admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2023-10-04T14:00:25.112883+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2023-10-04 14:00:28 +00:00
parent 6ea8de774b
commit a04b1d9e5a
69 changed files with 1853 additions and 138 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
CVE-2022/CVE-2022-224xx/CVE-2022-22447.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-22447",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-10-04T00:15:11.293",
"lastModified": "2023-10-04T00:15:11.293",
"vulnStatus": "Received",
"lastModified": "2023-10-04T12:56:10.477",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

47
CVE-2022/CVE-2022-41xx/CVE-2022-4132.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2022-4132",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-10-04T12:15:10.230",
"lastModified": "2023-10-04T12:56:02.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in JSS. A memory leak in JSS requires non-standard configuration but is a low-effort DoS vector if configured that way (repeatedly hitting the login page)."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secalert@redhat.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6
}
]
},
"references": [
{
"url": "https://access.redhat.com/security/cve/CVE-2022-4132",
"source": "secalert@redhat.com"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2147372",
"source": "secalert@redhat.com"
}
]
}

4
CVE-2023/CVE-2023-15xx/CVE-2023-1584.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-1584",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-10-04T11:15:09.770",
"lastModified": "2023-10-04T11:15:09.770",
"vulnStatus": "Received",
"lastModified": "2023-10-04T12:56:06.920",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

47
CVE-2023/CVE-2023-226xx/CVE-2023-22618.json Normal file
View File

@ -0,0 +1,47 @@
{
"id": "CVE-2023-22618",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-04T12:15:10.300",
"lastModified": "2023-10-04T12:56:02.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "If Security Hardening guide rules are not followed, then Nokia WaveLite products allow a local user to create new users with administrative privileges by manipulating a web request. This affects (for example) WaveLite Metro 200 and Fan, WaveLite Metro 200 OPS and Fans, WaveLite Metro 200 and F2B fans, WaveLite Metro 200 OPS and F2B fans, WaveLite Metro 200 NE and F2B fans, and WaveLite Metro 200 NE OPS and F2B fans."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@mitre.org",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.4,
"impactScore": 6.0
}
]
},
"references": [
{
"url": "https://nokia.com",
"source": "cve@mitre.org"
},
{
"url": "https://www.nokia.com/about-us/security-and-privacy/product-security-advisory/cve-2023-22618/",
"source": "cve@mitre.org"
}
]
}

4
CVE-2023/CVE-2023-24xx/CVE-2023-2422.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2422",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-10-04T11:15:10.157",
"lastModified": "2023-10-04T11:15:10.157",
"vulnStatus": "Received",
"lastModified": "2023-10-04T12:56:02.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-254xx/CVE-2023-25489.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-25489",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-10-04T11:15:09.917",
"lastModified": "2023-10-04T11:15:09.917",
"vulnStatus": "Received",
"lastModified": "2023-10-04T12:56:02.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-257xx/CVE-2023-25788.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-25788",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-10-04T11:15:09.997",
"lastModified": "2023-10-04T11:15:09.997",
"vulnStatus": "Received",
"lastModified": "2023-10-04T12:56:02.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-259xx/CVE-2023-25980.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-25980",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-10-04T11:15:10.077",
"lastModified": "2023-10-04T11:15:10.077",
"vulnStatus": "Received",
"lastModified": "2023-10-04T12:56:02.103",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-28xx/CVE-2023-2809.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-2809",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2023-10-04T11:15:10.223",
"lastModified": "2023-10-04T11:15:10.223",
"vulnStatus": "Received",
"lastModified": "2023-10-04T12:56:02.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-306xx/CVE-2023-30690.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30690",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2023-10-04T04:15:12.297",
"lastModified": "2023-10-04T04:15:12.297",
"vulnStatus": "Received",
"lastModified": "2023-10-04T12:56:06.920",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-306xx/CVE-2023-30692.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-30692",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2023-10-04T04:15:12.537",
"lastModified": "2023-10-04T04:15:12.537",
"vulnStatus": "Received",
"lastModified": "2023-10-04T12:56:06.920",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

8
CVE-2023/CVE-2023-307xx/CVE-2023-30727.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-30727",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2023-10-04T04:15:12.687",
"lastModified": "2023-10-04T04:15:12.687",
"vulnStatus": "Received",
"lastModified": "2023-10-04T12:56:06.920",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Improper access control vulnerability in SecSettings prior to SMR Oct-2023 Release 1 allows attackers to enable Wi-Fi and connect arbitrary Wi-Fi without User Interaction."
},
{
"lang": "es",
"value": "Una vulnerabilidad de control de acceso inadecuado en SecSettings anterior a SMR Oct-2023 Release 1 permite a los atacantes habilitar Wi-Fi y conectar Wi-Fi arbitrario sin interacci\u00f3n del usuario."
}
],
"metrics": {

8
CVE-2023/CVE-2023-307xx/CVE-2023-30731.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-30731",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2023-10-04T04:15:12.777",
"lastModified": "2023-10-04T04:15:12.777",
"vulnStatus": "Received",
"lastModified": "2023-10-04T12:56:06.920",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Logic error in package installation via debugger command prior to SMR Oct-2023 Release 1 allows physical attacker to install an application that has different build type."
},
{
"lang": "es",
"value": "Un error l\u00f3gico en la instalaci\u00f3n del paquete mediante el comando del depurador anterior a SMR Oct-2023 Release 1 permite a un atacante f\u00edsico instalar una aplicaci\u00f3n que tiene un tipo de compilaci\u00f3n diferente."
}
],
"metrics": {

8
CVE-2023/CVE-2023-307xx/CVE-2023-30732.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-30732",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2023-10-04T04:15:12.940",
"lastModified": "2023-10-04T04:15:12.940",
"vulnStatus": "Received",
"lastModified": "2023-10-04T12:56:06.920",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Improper access control in system property prior to SMR Oct-2023 Release 1 allows local attacker to get CPU serial number."
},
{
"lang": "es",
"value": "El control de acceso inadecuado en la propiedad del sistema antes de SMR Oct-2023 Release 1 permite a un atacante local obtener el n\u00famero de serie de la CPU."
}
],
"metrics": {

8
CVE-2023/CVE-2023-307xx/CVE-2023-30733.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-30733",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2023-10-04T04:15:13.030",
"lastModified": "2023-10-04T04:15:13.030",
"vulnStatus": "Received",
"lastModified": "2023-10-04T12:56:06.920",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Stack-based Buffer Overflow in vulnerability HDCP trustlet prior to SMR Oct-2023 Release 1 allows attacker to perform code execution."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en la vulnerabilidad HDCP trustlet anterior a SMR Oct-2023 Release 1, permite al atacante realizar la ejecuci\u00f3n de c\u00f3digo."
}
],
"metrics": {

