admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-11-29T15:00:18.644969+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-11-29 15:00:22 +00:00
parent 14645c3028
commit 9fdca10920
45 changed files with 386 additions and 84 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
CVE-2023/CVE-2023-233xx/CVE-2023-23324.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-23324",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-11-29T01:15:07.127",
"lastModified": "2023-11-29T01:15:07.127",
"vulnStatus": "Received",
"lastModified": "2023-11-29T14:18:11.973",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Zumtobel Netlink CCD Onboard 3.74 - Firmware 3.80 was discovered to contain hardcoded credentials for the Administrator account."
},
{
"lang": "es",
"value": "Zumtobel Netlink CCD Onboard 3.74: se descubri\u00f3 que el firmware 3.80 contiene credenciales codificadas para la cuenta de administrador."
}
],
"metrics": {},

8
CVE-2023/CVE-2023-233xx/CVE-2023-23325.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-23325",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-11-29T01:15:07.187",
"lastModified": "2023-11-29T01:15:07.187",
"vulnStatus": "Received",
"lastModified": "2023-11-29T14:18:11.973",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Zumtobel Netlink CCD Onboard 3.74 - Firmware 3.80 was discovered to contain a command injection vulnerability via the NetHostname parameter."
},
{
"lang": "es",
"value": "Zumtobel Netlink CCD Onboard 3.74: se descubri\u00f3 que el firmware 3.80 contiene una vulnerabilidad de inyecci\u00f3n de comandos a trav\u00e9s del par\u00e1metro NetHostname."
}
],
"metrics": {},

8
CVE-2023/CVE-2023-242xx/CVE-2023-24294.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-24294",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-11-29T01:15:07.237",
"lastModified": "2023-11-29T01:15:07.237",
"vulnStatus": "Received",
"lastModified": "2023-11-29T14:18:11.973",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Zumtobel Netlink CCD Onboard v3.74 - Firmware v3.80 was discovered to contain a buffer overflow via the component NetlinkWeb::Information::SetDeviceIdentification."
},
{
"lang": "es",
"value": "Zumtobel Netlink CCD Onboard v3.74 - Se descubri\u00f3 que el firmware v3.80 contiene un desbordamiento del b\u00fafer a trav\u00e9s del componente NetlinkWeb::Information::SetDeviceIdentification."
}
],
"metrics": {},

8
CVE-2023/CVE-2023-290xx/CVE-2023-29060.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-29060",
"sourceIdentifier": "cybersecurity@bd.com",
"published": "2023-11-28T20:15:07.230",
"lastModified": "2023-11-28T21:15:07.190",
"vulnStatus": "Received",
"lastModified": "2023-11-29T14:18:18.333",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "The FACSChorus workstation operating system does not restrict what devices can interact with its USB ports. If exploited, a threat actor with physical access to the workstation could gain access to system information and potentially exfiltrate data."
},
{
"lang": "es",
"value": "El sistema operativo de la estaci\u00f3n de trabajo FACSChorus no restringe qu\u00e9 dispositivos pueden interactuar con sus puertos USB. Si se explota, un actor de amenazas con acceso f\u00edsico a la estaci\u00f3n de trabajo podr\u00eda obtener acceso a la informaci\u00f3n del sistema y potencialmente filtrar datos."
}
],
"metrics": {

8
CVE-2023/CVE-2023-290xx/CVE-2023-29061.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-29061",
"sourceIdentifier": "cybersecurity@bd.com",
"published": "2023-11-28T21:15:07.257",
"lastModified": "2023-11-28T21:15:07.257",
"vulnStatus": "Received",
"lastModified": "2023-11-29T14:18:11.973",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "There is no BIOS password on the FACSChorus workstation. A threat actor with physical access to the workstation can potentially exploit this vulnerability to access the BIOS configuration and modify the drive boot order and BIOS pre-boot authentication."
},
{
"lang": "es",
"value": "No existe una contrase\u00f1a de BIOS en la estaci\u00f3n de trabajo FACSChorus. Un actor de amenazas con acceso f\u00edsico a la estaci\u00f3n de trabajo puede explotar esta vulnerabilidad para acceder a la configuraci\u00f3n del BIOS y modificar el orden de inicio de la unidad y la autenticaci\u00f3n previa al inicio del BIOS."
}
],
"metrics": {

8
CVE-2023/CVE-2023-290xx/CVE-2023-29062.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-29062",
"sourceIdentifier": "cybersecurity@bd.com",
"published": "2023-11-28T21:15:07.440",
"lastModified": "2023-11-28T21:15:07.440",
"vulnStatus": "Received",
"lastModified": "2023-11-29T14:18:11.973",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "The Operating System hosting the FACSChorus application is configured to allow transmission of hashed user credentials upon user action without adequately validating the identity of the requested resource. This is possible through the use of LLMNR, MBT-NS, or MDNS and will result in NTLMv2 hashes being sent to a malicious entity position on the local network. These hashes can subsequently be attacked through brute force and cracked if a weak password is used. This attack would only apply to domain joined systems."
},
{
"lang": "es",
"value": "El sistema operativo que aloja la aplicaci\u00f3n FACSChorus est\u00e1 configurado para permitir la transmisi\u00f3n de credenciales de usuario con hash tras la acci\u00f3n del usuario sin validar adecuadamente la identidad del recurso solicitado. Esto es posible mediante el uso de LLMNR, MBT-NS o MDNS y dar\u00e1 como resultado el env\u00edo de hashes NTLMv2 a una posici\u00f3n de entidad maliciosa en la red local. Posteriormente, estos hashes pueden atacarse mediante fuerza bruta y descifrarse si se utiliza una contrase\u00f1a d\u00e9bil. Este ataque s\u00f3lo se aplicar\u00eda a sistemas unidos a un dominio."
}
],
"metrics": {

