admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-08 11:37:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-06-28T04:00:33.254858+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-06-28 04:00:36 +00:00
parent d4c26b3648
commit 9f7574b8ed
37 changed files with 209916 additions and 100 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
CVE-2022/CVE-2022-485xx/CVE-2022-48505.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2022-48505",
"sourceIdentifier": "product-security@apple.com",
"published": "2023-06-28T02:15:49.447",
"lastModified": "2023-06-28T02:15:49.447",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "This issue was addressed with improved data protection. This issue is fixed in macOS Ventura 13. An app may be able to modify protected parts of the file system"
}
],
"metrics": {},
"references": [
{
"url": "https://support.apple.com/en-us/HT213488",
"source": "product-security@apple.com"
}
]
}

63
CVE-2023/CVE-2023-18xx/CVE-2023-1844.json Normal file
View File

@ -0,0 +1,63 @@
{
"id": "CVE-2023-1844",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-06-28T03:15:09.140",
"lastModified": "2023-06-28T03:15:09.140",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Subscribe2 plugin for WordPress is vulnerable to unauthorized access to email functionality due to a missing capability check when sending test emails in versions up to, and including, 10.40. This makes it possible for author-level attackers to send emails with arbitrary content and attachments to site users."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/subscribe2/trunk/admin/send-email.php#L12",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/2930676",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c34ce601-5cf9-433f-bc9d-5c705eba6b08?source=cve",
"source": "security@wordfence.com"
}
]
}

12295
CVE-2023/CVE-2023-259xx/CVE-2023-25936.json
View File

File diff suppressed because it is too large Load Diff

12295
CVE-2023/CVE-2023-259xx/CVE-2023-25937.json
View File

File diff suppressed because it is too large Load Diff

47
CVE-2023/CVE-2023-274xx/CVE-2023-27413.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-27413",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-06-22T08:15:09.173",
"lastModified": "2023-06-22T12:51:30.407",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-28T03:28:51.303",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:w4_post_list_project:w4_post_list:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "2.4.5",
"matchCriteriaId": "5571337F-B8F6-40F7-BD2C-30FE5C75CD05"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/w4-post-list/wordpress-w4-post-list-plugin-2-4-2-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-276xx/CVE-2023-27612.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-27612",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-06-22T08:15:09.277",
"lastModified": "2023-06-22T12:51:30.407",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-28T03:28:38.937",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:geminilabs:site_reviews:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "6.6.0",
"matchCriteriaId": "DE52C307-FBBC-44A5-99CD-272E316628B2"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/site-reviews/wordpress-site-reviews-plugin-6-5-1-cross-site-scripting-xss-vulnerability-2?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-276xx/CVE-2023-27618.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-27618",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-06-22T09:15:10.873",
"lastModified": "2023-06-22T12:51:23.447",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-28T03:27:28.453",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:agilelogix:store_locator:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.4.9",
"matchCriteriaId": "887F153D-75D8-4E70-BABF-68A937710514"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/agile-store-locator/wordpress-store-locator-wordpress-plugin-1-4-9-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-276xx/CVE-2023-27629.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-27629",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-06-22T08:15:09.353",
"lastModified": "2023-06-22T12:51:23.447",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-28T03:28:24.817",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:geminilabs:site_reviews:*:*:*:*:*:wordpress:*:*",
"versionEndExcluding": "6.6.0",
"matchCriteriaId": "DE52C307-FBBC-44A5-99CD-272E316628B2"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/site-reviews/wordpress-site-reviews-plugin-6-5-1-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-276xx/CVE-2023-27631.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-27631",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-06-22T08:15:09.433",
"lastModified": "2023-06-22T12:51:23.447",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-28T03:27:49.077",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:daily_prayer_time_project:daily_prayer_time:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2023.05.04",
"matchCriteriaId": "08D775FF-51F3-496D-9FC9-AFE735D81283"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/daily-prayer-time-for-mosques/wordpress-daily-prayer-time-plugin-2023-02-21-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