8
CVE-2023/CVE-2023-307xx/CVE-2023-30734.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-30734",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2023-10-04T04:15:13.127",
"lastModified": "2023-10-04T04:15:13.127",
"vulnStatus": "Received",
"lastModified": "2023-10-04T12:56:06.920",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Improper access control vulnerability in Samsung Health prior to version 6.24.3.007 allows attackers to access sensitive information via implicit intent."
},
{
"lang": "es",
"value": "Una vulnerabilidad de control de acceso inadecuado en Samsung Health anterior a la versi\u00f3n 6.24.3.007 permite a los atacantes acceder a informaci\u00f3n confidencial mediante una intenci\u00f3n impl\u00edcita."
}
],
"metrics": {

8
CVE-2023/CVE-2023-307xx/CVE-2023-30735.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-30735",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2023-10-04T04:15:13.380",
"lastModified": "2023-10-04T04:15:13.380",
"vulnStatus": "Received",
"lastModified": "2023-10-04T12:56:06.920",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Improper Preservation of Permissions vulnerability in SAssistant prior to version 8.7 allows local attackers to access backup data in SAssistant."
},
{
"lang": "es",
"value": "La vulnerabilidad de preservaci\u00f3n inadecuada de permisos en SAssistant anterior a la versi\u00f3n 8.7 permite a atacantes locales acceder a datos de respaldo en SAssistant."
}
],
"metrics": {

8
CVE-2023/CVE-2023-307xx/CVE-2023-30736.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-30736",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2023-10-04T04:15:13.550",
"lastModified": "2023-10-04T04:15:13.550",
"vulnStatus": "Received",
"lastModified": "2023-10-04T12:56:06.920",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
"lang": "en",
"value": "Improper authorization in PushMsgReceiver of Samsung Assistant prior to version 8.7.00.1 allows attacker to execute javascript interface. To trigger this vulnerability, user interaction is required."
},
{
"lang": "es",
"value": "La autorizaci\u00f3n inadecuada en PushMsgReceiver de Samsung Assistant anterior a la versi\u00f3n 8.7.00.1 permite al atacante ejecutar la interfaz javascript. Para desencadenar esta vulnerabilidad, se requiere la interacci\u00f3n del usuario."
}
],
"metrics": {

8
CVE-2023/CVE-2023-307xx/CVE-2023-30737.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-30737",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2023-10-04T04:15:13.647",
"lastModified": "2023-10-04T04:15:13.647",
"vulnStatus": "Received",
"lastModified": "2023-10-04T12:56:06.920",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Improper access control vulnerability in Samsung Health prior to version 6.24.3.007 allows attackers to access sensitive information via implicit intent."
},
{
"lang": "es",
"value": "Una vulnerabilidad de control de acceso inadecuado en Samsung Health anterior a la versi\u00f3n 6.24.3.007 permite a los atacantes acceder a informaci\u00f3n confidencial mediante una intenci\u00f3n impl\u00edcita."
}
],
"metrics": {

8
CVE-2023/CVE-2023-307xx/CVE-2023-30738.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-30738",
"sourceIdentifier": "mobile.security@samsung.com",
"published": "2023-10-04T04:15:13.733",
"lastModified": "2023-10-04T04:15:13.733",
"vulnStatus": "Received",
"lastModified": "2023-10-04T12:56:06.920",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An improper input validation in UEFI Firmware prior to Firmware update Oct-2023 Release in Galaxy Book, Galaxy Book Pro, Galaxy Book Pro 360 and Galaxy Book Odyssey allows local attacker to execute SMM memory corruption."
},
{
"lang": "es",
"value": "Una validaci\u00f3n de entrada incorrecta en el firmware UEFI antes del lanzamiento de la actualizaci\u00f3n de firmware de octubre de 2023 en Galaxy Book, Galaxy Book Pro, Galaxy Book Pro 360 y Galaxy Book Odyssey permite a un atacante local ejecutar corrupci\u00f3n de memoria SMM."
}
],
"metrics": {

55
CVE-2023/CVE-2023-30xx/CVE-2023-3037.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-3037",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2023-10-04T12:15:10.373",
"lastModified": "2023-10-04T12:56:02.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Improper authorization vulnerability in HelpDezk Community affecting version 1.1.10. This vulnerability could allow a remote attacker to access the platform without authentication and retrieve personal data via the jsonGrid parameter."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 8.6,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 4.7
}
]
},
"weaknesses": [
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-285"
}
]
}
],
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-helpdezk-community",
"source": "cve-coordination@incibe.es"
}
]
}

55
CVE-2023/CVE-2023-30xx/CVE-2023-3038.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-3038",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2023-10-04T12:15:10.437",
"lastModified": "2023-10-04T12:56:02.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in HelpDezk Community affecting version 1.1.10. This vulnerability could allow a remote attacker to send a specially crafted SQL query to the rows parameter of the jsonGrid route and extract all the information stored in the application."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-helpdezk-community",
"source": "cve-coordination@incibe.es"
}
]
}

63
CVE-2023/CVE-2023-31xx/CVE-2023-3153.json Normal file
View File

@ -0,0 +1,63 @@
{
"id": "CVE-2023-3153",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-10-04T12:15:10.503",
"lastModified": "2023-10-04T12:56:02.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in Open Virtual Network where the service monitor MAC does not properly rate limit. This issue could allow an attacker to cause a denial of service, including on deployments with CoPP enabled and properly configured."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secalert@redhat.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"references": [
{
"url": "https://access.redhat.com/security/cve/CVE-2023-3153",
"source": "secalert@redhat.com"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2213279",
"source": "secalert@redhat.com"
},
{
"url": "https://github.com/ovn-org/ovn/commit/9a3f7ed905e525ebdcb14541e775211cbb0203bd",
"source": "secalert@redhat.com"
},
{
"url": "https://github.com/ovn-org/ovn/issues/198",
"source": "secalert@redhat.com"
},
{
"url": "https://mail.openvswitch.org/pipermail/ovs-announce/2023-August/000327.html",
"source": "secalert@redhat.com"
},
{
"url": "https://mail.openvswitch.org/pipermail/ovs-dev/2023-August/407553.html",
"source": "secalert@redhat.com"
}
]
}

4
CVE-2023/CVE-2023-32xx/CVE-2023-3213.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3213",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-10-04T02:15:09.990",
"lastModified": "2023-10-04T02:15:09.990",
"vulnStatus": "Received",
"lastModified": "2023-10-04T12:56:10.477",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
"lang": "en",