8
CVE-2023/CVE-2023-290xx/CVE-2023-29063.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-29063",
"sourceIdentifier": "cybersecurity@bd.com",
"published": "2023-11-28T21:15:07.613",
"lastModified": "2023-11-28T21:15:07.613",
"vulnStatus": "Received",
"lastModified": "2023-11-29T14:18:11.973",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "The FACSChorus workstation does not prevent physical access to its PCI express (PCIe) slots, which could allow a threat actor to insert a PCI card designed for memory capture. A threat actor can then isolate sensitive information such as a BitLocker encryption key from a dump of the workstation RAM during startup."
},
{
"lang": "es",
"value": "La estaci\u00f3n de trabajo FACSChorus no impide el acceso f\u00edsico a sus ranuras PCI express (PCIe), lo que podr\u00eda permitir que un actor de amenazas inserte una tarjeta PCI dise\u00f1ada para la captura de memoria. Luego, un actor de amenazas puede aislar informaci\u00f3n confidencial, como una clave de cifrado BitLocker, de un volcado de la RAM de la estaci\u00f3n de trabajo durante el inicio."
}
],
"metrics": {

8
CVE-2023/CVE-2023-290xx/CVE-2023-29064.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-29064",
"sourceIdentifier": "cybersecurity@bd.com",
"published": "2023-11-28T21:15:07.800",
"lastModified": "2023-11-28T21:15:07.800",
"vulnStatus": "Received",
"lastModified": "2023-11-29T14:18:11.973",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "The FACSChorus software contains sensitive information stored in plaintext. A threat actor could gain hardcoded secrets used by the application, which include tokens and passwords for administrative accounts."
},
{
"lang": "es",
"value": "El software FACSChorus contiene informaci\u00f3n confidencial almacenada en texto plano. Un actor de amenazas podr\u00eda obtener secretos codificados utilizados por la aplicaci\u00f3n, que incluyen tokens y contrase\u00f1as para cuentas administrativas."
}
],
"metrics": {

8
CVE-2023/CVE-2023-290xx/CVE-2023-29065.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-29065",
"sourceIdentifier": "cybersecurity@bd.com",
"published": "2023-11-28T21:15:07.990",
"lastModified": "2023-11-28T21:15:07.990",
"vulnStatus": "Received",
"lastModified": "2023-11-29T14:18:11.973",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "The FACSChorus software database can be accessed directly with the privileges of the currently logged-in user. A threat actor with physical access could potentially gain credentials, which could be used to alter or destroy data stored in the database."
},
{
"lang": "es",
"value": "Se puede acceder directamente a la base de datos del software FACSChorus con los privilegios del usuario actualmente conectado. Un actor de amenazas con acceso f\u00edsico podr\u00eda obtener credenciales, que podr\u00edan usarse para alterar o destruir datos almacenados en la base de datos."
}
],
"metrics": {

8
CVE-2023/CVE-2023-290xx/CVE-2023-29066.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-29066",
"sourceIdentifier": "cybersecurity@bd.com",
"published": "2023-11-28T21:15:08.173",
"lastModified": "2023-11-28T21:15:08.173",
"vulnStatus": "Received",
"lastModified": "2023-11-29T14:18:11.973",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "The FACSChorus software does not properly assign data access privileges for operating system user accounts. A non-administrative OS account can modify information stored in the local application data folders."
},
{
"lang": "es",
"value": "El software FACSChorus no asigna correctamente privilegios de acceso a datos para las cuentas de usuario del sistema operativo. Una cuenta de sistema operativo no administrativa puede modificar la informaci\u00f3n almacenada en las carpetas de datos de la aplicaci\u00f3n local."
}
],
"metrics": {