12307
CVE-2023/CVE-2023-280xx/CVE-2023-28028.json
View File

File diff suppressed because it is too large Load Diff

12295
CVE-2023/CVE-2023-280xx/CVE-2023-28029.json
View File

File diff suppressed because it is too large Load Diff

12295
CVE-2023/CVE-2023-280xx/CVE-2023-28030.json
View File

File diff suppressed because it is too large Load Diff

12295
CVE-2023/CVE-2023-280xx/CVE-2023-28032.json
View File

File diff suppressed because it is too large Load Diff

12295
CVE-2023/CVE-2023-280xx/CVE-2023-28033.json
View File

File diff suppressed because it is too large Load Diff

12295
CVE-2023/CVE-2023-280xx/CVE-2023-28035.json
View File

File diff suppressed because it is too large Load Diff

12295
CVE-2023/CVE-2023-280xx/CVE-2023-28039.json
View File

File diff suppressed because it is too large Load Diff

12295
CVE-2023/CVE-2023-280xx/CVE-2023-28040.json
View File

File diff suppressed because it is too large Load Diff

12295
CVE-2023/CVE-2023-280xx/CVE-2023-28041.json
View File

File diff suppressed because it is too large Load Diff

12295
CVE-2023/CVE-2023-280xx/CVE-2023-28042.json
View File

File diff suppressed because it is too large Load Diff

12307
CVE-2023/CVE-2023-280xx/CVE-2023-28052.json
View File

File diff suppressed because it is too large Load Diff

12295
CVE-2023/CVE-2023-280xx/CVE-2023-28054.json
View File

File diff suppressed because it is too large Load Diff

12295
CVE-2023/CVE-2023-280xx/CVE-2023-28056.json
View File

File diff suppressed because it is too large Load Diff

12295
CVE-2023/CVE-2023-280xx/CVE-2023-28059.json
View File

File diff suppressed because it is too large Load Diff

12295
CVE-2023/CVE-2023-280xx/CVE-2023-28061.json
View File

File diff suppressed because it is too large Load Diff

47
CVE-2023/CVE-2023-281xx/CVE-2023-28166.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28166",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-06-22T09:15:10.993",
"lastModified": "2023-06-22T12:51:23.447",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-28T03:27:11.383",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:tags_cloud_manager_project:tags_cloud_manager:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.0.0",
"matchCriteriaId": "438D3062-867F-40B4-A585-17F6F07EFC45"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/tags-cloud-manager/wordpress-tags-cloud-manager-plugin-1-0-0-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-281xx/CVE-2023-28171.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28171",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-06-22T09:15:11.070",
"lastModified": "2023-06-22T12:51:23.447",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-28T03:26:44.303",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wpchill:brilliance:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.3.1",
"matchCriteriaId": "1FC6EC11-390F-4EA0-9D47-C6845CFBFB17"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/brilliance/wordpress-brilliance-theme-1-3-1-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-284xx/CVE-2023-28423.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-28423",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-06-22T09:15:11.147",
"lastModified": "2023-06-22T12:51:23.447",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-28T03:26:01.980",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -46,10 +66,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:prismtechstudios:modern_footnotes:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.4.15",
"matchCriteriaId": "F95F42C9-D967-40DA-A138-71595658BF60"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/modern-footnotes/wordpress-modern-footnotes-plugin-1-4-15-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

32
CVE-2023/CVE-2023-33xx/CVE-2023-3330.json Normal file
View File

@ -0,0 +1,32 @@
{
"id": "CVE-2023-3330",
"sourceIdentifier": "psirt-info@cyber.jp.nec.com",
"published": "2023-06-28T02:15:49.523",
"lastModified": "2023-06-28T02:15:49.523",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Improper Limitation of a Pathname to a Restricted Directory vulnerability in NEC Corporation Aterm WG2200HP all versions allows\u00a0a attacker\u00a0to\u00a0obtain specific files in the product\n\n."
}
],
"metrics": {},
"weaknesses": [
{
"source": "psirt-info@cyber.jp.nec.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"references": [
{
"url": "https://https://jpn.nec.com/security-info/secinfo/nv23-007_en.html",
"source": "psirt-info@cyber.jp.nec.com"
}
]
}

