-4E7C-ACBA-CD47256F31FA"
}
]
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/metform/trunk/base/shortcode.php?rev=2845078",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://plugins.trac.wordpress.org/changeset/2907471/",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Patch"
]
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/25200656-a6a2-42f2-a607-26d4ff502cbf?source=cve",
"source": "security@wordfence.com"
"source": "security@wordfence.com",
"tags": [
"Third Party Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-08xx/CVE-2023-0837.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-0837",
"sourceIdentifier": "psirt@teamviewer.com",
"published": "2023-06-14T08:15:08.703",
"lastModified": "2023-06-14T08:15:08.703",
"vulnStatus": "Received",
"lastModified": "2023-06-14T12:54:19.587",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-10xx/CVE-2023-1049.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-1049",
"sourceIdentifier": "cybersecurity@se.com",
"published": "2023-06-14T08:15:08.773",
"lastModified": "2023-06-14T08:15:08.773",
"vulnStatus": "Received",
"lastModified": "2023-06-14T12:54:19.587",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

61
CVE-2023/CVE-2023-240xx/CVE-2023-24014.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-24014",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2023-06-07T21:15:13.120",
"lastModified": "2023-06-07T21:36:36.773",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-14T12:56:34.443",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
@ -36,8 +56,18 @@
},
"weaknesses": [
{
"source": "ics-cert@hq.dhs.gov",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "ics-cert@hq.dhs.gov",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -46,10 +76,33 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:deltaww:cncsoft-b:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.0.0.4",
"matchCriteriaId": "1FDB1A38-9200-4286-B14C-7C06CF2A3DFF"
}
]
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-157-01",
"source": "ics-cert@hq.dhs.gov"
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
]
}
]
}

4
CVE-2023/CVE-2023-25xx/CVE-2023-2569.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2569",
"sourceIdentifier": "cybersecurity@se.com",
"published": "2023-06-14T08:15:09.113",
"lastModified": "2023-06-14T08:15:09.113",
"vulnStatus": "Received",
"lastModified": "2023-06-14T12:54:19.587",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-25xx/CVE-2023-2570.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2570",
"sourceIdentifier": "cybersecurity@se.com",
"published": "2023-06-14T08:15:09.187",
"lastModified": "2023-06-14T08:15:09.187",
"vulnStatus": "Received",
"lastModified": "2023-06-14T12:54:19.587",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-306xx/CVE-2023-30631.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30631",
"sourceIdentifier": "security@apache.org",
"published": "2023-06-14T08:15:09.257",
"lastModified": "2023-06-14T08:15:09.257",
"vulnStatus": "Received",
"lastModified": "2023-06-14T12:54:19.587",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-30xx/CVE-2023-3001.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3001",
"sourceIdentifier": "cybersecurity@se.com",
"published": "2023-06-14T08:15:09.577",
"lastModified": "2023-06-14T08:15:09.577",
"vulnStatus": "Received",
"lastModified": "2023-06-14T12:54:19.587",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

59
CVE-2023/CVE-2023-30xx/CVE-2023-3036.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-3036",
"sourceIdentifier": "cna@cloudflare.com",
"published": "2023-06-14T12:15:09.647",
"lastModified": "2023-06-14T12:54:19.587",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An unchecked read in NTP server in github.com/cloudflare/cfnts prior to commit 783490b https://github.com/cloudflare/cfnts/commit/783490b913f05e508a492cd7b02e3c4ec2297b71 \u00a0enabled a remote attacker to trigger a panic by sending an NTSAuthenticator packet with extension length longer than the packet contents.\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@cloudflare.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0
}
]
},
"weaknesses": [
{
"source": "cna@cloudflare.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-119"
},
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "https://github.com/cloudflare/cfnts/security/advisories/GHSA-pwx6-gw47-96cp",
"source": "cna@cloudflare.com"
}
]
}