8
CVE-2023/CVE-2023-305xx/CVE-2023-30588.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-30588",
"sourceIdentifier": "support@hackerone.com",
"published": "2023-11-28T20:15:07.437",
"lastModified": "2023-11-28T20:15:07.437",
"vulnStatus": "Received",
"lastModified": "2023-11-29T14:18:11.973",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "When an invalid public key is used to create an x509 certificate using the crypto.X509Certificate() API a non-expect termination occurs making it susceptible to DoS attacks when the attacker could force interruptions of application processing, as the process terminates when accessing public key info of provided certificates from user code. The current context of the users will be gone, and that will cause a DoS scenario. This vulnerability affects all active Node.js versions v16, v18, and, v20."
},
{
"lang": "es",
"value": "Cuando se utiliza una clave p\u00fablica no v\u00e1lida para crear x509 certificates utilizando la API crypto.X509Certificate(), se produce una terminaci\u00f3n no esperada que la hace susceptible a ataques DoS cuando el atacante podr\u00eda forzar interrupciones en el procesamiento de la aplicaci\u00f3n, ya que el proceso finaliza al acceder a la informaci\u00f3n de clave p\u00fablica de los certificados proporcionados desde el c\u00f3digo de usuario. El contexto actual de los usuarios desaparecer\u00e1 y eso provocar\u00e1 un escenario DoS. Esta vulnerabilidad afecta a todas las versiones activas de Node.js v16, v18 y v20."
}
],
"metrics": {},

8
CVE-2023/CVE-2023-305xx/CVE-2023-30590.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-30590",
"sourceIdentifier": "support@hackerone.com",
"published": "2023-11-28T20:15:07.480",
"lastModified": "2023-11-28T20:15:07.480",
"vulnStatus": "Received",
"lastModified": "2023-11-29T14:18:11.973",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "The generateKeys() API function returned from crypto.createDiffieHellman() only generates missing (or outdated) keys, that is, it only generates a private key if none has been set yet, but the function is also needed to compute the corresponding public key after calling setPrivateKey(). However, the documentation says this API call: \"Generates private and public Diffie-Hellman key values\".\n\nThe documented behavior is very different from the actual behavior, and this difference could easily lead to security issues in applications that use these APIs as the DiffieHellman may be used as the basis for application-level security, implications are consequently broad."
},
{
"lang": "es",
"value": "La funci\u00f3n API generateKeys() devuelta por crypto.createDiffieHellman() solo genera claves faltantes (o desactualizadas), es decir, solo genera una clave privada si a\u00fan no se ha configurado ninguna, pero la funci\u00f3n tambi\u00e9n es necesaria para calcular la clave p\u00fablica correspondiente. despu\u00e9s de llamar a setPrivateKey(). Sin embargo, la documentaci\u00f3n dice que esta llamada API: \"Genera valores de clave Diffie-Hellman p\u00fablicos y privados\". El comportamiento documentado es muy diferente del comportamiento real, y esta diferencia podr\u00eda conducir f\u00e1cilmente a problemas de seguridad en las aplicaciones que utilizan estas API, ya que DiffieHellman puede usarse como base para la seguridad a nivel de aplicaci\u00f3n; en consecuencia, las implicaciones son amplias."
}
],
"metrics": {},

20
CVE-2023/CVE-2023-406xx/CVE-2023-40626.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-40626",
"sourceIdentifier": "security@joomla.org",
"published": "2023-11-29T13:15:07.123",
"lastModified": "2023-11-29T14:18:05.687",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "The language file parsing process could be manipulated to expose environment variables. Environment variables might contain sensible information."
}
],
"metrics": {},
"references": [
{
"url": "https://developer.joomla.org/security-centre/919-20231101-core-exposure-of-environment-variables.html",
"source": "security@joomla.org"
}
]
}

8
CVE-2023/CVE-2023-454xx/CVE-2023-45479.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-45479",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-11-29T06:15:46.507",
"lastModified": "2023-11-29T06:15:46.507",
"vulnStatus": "Received",
"lastModified": "2023-11-29T14:18:11.973",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the list parameter in the function sub_49E098."
},
{
"lang": "es",
"value": "Se descubri\u00f3 que la versi\u00f3n Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn conten\u00eda un desbordamiento de pila a trav\u00e9s del par\u00e1metro de lista en la funci\u00f3n sub_49E098."
}
],
"metrics": {},

8
CVE-2023/CVE-2023-454xx/CVE-2023-45480.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-45480",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-11-29T06:15:46.620",
"lastModified": "2023-11-29T06:15:46.620",
"vulnStatus": "Received",
"lastModified": "2023-11-29T14:18:11.973",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the src parameter in the function sub_47D878."
},
{
"lang": "es",
"value": "Se descubri\u00f3 que la versi\u00f3n Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn conten\u00eda un desbordamiento de pila a trav\u00e9s del par\u00e1metro src en la funci\u00f3n sub_47D878."
}
],
"metrics": {},

8
CVE-2023/CVE-2023-454xx/CVE-2023-45481.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-45481",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-11-29T06:15:46.660",
"lastModified": "2023-11-29T06:15:46.660",
"vulnStatus": "Received",
"lastModified": "2023-11-29T14:18:05.687",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the firewallEn parameter in the function SetFirewallCfg."
},
{
"lang": "es",
"value": "Se descubri\u00f3 que la versi\u00f3n Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn conten\u00eda un desbordamiento de pila a trav\u00e9s del par\u00e1metro firewallEn en la funci\u00f3n SetFirewallCfg."
}
],
"metrics": {},