51
CVE-2023/CVE-2023-33xx/CVE-2023-3361.json Normal file
View File

@ -0,0 +1,51 @@
{
"id": "CVE-2023-3361",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-10-04T12:15:10.567",
"lastModified": "2023-10-04T12:56:02.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in Red Hat OpenShift Data Science. When exporting a pipeline from the Elyra notebook pipeline editor as Python DSL or YAML, it reads S3 credentials from the cluster (ds pipeline server) and saves them in plain text in the generated output instead of an ID for a Kubernetes secret."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secalert@redhat.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.1,
"impactScore": 4.0
}
]
},
"references": [
{
"url": "https://access.redhat.com/security/cve/CVE-2023-3361",
"source": "secalert@redhat.com"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2216588",
"source": "secalert@redhat.com"
},
{
"url": "https://github.com/opendatahub-io/odh-dashboard/issues/1415",
"source": "secalert@redhat.com"
}
]
}

4
CVE-2023/CVE-2023-359xx/CVE-2023-35905.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-35905",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-10-04T01:15:50.950",
"lastModified": "2023-10-04T01:15:50.950",
"vulnStatus": "Received",
"lastModified": "2023-10-04T12:56:10.477",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-35xx/CVE-2023-3512.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3512",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2023-10-04T11:15:10.363",
"lastModified": "2023-10-04T11:15:10.363",
"vulnStatus": "Received",
"lastModified": "2023-10-04T12:56:02.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-374xx/CVE-2023-37404.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-37404",
"sourceIdentifier": "psirt@us.ibm.com",
"published": "2023-10-04T02:15:09.923",
"lastModified": "2023-10-04T02:15:09.923",
"vulnStatus": "Received",
"lastModified": "2023-10-04T12:56:10.477",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-379xx/CVE-2023-37995.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-37995",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-10-04T11:15:10.297",
"lastModified": "2023-10-04T11:15:10.297",
"vulnStatus": "Received",
"lastModified": "2023-10-04T12:56:02.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-37xx/CVE-2023-3701.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-3701",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2023-10-04T11:15:10.430",
"lastModified": "2023-10-04T11:15:10.430",
"vulnStatus": "Received",
"lastModified": "2023-10-04T12:56:02.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

60
CVE-2023/CVE-2023-37xx/CVE-2023-3744.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-3744",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2023-10-02T14:15:09.933",
"lastModified": "2023-10-02T14:17:10.307",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-04T13:41:29.220",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Server-Side Request Forgery vulnerability in SLims version 9.6.0. This vulnerability could allow an authenticated attacker to send requests to internal services or upload the contents of relevant files via the \"scrape_image.php\" file in the imageURL parameter."
},
{
"lang": "es",
"value": "Vulnerabilidad de Server-Side Request Forgery en SLims versi\u00f3n 9.6.0. Esta vulnerabilidad podr\u00eda permitir a un atacante autenticado enviar solicitudes a servicios internos o cargar el contenido de archivos relevantes a trav\u00e9s del archivo \"scrape_image.php\" en el par\u00e1metro imageURL."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
},
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
@ -35,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-918"
}
]
},
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
@ -46,10 +80,30 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:slims:senayan_library_management_system:9.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A0052847-E586-4A78-B302-56F673BA67EC"
}
]
}
]
}
],
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/server-side-request-forgery-slims",
"source": "cve-coordination@incibe.es"
"source": "cve-coordination@incibe.es",
"tags": [
"Third Party Advisory"
]
}
]
}

82
CVE-2023/CVE-2023-37xx/CVE-2023-3769.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-3769",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2023-10-02T14:15:10.017",
"lastModified": "2023-10-02T14:17:10.307",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-04T13:16:45.607",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Incorrect data input validation vulnerability, which could allow an attacker with access to the network to implement fuzzing techniques that would allow him to gain knowledge about specially crafted packets that would create a DoS condition through the MMS protocol when initiating communication, achieving a complete system reboot of the device and its services."
},
{
"lang": "es",
"value": "Vulnerabilidad de validaci\u00f3n de entrada de datos incorrecta, que podr\u00eda permitir a un atacante con acceso a la red implementar t\u00e9cnicas de fuzzing que le permitir\u00edan obtener conocimiento sobre paquetes especialmente manipulados que crear\u00edan una condici\u00f3n DoS a trav\u00e9s del protocolo MMS al iniciar la comunicaci\u00f3n, logrando un reinicio completo del sistema del dispositivo y sus servicios."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
@ -35,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
@ -46,10 +80,52 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:ingeteam:ingepac_fc5066_firmware:5.3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9A2AF8E2-4307-4EED-8953-C7B399A9400B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:ingeteam:ingepac_fc5066_firmware:6.1.1.22:*:*:*:*:*:*:*",
"matchCriteriaId": "F9C6C5FB-751D-40C5-96BB-C4BAB5A240A2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:ingeteam:ingepac_fc5066_firmware:9.0.22.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F1696356-ED01-4C18-B22C-89743EAF3CD9"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:ingeteam:ingepac_fc5066:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DB41D719-A8E1-4D91-8998-FF36D7E5D5FF"
}
]
}
]
}
],
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso-sci/multiple-vulnerabilities-ingeteam-products",
"source": "cve-coordination@incibe.es"
"source": "cve-coordination@incibe.es",
"tags": [
"Third Party Advisory"
]
}
]
}

55
CVE-2023/CVE-2023-40xx/CVE-2023-4037.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-4037",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2023-10-04T12:15:10.733",
"lastModified": "2023-10-04T12:56:02.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Blind SQL injection vulnerability in the Conacwin 3.7.1.2 web interface, the exploitation of which could allow a local attacker to obtain sensitive data stored in the database by sending a specially crafted SQL query to the xml parameter."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.1,
"impactScore": 6.0
}
]
},
"weaknesses": [
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/sql-injection-setelsa-security-conacwin",
"source": "cve-coordination@incibe.es"
}
]
}

55
CVE-2023/CVE-2023-40xx/CVE-2023-4090.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-4090",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2023-10-04T12:15:10.800",
"lastModified": "2023-10-04T12:56:02.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Cross-site Scripting (XSS) reflected vulnerability on WideStand until 5.3.5 version, which generates one of the meta tags directly using the content of the queried URL, which would allow an attacker to inject HTML/Javascript code into the response."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/cross-site-scripting-xss-vulnerability-widestand-cms-acilia",
"source": "cve-coordination@incibe.es"
}
]
}