59
CVE-2023/CVE-2023-30xx/CVE-2023-3040.json Normal file
View File

@ -0,0 +1,59 @@
{
"id": "CVE-2023-3040",
"sourceIdentifier": "cna@cloudflare.com",
"published": "2023-06-14T12:15:09.730",
"lastModified": "2023-06-14T12:54:19.587",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A debug function in the lua-resty-json package, up to commit id 3ef9492bd3a44d9e51301d6adc3cd1789c8f534a (merged in PR #14) contained an out of bounds access bug that could have allowed an attacker to launch a DoS if the function was used to parse untrusted input data. It is important to note that because this debug function was only used in tests and demos, it was not exploitable in a normal environment.\n"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cna@cloudflare.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW"
},
"exploitabilityScore": 2.2,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "cna@cloudflare.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"references": [
{
"url": "https://github.com/cloudflare/lua-resty-json/pull/14",
"source": "cna@cloudflare.com"
},
{
"url": "https://github.com/cloudflare/lua-resty-json/security/advisories/GHSA-h8rp-9622-83pg",
"source": "cna@cloudflare.com"
}
]
}

102
CVE-2023/CVE-2023-311xx/CVE-2023-31114.json
View File

@ -2,19 +2,113 @@
"id": "CVE-2023-31114",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-07T21:15:13.350",
"lastModified": "2023-06-07T21:36:36.773",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-14T13:43:45.193",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in the Shannon RCS component in Samsung Exynos Modem 5123 and 5300. Incorrect resource transfer between spheres can cause unintended querying of the SIM status via a crafted application."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-669"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:exynos_5123_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EFFB4DF2-B55C-45BD-9073-56299E19B6DE"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:samsung:exynos_5123:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A5954D95-E12B-487D-9744-361566788A2D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:samsung:exynos_5300_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6E2E6EE0-4271-43A3-9439-49F332D1FE1C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:samsung:exynos_5300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F9B26D9-AA50-4652-AFC0-A6AC966B4770"
}
]
}
]
}
],
"references": [
{
"url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-314xx/CVE-2023-31437.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-31437",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-13T17:15:14.657",
"lastModified": "2023-06-13T18:27:48.060",
"lastModified": "2023-06-14T12:15:09.497",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in systemd 253. An attacker can modify a sealed log file such that, in some views, not all existing and sealed log messages are displayed."
"value": "** DISPUTED ** An issue was discovered in systemd 253. An attacker can modify a sealed log file such that, in some views, not all existing and sealed log messages are displayed. NOTE: the vendor reportedly sent \"a reply denying that any of the finding was a security vulnerability.\""
}
],
"metrics": {},

4
CVE-2023/CVE-2023-314xx/CVE-2023-31438.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-31438",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-13T17:15:14.707",
"lastModified": "2023-06-13T18:27:41.330",
"lastModified": "2023-06-14T12:15:09.553",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in systemd 253. An attacker can truncate a sealed log file and then resume log sealing such that checking the integrity shows no error, despite modifications."
"value": "** DISPUTED ** An issue was discovered in systemd 253. An attacker can truncate a sealed log file and then resume log sealing such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent \"a reply denying that any of the finding was a security vulnerability.\""
}
],
"metrics": {},

4
CVE-2023/CVE-2023-314xx/CVE-2023-31439.json
View File

@ -2,12 +2,12 @@
"id": "CVE-2023-31439",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-13T17:15:14.753",
"lastModified": "2023-06-13T18:27:41.330",
"lastModified": "2023-06-14T12:15:09.597",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in systemd 253. An attacker can modify the contents of past events in a sealed log file and then adjust the file such that checking the integrity shows no error, despite modifications."
"value": "** DISPUTED ** An issue was discovered in systemd 253. An attacker can modify the contents of past events in a sealed log file and then adjust the file such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent \"a reply denying that any of the finding was a security vulnerability.\""
}
],
"metrics": {},