8
CVE-2023/CVE-2023-454xx/CVE-2023-45482.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-45482",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-11-29T06:15:46.710",
"lastModified": "2023-11-29T06:15:46.710",
"vulnStatus": "Received",
"lastModified": "2023-11-29T14:18:05.687",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the urls parameter in the function get_parentControl_list_Info."
},
{
"lang": "es",
"value": "Se descubri\u00f3 que la versi\u00f3n Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn conten\u00eda un desbordamiento de pila a trav\u00e9s del par\u00e1metro urls en la funci\u00f3n get_parentControl_list_Info."
}
],
"metrics": {},

8
CVE-2023/CVE-2023-454xx/CVE-2023-45483.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-45483",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-11-29T06:15:46.760",
"lastModified": "2023-11-29T06:15:46.760",
"vulnStatus": "Received",
"lastModified": "2023-11-29T14:18:05.687",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the time parameter in the function compare_parentcontrol_time."
},
{
"lang": "es",
"value": "Se descubri\u00f3 que la versi\u00f3n Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn conten\u00eda un desbordamiento de pila a trav\u00e9s del par\u00e1metro de tiempo en la funci\u00f3n compare_parentcontrol_time."
}
],
"metrics": {},

8
CVE-2023/CVE-2023-454xx/CVE-2023-45484.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-45484",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-11-29T06:15:46.810",
"lastModified": "2023-11-29T06:15:46.810",
"vulnStatus": "Received",
"lastModified": "2023-11-29T14:18:05.687",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the shareSpeed parameter in the function fromSetWifiGuestBasic."
},
{
"lang": "es",
"value": "Se descubri\u00f3 que la versi\u00f3n Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn conten\u00eda un desbordamiento de pila a trav\u00e9s del par\u00e1metro shareSpeed en la funci\u00f3n fromSetWifiGuestBasic."
}
],
"metrics": {},

8
CVE-2023/CVE-2023-455xx/CVE-2023-45539.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-45539",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-11-28T20:15:07.817",
"lastModified": "2023-11-28T20:15:07.817",
"vulnStatus": "Received",
"lastModified": "2023-11-29T14:18:11.973",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "HAProxy before 2.8.2 accepts # as part of the URI component, which might allow remote attackers to obtain sensitive information or have unspecified other impact upon misinterpretation of a path_end rule, such as routing index.html#.png to a static server."
},
{
"lang": "es",
"value": "HAProxy anterior a 2.8.2 acepta # como parte del componente URI, lo que podr\u00eda permitir a atacantes remotos obtener informaci\u00f3n confidencial o tener otro impacto no especificado tras una mala interpretaci\u00f3n de una regla path_end, como enrutar index.html#.png a un servidor est\u00e1tico."
}
],
"metrics": {},

8
CVE-2023/CVE-2023-468xx/CVE-2023-46886.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-46886",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-11-29T05:15:07.863",
"lastModified": "2023-11-29T05:15:07.863",
"vulnStatus": "Received",
"lastModified": "2023-11-29T14:18:11.973",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Dreamer CMS before version 4.0.1 is vulnerable to Directory Traversal. Background template management allows arbitrary modification of the template file, allowing system sensitive files to be read."
},
{
"lang": "es",
"value": "Dreamer CMS anterior a la versi\u00f3n 4.0.1 es vulnerable a Directory Traversal. La gesti\u00f3n de plantillas en segundo plano permite la modificaci\u00f3n arbitraria del archivo de plantilla, lo que permite leer archivos confidenciales del sistema."
}
],
"metrics": {},

8
CVE-2023/CVE-2023-468xx/CVE-2023-46887.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-46887",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-11-29T05:15:07.980",
"lastModified": "2023-11-29T05:15:07.980",
"vulnStatus": "Received",
"lastModified": "2023-11-29T14:18:11.973",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "In Dreamer CMS before 4.0.1, the backend attachment management office has an Arbitrary File Download vulnerability."
},
{
"lang": "es",
"value": "En Dreamer CMS anterior a 4.0.1, la oficina de administraci\u00f3n de archivos adjuntos backend tiene una vulnerabilidad de descarga arbitraria de archivos."
}
],
"metrics": {},

8
CVE-2023/CVE-2023-469xx/CVE-2023-46944.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-46944",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-11-28T22:15:06.937",
"lastModified": "2023-11-28T22:15:06.937",
"vulnStatus": "Received",
"lastModified": "2023-11-29T14:18:11.973",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An issue in GitKraken GitLens before v.14.0.0 allows an attacker to execute arbitrary code via a crafted file to the Visual Studio Codes workspace trust component."
},
{
"lang": "es",
"value": "Un problema en GitKraken GitLens anterior a v.14.0.0 permite a un atacante ejecutar c\u00f3digo arbitrario a trav\u00e9s de un archivo manipulado en el componente de confianza del espacio de trabajo de Visual Studio Codes."
}
],
"metrics": {},

8
CVE-2023/CVE-2023-474xx/CVE-2023-47462.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-47462",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-11-29T05:15:08.033",
"lastModified": "2023-11-29T05:15:08.033",
"vulnStatus": "Received",
"lastModified": "2023-11-29T14:18:11.973",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Insecure Permissions vulnerability in GL.iNet AX1800 v.3.215 and before allows a remote attacker to execute arbitrary code via the file sharing function."
},
{
"lang": "es",
"value": "Vulnerabilidad de permisos inseguros en GL.iNet AX1800 v.3.215 y anteriores permite a un atacante remoto ejecutar c\u00f3digo arbitrario a trav\u00e9s de la funci\u00f3n de compartir archivos."
}
],
"metrics": {},