47
CVE-2023/CVE-2023-418xx/CVE-2023-41800.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-41800",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-10-02T09:15:11.890",
"lastModified": "2023-10-02T12:57:39.087",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-04T13:24:01.053",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -50,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:uniconsent:cmp_for_gdpr_cpra_gpp_tcf:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.4.2",
"matchCriteriaId": "060A6BCF-01DB-4364-88C6-DBC69743C6E0"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/uniconsent-cmp/wordpress-uniconsent-cookie-consent-cmp-for-gdpr-ccpa-plugin-1-4-2-cross-site-scripting-xss?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-418xx/CVE-2023-41847.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-41847",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-10-02T09:15:11.967",
"lastModified": "2023-10-02T12:57:39.087",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-04T13:26:01.997",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -50,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:wensolutions:notice_bar:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "3.1.0",
"matchCriteriaId": "6088CFEB-4519-44E0-861B-3C43D6362444"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/notice-bar/wordpress-notice-bar-plugin-3-1-0-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-418xx/CVE-2023-41855.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-41855",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-10-02T09:15:12.043",
"lastModified": "2023-10-02T12:57:39.087",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-04T13:30:41.403",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -50,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:regpacks:regpack:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "0.1",
"matchCriteriaId": "4DA5DC5F-E137-40DD-931B-78D5E4BE7C9D"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/regpack/wordpress-regpack-plugin-0-1-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

36
CVE-2023/CVE-2023-432xx/CVE-2023-43261.json Normal file
View File

@ -0,0 +1,36 @@
{
"id": "CVE-2023-43261",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-10-04T12:15:10.627",
"lastModified": "2023-10-04T12:56:02.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "An information disclosure in Milesight UR5X, UR32L, UR32, UR35, UR41 before v35.3.0.7 allows attackers to access sensitive router components."
}
],
"metrics": {},
"references": [
{
"url": "http://milesight.com",
"source": "cve@mitre.org"
},
{
"url": "http://ur5x.com",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/win3zz/CVE-2023-43261",
"source": "cve@mitre.org"
},
{
"url": "https://medium.com/@win3zz/inside-the-router-how-i-accessed-industrial-routers-and-reported-the-flaws-29c34213dfdf",
"source": "cve@mitre.org"
},
{
"url": "https://support.milesight-iot.com/support/home",
"source": "cve@mitre.org"
}
]
}

55
CVE-2023/CVE-2023-442xx/CVE-2023-44208.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-44208",
"sourceIdentifier": "security@acronis.com",
"published": "2023-10-04T12:15:10.670",
"lastModified": "2023-10-04T12:56:02.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40713."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "security@acronis.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security@acronis.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://security-advisory.acronis.com/advisories/SEC-6587",
"source": "security@acronis.com"
}
]
}

47
CVE-2023/CVE-2023-442xx/CVE-2023-44228.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-44228",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-10-02T11:15:50.317",
"lastModified": "2023-10-02T12:57:34.287",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-04T13:36:47.173",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -50,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gopiplus:onclick_show_popup:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "8.1",
"matchCriteriaId": "6E5B23B2-8401-45F5-96D8-4BBC509FFC65"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/onclick-show-popup/wordpress-onclick-show-popup-plugin-8-1-cross-site-scripting-xss?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-442xx/CVE-2023-44230.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-44230",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-10-02T11:15:50.393",
"lastModified": "2023-10-02T12:57:34.287",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-04T13:37:30.187",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -50,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gopiplus:popup_contact_form:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "7.1",
"matchCriteriaId": "576E6D3C-94B6-4738-B1B0-0706E23DDA50"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/popup-contact-form/wordpress-popup-contact-form-plugin-7-1-cross-site-scripting-xss-2?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-442xx/CVE-2023-44239.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-44239",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-10-02T10:15:12.877",
"lastModified": "2023-10-02T12:57:34.287",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-04T12:04:19.410",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -50,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:walkswithme:social_share_on_image_hover:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.2",
"matchCriteriaId": "6D13C8DD-F94D-4FE4-9EDF-E4AF43585AC9"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/wwm-social-share-on-image-hover/wordpress-wwm-social-share-on-image-hover-plugin-2-2-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-442xx/CVE-2023-44262.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-44262",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-10-02T10:15:13.027",
"lastModified": "2023-10-02T12:57:34.287",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-04T13:33:01.340",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -50,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:renzojohnson:blocks:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "1.6.41",
"matchCriteriaId": "A94D4129-81E4-46DC-A121-D817B682B9A2"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/blocks/wordpress-blocks-plugin-1-6-41-cross-site-scripting-xss?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

47
CVE-2023/CVE-2023-442xx/CVE-2023-44263.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-44263",
"sourceIdentifier": "audit@patchstack.com",
"published": "2023-10-02T10:15:13.107",
"lastModified": "2023-10-02T12:57:34.287",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-04T13:33:58.363",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
},
{
"source": "audit@patchstack.com",
"type": "Secondary",
@ -50,10 +70,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:riyaz:social_metrics:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "2.2",
"matchCriteriaId": "7E210E3D-B6C1-4C81-AE56-220DEDD2E9C2"
}
]
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/social-metrics/wordpress-social-metrics-plugin-2-2-cross-site-scripting-xss?_s_id=cve",
"source": "audit@patchstack.com"
"source": "audit@patchstack.com",
"tags": [
"Third Party Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-442xx/CVE-2023-44272.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-44272",
"sourceIdentifier": "vultures@jpcert.or.jp",
"published": "2023-10-04T09:15:31.810",
"lastModified": "2023-10-04T09:15:31.810",
"vulnStatus": "Received",
"lastModified": "2023-10-04T12:56:06.920",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

8
CVE-2023/CVE-2023-444xx/CVE-2023-44488.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-44488",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-09-30T20:15:10.200",
"lastModified": "2023-10-03T20:57:51.777",
"vulnStatus": "Analyzed",
"lastModified": "2023-10-04T13:15:25.590",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
@ -154,6 +154,10 @@
"tags": [
"Mailing List"
]
},
{
"url": "https://security.gentoo.org/glsa/202310-04",
"source": "cve@mitre.org"
}
]
}

55
CVE-2023/CVE-2023-44xx/CVE-2023-4491.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-4491",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2023-10-04T13:15:25.823",
"lastModified": "2023-10-04T13:15:25.823",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow vulnerability in Easy Address Book Web Server 1.6 version. The exploitation of this vulnerability could allow an attacker to send a very long username string to /searchbook.ghp, asking for the name via a POST request, resulting in arbitrary code execution on the remote machine."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-119"
}
]
}
],
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-efs-software-products",
"source": "cve-coordination@incibe.es"
}
]
}