56
CVE-2023/CVE-2023-31xx/CVE-2023-3142.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3142",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-06-07T15:15:09.533",
"lastModified": "2023-06-07T16:18:07.597",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-14T13:37:31.593",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -11,6 +11,28 @@
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
],
"cvssMetricV30": [
{
"source": "security@huntr.dev",
@ -46,14 +68,40 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:microweber:microweber:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.0",
"matchCriteriaId": "A3C150C1-4763-474B-91B5-B571C53BEC4D"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/microweber/microweber/commit/42efa981a2239d042d910069952d6276497bdcf1",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Patch"
]
},
{
"url": "https://huntr.dev/bounties/d00686b0-f89a-4e14-98d7-b8dd3f92a6e5",
"source": "security@huntr.dev"
"source": "security@huntr.dev",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-31xx/CVE-2023-3189.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3189",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-06-14T06:15:08.507",
"lastModified": "2023-06-14T06:15:08.507",
"vulnStatus": "Received",
"lastModified": "2023-06-14T12:54:19.587",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-32xx/CVE-2023-3227.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3227",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-06-14T06:15:08.720",
"lastModified": "2023-06-14T06:15:08.720",
"vulnStatus": "Received",
"lastModified": "2023-06-14T12:54:19.587",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-32xx/CVE-2023-3228.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3228",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-06-14T06:15:08.800",
"lastModified": "2023-06-14T06:15:08.800",
"vulnStatus": "Received",
"lastModified": "2023-06-14T12:54:19.587",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-32xx/CVE-2023-3229.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3229",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-06-14T06:15:08.877",
"lastModified": "2023-06-14T06:15:08.877",
"vulnStatus": "Received",
"lastModified": "2023-06-14T12:54:19.587",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-32xx/CVE-2023-3230.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3230",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-06-14T06:15:08.937",
"lastModified": "2023-06-14T06:15:08.937",
"vulnStatus": "Received",
"lastModified": "2023-06-14T12:54:19.587",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-32xx/CVE-2023-3231.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3231",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-06-14T06:15:09.007",
"lastModified": "2023-06-14T06:15:09.007",
"vulnStatus": "Received",
"lastModified": "2023-06-14T12:54:19.587",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-32xx/CVE-2023-3232.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3232",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-06-14T06:15:09.080",
"lastModified": "2023-06-14T06:15:09.080",
"vulnStatus": "Received",
"lastModified": "2023-06-14T12:54:19.587",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-32xx/CVE-2023-3233.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3233",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-06-14T07:15:09.337",
"lastModified": "2023-06-14T07:15:09.337",
"vulnStatus": "Received",
"lastModified": "2023-06-14T12:54:19.587",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-32xx/CVE-2023-3234.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3234",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-06-14T07:15:09.437",
"lastModified": "2023-06-14T07:15:09.437",
"vulnStatus": "Received",
"lastModified": "2023-06-14T12:54:19.587",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-32xx/CVE-2023-3235.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3235",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-06-14T07:15:09.510",
"lastModified": "2023-06-14T07:15:09.510",
"vulnStatus": "Received",
"lastModified": "2023-06-14T12:54:19.587",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-32xx/CVE-2023-3236.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3236",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-06-14T07:15:09.580",
"lastModified": "2023-06-14T07:15:09.580",
"vulnStatus": "Received",
"lastModified": "2023-06-14T12:54:19.587",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-32xx/CVE-2023-3237.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3237",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-06-14T08:15:09.640",
"lastModified": "2023-06-14T08:15:09.640",
"vulnStatus": "Received",
"lastModified": "2023-06-14T12:54:19.587",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-32xx/CVE-2023-3238.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3238",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-06-14T08:15:09.713",
"lastModified": "2023-06-14T08:15:09.713",
"vulnStatus": "Received",
"lastModified": "2023-06-14T12:54:19.587",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-32xx/CVE-2023-3239.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3239",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-06-14T09:15:09.333",
"lastModified": "2023-06-14T09:15:09.333",
"vulnStatus": "Received",
"lastModified": "2023-06-14T12:54:19.587",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-32xx/CVE-2023-3240.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3240",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-06-14T09:15:09.717",
"lastModified": "2023-06-14T09:15:09.717",
"vulnStatus": "Received",
"lastModified": "2023-06-14T12:54:19.587",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-32xx/CVE-2023-3241.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3241",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-06-14T09:15:09.783",
"lastModified": "2023-06-14T09:15:09.783",
"vulnStatus": "Received",
"lastModified": "2023-06-14T12:54:19.587",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

