From a230b6bf8d71758680036016535151eb9f488af8 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Wed, 3 Jan 2024 23:00:29 +0000 Subject: [PATCH] Auto-Update: 2024-01-03T23:00:25.423840+00:00 --- CVE-2022/CVE-2022-398xx/CVE-2022-39818.json | 64 +++++++++++- CVE-2022/CVE-2022-398xx/CVE-2022-39820.json | 64 +++++++++++- CVE-2022/CVE-2022-398xx/CVE-2022-39822.json | 64 +++++++++++- CVE-2022/CVE-2022-417xx/CVE-2022-41760.json | 64 +++++++++++- CVE-2022/CVE-2022-417xx/CVE-2022-41761.json | 64 +++++++++++- CVE-2022/CVE-2022-417xx/CVE-2022-41762.json | 64 +++++++++++- CVE-2023/CVE-2023-271xx/CVE-2023-27150.json | 69 ++++++++++++- CVE-2023/CVE-2023-304xx/CVE-2023-30451.json | 64 +++++++++++- CVE-2023/CVE-2023-364xx/CVE-2023-36485.json | 81 +++++++++++++-- CVE-2023/CVE-2023-364xx/CVE-2023-36486.json | 81 +++++++++++++-- CVE-2023/CVE-2023-383xx/CVE-2023-38321.json | 106 ++++++++++++++++++-- CVE-2023/CVE-2023-388xx/CVE-2023-38826.json | 69 ++++++++++++- CVE-2023/CVE-2023-430xx/CVE-2023-43064.json | 68 ++++++++++++- CVE-2023/CVE-2023-492xx/CVE-2023-49226.json | 82 ++++++++++++++- CVE-2023/CVE-2023-494xx/CVE-2023-49442.json | 20 ++++ CVE-2023/CVE-2023-498xx/CVE-2023-49880.json | 64 +++++++++++- CVE-2023/CVE-2023-499xx/CVE-2023-49944.json | 69 ++++++++++++- CVE-2023/CVE-2023-499xx/CVE-2023-49954.json | 71 ++++++++++++- CVE-2023/CVE-2023-513xx/CVE-2023-51363.json | 82 ++++++++++++++- CVE-2023/CVE-2023-517xx/CVE-2023-51771.json | 69 ++++++++++++- CVE-2023/CVE-2023-521xx/CVE-2023-52140.json | 15 +++ CVE-2023/CVE-2023-521xx/CVE-2023-52141.json | 15 +++ CVE-2023/CVE-2023-63xx/CVE-2023-6338.json | 55 ++++++++++ CVE-2023/CVE-2023-65xx/CVE-2023-6540.json | 55 ++++++++++ README.md | 61 ++++++----- 25 files changed, 1459 insertions(+), 121 deletions(-) create mode 100644 CVE-2023/CVE-2023-494xx/CVE-2023-49442.json create mode 100644 CVE-2023/CVE-2023-521xx/CVE-2023-52140.json create mode 100644 CVE-2023/CVE-2023-521xx/CVE-2023-52141.json create mode 100644 CVE-2023/CVE-2023-63xx/CVE-2023-6338.json create mode 100644 CVE-2023/CVE-2023-65xx/CVE-2023-6540.json diff --git a/CVE-2022/CVE-2022-398xx/CVE-2022-39818.json b/CVE-2022/CVE-2022-398xx/CVE-2022-39818.json index c0b860e4bc0..03b0da22f60 100644 --- a/CVE-2022/CVE-2022-398xx/CVE-2022-39818.json +++ b/CVE-2022/CVE-2022-398xx/CVE-2022-39818.json @@ -2,8 +2,8 @@ "id": "CVE-2022-39818", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-25T06:15:07.880", - "lastModified": "2023-12-26T20:34:16.103", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-03T21:01:51.820", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -14,11 +14,67 @@ "value": "En NOKIA NFM-T R19.9, se produce una vulnerabilidad de inyecci\u00f3n de comandos del sistema operativo en /cgi-bin/R19.9/log.pl de la interfaz web de VM Manager a trav\u00e9s del par\u00e1metro cmd HTTP GET. Esto permite a los usuarios autenticados ejecutar comandos, con privilegios de root, en el sistema operativo." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-78" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:nokia:network_functions_manager_for_transport:19.9:*:*:*:*:*:*:*", + "matchCriteriaId": "EE1A66D4-19DC-4734-B3C4-5775FB1B1A2D" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.gruppotim.it/it/footer/red-team.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-398xx/CVE-2022-39820.json b/CVE-2022/CVE-2022-398xx/CVE-2022-39820.json index d69a240f261..2eae95e0ff1 100644 --- a/CVE-2022/CVE-2022-398xx/CVE-2022-39820.json +++ b/CVE-2022/CVE-2022-398xx/CVE-2022-39820.json @@ -2,8 +2,8 @@ "id": "CVE-2022-39820", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-25T06:15:08.013", - "lastModified": "2023-12-26T20:34:16.103", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-03T21:01:40.990", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -14,11 +14,67 @@ "value": "En Network Element Manager en NOKIA NFM-T R19.9, se produce una vulnerabilidad de almacenamiento de credenciales desprotegidas en /root/RestUploadManager.xml.DRC y /DEPOT/KECustom_199/OTNE_DRC/RestUploadManager.xml. Un usuario remoto, autenticado en el sistema operativo, con privilegios de acceso al directorio /root o /DEPOT, puede leer credenciales en texto plano para acceder al portal web NFM-T y controlar todos los elementos de la red PPS." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-522" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:nokia:network_functions_manager_for_transport:19.9:*:*:*:*:*:*:*", + "matchCriteriaId": "EE1A66D4-19DC-4734-B3C4-5775FB1B1A2D" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.gruppotim.it/it/footer/red-team.