32
CVE-2023/CVE-2023-33xx/CVE-2023-3331.json Normal file
View File

@ -0,0 +1,32 @@
{
"id": "CVE-2023-3331",
"sourceIdentifier": "psirt-info@cyber.jp.nec.com",
"published": "2023-06-28T02:15:49.590",
"lastModified": "2023-06-28T02:15:49.590",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Improper Limitation of a Pathname to a Restricted Directory vulnerability in NEC Corporation Aterm WG2200HP all versions allows\u00a0a attacker\u00a0to\u00a0delete\n\n specific files in the product."
}
],
"metrics": {},
"weaknesses": [
{
"source": "psirt-info@cyber.jp.nec.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"references": [
{
"url": "https://https://jpn.nec.com/security-info/secinfo/nv23-007_en.html",
"source": "psirt-info@cyber.jp.nec.com"
}
]
}

32
CVE-2023/CVE-2023-33xx/CVE-2023-3332.json Normal file
View File

@ -0,0 +1,32 @@
{
"id": "CVE-2023-3332",
"sourceIdentifier": "psirt-info@cyber.jp.nec.com",
"published": "2023-06-28T02:15:49.650",
"lastModified": "2023-06-28T02:15:49.650",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation vulnerability in NEC Corporation Aterm WG2200HP all versions allows\u00a0a attacker\u00a0to\u00a0execute an arbitrary script, after obtaining a high privilege exploiting CVE-2023-3330 and CVE-2023-3331 vulnerabilities."
}
],
"metrics": {},
"weaknesses": [
{
"source": "psirt-info@cyber.jp.nec.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://https://jpn.nec.com/security-info/secinfo/nv23-007_en.html",
"source": "psirt-info@cyber.jp.nec.com"
}
]
}

32
CVE-2023/CVE-2023-33xx/CVE-2023-3333.json Normal file
View File

@ -0,0 +1,32 @@
{
"id": "CVE-2023-3333",
"sourceIdentifier": "psirt-info@cyber.jp.nec.com",
"published": "2023-06-28T02:15:49.713",
"lastModified": "2023-06-28T02:15:49.713",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Special Elements used in an OS Command vulnerability in NEC Corporation Aterm WG2200HP all versions allows\u00a0a attacker\u00a0to\u00a0execute an arbitrary OS command with the root privilege, after obtaining a high privilege exploiting CVE-2023-3330 and CVE-2023-3331 vulnerabilities."
}
],
"metrics": {},
"weaknesses": [
{
"source": "psirt-info@cyber.jp.nec.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"references": [
{
"url": "https://https://jpn.nec.com/security-info/secinfo/nv23-007_en.html",
"source": "psirt-info@cyber.jp.nec.com"
}
]
}

81
CVE-2023/CVE-2023-345xx/CVE-2023-34563.json
View File

@ -2,23 +2,94 @@
"id": "CVE-2023-34563",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-20T21:15:09.883",
"lastModified": "2023-06-21T12:29:48.917",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-28T02:15:30.180",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "netgear R6250 Firmware Version 1.0.4.48 is vulnerable to Buffer Overflow after authentication."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:netgear:r6250_firmware:1.0.4.48:*:*:*:*:*:*:*",
"matchCriteriaId": "0B7946DC-F8BA-4CBC-9A4F-18B773D10310"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:netgear:r6250:-:*:*:*:*:*:*:*",
"matchCriteriaId": "321BE843-52C4-4638-A321-439CA7B3A6F2"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/D2y6p/CVE/blob/main/Netgear/CVE-2023-34563/EN.md",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://www.netgear.com/about/security/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
}
]
}

63
CVE-2023/CVE-2023-34xx/CVE-2023-3407.json Normal file
View File

@ -0,0 +1,63 @@
{
"id": "CVE-2023-3407",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-06-28T03:15:09.243",
"lastModified": "2023-06-28T03:15:09.243",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Subscribe2 plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 10.40. This is due to missing or incorrect nonce validation when sending test emails. This makes it possible for unauthenticated attackers to send test emails with custom content to users on sites running a vulnerable version of this plugin via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/subscribe2/trunk/admin/send-email.php#L12",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/2930676",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/92b4d800-2895-4f7b-8b3b-ee6df75a7908?source=cve",
"source": "security@wordfence.com"
}
]
}