8
CVE-2023/CVE-2023-481xx/CVE-2023-48121.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-48121",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-11-28T19:15:07.340",
"lastModified": "2023-11-28T19:15:07.340",
"vulnStatus": "Received",
"lastModified": "2023-11-29T14:18:18.333",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An authentication bypass vulnerability in the Direct Connection Module in Ezviz CS-C6N-xxx prior to v5.3.x build 20230401, Ezviz CS-CV310-xxx prior to v5.3.x build 20230401, Ezviz CS-C6CN-xxx prior to v5.3.x build 20230401, Ezviz CS-C3N-xxx prior to v5.3.x build 20230401 allows remote attackers to obtain sensitive information by sending crafted messages to the affected devices."
},
{
"lang": "es",
"value": "Una vulnerabilidad de omisi\u00f3n de autenticaci\u00f3n en Direct Connection Module en Ezviz CS-C6N-xxx anterior a v5.3.x compilaci\u00f3n 20230401, Ezviz CS-CV310-xxx anterior a v5.3.x compilaci\u00f3n 20230401, Ezviz CS-C6CN-xxx anterior a v5.3.x compilaci\u00f3n 20230401, Ezviz CS-C3N-xxx anterior a v5.3.x compilaci\u00f3n 20230401 permite a atacantes remotos obtener informaci\u00f3n confidencial enviando mensajes manipulados a los dispositivos afectados."
}
],
"metrics": {},

8
CVE-2023/CVE-2023-481xx/CVE-2023-48193.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-48193",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-11-28T21:15:08.373",
"lastModified": "2023-11-28T21:15:08.373",
"vulnStatus": "Received",
"lastModified": "2023-11-29T14:18:11.973",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Insecure Permissions vulnerability in JumpServer GPLv3 v.3.8.0 allows a remote attacker to execute arbitrary code via bypassing the command filtering function."
},
{
"lang": "es",
"value": "La vulnerabilidad de permisos inseguros en JumpServer GPLv3 v.3.8.0 permite a un atacante remoto ejecutar c\u00f3digo arbitrario omitiendo la funci\u00f3n de filtrado de comandos."
}
],
"metrics": {},

8
CVE-2023/CVE-2023-490xx/CVE-2023-49078.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-49078",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-11-28T19:15:07.397",
"lastModified": "2023-11-28T19:15:07.397",
"vulnStatus": "Received",
"lastModified": "2023-11-29T14:18:18.333",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "raptor-web is a CMS for game server communities that can be used to host information and keep track of players. In version 0.4.4 of raptor-web, it is possible to craft a malicious URL that will result in a reflected cross-site scripting vulnerability. A user controlled URL parameter is loaded into an internal template that has autoescape disabled. This is a cross-site scripting vulnerability that affects all deployments of `raptor-web` on version `0.4.4`. Any victim who clicks on a malicious crafted link will be affected. This issue has been patched 0.4.4.1."
},
{
"lang": "es",
"value": "raptor-web es un CMS para comunidades de servidores de juegos que se puede utilizar para alojar informaci\u00f3n y realizar un seguimiento de los jugadores. En la versi\u00f3n 0.4.4 de raptor-web, es posible crear una URL maliciosa que dar\u00e1 como resultado una vulnerabilidad de cross-site scripting reflejado. Un par\u00e1metro de URL controlado por el usuario se carga en una plantilla interna que tiene el escape autom\u00e1tico deshabilitado. Esta es una vulnerabilidad de cross-site scripting que afecta a todas las implementaciones de \"raptor-web\" en la versi\u00f3n \"0.4.4\". Cualquier v\u00edctima que haga clic en un enlace malicioso se ver\u00e1 afectada. Este problema ha sido parcheado 0.4.4.1."
}
],
"metrics": {

8
CVE-2023/CVE-2023-490xx/CVE-2023-49092.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-49092",
"sourceIdentifier": "security-advisories@github.com",
"published": "2023-11-28T21:15:08.530",
"lastModified": "2023-11-28T21:15:08.530",
"vulnStatus": "Received",
"lastModified": "2023-11-29T14:18:11.973",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "RustCrypto/RSA is a portable RSA implementation in pure Rust. Due to a non-constant-time implementation, information about the private key is leaked through timing information which is observable over the network. An attacker may be able to use that information to recover the key. There is currently no fix available. As a workaround, avoid using the RSA crate in settings where attackers are able to observe timing information, e.g. local use on a non-compromised computer."
},
{
"lang": "es",
"value": "RustCrypto/RSA es una implementaci\u00f3n RSA port\u00e1til en Rust puro. Debido a una implementaci\u00f3n de tiempo no constante, la informaci\u00f3n sobre la clave privada se filtra a trav\u00e9s de informaci\u00f3n de tiempo que es observable en la red. Un atacante puede utilizar esa informaci\u00f3n para recuperar la clave. Actualmente no hay ninguna soluci\u00f3n disponible. Como workaround, evite utilizar la caja RSA en entornos donde los atacantes puedan observar informaci\u00f3n de tiempo, por ejemplo, el uso local en una maquina no comprometida."
}
],
"metrics": {