55
CVE-2023/CVE-2023-44xx/CVE-2023-4492.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-4492",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2023-10-04T13:15:25.910",
"lastModified": "2023-10-04T13:15:25.910",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in Easy Address Book Web Server 1.6 version, affecting the parameters (firstname, homephone, lastname, middlename, workaddress, workcity, workcountry, workphone, workstate and workzip) of the /addrbook.ghp file, allowing an attacker to inject a JavaScript payload specially designed to run when the application is loaded"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-efs-software-products",
"source": "cve-coordination@incibe.es"
}
]
}

55
CVE-2023/CVE-2023-44xx/CVE-2023-4493.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-4493",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2023-10-04T13:15:25.987",
"lastModified": "2023-10-04T13:15:25.987",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Stored Cross-Site Scripting in Easy Address Book Web Server 1.6 version, through the users_admin.ghp file that affects multiple parameters such as (firstname, homephone, lastname, lastname, middlename, workaddress, workcity, workcountry, workphone, workstate, workzip). This vulnerability allows a remote attacker to store a malicious JavaScript payload in the application to be executed when the page is loaded, resulting in an integrity impact."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-efs-software-products",
"source": "cve-coordination@incibe.es"
}
]
}

55
CVE-2023/CVE-2023-44xx/CVE-2023-4494.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-4494",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2023-10-04T13:15:26.057",
"lastModified": "2023-10-04T13:15:26.057",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow vulnerability in Easy Chat Server 3.1 version. An attacker could send an excessively long username string to the register.ghp file asking for the name via a GET request resulting in arbitrary code execution on the remote machine."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-119"
}
]
}
],
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-efs-software-products",
"source": "cve-coordination@incibe.es"
}
]
}

55
CVE-2023/CVE-2023-44xx/CVE-2023-4495.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-4495",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2023-10-04T13:15:26.127",
"lastModified": "2023-10-04T13:15:26.127",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Easy Chat Server, in its 3.1 version and before, does not sufficiently encrypt user-controlled inputs, resulting in a Cross-Site Scripting (XSS) vulnerability stored via /registresult.htm (POST method), in the Resume parameter. The XSS is loaded from /register.ghp."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-efs-software-products",
"source": "cve-coordination@incibe.es"
}
]
}

55
CVE-2023/CVE-2023-44xx/CVE-2023-4496.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-4496",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2023-10-04T13:15:26.193",
"lastModified": "2023-10-04T13:15:26.193",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Easy Chat Server, in its 3.1 version and before, does not sufficiently encrypt user-controlled inputs, resulting in a Cross-Site Scripting (XSS) vulnerability stored via /body2.ghp (POST method), in the mtowho parameter."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-efs-software-products",
"source": "cve-coordination@incibe.es"
}
]
}

55
CVE-2023/CVE-2023-44xx/CVE-2023-4497.json Normal file
View File

@ -0,0 +1,55 @@
{
"id": "CVE-2023-4497",
"sourceIdentifier": "cve-coordination@incibe.es",
"published": "2023-10-04T13:15:26.267",
"lastModified": "2023-10-04T13:15:26.267",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "Easy Chat Server, in its 3.1 version and before, does not sufficiently encrypt user-controlled inputs, resulting in a Cross-Site Scripting (XSS) vulnerability stored via /registresult.htm (POST method), in the Icon parameter. The XSS is loaded from /users.ghp."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "cve-coordination@incibe.es",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-efs-software-products",
"source": "cve-coordination@incibe.es"
}
]
}

4
CVE-2023/CVE-2023-45xx/CVE-2023-4586.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4586",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-10-04T11:15:10.500",
"lastModified": "2023-10-04T11:15:10.500",
"vulnStatus": "Received",
"lastModified": "2023-10-04T12:56:02.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

8
CVE-2023/CVE-2023-47xx/CVE-2023-4732.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-4732",
"sourceIdentifier": "secalert@redhat.com",
"published": "2023-10-03T17:15:09.853",
"lastModified": "2023-10-03T18:09:47.093",
"lastModified": "2023-10-04T12:15:10.863",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in the Linux Kernel's memory management subsytem. A task exits and releases a 2MB page in a vma (vm_area_struct) and hits the BUG statement in pfn_swap_entry_to_page() referencing pmd_t x."
"value": "A flaw was found in pfn_swap_entry_to_page in memory management subsystem in the Linux Kernel. In this flaw, an attacker with a local user privilege may cause a denial of service problem due to a BUG statement referencing pmd_t x."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una falla en pfn_swap_entry_to_page en el subsistema de administraci\u00f3n de memoria del kernel de Linux. En esta falla, un atacante con privilegios de usuario local puede causar un problema de denegaci\u00f3n de servicio debido a una declaraci\u00f3n de ERROR que hace referencia a pmd_t x.\n"
}
],
"metrics": {

4
CVE-2023/CVE-2023-49xx/CVE-2023-4997.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-4997",
"sourceIdentifier": "cvd@cert.pl",
"published": "2023-10-04T11:15:10.563",
"lastModified": "2023-10-04T11:15:10.563",
"vulnStatus": "Received",
"lastModified": "2023-10-04T12:56:02.103",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

74
CVE-2023/CVE-2023-51xx/CVE-2023-5106.json
View File

@ -2,16 +2,40 @@
"id": "CVE-2023-5106",
"sourceIdentifier": "cve@gitlab.com",
"published": "2023-10-02T12:15:09.997",
"lastModified": "2023-10-02T12:57:34.287",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-04T12:25:09.517",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "An issue has been discovered in Ultimate-licensed GitLab EE affecting all versions starting 13.12 prior to 16.2.8, 16.3.0 prior to 16.3.5, and 16.4.0 prior to 16.4.1 that could allow an attacker to impersonate users in CI pipelines through direct transfer group imports."
},
{
"lang": "es",
"value": "Se ha descubierto un problema en Ultimate-licensed GitLab EE que afecta a todas las versiones desde 13.12 anteriores a 16.2.8, 16.3.0 anteriores a 16.3.5 y 16.4.0 anteriores a 16.4.1 y que podr\u00eda permitir a un atacante hacerse pasar por usuarios en CI pipelines mediante importaciones de grupos de transferencia directa."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "cve@gitlab.com",
"type": "Secondary",
@ -35,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
},
{
"source": "cve@gitlab.com",
"type": "Secondary",
@ -46,10 +80,44 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "13.12",
"versionEndExcluding": "16.2.8",
"matchCriteriaId": "3A19F87C-BD40-4995-BCF4-9D3C324FDA93"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "16.3.0",
"versionEndExcluding": "16.3.5",
"matchCriteriaId": "CC5696C9-592A-4D50-B5BB-9A250DAB6589"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:16.4.0:*:*:*:enterprise:*:*:*",
"matchCriteriaId": "6696C987-61C1-462E-8A73-016F9902BC67"
}
]
}
]
}
],
"references": [
{
"url": "https://gitlab.com/gitlab-org/gitlab/-/commit/67039cfcae80b8fc0496f79be88714873cd169b3",
"source": "cve@gitlab.com"
"source": "cve@gitlab.com",
"tags": [
"Patch"
]
}
]
}