63
CVE-2023/CVE-2023-34xx/CVE-2023-3427.json Normal file
View File

@ -0,0 +1,63 @@
{
"id": "CVE-2023-3427",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-06-28T02:15:49.783",
"lastModified": "2023-06-28T02:15:49.783",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "The Salon Booking System plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 8.4.6. This is due to missing or incorrect nonce validation on the 'save_customer' function. This makes it possible for unauthenticated attackers to change the admin role to customer or change the user meta to arbitrary values via a forged request, granted they can trick a site administrator into performing an action such as clicking on a link."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/salon-booking-system/trunk/src/SLN/Admin/Customers.php?rev=2779160#L68",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2931406%40salon-booking-system&new=2931406%40salon-booking-system&sfp_email=&sfph_mail=",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/93875f19-d9b9-4e33-bba9-afc75cf26bf2?source=cve",
"source": "security@wordfence.com"
}
]
}

72
CVE-2023/CVE-2023-351xx/CVE-2023-35166.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35166",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-06-20T20:15:09.563",
"lastModified": "2023-06-21T12:29:48.917",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-28T02:01:12.507",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -12,6 +12,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
@ -36,8 +56,18 @@
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -46,18 +76,48 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:xwiki:xwiki:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.1",
"versionEndExcluding": "14.10.5",
"matchCriteriaId": "459A1364-9F6F-4F0C-B899-0AC3F46AFF26"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/xwiki/xwiki-platform/commit/98208c5bb1e8cdf3ff1ac35d8b3d1cb3c28b3263#diff-4e3467d2ef3871a68b2f910e67cf84531751b32e0126321be83c0f1ed5d90b29L176-R178",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-h7cw-44vp-jq7h",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "https://jira.xwiki.org/browse/XWIKI-20281",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Vendor Advisory"
]
}
]
}

65
CVE-2023/CVE-2023-358xx/CVE-2023-35885.json
View File

@ -2,19 +2,76 @@
"id": "CVE-2023-35885",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-06-20T20:15:09.687",
"lastModified": "2023-06-21T12:29:48.917",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-06-28T02:06:38.247",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "CloudPanel 2 before 2.3.1 has insecure file-manager cookie authentication."
}
],
"metrics": {},
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-565"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mgt-commerce:cloudpanel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "2.0.0",
"versionEndExcluding": "2.3.1",
"matchCriteriaId": "A4FFD347-3819-42EF-A911-2E24338A2C05"
}
]
}
]
}
],
"references": [
{
"url": "https://www.cloudpanel.io/docs/v2/changelog/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Release Notes"
]
}
]
}