84
CVE-2023/CVE-2023-338xx/CVE-2023-33865.json
View File

@ -2,31 +2,101 @@
"id": "CVE-2023-33865",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-07T20:15:10.053",
"lastModified": "2023-06-08T17:15:09.930",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-14T12:50:05.190",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "RenderDoc through 1.26 allows local privilege escalation via a symlink attack."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-59"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:renderdoc:renderdoc:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.26",
"matchCriteriaId": "2A659FB0-27D6-48C3-94FB-0442989375B5"
}
]
}
]
}
],
"references": [
{
"url": "http://packetstormsecurity.com/files/172804/RenderDoc-1.26-Local-Privilege-Escalation-Remote-Code-Execution.html",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://seclists.org/fulldisclosure/2023/Jun/2",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://renderdoc.org/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://www.qualys.com/2023/06/06/renderdoc/renderdoc.txt",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-339xx/CVE-2023-33933.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-33933",
"sourceIdentifier": "security@apache.org",
"published": "2023-06-14T08:15:09.323",
"lastModified": "2023-06-14T08:15:09.323",
"vulnStatus": "Received",
"lastModified": "2023-06-14T12:54:19.587",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-340xx/CVE-2023-34000.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34000",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-06-14T08:15:09.377",
"lastModified": "2023-06-14T08:15:09.377",
"vulnStatus": "Received",
"lastModified": "2023-06-14T12:54:19.587",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-341xx/CVE-2023-34149.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34149",
"sourceIdentifier": "security@apache.org",
"published": "2023-06-14T08:15:09.450",
"lastModified": "2023-06-14T08:15:09.450",
"vulnStatus": "Received",
"lastModified": "2023-06-14T12:54:19.587",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-343xx/CVE-2023-34396.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-34396",
"sourceIdentifier": "security@apache.org",
"published": "2023-06-14T08:15:09.520",
"lastModified": "2023-06-14T08:15:09.520",
"vulnStatus": "Received",
"lastModified": "2023-06-14T12:54:19.587",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

20
CVE-2023/CVE-2023-351xx/CVE-2023-35141.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-35141",
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"published": "2023-06-14T13:15:11.823",
"lastModified": "2023-06-14T13:15:11.823",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "In Jenkins 2.399 and earlier, LTS 2.387.3 and earlier, POST requests are sent in order to load the list of context actions. If part of the URL includes insufficiently escaped user-provided values, a victim may be tricked into sending a POST request to an unexpected endpoint by opening a context menu."
}
],
"metrics": {},
"references": [
{
"url": "https://www.jenkins.io/security/advisory/2023-06-14/#SECURITY-3135",
"source": "jenkinsci-cert@googlegroups.com"
}
]
}

20
CVE-2023/CVE-2023-351xx/CVE-2023-35142.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-35142",
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"published": "2023-06-14T13:15:11.897",
"lastModified": "2023-06-14T13:15:11.897",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Jenkins Checkmarx Plugin 2022.4.3 and earlier disables SSL/TLS validation for connections to the Checkmarx server by default."
}
],
"metrics": {},
"references": [
{
"url": "https://www.jenkins.io/security/advisory/2023-06-14/#SECURITY-2870",
"source": "jenkinsci-cert@googlegroups.com"
}
]
}

20
CVE-2023/CVE-2023-351xx/CVE-2023-35143.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-35143",
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"published": "2023-06-14T13:15:11.957",
"lastModified": "2023-06-14T13:15:11.957",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Jenkins Maven Repository Server Plugin 1.10 and earlier does not escape the versions of build artifacts on the Build Artifacts As Maven Repository page, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control maven project versions in `pom.xml`."
}
],
"metrics": {},
"references": [
{
"url": "https://www.jenkins.io/security/advisory/2023-06-14/#SECURITY-3156",
"source": "jenkinsci-cert@googlegroups.com"
}
]
}