20
CVE-2023/CVE-2023-496xx/CVE-2023-49652.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-49652",
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"published": "2023-11-29T14:15:07.460",
"lastModified": "2023-11-29T14:18:05.687",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Incorrect permission checks in Jenkins Google Compute Engine Plugin 4.550.vb_327fca_3db_11 and earlier allow attackers with global Item/Configure permission (while lacking Item/Configure permission on any particular job) to enumerate system-scoped credentials IDs of credentials stored in Jenkins and to connect to Google Cloud Platform using attacker-specified credentials IDs obtained through another method, to obtain information about existing projects. This fix has been backported to 4.3.17.1."
}
],
"metrics": {},
"references": [
{
"url": "https://www.jenkins.io/security/advisory/2023-11-29/#SECURITY-2835",
"source": "jenkinsci-cert@googlegroups.com"
}
]
}

20
CVE-2023/CVE-2023-496xx/CVE-2023-49653.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-49653",
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"published": "2023-11-29T14:15:07.527",
"lastModified": "2023-11-29T14:18:05.687",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Jenkins Jira Plugin 3.11 and earlier does not set the appropriate context for credentials lookup, allowing attackers with Item/Configure permission to access and capture credentials they are not entitled to."
}
],
"metrics": {},
"references": [
{
"url": "https://www.jenkins.io/security/advisory/2023-11-29/#SECURITY-3225",
"source": "jenkinsci-cert@googlegroups.com"
}
]
}

20
CVE-2023/CVE-2023-496xx/CVE-2023-49654.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-49654",
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"published": "2023-11-29T14:15:07.570",
"lastModified": "2023-11-29T14:18:05.687",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Missing permission checks in Jenkins MATLAB Plugin 2.11.0 and earlier allow attackers to have Jenkins parse an XML file from the Jenkins controller file system."
}
],
"metrics": {},
"references": [
{
"url": "https://www.jenkins.io/security/advisory/2023-11-29/#SECURITY-3193",
"source": "jenkinsci-cert@googlegroups.com"
}
]
}

20
CVE-2023/CVE-2023-496xx/CVE-2023-49655.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-49655",
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"published": "2023-11-29T14:15:07.617",
"lastModified": "2023-11-29T14:18:05.687",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A cross-site request forgery (CSRF) vulnerability in Jenkins MATLAB Plugin 2.11.0 and earlier allows attackers to have Jenkins parse an XML file from the Jenkins controller file system."
}
],
"metrics": {},
"references": [
{
"url": "https://www.jenkins.io/security/advisory/2023-11-29/#SECURITY-3193",
"source": "jenkinsci-cert@googlegroups.com"
}
]
}

20
CVE-2023/CVE-2023-496xx/CVE-2023-49656.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-49656",
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"published": "2023-11-29T14:15:07.667",
"lastModified": "2023-11-29T14:18:05.687",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Jenkins MATLAB Plugin 2.11.0 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks."
}
],
"metrics": {},
"references": [
{
"url": "https://www.jenkins.io/security/advisory/2023-11-29/#SECURITY-3193",
"source": "jenkinsci-cert@googlegroups.com"
}
]
}

20
CVE-2023/CVE-2023-496xx/CVE-2023-49673.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-49673",
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"published": "2023-11-29T14:15:07.707",
"lastModified": "2023-11-29T14:18:05.687",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A cross-site request forgery (CSRF) vulnerability in Jenkins NeuVector Vulnerability Scanner Plugin 1.22 and earlier allows attackers to connect to an attacker-specified hostname and port using attacker-specified username and password."
}
],
"metrics": {},
"references": [
{
"url": "https://www.jenkins.io/security/advisory/2023-11-29/#SECURITY-3256",
"source": "jenkinsci-cert@googlegroups.com"
}
]
}

20
CVE-2023/CVE-2023-496xx/CVE-2023-49674.json Normal file
View File

@ -0,0 +1,20 @@
{
"id": "CVE-2023-49674",
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"published": "2023-11-29T14:15:07.750",
"lastModified": "2023-11-29T14:18:05.687",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A missing permission check in Jenkins NeuVector Vulnerability Scanner Plugin 1.22 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified hostname and port using attacker-specified username and password."
}
],
"metrics": {},
"references": [
{
"url": "https://www.jenkins.io/security/advisory/2023-11-29/#SECURITY-3256",
"source": "jenkinsci-cert@googlegroups.com"
}
]
}