46
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-06-28T02:00:28.097247+00:00
2023-06-28T04:00:33.254858+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-06-28T01:47:20.540000+00:00
2023-06-28T03:28:51.303000+00:00
```
### Last Data Feed Release
@ -29,22 +29,52 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
218698
218706
```
### CVEs added in the last Commit
Recently added CVEs: `0`
Recently added CVEs: `8`
* [CVE-2022-48505](CVE-2022/CVE-2022-485xx/CVE-2022-48505.json) (`2023-06-28T02:15:49.447`)
* [CVE-2023-3330](CVE-2023/CVE-2023-33xx/CVE-2023-3330.json) (`2023-06-28T02:15:49.523`)
* [CVE-2023-3331](CVE-2023/CVE-2023-33xx/CVE-2023-3331.json) (`2023-06-28T02:15:49.590`)
* [CVE-2023-3332](CVE-2023/CVE-2023-33xx/CVE-2023-3332.json) (`2023-06-28T02:15:49.650`)
* [CVE-2023-3333](CVE-2023/CVE-2023-33xx/CVE-2023-3333.json) (`2023-06-28T02:15:49.713`)
* [CVE-2023-3427](CVE-2023/CVE-2023-34xx/CVE-2023-3427.json) (`2023-06-28T02:15:49.783`)
* [CVE-2023-1844](CVE-2023/CVE-2023-18xx/CVE-2023-1844.json) (`2023-06-28T03:15:09.140`)
* [CVE-2023-3407](CVE-2023/CVE-2023-34xx/CVE-2023-3407.json) (`2023-06-28T03:15:09.243`)
### CVEs modified in the last Commit
Recently modified CVEs: `3`
Recently modified CVEs: `28`
* [CVE-2020-20718](CVE-2020/CVE-2020-207xx/CVE-2020-20718.json) (`2023-06-28T01:32:42.637`)
* [CVE-2023-2400](CVE-2023/CVE-2023-24xx/CVE-2023-2400.json) (`2023-06-28T01:42:38.987`)
* [CVE-2023-32274](CVE-2023/CVE-2023-322xx/CVE-2023-32274.json) (`2023-06-28T01:47:20.540`)
* [CVE-2023-28059](CVE-2023/CVE-2023-280xx/CVE-2023-28059.json) (`2023-06-28T03:21:11.567`)
* [CVE-2023-28056](CVE-2023/CVE-2023-280xx/CVE-2023-28056.json) (`2023-06-28T03:21:17.360`)
* [CVE-2023-28054](CVE-2023/CVE-2023-280xx/CVE-2023-28054.json) (`2023-06-28T03:21:23.877`)
* [CVE-2023-28052](CVE-2023/CVE-2023-280xx/CVE-2023-28052.json) (`2023-06-28T03:21:42.743`)
* [CVE-2023-28042](CVE-2023/CVE-2023-280xx/CVE-2023-28042.json) (`2023-06-28T03:22:03.813`)
* [CVE-2023-28041](CVE-2023/CVE-2023-280xx/CVE-2023-28041.json) (`2023-06-28T03:22:10.107`)
* [CVE-2023-28040](CVE-2023/CVE-2023-280xx/CVE-2023-28040.json) (`2023-06-28T03:22:19.563`)
* [CVE-2023-28039](CVE-2023/CVE-2023-280xx/CVE-2023-28039.json) (`2023-06-28T03:22:26.747`)
* [CVE-2023-28035](CVE-2023/CVE-2023-280xx/CVE-2023-28035.json) (`2023-06-28T03:22:45.893`)
* [CVE-2023-28033](CVE-2023/CVE-2023-280xx/CVE-2023-28033.json) (`2023-06-28T03:22:56.603`)
* [CVE-2023-28032](CVE-2023/CVE-2023-280xx/CVE-2023-28032.json) (`2023-06-28T03:23:00.017`)
* [CVE-2023-28030](CVE-2023/CVE-2023-280xx/CVE-2023-28030.json) (`2023-06-28T03:23:07.600`)
* [CVE-2023-28029](CVE-2023/CVE-2023-280xx/CVE-2023-28029.json) (`2023-06-28T03:23:31.030`)
* [CVE-2023-28028](CVE-2023/CVE-2023-280xx/CVE-2023-28028.json) (`2023-06-28T03:23:45.550`)
* [CVE-2023-25937](CVE-2023/CVE-2023-259xx/CVE-2023-25937.json) (`2023-06-28T03:23:52.503`)
* [CVE-2023-25936](CVE-2023/CVE-2023-259xx/CVE-2023-25936.json) (`2023-06-28T03:24:02.897`)
* [CVE-2023-28061](CVE-2023/CVE-2023-280xx/CVE-2023-28061.json) (`2023-06-28T03:24:37.977`)
* [CVE-2023-28423](CVE-2023/CVE-2023-284xx/CVE-2023-28423.json) (`2023-06-28T03:26:01.980`)
* [CVE-2023-28171](CVE-2023/CVE-2023-281xx/CVE-2023-28171.json) (`2023-06-28T03:26:44.303`)
* [CVE-2023-28166](CVE-2023/CVE-2023-281xx/CVE-2023-28166.json) (`2023-06-28T03:27:11.383`)
* [CVE-2023-27618](CVE-2023/CVE-2023-276xx/CVE-2023-27618.json) (`2023-06-28T03:27:28.453`)
* [CVE-2023-27631](CVE-2023/CVE-2023-276xx/CVE-2023-27631.json) (`2023-06-28T03:27:49.077`)
* [CVE-2023-27629](CVE-2023/CVE-2023-276xx/CVE-2023-27629.json) (`2023-06-28T03:28:24.817`)
* [CVE-2023-27612](CVE-2023/CVE-2023-276xx/CVE-2023-27612.json) (`2023-06-28T03:28:38.937`)
* [CVE-2023-27413](CVE-2023/CVE-2023-274xx/CVE-2023-27413.json) (`2023-06-28T03:28:51.303`)
## Download and Usage