65
CVE-2023/CVE-2023-51xx/CVE-2023-5160.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-5160",
"sourceIdentifier": "responsibledisclosure@mattermost.com",
"published": "2023-10-02T11:15:50.813",
"lastModified": "2023-10-02T12:57:34.287",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-04T12:18:36.543",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
@ -16,6 +16,26 @@
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
},
{
"source": "responsibledisclosure@mattermost.com",
"type": "Secondary",
@ -39,6 +59,16 @@
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
},
{
"source": "responsibledisclosure@mattermost.com",
"type": "Secondary",
@ -50,10 +80,39 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.0.0",
"versionEndExcluding": "7.8.10",
"matchCriteriaId": "69C58AE2-7A73-4736-B442-4C67D98AD157"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mattermost:mattermost:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.0.0",
"versionEndExcluding": "8.1.1",
"matchCriteriaId": "B96ADDD7-CCB9-4558-A54A-813DBAFAD356"
}
]
}
]
}
],
"references": [
{
"url": "https://mattermost.com/security-updates",
"source": "responsibledisclosure@mattermost.com"
"source": "responsibledisclosure@mattermost.com",
"tags": [
"Vendor Advisory"
]
}
]
}

6
CVE-2023/CVE-2023-52xx/CVE-2023-5217.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-5217",
"sourceIdentifier": "chrome-cve-admin@google.com",
"published": "2023-09-28T16:15:10.980",
"lastModified": "2023-10-04T00:15:12.427",
"lastModified": "2023-10-04T13:15:26.337",
"vulnStatus": "Modified",
"cisaExploitAdd": "2023-10-02",
"cisaActionDue": "2023-10-23",
@ -278,6 +278,10 @@
"url": "https://security-tracker.debian.org/tracker/CVE-2023-5217",
"source": "chrome-cve-admin@google.com"
},
{
"url": "https://security.gentoo.org/glsa/202310-04",
"source": "chrome-cve-admin@google.com"
},
{
"url": "https://stackdiary.com/google-discloses-a-webm-vp8-bug-tracked-as-cve-2023-5217/",
"source": "chrome-cve-admin@google.com"

4
CVE-2023/CVE-2023-52xx/CVE-2023-5291.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-5291",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-10-04T02:15:10.080",
"lastModified": "2023-10-04T02:15:10.080",
"vulnStatus": "Received",
"lastModified": "2023-10-04T12:56:06.920",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
"lang": "en",

64
CVE-2023/CVE-2023-53xx/CVE-2023-5324.json
View File

@ -2,15 +2,41 @@
"id": "CVE-2023-5324",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-10-01T21:15:42.693",
"lastModified": "2023-10-02T00:44:36.450",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2023-10-04T13:53:02.330",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in eeroOS up to 6.16.4-11 and classified as critical. This vulnerability affects unknown code of the component Ethernet Interface. The manipulation leads to denial of service. The attack needs to be approached within the local network. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-241024."
},
{
"lang": "es",
"value": "Una vulnerabilidad ha sido encontrada en eeroOS hasta 6.16.4-11 y clasificada como cr\u00edtica. Esta vulnerabilidad afecta a c\u00f3digo desconocido del componente Ethernet Interface. La manipulaci\u00f3n conduce a la denegaci\u00f3n del servicio. El ataque debe abordarse dentro de la red local. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. El identificador de esta vulnerabilidad es VDB-241024."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
],
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
@ -71,18 +97,46 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:eero:eeroos:*:*:*:*:*:*:*:*",
"versionEndIncluding": "6.16.4-11",
"matchCriteriaId": "2602F72C-E1CB-40E6-B2EE-D3C1E16B3729"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/nomis/eero-zero-length-ipv6-options-header-dos",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.241024",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?id.241024",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory"
]
}
]
}

4
CVE-2023/CVE-2023-53xx/CVE-2023-5357.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-5357",
"sourceIdentifier": "security@wordfence.com",
"published": "2023-10-04T02:15:10.163",
"lastModified": "2023-10-04T02:15:10.163",
"vulnStatus": "Received",
"lastModified": "2023-10-04T12:56:06.920",
"vulnStatus": "Undergoing Analysis",
"descriptions": [
{
"lang": "en",

8
CVE-2023/CVE-2023-53xx/CVE-2023-5368.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-5368",
"sourceIdentifier": "secteam@freebsd.org",
"published": "2023-10-04T04:15:14.143",
"lastModified": "2023-10-04T04:15:14.143",
"vulnStatus": "Received",
"lastModified": "2023-10-04T12:56:06.920",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "On an msdosfs filesystem, the 'truncate' or 'ftruncate' system calls under certain circumstances populate the additional space in the file with unallocated data from the underlying disk device, rather than zero bytes.\n\nThis may permit a user with write access to files on a msdosfs filesystem to read unintended data (e.g. from a previously deleted file)."
},
{
"lang": "es",
"value": "En un sistema de archivos msdosfs, las llamadas al sistema 'truncate' o 'ftruncate' bajo ciertas circunstancias llenan el espacio adicional en el archivo con datos no asignados del dispositivo de disco subyacente, en lugar de cero bytes. Esto puede permitir que un usuario con acceso de escritura a archivos en un sistema de archivos msdosfs lea datos no deseados (por ejemplo, de un archivo previamente eliminado)."
}
],
"metrics": {},