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-398xx/CVE-2022-39822.json b/CVE-2022/CVE-2022-398xx/CVE-2022-39822.json index db581352c42..e421bbaf5fd 100644 --- a/CVE-2022/CVE-2022-398xx/CVE-2022-39822.json +++ b/CVE-2022/CVE-2022-398xx/CVE-2022-39822.json @@ -2,8 +2,8 @@ "id": "CVE-2022-39822", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-25T06:15:08.060", - "lastModified": "2023-12-26T20:34:16.103", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-03T21:01:25.960", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -14,11 +14,67 @@ "value": "En NOKIA NFM-T R19.9, se produce una vulnerabilidad de inyecci\u00f3n SQL en /cgi-bin/R19.9/easy1350.pl de la interfaz web de VM Manager a trav\u00e9s del par\u00e1metro GET HTTP id o host. Se requiere un atacante autenticado para la explotaci\u00f3n." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:nokia:network_functions_manager_for_transport:19.9:*:*:*:*:*:*:*", + "matchCriteriaId": "EE1A66D4-19DC-4734-B3C4-5775FB1B1A2D" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.gruppotim.it/it/footer/red-team.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-417xx/CVE-2022-41760.json b/CVE-2022/CVE-2022-417xx/CVE-2022-41760.json index 0ef7c8d9488..686d53d6b01 100644 --- a/CVE-2022/CVE-2022-417xx/CVE-2022-41760.json +++ b/CVE-2022/CVE-2022-417xx/CVE-2022-41760.json @@ -2,8 +2,8 @@ "id": "CVE-2022-41760", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-25T06:15:08.110", - "lastModified": "2023-12-26T20:34:16.103", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-03T21:01:14.330", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -14,11 +14,67 @@ "value": "Se descubri\u00f3 un problema en NOKIA NFM-T R19.9. El Path Traversal relativo puede ocurrir en /oms1350/data/cpb/log de Network Element Manager a trav\u00e9s del par\u00e1metro filename, lo que permite a un atacante remoto autenticado leer archivos arbitrarios." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:nokia:network_functions_manager_for_transport:19.9:*:*:*:*:*:*:*", + "matchCriteriaId": "EE1A66D4-19DC-4734-B3C4-5775FB1B1A2D" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.gruppotim.it/it/footer/red-team.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-417xx/CVE-2022-41761.json b/CVE-2022/CVE-2022-417xx/CVE-2022-41761.json index 1caceef0e14..059bf3138ca 100644 --- a/CVE-2022/CVE-2022-417xx/CVE-2022-41761.json +++ b/CVE-2022/CVE-2022-417xx/CVE-2022-41761.json @@ -2,8 +2,8 @@ "id": "CVE-2022-41761", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-25T06:15:08.157", - "lastModified": "2023-12-26T20:34:16.103", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-03T21:01:06.787", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -14,11 +14,67 @@ "value": "Se descubri\u00f3 un problema en NOKIA NFM-T R19.9. Existe una vulnerabilidad Absolute Path Traversal en /cgi-bin/R19.9/viewlog.pl de VM Manager WebUI a trav\u00e9s del par\u00e1metro logfile, lo que permite a un atacante remoto autenticado leer archivos arbitrarios." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:nokia:network_functions_manager_for_transport:19.9:*:*:*:*:*:*:*", + "matchCriteriaId": "EE1A66D4-19DC-4734-B3C4-5775FB1B1A2D" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.gruppotim.it/it/footer/red-team.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2022/CVE-2022-417xx/CVE-2022-41762.json b/CVE-2022/CVE-2022-417xx/CVE-2022-41762.json index eb2bd16ff12..7386ee01111 100644 --- a/CVE-2022/CVE-2022-417xx/CVE-2022-41762.json +++ b/CVE-2022/CVE-2022-417xx/CVE-2022-41762.json @@ -2,8 +2,8 @@ "id": "CVE-2022-41762", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-25T06:15:08.203", - "lastModified": "2023-12-26T20:34:16.103", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-03T21:00:55.163", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -14,11 +14,67 @@ "value": "Se descubri\u00f3 un problema en NOKIA NFM-T R19.9. Existen m\u00faltiples vulnerabilidades de XSS reflejado en Network Element Manager a trav\u00e9s de cualquier par\u00e1metro de log.pl, el par\u00e1metro bench o pid de top.pl o el par\u00e1metro id de easy1350.pl." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:nokia:network_functions_manager_for_transport:19.9:*:*:*:*:*:*:*", + "matchCriteriaId": "EE1A66D4-19DC-4734-B3C4-5775FB1B1A2D" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.gruppotim.it/it/footer/red-team.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-271xx/CVE-2023-27150.json b/CVE-2023/CVE-2023-271xx/CVE-2023-27150.json index bcc2972ca20..a0896b6da7a 100644 --- a/CVE-2023/CVE-2023-271xx/CVE-2023-27150.json +++ b/CVE-2023/CVE-2023-271xx/CVE-2023-27150.json @@ -2,8 +2,8 @@ "id": "CVE-2023-27150", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-26T04:15:07.713", - "lastModified": "2023-12-26T20:34:16.103", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-03T22:26:47.350", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -14,15 +14,74 @@ "value": "Se descubri\u00f3 que openCRX 5.2.0 contiene una vulnerabilidad de cross-site scripting (XSS) a trav\u00e9s del campo Name despu\u00e9s de la creaci\u00f3n de un Tracker en Manage Activity." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:opencrx:opencrx:5.2.0:*:*:*:*:*:*:*", + "matchCriteriaId": "CA22A2E9-7F02-4B5D-A74D-D2F8C997BF75" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.esecforte.com/cve-2023-27150-cross-site-scripting-xss/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] }, { "url": "https://www.opencrx.org/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Product" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-304xx/CVE-2023-30451.json b/CVE-2023/CVE-2023-304xx/CVE-2023-30451.json index ec69e671f76..2b0f8e11271 100644 --- a/CVE-2023/CVE-2023-304xx/CVE-2023-30451.json +++ b/CVE-2023/CVE-2023-304xx/CVE-2023-30451.json @@ -2,8 +2,8 @@ "id": "CVE-2023-30451", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-25T05:15:08.553", - "lastModified": "2023-12-26T20:34:16.103", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-03T21:02:47.050", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -14,11 +14,67 @@ "value": "En TYPO3 11.5.24, el componente filelist permite a los atacantes (que tienen acceso al panel de administrador) leer archivos arbitrarios a trav\u00e9s del directory traversal en el campo baseuri, como lo demuestra POST /typo3/record/edit con ../../. ./ en datos[sys_file_storage]*[datos][sDEF][lDEF][basePath][vDEF]." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 4.9, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 1.2, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:typo3:typo3:11.5.24:*:*:*:*:*:*:*", + "matchCriteriaId": "39861941-0E9B-46A9-9C88-4886FEE7C544" + } + ] + } + ] + } + ], "references": [ { "url": "http://packetstormsecurity.com/files/176274/TYPO3-11.5.24-Path-Traversal.html", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-364xx/CVE-2023-36485.json b/CVE-2023/CVE-2023-364xx/CVE-2023-36485.json index d9ed2069ddc..7339e0a302d 100644 --- a/CVE-2023/CVE-2023-364xx/CVE-2023-36485.json +++ b/CVE-2023/CVE-2023-364xx/CVE-2023-36485.json @@ -2,8 +2,8 @@ "id": "CVE-2023-36485", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-25T08:15:07.497", - "lastModified": "2023-12-26T20:34:16.103", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-03T22:54:54.397", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -14,19 +14,88 @@ "value": "El motor de workflow de ILIAS anterior a 7.23 y 8 anterior a 8.3 permite a usuarios remotos autenticados ejecutar comandos arbitrarios del sistema en el servidor de aplicaciones como usuario de la aplicaci\u00f3n a trav\u00e9s de un archivo de definici\u00f3n de workflow BPMN2 malicioso." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ilias:ilias:*:*:*:*:*:*:*:*", + "versionEndExcluding": "7.23", + "matchCriteriaId": "271144DF-BF84-49B6-BCDF-0B43CD121189" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ilias:ilias:*:*:*:*:*:*:*:*", + "versionStartIncluding": "8.0", + "versionEndExcluding": "8.3", + "matchCriteriaId": "0F22AE0C-FE00-4A62-98A0-F17CFC22C307" + } + ] + } + ] + } + ], "references": [ { "url": "https://docu.ilias.de/ilias.php?baseClass=ilrepositorygui&cmdNode=xd:kx:54&cmdClass=ilBlogPostingGUI&cmd=previewFullscreen&ref_id=3439&prvm=fsc&bmn=2023-12&blpg=786", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://github.com/ILIAS-eLearning/ILIAS/pull/5987", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/ILIAS-eLearning/ILIAS/pull/5988", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-364xx/CVE-2023-36486.json b/CVE-2023/CVE-2023-364xx/CVE-2023-36486.json index 88b956bc312..7b3f3d6f9a4 100644 --- a/CVE-2023/CVE-2023-364xx/CVE-2023-36486.json +++ b/CVE-2023/CVE-2023-364xx/CVE-2023-36486.json @@ -2,8 +2,8 @@ "id": "CVE-2023-36486", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-25T08:15:07.560", - "lastModified": "2023-12-26T20:34:16.103", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-03T22:54:36.863", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -14,19 +14,88 @@ "value": "El motor de workflow de ILIAS anterior a 7.23 y 8 anterior a 8.3 permite a usuarios remotos autenticados ejecutar comandos arbitrarios del sistema en el servidor de aplicaciones como usuario de la aplicaci\u00f3n cargando un archivo de definici\u00f3n de workflow con un nombre de archivo malicioso." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ilias:ilias:*:*:*:*:*:*:*:*", + "versionEndExcluding": "7.23", + "matchCriteriaId": "271144DF-BF84-49B6-BCDF-0B43CD121189" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ilias:ilias:*:*:*:*:*:*:*:*", + "versionStartIncluding": "8.0", + "versionEndExcluding": "8.3", + "matchCriteriaId": "0F22AE0C-FE00-4A62-98A0-F17CFC22C307" + } + ] + } + ] + } + ], "references": [ { "url": "https://docu.ilias.de/ilias.php?baseClass=ilrepositorygui&cmdNode=xd:kx:54&cmdClass=ilBlogPostingGUI&cmd=previewFullscreen&ref_id=3439&prvm=fsc&bmn=2023-12&blpg=786", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://github.com/ILIAS-eLearning/ILIAS/pull/5987", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Patch" + ] }, { "url": "https://github.com/ILIAS-eLearning/ILIAS/pull/5988", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Patch" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-383xx/CVE-2023-38321.json b/CVE-2023/CVE-2023-383xx/CVE-2023-38321.json index 62fcb551d3a..9c4d90123f0 100644 --- a/CVE-2023/CVE-2023-383xx/CVE-2023-38321.json +++ b/CVE-2023/CVE-2023-383xx/CVE-2023-38321.json @@ -2,8 +2,8 @@ "id": "CVE-2023-38321", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-25T09:15:07.223", - "lastModified": "2023-12-26T20:34:16.103", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-03T22:30:12.113", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -14,19 +14,113 @@ "value": "OpenNDS, tal como se usa en Sierra Wireless ALEOS anteriores a 4.17.0.12 y otros productos, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (desreferencia de puntero NULL, ca\u00edda del daemon e interrupci\u00f3n de Captive Portal) a trav\u00e9s de una solicitud GET a /opennds_auth/ que carece de una configuraci\u00f3n personalizada. par\u00e1metro de cadena de consulta y token de cliente." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-476" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:sierrawireless:aleos:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.17.0.12", + "matchCriteriaId": "A2373390-F865-4A67-B66D-C9B5A379C842" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:sierrawireless:lx40:-:*:*:*:*:*:*:*", + "matchCriteriaId": "069DD303-C100-4FAF-BD6B-4EE61CBDE9F7" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:sierrawireless:lx60:-:*:*:*:*:*:*:*", + "matchCriteriaId": "2A3B7B3D-1594-434B-8E22-01C67DF54F16" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:sierrawireless:mp70:-:*:*:*:*:*:*:*", + "matchCriteriaId": "007D4629-4BE2-4C7A-AC8B-E87739E22D12" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:sierrawireless:rv50x:-:*:*:*:*:*:*:*", + "matchCriteriaId": "61D3EF27-E823-4E49-BD58-D050EB02D294" + }, + { + "vulnerable": false, + "criteria": "cpe:2.3:h:sierrawireless:rv55:-:*:*:*:*:*:*:*", + "matchCriteriaId": "215BD4AB-8EFD-4F82-ABE4-E7F81AD528C2" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/openNDS/openNDS/blob/master/ChangeLog", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Release Notes" + ] }, { "url": "https://openwrt.org/docs/guide-user/services/captive-portal/opennds", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Product" + ] }, { "url": "https://source.sierrawireless.com/-/media/support_downloads/security-bulletins/pdf/swi-psa-2023-006-r3.ashx", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-388xx/CVE-2023-38826.json b/CVE-2023/CVE-2023-388xx/CVE-2023-38826.json index 675fcad4cae..1d7e7d83f86 100644 --- a/CVE-2023/CVE-2023-388xx/CVE-2023-38826.json +++ b/CVE-2023/CVE-2023-388xx/CVE-2023-38826.json @@ -2,8 +2,8 @@ "id": "CVE-2023-38826", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-25T08:15:07.630", - "lastModified": "2023-12-26T20:34:16.103", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-03T22:54:24.607", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -14,15 +14,74 @@ "value": "Existe una vulnerabilidad de Cross Site Scripting (XSS) en Follet Learning Solutions Destiny hasta 20.0_1U. a trav\u00e9s de handlewpesearchform.do. searchString." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:follettlearning:solutions_destiny:*:*:*:*:*:*:*:*", + "versionEndIncluding": "20.0_1u", + "matchCriteriaId": "0CB1D482-552C-4F9E-83E5-52E54B5D6CFF" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/Oracle-Security/CVEs/tree/main/Follett%20Learning%20Solutions/Destiny/CVE-2023-38826", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit" + ] }, { "url": "https://www.follettlearning.com/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Product" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-430xx/CVE-2023-43064.json b/CVE-2023/CVE-2023-430xx/CVE-2023-43064.json index 925f413abdd..33bf3cd4e7d 100644 --- a/CVE-2023/CVE-2023-430xx/CVE-2023-43064.json +++ b/CVE-2023/CVE-2023-430xx/CVE-2023-43064.json @@ -2,8 +2,8 @@ "id": "CVE-2023-43064", "sourceIdentifier": "psirt@us.ibm.com", "published": "2023-12-25T03:15:08.210", - "lastModified": "2023-12-26T20:34:16.103", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-03T21:03:54.537", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + }, { "source": "psirt@us.ibm.com", "type": "Secondary", @@ -50,14 +70,54 @@ ] } ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:ibm:i:7.2:*:*:*:*:*:*:*", + "matchCriteriaId": "BD871157-2BB3-4641-B84E-3EA13D24D35A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:ibm:i:7.3:*:*:*:*:*:*:*", + "matchCriteriaId": "9A49E8C5-7967-42AE-A787-C533D24A63D7" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:ibm:i:7.4:*:*:*:*:*:*:*", + "matchCriteriaId": "92D03306-B6C9-403E-99A2-CE9D8DC3B482" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:ibm:i:7.5:*:*:*:*:*:*:*", + "matchCriteriaId": "F7CCB5BF-08EF-472F-A663-5DE270234F10" + } + ] + } + ] + } + ], "references": [ { "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/267689", - "source": "psirt@us.ibm.com" + "source": "psirt@us.ibm.com", + "tags": [ + "VDB Entry", + "Vendor Advisory" + ] }, { "url": "https://www.ibm.com/support/pages/node/7101330", - "source": "psirt@us.ibm.com" + "source": "psirt@us.ibm.com", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-492xx/CVE-2023-49226.json b/CVE-2023/CVE-2023-492xx/CVE-2023-49226.json index f7c7b9d8616..924a89eddd8 100644 --- a/CVE-2023/CVE-2023-492xx/CVE-2023-49226.json +++ b/CVE-2023/CVE-2023-492xx/CVE-2023-49226.json @@ -2,8 +2,8 @@ "id": "CVE-2023-49226", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-25T08:15:07.760", - "lastModified": "2023-12-26T20:34:16.103", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-03T22:54:12.677", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -14,15 +14,87 @@ "value": "Se descubri\u00f3 un problema en Peplink Balance Two antes de 8.4.0. La inyecci\u00f3n de comandos en la funci\u00f3n traceroute de la consola de administraci\u00f3n permite a los usuarios con privilegios de administrador ejecutar comandos arbitrarios como root." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.2, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.2, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-77" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:peplink:balance_two_firmware:*:*:*:*:*:*:*:*", + "versionEndExcluding": "8.4.0", + "matchCriteriaId": "0B5E9A13-C60F-4F0D-ACAD-12A9E4130840" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:peplink:balance_two:-:*:*:*:*:*:*:*", + "matchCriteriaId": "C38FC37D-0615-48E2-9419-496E62679C4D" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.synacktiv.com/publications%253Ffield_tags_target_id%253D4", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://www.synacktiv.com/sites/default/files/2023-12/synacktiv-peplink-multiple-vulnerabilities.pdf", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-494xx/CVE-2023-49442.json b/CVE-2023/CVE-2023-494xx/CVE-2023-49442.json new file mode 100644 index 00000000000..1606cfe7c16 --- /dev/null +++ b/CVE-2023/CVE-2023-494xx/CVE-2023-49442.json @@ -0,0 +1,20 @@ +{ + "id": "CVE-2023-49442", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-01-03T21:15:08.467", + "lastModified": "2024-01-03T21:15:08.467", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Deserialization of Untrusted Data in jeecgFormDemoController in JEECG 4.0 and earlier allows attackers to run arbitrary code via crafted POST request." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://lemono.fun/thoughts/JEECG-RCE.html", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-498xx/CVE-2023-49880.json b/CVE-2023/CVE-2023-498xx/CVE-2023-49880.json index 157f4b9e6e8..08ec3273d60 100644 --- a/CVE-2023/CVE-2023-498xx/CVE-2023-49880.json +++ b/CVE-2023/CVE-2023-498xx/CVE-2023-49880.json @@ -2,8 +2,8 @@ "id": "CVE-2023-49880", "sourceIdentifier": "psirt@us.ibm.com", "published": "2023-12-25T03:15:08.430", - "lastModified": "2023-12-26T20:34:16.103", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-03T21:03:07.817", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -16,6 +16,26 @@ ], "metrics": { "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + }, { "source": "psirt@us.ibm.com", "type": "Secondary", @@ -38,14 +58,50 @@ } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ibm:financial_transaction_manager:3.2.4:*:*:*:*:swift_services:*:*", + "matchCriteriaId": "DD9A7D3A-B68C-49A6-AEB6-5509ED41E63E" + } + ] + } + ] + } + ], "references": [ { "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/273183", - "source": "psirt@us.ibm.com" + "source": "psirt@us.ibm.com", + "tags": [ + "VDB Entry", + "Vendor Advisory" + ] }, { "url": "https://www.ibm.com/support/pages/node/7101167", - "source": "psirt@us.ibm.com" + "source": "psirt@us.ibm.com", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-499xx/CVE-2023-49944.json b/CVE-2023/CVE-2023-499xx/CVE-2023-49944.json index be6de773ca4..c36ab3244dd 100644 --- a/CVE-2023/CVE-2023-499xx/CVE-2023-49944.json +++ b/CVE-2023/CVE-2023-499xx/CVE-2023-49944.json @@ -2,8 +2,8 @@ "id": "CVE-2023-49944", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-25T08:15:07.833", - "lastModified": "2023-12-26T20:34:16.103", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-03T22:53:45.343", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -14,15 +14,74 @@ "value": "La funci\u00f3n Challenge Response de BeyondTrust Privilege Management para Windows (PMfW) antes del 14 de julio de 2023 permite a los administradores locales omitir esta funci\u00f3n descifrando la clave compartida o localizando la clave compartida descifrada en la memoria de proceso. La amenaza se mitiga mediante la funci\u00f3n Agent Protection." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 6.7, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 0.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:beyondtrust:privilege_management_for_windows:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2023-07-14", + "matchCriteriaId": "BBEDF0F2-0E81-4D6D-88F9-B077DA019524" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.beyondtrust.com/security", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Vendor Advisory" + ] }, { "url": "https://www.beyondtrust.com/trust-center/security-advisories/bt23-08", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-499xx/CVE-2023-49954.json b/CVE-2023/CVE-2023-499xx/CVE-2023-49954.json index d00ff4e1a3f..656f5b08175 100644 --- a/CVE-2023/CVE-2023-499xx/CVE-2023-49954.json +++ b/CVE-2023/CVE-2023-499xx/CVE-2023-49954.json @@ -2,8 +2,8 @@ "id": "CVE-2023-49954", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-25T08:15:07.933", - "lastModified": "2023-12-26T20:34:16.103", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-03T22:32:37.550", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -14,11 +14,74 @@ "value": "La integraci\u00f3n de CRM en 3CX anterior a 18.0.9.23 y 20 anterior a 20.0.0.1494 permite la inyecci\u00f3n SQL a trav\u00e9s de un nombre, cadena de b\u00fasqueda o direcci\u00f3n de correo electr\u00f3nico." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:3cx:3cx:*:*:*:*:*:*:*:*", + "versionEndExcluding": "18.0.9.23", + "matchCriteriaId": "1BA26323-4B0D-419F-88BD-DFEE4BD66994" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:3cx:3cx:*:*:*:*:*:*:*:*", + "versionStartIncluding": "20.0", + "versionEndExcluding": "20.0.0.1494", + "matchCriteriaId": "93E5C359-516D-4652-B4E8-B57F486DAC75" + } + ] + } + ] + } + ], "references": [ { "url": "https://cve-2023-49954.github.io/", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-513xx/CVE-2023-51363.json b/CVE-2023/CVE-2023-513xx/CVE-2023-51363.json index ff9f74e5039..fff60b5391a 100644 --- a/CVE-2023/CVE-2023-513xx/CVE-2023-51363.json +++ b/CVE-2023/CVE-2023-513xx/CVE-2023-51363.json @@ -2,8 +2,8 @@ "id": "CVE-2023-51363", "sourceIdentifier": "vultures@jpcert.or.jp", "published": "2023-12-26T08:15:11.760", - "lastModified": "2023-12-26T20:34:16.103", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-03T21:08:47.153", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -14,15 +14,87 @@ "value": "Versi\u00f3n del firmware VR-S1000. 2.37 y anteriores permiten que un atacante no autenticado adyacente a la red pueda acceder a la p\u00e1gina de administraci\u00f3n web del producto para obtener informaci\u00f3n confidencial." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "NVD-CWE-noinfo" + } + ] + } + ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:buffalo:vr-s1000_firmware:*:*:*:*:*:*:*:*", + "versionEndIncluding": "2.37", + "matchCriteriaId": "C961815C-579A-4422-8C61-467B547E0D23" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:buffalo:vr-s1000:-:*:*:*:*:*:*:*", + "matchCriteriaId": "45640129-5499-47CD-A890-A86F4B79B6C8" + } + ] + } + ] + } + ], "references": [ { "url": "https://jvn.jp/en/jp/JVN23771490/", - "source": "vultures@jpcert.or.jp" + "source": "vultures@jpcert.or.jp", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://www.buffalo.jp/news/detail/20231225-01.html", - "source": "vultures@jpcert.or.jp" + "source": "vultures@jpcert.or.jp", + "tags": [ + "Patch", + "Vendor Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-517xx/CVE-2023-51771.json b/CVE-2023/CVE-2023-517xx/CVE-2023-51771.json index b27feedb383..f0345c6ffd9 100644 --- a/CVE-2023/CVE-2023-517xx/CVE-2023-51771.json +++ b/CVE-2023/CVE-2023-517xx/CVE-2023-51771.json @@ -2,8 +2,8 @@ "id": "CVE-2023-51771", "sourceIdentifier": "cve@mitre.org", "published": "2023-12-25T05:15:08.730", - "lastModified": "2023-12-26T20:34:16.103", - "vulnStatus": "Awaiting Analysis", + "lastModified": "2024-01-03T21:02:26.533", + "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", @@ -14,15 +14,74 @@ "value": "En MicroHttpServer (tambi\u00e9n