8
CVE-2023/CVE-2023-60xx/CVE-2023-6070.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-6070",
"sourceIdentifier": "trellixpsirt@trellix.com",
"published": "2023-11-29T09:15:21.877",
"lastModified": "2023-11-29T09:15:21.877",
"vulnStatus": "Received",
"lastModified": "2023-11-29T14:18:05.687",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "\nA server-side request forgery vulnerability in ESM prior to version 11.6.8 allows a low privileged authenticated user to upload arbitrary content, potentially altering configuration. This is possible through the certificate validation functionality where the API accepts uploaded content and doesn't parse for invalid data\n\n"
},
{
"lang": "es",
"value": "Una vulnerabilidad de server-side request forgery en ESM anterior a la versi\u00f3n 11.6.8 permite que un usuario autenticado con pocos privilegios cargue contenido arbitrario, alterando potencialmente la configuraci\u00f3n. Esto es posible a trav\u00e9s de la funcionalidad de validaci\u00f3n de certificados donde la API acepta contenido cargado y no analiza datos no v\u00e1lidos."
}
],
"metrics": {

8
CVE-2023/CVE-2023-62xx/CVE-2023-6239.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-6239",
"sourceIdentifier": "security@m-files.com",
"published": "2023-11-28T14:15:07.697",
"lastModified": "2023-11-28T18:29:23.617",
"lastModified": "2023-11-29T14:15:07.793",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Improperly calculated effective permissions in M-Files Server versions 23.9 and 23.10 and 23.11 before\u00a023.11.13168.7 could produce a faulty result if an object used a specific configuration of metadata-driven permissions.\n"
"value": "Under rare conditions, the effective permissions of an object might be incorrectly calculated if the object has a specific configuration of metadata-driven permissions in M-Files Server versions 23.9 and 23.10 and 23.11 before 23.11.13168.7 allowing user to access object with incorrectly calculated privileges.\n"
},
{
"lang": "es",
"value": "Los permisos efectivos calculados incorrectamente en las versiones 23.9 y 23.10 y 23.11 anteriores a 23.11.13168.7 de M-Files Server podr\u00edan producir un resultado defectuoso si un objeto usaba una configuraci\u00f3n espec\u00edfica de permisos basados en metadatos."
}
],
"metrics": {

4
CVE-2023/CVE-2023-63xx/CVE-2023-6345.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6345",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-11-29T12:15:07.077",
"lastModified": "2023-11-29T12:15:07.077",
"vulnStatus": "Received",
"lastModified": "2023-11-29T14:18:05.687",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-63xx/CVE-2023-6346.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6346",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-11-29T12:15:07.310",
"lastModified": "2023-11-29T12:15:07.310",
"vulnStatus": "Received",
"lastModified": "2023-11-29T14:18:05.687",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-63xx/CVE-2023-6347.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6347",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-11-29T12:15:07.357",
"lastModified": "2023-11-29T12:15:07.357",
"vulnStatus": "Received",
"lastModified": "2023-11-29T14:18:05.687",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-63xx/CVE-2023-6348.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6348",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-11-29T12:15:07.403",
"lastModified": "2023-11-29T12:15:07.403",
"vulnStatus": "Received",
"lastModified": "2023-11-29T14:18:05.687",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-63xx/CVE-2023-6350.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6350",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-11-29T12:15:07.450",
"lastModified": "2023-11-29T12:15:07.450",
"vulnStatus": "Received",
"lastModified": "2023-11-29T14:18:05.687",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-63xx/CVE-2023-6351.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6351",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-11-29T12:15:07.497",
"lastModified": "2023-11-29T12:15:07.497",
"vulnStatus": "Received",
"lastModified": "2023-11-29T14:18:05.687",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-63xx/CVE-2023-6378.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-6378",
"sourceIdentifier": "vulnerability@ncsc.ch",
"published": "2023-11-29T12:15:07.543",
"lastModified": "2023-11-29T12:15:07.543",
"vulnStatus": "Received",
"lastModified": "2023-11-29T14:18:05.687",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