8
CVE-2023/CVE-2023-53xx/CVE-2023-5369.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-5369",
"sourceIdentifier": "secteam@freebsd.org",
"published": "2023-10-04T04:15:14.627",
"lastModified": "2023-10-04T04:15:14.627",
"vulnStatus": "Received",
"lastModified": "2023-10-04T12:56:06.920",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "Before correction, the\u00a0copy_file_range\u00a0system call checked only for the CAP_READ and CAP_WRITE capabilities on the input and output file descriptors, respectively. Using an offset is logically equivalent to seeking, and the system call must additionally require the CAP_SEEK capability.\n\nThis incorrect privilege check enabled sandboxed processes with only read or write but no seek capability on a file descriptor to read data from or write data to an arbitrary location within the file corresponding to that file descriptor."
},
{
"lang": "es",
"value": "Antes de la correcci\u00f3n, la llamada al sistema copy_file_range verific\u00f3 solo las capabilities CAP_READ y CAP_WRITE en los descriptores de archivos de entrada y salida, respectivamente. Usar un desplazamiento es l\u00f3gicamente equivalente a buscar, y la llamada al sistema debe requerir adicionalmente la capability CAP_SEEK. Esta verificaci\u00f3n de privilegios incorrecta permiti\u00f3 que los procesos aislados con solo lectura o escritura pero sin capacidad de b\u00fasqueda en un descriptor de archivo leyeran o escribieran datos en una ubicaci\u00f3n arbitraria dentro del archivo correspondiente a ese descriptor de archivo."
}
],
"metrics": {},

8
CVE-2023/CVE-2023-53xx/CVE-2023-5370.json
View File

@ -2,12 +2,16 @@
"id": "CVE-2023-5370",
"sourceIdentifier": "secteam@freebsd.org",
"published": "2023-10-04T04:15:15.593",
"lastModified": "2023-10-04T04:15:15.593",
"vulnStatus": "Received",
"lastModified": "2023-10-04T12:56:06.920",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",
"value": "On CPU 0 the check for the SMCCC workaround is called before SMCCC support has been initialized. This resulted in no speculative execution workarounds being installed on CPU 0."
},
{
"lang": "es",
"value": "En la CPU 0, se llama a la verificaci\u00f3n del workaround de SMCCC antes de que se haya inicializado el soporte de SMCCC. Esto result\u00f3 en que no se instalaran workarounds de ejecuci\u00f3n especulativa en la CPU 0."
}
],
"metrics": {},

88
CVE-2023/CVE-2023-53xx/CVE-2023-5373.json Normal file
View File

@ -0,0 +1,88 @@
{
"id": "CVE-2023-5373",
"sourceIdentifier": "cna@vuldb.com",
"published": "2023-10-04T13:15:26.433",
"lastModified": "2023-10-04T13:15:26.433",
"vulnStatus": "Received",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical has been found in SourceCodester Online Computer and Laptop Store 1.0. Affected is the function register of the file Master.php. The manipulation of the argument email leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-241254 is the identifier assigned to this vulnerability."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/Szlllc/Cve/blob/main/Computer%20and%20Laptop%20Store%20System%20Master.php%20has%20Sqlinjection.pdf",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.241254",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.241254",
"source": "cna@vuldb.com"
}
]
}

4
CVE-2023/CVE-2023-53xx/CVE-2023-5375.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-5375",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-10-04T09:15:31.980",
"lastModified": "2023-10-04T09:15:31.980",
"vulnStatus": "Received",
"lastModified": "2023-10-04T12:56:06.920",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

4
CVE-2023/CVE-2023-53xx/CVE-2023-5377.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-5377",
"sourceIdentifier": "security@huntr.dev",
"published": "2023-10-04T10:15:10.353",
"lastModified": "2023-10-04T10:15:10.353",
"vulnStatus": "Received",
"lastModified": "2023-10-04T12:56:06.920",
"vulnStatus": "Awaiting Analysis",
"descriptions": [
{
"lang": "en",