20
CVE-2023/CVE-2023-351xx/CVE-2023-35144.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-35144",
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"published": "2023-06-14T13:15:12.013",
"lastModified": "2023-06-14T13:15:12.013",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Jenkins Maven Repository Server Plugin 1.10 and earlier does not escape project and build display names on the Build Artifacts As Maven Repository page, resulting in a stored cross-site scripting (XSS) vulnerability."
}
],
"metrics": {},
"references": [
{
"url": "https://www.jenkins.io/security/advisory/2023-06-14/#SECURITY-2951",
"source": "jenkinsci-cert@googlegroups.com"
}
]
}

20
CVE-2023/CVE-2023-351xx/CVE-2023-35145.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-35145",
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"published": "2023-06-14T13:15:12.067",
"lastModified": "2023-06-14T13:15:12.067",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Jenkins Sonargraph Integration Plugin 5.0.1 and earlier does not escape the file path and the project name for the Log file field form validation, resulting in a stored cross-site scripting vulnerability exploitable by attackers with Item/Configure permission."
}
],
"metrics": {},
"references": [
{
"url": "https://www.jenkins.io/security/advisory/2023-06-14/#SECURITY-3155",
"source": "jenkinsci-cert@googlegroups.com"
}
]
}

20
CVE-2023/CVE-2023-351xx/CVE-2023-35146.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-35146",
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"published": "2023-06-14T13:15:12.117",
"lastModified": "2023-06-14T13:15:12.117",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Jenkins Template Workflows Plugin 41.v32d86a_313b_4a and earlier does not escape names of jobs used as buildings blocks for Template Workflow Job, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to create jobs."
}
],
"metrics": {},
"references": [
{
"url": "https://www.jenkins.io/security/advisory/2023-06-14/#SECURITY-3166",
"source": "jenkinsci-cert@googlegroups.com"
}
]
}

20
CVE-2023/CVE-2023-351xx/CVE-2023-35147.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-35147",
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"published": "2023-06-14T13:15:12.167",
"lastModified": "2023-06-14T13:15:12.167",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Jenkins AWS CodeCommit Trigger Plugin 3.0.12 and earlier does not restrict the AWS SQS queue name path parameter in an HTTP endpoint, allowing attackers with Item/Read permission to obtain the contents of arbitrary files on the Jenkins controller file system."
}
],
"metrics": {},
"references": [
{
"url": "https://www.jenkins.io/security/advisory/2023-06-14/#SECURITY-3099",
"source": "jenkinsci-cert@googlegroups.com"
}
]
}

20
CVE-2023/CVE-2023-351xx/CVE-2023-35148.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-35148",
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"published": "2023-06-14T13:15:12.220",
"lastModified": "2023-06-14T13:15:12.220",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A cross-site request forgery (CSRF) vulnerability in Jenkins Digital.ai App Management Publisher Plugin 2.6 and earlier allows attackers to connect to an attacker-specified URL, capturing credentials stored in Jenkins."
}
],
"metrics": {},
"references": [
{
"url": "https://www.jenkins.io/security/advisory/2023-06-14/#SECURITY-2911",
"source": "jenkinsci-cert@googlegroups.com"
}
]
}

20
CVE-2023/CVE-2023-351xx/CVE-2023-35149.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-35149",
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"published": "2023-06-14T13:15:12.277",
"lastModified": "2023-06-14T13:15:12.277",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A missing permission check in Jenkins Digital.ai App Management Publisher Plugin 2.6 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL, capturing credentials stored in Jenkins."
}
],
"metrics": {},
"references": [
{
"url": "https://www.jenkins.io/security/advisory/2023-06-14/#SECURITY-2911",
"source": "jenkinsci-cert@googlegroups.com"
}
]
}