50
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-11-29T13:00:18.809429+00:00
2023-11-29T15:00:18.644969+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-11-29T12:15:07.543000+00:00
2023-11-29T14:18:18.333000+00:00
```
### Last Data Feed Release
@ -29,26 +29,52 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
231680
231688
```
### CVEs added in the last Commit
Recently added CVEs: `7`
Recently added CVEs: `8`
* [CVE-2023-6345](CVE-2023/CVE-2023-63xx/CVE-2023-6345.json) (`2023-11-29T12:15:07.077`)
* [CVE-2023-6346](CVE-2023/CVE-2023-63xx/CVE-2023-6346.json) (`2023-11-29T12:15:07.310`)
* [CVE-2023-6347](CVE-2023/CVE-2023-63xx/CVE-2023-6347.json) (`2023-11-29T12:15:07.357`)
* [CVE-2023-6348](CVE-2023/CVE-2023-63xx/CVE-2023-6348.json) (`2023-11-29T12:15:07.403`)
* [CVE-2023-6350](CVE-2023/CVE-2023-63xx/CVE-2023-6350.json) (`2023-11-29T12:15:07.450`)
* [CVE-2023-6351](CVE-2023/CVE-2023-63xx/CVE-2023-6351.json) (`2023-11-29T12:15:07.497`)
* [CVE-2023-6378](CVE-2023/CVE-2023-63xx/CVE-2023-6378.json) (`2023-11-29T12:15:07.543`)
* [CVE-2023-40626](CVE-2023/CVE-2023-406xx/CVE-2023-40626.json) (`2023-11-29T13:15:07.123`)
* [CVE-2023-49652](CVE-2023/CVE-2023-496xx/CVE-2023-49652.json) (`2023-11-29T14:15:07.460`)
* [CVE-2023-49653](CVE-2023/CVE-2023-496xx/CVE-2023-49653.json) (`2023-11-29T14:15:07.527`)
* [CVE-2023-49654](CVE-2023/CVE-2023-496xx/CVE-2023-49654.json) (`2023-11-29T14:15:07.570`)
* [CVE-2023-49655](CVE-2023/CVE-2023-496xx/CVE-2023-49655.json) (`2023-11-29T14:15:07.617`)
* [CVE-2023-49656](CVE-2023/CVE-2023-496xx/CVE-2023-49656.json) (`2023-11-29T14:15:07.667`)
* [CVE-2023-49673](CVE-2023/CVE-2023-496xx/CVE-2023-49673.json) (`2023-11-29T14:15:07.707`)
* [CVE-2023-49674](CVE-2023/CVE-2023-496xx/CVE-2023-49674.json) (`2023-11-29T14:15:07.750`)
### CVEs modified in the last Commit
Recently modified CVEs: `0`
Recently modified CVEs: `36`
* [CVE-2023-6351](CVE-2023/CVE-2023-63xx/CVE-2023-6351.json) (`2023-11-29T14:18:05.687`)
* [CVE-2023-6378](CVE-2023/CVE-2023-63xx/CVE-2023-6378.json) (`2023-11-29T14:18:05.687`)
* [CVE-2023-30588](CVE-2023/CVE-2023-305xx/CVE-2023-30588.json) (`2023-11-29T14:18:11.973`)
* [CVE-2023-30590](CVE-2023/CVE-2023-305xx/CVE-2023-30590.json) (`2023-11-29T14:18:11.973`)
* [CVE-2023-45539](CVE-2023/CVE-2023-455xx/CVE-2023-45539.json) (`2023-11-29T14:18:11.973`)
* [CVE-2023-29061](CVE-2023/CVE-2023-290xx/CVE-2023-29061.json) (`2023-11-29T14:18:11.973`)
* [CVE-2023-29062](CVE-2023/CVE-2023-290xx/CVE-2023-29062.json) (`2023-11-29T14:18:11.973`)
* [CVE-2023-29063](CVE-2023/CVE-2023-290xx/CVE-2023-29063.json) (`2023-11-29T14:18:11.973`)
* [CVE-2023-29064](CVE-2023/CVE-2023-290xx/CVE-2023-29064.json) (`2023-11-29T14:18:11.973`)
* [CVE-2023-29065](CVE-2023/CVE-2023-290xx/CVE-2023-29065.json) (`2023-11-29T14:18:11.973`)
* [CVE-2023-29066](CVE-2023/CVE-2023-290xx/CVE-2023-29066.json) (`2023-11-29T14:18:11.973`)
* [CVE-2023-48193](CVE-2023/CVE-2023-481xx/CVE-2023-48193.json) (`2023-11-29T14:18:11.973`)
* [CVE-2023-49092](CVE-2023/CVE-2023-490xx/CVE-2023-49092.json) (`2023-11-29T14:18:11.973`)
* [CVE-2023-46944](CVE-2023/CVE-2023-469xx/CVE-2023-46944.json) (`2023-11-29T14:18:11.973`)
* [CVE-2023-23324](CVE-2023/CVE-2023-233xx/CVE-2023-23324.json) (`2023-11-29T14:18:11.973`)
* [CVE-2023-23325](CVE-2023/CVE-2023-233xx/CVE-2023-23325.json) (`2023-11-29T14:18:11.973`)
* [CVE-2023-24294](CVE-2023/CVE-2023-242xx/CVE-2023-24294.json) (`2023-11-29T14:18:11.973`)
* [CVE-2023-46886](CVE-2023/CVE-2023-468xx/CVE-2023-46886.json) (`2023-11-29T14:18:11.973`)
* [CVE-2023-46887](CVE-2023/CVE-2023-468xx/CVE-2023-46887.json) (`2023-11-29T14:18:11.973`)
* [CVE-2023-47462](CVE-2023/CVE-2023-474xx/CVE-2023-47462.json) (`2023-11-29T14:18:11.973`)
* [CVE-2023-45479](CVE-2023/CVE-2023-454xx/CVE-2023-45479.json) (`2023-11-29T14:18:11.973`)
* [CVE-2023-45480](CVE-2023/CVE-2023-454xx/CVE-2023-45480.json) (`2023-11-29T14:18:11.973`)
* [CVE-2023-48121](CVE-2023/CVE-2023-481xx/CVE-2023-48121.json) (`2023-11-29T14:18:18.333`)
* [CVE-2023-49078](CVE-2023/CVE-2023-490xx/CVE-2023-49078.json) (`2023-11-29T14:18:18.333`)
* [CVE-2023-29060](CVE-2023/CVE-2023-290xx/CVE-2023-29060.json) (`2023-11-29T14:18:18.333`)
## Download and Usage