72
README.md
View File

@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2023-10-04T12:00:25.925521+00:00
2023-10-04T14:00:25.112883+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2023-10-04T11:48:34.220000+00:00
2023-10-04T13:53:02.330000+00:00
```
### Last Data Feed Release
@ -29,38 +29,62 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
226952
226970
```
### CVEs added in the last Commit
Recently added CVEs: `12`
Recently added CVEs: `18`
* [CVE-2023-5377](CVE-2023/CVE-2023-53xx/CVE-2023-5377.json) (`2023-10-04T10:15:10.353`)
* [CVE-2023-1584](CVE-2023/CVE-2023-15xx/CVE-2023-1584.json) (`2023-10-04T11:15:09.770`)
* [CVE-2023-25489](CVE-2023/CVE-2023-254xx/CVE-2023-25489.json) (`2023-10-04T11:15:09.917`)
* [CVE-2023-25788](CVE-2023/CVE-2023-257xx/CVE-2023-25788.json) (`2023-10-04T11:15:09.997`)
* [CVE-2023-25980](CVE-2023/CVE-2023-259xx/CVE-2023-25980.json) (`2023-10-04T11:15:10.077`)
* [CVE-2023-2422](CVE-2023/CVE-2023-24xx/CVE-2023-2422.json) (`2023-10-04T11:15:10.157`)
* [CVE-2023-2809](CVE-2023/CVE-2023-28xx/CVE-2023-2809.json) (`2023-10-04T11:15:10.223`)
* [CVE-2023-37995](CVE-2023/CVE-2023-379xx/CVE-2023-37995.json) (`2023-10-04T11:15:10.297`)
* [CVE-2023-3512](CVE-2023/CVE-2023-35xx/CVE-2023-3512.json) (`2023-10-04T11:15:10.363`)
* [CVE-2023-3701](CVE-2023/CVE-2023-37xx/CVE-2023-3701.json) (`2023-10-04T11:15:10.430`)
* [CVE-2023-4586](CVE-2023/CVE-2023-45xx/CVE-2023-4586.json) (`2023-10-04T11:15:10.500`)
* [CVE-2023-4997](CVE-2023/CVE-2023-49xx/CVE-2023-4997.json) (`2023-10-04T11:15:10.563`)
* [CVE-2022-4132](CVE-2022/CVE-2022-41xx/CVE-2022-4132.json) (`2023-10-04T12:15:10.230`)
* [CVE-2023-22618](CVE-2023/CVE-2023-226xx/CVE-2023-22618.json) (`2023-10-04T12:15:10.300`)
* [CVE-2023-3037](CVE-2023/CVE-2023-30xx/CVE-2023-3037.json) (`2023-10-04T12:15:10.373`)
* [CVE-2023-3038](CVE-2023/CVE-2023-30xx/CVE-2023-3038.json) (`2023-10-04T12:15:10.437`)
* [CVE-2023-3153](CVE-2023/CVE-2023-31xx/CVE-2023-3153.json) (`2023-10-04T12:15:10.503`)
* [CVE-2023-3361](CVE-2023/CVE-2023-33xx/CVE-2023-3361.json) (`2023-10-04T12:15:10.567`)
* [CVE-2023-43261](CVE-2023/CVE-2023-432xx/CVE-2023-43261.json) (`2023-10-04T12:15:10.627`)
* [CVE-2023-44208](CVE-2023/CVE-2023-442xx/CVE-2023-44208.json) (`2023-10-04T12:15:10.670`)
* [CVE-2023-4037](CVE-2023/CVE-2023-40xx/CVE-2023-4037.json) (`2023-10-04T12:15:10.733`)
* [CVE-2023-4090](CVE-2023/CVE-2023-40xx/CVE-2023-4090.json) (`2023-10-04T12:15:10.800`)
* [CVE-2023-4491](CVE-2023/CVE-2023-44xx/CVE-2023-4491.json) (`2023-10-04T13:15:25.823`)
* [CVE-2023-4492](CVE-2023/CVE-2023-44xx/CVE-2023-4492.json) (`2023-10-04T13:15:25.910`)
* [CVE-2023-4493](CVE-2023/CVE-2023-44xx/CVE-2023-4493.json) (`2023-10-04T13:15:25.987`)
* [CVE-2023-4494](CVE-2023/CVE-2023-44xx/CVE-2023-4494.json) (`2023-10-04T13:15:26.057`)
* [CVE-2023-4495](CVE-2023/CVE-2023-44xx/CVE-2023-4495.json) (`2023-10-04T13:15:26.127`)
* [CVE-2023-4496](CVE-2023/CVE-2023-44xx/CVE-2023-4496.json) (`2023-10-04T13:15:26.193`)
* [CVE-2023-4497](CVE-2023/CVE-2023-44xx/CVE-2023-4497.json) (`2023-10-04T13:15:26.267`)
* [CVE-2023-5373](CVE-2023/CVE-2023-53xx/CVE-2023-5373.json) (`2023-10-04T13:15:26.433`)
### CVEs modified in the last Commit
Recently modified CVEs: `7`
Recently modified CVEs: `50`
* [CVE-2022-39046](CVE-2022/CVE-2022-390xx/CVE-2022-39046.json) (`2023-10-04T10:15:09.780`)
* [CVE-2023-4527](CVE-2023/CVE-2023-45xx/CVE-2023-4527.json) (`2023-10-04T10:15:10.027`)
* [CVE-2023-4806](CVE-2023/CVE-2023-48xx/CVE-2023-4806.json) (`2023-10-04T10:15:10.143`)
* [CVE-2023-4911](CVE-2023/CVE-2023-49xx/CVE-2023-4911.json) (`2023-10-04T10:15:10.257`)
* [CVE-2023-5296](CVE-2023/CVE-2023-52xx/CVE-2023-5296.json) (`2023-10-04T11:30:25.553`)
* [CVE-2023-5297](CVE-2023/CVE-2023-52xx/CVE-2023-5297.json) (`2023-10-04T11:35:19.407`)
* [CVE-2023-44245](CVE-2023/CVE-2023-442xx/CVE-2023-44245.json) (`2023-10-04T11:48:34.220`)
* [CVE-2023-30736](CVE-2023/CVE-2023-307xx/CVE-2023-30736.json) (`2023-10-04T12:56:06.920`)
* [CVE-2023-30737](CVE-2023/CVE-2023-307xx/CVE-2023-30737.json) (`2023-10-04T12:56:06.920`)
* [CVE-2023-30738](CVE-2023/CVE-2023-307xx/CVE-2023-30738.json) (`2023-10-04T12:56:06.920`)
* [CVE-2023-5368](CVE-2023/CVE-2023-53xx/CVE-2023-5368.json) (`2023-10-04T12:56:06.920`)
* [CVE-2023-5369](CVE-2023/CVE-2023-53xx/CVE-2023-5369.json) (`2023-10-04T12:56:06.920`)
* [CVE-2023-5370](CVE-2023/CVE-2023-53xx/CVE-2023-5370.json) (`2023-10-04T12:56:06.920`)
* [CVE-2023-44272](CVE-2023/CVE-2023-442xx/CVE-2023-44272.json) (`2023-10-04T12:56:06.920`)
* [CVE-2023-5375](CVE-2023/CVE-2023-53xx/CVE-2023-5375.json) (`2023-10-04T12:56:06.920`)
* [CVE-2023-5377](CVE-2023/CVE-2023-53xx/CVE-2023-5377.json) (`2023-10-04T12:56:06.920`)
* [CVE-2023-1584](CVE-2023/CVE-2023-15xx/CVE-2023-1584.json) (`2023-10-04T12:56:06.920`)
* [CVE-2023-35905](CVE-2023/CVE-2023-359xx/CVE-2023-35905.json) (`2023-10-04T12:56:10.477`)
* [CVE-2023-37404](CVE-2023/CVE-2023-374xx/CVE-2023-37404.json) (`2023-10-04T12:56:10.477`)
* [CVE-2023-3213](CVE-2023/CVE-2023-32xx/CVE-2023-3213.json) (`2023-10-04T12:56:10.477`)
* [CVE-2023-44488](CVE-2023/CVE-2023-444xx/CVE-2023-44488.json) (`2023-10-04T13:15:25.590`)
* [CVE-2023-5217](CVE-2023/CVE-2023-52xx/CVE-2023-5217.json) (`2023-10-04T13:15:26.337`)
* [CVE-2023-3769](CVE-2023/CVE-2023-37xx/CVE-2023-3769.json) (`2023-10-04T13:16:45.607`)
* [CVE-2023-41800](CVE-2023/CVE-2023-418xx/CVE-2023-41800.json) (`2023-10-04T13:24:01.053`)
* [CVE-2023-41847](CVE-2023/CVE-2023-418xx/CVE-2023-41847.json) (`2023-10-04T13:26:01.997`)
* [CVE-2023-41855](CVE-2023/CVE-2023-418xx/CVE-2023-41855.json) (`2023-10-04T13:30:41.403`)
* [CVE-2023-44262](CVE-2023/CVE-2023-442xx/CVE-2023-44262.json) (`2023-10-04T13:33:01.340`)
* [CVE-2023-44263](CVE-2023/CVE-2023-442xx/CVE-2023-44263.json) (`2023-10-04T13:33:58.363`)
* [CVE-2023-44228](CVE-2023/CVE-2023-442xx/CVE-2023-44228.json) (`2023-10-04T13:36:47.173`)
* [CVE-2023-44230](CVE-2023/CVE-2023-442xx/CVE-2023-44230.json) (`2023-10-04T13:37:30.187`)
* [CVE-2023-3744](CVE-2023/CVE-2023-37xx/CVE-2023-3744.json) (`2023-10-04T13:41:29.220`)
* [CVE-2023-5324](CVE-2023/CVE-2023-53xx/CVE-2023-5324.json) (`2023-10-04T13:53:02.330`)
## Download and Usage