conocido como Micro HTTP Server) hasta a8ab029, _ParseHeader en lib/server.c permite un desbordamiento de b\u00fafer de recepci\u00f3n de un byte a trav\u00e9s de un URI largo." } ], - "metrics": {}, + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-120" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:starnight:micro_http_server:-:*:*:*:*:*:*:*", + "matchCriteriaId": "1464DBE3-B59A-4C81-A17F-DD3F18EB7AFC" + } + ] + } + ] + } + ], "references": [ { "url": "https://github.com/starnight/MicroHttpServer/issues/8", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking" + ] }, { "url": "https://github.com/starnight/MicroHttpServer/tree/a8ab029c9a26a4c9f26b9d8a2757b8299aaff120", - "source": "cve@mitre.org" + "source": "cve@mitre.org", + "tags": [ + "Product" + ] } ] } \ No newline at end of file diff --git a/CVE-2023/CVE-2023-521xx/CVE-2023-52140.json b/CVE-2023/CVE-2023-521xx/CVE-2023-52140.json new file mode 100644 index 00000000000..bc3b8859ce5 --- /dev/null +++ b/CVE-2023/CVE-2023-521xx/CVE-2023-52140.json @@ -0,0 +1,15 @@ +{ + "id": "CVE-2023-52140", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-01-03T22:15:11.187", + "lastModified": "2024-01-03T22:15:11.187", + "vulnStatus": "Rejected", + "descriptions": [ + { + "lang": "en", + "value": "Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2023. Notes: none." + } + ], + "metrics": {}, + "references": [] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-521xx/CVE-2023-52141.json b/CVE-2023/CVE-2023-521xx/CVE-2023-52141.json new file mode 100644 index 00000000000..961bbdd4459 --- /dev/null +++ b/CVE-2023/CVE-2023-521xx/CVE-2023-52141.json @@ -0,0 +1,15 @@ +{ + "id": "CVE-2023-52141", + "sourceIdentifier": "security-advisories@github.com", + "published": "2024-01-03T22:15:11.380", + "lastModified": "2024-01-03T22:15:11.380", + "vulnStatus": "Rejected", + "descriptions": [ + { + "lang": "en", + "value": "Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2023. Notes: none." + } + ], + "metrics": {}, + "references": [] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-63xx/CVE-2023-6338.json b/CVE-2023/CVE-2023-63xx/CVE-2023-6338.json new file mode 100644 index 00000000000..52adade5493 --- /dev/null +++ b/CVE-2023/CVE-2023-63xx/CVE-2023-6338.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-6338", + "sourceIdentifier": "psirt@lenovo.com", + "published": "2024-01-03T21:15:08.547", + "lastModified": "2024-01-03T21:15:08.547", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "Uncontrolled search path vulnerabilities were reported in the Lenovo Universal Device Client (UDC) that could allow an attacker with local access to execute code with elevated privileges." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@lenovo.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.8, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@lenovo.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-427" + } + ] + } + ], + "references": [ + { + "url": "https://support.lenovo.com/us/en/product_security/LEN-121183", + "source": "psirt@lenovo.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2023/CVE-2023-65xx/CVE-2023-6540.json b/CVE-2023/CVE-2023-65xx/CVE-2023-6540.json new file mode 100644 index 00000000000..72fee790817 --- /dev/null +++ b/CVE-2023/CVE-2023-65xx/CVE-2023-6540.json @@ -0,0 +1,55 @@ +{ + "id": "CVE-2023-6540", + "sourceIdentifier": "psirt@lenovo.com", + "published": "2024-01-03T21:15:08.940", + "lastModified": "2024-01-03T21:15:08.940", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was reported in the Lenovo Browser Mobile and Lenovo Browser HD Apps for Android that could allow an attacker to craft a payload that could result in the disclosure of sensitive information." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "psirt@lenovo.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "psirt@lenovo.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-94" + } + ] + } + ], + "references": [ + { + "url": "https://iknow.lenovo.com.cn/detail/419251", + "source": "psirt@lenovo.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 2b519ffe892..35c0f5a5dd6 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-01-03T21:00:24.516862+00:00 +2024-01-03T23:00:25.423840+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-01-03T20:57:31.317000+00:00 +2024-01-03T22:54:54.397000+00:00 ``` ### Last Data Feed Release @@ -29,48 +29,43 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -234819 +234824 ``` ### CVEs added in the last Commit Recently added CVEs: `5` -* [CVE-2023-46929](CVE-2023/CVE-2023-469xx/CVE-2023-46929.json) (`2024-01-03T19:15:08.390`) -* [CVE-2023-50090](CVE-2023/CVE-2023-500xx/CVE-2023-50090.json) (`2024-01-03T20:15:21.660`) -* [CVE-2023-5879](CVE-2023/CVE-2023-58xx/CVE-2023-5879.json) (`2024-01-03T20:15:21.737`) -* [CVE-2023-5880](CVE-2023/CVE-2023-58xx/CVE-2023-5880.json) (`2024-01-03T20:15:21.833`) -* [CVE-2023-5881](CVE-2023/CVE-2023-58xx/CVE-2023-5881.json) (`2024-01-03T20:15:21.903`) +* [CVE-2023-49442](CVE-2023/CVE-2023-494xx/CVE-2023-49442.json) (`2024-01-03T21:15:08.467`) +* [CVE-2023-6338](CVE-2023/CVE-2023-63xx/CVE-2023-6338.json) (`2024-01-03T21:15:08.547`) +* [CVE-2023-6540](CVE-2023/CVE-2023-65xx/CVE-2023-6540.json) (`2024-01-03T21:15:08.940`) +* [CVE-2023-52140](CVE-2023/CVE-2023-521xx/CVE-2023-52140.json) (`2024-01-03T22:15:11.187`) +* [CVE-2023-52141](CVE-2023/CVE-2023-521xx/CVE-2023-52141.json) (`2024-01-03T22:15:11.380`) ### CVEs modified in the last Commit -Recently modified CVEs: `24` +Recently modified CVEs: `19` -* [CVE-2016-15036](CVE-2016/CVE-2016-150xx/CVE-2016-15036.json) (`2024-01-03T20:48:43.957`) -* [CVE-2022-43675](CVE-2022/CVE-2022-436xx/CVE-2022-43675.json) (`2024-01-03T20:57:31.317`) -* [CVE-2023-31417](CVE-2023/CVE-2023-314xx/CVE-2023-31417.json) (`2024-01-03T19:02:34.430`) -* [CVE-2023-5215](CVE-2023/CVE-2023-52xx/CVE-2023-5215.json) (`2024-01-03T19:03:11.570`) -* [CVE-2023-51662](CVE-2023/CVE-2023-516xx/CVE-2023-51662.json) (`2024-01-03T19:27:28.663`) -* [CVE-2023-51385](CVE-2023/CVE-2023-513xx/CVE-2023-51385.json) (`2024-01-03T19:40:07.653`) -* [CVE-2023-51650](CVE-2023/CVE-2023-516xx/CVE-2023-51650.json) (`2024-01-03T19:53:37.357`) -* [CVE-2023-5962](CVE-2023/CVE-2023-59xx/CVE-2023-5962.json) (`2024-01-03T20:04:06.947`) -* [CVE-2023-51649](CVE-2023/CVE-2023-516xx/CVE-2023-51649.json) (`2024-01-03T20:05:01.863`) -* [CVE-2023-50259](CVE-2023/CVE-2023-502xx/CVE-2023-50259.json) (`2024-01-03T20:07:07.073`) -* [CVE-2023-50258](CVE-2023/CVE-2023-502xx/CVE-2023-50258.json) (`2024-01-03T20:10:06.117`) -* [CVE-2023-50254](CVE-2023/CVE-2023-502xx/CVE-2023-50254.json) (`2024-01-03T20:12:07.347`) -* [CVE-2023-7090](CVE-2023/CVE-2023-70xx/CVE-2023-7090.json) (`2024-01-03T20:22:11.147`) -* [CVE-2023-7095](CVE-2023/CVE-2023-70xx/CVE-2023-7095.json) (`2024-01-03T20:24:59.943`) -* [CVE-2023-7094](CVE-2023/CVE-2023-70xx/CVE-2023-7094.json) (`2024-01-03T20:33:22.497`) -* [CVE-2023-24609](CVE-2023/CVE-2023-246xx/CVE-2023-24609.json) (`2024-01-03T20:34:37.670`) -* [CVE-2023-31297](CVE-2023/CVE-2023-312xx/CVE-2023-31297.json) (`2024-01-03T20:35:00.150`) -* [CVE-2023-28872](CVE-2023/CVE-2023-288xx/CVE-2023-28872.json) (`2024-01-03T20:35:33.797`) -* [CVE-2023-51772](CVE-2023/CVE-2023-517xx/CVE-2023-51772.json) (`2024-01-03T20:37:31.497`) -* [CVE-2023-49594](CVE-2023/CVE-2023-495xx/CVE-2023-49594.json) (`2024-01-03T20:40:02.443`) -* [CVE-2023-49328](CVE-2023/CVE-2023-493xx/CVE-2023-49328.json) (`2024-01-03T20:43:29.493`) -* [CVE-2023-51451](CVE-2023/CVE-2023-514xx/CVE-2023-51451.json) (`2024-01-03T20:52:26.203`) -* [CVE-2023-51763](CVE-2023/CVE-2023-517xx/CVE-2023-51763.json) (`2024-01-03T20:54:40.243`) -* [CVE-2023-48654](CVE-2023/CVE-2023-486xx/CVE-2023-48654.json) (`2024-01-03T20:54:40.840`) +* [CVE-2022-41762](CVE-2022/CVE-2022-417xx/CVE-2022-41762.json) (`2024-01-03T21:00:55.163`) +* [CVE-2022-41761](CVE-2022/CVE-2022-417xx/CVE-2022-41761.json) (`2024-01-03T21:01:06.787`) +* [CVE-2022-41760](CVE-2022/CVE-2022-417xx/CVE-2022-41760.json) (`2024-01-03T21:01:14.330`) +* [CVE-2022-39822](CVE-2022/CVE-2022-398xx/CVE-2022-39822.json) (`2024-01-03T21:01:25.960`) +* [CVE-2022-39820](CVE-2022/CVE-2022-398xx/CVE-2022-39820.json) (`2024-01-03T21:01:40.990`) +* [CVE-2022-39818](CVE-2022/CVE-2022-398xx/CVE-2022-39818.json) (`2024-01-03T21:01:51.820`) +* [CVE-2023-51771](CVE-2023/CVE-2023-517xx/CVE-2023-51771.json) (`2024-01-03T21:02:26.533`) +* [CVE-2023-30451](CVE-2023/CVE-2023-304xx/CVE-2023-30451.json) (`2024-01-03T21:02:47.050`) +* [CVE-2023-49880](CVE-2023/CVE-2023-498xx/CVE-2023-49880.json) (`2024-01-03T21:03:07.817`) +* [CVE-2023-43064](CVE-2023/CVE-2023-430xx/CVE-2023-43064.json) (`2024-01-03T21:03:54.537`) +* [CVE-2023-51363](CVE-2023/CVE-2023-513xx/CVE-2023-51363.json) (`2024-01-03T21:08:47.153`) +* [CVE-2023-27150](CVE-2023/CVE-2023-271xx/CVE-2023-27150.json) (`2024-01-03T22:26:47.350`) +* [CVE-2023-38321](CVE-2023/CVE-2023-383xx/CVE-2023-38321.json) (`2024-01-03T22:30:12.113`) +* [CVE-2023-49954](CVE-2023/CVE-2023-499xx/CVE-2023-49954.json) (`2024-01-03T22:32:37.550`) +* [CVE-2023-49944](CVE-2023/CVE-2023-499xx/CVE-2023-49944.json) (`2024-01-03T22:53:45.343`) +* [CVE-2023-49226](CVE-2023/CVE-2023-492xx/CVE-2023-49226.json) (`2024-01-03T22:54:12.677`) +* [CVE-2023-38826](CVE-2023/CVE-2023-388xx/CVE-2023-38826.json) (`2024-01-03T22:54:24.607`) +* [CVE-2023-36486](CVE-2023/CVE-2023-364xx/CVE-2023-36486.json) (`2024-01-03T22:54:36.863`) +* [CVE-2023-36485](CVE-2023/CVE-2023-364xx/CVE-2023-36485.json) (`2024-01-03T22:54:54.397`) ## Download and Usage