64
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-06-14T10:00:30.376135+00:00
2023-06-14T14:00:25.944686+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-06-14T09:15:09.783000+00:00
2023-06-14T13:45:52.187000+00:00
```
### Last Data Feed Release
@ -29,37 +29,55 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
217707
217718
```
### CVEs added in the last Commit
Recently added CVEs: `16`
Recently added CVEs: `11`
* [CVE-2022-47184](CVE-2022/CVE-2022-471xx/CVE-2022-47184.json) (`2023-06-14T08:15:08.633`)
* [CVE-2023-0837](CVE-2023/CVE-2023-08xx/CVE-2023-0837.json) (`2023-06-14T08:15:08.703`)
* [CVE-2023-1049](CVE-2023/CVE-2023-10xx/CVE-2023-1049.json) (`2023-06-14T08:15:08.773`)
* [CVE-2023-2569](CVE-2023/CVE-2023-25xx/CVE-2023-2569.json) (`2023-06-14T08:15:09.113`)
* [CVE-2023-2570](CVE-2023/CVE-2023-25xx/CVE-2023-2570.json) (`2023-06-14T08:15:09.187`)
* [CVE-2023-30631](CVE-2023/CVE-2023-306xx/CVE-2023-30631.json) (`2023-06-14T08:15:09.257`)
* [CVE-2023-33933](CVE-2023/CVE-2023-339xx/CVE-2023-33933.json) (`2023-06-14T08:15:09.323`)
* [CVE-2023-34000](CVE-2023/CVE-2023-340xx/CVE-2023-34000.json) (`2023-06-14T08:15:09.377`)
* [CVE-2023-34149](CVE-2023/CVE-2023-341xx/CVE-2023-34149.json) (`2023-06-14T08:15:09.450`)
* [CVE-2023-34396](CVE-2023/CVE-2023-343xx/CVE-2023-34396.json) (`2023-06-14T08:15:09.520`)
* [CVE-2023-3001](CVE-2023/CVE-2023-30xx/CVE-2023-3001.json) (`2023-06-14T08:15:09.577`)
* [CVE-2023-3237](CVE-2023/CVE-2023-32xx/CVE-2023-3237.json) (`2023-06-14T08:15:09.640`)
* [CVE-2023-3238](CVE-2023/CVE-2023-32xx/CVE-2023-3238.json) (`2023-06-14T08:15:09.713`)
* [CVE-2023-3239](CVE-2023/CVE-2023-32xx/CVE-2023-3239.json) (`2023-06-14T09:15:09.333`)
* [CVE-2023-3240](CVE-2023/CVE-2023-32xx/CVE-2023-3240.json) (`2023-06-14T09:15:09.717`)
* [CVE-2023-3241](CVE-2023/CVE-2023-32xx/CVE-2023-3241.json) (`2023-06-14T09:15:09.783`)
* [CVE-2023-3036](CVE-2023/CVE-2023-30xx/CVE-2023-3036.json) (`2023-06-14T12:15:09.647`)
* [CVE-2023-3040](CVE-2023/CVE-2023-30xx/CVE-2023-3040.json) (`2023-06-14T12:15:09.730`)
* [CVE-2023-35141](CVE-2023/CVE-2023-351xx/CVE-2023-35141.json) (`2023-06-14T13:15:11.823`)
* [CVE-2023-35142](CVE-2023/CVE-2023-351xx/CVE-2023-35142.json) (`2023-06-14T13:15:11.897`)
* [CVE-2023-35143](CVE-2023/CVE-2023-351xx/CVE-2023-35143.json) (`2023-06-14T13:15:11.957`)
* [CVE-2023-35144](CVE-2023/CVE-2023-351xx/CVE-2023-35144.json) (`2023-06-14T13:15:12.013`)
* [CVE-2023-35145](CVE-2023/CVE-2023-351xx/CVE-2023-35145.json) (`2023-06-14T13:15:12.067`)
* [CVE-2023-35146](CVE-2023/CVE-2023-351xx/CVE-2023-35146.json) (`2023-06-14T13:15:12.117`)
* [CVE-2023-35147](CVE-2023/CVE-2023-351xx/CVE-2023-35147.json) (`2023-06-14T13:15:12.167`)
* [CVE-2023-35148](CVE-2023/CVE-2023-351xx/CVE-2023-35148.json) (`2023-06-14T13:15:12.220`)
* [CVE-2023-35149](CVE-2023/CVE-2023-351xx/CVE-2023-35149.json) (`2023-06-14T13:15:12.277`)
### CVEs modified in the last Commit
Recently modified CVEs: `2`
Recently modified CVEs: `39`
* [CVE-2023-22610](CVE-2023/CVE-2023-226xx/CVE-2023-22610.json) (`2023-06-14T08:15:08.860`)
* [CVE-2023-28069](CVE-2023/CVE-2023-280xx/CVE-2023-28069.json) (`2023-06-14T08:15:08.997`)
* [CVE-2023-3233](CVE-2023/CVE-2023-32xx/CVE-2023-3233.json) (`2023-06-14T12:54:19.587`)
* [CVE-2023-3234](CVE-2023/CVE-2023-32xx/CVE-2023-3234.json) (`2023-06-14T12:54:19.587`)
* [CVE-2023-3235](CVE-2023/CVE-2023-32xx/CVE-2023-3235.json) (`2023-06-14T12:54:19.587`)
* [CVE-2023-3236](CVE-2023/CVE-2023-32xx/CVE-2023-3236.json) (`2023-06-14T12:54:19.587`)
* [CVE-2023-0837](CVE-2023/CVE-2023-08xx/CVE-2023-0837.json) (`2023-06-14T12:54:19.587`)
* [CVE-2023-1049](CVE-2023/CVE-2023-10xx/CVE-2023-1049.json) (`2023-06-14T12:54:19.587`)
* [CVE-2023-2569](CVE-2023/CVE-2023-25xx/CVE-2023-2569.json) (`2023-06-14T12:54:19.587`)
* [CVE-2023-2570](CVE-2023/CVE-2023-25xx/CVE-2023-2570.json) (`2023-06-14T12:54:19.587`)
* [CVE-2023-30631](CVE-2023/CVE-2023-306xx/CVE-2023-30631.json) (`2023-06-14T12:54:19.587`)
* [CVE-2023-33933](CVE-2023/CVE-2023-339xx/CVE-2023-33933.json) (`2023-06-14T12:54:19.587`)
* [CVE-2023-34000](CVE-2023/CVE-2023-340xx/CVE-2023-34000.json) (`2023-06-14T12:54:19.587`)
* [CVE-2023-34149](CVE-2023/CVE-2023-341xx/CVE-2023-34149.json) (`2023-06-14T12:54:19.587`)
* [CVE-2023-34396](CVE-2023/CVE-2023-343xx/CVE-2023-34396.json) (`2023-06-14T12:54:19.587`)
* [CVE-2023-3001](CVE-2023/CVE-2023-30xx/CVE-2023-3001.json) (`2023-06-14T12:54:19.587`)
* [CVE-2023-3237](CVE-2023/CVE-2023-32xx/CVE-2023-3237.json) (`2023-06-14T12:54:19.587`)
* [CVE-2023-3238](CVE-2023/CVE-2023-32xx/CVE-2023-3238.json) (`2023-06-14T12:54:19.587`)
* [CVE-2023-3239](CVE-2023/CVE-2023-32xx/CVE-2023-3239.json) (`2023-06-14T12:54:19.587`)
* [CVE-2023-3240](CVE-2023/CVE-2023-32xx/CVE-2023-3240.json) (`2023-06-14T12:54:19.587`)
* [CVE-2023-3241](CVE-2023/CVE-2023-32xx/CVE-2023-3241.json) (`2023-06-14T12:54:19.587`)
* [CVE-2023-24014](CVE-2023/CVE-2023-240xx/CVE-2023-24014.json) (`2023-06-14T12:56:34.443`)
* [CVE-2023-3142](CVE-2023/CVE-2023-31xx/CVE-2023-3142.json) (`2023-06-14T13:37:31.593`)
* [CVE-2023-31114](CVE-2023/CVE-2023-311xx/CVE-2023-31114.json) (`2023-06-14T13:43:45.193`)
* [CVE-2023-0695](CVE-2023/CVE-2023-06xx/CVE-2023-0695.json) (`2023-06-14T13:44:01.067`)
* [CVE-2023-0708](CVE-2023/CVE-2023-07xx/CVE-2023-0708.json) (`2023-06-14T13:44:22.850`)
* [CVE-2023-0709](CVE-2023/CVE-2023-07xx/CVE-2023-0709.json) (`2023-06-14T13:45:52.187`)
## Download and Usage